Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claims 1-20 are presented for examination.
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on January 16, 2026 has been entered.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over Makarov et al. U.S. Patent Application Publication Number 2015/0046706 A1 (hereinafter Makarov), and further in view of Porras U.S. Patent Application Publication Number 2014/0007184 A1 (hereinafter Porras).
As per claims 1, 20, Makarov discloses an information processing method for controlling access to a computer resource managed by an operating system on a computer that is used by a user (see user accessing computer resources using account on page 2 section [0026]), the method comprising:
capturing an operation request for the computer resource from a process or the operating system before the computer resource is accessed (see intercept request of applications to access file computer resource through intercepting calls of operating systems for the request on page 2 section [0024]), wherein the computer resource comprises a hardware computer resource (see controlled hardware computer resources with files resides on an external storage device such as a hard disk and on a network storage on page 2 section [0023]) including a communication resource that implements communication with a network (see computer resources on a network storage with network communication on page 2 section [0023]);
selecting a policy suitable for a state of a computer (see various conditions, or state of computer as claimed, on page 3 section [0036] and see conditions examples such as device connectivity on page 2 section [0027] and time of the day on page 3 section [0036] and see device state is a portable device connecting from office or from home on page 3-4 section [0037]) from a plurality of policies with access privilege allowed for each one of a plurality of types of work defined as a policy for each work (see looking through file access policy database 104 for access policy with priority selection rules such as time of day, rights of the user account, security policies and other conditions for policies to apply on page 3 section [0036] and location of the connected device on page 4 section [0037]);
determining whether or not there is access privilege for the hardware computer resource (see controlled hardware computer resources with files resides on an external storage device such as a hard disk and on a network storage on page 2 section [0023]) specified by the operation request captured in the capturing on a basis of the policy selected in the selecting (see determining of the access rule applies on page 3 section [0036] and see access policy application example based on location of the device such as from work or from home on page 3-4 section [0037]);
executing processing to send the operation request as is to the operating system if a result of the determining is that there is an access privilege and send the result back to a request source process (see device allowed access of files when connected from work on page 3-4 section [0037]); and
denying access to the hardware computer resource (see controlled hardware computer resources with files resides on an external storage device such as a hard disk and on a network storage on page 2 section [0023]) specified by the operation request if a result of the determining is that there is no access privilege (see device denied access of files when connected from home on page 3-4 section [0037]).
Makarov do not disclose expressly: wherein the denying access to the communication resource prevents communication from flowing through a connected network via the communication resource.
Porras teaches: wherein the denying access (see intercepting of access request of resources based on policy on page 3 section [0026]) to the communication resource prevents communication from flowing through a connected network via the communication resource (see preventing connection to data sources based on policy on page 8 section [0066]).
Makarov and Porras are analogous art because they are from the same field of endeavor, access control management systems. Before the effective filing date of the claimed invention, it would have been obvious to a person of ordinary skill in the art to deny access by preventing communication flow. The motivation for doing so would have been to prevent access based on security policy (see page 3 section [0026] in Porras). Therefore, it would have been obvious to combine Makarov and Porras for the benefit of prevent communication flow to obtain the invention as specified in claims 1, 20.
As per claim 2, Makarov and Porras disclose the information processing method according to claim 1, wherein in the denying, if a result of the determining is that there is no access privilege, access to the hardware computer resource (see controlled hardware computer resources with files resides on an external storage device such as a hard disk and on a network storage on page 2 section [0023] in Makarov) specified by the operation request is switched to another hardware computer resource (see device denied access of files when connected from home and home files are still accessible on page 3-4 section [0037] in Makarov). The motivation to combine is same as above.
As per claim 3, Makarov and Porras disclose the information processing method according to claim 1, wherein the plurality of policies are stored in a storage included in the computer (see policies are stored locally on file access policy database 104 on the client computer device 100 on page 2 section [0025] in Makarov). The motivation to combine is same as above.
As per claim 4, Makarov and Porras disclose the information processing method according to claim 1, wherein the plurality of policies are stored in a server that can communicate with the computer and are provided to the computer from the server (see file access policies can be stored remotely on administrative server 110 on page 2 section [0025] in Makarov). The motivation to combine is same as above.
As per claim 5, Makarov and Porras disclose the information processing method according to claim 1, wherein the state of the computer includes applicable terminal information (see application on terminal information on page 3 section [0035] in Makarov), user information (see user account information on page 3 section [0036] in Makarov), terminal location information (see terminal location information on page 3-4 section [0037] in Makarov), and time information (see time of day information on page 3 section [0036] in Makarov). The motivation to combine is same as above.
As per claim 6, Makarov and Porras disclose the information processing method according to claim 5, wherein the applicable terminal information includes any one of a machine name, an IP address, and a MAC address (see IP address from company network and IP address from home network on page 3-4 section [0037] in Makarov). The motivation to combine is same as above.
As per claim 7, Makarov and Porras disclose the information processing method according to claim 5, wherein the user information includes any one of a user name and a group name (see user account name on page 3 section [0036] in Makarov). The motivation to combine is same as above.
As per claim 8, Makarov and Porras disclose the information processing method according to claim 5, wherein the terminal location information includes any one of location information obtained from the operating system, a connection AP, and a connection domain name (see connection from company network and connection from home network on page 3-4 section [0037] in Makarov). The motivation to combine is same as above.
As per claim 9, Makarov and Porras disclose the information processing method according to claim 1, wherein the plurality of policies includes a preset order of priority (see priority selection rules based on application on page 3 section [0035] and see priority selection rule based on condition on page 3 section [0036] in Makarov). The motivation to combine is same as above.
As per claim 10, Makarov and Porras disclose the information processing method according to claim 9, wherein the selecting includes selecting a policy with a highest order of priority from among policies that match the state of the computer (see selecting priority rule from the highest priority based on application used on page 3 section [0035] and see selecting priority rule from the highest priority rule based on time on page 3 section [0036] and Table 3 in Makarov). The motivation to combine is same as above.
As per claim 11, Makarov and Porras disclose the information processing method according to claim 10, wherein the selecting includes, in a case where, from among policies that match the state of the computer, a plurality of policies have a highest order of priority, further selecting a policy with a highest order of priority from the plurality of policies (see selecting priority rule from the highest priority based on application used on page 3 section [0035] and see selecting priority rule from the highest priority rule based on time on page 3 section [0036] and Table 3 in Makarov). The motivation to combine is same as above.
As per claim 12, Makarov and Porras disclose the information processing method according to claim 10, wherein the selecting includes, in a case where, from among policies that match the state of the computer, a plurality of policies have a highest order of priority, selecting a policy from the plurality of policies via user selection (see user administrator selecting and modifying the priority rule on page 3 section [0036] in Makarov). The motivation to combine is same as above.
As per claim 13, Makarov and Porras disclose the information processing method according to claim 1, wherein the policy includes, as information for whether or not to allow access, type of executable or non-executable program (see types of program on page 2 section [0030] in Makarov), reading (access control on reading on page 2 section [0024]) allowed or not region (see region location such as work or home network on page 3-4 section [0037] in Makarov), writing (see access control on write on page 2 section [0024] in Makarov) allowed or not region (see region location such as work or home network on page 3-4 section [0037] in Makarov), and temporary access (see access policy by time or user authentication token on 3 section [0036] in Makarov) allowed region (see region location such as work or home network on page 3-4 section [0037] in Makarov). The motivation to combine is same as above.
As per claim 14, Makarov and Porras disclose the information processing method according to claim 13, wherein the type of executable or non-executable program is registered as any one of a program name, a program path, and a program file hash (see program type, program name, metadata such as file path, and program file hash sum on page 2 section [0030] in Makarov). The motivation to combine is same as above.
As per claim 15, Makarov and Porras disclose the information processing method according to claim 13, wherein the reading (access control on reading on page 2 section [0024] in Makarov) allowed or not region is registered as any one of a file path, a URL, an IP address, a host name, a USB device ID, an email address, and a wireless LAN AP (see IP address from company network and IP address from home network on page 3-4 section [0037] and see USB and wireless device information on page 4 section [0041] and see email clients on page 3 section [0037] in Makarov). The motivation to combine is same as above.
As per claim 16, Makarov and Porras disclose the information processing method according to claim 13, wherein the writing (see access control on write on page 2 section [0024] in Makarov) allowed or not region is registered as any one of a file path , a URL, a USB device ID, and an email address (SMTP) (see program type, program name, metadata such as file path, and program file hash sum on page 2 section [0030] see USB and wireless device information on page 4 section [0041] and see email clients on page 3 section [0037] in Makarov). The motivation to combine is same as above.
As per claim 17, Makarov and Porras disclose the information processing method according to claim 13, wherein the temporary access allowed region is deleted (see file deletion on page section [0026] in Makarov) of content at a specified timing from among timing of changing an applied policy, logoff, and program end (see temporary access policy such as time of day and temporary user authentication token on page 3 section [0036] in Makarov). The motivation to combine is same as above.
As per claim 18, Makarov and Porras disclose the information processing method according to claim 1, wherein the capturing further include capturing an operation request for the computer resource from the process or the operating system before the computer resource is accessed (see intercepting, or capturing the request before access as claimed, from intercepting calls of operating systems on page 2 section [0024] in Makarov). The motivation to combine is same as above.
As per claim 19, Makarov and Porras disclose the information processing method according to claim 1, further comprising: deploying the policy into an access privilege management table including resource specifying information for specifying a specific computer resource (see file access policy database 104, or access privilege management table as claimed, deployed to computer device 100 on page 2 section [0025] in Makarov), information of a condition for validating an access privilege (see condition for access rules to apply on page 3 section [0036] in Makarov), and access privilege information for specifying (see file access policy can be specified by specific file and applications on page 3 section [0037] in Makarov) an extended access privilege not defined by an existing environment (see administrator can modify policy not defined by existing rules on page 3 section [0036] in Makarov). The motivation to combine is same as above.
Response to Arguments
Applicant’s arguments, see Remarks on page 2, filed January 16, 2026, with respect to the rejection(s) of claim(s) 1 and 20 under 35 U.S.C. 102 have been fully considered and are persuasive. Therefore, the rejection has been withdrawn. However, upon further consideration, a new ground(s) of rejection is made in view of Porras U.S. Patent Application Publication Number 2014/0007184 A1 (hereinafter Porras).
Makarov do not disclose expressly: wherein the denying access to the communication resource prevents communication from flowing through a connected network via the communication resource.
Porras teaches: wherein the denying access (see intercepting of access request of resources based on policy on page 3 section [0026]) to the communication resource prevents communication from flowing through a connected network via the communication resource (see preventing connection to data sources based on policy on page 8 section [0066]).
Makarov and Porras are analogous art because they are from the same field of endeavor, access control management systems. Before the effective filing date of the claimed invention, it would have been obvious to a person of ordinary skill in the art to deny access by preventing communication flow. The motivation for doing so would have been to prevent access based on security policy (see page 3 section [0026] in Porras). Therefore, it would have been obvious to combine Makarov and Porras for the benefit of prevent communication flow to obtain the invention as specified in claims 1, 20.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ALAN S CHOU whose telephone number is (571)272-5779. The examiner can normally be reached Monday-Friday 9:00-5:00 EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Chris L Parry can be reached on (571)272-8328. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/ALAN S CHOU/Primary Examiner, Art Unit 2451