DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
This office action is in response to claims filed on 4/14/2021.  Claims 1-20.  This office action is Non-Final.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.

Claims 1-18 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.


Claims 1-18 recites the limitation "the device" .  There is insufficient antecedent basis for this limitation in the claim.


Claim Rejections - 35 USC § 101

35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.


Claims 11-18 are rejected under 35 U.S.C. 101 as being directed to non-statutory subject matter. 

Claim 11, the claim recites a device. However, the body of the claim does not
positively recite any hardware embodiment. As recited in the body of the claim, the claimed
device contains: “a processor.” The specification does not explicitly define that the claimed
processor is hardware processor. The Applicant’s specification discloses the processor may be a virtual processor (see para. 0044).  One of ordinary skill in the art would understand that a
processor could be ‘software processor’ (see the Authoritative Dictionary of IEEE, Seventh
Edition, published in Dec. 2000, page 872). As the claimed device contains only components
implemented in software, which are non-statutory subject matter. Therefore, claim is directed to
non-statutory subject matter. The mere recitation of the machine in the preamble with an absence of a machine in the body of the claim fails to make the claim statutory under 35 USC
101. The Examiner respectfully suggests that the claim be further amended to positively recites
at least one hardware element within the body of the claim to make the claim statutory subject
matter under 35 U.S.C. 101.

Regarding claims 12-18; Claims 12-18 are also rejected under 35 U.S.C. 101 as being
directed to non-statutory subject matter for the same reasons.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-2, 4-5, 7-8, 11-14, 16-17, and 19-20 are rejected under 35 U.S.C. 103 as being unpatentable over Amdahl et al. (9,491,157) in view of Jakobsson (2011/0035784), and further in view of Volchok (2015/0082029).

As per claim 1, Amdahl et al. discloses a method comprising:
receiving, by a device intermediary between a client and a server, a request from the client to establish a connection (Amdahl: See Fig. 5, See Fig. 6, col. 7, lines 48-52, col. 15, lines 45-50, col. 16, lines 15-18, device (i.e. Packet traffic management computer A.K.A. PTMC #510, client computer (shown in Figure 5) and server computer (shown in Figure 5);
sending, by the device to the client, a cookie, the cookie generated according to a connection identifier (Amdahl: col. 4, lines 38-48, sending by the PTMC to the client, the cookie generated according to a connection identifier (i.e. session ID));
receiving, by the device, a response from the client that includes a client validation cookie for validating the request (Amdahl: col. 4, lines 54-67, col. 5, lines 1-4, receiving by the PTMC a response from the client that includes a client cookie for validating the request);
determining, by the device, a candidate validation cookie that matches the client validation cookie (Amdahl: col. 18, lines 19-28, col. 19, lines 36-39, col. 20, lines 54-64, determining by the PTMC, a candidate validation cookie (i.e. this is the authentication cookie that is stored by the PTMC matches the client validation cookie (i.e. the cookie that is transmitted by the client)); and
validating, by the device, the request responsive to the determination (Amdahl: col. 18, lines 19-28, col. 19, lines 36-39, col. 20, lines 54-64, the PTMC (i.e. device) validates the request based on the determination).
Amdahl does not explicitly disclose sending a cookie, the cookie generated according to a shared counter; and determining, a candidate validation cookie according to a value of a counter range of the shared counter, that matches the client validation cookie.
However, analogous art of Jakobsson sending, a cookie, the cookie generated according to a shared counter (Jakobsson: Abstract and para. 0022, sending a cookie, the cookie is generated (i.e. derived) according to counter/age); and determining, by the device, a candidate validation cookie according to a value of a counter range of the shared counter, that matches the client validation cookie (Jakobsson: para. 0054, 0057, value of the counter (i.e. counter range), the counter is shared for multiple sessions/requests thus the counter is shared the Examiner asserts).

Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Amdahl with the system/method of Jakobsson to include sending a cookie, the cookie generated according to a shared counter; and determining, a candidate validation cookie according to a value of a counter range of the shared counter, that matches the client validation cookie.  One would have been motivated to detect cyber threats involving misappropriation of valid of user’s cookies (Jakobsson: para. 0020).  
Amdahl and Jakobsson does not explicitly disclose the validation cookie generated according to the cookie.
However, analogous art of Volchok discloses the validation cookie generated according to the cookie (Volchok: para. 0041, 0073, domain cookie generated by the shared session cookie).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Volchok with the system/method of Amdahl and Jakobsson to include the validation cookie generated according to the cookie.  One would have been motivated to have a cookie that is generated according to another cookie, because upon initialization of the server (Volchok: para. 0040).  
As per claim 2, Amdahl, Jakobsson, and Volchok discloses the method of claim 1.  
Amdahl further discloses comprising: generating, by the device, the connection identifier for the connection according to a plurality of connection parameters, the plurality of connection parameters comprising at least one of: a secure sockets layer (SSL) session identifier, a shared unique identifier, a client internet protocol (IP) address, a server IP address, a port of the client, a port of the server, or a server sequence number (Amdahl: col. 3, lines 14-21, col. 4, lines 49-53, col. 17, lines 1-12, generating, by the PTMC (i.e. device), only one needs to be discloses SSL session identifier; however, Amdahl discloses IP address).
Same motivation as claim 1 above.

As per claim 4, Amdahl and Jakobsson discloses the method of claim 1.
Amdahl further discloses generating, by the device according to the connection identifier (Amdahl: col. 4, lines 38-48, the cookie generated according to a connection identifier (i.e. session ID)); and determining, by the device, whether the first candidate validation cookie matches the client validation cookie (Amdahl: col. 18, lines 19-28, col. 19, lines 36-39, col. 20, lines 54-64, determining by the PTMC, a candidate validation cookie (i.e. this is the authentication cookie that is stored by the PTMC matches the client validation cookie (i.e. the cookie that is transmitted by the client)).
Amdahl does not explicitly disclose generating a counter range, a first candidate cookie for a first value of the counter range; generating, by the device, a first candidate validation cookie according to an authentication token for the connection and the first candidate cookie.
However, analogous art of Jakobsson discloses generating a counter range, a first candidate cookie for a first value of the counter range (Jakobsson: para. 0054, 0057, value of the counter (i.e. counter range); generating, by the device, a first candidate validation cookie according to an authentication token (Jakobsson: See Fig. 1, para. 0056,  generating a cookie according to the cryptographic token is used as input to the cookie generation process).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Amdahl with the system/method of Jakobsson to include generating a counter range, a first candidate cookie for a first value of the counter range; generating, by the device, a first candidate validation cookie according to an authentication token for the connection. One would have been motivated to generate a cookie according to an authentication token, this is an efficient security measure that establishes authentication value, token in order to facilitate its verification and or authentication, when another entity establishes a connection with a web server (Jakobsson: para. 0056).  
Amdahl and Jakobsson do not explicitly disclose generating, a first cookie according to the first candidate cookie.
However, analogous art of Volchok discloses generating, a first cookie according to the first candidate cookie (Volchok: para. 0041, 0073, domain cookie generated by the shared session cookie).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Volchok with the system/method of Amdahl and Jakobsson to include generating, a first cookie according to the first candidate cookie.  One would have been motivated to have a cookie that is generated according to another cookie, because upon initialization of the server (Volchok: para. 0040).  
As per claim 5, Amdahl, Jakobsson, and Volchok disclose the method of claim 4.
Amdahl further discloses determining, by the device, that the first candidate validation cookie matches the client validation cookie (Amdahl: col. 18, lines 19-28, col. 19, lines 36-39, col. 20, lines 54-64, determining by the PTMC, a candidate validation cookie (i.e. this is the authentication cookie that is stored by the PTMC matches the client validation cookie (i.e. the cookie that is transmitted by the client)); and incorporating, by the device responsive to the first candidate validation cookie matching the client validation cookie, an indication of the connection to a list of validated connections (Amdahl: col. 18, lines 24-28, private pool of connections (i.e. list of validated connections).

As per claim 7, Amdahl, Jakobsson, and Volchok discloses the method of claim 1. 
The combination of Jakobsson and Volchok further discloses generating, by the device according to the connection identifier, a plurality of candidate cookies according to a plurality of values of the counter range (Jakobsson: See Fig. 2, Age #216 (i.e. counter), para. 0022, connection identifier (i.e. user ID, device ID, authentication value), generating, by the device, a plurality of candidate validation cookies according to an authentication token (Jakobsson: See Fig. 1, plurality of candidate cookies, #122, #124, #126, para. 0056, the cryptographic token is used as input to the cookie generation process); and the plurality of candidate cookies (Volchok: para. 0041, 0073, shared session cookie (i.e. candidate cookie) and determining, by the device, whether the plurality of candidate validation cookies includes the candidate validation cookie that matches the client validation cookie (Jakobsson: para. 0040, 0123, determines plurality of cookies includes at least one cookies that matches the client cookie).
Same motivation as claim 4 above.
As per claim 8, Amdahl, Jakobsson, and Volchok discloses the method of claim 7.
Jakobsson further discloses comprising: determining, by the device, that the candidate validation cookie, from the plurality of candidate validation cookies, matches the client validation cookie (Jakobsson: para. 0057, 0059, 0061, 0094, determining if the candidate validation cookie matches the client cookie).
Same motivation as claim 1 above.


As per claims 11-12, rejected under similar scope as claims 1-2 respectively.
As per claims 13-14, rejected under similar scope as claim 4-5 respectively.
As per claims 16-17, rejected under similar scope as claims 7-8 respectively.
As per claim 19, rejected under similar scope as claim 1.
As per claim 20, rejected under similar scope as claim 4.

Claim 3 is rejected under 35 U.S.C. 103 as being unpatentable over Amdahl et al. (9,491,157) in view of Jakobsson (2011/0035784), and in view of Volchok (2015/0082029), and further in view of Hatano (2001/0021917).
As per claim 3, Amdahl, Jakobsson, and Volchok discloses the method of claim 1.
Jakobsson further discloses wherein the shared counter outputs a next value (Jakobsson: para. 0068, 0129, counter output a next value, increment a counter).
Amdahl, Jakobsson and Volchok do not explicitly disclose a counter outputs a value at predetermined time intervals.
However, analogous art of Hatano discloses a counter outputs a value at predetermined time intervals (Hatano: para. 0041, counter outputs a value at a predetermined time interval).
 Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Hatano with the system/method of Amdahl, Jakobsson, and Volchok to include a counter outputs a value at predetermined time intervals.  One would have been motivated to have a security measure to monitor the value in the counter to detect when a predetermined time interval (Hatano: para. 0044).  


Claims 6 and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Amdahl et al. (9,491,157) in view of Jakobsson (2011/0035784), in view of Volchok (2015/0082029) and further in view of Gal et al. (2009/0144806).

As per claim 6, Amdahl, Jakobsson, and Volchok discloses the method of claim 4.
Amdahl further discloses incorporating, by the device responsive to the second candidate validation cookie matching the client validation cookie, an indication of the connection to a list of validated connections (Amdahl: col. 18, lines 24-28, private pool of connections (i.e. list of validated connections).
Amdahl does not explicitly disclose generating, by the device, a second candidate validation cookie according to the authentication token; determining, by the device, that the second candidate validation cookie matches the client validation cookie.
However, analogous art of Jakobsson discloses generating, by the device, a second candidate validation cookie according to the authentication token (Jakobsson: para. 0021, 0056, generating, reinforced cookies (i.e. includes a second reinforced cookie according to the token, the token is input to the generate the reinforced cookie) ; determining, by the device, that the second candidate validation cookie matches the client validation cookie (Jakobsson: para. 0129-0131, determining the reinforced cookies matches the client cookie).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Jakobsson with the system/method of Amdahl to include generating, by the device, a second candidate validation cookie according to the authentication token; determining, by the device, that the second 

candidate validation cookie matches the client validation cookie.  One would have been motivated to detect cyber threats involving misappropriation of valid of user’s cookies (Jakobsson: para. 0020).  
Amdahl, Jakobsson, and Volchok does not explicitly disclose determining, by the device, that the first candidate validation cookie fails to match the client validation cookie; generating, by the device responsive to the first candidate validation cookie failing to match the client validation cookie, a second candidate cookie for a second value of the counter range according to the connection identifier and the counter range.
However, analogous art of Gal discloses determining, by the device, that the first candidate validation cookie fails to match the client validation cookie; generating, by the device responsive to the first candidate validation cookie failing to match the client validation cookie (Gal: para. 0026,  If the guard system is unable to match the received cookie to an issued cookie stored in database 32, the received message fails the authentication step), a second candidate cookie for a second value of the counter range according to the connection identifier and the counter range (Gal: para. 0017, 0023, 0026, if the first cookie fails, generates a new cookie (i.e. second candidate cookie, new cookie has counter and IP address).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Gal with the system/method Amdahl, Jakobsson, and Volchok to include determining, by the device, that the first candidate validation cookie fails to match the client validation cookie; generating, by the device responsive to the first candidate validation cookie failing to match the client validation cookie; a second candidate cookie for a second value of the counter range according to the

connection identifier and the counter range.  One would have been motivated to block illegitimate request from passing through a server (Gal: para. 0017).  

As per claim 15, rejected under similar basis as claim 6.

Claim 9 is rejected under 35 U.S.C. 103 as being unpatentable over Amdahl et al. (9,491,157) in view of Jakobsson (2011/0035784), in view of Volchok (2015/0082029) and further in view of Perlman (2020/0110871).
As per claim 9, Amdahl, Jakobsson, and Volchok discloses the method of claim 1.
Amdahl, Jakobsson, and Volchok do not explicitly disclose wherein the counter range of the shared counter comprises a plurality of values of the shared counter identified according to a sliding window.
However, analogous art of Perlman discloses wherein the counter range of the shared counter comprises a plurality of values of the shared counter identified according to a sliding window (Perlman: para. 0045, 0083, counter range of counter has sliding window (i.e. maximum values)).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Amdahl, Jakobsson, and Volchok with the system/method of Perlman to include the counter range of the shared counter comprises a plurality of values of the shared counter identified according to a sliding window.  One would have been motivated have an efficient security measure to control access to information resources (Perlman: para. 0001).  

Claims 10 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Amdahl et al. (9,491,157) in view of Jakobsson (2011/0035784), in view of Volchok (2015/0082029) and in view of Perlman (2020/0110871), and further in view of Khanal (2014/0304810).
As per claim 10, Amdahl, Jakobsson, Volchok, and Perlman discloses the method of claim 9.
The combination of Jakobsson and Volchok further discloses determining, by the device, a first candidate cookie corresponding to a first value of the plurality of values of the shared counter (Jakobsson: Abstract and para. 0022, sending a cookie, the cookie is generated (i.e. derived) according to counter/age); and determining, by the device, a second candidate cookie (Volchok: para. 0041, 0073, domain cookie generated by the shared session cookie) corresponding to a second value of the plurality of values of the shared counter (Jakobsson: para. 0054, 0057, value of the counter (i.e. counter range), the counter is shared for multiple sessions/requests thus the counter is shared the Examiner asserts).
Amdahl, Jakobsson, Volchok, and Perlman does not explicitly disclose determining a cookie using a function.
However, analogous art of Khanal discloses determining a cookie using a function (Khanal: para. 0292, determining a cookie using a hash function).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Amdahl, Jakobsson, Volchok, and Perlman with the system/method of Khanal to include determining a cookie using 

a function.  One would have been motivated to execute a hash function to determine cookie signatures, this is a protects the integrity of the cookie (Khanal: para. 0292).  
As per claim 18, Amdahl, Jakobsson, and Volchok, discloses the device of claim 11.
The combination of Jakobsson and Volchok further discloses determining, by the device, a first candidate cookie corresponding to a first value of the plurality of values of the shared counter (Jakobsson: Abstract and para. 0022, sending a cookie, the cookie is generated (i.e. derived) according to counter/age); and determining, by the device, a second candidate cookie (Volchok: para. 0041, 0073, domain cookie generated by the shared session cookie) corresponding to a second value of the plurality of values of the shared counter (Jakobsson: para. 0054, 0057, value of the counter (i.e. counter range), the counter is shared for multiple sessions/requests thus the counter is shared the Examiner asserts); wherein the counter range of the shared counter comprises the plurality of values shared counter (Jakobsson: para. 0054, 0057, value of the counter (i.e. counter range).
Amdahl, Jakobsson, and Volchok, discloses wherein the counter range of the shared counter comprises the plurality of values of the shared counter identified according to a sliding window. 
However, Perlman discloses wherein the counter range of the shared counter comprises the plurality of values of the shared counter identified according to a sliding window.



However, analogous art of Perlman discloses wherein the counter range of the shared counter comprises a plurality of values of the shared counter identified according to a sliding window (Perlman: para. 0045, 0083, counter range of counter has sliding window (i.e. maximum values)).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Amdahl, Jakobsson, and Volchok with the system/method of Perlman to include the counter range of the shared counter comprises a plurality of values of the shared counter identified according to a sliding window.  One would have been motivated have an efficient security measure to control access to information resources (Perlman: para. 0001).  
 

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JENISE E JACKSON whose telephone number is (571)272-3791. The examiner can normally be reached M-F 8:00am-4:30pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu T Pham can be reached on (571)270-5002. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




11/29/2022


  /J.E.J/  Examiner, Art Unit 2439                                                                                                                                                                                                        

/KARI L SCHMIDT/Primary Examiner, Art Unit 2439