Case 3:17-cv-05659-WHA Document 349-8 Filed 01/04/19 Page 1 of 19
`Case 3:17-cv-05659-WHA Document 349-8 Filed 01/04/19 Page 1 of 19
`
`EXHIBIT 7
`EXHIBIT 7
`
`
`
`
`
`
`
`
`
`
`
`
`
`

`

`Case 3:17-cv-05659-WHA Document 349-8 Filed 01/04/19 Page 2 of 19
`Case 3:17-cv-05659-WHA Document 349-8 Filed 01/04/19 Page 2 of 19
`
`Attorney Docket No.: 60644-8007.US01
`
`PATENT
`
`IN THE UNITED STATES PATENT AND TRADEMARKOFFICE
`
`Examiner:
`
`Christopher A. Revak
`
`Art Unit:
`
`2131
`
`Confirmation No.: 5334
`
`
`
`
`
`eeeeeteetNethNae”Sean”SeaeettNeawe!SeeSane!esetSet
`
`In Re Patent Application of:
`
`Shlomo TOUBOUL
`
`Application No: 10/838,889
`
`Filed: May 3, 2004
`
`Title: METHOD AND SYSTEM FOR
`CACHING AT SECURE
`GATEWAYS
`
`Mail Stop RCE
`Commissionerfor Patents
`P. O. Box 1450
`Alexandria, VA 22313-1450
`
`AMENDMENT ACCOMPANYING REQUEST FOR CONTINUED
`EXAMINATION (RCE)
`
`Sir:
`
`In response to the Office Action dated October 4, 2007 (“the Office Action’),
`the following amendments and remarks are submitted for consideration, together
`
`with a Request for Continued Examination (RCE).
`
`Amendmentsto the specification begin on page 2 of this paper.
`
`Amendmentsto the claims are reflected in the claim listing that begins on
`
`page3 of this paper.
`
`Remarks begin on page 11 of this paper.
`
`

`

`
`
`Case 3:17-cv-05659-WHA Document 349-8 Filed 01/04/19 Page 3 of 19
`Case 3:17-cv-05659-WHA Document 349-8 Filed 01/04/19 Page 3 of 19
`
`AMENDMENTSTO THE SPECIFICATION
`
`Please amend page 11, second paragraph,as follows:
`
`Useof security profiles and security policies are described in Applicant's US
`
`Patent No. 6,092,194 entitled SYSTEM AND METHOD FOR PROTECTING A
`
`COMPUTER AND A NETWORK FROM HOSTILE DOWNLOADABLES, US Patent
`No. 6,154,844 entitled SYSTEM AND METHOD FOR ATTACHING A
`DOWNLOADABLE SECURITY PROFILE TO A DOWNLOADABLE, US Patent No.
`
`6,167,520 entitled SYSTEM AND METHOD FOR PROTECTING A CLIENT DURING
`
`RUNTIME FROM HOSTILE DOWNLOADABLES, [[and]] US Patent No. 6,480,962
`
`entitled SYSTEM AND METHOD FOR PROTECTING A CLIENT DURING
`
`
`RUNTIME FROM HOSTILE DOWNLOADABLES, US Patent No. 6,804,780 entitled
`
`SYSTEM AND METHOD FOR PROTECTING A COMPUTER AND A NETWORK
`
`
`FROM HOSTILE DOWNLOADABLES, US Patent No. 6,965,968 entitled POLICY-
`
`
`BASED CACHING, and US Patent No. 7,058,822 entitled MALICIOUS MOBILE
`
`CODE RUNTIME MONITORING SYSTEM AND METHODS.
`
`Please amend page 14, second paragraph,as follows:
`
`Otherwise, if the gateway computer determines at step 270 that the web page
`
`is to be blocked, then at step 280 the gateway computer takes an alternate action.
`
`Preferably, the alternate action is defined within the client computer's security prefie
`
`policy, and includes alternatives such as sending a notification to the client
`
`computer, sending a notification to a system administrator, sending only a portion of
`
`the requested web page, or allowing the intranet computer to decide whether or not
`
`to trust the suspicious web page.
`
`

`

`Case 3:17-cv-05659-WHA Document 349-8 Filed 01/04/19 Page 4 of 19
`Case 3:17-cv-05659-WHA Document 349-8 Filed 01/04/19 Page 4 of 19
`
`1.
`
`(Currently Amended) A computer gatewayfor an intranet of computers,
`
`CLAIM LISTING
`
`comprising:
`
`a scannerfor scanning incomingfiles from the Internet and deriving security
`
`profiles for the incoming files therefer , wherein each of the andthe security profiles
`
`comprises beingistsalist of computer commandsthat[[the]] a corresponding one of
`
`the incoming files is fiies-are programmedto perform;
`
`a file cache for storing files that have been scanned by the scanner for future
`
`access, wherein each of the storedfiles is indexed byafile identifier; and
`
`a security profile cache for storing the security profiles derived by the scanner
`
`forfites: wherein each of the security profiles is indexed in the security profile cache
`
`by a file identifier associated with a correspondingfile stored in the file cache; and
`
`a security policy cache for storing security policies for intranet computers
`
`within [[an]] the intranet, the security policies each includingalist of restrictions for
`
`files that are transmitted to a corresponding subset of the intranet computers.
`
`2-4. (Canceled)
`
`5.
`
`(Currently Amended) The computer gateway of claim [[4]] 1 wherein each
`
`of the file identifiers comprises a hash value derived from a corresponding oneof the
`
`stored files the-fileDs-are-hash-values-of files.
`
`(Currently Amended) The computer gateway of claim 5 wherein thefile
`
`cache and the security profile cache use thefile identifiers/Ds-areused to ensure
`
`6.
`
`that duplicate files are not scanned and not cached more than once.
`
`7-11. (Canceled)
`
`12.
`
`(Currently Amended) A method of operating fer-eperation-ef a network
`
`gatewayfor an intranet of computers, the method comprising:
`
`receiving a request from an intranet computerfor a file onthetntemet:
`
`determining whether the requested file resides within a file cache at the
`
`network gateway;
`
`

`

`Case 3:17-cv-05659-WHA Document 349-8 Filed 01/04/19 Page 5 of 19
`Case 3:17-cv-05659-WHA Document 349-8 Filed 01/04/19 Page 5 of 19
`
`if said determiningis affirmative:
`
`retrieving a security profile for the requestedfile from a security profile
`
`cache at the network gateway, the security profile including a list of at least one
`
`computer command that the requestedfile is programmed to perform; and
`
`if said determining is not affirmative:
`
`retrieving the requestedfile from the Internet;
`
`scanningthe retrievedfile to derive a security profile including a list of
`
`
`
`storing the retrievedfile within the file cache for future access; and
`
`storing the security profile for the retrievedfile within [[a]] the security
`
`profile cache for future access. [[;]]
`
`
`
`13 - 14. (Canceled)
`
`15.
`
`(Currently Amended) The method of claim 12 further comprising indexing
`
`the file security profile cache so that security profiles offiles are indexed according to
`
`file identifiers (IDs).
`
`16.
`
`(Original) The method of claim 15 wherein the file IDs are hash values of
`
`files.
`
`17.
`
`(Currently Amended) The methodof claim 16 further comprising
`
`managing thefile cache and the security profile cache using the file IDs so that
`
`duplicate files are not scanned and not cached morethan once.
`
`18-23. (Canceled)
`
`

`

`Case 3:17-cv-05659-WHA Document 349-8 Filed 01/04/19 Page 6 of 19
`Case 3:17-cv-05659-WHA Document 349-8 Filed 01/04/19 Page 6 of 19
`
`24.
`
`(Currently Amended) A computer-readable storage medium storing
`
`program code for causing a computer to perform the stepsof:
`
`‘receiving a request from an intranet computerfor a fileonthetatemet:
`
`determining whether the requestedfile resides within a file cache at the
`
`network gateway;
`
`if said determining is affirmative:
`
`retrieving a security profile for the requested file from a security profile
`
`cacheat the network gateway, the security profile including a list of at least one
`
`computer command that the requested file is programmed to perform; and
`
`if said determining is not affirmative:
`
`retrieving the requestedfile from the Internet:
`
`scanning the retrievedfile to derive a security profile including a list of
`
`computer commandsthat the retrievedfile is programmed to perform: determine
`
`deriving-a-securityprofilefortheretrieved-file:
`
`storing the retrieved file within the file cache for future access; and
`
`storing the security profile for the retrieved file within [[a]] the security
`
`profile cache for future access. |[[;]]
`
`
`
`25 - 29. (Canceled)
`
`30.
`
`(Currently Amended) A method of operating fer-eperation-of a network
`
`gatewayfor an intranet of computers, comprising:
`
`retrieving a requestedfile from the Internet:
`
`scanning the retrieved file to determine computer commands that the file and
`
`the-web-objects-are is programmed to perform;
`
`

`

`Case 3:17-cv-05659-WHA Document 349-8 Filed 01/04/19 Page 7 of 19
`Case 3:17-cv-05659-WHA Document 349-8 Filed 01/04/19 Page 7 of 19
`
`deriving a security profile for the retrievedfile, the security profile including a
`
`list of at least one computer commandthat the retrievedfile is programmed to
`
`perform;
`
`storing the retrieved file within a file cache of the network gateway for future
`
`access, and indexing the retrievedfile in the file cache withafile identifier (ID); and
`
`storing the security profile for the retrievedfile within a security profile cache
`
`of the network gatewayfor future access, and indexing the security profile in the
`
`security profile cache with thefile ID of the retrieved file, so that when the same file
`
`is subsequently requested from the Internet, its security profile is readily accessible
`
`from the security profile cache without the need to perform said scanning.
`
`31 - 32. (Canceled)
`
`33.
`
`(Currently Amended) The method of claim [[32]] 30 wherein the file IDs
`
`are hash valuesoffiles.
`
`34.
`
`(Original) The method of claim 33 further comprising managingthefile
`
`cache usingthe file IDs so that duplicate files are not cached more than once.
`
`35 - 38. (Canceled)
`
`39.
`
`(Currently Amended) A computer-readable storage medium storing
`
`program codefor causing a computer to perform the stepsof:
`
`retrieving a requestedfile from the Internet;
`
`scanning the retrieved file to determine computer commands thatthe file is
`
`programmedto perform;
`
`deriving a security profile for the retrieved file, the security profile including a
`
`list of at least one computer command thatthe retrievedfile is programmed to
`
`perform;
`
`storing the retrievedfile within a file cache for future access, and indexing the
`
`retrievedfile in the file cache with a file ID; and
`
`storing the security profile for the retrieved file within a security profile cache
`
`for future access, and indexing the security profile in the security profile cache with
`
`the file ID of the retrieved file, so that when the samefile is subsequently requested
`
`

`

`Case 3:17-cv-05659-WHA Document 349-8 Filed 01/04/19 Page 8 of 19
`Case 3:17-cv-05659-WHA Document 349-8 Filed 01/04/19 Page 8 of 19
`
`from the Internet, its security profile is readily accessible from the security profile
`
`cache without the need to perform the scanning.
`
`40 -42. (Canceled)
`
`43.
`
`(Currently Amended) A computer gateway for an intranet of computers,
`
`comprising:
`
`a scanner for scanning outgoingfiles from an intranet to the Internet and
`
`deriving security profiles for the outgoing files, wherein each of the security profiles
`
`comprisesa list of computer commands that the file is programmed to perform
`
`pregrammedto-perform, and
`
`a security profile cache for storing security profiles derived by the scanner,for
`
`future access, wherein each of the security profiles is indexed in the security profile
`
`cache by a file ID associated with a corresponding one of the outgoingfiles,
`
`wherein for each outgoing file, the computer gateway:
`
`checks whether a security profile for the outgoing file is stored in the
`
`security profile cache based on a file ID of the outgoing file,
`
`if the security profile for the outgoing file is stored in the security profile
`
`cache, retrieves the security profile from the security profile cache, and,
`
`if the security profile for the outgoing file is not stored in the security
`
`profile cache, passes the outgoing file to the scannerto derive a security profile for
`
`the outgoing file.
`
`
`
`44.
`
`(Currently Amended) A method of operating fer-cperation-of a network
`
`gatewayfor an intranet of computers, comprising:
`
`receiving [[a]] an outgoing file from an intranet computerfor transmission to a
`
`
`
`recipientcomputeronthe an Internet destination;
`
`determining whether a security profile for the outgoing file resides within a
`
`security profile cache of the network gateway, the security profile including a list of at
`
`least one computer command that the requestedfile is programmed to perform;
`
`

`

`Case 3:17-cv-05659-WHA Document 349-8 Filed 01/04/19 Page 9 of 19
`Case 3:17-cv-05659-WHA Document 349-8 Filed 01/04/19 Page 9 of 19
`
`if said determining is affirmative:
`
`retrieving the security profile for the outgoing file from the security profile
`
`cache; and
`
`if said determining is not affirmative:
`
`scanning the received outgoing file to derive a security profile for the
`
`received file, the security profile including a list of at least one computer command
`that the file is programmedto perform; and
`
`storing the security profile for the outgoingfile within the security profile
`
`cache, for future access.
`
`
`
`(Currently Amended) A computer-readable storage medium storing
`45.
`program code for causing a computer to perform the stepsof:
`
`receiving [[a]] an outgoing file from an intranet computerfor transmission to a
`
`
`
`recipientcomputeronthe an Internet destination:
`
`determining whether a security profile for the outgoing file resides within a
`security profile cache, the security profile including a list of at least one computer
`commandthat the requestedfile is programmedto perform:
`
`if said determining is affirmative:
`
`retrieving a security profile for the outgoing file from the security profile
`
`cache; and
`
`if said determining is not affirmative:
`
`scanning the received outgoing file to derive a security profile for the
`
`receivedfile, the security profile including a list of at least one computer command
`that the file is programmedto perform; and
`
`storing the security profile for the outgoing file within the security profile
`
`cache, for future access.
`
`

`

`Case 3:17-cv-05659-WHA Document 349-8 Filed 01/04/19 Page 10 of 19
`Case 3:17-cv-05659-WHA Document 349-8 Filed 01/04/19 Page 10 of 19
`
`
`
`46. (New) The computer gatewayof claim 1 whereinafile is purged from the
`
`file cache after an expiration period forthe file has elapsed.
`
`47.
`
`(New) The computer gatewayof claim 1 wherein a security profile is
`
`purged from the security profile cache when a correspondingfile in the file cache is
`
`re-scanned.
`
`(New) The computer gatewayof claim 1, wherein the computer gateway
`48.
`receives a requestfor a file stored among the intranet of computers:
`checksif the requestedfile is already residentin said file cache and,
`if so, retrieves the requestedfile’s security profile directly from the security
`profile cache, based on a file ID of the requested file, and,
`
`if not, retrieves the requested file and passes the retrievedfile to the scanner
`
`to derive a security profile for the requestedfile.
`
`(New) The methodof claim 12, further comprising purging a file from the
`49.
`file cache after an expiration period forthe file has elapsed.
`
`(New) The methodof claim 12, further comprising purging a security
`50.
`profile from the security profile cache when a corresponding file storedin the file
`
`cache is re-scanned.
`
`(New) The computer gateway of claim 43, wherein a security profile is
`51.
`purged from the security profile cache when a correspondingfile storedin thefile
`
`cache is re-scanned.
`
`

`

`Case 3:17-cv-05659-WHA Document 349-8 Filed 01/04/19 Page 11 of 19
`Case 3:17-cv-05659-WHA Document 349-8 Filed 01/04/19 Page 11 of 19
`
`52.
`
`(New) The method of claim 44, further comprising purging a security
`
`profile from the security profile cache when a corresponding file stored in the file
`
`cache is re-scanned.
`
`10
`
`

`

`Case 3:17-cv-05659-WHA Document 349-8 Filed 01/04/19 Page 12 of 19
`Case 3:17-cv-05659-WHA Document 349-8 Filed 01/04/19 Page 12 of 19
`
`I.
`
`Introduction
`
`REMARKS
`
`The present responseis intended to place the application in condition for
`
`allowanceand is believed to overcomeall outstanding rejections. Favorable
`
`reconsideration and allowanceof the application are respectfully requested.
`
`By this response, Applicant has cancelled claims 2-4, 7-11, 13-14, 18-23, 25-
`
`29, 31-32, 35-38 and 40-42, amended claims 1, 5, 6, 12, 15, 17, 24, 30, 33, 39 and
`
`43-45, and added new claims 46-52. No new matter has been added. Claims 1, 5,
`6, 12, 15-17, 24, 30, 33, 34, 39 and 43-52 are now pendingin this application.
`
`Hl.
`
`Amendments to the Specification
`
`Applicant has amended the specification at page 11, second paragraph, such
`that it now refers to three additional U.S. Patents each related to security profiles and
`
`security policies. No new matter has been added.
`
`Applicant has amended the specification at page 14, second paragraph, to
`
`correct a clerical error.
`
`ill.
`
`|©Amendments to the Claims
`
`Support for features in the amendedor new claims can be found in the
`
`original specification at locations presented below. These locations are provided as
`
`examples and are not intended to reflect all supporting disclosure for the claimed
`
`features. The paragraph numbersin this section reference the original specification
`
`as published in U.S. Patent Application Publication No. 2005/0005107.
`
`Various claims have been amended torecite storingfiles in a file cache for
`
`future access. Support for this feature is found in the original specification at, e.g.,
`
`paragraphs [0037]-[0038], [0054], and [0057].
`
`Various claims have been amended to recite storing security profiles in a
`
`security profile cache for future access. Support for this feature is found in the
`
`original specification at, e.g., paragraphs [0033], [0037]-[0038], and [0058].
`Various claims have been amendedto recite indexing stored files and stored
`
`security profiles using file IDs. Support for these features is found in the original
`
`specification at, e.g., paragraphs [0057], [0033]-[0036], and TablesII andIII.
`
`11
`
`

`

`Case 3:17-cv-05659-WHA Document 349-8 Filed 01/04/19 Page 13 of 19
`Case 3:17-cv-05659-WHA Document 349-8 Filed 01/04/19 Page 13 of 19
`
`New claims 46-47 and 49-52 recite the purging of files or security profiles from
`
`a file cache or a security profile cache, respectively. Support for these featuresis
`
`found in the original specification at, e.g., paragraphs [0041]-[0046].
`
`Newclaim 48 recites checking whether a requested file is stored in the file
`
`cache and taking various actions based on whetherthe requestedfile is stored in the
`
`file cache. Support for these features is found in the original specification at, e.g.,
`
`paragraphs [0057]-[0058] and FIG. 2.
`
`iV.
`
`Rejections under 35 U.S.C. § 102
`
`The Office Action rejected claims 1-45 under 35 U.S.C. § 102(b) as being
`
`allegedly anticipated by U.S. Patent No. 5,983,348 to Ji (“Ui”). The amended claims
`
`overcome these rejections for at least the following reasons.
`
`a.
`
`Brief Description of Ji
`
`Ji describes a malicious code scanner that scans an applet received over a
`
`network for potential security breaches.
`
`(See, Ji, col. 3, lines 16-44) The code
`
`scanner performs both static scanning at an HTTP proxy server and run-time
`
`scanning ataclient.
`
`(id.) The HTTP serveridentifies suspicious instructions and
`
`inserts into the applet additional code before and after the suspicious instructions
`
`(See, Ji, col. 3, lines 6-30; col. 5, lines 16-27; col. 7, line 37-col. 8, line 5; elements
`
`48, 50 and 54 of FIG. 2). The HTTPserveralso inserts monitoring code into the
`
`applet.
`
`(See, Ji, col. 3, lines 26-29) The client computer receives and runs the
`
`modified applet.
`
`(See, Ji, col. 3, lines 31-38) The inserted instructions and the
`
`monitoring code prevent the suspicious instructions from violating a security policy.
`
`(See, Ji, col. 3, lines 31-44; col. 5, lines 8-13).
`
`b.
`
`Independent Claim 1
`
`Independentclaim 1 relates to a computer gatewayfor an intranet of
`
`computers. Ji fails to teach or suggest several features recited in amended
`
`independentclaim 1, including at least the following: (1) the scanner, (2) the file
`
`cache, (3) the security profile cache, and (4) the security policy cache.
`
`1.
`
`Scanner
`
`Amended independent claim 1 recites the following:
`
`12
`
`

`

`Case 3:17-cv-05659-WHA Document 349-8 Filed 01/04/19 Page 14 of 19
`Case 3:17-cv-05659-WHA Document 349-8 Filed 01/04/19 Page 14 of 19
`
`“a scannerfor scanning incomingfiles from the Internet and
`deriving security profiles for the incoming files, wherein each
`of the security profiles comprisesa list of computer
`commands that a corresponding oneof the incomingfiles is
`programmedto perform’.
`
`Ji fails to teach or suggest this feature because the applet scannerin Ji does
`
`not derive security profiles as claimed.
`
`The Office Action compares the claimed scanner with an applet scannerthat
`
`runs on an HTTP server as discussed in Ji at column 3, lines 7-9 & 16-44. (See, the
`
`Office Action, p. 3, section 4) However, at the sametime, the Office Action
`
`comparesthe claimed security profiles with a “report” generated by a client computer
`
`in Ji. (See, Office Action, p. 2, lines 16-18) Clearly, the applet scannerin Ji does
`
`not generate the “report”. Accordingly, Ji fails to disclose “a scanner...for deriving
`security profiles”.
`
`In fact, Ji states that “[t]he only work performed on the [HTTP proxy] server 32
`is to identify suspicious applet instructions and instrument them, which is usually
`
`performedby a one time pass over the applet code”. (See, Ji, col. 6, lines 53-56,
`
`emphasis added) Thus, no scanner or other componentin the server of Ji performs
`operations such as deriving security profiles or generating reports.
`
`Additionally, Ji does not teach that the “report” comprises “alist of computer
`
`commandsthat a corresponding one of the incomingfiles is programmed to
`perform”. Because Ji does not teach that the “report” comprises “a list of computer
`
`commands’, and becausethe “report” is not generated by a scannerin a computer
`gateway, Ji fails to disclose a scanneras recited in independentclaim 1.
`
`Because Ji fails to teach or suggest the claimed scanner, amended
`
`independentclaim 1 is patentable over Ji. Accordingly, Applicant respectfully
`
`requests withdrawal of the rejection of independentclaim 1.
`
`2.
`
`File Cache
`
`Amended claim 1 recites the following:
`
`“a file cache for storing files that have been scannedby the
`scanner for future access, wherein each of the storedfiles is
`indexed bya file identifier’.
`
`13
`
`

`

`Case 3:17-cv-05659-WHA Document 349-8 Filed 01/04/19 Page 15 of 19
`Case 3:17-cv-05659-WHA Document 349-8 Filed 01/04/19 Page 15 of 19
`
`Ji fails to teach or suggest this feature because the HTTP proxy serverin Ji
`
`doesnotstore files that have already been scannedfor future access nor does the
`
`HTTP proxy server index storedfiles using a file identifier.
`
`The Office Action acknowledgesthat Ji does not explicitly describe any type
`
`of cache. (See, the Office Action, p. 2, lines 9-10) However, the Office Action
`
`maintains that the HTTP proxy server in Ji inherently stores received files in some
`
`form of cache or buffer while they are being scanned for malicious content. (See, Ji,
`
`p. 2, lines 13-16)
`While it may be true that the HTTP proxy server indi temporarily stores
`received files while they are being scanned for malicious content, the receivedfiles
`
`in Ji are not stored in a file cache for future access nor are the receivedfiles indexed
`
`by a file identifier.
`
`Because Ji does not teach a file cache as claimed, amended independent
`
`claim 1 is patentable over Ji. Accordingly, Applicant respectfully requests withdrawal
`
`of the rejection of independentclaim 1.
`
`3.
`
`Security Profile Cache
`
`Amendedclaim 1 recites the following:
`
`“a security profile cache for storing the security profiles
`derived by the scanner, wherein each of the security profiles
`is indexed in the security profile cache bya file identifier
`associated with a correspondingfile stored in the file cache’.
`
`Ji fails to teach or suggestthis feature because the HTTPproxy serverin Ji
`
`doesnot store security profiles as claimed.
`
`As discussed above, the Office Action compares the claimed security profiles
`
`with Ji’s teaching of a “report” generated by a client computer. However, since the
`
`“report” in Ji is not stored in the HTTP proxy server, and because the “report” does
`
`not include “a list of computer commands’, Ji fails to disclose a security profile cache
`
`as Claimed.
`
`Because Ji does not teach a security profile cache as claimed, amended
`
`independent claim 1 is patentable over Ji. Accordingly, Applicant respectfully
`
`requests withdrawal of the rejection of independentclaim 1.
`
`14
`
`

`

`Case 3:17-cv-05659-WHA Document 349-8 Filed 01/04/19 Page 16 of 19
`Case 3:17-cv-05659-WHA Document 349-8 Filed 01/04/19 Page 16 of 19
`
`4.
`
`Security Policy Cache
`
`Amendedclaim 1 recites the following:
`
`“a security policy cache for storing security policies for
`intranet computers within the intranet, the security policies
`eachincluding a list of restrictions forfiles that are
`transmitted to a corresponding subsetof the intranet
`computers’.
`
`Ji fails to teach or suggest this feature because rather than maintaining
`
`security policies in a cache in a computer gateway, Ji generates security policies and
`
`stores the security policies on local computers. (See, e.g., Ji, col. 7, lines 50-64 and
`
`col. 3, lines 40-44)
`
`As discussed above, the Office Action acknowledges that Ji does not explicitly
`
`describe any type of cache. Nevertheless, the Office Action maintains that some
`
`files are “inherently stored in [Ji’s] scanner’ while the files are scanned. However,
`
`because the HTTP proxyserverof Ji does not perform any scanning on individual
`
`security policies, the Office Action’s inherency argument regarding caches doesnot
`
`apply to the security policy cache.
`
`Because Ji does not teach a security policy cache as claimed, amended
`
`independentclaim 1 is patentable over Ji. Accordingly, Applicant respectfully
`
`requests withdrawal of the rejection of independent claim 1.
`
`C.
`
`Independent Claims 12 and 24
`
`Independent claims 12 and 24 relate to methods of processing requests from
`
`computers within an intranet. Ji fails to disclose several features recited in each of
`
`these claims, including at least the following: (1) determining whether a requested
`
`file resides in a file cache at a network gateway, (2) retrieving a security profile from
`a security profile cache at the network gateway, (3) scanning a retrievedfile to derive
`
`a security profile, (4) storing the retrievedfile within the file cache for future access,
`
`and (5) storing the security profile for the retrieved file within the security profile
`
`cache for future access.
`
`1.
`
`File Cache at Network Gateway
`
`As discussed abovein section IV(b)(2), Ji does not teach or suggesta file
`
`cache at a network gatewayfor storing files for future access. Accordingly, the
`
`15
`
`

`

`Case 3:17-cv-05659-WHA Document 349-8 Filed 01/04/19 Page 17 of 19
`Case 3:17-cv-05659-WHA Document 349-8 Filed 01/04/19 Page 17 of 19
`
`HTTP proxy serverin Ji never checksa file cache to determine whether it has
`
`previously stored a requested file. Because Ji fails to disclose this feature,
`
`independent claims 12 and 24 are patentable over Ji.
`
`2.
`
`Security Profile Cache at Network Gateway
`
`As discussed abovein section IV(b)(3), Ji does not teach or suggest a
`security profile cache at a network gatewayfor storing security profiles. Accordingly,
`
`Ji does not disclose this feature of claims 12 and 24. BecauseJi fails to disclose this
`
`feature, independent claims 12 and 24 are patentable over Ji.
`
`3.
`
`scanning Retrieved File to Derive Security Profile
`
`As discussed abovein section IV(b)(1), Ji does not teach or suggest a
`scanner deriving a security profile. Accordingly, independent claims 12 and 24 are
`
`patentable over Ji based onthis feature.
`
`4,
`
`Storing Retrieved File in File Cache for Future Access
`
`As discussed abovein section IV(b)(2), Ji does not teach or suggest a file
`cache at a network gatewayfor storing files for future access. Accordingly,
`
`independent claims 12 and 24 are patentable over Ji based on this feature.
`
`5.
`
`Storing Security Profile in Security Profile Cache for Future
`
`Access
`
`As discussed abovein section IV(b)(3), Ji does not teach or suggest a
`
`security profile cache at a network gateway for storing security profiles for future
`
`access. Accordingly, independent claims 12 and 24 are patentable over Ji based on
`
`this feature.
`
`d.
`
`Independent Claims 30 and 39
`
`Independentclaims 30 and 39 relate to methods of operating a network
`gatewayfor an intranet of computers. Ji fails to teach or suggest several features
`
`recited in independentclaims 30 and 39, including at least the following: (1) a
`
`network gateway deriving a security profile for a retrievedfile, (2) storing a retrieved
`file in a file cache of the network gateway for future access, (3) indexing the retrieved
`file in the file cache with a file identifier, (4) storing the security profile in a security
`
`16
`
`

`

`Case 3:17-cv-05659-WHA Document 349-8 Filed 01/04/19 Page 18 of 19
`Case 3:17-cv-05659-WHA Document 349-8 Filed 01/04/19 Page 18 of 19
`
`profile cache of the network gateway, and (5) indexing the security profile in the
`
`security profile cache using thefile identifier.
`
`The Office Action’s rejection of claim 30 relies on the same disclosure of Ji
`
`that wascited in its rejections of claims 1, 12, and 24. Accordingly, Ji’s failure to
`
`teach or suggest features (1)-(5) is addressed in the above discussions of claims 1,
`
`12, and 24.
`
`Because Ji does not disclose features (1)-(5), claims 30 and 39 are
`
`patentable over Ji. Accordingly, Applicant respectfully requests withdrawal of the
`
`outstanding rejections and allowanceof independent claims 30 and 39.
`
`e.
`
`Independent Claim 43-45
`
`Independent claims 43-45 each relates to the scanning of outgoing files. Ji
`
`includes no disclosure related to outgoing files. Accordingly, claims 43-45 are
`
`patentable over Ji based on the recitation of scanning outgoing files.
`
`Ji also fails to teach or suggestat least the following features recited in one or
`
`more of claims 43-45: (1) a scannerfor deriving security profiles, and (2) a security
`
`profile cache and related operations.
`
`As discussed abovein relation to independent claims 1, 12, and 24, Ji fails to
`
`disclose a scanner in a computer network gateway for deriving security profiles.
`
`Additionally, Ji does not include any disclosure related to checking a security profile
`
`cache for stored security profiles.
`
`In view of these distinctions, independent claims 43-45 are patentable overJi.
`
`Accordingly, Applicant respectfully requests withdrawal of the outstanding rejections
`
`and allowanceof claims 43-45.
`
`f.
`
`Dependent Claims 5-6, 15-17, and 33-34
`
`Each of dependentclaims 5-6, 15-17, and 33-34 depends from a patentable
`
`independent claim. Accordingly, each of these dependent claims is patentable over
`
`Ji based on at least the distinctions described abovein relation to the corresponding
`
`independentclaim.
`
`V.
`
`Conclusion
`
`No other issues remaining, Applicant respectfully requests withdrawal of the
`
`outstanding rejections and allowanceof the pending claims.
`
`17
`
`

`

`Case 3:17-cv-05659-WHA Document 349-8 Filed 01/04/19 Page 19 of 19
`Case 3:17-cv-05659-WHA Document 349-8 Filed 01/04/19 Page 19 of 19
`
`If the Applicant's representative can be of assistancein furthering the
`
`prosecution of this case, the Examiner is encouraged to contact the undersignedat
`
`any time, at (202) 434-1607.
`
`Dated: January 4, 2008
`
`Respectfully submitted,
`
`/Michael A. Oblon/
`By:
`Michael A. Obion
`Registration No.: 42,956
`PERKINS COIE LLP
`607 Fourteenth Street, N.W.
`Washington, DC 20005-2011
`(202) 628-6600
`(202) 434-1690 (Fax)
`Attorney for Applicant
`
`18
`
`