DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Election/Restrictions
NO restrictions warranted at applicant’s initial time of filing for patent.
Priority
Applicant claims NO foreign or domestic priority at initial time of filing for patent. Thus, the effective filing date of the claimed invention is 05/29/2024
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 05/30/2024, the submission is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.
Drawings
Applicant’s drawings filed on 05/29/2024 have been inspected and are in compliance with MPEP 608.02.
Specification
Applicant’s specification filed on 05/19/2024 has been inspected and is in compliance with MPEP 608.01
Claim Objections
NO claim objections warranted at applicant’s initial time of filing for patent.
Claim Interpretation – 35 USC 112th f
The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.
The following is a quotation of pre-AIA 35 U.S.C. 112, sixth paragraph:
An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.
The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art. The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the description in the specification when 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, is invoked.
As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph:
(A) the claim limitation uses the term “means” or “step” or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function;
(B) the term “means” or “step” or the generic placeholder is modified by functional language, typically, but not always linked by the transition word “for” (e.g., “means for”) or another linking word or phrase, such as “configured to” or “so that”; and
(C) the term “means” or “step” or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function.
Use of the word “means” (or “step”) in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites sufficient structure, material, or acts to entirely perform the recited function.
Absence of the word “means” (or “step”) in a claim creates a rebuttable presumption that the claim limitation is not to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is not interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites function without reciting sufficient structure, material or acts to entirely perform the recited function.
Claim limitations in this application that use the word “means” (or “step”) are being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. Conversely, claim limitations in this application that do not use the word “means” (or “step”) are not being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action.
This application includes one or more claim limitations that use the word “means” or “step” but are nonetheless not being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph because the claim limitation(s) recite(s) sufficient structure, materials, or acts to entirely perform the recited function.
Such claims and claim limitation(s) is/are:
As per claim 1. A system comprising:
a memory that stores a set of parameters associated with processing of data interactions; and
a processor communicatively coupled to the memory and configured “to:
detect a request from a first user to perform a data interaction;
detect that processing of the requested data interaction is initiated;
monitor the set of parameters associated with the processing of the requested data interaction;
determine, based on the monitoring, whether anomalous activity has occurred relating to processing of the data interaction, wherein the anomalous activity comprises at least one activity not known to normally occur when processing the data interaction;
in response to determining that no anomalous activity has occurred relating to processing the data interaction, obtain a response associated with the processing of the data interaction, wherein the response comprises software code to be executed by a user device to present at least a portion of the response on a display associated with the user device;
obfuscate at least a portion of the software code comprised in the response;
replace the portion of the software code with the obfuscated software code in the response; and
transmit to the user device, the response including the obfuscated software code.”
As per claim 2. The system of Claim 1, wherein the obfuscated code is configured “to be decoded and executed by the user device to present at least the portion of the response on the display associated with the user device.”
As per claim 4. The system of Claim 1, wherein the processor is further configured “to
detect that an anomalous activity has occurred relating to processing of the data
interaction in response to detecting one or more of:
one or more unusual request parameters received as part of the request;
the processing of the data interaction takes longer than expected;
unusual memory access patterns during the processing of the data interaction;
or multiple requests for the data interaction are received within a pre-configured
time period.”
As per claim 5. The system of Claim 1, wherein the processor is further configured “to
obfuscate the software code comprised in the response using one or more code
obfuscation methods comprising name obfuscation, control flow obfuscation, string
obfuscation, code splitting, code merging, dead code insertion, control flow flattening,
code substitution, function inlining, context-aware string obfuscation, polymorphic
code generation, or a combination thereof.”
As per claim 6. The system of Claim 1, wherein the processor is further configured “to:
in response to determining that an anomalous activity has occurred relating to
processing of the data interaction:
generate a first hash key value based on a first set of data values
received as part of the request, wherein the first set of data values are
associated with a plurality of parameters configured to define a digital identity of the first user;
compare the first hash key value to a verified second hash key value associated with the first user, wherein the verified second hash key value is generated based on a verified second set of data values associated with the plurality of parameters;
in response to detecting, based on the comparing, that the first hash key value does not match with the second hash key value:
determine that the digital identity of the first user is not authenticated;
stop processing of the requested data interaction; and
generate an alert indicating that the digital identity of the first user is not authenticated.”
Because this/these claim limitation(s) is/are not being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, it/they is/are not being interpreted to cover only the corresponding structure, material, or acts described in the specification as performing the claimed function, and equivalents thereof.
If applicant intends to have this/these limitation(s) interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, applicant may:
(1) amend the claim limitation(s) to remove the structure, materials, or acts that performs the claimed function; or
(2) present a sufficient showing that the claim limitation(s) does/do not recite sufficient structure, materials, or acts to perform the claimed function.
Appropriate action required.
Claim Rejections - 35 USC § 112
NO rejections warranted at applicant’s initial time of filing for patent.
Claim Rejections - 35 USC § 101
NO rejections warranted at applicant’s initial time of filing for patent.
Double Patenting
NO rejections warranted at applicant’s initial time of filing for patent.
Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.
Claim(s) 1, 2, 5, 8, 9, 12, 15, 16, 19 is/are rejected under 35 U.S.C. 102(a)(2) as being taught by Zhao et al. [US PGPUB # 2019/0327265].
As per claim 1. Zhao does teach a system [Zhao, Figure # 1, and paragraph: 0117, FIG. 1 illustrates an example of a computing environment 100 in which web page code is modified for the purpose of combatting MitB attacks.] comprising:
a memory that stores a set of parameters associated with processing of data interactions [Zhao, paragraph: 0019, A simplified block diagram of such a network appliance 120 is shown in FIG. 2. Appliance 120 contains one or more processors 200, including one or more single or multi-core processors configured to execute stored instructions. Appliance 120 also includes one or more memories 204. Memory 204 comprises non-transitory computer-readable storage media that could potentially include a wide variety of forms of volatile and non-volatile storage media. For instance, memory 204 could include electronic storage media, magnetic storage media, optical storage media, quantum storage media, mechanical storage media, etc. Memory 204 provides storage for computer readable instructions, data structures, program modules and other data for the operation of appliance 120.]; and
a processor communicatively coupled to the memory [Zhao, paragraph: 0119, A simplified block diagram of such a network appliance 120 is shown in FIG. 2. Appliance 120 contains one or more processors 200, including one or more single or multi-core processors configured to execute stored instructions. Appliance 120 also includes one or more memories 204] and configured to:
detect a request from a first user to perform a data interaction [Zhao, paragraph: 0027, Web Page code representing a web page requested by a client device is received (304). The web page code can represent a web page requested by a client device, such as the login page for the banking website discussed above. The web page code can be received at network appliance 120 of FIG. 1 from Server(s) 104 by way of load balancer 116, as discussed above.];
detect that processing of the requested data interaction is initiated [Zhao, paragraph: 0028, lines 1 – 3, The web page code is modified (308). The modification of web page code can include a variety of steps, which can occur in a varying order.];
monitor the set of parameters associated with the processing of the requested data interaction [Zhao, Figure # 3, and paragraph: 0046, lines 1 – 11, Returning to FIG. 3, in some implementations, monitoring code is added to the web page code (320). For example, Monitoring Code 420 of FIG. 4 can be injected into Modified Web Page Code 220 at Monitoring Module 424. Monitoring Code 420 can include JavaScript code that is configured to detect when malicious code is injected into Decoy Code 412. For example, Monitoring Code 420 can include JavaScript that can analyze elements of Decoy Code 412 to perform a code comparison to detect elements that are present in decoy code as it exists on a client device but not in original Decoy Code 412 that was added to Web Page Code 212 at 316 of FIG. 3];
determine, based on the monitoring, whether anomalous activity has occurred relating to processing of the data interaction, wherein the anomalous activity comprises at least one activity not known to normally occur when processing the data interaction [Zhao, paragraph: 0053, lines 1 – 7, According to some implementations, a notification is received that injected code was detected in the decoy code (332). For instance, such a notification can be received at Monitoring Module 424 of FIG. 4 from Monitoring Code 420. By way of example, injection of malicious code can be detected by Monitoring Code 420 operating on a client device at 328 of FIG. 3.];
in response to determining that no anomalous activity has occurred relating to processing the data interaction, obtain a response associated with the processing of the data interaction, wherein the response comprises software code to be executed by a user device to present at least a portion of the response on a display associated with the user device [Zhao, paragraph: 0038, lines 4 – 5, Unlike Obfuscated Target Code 408 which is rendered by a browser and presented to a user, Decoy Code 412 is not presented to a user. ];
obfuscate at least a portion of the software code comprised in the response [Zhao, Figure # 3, and paragraph: 0029, Returning to FIG. 3, a portion of the web page code is transformed (312). For example, as described above, a portion of the web page code that includes “target code” which might be vulnerable to MitB attacks can be obfuscated such that it is no longer detectible by the malware implementing the MitB attacks. For example, Target Code 400 can be transformed at Obfuscation Module 404 of FIG. 4 to produce Obfuscated Target Code 408.];
replace the portion of the software code with the obfuscated software code in the response [Zhao, Figure # 3, and paragraph: 0029, Returning to FIG. 3, a portion of the web page code is transformed (312). For example, as described above, a portion of the web page code that includes “target code” which might be vulnerable to MitB attacks can be obfuscated such that it is no longer detectible by the malware implementing the MitB attacks. For example, Target Code 400 can be transformed at Obfuscation Module 404 of FIG. 4 to produce Obfuscated Target Code 408. ]; and
transmit to the user device, the response including the obfuscated software code [Zhao, paragraph: 0038, lines 4 – 5, Unlike Obfuscated Target Code 408 which is rendered by a browser and presented to a user, Decoy Code 412 is not presented to a user.].
As per claim 2. Zhao does teach the system of Claim 1, wherein the obfuscated code is configured to be decoded and executed by the user device to present at least the portion of the response on the display associated with the user device [Zhao, paragraph: 0038, lines 4 – 5, Unlike Obfuscated Target Code 408 which is rendered by a browser and presented to a user….etc.].
As per claim 5. Zhao does teach the system of Claim 1, wherein the processor is further configured to obfuscate the software code comprised in the response using one or more code obfuscation methods comprising name obfuscation, control flow obfuscation, string obfuscation, code splitting, code merging, dead code insertion, control flow flattening, code substitution, function inlining, context-aware string obfuscation, polymorphic code generation [Zhao, paragraph: 0034, In one example of the obfuscation of Target Code 400, the field names of a form could be changed through a polymorphic transformation. Polymorphic transformation of web page code involves dynamically altering the ordinarily static source code associated with a web page. This makes the source code more difficult to exploit from the perspective of code-injecting malware while leaving web content viewable to the human user apparently unchanged. It should be noted that there are a number of ways to transform web page source code without changing the web page's appearance to a user], or a combination thereof.
As per method claim 8 that includes the same or similar claim limitations as system claim 1, and is similarly rejected.
As per method claim 9 that includes the same or similar claim limitations as system claim 2, and is similarly rejected.
As per method claim 12 that includes the same or similar claim limitations as system claim 5, and is similarly rejected.
As per non – transitory computer readable medium claim 15, that includes the same or similar claim limitations as system claim 1, and is similarly rejected.
As per non – transitory computer readable medium claim 16, that includes the same or similar claim limitations as system claim 2, and is similarly rejected.
As per non – transitory computer readable medium claim 19, that includes the same or similar claim limitations as system claim 5, and is similarly rejected.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or non-obviousness.
Claim(s) 3, 10, 17 is/are rejected under 35 U.S.C. 103 as being unpatentable over Zhao et al. [US PGPUB # 2019/0327265] in view of Ray et al. [US PGPUB # 2017/0310686].
As per claim 3. Zhao does teach what is taught in the rejection of claim 1 above.
Zhao does not clearly teach the system of Claim 1, wherein the set of parameters associated with the processing of the requested data interaction comprises one or more request parameters associated with the request, memory access patterns during the processing of the data interaction, delays incurred during the processing of the data interaction, network activity during the processing of the data interaction, or a combination thereof.
However, Ray does teach the system of Claim 1, wherein the set of parameters associated with the processing of the requested data interaction comprises one or more request parameters associated with the request, memory access patterns during the processing of the data interaction, delays incurred during the processing of the data interaction, network activity during the processing of the data interaction [Figure # 7, and paragraph: 0168, The threat monitor 720 may include any suitable threat monitoring, malware detection, antivirus program or the like suitable for monitoring and reporting on a security state of an endpoint or individual processes 704 executing thereon. This may include local threat monitoring using, e.g., behavioral analysis or static analysis. The threat monitor 720 may also or instead use reputation to evaluate the security state of processes 704 based on the processes 704 themselves, source files or executable code for the processes 704, or network activity initiated by the processes 704. For example, if a process 704 requests data from a remote URL that is known to have a bad reputation, this information may be used to infer a compromised security state of the endpoint.], or a combination thereof.
It would have been obvious to one of ordinary skilled in the art before the effective filing date of the claimed invention to combine the teachings of Zhao and Ray in order for the protection of the requested webpage by the client – user thru obfuscation of the vulnerable webpage programming code from malware attack of Zhao to include the vetting of the source or author of the webpage programming code of Ray. This would allow for a gateway or firewall to vet the webpage for malware before the webpage is sent to the requesting user. See paragraph: 0005 of Ray.
As per method claim 10 that includes the same or similar claim limitations as system claim 3, and is similarly rejected.
As per non – transitory computer readable medium claim 17, that includes the same or similar claim limitations as system claim 3, and is similarly rejected.
Claim(s) 4, 11, 18 is/are rejected under 35 U.S.C. 103 as being unpatentable over Zhao et al. [US PGPUB # 2019/0327265] in view of Hasan et al. [US PGPUB 2017/0214701]
As per claim 4. Zhao does teach what is taught in the rejection of claim 1 above.
Zhao does not clearly teach the system of Claim 1, wherein the processor is further configured to detect that an anomalous activity has occurred relating to processing of the data interaction in response to detecting one or more of:
one or more unusual request parameters received as part of the request;
the processing of the data interaction takes longer than expected;
unusual memory access patterns during the processing of the data interaction;
or multiple requests for the data interaction are received within a pre-configured time period.
However, Hasan does teach the system of Claim 1, wherein the processor is further configured to detect that an anomalous activity has occurred relating to processing of the data interaction in response to detecting one or more of:
one or more unusual request parameters received as part of the request [Figure # 62, 63 and paragraph: 0267, lines1 – 21, FIGS. 62 and 63 shows Data Recall Tracking 399 keeps track of all information uploaded from and downloaded to the Suspicious Entity 415. This is done to mitigate the security risk of sensitive information being potentially transferred to Malware. This security check also mitigates the logistical problems of a legitimate enterprise process receiving Mock Data 400. In the case that Mock Data had been sent to a (now known to be) legitimate enterprise entity, a “callback” is performed which calls back all of the Mock Data, and the Real Data (that was originally requested) is sent as a replacement. A callback trigger is implemented so that a legitimate enterprise entity will hold back on acting on certain information until there is a confirmation that the data is not fake. If real data had been transferred to the malware inside a virtual mixed environment, the entire environment container is securely destroyed with the Malware 385 inside. An alert is placed systemwide for any unusual activity concerning the data that was known to be in the malware's possession before it was destroyed. This concept is manifested at Systemwide Monitoring 405. If the entity that received partial real data turns out to be malware (upon analyzing behavior patterns), then the virtual environment (including the malware) is securely destroyed, & the enterprise-wide network is monitored for unusual activity of the tagged real data. This way any potential information leaks are contained];
the processing of the data interaction takes longer than expected;
unusual memory access patterns during the processing of the data interaction;
or multiple requests for the data interaction are received within a pre-configured time period.
It would have been obvious to one of ordinary skilled in the art before the effective filing date of the claimed invention to combine the teachings of Zhao as modified and Hasan in order for the protection of the requested webpage by the client – user thru obfuscation of the vulnerable webpage programming code from malware attack of Zhao as modified to include dynamic encrypting operations over the vulnerable webpage programming code of Hasan. This would prevent the malware from finding and using the webpage programming code is encrypted. See paragraph: 0265, lines 1 – 8 of Hasan.
As per method claim 11 that includes the same or similar claim limitations as system claim 4, and is similarly rejected.
As per non – transitory computer readable medium claim 18, that includes the same or similar claim limitations as system claim 4, and is similarly rejected.
Claim(s) 6, 13, 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Zhao et al. [US PGPUB # 2019/0327265] in view of Sanders et al. [US PAT # 9165142]
As per claim 6. Zhao does teach what is taught in the rejection of claim # 1 above.
Zhao does not clearly teach the system of Claim 1, wherein the processor is further configured to: in response to determining that an anomalous activity has occurred relating to processing of the data interaction:
generate a first hash key value based on a first set of data values received as part of the request, wherein the first set of data values are associated with a plurality of parameters configured to define a digital identity of the first user;
compare the first hash key value to a verified second hash key value associated with the first user, wherein the verified second hash key value is generated based on a verified second set of data values associated with the plurality of parameters;
in response to detecting, based on the comparing, that the first hash key value does not match with the second hash key value:
determine that the digital identity of the first user is not authenticated;
stop processing of the requested data interaction; and
generate an alert indicating that the digital identity of the first user is not authenticated.
However, Sanders does teach the system of Claim 1, wherein the processor is further configured to:
in response to determining that an anomalous activity has occurred relating to processing of the data interaction [Figure # 6, steps # 606, 610, and col. 11, lines 23 – 29, Whether the potential malware sample is a known sample (e.g., has been previously analyzed and results of that prior analysis have been cached or stored by the security cloud service) is determined at 606. ]:
generate a first hash key value based on a first set of data values received as part of the request, wherein the first set of data values are associated with a plurality of parameters configured to define a digital identity of the first user [col. 11, lines 23 – 29, Whether the potential malware sample is a known sample (e.g., has been previously analyzed and results of that prior analysis have been cached or stored by the security cloud service) is determined at 606. For example, files can be matched by various comparison techniques (e.g., using hashes, such as an MD5 based hash or other hashing or file comparison techniques).];
compare the first hash key value to a verified second hash key value associated with the first user, wherein the verified second hash key value is generated based on a verified second set of data values associated with the plurality of parameters [col. 11, lines 23 – 29, Whether the potential malware sample is a known sample (e.g., has been previously analyzed and results of that prior analysis have been cached or stored by the security cloud service) is determined at 606. For example, files can be matched by various comparison techniques (e.g., using hashes, such as an MD5 based hash or other hashing or file comparison techniques).];
in response to detecting, based on the comparing, that the first hash key value does not match with the second hash key value [col. 11, lines 23 – 29, Whether the potential malware sample is a known sample (e.g., has been previously analyzed and results of that prior analysis have been cached or stored by the security cloud service) is determined at 606.]:
determine that the digital identity of the first user is not authenticated [col. 3, lines 24 – 26, However, such non-signature based approaches can fail to identify malware and/or can improperly identify legitimate software as malware (e.g., also referred to as false positives).];
stop processing of the requested data interaction [col. 11, lines 46 – 48, In some embodiments, the results for the potential malware sample are cached or stored by the security cloud service (e.g., to avoid having to repeat the analysis of a later submission of an identical malware sample from another security device and to maintain a collection of malware samples identified as associated with/members of particular malware families).]; and
generate an alert indicating that the digital identity of the first user is not authenticated [Figure # 6, step # 618, and col. 11, lines 42 – 46, At 618, an alert and/or notification (e.g., to a security vendor, IT/security admin, user, and/or other person or entity associated with the submitted potential malware sample) is generated if a profile signature match was determined.].
It would have been obvious to one of ordinary skilled in the art before the effective filing date of the claimed invention to combine the teachings of Zhao as modified and Sanders in order for the protection of the requested webpage from malware attack requested by the client - user of Zhao as modified to include virtual machine environment of Sanders. This would allow for the user to trick the malware in attacking a copy of the webpage in an environment that doesn’t affect the user actual client machine. See col. 4, lines 17 – 31 of Sanders.
As per method claim 13 that includes the same or similar claim limitations as system claim 6, and is similarly rejected.
As per non – transitory computer readable medium claim 20, that includes the same or similar claim limitations as system claim 6, and is similarly rejected.
Claim(s) 7, 14 is/are rejected under 35 U.S.C. 103 as being unpatentable over Zhao et al. [US PGPUB # 2019/0327265] in view of Glassco et al. [US PGPUB # 2022/0278967]
As per claim 7. Zhao and Sanders do teach what is taught in the rejection of claim 6 above.
Zhao and Sanders do not clearly teach the system of Claim 6, wherein the verified second hash key value is associated with a Non-Fungible Token (NFT) that uniquely identifies the digital identity of the first user.
However, Glassco does teach the system of Claim 6, wherein the verified second hash key value is associated with a Non-Fungible Token (NFT) that uniquely identifies the digital identity of the first user [paragraph: 0057, In a sixth group of embodiments, a computer or a local computer provides one or more verified personas for a distributed token (such as an NFT) of a first user. For example, the first user's identity may be known to the provider of the SVPN, such as via their account(s) with the provider of the SVPN. However, the first user may be able to define the one or more verified personas that are associated with their account(s) with the provider of the SVPN. The one or more verified personas may obfuscate the known identity of the first user when conducting one or more discrete secure transactions (such as a blockchain transaction and, more generally, a transaction associated with a cryptocurrency or the NFT) using or associated with the distributed token. Notably, the first user may associate or link the one or more verified personas with the distributed token of the first user. This may allow the first user the benefits and privacy of selectively making themselves anonymous (and controlling what information about themselves is made public), while offering the protection of being able to identify the first user when needed (such as to prevent fraudulent, unwanted, criminal or dangerous activity during the one or more discrete secure transactions.].
It would have been obvious to one of ordinary skilled in the art before the effective filing date of the claimed invention to combine the teachings of Zhao as modified and Glassco in order for the protection of the requested webpage by the client – user thru obfuscation of the vulnerable webpage programming code from malware attack of Zhao as modified to include dynamic encrypting operations over the vulnerable webpage programming code of Glassco. This would prevent the malware from finding and using the encrypting keys to gain access to the webpage programming code based on the webpage programming code is encrypted with different encryption keys. See paragraphs: 0009, 0010 of Glassco.
As per method claim 14 that includes the same or similar claim limitations as system claim 7, and is similarly rejected.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Atallah et al. [US PGPUB # 2006/0031686], who does teach protecting host application code comprising a plurality of code blocks. The method includes steps of preprocessing the host application code; obfuscating the host application code; installing guards in the host application code to protect client blocks; randomly rearranging the code blocks of the host application code; linking the rearranged host application code with other resources to produce a binary executable image; and patching the binary executable image with data values to be used by the guard. The method can be used to install a plurality of guards to form a distributed network of guards that cooperatively protect the host application code and the other guards in the network.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DANT SHAIFER - HARRIMAN whose telephone number is (571)272-7910. The examiner can normally be reached M - F: 9am to 5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kambiz Zand can be reached at 571- 272- 3811. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/DANT B SHAIFER HARRIMAN/Primary Examiner, Art Unit 2434