Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
The instant application having Application No. 17/805,811 is presented for examination by the examiner. Claims 1-20 are pending.
Response to Arguments
Applicant's arguments filed 8/7/25 have been fully considered but they are not persuasive. Applicant alleges the prior art does not explicitly teach (a) approval from the authorization layer and (b) accessing the network resource.
Regarding (a), Applicant purports a difference between the claims’ an authorization layer and the relied upon teaching in Mittermaier. In the prior art, the user had to manually request the isolation service to generate an isolated version of the requested website because the website was not an any categorized list. In the process of the isolation service generating the isolated website (0068), it can implement a series of actions (0045). One such action is first authenticating a user (0045). This is performed before the rendering of the website. It is safe to assume that if the authentication fails the website would not be rendered because otherwise there would be no need to attempt to user authentication. Thus, the rendering of the isolated request is by extension the approval from the authorization layer that was made to it. The isolation rendering occurs in Fig. 6 when the request is made to the isolation service 404. This is the safe isolation service 404 further detailed in 0045. In that passage and in 0062, greater detail is shown of the intermediary actions taken by 404 to render the isolated website. Applicant argues that authorization layer can be an API but the claim does not require that even though Mittermaier teaches using an API to retrieve the policies for authentication (0045).
Regarding (b), Applicant argues the rendered website that the user is displayed does not constitute access the protected resource. Examiner respectfully disagrees. If the user requests an article the read and the rendered visual proxy of the isolated site shows that entire article and was read by the user, one could say the user accessed the resource. Examples aside, Mittermaier explicitly calls the user viewing the rendered isolated website a safe way of accessing the content (0072) where he says, “[t]his allows users to access sensitive content, but the content remains off the untrusted device, i.e., it is rendered graphically in the secure and disposable application environment 420”. In view of the foregoing, respectfully, the rejection must be maintained.
Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.
Claims 1, 3-7, 10, 12-16, and 19 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by USP Application Publication 2020/0314121 to Mittermaier et al., hereinafter Mittermaier.
As per claims 1, 10, and 20, Mittermaier teaches a method comprising:
at a first electronic device comprising a processor and connected to a network, receiving at a browser, a first request for access to a network resource [user enters site into browser], wherein the first request comprises a first identifier [site address] of a location [website] on the network (0068);
passing the first request from the browser to a gateway [step 602];
performing, by the gateway, a comparison of the first identifier against items of a first list and items of a second list [requested site is uncategorized (0068) – therefore is not on the authorized or unauthorized list (0096)];
responsive to determining, based on the comparison, that the first identifier is not an item of the first list or an item of the second list [uncategorized], initiating, by the gateway, a data clutch process [redirect to isolation], wherein the data clutch process comprises:
sending from the gateway to a trusted device [isolation service], a request [isolation request] for manual authorization [step 603];
receiving manual authorization at the trusted device [404 receives the request – step 603];
responsive to notification of the manual authorization, passing an approval request to an authorization layer [approves rendering of website; 0068]; and
receiving, by the browser, an approval from the authorization layer in response to the approval request [browser receives rendered version of the site; 0068]; and
responsive to receiving the approval from the authorization layer, accessing the requested network resource [browser displays rendered version of the site in a tab in isolation; 0069].
As per claims 3 and 12, Mittermaier teaches the trusted device is a second electronic device (0043).
As per claims 4 and 13, Mittermaier teaches accessing the requested network resource comprises loading a webpage at the browser (0068 and 0069).
As per claims 5 and 14, Mittermaier teaches the browser and the gateway comprise applications executed by the processor at the first electronic device [native browser under incidence of the gateway is redirected to the iso service 404; 0071].
As per claims 6 and 15, Mittermaier teaches the authorization layer comprises an application programming interface between the first electronic device and an application executed at a second electronic device [user interacts with the pixel version of the website and responses are interpreted at the isolation service 404 which can then respond with updates to the rendered site transparently to the user; 0068 and 0069. This is evidence of a programming interface between the managed browser and the isolation service].
As per claims 7 and 16, Mittermaier teaches the gateway comprises an application executing at a second electronic device (0067; layer 7 proxy).
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 2, 8, 9, 11, 17, 18, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Mittermaier in view of USP Application Publication 2019/0081952 to Wood.
As per claims 2, 11, and 20, Mittermaier is silent in explicitly teaching the trusted device is the first electronic device. Wood teaches that when websites are being accessed the user of the request can approve the site (0139). Given the user control over the blacklist and whitelist provides a greater user experience where site can be added or removed. Having the user approve uncategorized website can reduce the overhead of using the isolation service more than it is needed. Furthermore, once a site is added by the user to the approved list there is no more needs to run the site in isolation mode if the site has been deemed safe. The claim is obvious because one of ordinary skill in the art can combine methods known before the effective filing date which produce predictable results.
As per claims 8 and 17, Mittermaier is silent in explicitly teaching performing the data clutch process further comprises adding the first identifier to a third list, the third list comprising unmatched identifiers. Wood, on the other hand, teaches that once a site is approved, while the session is established, other sites not having explicitly been put on a whitelist can be approved if the allowed site makes a call to those sites. This reduces the amount of browser traffic as taught by Wood (0139). In modifying Mittermaier in this way some sites could be allowed based on the relationship to approved sites. This would reduce the need for continuous rendered versions once the original site has been approved. The claim is obvious because one of ordinary skill in the art would have been motivated to combine the prior art to achieve the claimed invention and there would have been a reasonable expectation of success.
As per claims 9 and 18, the combined system of Mittermaier and Wood teaches performing by the gateway, a comparison of the first identifier against items of the third list; and responsive to determining that the first identifier is an item of the third list, accessing the requested network resource [Mittermaier: 0139; while session is running the other sites are allowed].
Conclusion
THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MICHAEL R. VAUGHAN whose telephone number is (571)270-7316. The examiner can normally be reached on Monday - Thursday, 7:30am - 5:00pm, EST. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn Feild can be reached on (571) 272-2092. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/MICHAEL R VAUGHAN/
Primary Examiner, Art Unit 2431