DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 

The response filed on 10/03/2022 has been entered and made of record.
Claims 13-14, 16-22 and 24 have been amended.
Claims 1-12 were canceled.
Claims 13-24 are currently pending.

Response to Arguments
Applicant's arguments filed 10/03/2022 have been fully considered but are moot in view of the new ground(s) of rejection.


Claim Rejections - 35 USC § 103
	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

Claims 17, 13, 14, 16, 18, 20, 21 and 22 are rejected under 35 U.S.C. 103 as being unpatentable over Satomi et al. [hereinafter as Satomi], US 9,438,639 B2 in view of Tanimoto [hereinafter as Tanimoto], US 9191320 B2 further in view of Park [hereinafter as Park], US 20140085666 A1.
Regarding claim 17, Satomi discloses wherein a communication system comprising an apparatus with a predetermined operation, an external terminal to operate the apparatus (Fig.1-3 Col 3 lines 43-59, an application system 5 comprising an image forming apparatus 1A with an overall configuration/predetermined operation of Local Area Network (LAN) 50, a device managing server 2A and a full-time connection server 2B and application server 3A/external terminal to operate the apparatus, at least one terminal 3B, a communication line 4 and so on and Fig.1-3 Col 7 lines 14-21, predetermined operation of image forming apparatus 1Aa1 and Fig.1-3 Col 5 lines 1-14, external device), the first gateway device (Fig.1-3 Col 3 lines 43-59, a device managing server 2A or a full-time connection server 2B/first gateway device and Fig.1-3 Col 6 lines 28-34, gateway program 1AP1 implements the functions of a device managing portion 101) including:
a network interface connected to the apparatus to perform communication with the apparatus and external communication (Fig.5 Col 6 lines 28-34, a device-specific interface 105 for communication with the apparatus and Fig.9-10 Col 9 lines 7-27, device-specific interface 301 is an interface connected to the apparatus for the operating system of the image forming apparatus 1A or for the application software 3PS and external connection communication to the full-time connection server 2B or application server 3A or device managing server 2A);
a storage device to store first address information in which an apparatus ID of the apparatus and an address assigned to the apparatus are stored in association with each other (Fig.4 Col 5 lines 42-46, a large-capacity storage 20d and Fig.6-8 Col 6 lines 57-67, device information managing portion 201 of the device managing server 2A stores and manages the device management table 2TL1 as shown in FIG.6/storage device stores first address information, the device management table 2TL1 has records showing a device identifier 6A/apparatus ID, an account code 6B, and a device name 6C for each of the image forming apparatuses 1A connected to the full-time connection server 2B and Fig.11-14 Col 11 lines 54-60, device information managing portion 221 of the device managing server 2A stores and manages the device management table 2TL2 as shown in FIG.14 and records showing a device identifier 6A, an account code 6B, a device name 6C, and status information 6J); and
a controller (Fig.4 Col 5 lines 42-46, CPU 20a/controller) configured or programmed to, in response to receiving a connection request to the apparatus identified by the apparatus ID from the external terminal via the network interface, send the connection request to the apparatus (Fig.4 Col 9 lines 28-46, sending the device connection request 6G to the full-time connection server 2B when the device managing server 2A is receiving the device identifier 6A/apparatus ID, the address information 6F, and the device connection request 6G (Step #741) via NIC 20g, the device connection request sending and receiving portion 202 calls an account code 6B corresponding to the device identifier 6A from the device management table 2TL1 and an image forming apparatus 1A having a gateway portion corresponding to the requested device based on the account code 6B). 
in response to receiving a connection request to the first gateway device from another
gateway device via the network interface, exchange the first address information with the another gateway device (Fig.9-10 Col 9 lines 28-46, when the device managing server 2A is receiving the device identifier 6A/apparatus ID, the address information 6F, and the device connection request 6G (Step #741) from the full-time connection server 2B/another gateway device via the NIC 20g, the device managing server 2A is sending and receiving (i.e., exchanging) the address information with the full-time connection server 2B/another gateway device through the device connection request sending and receiving portion 202); and
in response to receiving data directed to the address included in the first address
information from the another gateway device, transfer the received data to the apparatus assigned with the address (Fig.19-24 Col 18 lines 29-54, when the device managing server 2A is receiving data such as the device identifier 6A/apparatus ID to an address included in the first address information 6F, and the device connection request 6G from the image forming apparatus 1A and the application server 3A/another gateway device, the device managing server 2A is transferring the device connection request 6G and so on/received data in accordance with the result of authentication based on the electronic certificate 6L/assigned with the address and Fig.9-10 Col 13 lines 15-31, the application server 3A may make the determination. In such a case, the device managing server 2A provides the application server 3A with the status information 6J (i.e., transfer the received data) for each of the image forming apparatuses 1A. With the application server 3A, if the status information 6J for the image forming apparatus 1A selected by the user indicates “active”, then the device connection request portion 302 preferably sends the device identifier 6A, the address information 6F, and the device connection request 6G to the device managing server 2A and Fig.26 Col 18 lines 43-63, the device managing server 2A transfers the received data such as the device identifier 6A/apparatus ID, an address included in the address information 6F, and the device connection request 6G to the full-time connection server 2B and the image forming apparatus 1A having a gateway portion corresponding to the requested device based on the account code 6B when receiving the device identifier 6A, the account code 6B, the address information 6F, and the device connection request 6G).
	Even though Satomi discloses wherein a controller configured or programmed to: in response to receiving a connection request to the apparatus identified by the apparatus ID from the external terminal via the network interface, send the connection request to the apparatus but Satomi does not specifically disclose wherein to establish a direct communication session between the apparatus and the external terminal, in the same field of endeavor, Tanimoto teaches wherein a controller (Fig.1-4 Col 5 lines 53-67, control unit includes a connecting-target apparatus acquisition control unit, a VPN start control unit, an address filter information communication control unit, a routing session establishment control unit, and a routing control unit) configured or programmed to: in response to receiving a connection request to the apparatus identified by the apparatus ID from the external terminal via the network interface, send the connection request to the apparatus to establish a direct communication session between the apparatus and the external terminal (Fig.10 Col 15 lines 1-21, in response to receiving the login request (Sequence Number 1) to the apparatus identified by the operator ID and passcode from operator2 communication device 22/the external terminal, the relay server 2/gateway transmits the login request/connection request to the relay server 1 apparatus together with the operator ID, the passcode, and used apparatus information (specifically, the identification information of the relay server 2) that are inputted (Sequence Number 2) in the relay communication system 100 and Fig.20-21 Col 22 lines 63-67 to Col 23 lines 1-6, transmitting the login request/ connection request to the relay server 1 on the manager side (Sequence Number 22) in response to receiving a login request (Sequence Number 21) and Fig.18 Col 24 lines 35-47, the relay server 2/gateway is directly sending a packet for direct communication session between a routing apparatus and the external terminal and Fig.24-25 Col 25 lines 21-32, in response to receiving a login request (Sequence Number 41), the connecting-side relay server 2 is transmitting the login request/connection request to the relay server 1 on the manager side (Sequence Number 42) and Fig.28-29 Col 28 lines 56-67 to Col 29 lines 1-3, the relay server 2 forwards the login request to the relay server 1 that manages the relay server 2 itself (to the relay server 1 whose management-side information storage unit 53 stores the identification information of the  relay server 2 itself). Then, in the relay server 1, authentication of the operator ID and passcode is performed in the same manner as described above).
	Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to provide to have modified Satomi to incorporate the teaching of Tanimoto in order to achieve a complicated access control.		
	It would have been beneficial to use an input of the operator ID and the passcode which is requested. Then, the operator2 inputs the operator ID (Op2) and the passcode (def) of himself/herself, and enters a content thus inputted. Thus, the relay server 2 receives the login request (Sequence Number 1). The relay server 2 includes an identification information receiver unit to receive the identification information of the operator who performs a login operation. The relay server 2 transmits, to the relay server 1, the login request together with the operator ID, the passcode, and used apparatus information (specifically, the identification information of the relay server 2) that are inputted (Sequence Number 2) as taught by Tanimoto to have incorporated in the system of Satomi to provide a relay server that enables a VPN to be built with flexibility and mobility in accordance with an apparatus used by an operator. (Tanimoto, Fig.1 Col 1 lines 38-41, Fig.10 Col 15 lines 1-21, Fig.20-21 Col 22 lines 63-67 to Col 23 lines 1-6, Fig.24-25 Col 25 lines 21-32 and Fig.28-29 Col 28 lines 56-67 to Col 29 lines 1-3)
	Even though Satomi and Tanimoto disclose wherein in response to receiving a connection request to the apparatus identified by the apparatus ID from the external terminal via the network interface, send the connection request to the apparatus to establish a direct communication session between the apparatus and the external terminal, in the same field of endeavor, Park teaches wherein in response to receiving a connection request to the apparatus identified by the apparatus ID from the external terminal via the network interface, send the connection request to the apparatus to establish a direct communication session between the apparatus and the external terminal (Fig.14-19 [0112]-[0122], upon receiving a WiFi Direct connection request to the image forming apparatus identified the device type from an external wireless terminal, allocate/send the a network address including an IP address, a gateway address, a subnet mask, and a DNS server address/connection request to the wireless terminal apparatus to establish a WiFi direct communication session between the image forming apparatus and the external wireless terminal and Fig.11 [0108], through the user interface unit 1110).
	Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to provide to have modified Satomi and Tanimoto to incorporate the teaching of Park in order to provide for controlling Internet access of a wireless terminal connected to an image forming apparatus that supports WiFi Direct, in the image forming apparatus.		
	It would have been beneficial to use the image forming apparatus which is
connected to the Internet in operation S1501, and starts operating as a GO in operation S1503. The image forming apparatus operating as a GO, upon receiving a WiFi Direct connection request from an external wireless terminal in operation S1505, identifies a device type of the wireless terminal based on device information received from the wireless terminal in operation S1507. The image forming apparatus determines whether the identified device type of the wireless terminal is an Interne-access-permitted device type in operation S1509, such that if the identified device type of the wireless terminal is the Internet-access-permitted device type, the image forming apparatus proceeds to operation S1511 to allocate a WiFi Direct interface IP address of the image forming apparatus to a gateway address to the wireless terminal and complete WiFi Direct connection as taught by Park to have incorporated in the system of Satomi and Tanimoto to provide for enabling P2P communication of BLUETOOTH technology. (Park, Fig.1-2 [0005] and Fig.14-19 [0112]-[0122])

Regarding claim 13, Satomi discloses wherein a gateway device to control communication between an apparatus with a predetermined operation and an external terminal to operate the apparatus in a communication system (Fig.1-3 Col 3 lines 43-59, a device managing server 2A or a full-time connection server 2B/a gateway device, an application system 5 comprising an image forming apparatus 1A with an overall configuration/predetermined operation of Local Area Network (LAN) 50, a device managing server 2A and a full-time connection server 2B and application server 3A/external terminal to operate the apparatus, at least one terminal 3B, a communication line 4 and so on and Fig.1-3 Col 7 lines 14-21, predetermined operation of image forming apparatus 1Aa1 and Fig.1-3 Col 5 lines 1-14, external device), the gateway device (Fig.1-3 Col 6 lines 28-34, gateway program 1AP1 implements the functions of a device managing portion 101) comprising:
a network interface connected to the apparatus to perform communication with
the apparatus and external communication (Fig.5 Col 6 lines 28-34, a device-specific interface 105 for communication with the apparatus and Fig.9-10 Col 9 lines 7-27, device-specific interface 301 is an interface connected to the apparatus for the operating system of the image forming apparatus 1A or for the application software 3PS and external connection communication to the full-time connection server 2B or application server 3A or device managing server 2A);
a storage device to store address information in which an apparatus ID of the apparatus and an address assigned to the apparatus are stored in association with each other (Fig.4 Col 5 lines 42-46, a large-capacity storage 20d and Fig.6-8 Col 6 lines 57-67, device information managing portion 201 of the device managing server 2A stores and manages the device management table 2TL1 as shown in FIG.6/storage device stores address information, the device management table 2TL1 has records showing a device identifier 6A/apparatus ID, an account code 6B, and a device name 6C for each of the image forming apparatuses 1A connected to the full-time connection server 2B and Fig.11-14 Col 11 lines 54-60, device information managing portion 221 of the device managing server 2A stores and manages the device management table 2TL2 as shown in FIG.14 and records showing a device identifier 6A, an account code 6B, a device name 6C, and status information 6J); and
a controller (Fig.4 Col 5 lines 42-46, CPU 20a/controller) configured or programmed to:
in response to receiving a connection request to the apparatus identified by the apparatus ID from an external terminal via the network interface, send the connection request to the apparatus (Fig.4 9-10 Col 9 lines 28-46, sending the device connection request 6G to the full-time connection server 2B when the device managing server 2A is receiving the device identifier 6A/apparatus ID, the address information 6F, and the device connection request 6G (Step #741) via NIC 20g, the device connection request sending and receiving portion 202 calls an account code 6B corresponding to the device identifier 6A from the device management table 2TL1 and an image forming apparatus 1A having a gateway portion corresponding to the requested device based on the account code 6B);
in response to receiving a connection request to the gateway device from another gateway device via the network interface, exchange the address information with the another gateway device (Fig.9-10 Col 9 lines 28-46, when the device managing server 2A is receiving the device identifier 6A/apparatus ID, the address information 6F, and the device connection request 6G (Step #741) from the full-time connection server 2B/another gateway device via the NIC 20g, the device managing server 2A is sending and receiving (i.e., exchanging) the address information with the full-time connection server 2B/another gateway device through the device connection request sending and receiving portion 202); and
in response to receiving data directed to the address included in the address information from the another gateway device, transfer the received data to the apparatus assigned with the address (Fig.19-24 Col 18 lines 29-54, when the device managing server 2A is receiving data such as the device identifier 6A/apparatus ID to an address included in the address information 6F, and the device connection request 6G from the image forming apparatus 1A and the application server 3A/another gateway device, the device managing server 2A is transferring the device connection request 6G and so on/received data in accordance with the result of authentication based on the electronic certificate 6L/assigned with the address and Fig.9-10 Col 13 lines 15-31, the application server 3A may make the determination. In such a case, the device managing server 2A provides the application server 3A with the status information 6J (i.e., transfer the received data) for each of the image forming apparatuses 1A. With the application server 3A, if the status information 6J for the image forming apparatus 1A selected by the user indicates “active”, then the device connection request portion 302 preferably sends the device identifier 6A, the address information 6F, and the device connection request 6G to the device managing server 2A and Fig.26 Col 18 lines 43-63, the device managing server 2A transfers the received data such as the device identifier 6A/apparatus ID, an address included in the address information 6F, and the device connection request 6G to the full-time connection server 2B and the image forming apparatus 1A having a gateway portion corresponding to the requested device based on the account code 6B when receiving the device identifier 6A, the account code 6B, the address information 6F, and the device connection request 6G).
	Even though Satomi discloses wherein a controller configured or programmed to:
in response to receiving a connection request to the apparatus identified by the apparatus ID from a first external terminal via the network interface, send the connection request to the apparatus but Satomi does not specifically disclose wherein establish a direct communication session between the apparatus and the external terminal, in the same field of endeavor, Tanimoto teaches wherein a controller (Fig.1-4 Col 5 lines 53-67, control unit includes a connecting-target apparatus acquisition control unit, a VPN start control unit, an address filter information communication control unit, a routing session establishment control unit, and a routing control unit) configured or programmed to:
in response to receiving a connection request to the apparatus identified by the apparatus ID from a first external terminal via the network interface, send the connection request to the apparatus to establish a direct communication session between the apparatus and the external terminal (Fig.10 Col 15 lines 1-21, in response to receiving the login request (Sequence Number 1) to the apparatus identified by the operator ID and passcode from operator2 communication device 22/the external terminal, the relay server 2/gateway transmits the login request/connection request to the relay server 1 apparatus together with the operator ID, the passcode, and used apparatus information (specifically, the identification information of the relay server 2) that are inputted (Sequence Number 2) in the relay communication system 100 and Fig.20-21 Col 22 lines 63-67 to Col 23 lines 1-6, transmitting the login request/ connection request to the relay server 1 on the manager side (Sequence Number 22) in response to receiving a login request (Sequence Number 21) and Fig.18 Col 24 lines 35-47, the relay server 2/gateway is directly sending a packet for direct communication session between a routing apparatus and the external terminal and Fig.24-25 Col 25 lines 21-32, in response to receiving a login request (Sequence Number 41), the connecting-side relay server 2 is transmitting the login request/connection request to the relay server 1 on the manager side (Sequence Number 42) and Fig.28-29 Col 28 lines 56-67 to Col 29 lines 1-3, the relay server 2 forwards the login request to the relay server 1 that manages the relay server 2 itself (to the relay server 1 whose management-side information storage unit 53 stores the identification information of the  relay server 2 itself). Then, in the relay server 1, authentication of the operator ID and passcode is performed in the same manner as described above).
	Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to provide to have modified Satomi to incorporate the teaching of Tanimoto in order to achieve a complicated access control.		
	It would have been beneficial to use an input of the operator ID and the passcode which is requested. Then, the operator2 inputs the operator ID (Op2) and the passcode (def) of himself/herself, and enters a content thus inputted. Thus, the relay server 2 receives the login request (Sequence Number 1). The relay server 2 includes an identification information receiver unit to receive the identification information of the operator who performs a login operation. The relay server 2 transmits, to the relay server 1, the login request together with the operator ID, the passcode, and used apparatus information (specifically, the identification information of the relay server 2) that are inputted (Sequence Number 2) as taught by Tanimoto to have incorporated in the system of Satomi to provide a relay server that enables a VPN to be built with flexibility and mobility in accordance with an apparatus used by an operator. (Tanimoto, Fig.1 Col 1 lines 38-41, Fig.10 Col 15 lines 1-21, Fig.20-21 Col 22 lines 63-67 to Col 23 lines 1-6, Fig.24-25 Col 25 lines 21-32 and Fig.28-29 Col 28 lines 56-67 to Col 29 lines 1-3)
	Even though Satomi and Tanimoto disclose wherein in response to receiving a connection request to the apparatus identified by the apparatus ID from an external terminal via the network interface, send the connection request to the apparatus to establish a direct communication session between the apparatus and the external terminal, in the same field of endeavor, Park teaches wherein in response to receiving a connection request to the apparatus identified by the apparatus ID from an external terminal via the network interface, send the connection request to the apparatus to establish a direct communication session between the apparatus and the external terminal (Fig.14-19 [0112]-[0122], upon receiving a WiFi Direct connection request to the image forming apparatus identified the device type from an external wireless terminal, allocate/send the a network address including an IP address, a gateway address, a subnet mask, and a DNS server address/connection request to the wireless terminal apparatus to establish a WiFi direct communication session between the image forming apparatus and the external wireless terminal and Fig.11 [0108], through the user interface unit 1110).
	Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to provide to have modified Satomi and Tanimoto to incorporate the teaching of Park in order to provide for controlling Internet access of a wireless terminal connected to an image forming apparatus that supports WiFi Direct, in the image forming apparatus.		
	It would have been beneficial to use the image forming apparatus which is
connected to the Internet in operation S1501, and starts operating as a GO in operation S1503. The image forming apparatus operating as a GO, upon receiving a WiFi Direct connection request from an external wireless terminal in operation S1505, identifies a device type of the wireless terminal based on device information received from the wireless terminal in operation S1507. The image forming apparatus determines whether the identified device type of the wireless terminal is an Interne-access-permitted device type in operation S1509, such that if the identified device type of the wireless terminal is the Internet-access-permitted device type, the image forming apparatus proceeds to operation S1511 to allocate a WiFi Direct interface IP address of the image forming apparatus to a gateway address to the wireless terminal and complete WiFi Direct connection as taught by Park to have incorporated in the system of Satomi and Tanimoto to provide for enabling P2P communication of BLUETOOTH technology. (Park, Fig.1-2 [0005] and Fig.14-19 [0112]-[0122])

Regarding claim 14, Satomi, Tanimoto and Park disclosed all the elements of claim 13 as stated above wherein Tanimoto further discloses the connection request to the apparatus identified by the apparatus ID is a log-in request signal to control the apparatus to log in to a relay server to establish a communication session between the logged-in apparatus included in the communication system and the external terminal (Fig.9 Col 16 lines 44-51, the relay server 2 includes a routing session establishment control unit 634 that is configured and programmed to establish a routing session, and performs a communication control on the client terminal 47 via the relay server 3, to establish a routing session with the client terminal 47 (Sequence Number 15). As a result, a routing session is established that starts at the relay server 2 as a start point, routes through the relay server 3, and ends at the client terminal 47 as an end point); and
in response to receiving the log-in request signal, the controller is configured or
programmed to control the identified apparatus to log in to the relay server (Fig.6 Col 18 lines 9-42, a routing session establishment control unit 634 that establishes a routing session with the client terminal 47 selected by the operator2. The relay server 2
stores, as the first address filter information, the address of the communication device 22 on which the operator2 has performed the login operation, and transmits the address of the communication device 22 to the client terminal 47).

Regarding claim 16, Satomi, Tanimoto and Park disclosed all the elements of claim 14 as stated above wherein Satomi further discloses the controller is configured or programmed to monitor a connection status of the apparatus to the network interface, and when the connection status of the apparatus has changed, the controller is configured or programmed to transmit information regarding a change in the connection status to the relay server (Fig.13 Col 11 lines 61-67 to Col 12 lines 1-17, the controller of the device managing server 2A is monitoring the device information managing portion 221 and the status information 6J/connection status of the apparatus in the device management table 2TL2 and Fig.13-15 Col 12 lines 42-67, when the status information 6J /the connection status of the apparatus has changed such as “non-active” or “active”, the controller of the device managing server 2A is transmitting information regarding an updated/changed in the status information 6J /the connection status to the full-time connection server 2B/relay server).

Regarding claim 18, Satomi, Tanimoto and Park disclosed all the elements of claim 17 as stated above wherein Satomi further discloses a relay server to establish a communication session between a logged-in apparatus and the external terminal (Fig.7-8 Col 9 lines 61-67 to Col 10 lines 1-4, with the image forming apparatus 1Aa1, when the device connection request receiving portion 103 receives the device identifier 6A, the address information 6F, and the device connection request 6G (Step #761), and the communication session portion 104 and the communication session portion 303 of the application server 3A/relay server establish a session between the application server 3Aa and the image forming apparatus 1Aa1 (encircled number 9, Steps #733 and #762)); wherein
the connection request to the apparatus identified by the apparatus ID is a log-in request signal to control the apparatus to log in to the relay server (Fig.26-27 Col 19 lines 43-67 to Col 10 lines 1-2, with the full-time connection server 2B, when receiving the device identifier 6A/apparatus ID, the account code 6B, the address information 6F, and the device connection request 6G, the device connection request sending and receiving portion 252 finds out an image forming apparatus 1A having a gateway portion corresponding to the requested device based on the account code 6B, the image forming apparatus 1Ab1 is identified as the image forming apparatus 1A having a gateway portion to log in to the full-time connection server 2B/the relay server); and
in response to receiving the log-in request signal, the controller is configured or
programmed to control the identified apparatus to log in to the relay server (Fig.26-27 Col 19 lines 55-67 to Col 10 lines 1-13, when the device connection request receiving portion 103 receives the device identifier 6A, the address information 6F, and the device connection request 6G, the communication session portion 104 has access to the application server 3A//control the identified apparatus log in to the relay server based on the address information 6F, and the communication session portion 104 and the communication session portion 303 of the application server 3A establish a session between the application server 3Aa and the image forming apparatus 1Ab1 and Fig.9-10 Col 8 lines 29-50, in response to receiving the device connection request/log-in request signal the CPU 20a of the device managing server 2A is configured or programmed to control the image forming apparatus 1A/ identified apparatus to log in to the application server 3A/relay server).
Additionally, Tanimoto discloses wherein a relay server to establish a communication session between a logged-in apparatus and the external terminal (Fig.6 Col 11 lines 45-64, the column "operator ID" describes a list of operator IDs that are able to log in to the relay communication system 100. a routing session is established that starts at the relay server 2 (used apparatus) as a start point, routes through the relay server 3, and ends at the client terminal 42 or the client terminal 47 as an end point. Additionally, a virtual private network (VPN) using this routing session is built); wherein
the connection request to the apparatus identified by the apparatus ID is a log-in request signal to control the apparatus to log in to the relay server (Fig.9 Col 16 lines 44-51, the relay server 2 includes a routing session establishment control unit 634 that is configured and programmed to establish a routing session, and performs a communication control on the client terminal 47 via the relay server 3, to establish a routing session with the client terminal 47 (Sequence Number 15). As a result, a routing session is established that starts at the relay server 2 as a start point, routes through the relay server 3, and ends at the client terminal 47 as an end point); and
in response to receiving the log-in request signal, the controller is configured or
programmed to control the identified apparatus to log in to the relay server (Fig.6 Col 18 lines 9-42, a routing session establishment control unit 634 that establishes a routing session with the client terminal 47 selected by the operator2. The relay server 2
stores, as the first address filter information, the address of the communication device 22 on which the operator2 has performed the login operation, and transmits the address of the communication device 22 to the client terminal 47).

Regarding claim 20, Satomi, Tanimoto and Park disclosed all the elements of claim 18 as stated above wherein Satomi further discloses the controller is configured or programmed to monitor a connection status of the apparatus to the network interface, and when the connection status of the apparatus has changed, the controller is configured or programmed to transmit information regarding a change in the connection status to the relay server (Fig.13 Col 11 lines 61-67 to Col 12 lines 1-17, the controller of the device managing server 2A is monitoring the device information managing portion 221 and the status information 6J/connection status of the apparatus in the device management table 2TL2 and Fig.13-15 Col 12 lines 42-67, when the status information 6J /the connection status of the apparatus has changed such as “non-active” or “active”, the controller of the device managing server 2A is transmitting information regarding the updated/changed in the status information 6J /the connection status to the full-time connection server 2B/relay server).

Regarding claim 21, Satomi, Tanimoto and Park disclosed all the elements of claim 18 as stated above wherein Tanimoto further discloses a second gateway device connected to a maintenance terminal to perform maintenance of the apparatus (Fig.1 Col 8 lines 43-58, the file servers 31, 41, and 46 second gateway device which are objectives of a maintenance operation, or the like, performed by the operator, are arranged in the LANs 30, 40, and 45. Apparatuses (not shown) that are objects of the maintenance operation are arranged in the LAN 48, too. The place where the LAN 10 is installed is a station where the operator manages maintenance services); wherein
in response to receiving the connection request to the first gateway device from the
maintenance terminal via the second gateway device, the controller is configured or
programmed to exchange the first address information with the second gateway device (Fig.18 Col 23 lines 65-67 to Col 24 lines 1-15, exchange of the address filter information between the relay server 2 and the relay server 3 upon reception of a response from the relay server 3); and
in response to receiving data directed to the address included in the first address
information from the maintenance terminal via the second gateway device, the controller
is configured or programmed to transfer the received data to the apparatus assigned
with the address (Fig.19&26 Col 26 lines 3-19, the packet forwarding control information storage unit is forwarding the received packet in Sequence Number 51 to the client terminal 47 serving as the designated apparatus, the address filter information received from the relay server 2 as well as a VPN start command upon reception of the start command, and refers to the operator connection control information stored in the operator connection control information storage unit 58, to read out the designated apparatus associated with the operator ID of the operator2 received (Sequence Number 52)).

Regarding claim 22, Satomi, Tanimoto and Park disclosed all the elements of claim 21 as stated above wherein Tanimoto further discloses the second gateway device is configured or programmed to store a second address information storing the address assigned to the maintenance terminal (Fig.1-2 Col 3 lines 10-34, the address filter information communication control unit is configured to store, as address filter information associated with identification information of itself (relay server), an address of a communication apparatus that the operator has operated for making the login request and Fig.11-12 Col 18 lines 34-42, the relay server 2 stores, as the second address filter information, the address of the file server 46 received from the client terminal 47), and exchange the second address information with the first gateway device when exchanging the first address information with the first gateway device (Fig.9 Col 14 lines 22-32, exchange of the address filter information allows each of the routing apparatuses to combine the address filter information associated with itself with the address filter information associated with another routing apparatus to thereby prepare the packet forwarding control information).



Claims 15 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Satomi et al. [hereinafter as Satomi], US 9,438,639 B2 in view of Tanimoto [hereinafter as Tanimoto], US 9191320 B2 in view of Park [hereinafter as Park], US 20140085666 A1 further in view of Dawes et al. [hereinafter as Dawes], US 2017/0257257 A1.
Regarding claim 15, Satomi, Tanimoto and Park disclosed all the elements of claim 14 as stated above. 
	However, Satomi, Tanimoto and Park do not explicitly disclose if the identified apparatus is unable to communicate when the controller receives the log-in request signal, the controller is configured or programmed to attempt to activate the identified apparatus, and control the identified apparatus to log in to the relay server after the identified apparatus is activated.
	In the same field of endeavor, Dawes teaches wherein if the identified apparatus is unable to communicate when the controller receives the log-in request signal, the controller is configured or programmed to attempt to activate the identified apparatus (Fig.14 [0207], the controller of gateway-enable device attempts to active the detected apparatus), and control the identified apparatus to log in to the relay server after the identified apparatus is activated (Fig.6 [0080], control the identified device to log in to the connected iConnect server/relay server).
	Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to provide to have modified Satomi, Tanimoto and Park to incorporate the teaching of Dawes in order to enable efficient footprint of the gateway for portability, versatility, simplifying and reducing the overall cost of the deployment.		
	It would have been beneficial to use a gateway-enabled device which is assigned a unique activation key for activation with an iConnect server. This ensures that only valid gateway-enabled devices can be activated for use with the specific instance of
iConnect server in use. Attempts to activate gateway enabled devices by brute force are detected by the Security Engine as taught by Dawes to have incorporated in the system of Satomi, Tanimoto and Park to achieve optimal performance. (Dawes, Fig.6 [0080], Fig.12-13 [0171] and Fig.14 [0207])

Regarding claim 19, Satomi, Tanimoto and Park disclosed all the elements of claim 18 as stated above. 
	However, Satomi, Tanimoto and Park do not explicitly disclose if the identified apparatus is unable to communicate in response to receiving the log-in request signal, the controller is configured or programmed to attempt to activate the identified apparatus, and control the identified apparatus to log in to the relay server after the identified apparatus is activated.
	In the same field of endeavor, Dawes teaches wherein if the identified apparatus is unable to communicate in response to receiving the log-in request signal, the controller is configured or programmed to attempt to activate the identified apparatus (Fig.14 [0207], the controller of gateway-enable device attempts to active the detected apparatus), and control the identified apparatus to log in to the relay server after the identified apparatus is activated (Fig.6 [0080], control the identified device to log in to the connected iConnect server/relay server).
	Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to provide to have modified Satomi, Tanimoto and Park to incorporate the teaching of Dawes in order to enable efficient footprint of the gateway for portability, versatility, simplifying and reducing the overall cost of the deployment.		
	It would have been beneficial to use a gateway-enabled device which is assigned a unique activation key for activation with an iConnect server. This ensures that only valid gateway-enabled devices can be activated for use with the specific instance of
iConnect server in use. Attempts to activate gateway enabled devices by brute force are detected by the Security Engine as taught by Dawes to have incorporated in the system of Satomi, Tanimoto and Park to achieve optimal performance. (Dawes, Fig.6 [0080], Fig.12-13 [0171] and Fig.14 [0207])


Claim 23 is rejected under 35 U.S.C. 103 as being unpatentable over Satomi et al. [hereinafter as Satomi], US 9,438,639 B2 in view of Tanimoto [hereinafter as Tanimoto], US 9191320 B2 in view of Park [hereinafter as Park], US 20140085666 A1 further in view of Chirnomas [hereinafter as Chirnomas], US 2017/0301004 A1.
Regarding claim 23, Satomi, Tanimoto and Park disclosed all the elements of claim 18 as stated above. 
	However, Satomi, Tanimoto and Park do not explicitly disclose an automated warehouse to load and unload, transfer, and store parcels; wherein the apparatus is a monitoring apparatus installed in the automated warehouse to monitor a status of the automated warehouse.
	In the same field of endeavor, Chirnomas teaches wherein an automated warehouse to load and unload, transfer, and store parcels (Fig.1-3&6-7 [0054], an automated warehouse and Fig.1-3&10 [0163], a plurality parcel services and the facility can “load” and Fig.1-3&7 [0130], transfer the packages); wherein
the apparatus is a monitoring apparatus installed in the automated warehouse to
monitor a status of the automated warehouse (Fig.1-3&7 [0068], monitoring of the system which can monitor and Fig.1-3&9-10 [0150], the system has software which has a database which can be local or remote the store, and has ability to monitor inventory levels, and has ability to control all of the apparatus within the system and or housing which can send information over the internet to users customers suppliers, maintenance personell, owners, investors, lenders and Fig.1-3&10 [0155], the system can have cameras monitoring the security area of the system so that a person or computer at a remote site can monitor the activity in the loading area or security area of the system).
	Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to provide to have modified Satomi, Tanimoto and Park to incorporate the teaching of Chirnomas in order to provide a secure environment for an automatic system. 		
	It would have been beneficial to use the system which can have cameras monitoring the security area of the system so that a person or computer at a remote
site can monitor the activity in the loading area or security area of the system as taught by Chirnomas to have incorporated in the system of Satomi, Tanimoto and Park to enable a deliver service or remove articles or packages from the enclosure in a secure manner. (Chirnomas, Fig.1-3 [0052], Fig.1-3&6-7 [0054], Fig.1-3&7 [0068], Fig.1-3&7 [0130], Fig.1-3&9-10 [0150], Fig.1-3&10 [0155], and Fig.1-3&10 [0163])



Claim 24 is rejected under 35 U.S.C. 103 as being unpatentable over Chirnomas [hereinafter as Chirnomas], US 2017/0301004 A1 in view of Satomi et al. [hereinafter as Satomi], US 9,438,639 B2 in view of Tanimoto [hereinafter as Tanimoto], US 9191320 B2 further in view of Park [hereinafter as Park], US 20140085666 A1.
Regarding claim 24, Chirnomas discloses wherein an automated warehouse system (Fig.1-3&6-7 [0054], an automated warehouse) comprising: 
an automated warehouse to load and unload, transfer, and store parcels (Fig.1-3&6-7 [0054], an automated warehouse and Fig.1-3&10 [0163], a plurality parcel services and the facility can “load” and Fig.1-3&7 [0130], transfer the packages);
a monitoring apparatus installed in the automated warehouse to monitor a status
of the automated warehouse (Fig.1-3&7 [0068], monitoring of the system which can monitor and Fig.1-3&9-10 [0150], the system has software which has a database which can be local or remote the store, and has ability to monitor inventory levels, and has ability to control all of the apparatus within the system and or housing which can send information over the internet to users customers suppliers, maintenance personell, owners, investors, lenders and Fig.1-3&10 [0155], the system can have cameras monitoring the security area of the system so that a person or computer at a remote site can monitor the activity in the loading area or security area of the system).
	However, Chirnomas does not explicitly disclose a gateway device connected to the monitoring apparatus, the gateway device including: a network interface connected to the monitoring apparatus to perform communication with the monitoring apparatus and external communication; a storage device to store address information in which an apparatus ID of the monitoring apparatus and an address assigned to the monitoring apparatus are stored in association with each other; a controller configured or programmed to: in response to receiving a connection request to the monitoring apparatus identified by the apparatus ID from an external terminal via the network interface, send the connection request to the monitoring apparatus; and in response to receiving data directed to an address included in the address information, transfer the received data to the monitoring apparatus assigned with the address.
	In the same field of endeavor, Satomi taches wherein a gateway device connected to the monitoring apparatus (Fig.1 Col 3 lines 43-59, the device managing server 2A, the full-time connection server 2B at least one application server 3A/a gateway is connected to at least one terminal 3B/monitoring apparatus with a communication line 4, and so on in at least one Local Area Network (LAN) 50 of the application system 5), the gateway device (Fig.1-3 Col 6 lines 28-34, gateway program 1AP1 implements the functions of a device managing portion 101) including:
a network interface connected to the monitoring apparatus to perform communication with the monitoring apparatus and external communication (Fig.5 Col 6 lines 28-34, a device-specific interface 105 for communication with the apparatus and Fig.9-10 Col 9 lines 7-27, device-specific interface 301 is an interface connected to the apparatus for the operating system of the image forming apparatus 1A or for the application software 3PS and external connection communication to the full-time connection server 2B or application server 3A or device managing server 2A);
a storage device to store address information in which an apparatus ID of the
monitoring apparatus and an address assigned to the monitoring apparatus are stored
in association with each other (Fig.4 Col 5 lines 42-46, a large-capacity storage 20d and Fig.6-8 Col 6 lines 57-67, device information managing portion 201 of the device managing server 2A stores and manages the device management table 2TL1 as shown in FIG.6/storage device stores first address information, the device management table 2TL1 has records showing a device identifier 6A/apparatus ID, an account code 6B, and a device name 6C for each of the image forming apparatuses 1A connected to the full-time connection server 2B and Fig.11-14 Col 11 lines 54-60, device information managing portion 221 of the device managing server 2A stores and manages the device management table 2TL2 as shown in FIG.14 and records showing a device identifier 6A, an account code 6B, a device name 6C, and status information 6J); and
a controller (Fig.4 Col 5 lines 42-46, CPU 20a/controller) configured or programmed to:
in response to receiving a connection request to the monitoring apparatus identified by the apparatus ID from an external terminal via the network interface, send the connection request to the monitoring apparatus (Fig.4 Col 9 lines 28-46, sending the device connection request 6G to the full-time connection server 2B when the device managing server 2A is receiving the device identifier 6A/apparatus ID, the address information 6F, and the device connection request 6G (Step #741) via NIC 20g, the device connection request sending and receiving portion 202 calls an account code 6B corresponding to the device identifier 6A from the device management table 2TL1 and an image forming apparatus 1A having a gateway portion corresponding to the requested device based on the account code 6B); 
in response to receiving a connection request to the gateway device from another
gateway device via the network interface, exchange the address information with the another gateway device (Fig.9-10 Col 9 lines 28-46, when the device managing server 2A is receiving the device identifier 6A/apparatus ID, the address information 6F, and the device connection request 6G (Step #741) from the full-time connection server 2B/another gateway device via the NIC 20g, the device managing server 2A is sending and receiving (i.e., exchanging) the address information with the full-time connection server 2B/another gateway device through the device connection request sending and receiving portion 202);
and
in response to receiving data directed to the address included in the address
information, transfer the received data to the monitoring apparatus assigned with the
address (Fig.19-24 Col 18 lines 29-54, when the device managing server 2A is receiving data such as the device identifier 6A/apparatus ID to the address included in the address information 6F, and the device connection request 6G from the image forming apparatus 1A and the application server 3A/second external terminal, the device managing server 2A is transferring the device connection request 6G and so on/received data in accordance with the result of authentication based on the electronic certificate 6L/assigned with the address and Fig.9-10 Col 13 lines 15-31, the application server 3A may make the determination. In such a case, the device managing server 2A provides the application server 3A with the status information 6J (i.e., transfer the received data) for each of the image forming apparatuses 1A. With the application server 3A, if the status information 6J for the image forming apparatus 1A selected by the user indicates “active”, then the device connection request portion 302 preferably sends the device identifier 6A, the address information 6F, and the device connection request 6G to the device managing server 2A and Fig.26 Col 18 lines 43-63, the device managing server 2A transfers the received data such as the device identifier 6A/apparatus ID, an address included in the address information 6F, and the device connection request 6G to the full-time connection server 2B and the image forming apparatus 1A having a gateway portion corresponding to the requested device based on the account code 6B when receiving the device identifier 6A, the account code 6B, the address information 6F, and the device connection request 6G).
	Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to provide to have modified Chirnomas to incorporate the teaching of Satomi in order to provide predetermined service to a device outside the local area network.		
	It would have been beneficial to transfer the received data such as the device identifier 6A/apparatus ID, an address included in the address information 6F, and the device connection request 6G to the full-time connection server 2B and the image forming apparatus 1A having a gateway portion corresponding to the requested device based on the account code 6B upon the reception of the device identifier 6A, the account code 6B, the address information 6F, and the device connection request 6G as taught by Satomi to have incorporated in the system of Chirnomas to provide for increasing communication throughput. (Satomi, Fig.1 Col 1 lines 55-58, Fig.9-10 Col 13 lines 15-31, Fig.19-24 Col 18 lines 29-54 and Fig.26 Col 18 lines 43-63)
	Even though Chirnomas and Satomi discloses wherein a controller configured or programmed to: in response to receiving a connection request to the monitoring apparatus identified by the apparatus ID from an external terminal via the network interface, send the connection request to the monitoring apparatus but Satomi does not specifically disclose wherein to establish a direct communication session between the monitoring apparatus and the external terminal, in the same field of endeavor, Tanimoto teaches wherein a controller (Fig.1-4 Col 5 lines 53-67, control unit includes a connecting-target apparatus acquisition control unit, a VPN start control unit, an address filter information communication control unit, a routing session establishment control unit, and a routing control unit) configured or programmed to:
in response to receiving a connection request to the monitoring apparatus identified by the apparatus ID from an external terminal via the network interface, send the connection request to the monitoring apparatus to establish a direct communication session between the monitoring apparatus and the external terminal (Fig.10 Col 15 lines 1-21, in response to receiving the login request (Sequence Number 1) to the apparatus identified by the operator ID and passcode from operator2 communication device 22/the external terminal, the relay server 2/gateway transmits the login request/connection request to the relay server 1 apparatus together with the operator ID, the passcode, and used apparatus information (specifically, the identification information of the relay server 2) that are inputted (Sequence Number 2) in the relay communication system 100 and Fig.20-21 Col 22 lines 63-67 to Col 23 lines 1-6, transmitting the login request/ connection request to the relay server 1 on the manager side (Sequence Number 22) in response to receiving a login request (Sequence Number 21) and Fig.18 Col 24 lines 35-47, the relay server 2/gateway is directly sending a packet for direct communication session between a routing apparatus and the external terminal and Fig.24-25 Col 25 lines 21-32, in response to receiving a login request (Sequence Number 41), the connecting-side relay server 2 is transmitting the login request/connection request to the relay server 1 on the manager side (Sequence Number 42) and Fig.28-29 Col 28 lines 56-67 to Col 29 lines 1-3, the relay server 2 forwards the login request to the relay server 1 that manages the relay server 2 itself (to the relay server 1 whose management-side information storage unit 53 stores the identification information of the  relay server 2 itself). Then, in the relay server 1, authentication of the operator ID and passcode is performed in the same manner as described above).
	Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to provide to have modified Chirnomas and Satomi to incorporate the teaching of Tanimoto in order to achieve a complicated access control.		
	It would have been beneficial to use an input of the operator ID and the passcode which is requested. Then, the operator2 inputs the operator ID (Op2) and the passcode (def) of himself/herself, and enters a content thus inputted. Thus, the relay server 2 receives the login request (Sequence Number 1). The relay server 2 includes an identification information receiver unit to receive the identification information of the operator who performs a login operation. The relay server 2 transmits, to the relay server 1, the login request together with the operator ID, the passcode, and used apparatus information (specifically, the identification information of the relay server 2) that are inputted (Sequence Number 2) as taught by Tanimoto to have incorporated in the system of Chirnomas and Satomi to provide a relay server that enables a VPN to be built with flexibility and mobility in accordance with an apparatus used by an operator. (Tanimoto, Fig.1 Col 1 lines 38-41, Fig.10 Col 15 lines 1-21, Fig.20-21 Col 22 lines 63-67 to Col 23 lines 1-6, Fig.24-25 Col 25 lines 21-32 and Fig.28-29 Col 28 lines 56-67 to Col 29 lines 1-3)
	Even though Chirnomas, Satomi and Tanimoto disclose wherein in response to receiving a connection request to the monitoring apparatus identified by the apparatus ID from an external terminal via the network interface, send the connection request to the monitoring apparatus to establish a direct communication session between the monitoring apparatus and the external terminal, in the same field of endeavor, Park teaches wherein in response to receiving a connection request to the monitoring apparatus identified by the apparatus ID from an external terminal via the network interface, send the connection request to the monitoring apparatus to establish a direct communication session between the monitoring apparatus and the external terminal (Fig.14-19 [0112]-[0122], upon receiving a WiFi Direct connection request to the image forming apparatus identified the device type from an external wireless terminal, allocate/send the a network address including an IP address, a gateway address, a subnet mask, and a DNS server address/connection request to the wireless terminal apparatus to establish a WiFi direct communication session between the image forming apparatus and the external wireless terminal and Fig.11 [0108], through the user interface unit 1110).
	Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to provide to have modified Chirnomas, Satomi and Tanimoto to incorporate the teaching of Park in order to provide for controlling Internet access of a wireless terminal connected to an image forming apparatus that supports WiFi Direct, in the image forming apparatus.		
	It would have been beneficial to use the image forming apparatus which is
connected to the Internet in operation S1501, and starts operating as a GO in operation S1503. The image forming apparatus operating as a GO, upon receiving a WiFi Direct connection request from an external wireless terminal in operation S1505, identifies a device type of the wireless terminal based on device information received from the wireless terminal in operation S1507. The image forming apparatus determines whether the identified device type of the wireless terminal is an Interne-access-permitted device type in operation S1509, such that if the identified device type of the wireless terminal is the Internet-access-permitted device type, the image forming apparatus proceeds to operation S1511 to allocate a WiFi Direct interface IP address of the image forming apparatus to a gateway address to the wireless terminal and complete WiFi Direct connection as taught by Park to have incorporated in the system of Chirnomas, Satomi and Tanimoto to provide for enabling P2P communication of BLUETOOTH technology. (Park, Fig.1-2 [0005] and Fig.14-19 [0112]-[0122])


Conclusion

Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to VANNEILIAN LALCHINTHANG whose telephone number is (571)272-6859. The examiner can normally be reached Monday-Friday 10AM-6PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Edan Orgad can be reached on (571) 272-7884. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/V.L/Examiner, Art Unit 2414                                                                                                                                                                                                        
/EDAN ORGAD/Supervisory Patent Examiner, Art Unit 2414