BROWSER ISOLATION

§103 §112

Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . DETAILED ACTION This action is responsive to amendment filed December 19, 2025. Status of Claims Applicant amended the title and the claims, canceled claims 2,8,9, and added new claims 11-23 on 12/19/25. Claims 1,3-7,10-23 remain pending. Response to Arguments Applicant’s amendments/arguments with respect to the previous 102 rejections have been fully considered and are persuasive. Accordingly the previous rejections are withdrawn. Upon further consideration, a new grounds of rejection is made based on Smith in view of Machalani. Claim Rejections - 35 USC § 112 The following is a quotation of 35 U.S.C. 112(b): (b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention. The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph: The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention. Claims 1,3-7,10-23 rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention. In claim 1, line 10 recite the limitation “browsing in the web browser by the user”, lines 11-12 recite “browsing activity of the user”, and lines 13-14 recite “browsing in the web browser”, and line 15 recites “user activity in the web browser”. However, it is unclear if each of these limitations relate to the same activity instance or if they are different activities unique from each other. If these limitations are all the same activity, then the different phrases are inconsistent, do not overlap in scope, and create ambiguities in the claims. If these limitations are all different activities, then it is unclear how they relate to each other and to the rest of the claim. Claims 12,18 are slight variations of claim 1 and are rejected based on the same rationale. Dependent claims are rejected for inheriting the deficiencies of the independent claims. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1,3,4,6,7,11-14,16-20,22,23 are rejected under 35 U.S.C. 103 as being unpatentable over Rosen, Michael (“Browser Isolation Eliminates Risk in Context”, 10/30/2018) in view of Mundilla et al (US Patent 11418486). In reference to claim 1, Rosen teaches a method comprising: vetting data of a user comprised in or associated with at least one of a user profile of the user, a device of the user, the UE, and/or a web browser running on the device, and a set of website risk vulnerabilities associated with the user; (see at least ¶s 1,2, which teaches tracking data of a user comprised in a set of website risky activity via a browser on a device) based on the vetting, determining a type and degree of isolation to be provided for the web browser, wherein the type of isolation comprises no isolation, browser isolation, or tab-by-tab isolation of the web browser, and wherein the degree of isolation comprises at least a subset of isolation features imposed to limit browsing in the web browser by the user; (see at least ¶s 3,4, which teaches based on the tracking, determining a type and degree of isolation for the browser, where the type comprises no isolation, browser isolation, or tab isolation, and the degree comprises features that limit browsing) and isolating and monitoring user activity in the web browser according to the type and degree of isolation determined from the vetting (see at least ¶s 4,5, which teaches isolating and monitoring the users risky activity in accordance to the type and degree of browser isolation). Rosen fails to explicitly teach based on the vetting, determining a temporal configuration for monitoring browsing activity of the user, wherein the temporal configuration comprises a configuration for sampling key performance indicators of the user while browsing in the web browser; and monitoring the temporal configuration determined from the vetting. However, Mundilla teaches tracking risky user browser activity controlling the browser activity based on the risk and danger of the activity (see Mundilla, at least Abstract). Mundilla further teaches determining a configuration for sampling risk control criteria which are risk indicators of the user while the user is sending web requests from the web browser, and also teaches monitoring and security actions based on the tracking (see Mundilla, at least column 5 lines 1-67 and column 6 lines 1-26). It would have been obvious for one of ordinary skill in the art before the effective filing date of the invention to modify the display interface of Rosen based on the teachings of Mundilla for the purpose of ensuring real time security and protection against risky user activity. In reference to claim 3, this is taught by Rosena, see at least ¶s 4,5, which teaches browser isolation where isolating user activity comprising virtualization which accomplishes sandbox isolation. In reference to claim 4, this is taught by Rosena, see at least ¶ 4, which teaches tab by tab isolation. In reference to claim 6, this is taught by Rosena, see at least ¶s 5,7,8, which teaches selecting isolation features based on the risk involved. In reference to claim 7, this is taught by Rosena, see at least ¶s 5,7,8, which teaches changing browser isolation configuration based on the risk or no risk of the user activity. In reference to claim 11, this is taught by Rosena, see at least ¶s 6,7, which teaches isolation features comprising stopping exploits, blocking malicious file download, or malware termination. Claims 12-14,16-20,22,23 correspond to claims 1,3,4,6,7,11 and are slight variations thereof, and are therefore rejected based upon the same rationale as given above. Claims 5,10,15,21 are rejected under 35 U.S.C. 103 as being unpatentable over Rosen, Michael (“Browser Isolation Eliminates Risk in Context”, 10/30/2018) in view of Mundilla et al (US Patent 11418486) in further view of Negrea et al (US Publication 20210250333). In reference to claim 5, Rosen fails to explicitly teach wherein the browser isolation comprises operating system based isolation. However, Negrea teaches filtering user web traffic data and vulnerabilities related to web and browser based traffic (see Negrea, at least Abstract and ¶s 45-47), and monitoring user browsing activities at different times and performing browser and tab isolation (see Negrea at least ¶s 135-138). Negrea further teaches operating system based isolation (see Negrea, at least ¶s 111-115). It would have been obvious for one of ordinary skill in the art before the effective filing date of the invention to modify the display interface of Rosen based on the teachings of Negrea for the purpose of improving device protection against risky browser activity. In reference to claim 10, this is taught by Negrea, see at least ¶s 144-146, which teaches determining the temporal configuration including continuous monitoring. One of ordinary skill in the art would be motivated to modify Rosen based on the teachings of Negrea in accordance to the rationale given for claim 5 above. Claims 15,21 correspond to claim 5 and are slight variations thereof, and are therefore rejected based upon the same rationale as given above. Conclusion Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. For any subsequent response that contains new/amended claims, Applicant is required to cite its corresponding support in the specification. (See MPEP chapter 2163.03 section (I.) and chapter 2163.04 section (I.) and chapter 2163.06) Applicant may not introduce any new matter to the claims or to the specification. In formulating a response/amendment, Applicant is encouraged to take into consideration the prior art made of record but not relied upon, as it is considered pertinent to applicant's disclosure. See attached Form 892. Contact & Status Any inquiry concerning this communication or earlier communications from the examiner should be directed to RAMY M OSMAN whose telephone number is (571)272-4008. The examiner can normally be reached Mon-Fri, 9AM-5PM. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ario Etienne can be reached at 571-272-4001. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /Ramy M Osman/ Primary Examiner, Art Unit 2457 March 23, 2026