DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1 – 20 are rejected under 35 U.S.C. 103 as being unpatentable over Uchiyama et al (US Patent Application Publication 2011/0289568) in view of Fukuda et al (US Patent Application Publication 2021/0250203), and further in view of Brandwine et al (US Patent Application Publication 2016/0149764). Hereinafter Uchiyama, Fukuda, and Brandwine.

Regarding claim 1, Uchiyama discloses a communication control device (residential gateway) comprising: 
a processor (the residential gateway includes CPU, where the CPU executes various programs stored in the ROM and governs overall control, paragraphs [0056], [0066]) configured to: 
acquire identification information of a communication terminal from the communication terminal by communication via a wide area communication network, and authenticate the communication terminal based on the identification information (the access manager includes access information acquiring unit and authenticating unit, where the access manager acquires access information for accessing the local network via access information acquiring unit, and the authenticating unit conducts authentication process to confirm whether the storage device is being used by those who have authority to access the local network, paragraphs [0035] – [0036], [0043]; where the access manager is replaced with a residential gateway, and the storage device is being replaced with a tag, paragraph [0048]; the residential gateway manages access to the home network via the wide area network, and the tag is portable device having an ID for uniquely identifying the tag and storage area to store information, where the tag accesses the home network via communicating with the residential gateway, paragraphs [0050] – [0053]; the access manager (residential gateway) acquires ID (access information) from the tag (portable device) accessing the local network via the wide area network, and confirms (authenticates) the ID having the authority to access the local network); 
upon successful authentication of the communication terminal, obtain, from a storage storing an information set in which associated are (i) the identification information of the communication terminal (the access manager includes access information acquiring unit and authenticating unit, where the access manager acquires access information for accessing the local network via access information acquiring unit, and the authenticating unit conducts authentication process to confirm whether the storage device is being used by those who have authority to access the local network, paragraphs [0035] – [0036], [0043]; where the access manager is replaced with a residential gateway, and the storage device is being replaced with a tag, paragraph [0048]; the residential gateway manages access to the home network via the wide area network, and the tag is portable device having an ID for uniquely identifying the tag and storage area to store information, where the tag accesses the home network via communicating with the residential gateway, paragraphs [0050] – [0053]; an authenticated user is allowed to access the home network only when identification information of a tag is acquired, paragraph [0084]; the access manager (residential gateway) acquires ID (access information) from the tag (portable device) accessing the local network via the wide area network, and confirms (authenticates) the ID having the authority to access the local network) and (ii) connection unit information indicating a connection unit that is predetermined for the communication terminal in a narrow area communication network different from the wide area communication network, the connection unit information (the access manager includes access information acquiring unit and authenticating unit, where the access manager acquires access information for accessing the local network via access information acquiring unit, and the authenticating unit conducts authentication process to confirm whether the storage device is being used by those who have authority to access the local network, paragraphs [0035] – [0036], [0043]; where the access manager is replaced with a residential gateway, and the storage device is being replaced with a tag, paragraph [0048]; the residential gateway manages access to the home network via the wide area network, and the tag is portable device having an ID for uniquely identifying the tag and storage area to store information, where the tag accesses the home network via communicating with the residential gateway, paragraphs [0050] – [0053]; an authenticated user is allowed to access the home network only when identification information of a tag is acquired, paragraph [0084]; the access manager (residential gateway) acquires ID (access information) from the tag (portable device) accessing the local network via the wide area network, and confirms (authenticates) the ID having the authority to access the local network, and the ID identifying the storage area is the identification information of the connection unit information that indicates the connection in the narrow area communication network (i.e. the local area network that requires authorization to access) different from the wide area communication network).
However, Uchiyama does not explicitly disclose “obtain, from a storage storing (ii) specific connection unit information indicating a specific connection unit that is predetermined for the communication terminal in a narrow area communication network different from the wide area communication network, the specific connection unit information;” “transmit the specific connection unit information to the communication terminal;” “transmit specified information to the specific connection unit, the specified information indicating a request for communication via the narrow area communication network from the communication terminal;” and “perform control such that the communication terminal is connected to the specific connection unit as a connection destination of the communication terminal, based on the specific connection unit information.”
Fukuda discloses “obtain, from a storage storing (ii) specific connection unit information indicating a specific connection unit that is predetermined for the communication terminal in a narrow area communication network different from the wide area communication network, the specific connection unit information” as the network control device includes storage unit that stores network control program, where the registered user information is stored in the network control device (paragraphs [0064], [0076]), the network control device checks information included in user authentication request to determine whether the user authentication request is from an appropriate user, where the information in the user authentication request includes the carrier network user ID, the terminal ID, the MAC address, the IP address, and the connection destination VNI of the user terminal, and the network control device issues connection permission notification to the user terminal when the user authentication request is from appropriate user (paragraphs [0108] – [0111]); “transmit the specific connection unit information to the communication terminal” as the network control device executes the authentication processing on the basis of the information included in the authentication request, and issues a connection permission notification to the user terminal for the user terminal to start communications using the virtual tunnel (paragraphs [0110] – [0111]); and “perform control such that the communication terminal is connected to the specific connection unit as a connection destination of the communication terminal, based on the specific connection unit information” as the network control device sets the IP address for an appropriate interface of the user terminal, and sets a VXLAN-based tunnel by inputting the setting of the VXLAN for the VTEP (virtual tunnel end point) that is setting target on the basis of the MAC address of the user terminal and the VNI (paragraphs [0094] – [0097]), where the network control device executes the authentication processing on the basis of the information included in the authentication request, and issues a connection permission notification to the user terminal for the user terminal to start communications with POI terminal (such as gateway router) using the virtual tunnel (paragraphs [0110] – [0111]).
 Before the effective filing date of the invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Uchiyama and Fukuda before him or her, to incorporate the network control device as taught by Fukuda, to improve the access manager of Uchiyama to configure the network for setting a virtual network. The motivation for doing so would have been to using a simpler network configuration to establish a tunnel connection between a user terminal and a service provider (paragraph [0040] of Fukuda).
However, Uchiyama and Fukuda do not explicitly disclose “transmit specified information to the specific connection unit, the specified information indicating a request for communication via the narrow area communication network from the communication terminal.”
Brandwine discloses “transmit specified information to the specific connection unit, the specified information indicating a request for communication via the narrow area communication network from the communication terminal” as the CNS System Manager Routine determines the computing nodes to be associated with the indicated entity and virtual network based on information provided by the indicated entity, stores the mapping information for the computing nodes and the managed virtual computer network, and provides information about the computing nodes and their configuration to one or more communication manager modules associated with the computing nodes (paragraph [0113]).
Before the effective filing date of the invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Uchiyama, Fukuda, and Brandwine before him or her, to incorporate the CNS System Manager Routine of Brandwine, to improve the modified access manager of Uchiyama-Fukuda to configure the network for setting a virtual network. The motivation for doing so would have been to improve network security, availability, and isolation (paragraph [0122] of Brandwine).  

Regarding claim 2, Uchiyama, Fukuda, and Brandwine disclose the communication control device according to claim 1, but Uchiyama does not explicitly disclose wherein the specific connection unit is a virtual connection unit in which at least a part of a connection device that connects the communication terminal to the narrow area communication network is virtualized.
Fukuda discloses “wherein the specific connection unit is a virtual connection unit in which at least a part of a connection device that connects the communication terminal to the narrow area communication network is virtualized” as the network control device sets the IP address for an appropriate interface of the user terminal, and sets a VXLAN-based tunnel by inputting the setting of the VXLAN for the VTEP (virtual tunnel end point) that is setting target on the basis of the MAC address of the user terminal and the VNI (paragraphs [0094] – [0097]). 
	Before the effective filing date of the invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Uchiyama and Fukuda before him or her, to incorporate the network control device as taught by Fukuda, to improve the access manager of Uchiyama to configure the network for setting a virtual network. The motivation for doing so would have been to using a simpler network configuration to establish a tunnel connection between a user terminal and a service provider (paragraph [0040] of Fukuda).

Regarding claim 3, Uchiyama, Fukuda, and Brandwine disclose the communication control device according to claim 2, but Uchiyama does not explicitly disclose wherein the narrow area communication network is constructed in a hierarchical structure, and the specific connection unit is constructed for each layer of the hierarchical structure.
Fukuda discloses “wherein the narrow area communication network is constructed in a hierarchical structure, and the specific connection unit is constructed for each layer of the hierarchical structure” as the network control device sets the IP address for an appropriate interface of the user terminal, and sets a VXLAN-based tunnel by inputting the setting of the VXLAN for the VTEP (virtual tunnel end point) that is setting target on the basis of the MAC address of the user terminal and the VNI (paragraphs [0094] – [0097]). The VTEP is created at the POI (point of interface) layer and the user terminal layer.
	Before the effective filing date of the invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Uchiyama and Fukuda before him or her, to incorporate the network control device as taught by Fukuda, to improve the access manager of Uchiyama to configure the network for setting a virtual network. The motivation for doing so would have been to using a simpler network configuration to establish a tunnel connection between a user terminal and a service provider (paragraph [0040] of Fukuda).

Regarding claim 4, Uchiyama, Fukuda, and Brandwine disclose the communication control device according to claim 1, but Uchiyama does not explicitly disclose wherein the processor is configured to perform control such that the communication terminal and the specific connection unit are connected by a secret line.
Fukuda discloses “wherein the processor is configured to perform control such that the communication terminal and the specific connection unit are connected by a secret line” as the network control device sets the IP address for an appropriate interface of the user terminal, and sets a VXLAN-based tunnel by inputting the setting of the VXLAN for the VTEP (virtual tunnel end point) that is setting target on the basis of the MAC address of the user terminal and the VNI (paragraphs [0094] – [0097]). The VXLAN connection is a secret (private) line.
	Before the effective filing date of the invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Uchiyama and Fukuda before him or her, to incorporate the network control device as taught by Fukuda, to improve the access manager of Uchiyama to configure the network for setting a virtual network. The motivation for doing so would have been to using a simpler network configuration to establish a tunnel connection between a user terminal and a service provider (paragraph [0040] of Fukuda).

Regarding claim 5, Uchiyama, Fukuda, and Brandwine disclose the communication control device according to claim 2, but Uchiyama does not explicitly disclose wherein the processor is configured to perform control such that the communication terminal and the specific connection unit are connected by a secret line.
Fukuda discloses “wherein the processor is configured to perform control such that the communication terminal and the specific connection unit are connected by a secret line” as the network control device sets the IP address for an appropriate interface of the user terminal, and sets a VXLAN-based tunnel by inputting the setting of the VXLAN for the VTEP (virtual tunnel end point) that is setting target on the basis of the MAC address of the user terminal and the VNI (paragraphs [0094] – [0097]). The VXLAN connection is a secret (private) line.
Before the effective filing date of the invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Uchiyama and Fukuda before him or her, to incorporate the network control device as taught by Fukuda, to improve the access manager of Uchiyama to configure the network for setting a virtual network. The motivation for doing so would have been to using a simpler network configuration to establish a tunnel connection between a user terminal and a service provider (paragraph [0040] of Fukuda).

Regarding claim 6, Uchiyama, Fukuda, and Brandwine disclose the communication control device according to claim 3, but Uchiyama does not explicitly disclose wherein the processor is configured to perform control such that the communication terminal and the specific connection unit are connected by a secret line.
Fukuda discloses “wherein the processor is configured to perform control such that the communication terminal and the specific connection unit are connected by a secret line” as the network control device sets the IP address for an appropriate interface of the user terminal, and sets a VXLAN-based tunnel by inputting the setting of the VXLAN for the VTEP (virtual tunnel end point) that is setting target on the basis of the MAC address of the user terminal and the VNI (paragraphs [0094] – [0097]). The VXLAN connection is a secret (private) line.
Before the effective filing date of the invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Uchiyama and Fukuda before him or her, to incorporate the network control device as taught by Fukuda, to improve the access manager of Uchiyama to configure the network for setting a virtual network. The motivation for doing so would have been to using a simpler network configuration to establish a tunnel connection between a user terminal and a service provider (paragraph [0040] of Fukuda).

Regarding claim 7, Uchiyama, Fukuda, and Brandwine disclose the communication control device according to claim 1, Uchiyama discloses wherein the communication terminal is a terminal capable of performing wireless communication with the wide area communication network (a mobile device can access a home network only when identification information of the tag can be acquired, i.e. a user of the mobile device is considered to be an authenticated user who is allowed to access the home network when the mobile device and the tag establish communication to the home network via the wide area network, paragraph [0084]; the connection between the tag and the residential gateway and the connection between the tag and the mobile device may be physical or logical, where the connection is performed by near field connection or USB terminal, paragraph [0052]; the tag is the communication terminal that communicates with the mobile device to perform wireless communication via the wide area network).

Regarding claim 8, Uchiyama, Fukuda, and Brandwine disclose the communication control device according to claim 2, Uchiyama discloses wherein the communication terminal is a terminal capable of performing wireless communication with the wide area communication network (a mobile device can access a home network only when identification information of the tag can be acquired, i.e. a user of the mobile device is considered to be an authenticated user who is allowed to access the home network when the mobile device and the tag establish communication to the home network via the wide area network, paragraph [0084]; the connection between the tag and the residential gateway and the connection between the tag and the mobile device may be physical or logical, where the connection is performed by near field connection or USB terminal, paragraph [0052]; the tag is the communication terminal that communicates with the mobile device to perform wireless communication via the wide area network).

Regarding claim 9, Uchiyama, Fukuda, and Brandwine disclose the communication control device according to claim 3, Uchiyama discloses wherein the communication terminal is a terminal capable of performing wireless communication with the wide area communication network (a mobile device can access a home network only when identification information of the tag can be acquired, i.e. a user of the mobile device is considered to be an authenticated user who is allowed to access the home network when the mobile device and the tag establish communication to the home network via the wide area network, paragraph [0084]; the connection between the tag and the residential gateway and the connection between the tag and the mobile device may be physical or logical, where the connection is performed by near field connection or USB terminal, paragraph [0052]; the tag is the communication terminal that communicates with the mobile device to perform wireless communication via the wide area network).

Regarding claim 10, Uchiyama, Fukuda, and Brandwine disclose the communication control device according to claim 4, Uchiyama discloses wherein the communication terminal is a terminal capable of performing wireless communication with the wide area communication network (a mobile device can access a home network only when identification information of the tag can be acquired, i.e. a user of the mobile device is considered to be an authenticated user who is allowed to access the home network when the mobile device and the tag establish communication to the home network via the wide area network, paragraph [0084]; the connection between the tag and the residential gateway and the connection between the tag and the mobile device may be physical or logical, where the connection is performed by near field connection or USB terminal, paragraph [0052]; the tag is the communication terminal that communicates with the mobile device to perform wireless communication via the wide area network).

Regarding claim 11, Uchiyama, Fukuda, and Brandwine disclose the communication control device according to claim 5, Uchiyama discloses wherein the communication terminal is a terminal capable of performing wireless communication with the wide area communication network (a mobile device can access a home network only when identification information of the tag can be acquired, i.e. a user of the mobile device is considered to be an authenticated user who is allowed to access the home network when the mobile device and the tag establish communication to the home network via the wide area network, paragraph [0084]; the connection between the tag and the residential gateway and the connection between the tag and the mobile device may be physical or logical, where the connection is performed by near field connection or USB terminal, paragraph [0052]; the tag is the communication terminal that communicates with the mobile device to perform wireless communication via the wide area network).

Regarding claim 12, Uchiyama, Fukuda, and Brandwine disclose the communication control device according to claim 6, Uchiyama discloses wherein the communication terminal is a terminal capable of performing wireless communication with the wide area communication network (a mobile device can access a home network only when identification information of the tag can be acquired, i.e. a user of the mobile device is considered to be an authenticated user who is allowed to access the home network when the mobile device and the tag establish communication to the home network via the wide area network, paragraph [0084]; the connection between the tag and the residential gateway and the connection between the tag and the mobile device may be physical or logical, where the connection is performed by near field connection or USB terminal, paragraph [0052]; the tag is the communication terminal that communicates with the mobile device to perform wireless communication via the wide area network).

Regarding claim 13, Uchiyama, Fukuda, and Brandwine disclose the communication control device according to claim 1, Uchiyama discloses wherein the communication terminal is a terminal capable of performing wired communication with the wide area communication network (a mobile device can access a home network only when identification information of the tag can be acquired, i.e. a user of the mobile device is considered to be an authenticated user who is allowed to access the home network when the mobile device and the tag establish communication to the home network via the wide area network, paragraph [0084]; the connection between the tag and the residential gateway and the connection between the tag and the mobile device may be physical or logical, where the connection is performed by near field connection or USB terminal, paragraph [0052]; the tag is the communication terminal that communicates with the mobile device to perform wireless communication via the wide area network).

Regarding claim 14, Uchiyama, Fukuda, and Brandwine disclose the communication control device according to claim 2, Uchiyama discloses wherein the communication terminal is a terminal capable of performing wired communication with the wide area communication network (a mobile device can access a home network only when identification information of the tag can be acquired, i.e. a user of the mobile device is considered to be an authenticated user who is allowed to access the home network when the mobile device and the tag establish communication to the home network via the wide area network, paragraph [0084]; the connection between the tag and the residential gateway and the connection between the tag and the mobile device may be physical or logical, where the connection is performed by near field connection or USB terminal, paragraph [0052]; the tag is the communication terminal that communicates with the mobile device to perform wireless communication via the wide area network).

Regarding claim 15, Uchiyama, Fukuda, and Brandwine disclose the communication control device according to claim 3, Uchiyama discloses wherein the communication terminal is a terminal capable of performing wired communication with the wide area communication network (a mobile device can access a home network only when identification information of the tag can be acquired, i.e. a user of the mobile device is considered to be an authenticated user who is allowed to access the home network when the mobile device and the tag establish communication to the home network via the wide area network, paragraph [0084]; the connection between the tag and the residential gateway and the connection between the tag and the mobile device may be physical or logical, where the connection is performed by near field connection or USB terminal, paragraph [0052]; the tag is the communication terminal that communicates with the mobile device to perform wireless communication via the wide area network).

Regarding claim 16, Uchiyama, Fukuda, and Brandwine disclose the communication control device according to claim 4, Uchiyama discloses wherein the communication terminal is a terminal capable of performing wired communication with the wide area communication network (a mobile device can access a home network only when identification information of the tag can be acquired, i.e. a user of the mobile device is considered to be an authenticated user who is allowed to access the home network when the mobile device and the tag establish communication to the home network via the wide area network, paragraph [0084]; the connection between the tag and the residential gateway and the connection between the tag and the mobile device may be physical or logical, where the connection is performed by near field connection or USB terminal, paragraph [0052]; the tag is the communication terminal that communicates with the mobile device to perform wireless communication via the wide area network).

Regarding claim 17, Uchiyama, Fukuda, and Brandwine disclose the communication control device according to claim 5, Uchiyama discloses wherein the communication terminal is a terminal capable of performing wired communication with the wide area communication network (a mobile device can access a home network only when identification information of the tag can be acquired, i.e. a user of the mobile device is considered to be an authenticated user who is allowed to access the home network when the mobile device and the tag establish communication to the home network via the wide area network, paragraph [0084]; the connection between the tag and the residential gateway and the connection between the tag and the mobile device may be physical or logical, where the connection is performed by near field connection or USB terminal, paragraph [0052]; the tag is the communication terminal that communicates with the mobile device to perform wireless communication via the wide area network).

Regarding claim 18, Uchiyama, Fukuda, and Brandwine disclose the communication control device according to claim 6, Uchiyama discloses wherein the communication terminal is a terminal capable of performing wired communication with the wide area communication network (a mobile device can access a home network only when identification information of the tag can be acquired, i.e. a user of the mobile device is considered to be an authenticated user who is allowed to access the home network when the mobile device and the tag establish communication to the home network via the wide area network, paragraph [0084]; the connection between the tag and the residential gateway and the connection between the tag and the mobile device may be physical or logical, where the connection is performed by near field connection or USB terminal, paragraph [0052]; the tag is the communication terminal that communicates with the mobile device to perform wireless communication via the wide area network).

Regarding claim 19, Uchiyama discloses a non-transitory computer readable medium storing a program that causes a processor to perform communication control processing (the residential gateway includes CPU, where the CPU executes various programs stored in the ROM and governs overall control, paragraphs [0056], [0066]), the communication control processing comprising: 
acquiring identification information of a communication terminal from the communication terminal by communication via a wide area communication network, and authenticate the communication terminal based on the identification information (the access manager includes access information acquiring unit and authenticating unit, where the access manager acquires access information for accessing the local network via access information acquiring unit, and the authenticating unit conducts authentication process to confirm whether the storage device is being used by those who have authority to access the local network, paragraphs [0035] – [0036], [0043]; where the access manager is replaced with a residential gateway, and the storage device is being replaced with a tag, paragraph [0048]; the residential gateway manages access to the home network via the wide area network, and the tag is portable device having an ID for uniquely identifying the tag and storage area to store information, where the tag accesses the home network via communicating with the residential gateway, paragraphs [0050] – [0053]; the access manager (residential gateway) acquires ID (access information) from the tag (portable device) accessing the local network via the wide area network, and confirms (authenticates) the ID having the authority to access the local network); 
upon successful authentication of the communication terminal, obtaining, from a storage storing an information set in which associated are (i) the identification information of the communication terminal (the access manager includes access information acquiring unit and authenticating unit, where the access manager acquires access information for accessing the local network via access information acquiring unit, and the authenticating unit conducts authentication process to confirm whether the storage device is being used by those who have authority to access the local network, paragraphs [0035] – [0036], [0043]; where the access manager is replaced with a residential gateway, and the storage device is being replaced with a tag, paragraph [0048]; the residential gateway manages access to the home network via the wide area network, and the tag is portable device having an ID for uniquely identifying the tag and storage area to store information, where the tag accesses the home network via communicating with the residential gateway, paragraphs [0050] – [0053]; an authenticated user is allowed to access the home network only when identification information of a tag is acquired, paragraph [0084]; the access manager (residential gateway) acquires ID (access information) from the tag (portable device) accessing the local network via the wide area network, and confirms (authenticates) the ID having the authority to access the local network) and (ii) connection unit information indicating a connection unit that is predetermined for the communication terminal in a narrow area communication network different from the wide area communication network, the connection unit information (the access manager includes access information acquiring unit and authenticating unit, where the access manager acquires access information for accessing the local network via access information acquiring unit, and the authenticating unit conducts authentication process to confirm whether the storage device is being used by those who have authority to access the local network, paragraphs [0035] – [0036], [0043]; where the access manager is replaced with a residential gateway, and the storage device is being replaced with a tag, paragraph [0048]; the residential gateway manages access to the home network via the wide area network, and the tag is portable device having an ID for uniquely identifying the tag and storage area to store information, where the tag accesses the home network via communicating with the residential gateway, paragraphs [0050] – [0053]; an authenticated user is allowed to access the home network only when identification information of a tag is acquired, paragraph [0084]; the access manager (residential gateway) acquires ID (access information) from the tag (portable device) accessing the local network via the wide area network, and confirms (authenticates) the ID having the authority to access the local network, and the ID identifying the storage area is the identification information of the connection unit information that indicates the connection in the narrow area communication network (i.e. the local area network that requires authorization to access) different from the wide area communication network).
However, Uchiyama does not explicitly disclose “obtaining, from a storage storing (ii) specific connection unit information indicating a specific connection unit that is predetermined for the communication terminal in a narrow area communication network different from the wide area communication network, the specific connection unit information;” “transmitting the specific connection unit information to the communication terminal;” “transmitting specified information to the specific connection unit, the specified information indicating a request for communication via the narrow area communication network from the communication terminal;” and “performing control such that the communication terminal is connected to the specific connection unit as a connection destination of the communication terminal, based on the specific connection unit information.”
Fukuda discloses “obtaining, from a storage storing (ii) specific connection unit information indicating a specific connection unit that is predetermined for the communication terminal in a narrow area communication network different from the wide area communication network, the specific connection unit information” as the network control device includes storage unit that stores network control program, where the registered user information is stored in the network control device (paragraphs [0064], [0076]), the network control device checks information included in user authentication request to determine whether the user authentication request is from an appropriate user, where the information in the user authentication request includes the carrier network user ID, the terminal ID, the MAC address, the IP address, and the connection destination VNI of the user terminal, and the network control device issues connection permission notification to the user terminal when the user authentication request is from appropriate user (paragraphs [0108] – [0111]); “transmitting the specific connection unit information to the communication terminal” as the network control device executes the authentication processing on the basis of the information included in the authentication request, and issues a connection permission notification to the user terminal for the user terminal to start communications using the virtual tunnel (paragraphs [0110] – [0111]); and “performing control such that the communication terminal is connected to the specific connection unit as a connection destination of the communication terminal, based on the specific connection unit information” as the network control device sets the IP address for an appropriate interface of the user terminal, and sets a VXLAN-based tunnel by inputting the setting of the VXLAN for the VTEP (virtual tunnel end point) that is setting target on the basis of the MAC address of the user terminal and the VNI (paragraphs [0094] – [0097]), where the network control device executes the authentication processing on the basis of the information included in the authentication request, and issues a connection permission notification to the user terminal for the user terminal to start communications with POI terminal (such as gateway router) using the virtual tunnel (paragraphs [0110] – [0111]).
 Before the effective filing date of the invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Uchiyama and Fukuda before him or her, to incorporate the network control device as taught by Fukuda, to improve the access manager of Uchiyama to configure the network for setting a virtual network. The motivation for doing so would have been to using a simpler network configuration to establish a tunnel connection between a user terminal and a service provider (paragraph [0040] of Fukuda).
However, Uchiyama and Fukuda do not explicitly disclose “transmitting specified information to the specific connection unit, the specified information indicating a request for communication via the narrow area communication network from the communication terminal.”
Brandwine discloses “transmitting specified information to the specific connection unit, the specified information indicating a request for communication via the narrow area communication network from the communication terminal” as the CNS System Manager Routine determines the computing nodes to be associated with the indicated entity and virtual network based on information provided by the indicated entity, stores the mapping information for the computing nodes and the managed virtual computer network, and provides information about the computing nodes and their configuration to one or more communication manager modules associated with the computing nodes (paragraph [0113]).
Before the effective filing date of the invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Uchiyama, Fukuda, and Brandwine before him or her, to incorporate the CNS System Manager Routine of Brandwine, to improve the modified access manager of Uchiyama-Fukuda to configure the network for setting a virtual network. The motivation for doing so would have been to improve network security, availability, and isolation (paragraph [0122] of Brandwine).  

Regarding claim 20, Uchiyama discloses a method of communication control device to be performed by a communication control device (the residential gateway includes CPU, where the CPU executes various programs stored in the ROM and governs overall control, paragraphs [0056], [0066]), the method comprising: 
acquiring identification information of a communication terminal from the communication terminal by communication via a wide area communication network, and authenticate the communication terminal based on the identification information (the access manager includes access information acquiring unit and authenticating unit, where the access manager acquires access information for accessing the local network via access information acquiring unit, and the authenticating unit conducts authentication process to confirm whether the storage device is being used by those who have authority to access the local network, paragraphs [0035] – [0036], [0043]; where the access manager is replaced with a residential gateway, and the storage device is being replaced with a tag, paragraph [0048]; the residential gateway manages access to the home network via the wide area network, and the tag is portable device having an ID for uniquely identifying the tag and storage area to store information, where the tag accesses the home network via communicating with the residential gateway, paragraphs [0050] – [0053]; the access manager (residential gateway) acquires ID (access information) from the tag (portable device) accessing the local network via the wide area network, and confirms (authenticates) the ID having the authority to access the local network); 
upon successful authentication of the communication terminal, obtaining, from a storage storing an information set in which associated are (i) the identification information of the communication terminal (the access manager includes access information acquiring unit and authenticating unit, where the access manager acquires access information for accessing the local network via access information acquiring unit, and the authenticating unit conducts authentication process to confirm whether the storage device is being used by those who have authority to access the local network, paragraphs [0035] – [0036], [0043]; where the access manager is replaced with a residential gateway, and the storage device is being replaced with a tag, paragraph [0048]; the residential gateway manages access to the home network via the wide area network, and the tag is portable device having an ID for uniquely identifying the tag and storage area to store information, where the tag accesses the home network via communicating with the residential gateway, paragraphs [0050] – [0053]; an authenticated user is allowed to access the home network only when identification information of a tag is acquired, paragraph [0084]; the access manager (residential gateway) acquires ID (access information) from the tag (portable device) accessing the local network via the wide area network, and confirms (authenticates) the ID having the authority to access the local network) and (ii) connection unit information indicating a connection unit that is predetermined for the communication terminal in a narrow area communication network different from the wide area communication network, the connection unit information (the access manager includes access information acquiring unit and authenticating unit, where the access manager acquires access information for accessing the local network via access information acquiring unit, and the authenticating unit conducts authentication process to confirm whether the storage device is being used by those who have authority to access the local network, paragraphs [0035] – [0036], [0043]; where the access manager is replaced with a residential gateway, and the storage device is being replaced with a tag, paragraph [0048]; the residential gateway manages access to the home network via the wide area network, and the tag is portable device having an ID for uniquely identifying the tag and storage area to store information, where the tag accesses the home network via communicating with the residential gateway, paragraphs [0050] – [0053]; an authenticated user is allowed to access the home network only when identification information of a tag is acquired, paragraph [0084]; the access manager (residential gateway) acquires ID (access information) from the tag (portable device) accessing the local network via the wide area network, and confirms (authenticates) the ID having the authority to access the local network, and the ID identifying the storage area is the identification information of the connection unit information that indicates the connection in the narrow area communication network (i.e. the local area network that requires authorization to access) different from the wide area communication network).
However, Uchiyama does not explicitly disclose “obtaining, from a storage storing (ii) specific connection unit information indicating a specific connection unit that is predetermined for the communication terminal in a narrow area communication network different from the wide area communication network, the specific connection unit information;” “transmitting the specific connection unit information to the communication terminal;” “transmitting specified information to the specific connection unit, the specified information indicating a request for communication via the narrow area communication network from the communication terminal;” and “performing control such that the communication terminal is connected to the specific connection unit as a connection destination of the communication terminal, based on the specific connection unit information.”
Fukuda discloses “obtaining, from a storage storing (ii) specific connection unit information indicating a specific connection unit that is predetermined for the communication terminal in a narrow area communication network different from the wide area communication network, the specific connection unit information” as the network control device includes storage unit that stores network control program, where the registered user information is stored in the network control device (paragraphs [0064], [0076]), the network control device checks information included in user authentication request to determine whether the user authentication request is from an appropriate user, where the information in the user authentication request includes the carrier network user ID, the terminal ID, the MAC address, the IP address, and the connection destination VNI of the user terminal, and the network control device issues connection permission notification to the user terminal when the user authentication request is from appropriate user (paragraphs [0108] – [0111]); “transmitting the specific connection unit information to the communication terminal” as the network control device executes the authentication processing on the basis of the information included in the authentication request, and issues a connection permission notification to the user terminal for the user terminal to start communications using the virtual tunnel (paragraphs [0110] – [0111]); and “performing control such that the communication terminal is connected to the specific connection unit as a connection destination of the communication terminal, based on the specific connection unit information” as the network control device sets the IP address for an appropriate interface of the user terminal, and sets a VXLAN-based tunnel by inputting the setting of the VXLAN for the VTEP (virtual tunnel end point) that is setting target on the basis of the MAC address of the user terminal and the VNI (paragraphs [0094] – [0097]), where the network control device executes the authentication processing on the basis of the information included in the authentication request, and issues a connection permission notification to the user terminal for the user terminal to start communications with POI terminal (such as gateway router) using the virtual tunnel (paragraphs [0110] – [0111]).
 Before the effective filing date of the invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Uchiyama and Fukuda before him or her, to incorporate the network control device as taught by Fukuda, to improve the access manager of Uchiyama to configure the network for setting a virtual network. The motivation for doing so would have been to using a simpler network configuration to establish a tunnel connection between a user terminal and a service provider (paragraph [0040] of Fukuda).
However, Uchiyama and Fukuda do not explicitly disclose “transmitting specified information to the specific connection unit, the specified information indicating a request for communication via the narrow area communication network from the communication terminal.”
Brandwine discloses “transmitting specified information to the specific connection unit, the specified information indicating a request for communication via the narrow area communication network from the communication terminal” as the CNS System Manager Routine determines the computing nodes to be associated with the indicated entity and virtual network based on information provided by the indicated entity, stores the mapping information for the computing nodes and the managed virtual computer network, and provides information about the computing nodes and their configuration to one or more communication manager modules associated with the computing nodes (paragraph [0113]).
Before the effective filing date of the invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Uchiyama, Fukuda, and Brandwine before him or her, to incorporate the CNS System Manager Routine of Brandwine, to improve the modified access manager of Uchiyama-Fukuda to configure the network for setting a virtual network. The motivation for doing so would have been to improve network security, availability, and isolation (paragraph [0122] of Brandwine).  

Response to Arguments
Applicant' s arguments, see page 8, filed August 9, 2022, with respect to Claim 20 have been fully considered and are persuasive.  The 35 U.S.C. 112(f) Claim Interpretation of Claim 20 has been withdrawn. 

Applicant's arguments, see pages 8 – 11, filed August 9, 2022, with respect to claims 1 – 20 have been considered but are moot in view of the new ground(s) of rejection.

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 

The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
WEI et al – the VPN network client establishes a secure control channel with the secure VPN gateway and, upon a successful authentication, receives a session cookie with a unique identifier, where the VPN network client performs a fast reconnect without requiring re-authentication of the cellular mobile device by communicating the session cookie to the secure VPN gateway in the event communication with the secure VPN gateway is subsequently temporarily lost
PUGACZEWSKI et al – the network gateway receives a first request for wireless access to a network, where the network gateway sends a second request with an identifier of the user device to a WiFi server that generates and sends a login user interface to the user to respond for authentication
VALICHERLA et al – the mobile device determines whether to authenticate membership in the mesh network, where the determination is based on the user information 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to KAI J CHANG whose telephone number is (571)270-5448. The examiner can normally be reached Monday - Friday, 10AM-6PM EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Asad Nawaz can be reached on (571)272-3988. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/Kai Chang/Examiner, Art Unit 2468                                                                                                                                                                                                        


/KHALED M KASSIM/Primary Examiner, Art Unit 2468