DETAILED ACTION
713.09 Interviews Between Final Rejection and Notice of Appeal [R-08.2017]
Normally, one interview after final rejection is permitted in order to place the application in condition for allowance or to resolve issues prior to appeal. However, prior to the interview, the intended purpose and content of the interview should be presented briefly, preferably in writing. Such an interview may be granted if the examiner is convinced that disposal or clarification for appeal may be accomplished with only nominal further consideration. Interviews merely to restate arguments of record or to discuss new limitations which would require more than nominal reconsideration or new search should be denied. See MPEP § 714.13.
Interviews may be held after the expiration of the shortened statutory period and prior to the maximum permitted statutory period of 6 months without an extension of time. See MPEP § 706.07(f).
A second or further interview after a final rejection may be held if the examiner is convinced that it will expedite the issues for appeal or disposal of the application.
For interviews after notice of appeal, see MPEP § 1204.03.
Interview time will be revised to a limit of 1 hour per new application or RCE (utility)/CPA (design), when during prosecution, the examiner conducts an interview. When more than one interview is needed in an application supervisors will have the flexibility to approve additional time and ensure that the interviews are being used to advance prosecution.
Authorization for Internet Communications
The examiner encourages Applicant to submit an authorization to communicate with the examiner via the Internet by making the following statement (from MPEP 502.03):
“Recognizing that Internet communications are not secure, I hereby authorize the USPTO to communicate with the undersigned and practitioners in accordance with 37 CFR 1.33 and 37 CFR 1.34 concerning any subject matter of this application by video conferencing, instant messaging, or electronic mail. I understand that a copy of these communications will be made of record in the application file.”
Please note that the above statement can only be submitted via Central Fax (not Examiner's Fax), Regular postal mail, or EFS Web using PTO/SB/439.
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim(s) 1 – 3, 5, 9 – 11, 13, 16 – 18 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over the prior art of record, Goodman et al., (US 2007/0039038 A1) (hereinafter “Goodman”) in view of Mokashi et al., (US 10,534,934 B1) (hereinafter “Mokashi”) and Drory et al., (US 2012/0110459 A1) (hereinafter “Drory”).
Regarding claim 1, Goodman discloses; a method comprising:
displaying, by a graphical user interface (GUI) executing on a computing device, screen content on a screen [i.e., at block 504, a user interface of a Web browsing application is rendered to display the content received from the network-based resource (page 8, para 0085), (see figures 1 and 5)];
determining, by a processing device of the computing device, that the screen content comprises malicious content [i.e., the detection module 420 include algorithms for the detection of fraudulent and/or deceptive phishing web sites and domain (page 6, para 0065), (see figures 4 and 5)], wherein the determination further comprises;
detecting, by a phishing detector application [i.e., detection module 420 (see figure 4), (page 6, para 0064)], that the screen content comprises a hyperlink [i.e., the detection module 420 include algorithms for the detection of fraudulent and/or deceptive phishing web sites and domain (emphasis added) (page 6, para 0065), (see figures 4 and 5) i.e., “districbanc.com” (page 7, para 0071)];
performing a query, using the hyperlink, to a cloud phishing detection service [i.e., communicate a query to data center 402 (emphasis added) to determine if a web site is a phishing web site (page 7, para 0070), (see figure 4)], wherein the cloud phishing detection service compares the hyperlink to a database of known malicious domains [i.e., the domain detection module 420 compares the domain corresponding to the phishing website 408 to a list of known phishing websites 422 (see ref. 506 of figure 5 and 4 and ref 306 of figure 3), (page 9, para 0086), (page 7, para 0070) i.e., comparing “districbank.com” with “Districbank.com” (page 7, para 0071) i.e., the list of known phishing domains 222 includes a list of known bad URLs (page 3, para 0036), (see figure 2)] to produce a query result [i.e., a response to the query (page 3, para 0037)] indicating whether the hyperlink is malicious content [i.e., the client device 204 queries the data center 202 before each domain is visited to determine whether the particular domain is a known or suspected phishing domain (page 3, para 0037), (see ref. 308 of figure 3)]; and
using a query result [i.e., a response to the query (page 3, para 0037)] to indicate the screen content comprises the malicious content [i.e., suspected web site (page 7, para 0071), (page 9, para 0087), (see ref. 508 of figure 5)]; and
performing an operation, by the computing device, that impedes selecting the malicious content [i.e., if the user then attempts to visit a known or suspected phishing domain, the user can be blocked (page 3, para 0037)].
Goodman does not disclose;
Initiating, by an accessibility service executing on the computing device, a screen scraping function using the GUI to capture the screen content.
However, Mokashi discloses;
Initiating, by an accessibility service [i.e., accessibility service 321 is turned on (col. 5, lines 40 – 41), (see figure 3)] executing on a computing device, a function using GUI to capture screen content [i.e., the accessibility service monitors what the user is typing (col. 1, lines 30 – 35) i.e., the malware application 323 can read the sensitive information from the foreground application 319 (col. 5, lines 45 – 49), (see figure 3)].
Before the effective filing date of the claimed invention, it would have been obvious to a person of ordinary skill in the art to modify the teaching of Goodman by adapting the teachings of Mokashi to enhance the interaction of users with their mobile computing devices (col. 1, lines 40 – 41).
Goodman and Mokashi do not disclose;
a screen-scraping function.
However, Drory discloses;
Initiating a screen-scraping function [i.e., screen scraping technology (page 1, para 0008), (page 3, para 0029)] using a GUI to capture screen content [i.e., screen scraping technology include parsing of the structured data of a running application to which the GUI pertains, retrieved via the operating system (OS) (page 3, para 0029)]; and
determining that the screen content captured by the screen-scraping function [i.e., monitoring the application screen while the user is working, recognizing the content of the screen through screen scraping (page 3, para 0031)].
Before the effective filing date of the claimed invention, it would have been obvious to a person of ordinary skill in the art to modify the teaching of Goodman and Mokashi by adapting the teachings of Drory to automate adjustment of input configuration (See Drory; page 1, para 0001).
Regarding claim 2, Goodman discloses; the method of claim 1, wherein the operation further comprises:
displaying an overlay window on the screen and over the malicious content that indicates the malicious content [i.e., a warning message 618 is generated for display on display device 616 (page 10, para 0096), (see figure 6)].
Regarding claim 3, Goodman discloses; the method of claim 2, wherein the operation further comprises:
preventing selection of the malicious content [i.e., if the user then attempts to visit a known or suspected phishing domain, the user can be blocked (page 3, para 0037)].
Regarding claim 5, Goodman discloses; the method of claim 1, wherein the determining further comprises:
contacting a cloud service to analyze the screen content [i.e., communicate a query to data center 402 (emphasis added) to determine if a web site is a phishing web site (page 7, para 0070), (see figure 4)]; and
receiving, from the cloud service, an indication that the screen content comprises the malicious content [i.e., a response to the query (page 3, para 0037)].
Regarding claim 9, Goodman discloses; a system [i.e., i.e., computing environment 1000 (see figure 10), (page 11, para 0113)] comprising:
a processing device [i.e., processor 1004 (see figure 10), (page 11, para 0115)]; and
a memory storing instructions [i.e., computer readable media (page 11, para 0115), (see figure 10)] that, when executed by the processing device [i.e., (see figure 10)], cause the system to:
display, by a graphical user interface (GUI) executing on a computing device, screen content on a screen [i.e., at block 504, a user interface of a Web browsing application is rendered to display the content received from the network-based resource (page 8, para 0085), (see figures 1 and 5)];
determine that the screen content comprises malicious content [i.e., the detection module 420 include algorithms for the detection of fraudulent and/or deceptive phishing web sites and domain (page 6, para 0065), (see figures 4 and 5)], wherein to determine that the screen content captured comprises malicious content, the system is further to:
detect, by a phishing detector application [i.e., detection module 420 (see figure 4), (page 6, para 0064)], that the screen content comprises a hyperlink [i.e., the detection module 420 include algorithms for the detection of fraudulent and/or deceptive phishing web sites and domain (emphasis added) (page 6, para 0065), (see figures 4 and 5) i.e., “districbanc.com” (page 7, para 0071)];
perform a query, using the hyperlink, to a cloud phishing detection service [i.e., communicate a query to data center 402 (emphasis added) to determine if a web site is a phishing web site (page 7, para 0070), (see figure 4)], wherein the cloud phishing detection service compares the hyperlink to a database of known malicious domains [i.e., the domain detection module 420 compares the domain corresponding to the phishing website 408 to a list of known phishing websites 422 (see ref. 506 of figure 5 and 4 and ref 306 of figure 3), (page 9, para 0086), (page 7, para 0070) i.e., comparing “districbank.com” with “Districbank.com” (page 7, para 0071) i.e., the list of known phishing domains 222 includes a list of known bad URLs (page 3, para 0036), (see figure 2)] to produce a query result [i.e., a response to the query (page 3, para 0037)] indicating whether the hyperlink is malicious content [i.e., the client device 204 queries the data center 202 before each domain is visited to determine whether the particular domain is a known or suspected phishing domain (page 3, para 0037), (see ref. 308 of figure 3)]; and
us the query result [i.e., a response to the query (page 3, para 0037)] to indicate the screen content comprises the malicious content [i.e., suspected web site (page 7, para 0071), (page 9, para 0087), (see ref. 508 of figure 5)]; and
perform an operation, by the computing device, that impedes selection of the malicious content [i.e., if the user then attempts to visit a known or suspected phishing domain, the user can be blocked (page 3, para 0037)].
Goodman does not disclose;
Initiate, by an accessibility service executing on the computing device, a screen scraping function using the GUI to capture the screen content.
However, Mokashi discloses;
Initiate, by an accessibility service [i.e., accessibility service 321 is turned on (col. 5, lines 40 – 41), (see figure 3)] executing on a computing device, a function using GUI to capture screen content [i.e., the accessibility service monitors what the user is typing (col. 1, lines 30 – 35) i.e., the malware application 323 can read the sensitive information from the foreground application 319 (col. 5, lines 45 – 49), (see figure 3)].
Before the effective filing date of the claimed invention, it would have been obvious to a person of ordinary skill in the art to modify the teaching of Goodman by adapting the teachings of Mokashi to enhance the interaction of users with their mobile computing devices (col. 1, lines 40 – 41).
Goodman and Mokashi do not disclose;
a screen-scraping function.
However, Drory discloses;
Initiate a screen-scraping function [i.e., screen scraping technology (page 1, para 0008), (page 3, para 0029)] using a GUI to capture screen content [i.e., screen scraping technology include parsing of the structured data of a running application to which the GUI pertains, retrieved via the operating system (OS) (page 3, para 0029)]; and
determine that the screen content captured by the screen-scraping function [i.e., monitoring the application screen while the user is working, recognizing the content of the screen through screen scraping (page 3, para 0031)].
Before the effective filing date of the claimed invention, it would have been obvious to a person of ordinary skill in the art to modify the teaching of Goodman and Mokashi by adapting the teachings of Drory to automate adjustment of input configuration (See Drory; page 1, para 0001).
Regarding claim 10, Goodman discloses; the system of claim 9, wherein the processing device, responsive to executing the instructions, further causes the system to:
display an overlay window on the screen and over the malicious content that indicates the malicious content [i.e., a warning message 618 is generated for display on display device 616 (page 10, para 0096), (see figure 6)].
Regarding claim 11, Goodman discloses; the system of claim 10, wherein the processing device, responsive to executing the instructions, further causes the system to:
prevent selection of the malicious content [i.e., if the user then attempts to visit a known or suspected phishing domain, the user can be blocked (page 3, para 0037)].
Regarding claim 13, Goodman discloses; the system of claim 9, wherein the processing device, responsive to executing the instructions, further causes the system to:
contact a cloud service to analyze the screen content to analyze the screen content [i.e., communicate a query to data center 402 (emphasis added) to determine if a web site is a phishing web site (page 7, para 0070), (see figure 4)]; and
receive, from the cloud service, an indication that the screen content comprises the malicious content [i.e., a response to the query (page 3, para 0037)].
Regarding claim 16, Goodman discloses; a non-transitory computer readable medium, having instructions stored thereon [i.e., computer readable media (page 11, para 0115), (see figure 10)] which, when executed by a processing device, cause the processing device [i.e., (see figure 10)] to:
display, by a graphical user interface (GUI) executing on a computing device, screen content on a screen [i.e., at block 504, a user interface of a Web browsing application is rendered to display the content received from the network-based resource (page 8, para 0085), (see figures 1 and 5)];
determine that the screen content comprises malicious content [i.e., the detection module 420 include algorithms for the detection of fraudulent and/or deceptive phishing web sites and domain (page 6, para 0065), (see figures 4 and 5)], wherein to determine that the screen content comprises malicious content, the processing device is further to:
detect, by a phishing detector application [i.e., detection module 420 (see figure 4), (page 6, para 0064)], that the screen content comprises a hyperlink [i.e., the detection module 420 include algorithms for the detection of fraudulent and/or deceptive phishing web sites and domain (emphasis added) (page 6, para 0065), (see figures 4 and 5) i.e., “districbanc.com” (page 7, para 0071)];
perform a query, using the hyperlink, to a cloud phishing detection service [i.e., communicate a query to data center 402 (emphasis added) to determine if a web site is a phishing web site (page 7, para 0070), (see figure 4)], wherein the cloud phishing detection service compares the hyperlink to a database of known malicious domains [i.e., the domain detection module 420 compares the domain corresponding to the phishing website 408 to a list of known phishing websites 422 (see ref. 506 of figure 5 and 4 and ref 306 of figure 3), (page 9, para 0086), (page 7, para 0070) i.e., comparing “districbank.com” with “Districbank.com” (page 7, para 0071) i.e., the list of known phishing domains 222 includes a list of known bad URLs (page 3, para 0036), (see figure 2)] to produce a query result [i.e., a response to the query (page 3, para 0037)] indicating whether the hyperlink is malicious content [i.e., the client device 204 queries the data center 202 before each domain is visited to determine whether the particular domain is a known or suspected phishing domain (page 3, para 0037), (see ref. 308 of figure 3)]; and
us the query result [i.e., a response to the query (page 3, para 0037)] to indicate the screen content comprises the malicious content [i.e., suspected web site (page 7, para 0071), (page 9, para 0087), (see ref. 508 of figure 5)]; and
performing an operation, by the computing device, that impedes the user from selecting the malicious content [i.e., if the user then attempts to visit a known or suspected phishing domain, the user can be blocked (page 3, para 0037)].
Goodman does not disclose;
Initiate, by an accessibility service executing on the computing device, a screen scraping function using the GUI to capture the screen content.
However, Mokashi discloses;
Initiate, by an accessibility service [i.e., accessibility service 321 is turned on (col. 5, lines 40 – 41), (see figure 3)] executing on a computing device, a function using GUI to capture screen content [i.e., the accessibility service monitors what the user is typing (col. 1, lines 30 – 35) i.e., the malware application 323 can read the sensitive information from the foreground application 319 (col. 5, lines 45 – 49), (see figure 3)].
Before the effective filing date of the claimed invention, it would have been obvious to a person of ordinary skill in the art to modify the teaching of Goodman by adapting the teachings of Mokashi to enhance the interaction of users with their mobile computing devices (col. 1, lines 40 – 41).
Goodman and Mokashi do not disclose;
a screen-scraping function.
However, Drory discloses;
Initiate a screen-scraping function [i.e., screen scraping technology (page 1, para 0008), (page 3, para 0029)] using a GUI to capture screen content [i.e., screen scraping technology include parsing of the structured data of a running application to which the GUI pertains, retrieved via the operating system (OS) (page 3, para 0029)]; and
determine that the screen content captured by the screen-scraping function [i.e., monitoring the application screen while the user is working, recognizing the content of the screen through screen scraping (page 3, para 0031)].
Before the effective filing date of the claimed invention, it would have been obvious to a person of ordinary skill in the art to modify the teaching of Goodman and Mokashi by adapting the teachings of Drory to automate adjustment of input configuration (See Drory; page 1, para 0001).
Regarding claim 17, Goodman discloses; the non-transitory computer readable medium of claim 16, wherein the processing device is to:
display an overlay window on the screen and over the malicious content that indicate the malicious content [i.e., a warning message 618 is generated for display on display device 616 (page 10, para 0096), (see figure 6)].
Regarding claim 18, Goodman discloses; the non-transitory computer readable medium of claim 17, wherein the processing device is to:
prevent selection of the malicious content [i.e., if the user then attempts to visit a known or suspected phishing domain, the user can be blocked (page 3, para 0037)].
Regarding claim 20, Goodman discloses; the non-transitory computer readable medium of claim 16, wherein the processing device is to:
contact a cloud service to analyze the screen content to analyze the screen content [i.e., communicate a query to data center 402 (emphasis added) to determine if a web site is a phishing web site (page 7, para 0070), (see figure 4)]; and
receive, from the cloud service, an indication that the screen content comprises the malicious content [i.e., a response to the query (page 3, para 0037)].
Claim(s) 4, 12 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Goodman in view of Mokashi and Drory as applied to claims 1, 9 and 16 above, and further in view of the prior art of record, FILATOV et al., (US 2015/0160813 A1) (hereinafter “FILATOV”).
Regarding claim 4, Goodman discloses; the method of claim 3, wherein the screen content comprises first screen content, the method further comprising: determining that the first screen content comprises the malicious content [i.e., (see claim 3 above)].
Goodman, Mokashi and Drory do not disclose;
determining that the second screen content comprises non-malicious content; and responsive to determining that the second screen content comprises the non-malicious content, displaying the overlay window over the first screen content and allowing selection of the second screen content.
However, FILATOV discloses;
the screen content comprises first screen content and second screen content, the method further comprising:
determining that the first screen content comprises the malicious content [i.e., after the link revealed a malicious application (page 4, para 0050), (see figure 3), (page 2, para 0025), (see figure 1) i.e., in step 212, the analyzer 120 determines if the interface element is restricted by comparing the element against known restricted elements from the database 140 (page 3, para 0048), (see step 212 of figure 2), (page 2, para 0025), (see figure 1) i.e., determined by content analysis (page 2, para 0029) i.e., the restricted elements belong to a malware application (page 2, para 0022)];
determining that the second screen content comprises non-malicious content [i.e., two bottom screen shots in figure 3 depicts that determining top corner of the screen is displaying a malicious link and rest of the screen is displaying non-malicious content (page 4, para 0050), (see figure 3)]; and
responsive to determining that the second screen content comprises the non-malicious content, displaying the overlay window over the first screen content and allowing selection of the second screen content [i.e., two bottom screen shots in figure 3 depicts that determining top corner of the screen is displaying a malicious link and rest of the screen is displaying non-malicious content. Further, the right bottom screen shot depicts that covering the malicious link with a “Forbidden” warning and keeping the rest of the screen as is (page 4, para 0050), (see figure 3)].
Before the effective filing date of the claimed invention it would have been obvious to a person of ordinary skill in the art to modify the teachings of Goodman, Mokashi and Drory by adapting the teachings of FILATOV to limit the access of certain interface elements (See FILATOV; page 1, para 0007).
Regarding claim 12, Goodman discloses; the system of claim 11, wherein the screen content comprises first screen content [i.e., (see claim 11 above)].
Goodman and Park do not disclose;
determine that the second screen content comprises non-malicious content; and responsive to determining that the second screen content comprises the non-malicious content, display the overlay window over the first screen content and allowing selection of the second screen content.
However, FILATOV discloses;
determine that the first screen content comprises the malicious content [i.e., after the link revealed a malicious application (page 4, para 0050), (see figure 3), (page 2, para 0025), (see figure 1) i.e., in step 212, the analyzer 120 determines if the interface element is restricted by comparing the element against known restricted elements from the database 140 (page 3, para 0048), (see step 212 of figure 2), (page 2, para 0025), (see figure 1) i.e., determined by content analysis (page 2, para 0029) i.e., the restricted elements belong to a malware application (page 2, para 0022)];
determine that the second screen content comprises non-malicious content [i.e., two bottom screen shots in figure 3 depicts that determining top corner of the screen is displaying a malicious link and rest of the screen is displaying non-malicious content (page 4, para 0050), (see figure 3)]; and
responsive to determining that the second screen content comprises the non-malicious content, display the overlay window over the first screen content and allowing selection of the second screen content [i.e., two bottom screen shots in figure 3 depicts that determining top corner of the screen is displaying a malicious link and rest of the screen is displaying non-malicious content. Further, the right bottom screen shot depicts that covering the malicious link with a “Forbidden” warning and keeping the rest of the screen as is (page 4, para 0050), (see figure 3)].
Before the effective filing date of the claimed invention it would have been obvious to a person of ordinary skill in the art to modify the teachings of Goodman, Mokashi and Drory by adapting the teachings of FILATOV to limit the access of certain interface elements (See FILATOV; page 1, para 0007).
Regarding claim 19, Goodman discloses; the non-transitory computer readable medium of claim 18, wherein the screen content comprises first screen content [i.e., (see claim 18 above)].
Goodman and Park do not disclose;
determine that the second screen content comprises non-malicious content; and responsive to determining that the second screen content comprises the non-malicious content, display the overlay window over the first screen content and allowing selection of the second screen content.
However, FILATOV discloses;
determine that the first screen content comprises the malicious content [i.e., after the link revealed a malicious application (page 4, para 0050), (see figure 3), (page 2, para 0025), (see figure 1) i.e., in step 212, the analyzer 120 determines if the interface element is restricted by comparing the element against known restricted elements from the database 140 (page 3, para 0048), (see step 212 of figure 2), (page 2, para 0025), (see figure 1) i.e., determined by content analysis (page 2, para 0029) i.e., the restricted elements belong to a malware application (page 2, para 0022)];
determine that the second screen content comprises non-malicious content [i.e., two bottom screen shots in figure 3 depicts that determining top corner of the screen is displaying a malicious link and rest of the screen is displaying non-malicious content (page 4, para 0050), (see figure 3)]; and
responsive to determining that the second screen content comprises the non-malicious content, display the overlay window over the first screen content and allowing selection of the second screen content [i.e., two bottom screen shots in figure 3 depicts that determining top corner of the screen is displaying a malicious link and rest of the screen is displaying non-malicious content. Further, the right bottom screen shot depicts that covering the malicious link with a “Forbidden” warning and keeping the rest of the screen as is (page 4, para 0050), (see figure 3)].
Before the effective filing date of the claimed invention it would have been obvious to a person of ordinary skill in the art to modify the teachings of Goodman, Mokashi and Drory by adapting the teachings of FILATOV to limit the access of certain interface elements (See FILATOV; page 1, para 0007).
Claim(s) 7, 8 and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Goodman in view of Mokashi and Drory as applied to claims 1 and 9 above, and further in view of the prior art of record, Ingleby (US 2023/0319075 A1) (hereinafter “Ingleby”).
Regarding claim 7, Goodman discloses; the method of claim 1 [i.e., (see claim 1 above)].
Goodman, Mokashi and Drory do not disclose;
wherein the computing device is coupled to a virtual private network (VPN), and wherein the operation further comprises: instruct the VPN to block a network connection corresponding to the malicious content.
However, Ingleby discloses;
a computing device is coupled to a virtual private network (VPN), and wherein operation further comprises: instruct the VPN to block a network connection corresponding to malicious content [i.e., prohibit device 230 from connecting to private network 250 i.e., blocking a VPN connection until the security threat is resolved (page 5, para 0043), (see figure 2)].
Before the effective filing date of the claimed invention it would have obvious to a person of ordinary skill in the art to modify the teachings of Goodman, Mokashi and Drory by adapting the teachings of Ingleby to perform network access control actions on assets that are outside of a private network (See Ingleby; page 1, para 0002).
Regarding claim 8, Goodman discloses; the method of claim 1 [i.e., (see claim 1 above)].
Goodman, Mokashi and Drory do not disclose;
wherein the operation further comprises: identifying a malicious application executing on the computing device that initiated the malicious content to be displayed on the screen; and uninstalling the malicious application from the computing device.
However, Ingleby discloses;
identifying a malicious application executing on the computing device that initiated the malicious content to be displayed on the screen; and uninstalling the malicious application from the computing device [i.e., one security measure is to uninstall application 248 (page 5, para 0043), (see figure 2)].
Before the effective filing date of the claimed invention it would have obvious to a person of ordinary skill in the art to modify the teachings of Goodman, Mokashi and Drory by adapting the teachings of Ingleby to perform network access control actions on assets that are outside of a private network (See Ingleby; page 1, para 0002).
Regarding claim 15, Goodman discloses; the system of claim 9 [i.e., (see claim 9 above)].
Goodman, Mokashi and Drory do not disclose;
wherein the computing device is coupled to a virtual private network (VPN), wherein the processing device, responsive to executing the instructions, further causes the system to: instruction the VPN to block a network connection corresponding to the malicious content.
However, Ingleby discloses;
wherein a computing device is coupled to a virtual private network (VPN), wherein a processing device, responsive to executing the instructions, further causes the system to: instruct the VPN to block a network connection corresponding to the malicious content [i.e., prohibit device 230 from connecting to private network 250 i.e., blocking a VPN connection until the security threat is resolved (page 5, para 0043), (see figure 2)].
Before the effective filing date of the claimed invention it would have obvious to a person of ordinary skill in the art to modify the teachings of Goodman, Mokashi and Drory by adapting the teachings of Ingleby to perform network access control actions on assets that are outside of a private network (See Ingleby; page 1, para 0002).
Response to Arguments
Applicant’s arguments with respect to pending claim(s) have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SYED A RONI whose telephone number is (571)270-7806. The examiner can normally be reached M-F 9:00-5:00 pm (EST).
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey L Nickerson can be reached at (469) 295-9235. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/SYED A RONI/Primary Examiner, Art Unit 2432