DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Status of Claims
Claims 1-9,11-24,26-33,35 are pending in this application.
Response to Applicant’s Arguments
Claims 1-9,11-24,26-33,35 remain rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-20 of U.S. Patent No. 11,314,858 due to missing Terminal Disclaimer.
The previous ground of rejection based on Karta reference is withdrawn in view of applicant's argument filed 11/12/2025. However, newly discovered prior art has necessitated new grounds of rejection. The delay in citation of newly discovered prior art is regretted.
Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).
The filing of a terminal disclaimer by itself is not a complete reply to a nonstatutory double patenting (NSDP) rejection. A complete reply requires that the terminal disclaimer be accompanied by a reply requesting reconsideration of the prior Office action. Even where the NSDP rejection is provisional the reply must be complete. See MPEP § 804, subsection I.B.1. For a reply to a non-final Office action, see 37 CFR 1.111(a). For a reply to final Office action, see 37 CFR 1.113(c). A request for reconsideration while not provided for in 37 CFR 1.113(c) may be filed after final for consideration. See MPEP §§ 706.07(e) and 714.13.
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The actual filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/apply/applying-online/eterminal-disclaimer.
Claims 1-9,11-24,26-33,35 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-20 of U.S. Patent No. 11,314,858. Although the claims at issue are not identical, they are not patentably distinct from each other (see table below).
Instant Application
U.S. Patent No. 11,314,858
Claim 1: A method comprising:
receiving, by a computing device, information indicating an occurrence of an event; and
based on an association between a location of a user device and a location associated with the event, causing, by the computing device:
the user device to perform an action to protect data accessible via the user device and
an action to protect one or more user accounts accessible via the user device.
Claim 1: A method comprising:
receiving, by a computing device and from a sensor, information indicating an occurrence of an event;
determining, based on the occurrence of the event, an action to protect data accessible via a user device;
determining an association between a location of the user device and a location associated with the event; and
causing, based on the association, the user device to perform the action.
Although the conflicting claims are not identical, they are not patentably distinct from each other because both are directed to a method for protecting user device data based on association between a location of the user device and a location associated with the event and is substantively-similar independent claims 8,16,23, said claims are merely a broader version of claim 1 of U.S. Patent No. 11,314,858 contains at least all of the limitations (or obvious equivalents) recited in claim 1 of the instant application.
With regard to claims of the 2-7,9-15,17-22 and 24-30, each depending from one of independent claims 1,8,16 and 23, said claims are rejected on the grounds of nonstatutory double patenting as being unpatentable over U.S. Patent No. 11,314,858 in view the foregoing nonstatutory double patenting rejection of claim 1.
Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.
Claim(s) 1-5,7-9,11-20,22-24,26-33,35 is/are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Ullom(US 2018/0260567).
Claim 1: Ullom disclose receiving, by a computing device, information indicating an occurrence of an event and receiving occurrence of an event in (page 2[0015]: The system enable the user device to execute the security application to detect when a security operation is to be performed based on the occurrence of one or events. A trigger event may, in a non limiting example, occur when the user device is located in a prohibited geographic area, when biometric data of a user does not comply with a biometric parameter or when the user device cannot authenticate a user or when the user device detects a quantity of unsuccessful login events that is more than a login threshold). Ullom disclose based on an association between a location of a user device and a location associated with the event, causing by the computing device in (page 2[0015],[0016]: occur when the user device is located in a prohibited geographic area, when biometric data of a user does not comply with a biometric parameter or when the user device cannot authenticate a user or when the user device detects a quantity of unsuccessful login events that is more than a login threshold). Ullom disclose the user device to perform an action to protect data accessible via the user device and an action to protect one or more user accounts accessible via the user device in (page 2[0016];page 3[0022-0023]: Upon detecting that the trigger event has occurred or is about to occur, the user device may perform a security operation to protect the device and/or the sensitive data that is stored in a memory associated with the user, such as locking the user device, evaluating the data stored on the user device. Preparing sensitive data may include identifying and prioritizing the sensitive data based on a level of security such as top secret, secret, confidential etc. The security operations in response include locking the user device, preventing access without authentication, which directly protects user accounts).
Claim 2: Ullom disclose event comprises at least one of: a cyberattack, detecting malware, disconnecting a device from one or more networks, or unauthorized access to a premises in (page 3[0022]; page 7[0061]).
Claim 3: Ullom disclose action comprises preventing access to the data via the user device and providing access, via the user device, to second data different from the data in (page 3[0023]).
Claim 4: Ullom disclose sending by the computing device to a second computing device located remotely from the premises, a notification indicating the occurrence of the event in (fig.6).
Claim 5: Ullom disclose action comprises one or more of encrypting the data; deleting the data from the user device or logging out of one or more accounts that are accessible via the user device in (page 3[0023]).
Claim 7: Ullom disclose determining based on an alarm state of the computing device, a classification of the event in(page 3[0022-0023]).
Claim 8: Ullom disclose receiving, by a computing device, information indicating an occurrence of a cyberattack; determining by the first computing device based on the occurrence of the cyberattack and a classification of the cyberattack, an action to protect data accessible via a second computing device and causing the second computing device to perform the action in (page 2[0015],[0016]; page 3[0022-0023]: The system enable the user device to execute the security application to detect when a security operation is to be performed based on the occurrence of one or events. A trigger event may, in a non limiting example, occur when the user device is located in a prohibited geographic area, when biometric data of a user does not comply with a biometric parameter or when the user device cannot authenticate a user or when the user device detects a quantity of unsuccessful login events that is more than a login threshold. Upon detecting that the trigger event has occurred or is about to occur, the user device may perform a security operation to protect the device and/or the sensitive data that is stored in a memory associated with the user, such as locking the user device, evaluating the data stored on the user device. Preparing sensitive data may include identifying and prioritizing the sensitive data based on a level of security such as top secret, secret, confidential etc. The security operations in response include locking the user device, preventing access without authentication, which directly protects user accounts).
Claim 9: Ullom disclose classification comprises a severity of the cyberattack in (page 3[0022-0023]).
Claim 11: Ullom disclose Karta disclose determining based on the classification of the cyberattack, an action to protect data accessible via one or more other computing devices in (page 3[0023-0024]).
Claim 12: Ullom disclose action comprises one or more of: locking the second computing device; encrypting the data; deleting the data; disconnecting the second computing device from one or more networks; disconnecting the second computing device from one or more other computing devices or storing the data to one or more other computing devices in (page 2[0016]).
Claim 13: Ullom disclose action comprises protecting an account targeted by the cyberattack in (page 3[0022-0023]).
Claim 14: Ullom disclose protecting the account comprises one or more of: requesting authentication information associated with the account; logging out of the account on the second computing device; logging out of the account one or more other computing devices; limiting access to the data via the second computing device or limiting access to the data via one or more other computing devices in (page 2[0014-0015]).
Claim 15: Ullom disclose determining an association between a location of the second computing device and a location associated with the cyberattack wherein causing the second computing device to perform the action is further based on association in (page 2[0015]).
Claim 16: Ullom disclose one or processors and memory instructions executed by the one or more processors in (fig.2). Ullom disclose receiving, by a computing device, information indicating an occurrence of an event and receiving occurrence of an event and based on an association between a location of a user device and a location associated with the event, causing the user device to perform an action to protect data accessible via the user device and action to protect one or more user accounts accessible via the user device in (page 2[0015],[0016]; page 3[0022-0023]: The system enable the user device to execute the security application to detect when a security operation is to be performed based on the occurrence of one or events. A trigger event may, in a non limiting example, occur when the user device is located in a prohibited geographic area, when biometric data of a user does not comply with a biometric parameter or when the user device cannot authenticate a user or when the user device detects a quantity of unsuccessful login events that is more than a login threshold. Upon detecting that the trigger event has occurred or is about to occur, the user device may perform a security operation to protect the device and/or the sensitive data that is stored in a memory associated with the user, such as locking the user device, evaluating the data stored on the user device. Preparing sensitive data may include identifying and prioritizing the sensitive data based on a level of security such as top secret, secret, confidential etc. The security operations in response include locking the user device, preventing access without authentication, which directly protects user accounts).
Claim 17: Ullom disclose event comprises at least one of: a cyberattack, detecting malware, disconnecting a device from one or more networks, or unauthorized access to a premises in (page 3[0022]; page 7[0061]).
Claim 18: Ullom disclose action comprises preventing access to the data via the user device and providing access, via the user device, to second data different from the data in (page 3[0023]).
Claim 19: Ullom disclose sending to a second computing device located remotely from the premises, a notification indicating the occurrence of the event in (fig.6).
Claim 20: Ullom disclose action comprises one or more of encrypting the data; deleting the data from the user device or storing a copy of the data in a different location in (page 3[0023]).
Claim 22: Ullom disclose determine based on the occurrence of the event, the action to protect data accessible via the user device in (page 2[0015-0016].
Claim 23: Ullom disclose one or processors and memory instructions executed by the one or more processors in (fig.2). Ullom disclose receiving, by a computing device, information indicating an occurrence of a cyberattack; determining by the first computing device based on the occurrence of the cyberattack and a classification of the cyberattack, an action to protect data accessible via a second computing device and causing the second computing device to perform the action in (page 2[0015],[0016]; page 3[0022-0023]: The system enable the user device to execute the security application to detect when a security operation is to be performed based on the occurrence of one or events. A trigger event may, in a non limiting example, occur when the user device is located in a prohibited geographic area, when biometric data of a user does not comply with a biometric parameter or when the user device cannot authenticate a user or when the user device detects a quantity of unsuccessful login events that is more than a login threshold. Upon detecting that the trigger event has occurred or is about to occur, the user device may perform a security operation to protect the device and/or the sensitive data that is stored in a memory associated with the user, such as locking the user device, evaluating the data stored on the user device. Preparing sensitive data may include identifying and prioritizing the sensitive data based on a level of security such as top secret, secret, confidential etc. The security operations in response include locking the user device, preventing access without authentication, which directly protects user accounts).
Claim 24: Ullom disclose classification comprises a severity of the cyberattack in (page 2[0016]).
Claim 26: Ullom disclose disclose determining based on the classification of the cyberattack, an action to protect data accessible via one or more other computing devices in (page 3[0023-0024]).
Claim 27: Ullom disclose action comprises one or more of: locking the second computing device; encrypting the data; deleting the data; disconnecting the second computing device from one or more networks; disconnecting the second computing device from one or more other computing devices or storing the data to one or more other computing devices in (page 2[0016]).
Claim 28: Ullom disclose action comprises protecting an account targeted by the cyberattack in (page 3[0022-0023]).
Claim 29: Ullom disclose protecting the account comprises one or more of: requesting authentication information associated with the account; logging out of the account on the second computing device; logging out of the account one or more other computing devices; limiting access to the data via the second computing device or limiting access to the data via one or more other computing devices in (page 2[0014-0015]).
Claim 30: Ullom disclose determining an association between a location of the second computing device and a location associated with the cyberattack wherein causing the second computing device to perform the action is further based on association in (pages 1-2[0004]).
Claim 31: Ullom disclose location of the user device is a first geographic location, and wherein the location associated with the event is a second geographic location in (pages 1-2[0004],[0015]).
Claim 32: Ullom disclose the location of the user device is a first geographic location, and wherein the location associated with the event is a second geographic location in (pages 1-2[0004],[0015]).
Claim 33: Ullom disclose causing the second computing device to transition to a protected state for a duration of the cyberattack in (page 3[0019],[0022-0023]).
Claim 35: Ullom disclose the action to protect the data accessbile via the user device comprises encrypting the data, and whereon the action to proctect the one or more user accounts comprises limiting access to content on a user account of the one or more user accounts in (page 3[0023]).
Allowable Subject Matter
Claims 6,21 objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
USPTO Contact Information
Any inquiry concerning this communication or earlier communications from the examiner should be directed to HOSUK SONG whose telephone number is (571)272-3857. The examiner can normally be reached Mon-Fri: 7:30AM-5:00PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Amir Mehrmanesh can be reached at 571-270-3351. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/HOSUK SONG/Primary Examiner, Art Unit 2435