DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
The Amendment filed 06 January 2026 has been received and considered.
Claims 1-20 are pending.
This Action is Final.
Claim Objections
The objection to Claim 4 is withdrawn based on the filed amendment.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1-6, 10-15, 19, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Shem Tov et al. (US 20180359237), in view of Nambannor Kunnath et al. (US 20250023853), and further in view of Dattani et al. (US 20220309197).
As per claims 1, 10, and 19, Shem Tov et al. discloses a program product, method and device comprising: a communication interface that connects the electronic device to a second electronic device to enable streaming of information from the electronic device to the second electronic device; a memory comprising a security-enabled streaming module to stream the information using a connection established between the electronic device and the second electronic device, the security-enabled streaming module comprising an associated security threat detection module for enabling identification of potential threats existing on the second electronic device; a processor communicatively coupled to the communication subsystem, and the memory, and which executes program code for the security-enabled streaming module, the processor configure to (see paragraphs [0082]-[0084] and [0188]-[0189]):
establish a streaming session over the connection established with the second electronic device via the communication interface (see paragraphs [0190]-[0191] where the remote desktop access connection session is a streaming session);
receive first security threat information from the second electronic device during the streaming session (see paragraphs [0192]-[0215] the various information received during the session);
analyze the first security threat information to determine whether the second electronic device is vulnerable to any security threats; and in response to the first security threat information indicating that the second electronic device is vulnerable to at least one security threat (see paragraphs [0222]-[0235] using the received information to assess the risk):
generate and output an alert indicating a vulnerability of the second electronic device to the at least one security threat; and apply one or more types of restriction to the streaming session to restrict access to the information at the second electronic device (see paragraphs [0183]-[0185]).
Shem Tov et al. fails to explicitly disclose to receive first security threat information from the second electronic device during the streaming session, wherein the first security threat information comprises information identifying whether one or more malwares is detected on the second electronic device by a security threat detection module executing on the second electronic device.
However, Nambannor Kunnath et al. teaches to receive first security threat information from the second electronic device during the streaming session, wherein the first security threat information comprises information identifying whether one or more malwares is detected on the second electronic device by a security threat detection module executing on the second electronic device (see paragraphs [0049]-[0054]).
At a time before the effective filing date of the invention, it would have been obvious to one of ordinary skill in the art to include the malware detection of Nambannor Kunnath et al. as part of the protection of the Shem Tov et al. system.
Motivation to do so would have been to ensure the devices are compliant with policies (see Nambannor Kunnath et al. paragraphs [0049]-[0054]).
While the modified Shem Tov et al. and Nambannor Kunnath et al. system teaches the use of different restrictions for the streaming system (see Nambannor Kunnath et al. paragraphs [0049]-[0054]), there lacks an explicit teaching to restrict access at the second electronic device to the information being streamed from the electronic device to the second electronic device, based on determining that a type of malware identified in the first security threat information is relevant to a type of the information being streamed to the second electronic device.
However, Dattani et al. teaches to restrict access at the second electronic device to the information being streamed from the electronic device to the second electronic device, based on determining that a type of malware identified in the first security threat information is relevant to a type of the information being streamed to the second electronic device (see paragraphs [0057]-[0058] and [0080]-[0087]).
At a time before the effective filing date of the invention, it would have been obvious to one of ordinary skill in the art to include the restrictions of Dattani et al. in the modified Shem Tov et al. and Nambannor Kunnath et al. system.
Motivation, as recognized by one of ordinary skill in the art, to do so would have been to allow the detection of specific vulnerabilities and respond to them more appropriately, thereby giving the system more flexibility.
As per claims 2 and 11, the modified Shem Tov et al., Nambannor Kunnath et al., and Dattani et al. system discloses wherein in applying the one or more types of restriction to the streaming session, the processor restricts access to the information at the second electronic device based on determining that the second electronic device is vulnerable to a first type of security threat (see Shem Tov et al. paragraph [0184]).
As per claims 3, 6, 12, and 15, the modified Shem Tov et al., Nambannor Kunnath et al., and Dattani et al. system determining a relevance of the threats based on the type of information being streams to the device and each of the one or more type of restrictions and the updated type of restrictions includes at least one type of restriction from a group of restrictions comprising: read-only capability of the information; selective masking of portions of the information; read-without-screenshot capability of the information; read-without-screen-recording capability of the information; and discontinuation of streaming of the information (see Dattani et al. paragraphs [0080]-[0087]).
As per claims 4, 13, and 20, the modified Shem Tov et al., Nambannor Kunnath et al., and Dattani et al. system discloses the processor is further configured to: receive second security threat information from the second electronic device subsequent to receiving the first security threat information; analyze the second security threat information to determine whether the second electronic device presents a different vulnerability to security threats from the one or more security threats determined from the first security threat information; update one or more of a level or a type of restriction imposed on the streaming session based on determining that the second electronic device has a different vulnerability to security threats than the one or more security threats determined from the first security threat information; and apply the updated level or type of restriction to the streaming session to restrict access to the information at the second electronic device (see Shem Tov et al. paragraphs [0253]-[0260] where the risk level is updated based on additional received information during the session).
As per claims 5 and 14, the modified Shem Tov et al., Nambannor Kunnath et al., and Dattani et al. system discloses the processor is further configured to stream the information to the second electronic device without applying any restrictions in response to determining that the second electronic device is not vulnerable to any security threats (see Shem Tov et al. paragraph [0240]).
Claims 7, 8, 16, and 17 are rejected under 35 U.S.C. 103 as being unpatentable over the modified Shem Tov et al., Nambannor Kunnath et al., and Dattani et al. system as applied to claims 1, 6, 10, and 15 above, and further in view of Mehta (US 20230044156).
As per claims 7, 8, 16, and 17, the modified Shem Tov et al., Nambannor Kunnath et al., and Dattani et al. system fails to disclose to identify, using an artificial intelligence (AI) engine, the at least one restriction from the group of restrictions to control access to the information at the second electronic device and to present, within the display of the electronic device, one or more selectable restrictions from a group of selectable restrictions to enable a user of the electronic device to apply the one or more restrictions to control access to the information at the second electronic device.
However, Mehta teaches to identify, using an artificial intelligence (AI) engine, the at least one restriction from the group of restrictions to control access to the information at the second electronic device and to present, within the display of the electronic device, one or more selectable restrictions from a group of selectable restrictions to enable a user of the electronic device to apply the one or more restrictions to control access to the information at the second electronic device (see paragraphs [0065]-[0068]).
At a time before the effective filing date of the invention, it would have been obvious to one of ordinary skill in the art, to include the notifications and recommendations of Mehta in the modified Shem Tov et al., Nambannor Kunnath et al., and Dattani et al. system.
Motivation, as recognized by one of ordinary skill in the art, to do so would have been to make it easier for the user/admin to select the best restriction.
Claims 9 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over the modified Shem Tov et al., Nambannor Kunnath et al., Dattani et al., and Mehta system as applied to claims 8 and 17 above, and further in view of Singh et al. (US 20210243233).
As per claims 9 and 18, the modified Shem Tov et al., Nambannor Kunnath et al., Dattani et al., and Mehta system fails to explicitly disclose to generate a second notification indicating that access to the information is being restricted at the second electronic device according to the one or more restrictions applied by the user of the electronic device to control the access to the information; and transmit the second notification to the second electronic device to alert a user of the second electronic device that access to the information is being restricted.
However, Singh et al. teaches to generate a notification indicating that access to the information is being restricted at the second electronic device according to the one or more restrictions applied by the user of the electronic device to control the access to the information; and transmit the notification to the second electronic device to alert a user of the second electronic device that access to the information is being restricted (see paragraphs [0033]-[0034] and [0071]).
At a time before the effective filing date of the invention, it would have been obvious to one of ordinary skill in the art to include the notification of Singh et al. as a second notification in the modified Shem Tov et al., Nambannor Kunnath et al., Dattani et al., and Mehta system.
Motivation to do so would have been to allow the user of the second device to authorize use/viewing of the content (see Singh et al. paragraphs [0033]-[0034] and [0071]).
Response to Arguments
Applicant’s arguments with respect to claim(s) 1-20 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure: the remaining references put forth on the PTO-892 form are directed towards risks in streaming sessions and/or security notifications.
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MICHAEL J PYZOCHA whose telephone number is (571)272-3875. The examiner can normally be reached Monday-Thursday 7:30am-5:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Hadi Armouche can be reached at (571) 270-3618. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/Michael Pyzocha/ Primary Examiner, Art Unit 2409