DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This office correspondence is in response to the application number 18/391414 filed on December 20, 2023.
Claims 1 – 14 are pending.
Claims 1 – 14 are rejected.
Authorization for Internet Communications
The examiner encourages Applicant to submit an authorization to communicate with the examiner via the Internet by making the following statement (from MPEP 502.03):
“Recognizing that Internet communications are not secure, I hereby authorize the USPTO to communicate with the undersigned and practitioners in accordance with 37 CFR 1.33 and 37 CFR 1.34 concerning any subject matter of this application by video conferencing, instant messaging, or electronic mail. I understand that a copy of these communications will be made of record in the application file.”
Please note that the above statement can only be submitted via Central Fax (not Examiner's Fax), Regular postal mail, or EFS Web using PTO/SB/439.
Priority
This application claims priority from U.S. Provisional Application No. 63/470,880, entitled “USER INTERFACES AND METHODS FOR ENABLING A SECURITY MODE,” filed June 3, 2023. As the filing date of the instant application is less than one year from the filing date of the provisional application, the applicant is entitled to a priority date of 6/3/2023.
Double Patenting Analysis
The applicant has filed application 18/952669 which is co-pending with the instant application and names the inventor or at least one joint inventor in common, and is directed to similar subject matter as the instant application. At this time of examination, the instant application appears to claim only subject matter directed to an invention that is independent and distinct from that claimed in the co-pending application. Therein, no non-statutory Double Patenting rejections have been applied. The applicant is required to maintain a clear line of demarcation between the applications during prosecution, as the Double Patenting analysis can be revisited if the claims of the instant application and the co-pending application converge to claiming the same subject matter. The applicant may wish to proactively file a terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) to overcome possible future Double Patenting rejections.
35 USC § 101 Analysis
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 1 – 14 are directed to statutory subject matter and are not rejected under 35 USC 101 because of a judicial exception. The claimed subject matter is integrated into a practical application under Prong 2 of the Step 2A analysis described in MPEP 2016.04(d). The claims are directed to non-abstract improvements in computer related technology. A claim is non-statutory when it is directed to a judicial exception (e.g. either one of mathematical concepts, mental processes, or certain methods of organizing human activity) without significantly more. The claimed invention is not directed to a judicial exception. Instead, the claimed invention is directed to a technological improvement for enabling a security mode at one or more computer systems such that at a computer system that is in communication with a display generation component and one or more input devices: receiving, via the one or more input devices, a request to enable a security mode at the computer system, wherein the computer system is associated with a user account; and in response to receiving the request to enable the security mode at the computer system: in accordance with a determination that a set of one or more electronic devices other than the computer system are associated with the user account, displaying a respective user interface that includes one or more options for enabling the security mode at the set of one or more electronic devices and the computer system; and in accordance with a determination that a set of one or more electronic devices other than the computer system are not associated with the user account, enabling the security mode at the computer system without displaying the respective user interface that includes one or more options for enabling the security mode at the set of one or more electronic devices and the computer system. The ordered steps of the claimed invention provides a specific improvement for enabling a security mode at one or more computer systems through the more efficient method and interface recited in the claimed invention and addresses a known problem in the art to reduce the cognitive burden on a user and produce a more efficient human-machine interface. For battery-operated computing devices, such methods and interfaces conserve power and increase the time between battery charges, such that computer system security is improved.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1 – 11 and 13 – 14 are rejected under 35 U.S.C. 103 as being unpatentable over Zimny et al. U.S. 2019/0103966 A1; herein referred to as Zimny) in view of Sadovsky et al. (U.S. 2015/0180894 A1; herein referred to as Sadovsky in further view of Fitzgerald et al. (U.S. 2013/0091564 A1; herein referred to as Fitzgerald).
In regard to claim 1,Zimny teaches A computer system configured to communicate with a display generation component and one or more input devices (see Fig. 12 ¶ [0135] “ . . . In FIG. 12, a flowchart 1200 for transmitting a “lockdown-all” command for locking all lock-type devices of a local network of interconnected devices is shown. The “lockdown-all” command, in this scenario, is intended to toggle all lock-type device nodes of the local network to their locked state. To begin, the network administrator device displays one or more commands available for the device nodes of the local network (1202), e.g., the “lockdown-all” command in this example. The network administrator device then receives, from the administrator, a selection of the “lockdown-all” command (1204). The network administrator device then transmits a message with the “lockdown-all” command to the device management server (1206). In some example implementations, the network administrator device may encrypt the “lockdown-all” command included in the message, e.g., using an encryption key associated with the user account of the local network . . .”) , comprising:
one or more processors (see ¶ [0163] “ . . . One or more aspects of the disclosure may be embodied in computer-usable or readable data and/or computer-executable instructions, such as in one or more program modules, executed by one or more computers or other devices as described herein. Generally, program modules include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types when executed by a processor in a computer or other device. The modules may be written in a source code programming language that is subsequently compiled for execution, or may be written in a scripting language such as, e.g., HTML, XML, JavaScript, and the like. . . .”) ; and
memory storing one or more programs configured to be executed by the one or more processors (see ¶ [0163] “. . . The executable instructions may be stored on a computer readable medium such as a hard disk, optical disk, removable storage media, solid state memory, RAM, ROM, etc. The functionality of the program modules may be combined or distributed as desired in various embodiments. In addition, the functionality may be embodied in whole or in part in firmware or hardware equivalents such as integrated circuits, field programmable gate arrays (FPGAs), and the like. Various data structures may be used to more effectively implement one or more aspects of the disclosure, and such data structures are contemplated to be within the scope of the executable instructions and computer-usable data described herein. . . .”), the one or more programs including instructions for:
receiving, via the one or more input devices, a request to enable a security mode (e.g. lockdown mode) at the computer system, wherein the computer system is associated with a user account (see ¶ [0135] as described above and incorporated herein) see ¶ [0055] “. . . The user profiles 116 stored at the data store 114 include individual user profiles for users each having established respective local networks of interconnected devices. Individual user profiles 116, in this example, include data corresponding to a unique identifier for the user (e.g., a user account number, a username, an email address, a phone number, and the like). Individual user profiles 116 may also include data corresponding to login credentials (e.g., a username and a salted and hashed password) ; and
in response to receiving the request to enable the security mode at the computer system (see ¶ [0136] “. . . Upon receipt of the “lockdown-all” command, the device management server generates a locking instruction (1208) . . .”):
Zimny fails to explicitly teach
in accordance with a determination that a set of one or more electronic devices other than the computer system are associated with the user account, displaying a respective user interface that includes one or more options for enabling the security mode at the set of one or more electronic devices and the computer system; and
in accordance with a determination that a set of one or more electronic devices other than the computer system are not associated with the user account, enabling the security mode at the computer system without displaying the respective user interface that includes one or more options for enabling the security mode at the set of one or more electronic devices and the computer system.
However Sadovsky teaches in accordance with a determination that a set of one or more electronic devices other than the computer system are associated with the user account, displaying a respective user interface that includes one or more options for enabling the security mode at the set of one or more electronic devices and the computer system (see Fig. 1 Display 115 ¶ [0019] “. . . an authorized user may configure the events that are used by anomaly detector 26 to detect anomalous activity. In the current example, a Graphical User Interface (GUI) for event configuration 117 is displayed and is configured to receive event selection and configuration information from a user. For example, the user may select all or a portion of the events that are monitored by the online service for one or more accounts. In the current example, display 115 shows that the authorized user has selected to use change permission events and add account events but not to use login events when detecting anomalous activity. Other configuration information may also be received, such as, but not limited to weighting information; aggregation profiles and the like . . .”; see Fig, 4 ¶¶ [0041-0042] “ .. . FIG. 4 shows example Graphical User Interfaces (GUIs) for viewing and configuring events relating to anomaly detection. The GUIs shown in FIG. 4 are for illustrative purposes and are not intended to be limiting. The first GUI that is shown is an event configuration 410 display that shows an exemplary GUI for selecting and configuring events to be monitored for anomaly detection for an online service. Event categories 415 section shows different categories of events that may be selected for monitoring. While four event categories are shown, many other event categories may be displayed. According to an embodiment, each event and category of event that is monitored by the online service may be selected for use in anomaly detection. In the current example, the event categories that are shown in event configuration 410 includes account logon events, account management events, object access events and policy change events. As illustrated a user 430 is selecting the account management events category . . .” ).
It would have been obvious to one with ordinary skill in the art before the effective filing date of the applicant’s application to incorporate a system and method for anomaly detection in a network of devices belonging to a user account and to enable a user associated with the account to react to the anomaly by configuring the devices to operate in a secure mode using options provided on a displayed user interface, as taught by Sadovsky, into a system and method for executing a lockdown of devices in response to a request from a user associated with an account that is authorized to implement security policies for the device, as taught by Zimny. Such incorporation provides the ability for a display interface to make security mode changes to devices associated with an account.
The combination of Zimny and Sadovsky fails to explicitly teach but however Fitzgerald teaches in accordance with a determination that a set of one or more electronic devices other than the computer system are not associated with the user account (see ¶ [0046] “ . . . an application may reside in a read-only memory of the mobile device detects that a security compromise event has occurred. In selected instances, the application may not be terminated by a current user of the mobile device if the current user is not the authorized user, providing additional security to prohibit unauthorized users from tampering with security protocols. . . .”), enabling the security mode at the computer system without displaying the respective user interface that includes one or more options for enabling the security mode at the set of one or more electronic devices and the computer system (see ¶ [0086] “ . . . The functionality of a mobile device can be altered in any manner in response to a security compromise event, including partially or completely disabling features of the device and/or providing functionality not available prior to the security compromise event. . .”)
It would have been obvious to one with ordinary skill in the art before the effective filing date of the applicant’s application to incorporate a system and method for detecting unauthorized use of a device and in response to a security compromise event, disabling the features of the device, as taught by Fitzgerald into a system and method for executing a lockdown of devices in response to a request from a user associated with an account that is authorized to implement security policies for the device, such action the result of anomaly detection in a network of devices belonging to a user account and to enable a user associated with the account to react to the anomaly by configuring the devices to operate in a secure mode using options provided on a displayed user interface, such as a device lockdown as taught by the combination of Zimny and Sadovsky. Such incorporation assures that a non-authorized user is not permitted to lockdown or authorize tamper with the devices.
In regard to claim 2, the combination of Zimny, Sadovsky, and Fitzgerald teaches wherein:
the security mode is disabled at the computer system in response to a request to disable the security mode received at the computer system (see Zimny ¶ [0160] “ . . . The contextual menu may include selectable options for issuing the lock/unlock commands as described above as well as commands to enable/disable the lock-type device, assign it to a define device node group, issue a status update command, remove it from the local network of interconnected devices, . . .”) ; and
the security mode is disabled at a first electronic device in the set of one or more electronic devices in response to a request to disable the security mode received at the first electronic device (see Sadovsky ¶ [0070] “ . . . A member was added or removed to a security-enabled universal group; A security-enabled universal group was created, changed or deleted; A member was added or removed to a security-disabled universal group . . .”).
The motivation to combine the references is described for the rejection of claim 1 and is incorporated herein. Additionally, Sadovsky can enable a request to a specific device.
In regard to claim 3, the combination of Zimny, Sadovsky, and Fitzgerald teaches the one or more programs further including instructions for:
while the security mode is enabled at the computer system, receiving a set of one or more inputs corresponding to a request to initiate a process for disabling the security mode (see Sadovsky ¶ [0070] “ . . . A member was added to a security-disabled local group or removed from a security-disabled local group . . .”; ¶ [0081] “ . . . The display 1205 of the mobile computing device 1200 may also function as an input device (e.g., a touch screen display). If included, an optional side input element 1215 allows further user input. ; and
in response to receiving the set of one or more inputs corresponding to a request to initiate the process for disabling the security mode (see Sadovsky ¶ [0070] “ . . . A member was added or removed to a security-enabled universal group; A security-enabled universal group was created, changed or deleted; A member was added or removed to a security-disabled universal group . . .”) :
in accordance with a determination that the set of one or more electronic devices other than the computer system are associated with the user account, displaying a user interface that includes one or more options for initiating a process to disable the security mode at the computer system and the set of one or more electronic devices (see Sadovsky Fig. 1 Display 115 ¶ [0019] “. . . an authorized user may configure the events that are used by anomaly detector 26 to detect anomalous activity. In the current example, a Graphical User Interface (GUI) for event configuration 117 is displayed and is configured to receive event selection and configuration information from a user. For example, the user may select all or a portion of the events that are monitored by the online service for one or more accounts. In the current example, display 115 shows that the authorized user has selected to use change permission events and add account events but not to use login events when detecting anomalous activity. Other configuration information may also be received, such as, but not limited to weighting information; aggregation profiles and the like . . .”; see Sadovsky Fig, 4 ¶¶ [0041-0042] “ .. . FIG. 4 shows example Graphical User Interfaces (GUIs) for viewing and configuring events relating to anomaly detection. The GUIs shown in FIG. 4 are for illustrative purposes and are not intended to be limiting. The first GUI that is shown is an event configuration 410 display that shows an exemplary GUI for selecting and configuring events to be monitored for anomaly detection for an online service. Event categories 415 section shows different categories of events that may be selected for monitoring. While four event categories are shown, many other event categories may be displayed. According to an embodiment, each event and category of event that is monitored by the online service may be selected for use in anomaly detection. In the current example, the event categories that are shown in event configuration 410 includes account logon events, account management events, object access events and policy change events. As illustrated a user 430 is selecting the account management events category . . .” ) ; and
in accordance with a determination that the set of one or more electronic devices other than the computer system are not associated with the user account, disabling the security mode at the computer system without displaying the user interface that includes one or more options for initiating a process to disable the security mode at the computer system and the one or more electronic devices (see Fitzgerald ¶ [0046] “ . . . an application may reside in a read-only memory of the mobile device detects that a security compromise event has occurred. In selected instances, the application may not be terminated by a current user of the mobile device if the current user is not the authorized user, providing additional security to prohibit unauthorized users from tampering with security protocols. . . .”; see Fitzgerald ¶ [0086] “ . . . . The functionality of a mobile device can be altered in any manner in response to a security compromise event, including partially or completely disabling features of the device and/or providing functionality not available prior to the security compromise event. . .”)).
The motivation to combine the references is described for the rejection of claim 1 and is incorporated herein. Additionally, Sadovsky and Fitzgerald perform the functions when the security operations are disabled.
In regard to claim 4, the combination of Zimny, Sadovsky, and Fitzgerald teaches the one or more programs further including instructions for:
in response to receiving the request to enable the security mode at the computer system and in accordance with the determination that the set of one or more electronic devices other than the computer system are associated with the user account, forgoing enabling the security mode at the computer system (see Zimny ¶ [0058] “ . . . . The access portal 112, in this example, is also configured to authenticate the access device 104e based on login credentials provided by to the access device by the user and subsequently transmitted to the access portal. Upon successful authentication, the access portal 112 may provide a dashboard interface (“dashboard”) at which the user may access and manage the devices of the network 100 that are associated with the user account of the user. The access device 104e may present the dashboard to the user and accept input from the user. Through the dashboard, the user may, for example, check the status of device nodes 106 in the network 100, issue commands to device nodes, toggle activation of the device nodes, add device nodes to the network, remove device nodes from the network, view audit logs associated with the device nodes, view access devices currently authorized to communicate with the device nodes, view invitations to other access devices . . .”)
In regard to claim 5, the combination of Zimny, Sadovsky, and Fitzgerald teaches wherein displaying the respective user interface that includes one or more options for enabling the security mode at the set of one or more electronic devices (see Fitzgerald ¶ [0138] “ . . . authorized users wishing to subscribe to a service providing monitoring and protection of their mobile devices can access a web site hosted by the host server 860 to create an account, pay for the service, identify one or more mobile devices to be protected, select options for the service, identify how the functionality of the device should be altered (e.g. features to implement or restrict) in the event the mobile device is lost or stolen .. . “) and the computer system includes:
displaying a first enable option that is selectable to enable the security mode at the computer system without enabling the security mode at the set of one or more electronic devices other than the computer system (see Fitzgerald ¶ [0159] “ . . . providing on a display of the mobile device an indication to an unauthorized user that security software has been activated and one or more options pertaining to the activation of the security software may be selected. These options may be provided to an unauthorized user as well as to an authorized user. One or more of the options pertaining to the activation of the security software includes an option to deactivate the security software, which, when selected, at 6592, provides an indication that the security software is deactivated even though the security software remains active. . . .”); and
displaying a second enable option that is selectable to enable the security mode at the computer system and the set of one or more electronic devices (see Fitzgerald ¶ [0086] “ . . . , display a pre-stored message or image, instructing the user in regards to returning the device to the authorized user. The application may reside on a hardware component within the mobile device, such as a SIM card installed in a mobile phone or laptop computer. The message may also be presented at any desired time or in response to any desired event, such as when the current user is attempting to utilize the mobile device (e.g., by placing a call on a mobile telephone . . . “).
The motivation to combine the references is described for the rejection of claim1 and is incorporated herein. Additionally, Fitzgerald applies menus for making operational; security decisions for the device.
In regard to claim 6, the combination of Zimny, Sadovsky, and Fitzgerald teaches wherein enabling the security mode at the computer system without enabling the security mode at the set of one or more electronic devices other than the computer system (see Fitzgerald ¶ [0159] as described for the rejection of claim 5 and is incorporated herein) includes:
initiating a process for displaying within a predetermined period of time, at the set of one or more electronic devices other than the computer system, a notification that is selectable to enable the security mode at the set of one or more electronic devices other than the computer system (see Fitzgerald ¶ [0063] “ . . . a mobile device may be configured to assume a low-power, quiescent, or standby state, whereby the device may receive notifications from an authorized user or server such as a server administered by a security authority. Upon receiving such notification, the mobile device may take action at an appropriate time, based on contents of the notification. The mobile device may transition from a standby state to poll a server to determine whether a notification is waiting, and if so, downloads and acts upon the contents of the notification. Additionally or alternatively, the mobile device has a buffering provision that is capable of receiving notifications transmitted by a server or security authority, and acting upon the contents of the message at an appropriate time, such as when the message is received or at a predetermined time interval. . . .”).
The motivation to combine the references is described for the rejection of claim 1 and is incorporated herein. Additionally, Fitzgerald enables modifications to be shown to a user regarding the security state of the device.
In regard to claim 7, the combination of Zimny, Sadovsky, and Fitzgerald teaches wherein enabling the security mode at the computer system and the set of one or more electronic devices (see Zimny ¶¶ [0135-0136] as described for the rejection of claim 1 and is incorporated herein) includes:
enabling the security mode at the computer system and the set of one or more electronic devices without receiving additional input at the set of one or more electronic devices (see Zimny Fig. 12, ¶ [0137] “ . . . Upon receipt of the message, each gateway device node broadcasts the message with the encrypted locking instruction to its child device nodes (1214). As described above, the gateway device nodes may route the message to its child nodes using a wireless mesh networking protocol (e.g., ANT). In this scenario, the global emergency encryption key may have been delivered only to the lock-type device nodes of the local network and not other types of device nodes (e.g., sensor-type device nodes). Accordingly, any device node that does not possess the global emergency encryption key would not be able to decrypt the encrypted locking instruction included in the message broadcast by the gateway device nodes. In this regard, other device nodes may fail to decrypt the encrypted locking instruction included the message they receive (1216) and thus disregard the message (1218). On the other hand, the lock-type device nodes can successfully decrypt the encrypted locking instruction included in the broadcast message using the global emergency encryption key stored in their memories (1220). Upon successful decryption of the encrypted locking instruction, the lock-type device nodes execute the instruction and, if in an unlocked state, toggle to a locked state (1222) . . .”).
In regard to claim 8, the combination of Zimny, Sadovsky, and Fitzgerald teaches wherein enabling the security mode at the computer system includes restarting the computer system (see Fitzgerald ¶ [0143] “ . . . A user may be given an opportunity to sign up for a service to protect one or more mobile computing devices in accordance with the present invention (FIGS. 26-34). After a user has created an account, he/she may download a software application to the mobile device to be protected, as depicted in flow diagram 2900 in FIG. 29. The user is thus provided with information regarding installation and user of the security application (FIG. 30). Referring to FIG. 31, after the user has downloaded and installed the product and has restarted the mobile device (if necessary), once a network connection is available the application will launch a browser to a web page using a unique identifier such as an identifier tag previous obtained from the host server. As shown in FIGS. 32-33, a summary of the registration information is also presented to the user through the browser screen, and the screen may present a list of multiple devices protected by the service. . . “).
The motivation to combine the references is described for the rejection of claim 1 and is incorporated herein. Additionally, Fitzgerald can effect a restart of the computer system.
In regard to claim 9, the combination of Zimny, Sadovsky, and Fitzgerald teaches wherein disabling the security mode at the computer system includes restarting the computer system (see Fitzgerald ¶ [0143] as described for the rejection of claim 8 and is incorporated herein).
The motivation to combine the references is described for claim 8 and is incorporated herein.
In regard to claim 10, the combination of Zimny, Sadovsky, and Fitzgerald teaches wherein enabling the security mode at the computer system (see Zimny ¶¶ [0135-0136] as described for the rejection of claim 1 and is incorporated herein) includes:
in accordance with a determination that the computer system is a first type of electronic device (e.g. first level device) that is associated with a second computer system(e.g. second level device) , enabling the security mode at the computer system and the second computer system (see Zimny ¶ [0043]” . . . . . A first-level device node as used herein refers to a device node that is located outside the wireless range of a gateway node but is located within the wireless range of a zero-level device node. A second-level device node as used herein refers to a device node that is located outside of the wireless range of a gateway device node and the wireless range of a zero-level device node but is located within the wireless range of a first-level device node. Zero-level device nodes are thus in direct signal communication with a gateway device node and may exchange point-to-point wireless communications. First-level device nodes and second-level device nodes are thus in indirect signal communication with a gateway device node, and communications may be routed to first-level device nodes and second-level device nodes via other device nodes of the network. . . “).
In regard to claim 11, the combination of Zimny, Sadovsky, and Fitzgerald teaches the one or more programs further including instructions for:
receiving a request to display a message that includes image data (see Fitzgerald ¶ [0086]” . . . an SMS text message is transmitted by a security authority to a mobile device. The text message is decoded and a command sent to an application residing on the mobile device, such as a web browser, a text editor, graphic image displayer, a message screen, or a bitmap displayer and/or any other application capable of displaying a notification. The command may, for example, display a pre-stored message or image, instructing the user in regards to returning the device to the authorized user. The application may reside on a hardware component within the mobile device, such as a SIM card installed in a mobile phone or laptop computer . . .”) ; and
in response to receiving the request to display the message that includes image data, displaying the message (see Fitzgerald ¶ [0086]” . . . The message may also be presented at any desired time or in response to any desired event, such as when the current user is attempting to utilize the mobile device (e.g., by placing a call on a mobile telephone). For example, the message may be presented upon startup of the device. In this manner, a user that has found a lost device may obtain information regarding returning the device even where the device has not established a connection to a host server such as one operated a security authority. . . .”) , including:
in accordance with a determination that the security mode is not enabled for the computer system, displaying the message with the image data (see Fitzgerald ¶ [0092] “ . .. the current user of the mobile device may be sent a graphical image with a name or image that encourages the current user to open a message or file, and while looking at the file or image, a command is decoded from the image via steganographic techniques, whereby the command may be executed by the mobile device to mitigate the loss of control of the mobile device . . .”).; and
in accordance with a determination that the security mode is enabled for the computer system, displaying the message without the image data (see Fitzgerald ¶ [0095] “ . .. The functionality of the mobile device may be altered to send a message to an authorized user of the device, a security authority, or other recipient (630). The message may include any desired information, such as a phone number called by the mobile device, the current operational status of the mobile device, the location of the mobile device, a statement indicating that the mobile device has been removed from a predetermined location and/or is in motion, a date and time stamp indicating when the device was first used after occurrence of the security event, and/or instructions to call a security authority to initiate a recovery process. . . “).
The motivation to combine the references is described for rejection of claim 1 and is incorporated herein. Additionally, Fitzgerald processes image data and provides options for security.
In regard to claim 13, Zimny teaches A non-transitory computer-readable storage medium storing one or more programs configured to be executed by one or more processors of a computer system that is in communication with a display generation component and one or more input devices (“ . . . The processing unit 1826 is also attached to the bus 1808 and executes the instructions stored in the memory 1814 and/or the disk storage 1820. The instruction sets 1816 and 1822 as well as the data 1818 and 1824 include a computer program product, including a computer-readable medium (e.g., a removable storage medium such as one or more DVD-ROM's, CD-ROM's, diskettes, tapes, etc.) that provides at least a portion of the software instructions for implementing aspects of the present disclosure. At least a portion of the instructions may also be downloaded via the network 1806. As noted above, computer-readable media include all non-transitory computer-readable media and do not include transitory propagating signals. . . .”), the one or more programs including instructions for:
receiving, via the one or more input devices, a request to enable a security mode (e.g. lockdown mode) at the computer system, wherein the computer system is associated with a user account (see ¶ [0055],¶ [0135] as described for the rejection of claim 1 and is incorporated herein); and
in response to receiving the request to enable the security mode at the computer system (see ¶ [0135] as described for the rejection of claim 1 and is incorporated herein):
Zimny fails to explicitly teach
in accordance with a determination that a set of one or more electronic devices other than the computer system are associated with the user account, displaying a respective user interface that includes one or more options for enabling the security mode at the set of one or more electronic devices and the computer system; and
in accordance with a determination that a set of one or more electronic devices other than the computer system are not associated with the user account, enabling the security mode at the computer system without displaying the respective user interface that includes one or more options for enabling the security mode at the set of one or more electronic devices and the computer system.
However Sadovsky teaches in accordance with a determination that a set of one or more electronic devices other than the computer system are associated with the user account, displaying a respective user interface that includes one or more options for enabling the security mode at the set of one or more electronic devices and the computer system (see Fig. 1 Display 115 ¶ [0019], Fig, 4 ¶¶ [0041-0042] as described for the rejection of claim 1 and is incorporated herein).
The motivation to combine Sadovsky with Zimny is described for the rejection of claim 1 and is incorporated herein.
The combination of Zimny and Sadovsky fails to explicitly teach but however Fitzgerald teaches in accordance with a determination that a set of one or more electronic devices other than the computer system are not associated with the user account (see ¶ [0046] as described for the rejection of claim 1 and is incorporated herein) , enabling the security mode at the computer system without displaying the respective user interface that includes one or more options for enabling the security mode at the set of one or more electronic devices and the computer system (see ¶ [0086] as described for the rejection of claim 1 and is incorporated herein).
The motivation to combine Fitzgerald with the combination of Zimny and Sadovsky is described for the rejection of claim 1 and is incorporated herein
In regard to claim 14, Zimny teaches A method (see abstract “ . . . Systems, methods, and devices are described herein for executing a lockdown of electronic locks deployed in a local network of interconnected devices. . . “), comprising:
at a computer system that is in communication with a display generation component and one or more input devices (see Fig. 12 ¶ [0135] as described for the rejection of claim 1 and is incorporated herein):
receiving, via the one or more input devices, a request to enable a security mode (e.g. lockdown mode) at the computer system, wherein the computer system is associated with a user account (see ¶ [0055],¶ [0135] as described for the rejection of claim 1 and is incorporated herein); and
in response to receiving the request to enable the security mode at the computer system(see ¶ [0135] as described for the rejection of claim 1 and is incorporated herein) :
Zimny fails to explicitly teach
in accordance with a determination that a set of one or more electronic devices other than the computer system are associated with the user account, displaying a respective user interface that includes one or more options for enabling the security mode at the set of one or more electronic devices and the computer system; and
in accordance with a determination that a set of one or more electronic devices other than the computer system are not associated with the user account, enabling the security mode at the computer system without displaying the respective user interface that includes one or more options for enabling the security mode at the set of one or more electronic devices and the computer system.
However Sadovsky teaches in accordance with a determination that a set of one or more electronic devices other than the computer system are associated with the user account, displaying a respective user interface that includes one or more options for enabling the security mode at the set of one or more electronic devices and the computer system (see Fig. 1 Display 115 ¶ [0019], Fig, 4 ¶¶ [0041-0042] as described for the rejection of claim 1 and is incorporated herein).
The motivation to combine Sadovsky with Zimny is described for the rejection of claim 1 and is incorporated herein.
The combination of Zimny and Sadovsky fails to explicitly teach but however Fitzgerald teaches in accordance with a determination that a set of one or more electronic devices other than the computer system are not associated with the user account (see ¶ [0046] as described for the rejection of claim 1 and is incorporated herein) , enabling the security mode at the computer system without displaying the respective user interface that includes one or more options for enabling the security mode at the set of one or more electronic devices and the computer system (see ¶ [0086] as described for the rejection of claim 1 and is incorporated herein).
The motivation to combine Fitzgerald with the combination of Zimny and Sadovsky is described for the rejection of claim 1 and is incorporated herein
Claim 12 is rejected under 35 U.S.C. 103 as being unpatentable over Zimny et al. U.S. 2019/0103966 A1; herein referred to as Zimny) in view of Sadovsky et al. (U.S. 2015/0180894 A1; herein referred to as Sadovsky in further view of Fitzgerald et al. (U.S. 2013/0091564 A1; herein referred to as Fitzgerald) as applied to claims 1 – 11 and 13 – 14 in further view of Yang (U.S. 2019/0319956 A1; herein referred to as Yang).
In regard to claim 12, the combination of Zimny, Sadovsky, and Fitzgerald fails to explicitly teach but however Yang teaches the one or more programs further including instructions for:
receiving a request to access a website that does not meet security criteria (see Yang ¶ [0118] “ . .. For example, the controlled device is a mobile terminal such as a mobile phone or a tablet, and network access permission that is set for the mobile terminal may be indicated by a legal website access list or an illegal website access list. Network access permission may also be indicated in a form of a key-value pair as follows: {“unique device identifier”, “www.huawei.com|www.baidu.com| . . . ”}. When the first website list indicates a website that the mobile terminal is allowed to access, the first website list may also be referred to as a website whitelist. When the first website list indicates a website that the mobile terminal is forbidden to access, the first website list may also be referred to as a website blacklist . . .”); and
in response to receiving the request to access the website that does not meet security criteria: in accordance with a determination that the security mode is not enabled for the computer system, displaying the website (see Yang ¶ [0118] “ . .. For example, the first website list indicates a website allowed to be accessed, and indicates that the mobile terminal can normally access a website such as Huawei or Baidu in the first website list . ..”) ; and
in accordance with a determination that the security mode is enabled for the computer system, displaying a notification without displaying the website (see Yang ¶ [0118] “ . ... Another website not in the first website list is not allowed to be accessed, and there is no access permission. . . “)
It would have been obvious to one with ordinary skill in the art before the effective filing date of the applicant’s application to incorporate a system and method for managing permissions for device use which includes determining whether a request to access a particular website will be permitted, as taught by Yang, into a system and method for executing a lockdown of devices in response to a request from a user associated with an account that is authorized to implement security policies for the device, such action the result of anomaly detection in a network of devices belonging to a user account and to enable a user associated with the account to react to the anomaly by configuring the devices to operate in a secure mode using options provided on a displayed user interface, such as a device lockdown, and also detecting unauthorized use of the device and in response to a security compromise event, disabling the features of the device, as taught by the combination of Zimny, Sadovsky and Fitzgerald. Such incorporation enables safeguards for preventing the device to access non-secure websites.
Conclusion
There are prior art made of record which are not relied upon but are considered pertinent to applicant’s disclosure. They are listed on the PTO-892 accompanying this action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JAMES N FIORILLO whose telephone number is (571)272-9909. The examiner can normally be reached on 7:30 - 5 PM Mon - Fri..
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, John A. Follansbee can be reached on 571-272-3964. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/JAMES N FIORILLO/Primary Examiner, Art Unit 2444