Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION
This is in response to the Appeal Brief filed on 08/11/2022.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 04/11/2022 was in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner. 

Response to Arguments
Applicant’s arguments, on the Appeal Brief, see pages 6-15, filed 08/11/2022, with respect to the rejection(s) of claim(s) 1 under 35 U.S.C. 103 have been fully considered and are persuasive.  Therefore, the rejection has been withdrawn.  However, upon further consideration, a new ground(s) of rejection is made in view of Backholm (US 2016/0380961) and Kondamuru et al.  (US 20120117621).


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Backholm (US 2016/0380961) hereinafter Backholm in view of Kondamuru et al.  (US 20120117621) hereinafter Kondamuru.      
Regarding claim 1, Backholm teaches a method comprising: logging into a network device propagation service portal (i.e. "remote log in"; relay server 142 is the routing agent in the distributed proxy architecture. The relay server 142 manages connections and communications with components on the client-side proxy 175 installed on devices and provides an administrative interface for reports, provisioning, platform setup, and so on, [0101], [0136]); entering network device configuration settings (i.e. provisioning, platform setup; policy management server (PMS) 143 allows administrators to configure and store policies, [0136]. [0140]); obtaining a network device configuration propagation agent and a key (i.e.  "harmonization component (e.g., harmonization component 526 of FIG. 5B) able to cache DNS records for longer periods of times (e.g., 30, 40, 50, 60, 75, 90, 120 minutes, etc.). The harmonization component is typically implemented locally on the mobile device and communicates with a remote server (e.g., harmonization server 510 of FIG. 58) which monitors a host or service to determine if and when a cached DNS record needs to be purged or updated"; "Communication over protocols such as Hyper Text Transfer Protocol Secure (HTTPS) is encrypted using the Secure Sockets Layer (SSL) or other protocols that use a combination of public-key and/or symmetric key encryption. An SSL session always begins with a handshake where messages are exchanged between a client and a server to agree on various parameters for establishing the security of a connection between the client and the server"; "client side components 175 can include software components or agents installed on the mobile device that enables traffic optimization and performs the related functionalities", [0050], [0060], [0065], [0123]); installing the network device configuration propagation agent on a peer in response to a triggering stimulus from the peer (i.e. in response to frequent DNS queries at a mobile device to go over the cellular network, the harmonization component is implemented locally on the mobile device and communicates with a remote server (e.g., harmonization server 510 of FIG. 5B) which monitors a host or service to determine if and when a cached DNS record needs to be purged or updated. "In a networked deployment, the machine may operate in the capacity of a server or a client machine in a client-server network environment, or as a peer machine in a peer-to-peer (or distributed) network",  and the mobile device sends a polling task to the server for the server to monitor the host, [0050], [0060], [0123],  [0465], and [0467]); installing the key in the network device configuration propagation agent (i.e. "using the Secure Sockets Layer (SSL) or other protocols that use a combination of public-key and/or symmetric key encryption. An SSL session always begins with a handshake"; "DNS harmonization component 526, the DNS Resolver 520 or another component in the mobile device 502 can include a reverse DNS request caching engine that can cache reverse DNS requests such as the reverse DNS requests that are part of the SSL handshake" - e.g. the DNS harmonization component and harmonization server may establish secure communication channels through SSL, which would require generation/installation/provisioning of keys on such devices, [0065], [0406]-[0409]).
However, Backholm does not explicitly disclose the key being derived from the DNS zone name being derived from a customer's internet protocol (IP) address; the key providing the DNS zone name and secure communication with the network device configuration propagation agent.
However, Kondamuru the key being derived from the DNS zone name (i.e. These keys may be generated to sign a zone from DNSKEY records for the zone. These keys may be present at a zone apex. A zone apex may a top-level name in a zone, which is the name of the zone itself, [0228] and a zone name may be useful information for providing certain DNSSEC features. A zone name may be part of signature records, for example. It may also be useful to have a zone name or zone entity to provide DNS Zone transfer support, [0237]) being derived from a customer's internet protocol (IP) address (i.e. When the DNSSEC manager receives a query for a configured name (e.g., zone name), a response with an answer may be sent, [0238] and the interceptor 350 sets the destination information for the connection to a local IP address and port of the client 102 on which the client agent 120 is listening. For example, the client agent 120 may comprise a proxy service listening on a local IP address, [0129], and the client agent 120 and/or interceptor 350 resolves the DNS request. In another embodiment, the interceptor transmits the intercepted DNS request to the appliance 200 for DNS resolution, [0130]); the key providing the DNS zone name (i.e. instead of providing d.foo.bar in the above example, the NSEC3 record may provide a hashed representation of d.foo.bar, [0232]) and a zone name may be part of signature records, for example. It may also be useful to have a zone name or zone entity to provide DNS Zone transfer support, [0237]) and secure communication with the network device configuration propagation agent (i.e. DNSSEC may provide data integrity, for example, by adding security features to DNS. DNSSEC may digitally sign some or all messages or answers for security reasons, [0227] and The DNSSEC manager may use public key cryptographic techniques for signing records in a zone. The DNSSEC manager and/or key generator may provide commands, instructions and/or configurations for generating keys for a zone, [0252]).
Based on Backholm in view of Kondamuru it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to utilize the teaching of Kondamuru to the system of Backholm in order to increase secure communication capability of Backholm system. 
	
Regarding claim 2, Backholm teaches downloading DNS records with network device configuration data (i.e. records returned from a Domain Name System (DNS) server or host are cached in a manner which integrates with a local content caching system and in some instances, also the web-based service addressed in the DNS query [0050]-[0062]; storing network device configuration (i.e. the policy manager 129 can store and enforce traffic optimization and reporting policies provisioned by a Policy Management Server, [0129]); checking for network device configuration changes (i.e. The DNS harmonization component 526 can continue to serve the responses stored in the harmonization cache 528 typically until a change or invalidate is received from the harmonization server, [0404]-[0407]). 

Regarding claim 3, Backholm teaches when a network device configuration change is detected: downloading, in response to the configuration change being detected, DNS records with network device configuration data (i.e. records returned from a Domain Name System (DNS) server or host are cached in a manner which integrates with a local content caching system and in some instances, also the web-based service addressed in the DNS query [0050]-[0062]; storing network device configuration (i.e. the policy manager 129 can store and enforce traffic optimization and reporting policies provisioned by a Policy Management Server, [0129]); checking for network device configuration changes (i.e. The DNS harmonization component 526 can continue to serve the responses stored in the harmonization cache 528 typically until a change or invalidate is received from the harmonization server, [0404]-[0407]).

Regarding claim 4, Backholm teaches when a network device configuration change has not been detected, continuing to check for network device configuration changes (i.e. the local proxy (e.g., device side proxy) may keep monitoring the application/client polls and update the polling interval. If it changes by more than 30% (or another predetermined/dynamic/conditional value) from the current value, it is communicated to the proxy server (e.g., server-side proxy), [0080]-[0081]).

Regarding claim 5, Backholm teaches collecting, at a plurality of pre-determined period intervals, telemetry data (i.e. the client may collect data from a greater number of polling events (e.g., 10-12 polls) and apply a statistical analysis to determine, compute, or estimate a value for the average interval that is used and the local proxy (e.g., device side proxy) may keep monitoring the application/client polls and update the polling interval, [0080]-[0081]); generating DNS records with the telemetry data (i.e. generate DNS protocol messages; the DNS Harmonization component 526 can generate a responsive DNS protocol message using the stored response of the matching pair, [0404]-[0407]); performing a dynamic DNS update to push at least some of the telemetry data to a network device configuration propagation service (i.e. The push client 128 can send out service requests like content update requests and policy update requests, and receives updates to those requests from the server side proxy 125. In addition, push client 128 can send data to a reporting server (e.g., the reporting and/or usage analytics system which may be internal to or external to the server side proxy, [0125]-[0132]).

Regarding claims 6-20, the limitations of claims 6-20 are similar to the limitations of claims 1-5. Backholm further teaches a system (i.e. systems, Abstract) comprising one or more processors; and memory storing instructions that, when executed by the one or more processors (i.e. one or more instructions set at various times in various memory and storage devices in a computer that, when read and executed by one or more processing units or processors, [0471]), a non-transitory computer readable medium comprising instructions (i.e. a computer-readable medium, [0479]), a computer (i.e. computers and computer systems, [0472]). Therefore, the limitations of claims 6-20 are rejected in the analysis of claims 1-5 above, and the claims are rejected on that basis.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to AYELE F WOLDEMARIAM whose telephone number is (571)270-5196.  The examiner can normally be reached on M_F 8:30AM-5:00PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Joon H Hwang can be reached on 571-272-4036.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/A F W/
AYELE F. WOLDEMARIAM
Examiner
Art Unit 2447
11/17/22


/CHEIKH T NDIAYE/Primary Examiner, Art Unit 2447