DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This action is response to communication: response to RCE filed on 10/17/2026
Claims 1-20 are currently pending in this application.
No new IDS has been filed for this application.
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 10/17/2026 has been entered.
Response to Arguments
Applicant’s arguments concerning the rejections have been fully considered but are moot in view of new grounds of rejection. See below.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim(s) 1, 3-8, 10, 13-17, and 19 rejected under 35 U.S.C. 103 as being unpatentable over Agarwal US Patent Application Publication 2023/0016018 (Agarwal), in view of Kowalik et al. US Patent Application Publicaton 2018/0357445 (Kowalik).
As per claim 1, Agarwal teaches a method comprising: applying, by a security program executing on a first computing device, a set of rules for one or more system resources of the first computing device, each rule defining access to at least one of the one or more access system resources (Agarwal Figure 5, and throughout reference with receiving at user device a request for content; user device has a security policy/program with access rules for content; see also Figure 1, paragraph 33-35, and throughout with multiple security apparatuses that execute on multiple computing devices); receiving, by the first computing device, a request from a process on the first computing device to access at least one of the system resources of the first computing device and identified in the set of rules (Figure 4 with receiving request at user device for content); determining, by the first computing device, that the request from the processor the first computing device to access the at least one of the system resources of the first computing device is subject to a rule in the set of rules (paragraph 35 and throughout with comparing request with a rule policy); transmitting, by the first computing device, a secure access request to a second security program executing on a second computing device (see paragraph 49, 50, and throughout with multiple security apparatuses connected to one another; another computing apparatus/server may have a master policy; see paragraph 62 wherein the user device may redirect request for content to server/master entity; see also paragraph 87 wherein request is sent to master entity and master entity does the verification); receiving, from the second security program, a response to the access request (paragraph 62 wherein master entity/server may forward content to end user device; see paragraph 87-88 wherein master policy may make determination and send response to user device); providing, by the security program and to the process on the computing device, access to the at least one system resource according to the received response (paragraph 62, 88, Figure 5, and throughout wherein content is provided to end user if authorized).
Although Agarwal teaches transmitting a secure access request to a second security program, Agarwal does not explicitly teach ransmitting, by the first computing device and after determining that the request from the process to access the at least one of the system resources of the first computing device is subject to a rule in the set of rules, and prior to granting or denying the access request from the process on the first computer device, a secure access request to a second security program executing on a second computing device wherein the secure access request from the first computing device requests approval from the second computing device for the process on the first computing device to access the at least one of the system resources of the first computing device. However, this would have been obvious. For example, see Kowalik (paragraph 41-43; see paragraph 43 wherein first device/shared device may send a request to second/personal device for authorization after determining that access right management is not possible or there is no authorization data; data cannot be accessed yet on the first/shared device; see Figure 1, paragraph 35, and throughout with the credential module/security program of second device). Kowalik further teaches receiving, from the second security program, a response to the access request, wherein the response to the access request is based on user input to the second computing device (see paragraph 43 wherein second device/personal device sends permissions and grants access to first/shared device; see paragraph 44 wherein the granting of access is based on user response on GUI from the second/personal device).
At the time the invention was filed, it would have been obvious to one of ordinary skill in the art to combine the teachings of Agarwal with Kowalik. One of ordinary skill in the art would have been motivated to perform such an addition to create more security by providing authentication or authorization via other devices (paragraph 2 of Kowalik).
As per claim 3, Agarwal teaches wherein the at least one rule in theset of rules identifies a system resource covered by that rule and one or more access types covered by that rule (paragraph 47 with policy which determines what type of content and rules on devices, such as what is allowed or blocked on the user device).
As per claim 4, it would have been obvious over the Agarwal combination wherein at least one rule in the set of rules identifies a system resource covered by that rule (see Agarwal paragraph 47) and a duration of access for the associated system resource (Kowalik paragraph 49 and throughout wherein access rules may include authorization for a period of time).
As per claim 5, Agarwal teaches wherein at least one rule in the set of rules identifies a system resource covered by that rule and one or more access options associated with the access request (paragraph 47 with policy which determines reousrces and whether to allow/block or have exceptions to the particular request/resource).
As per claim 6, Agarwal teaches wherein the access request comprises an identification of the process on the computing device requesting access to the at least one system resource (the rules check whether to allow content such as particular scripts or applications; further teaches rules in regards to processes and the like).
As per claim 7 Agarwal teaches wherein the access request comprises one or more options for granting the access request (paragraph 47, with rules to determine whether to allow a request).
As per claim 8, Agarwal teaches wherein the one or more system resources include one or more of a file, a folder, an account, or a hardware component of the computing device (paragraph 47 to whether to allow content on end user device such as files).
Claim 10 is rejected using the same basis of arguments used to reject claim 1 above.
Claim 13 is rejected using the same basis of arguments used to reject claim 4 above
Claim 14 is rejected using the same basis of arguments used to reject claim 5 above.
Claim 15 is rejected using the same basis of arguments used to reject claim 6 above.
Claim 16 is rejected using the same basis of arguments used to reject claim 7 above.
Claim 17 is rejected using the same basis of arguments used to reject claim 8 above.
Claim 19 is rejected using the same basis of arguments used to reject claim 1 above.
Claim(s) 2, 11, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over the Agarwal combination Agarwal as applied above, and further in view of Sallam US Patent Application Publication 2012/0255010 (Sallam)
As per claim 2, Agarwal as modified does not explicitly teach transmitting, by the security program a request to a privileged system firmware to access the set of rules, and receiving, from the privileged system firmware, the set of rules. However, this would have been obvious. For example, see Sallam (paragraph 114 with security rules may be stored inside firmware; security rules are requested and retrieved from security agent). Further, it would have been obvious over Sallam wherein the rules are transmitted during a boot process (see paragraph 183 wherein security agent may be initiated upon startup; see also paragraph 189).
At the time the invention was filed, it would have been obvious to one of ordinary skill in the art to combine the teachings of the Agarwal combination and Sallam. One of ordinary skill in the art would have been motivated to perform such an addition to secure electronic devices (paragraph 6).
Claim 11 is rejected using the same basis of arguments used to reject claim 2 above.
Claim 20 is rejected using the same basis of arguments used to reject claim 2 above.
Claim(s) 9 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over the Agarwal combination as applied above, in view of Sallam US Patent Application Publication 2012/0255010 (Sallam), and further in view of Nenov US Patent No. 9,692,784 (Nenov).
As per claim 9, Agarwal as modified does not explicitly teach receiving, at the computing device, a request from a user to modify the set of rules; when the requested modification to the set of rules consist of adding one or more protections, then updating the set of rules according to the request. However, this would have been obvious. For example, see Sallam (pargraph 79 wherein security agent may update rules upon demand by a user.
At the time the invention was filed, it would have been obvious to one of ordinary skill in the art to combine the teachings of the Agarwal combination and Sallam. One of ordinary skill in the art would have been motivated to perform such an addition to secure electronic devices (paragraph 6).
Although the Agarwal combination teach modifying the rules, the combination does not explicitly teach wherein the modification includes adding one or more protections, or wherein the modification comprises modifying or deleting a rule, the updating is based on an authentication of the request by privileged system firmware. This would have been obvious though. Sallam already teaches the firmware authenticating agents it interacts with before performing any cations (paragraph 139). It would have been obvious to one of ordinary skill in the art to authenticate a request before performing security actions, such as updating the rules. For a further explicit teaching on a modification of rules after authentication, see Nenov (col. 13 lines 20-30, wherein if authentication is valid, a request to enable or disable a rule is allowed).
At the time the invention was filed, it would have been obvious to one of ordinary skill in the art to combine the teachings of the Agarwal combination with Nenov. One of ordinary skill in the art would have been motivated to perform such an addition to create more security by addressing attacks (col. 1 line 25-35).
Claim 18 is rejected using the same basis of arguments used to reject claim 9 above.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JASON KAI YIN GEE whose telephone number is (571)272-6431. The examiner can normally be reached on Monday-Friday 8:30-5:00 PST Pacific.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached on (571) 272-3739. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).
/JASON K GEE/Primary Examiner, Art Unit 2495