Detailed Action
1. This Office Action is responsive to the Amendment filed 02/18/2026. Claims 1-20 are presented for examination. The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Information Disclosure Statement
2. The information disclosure statements (IDSes) submitted on 02/20/2026 are in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statements are being considered by the examiner.
Terminal Disclaimer
3. The terminal disclaimer filed on 02/18/2026 disclaiming the terminal portion of any patent granted on this application which would extend beyond the expiration date of the full statutory term of prior patent numbers 10404808 and 12107926 has been reviewed and is accepted. The terminal disclaimer has been recorded.
Claim Rejections - 35 USC § 102
4. In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.
5. Claims 1, 4-11 and 14-20 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Soman et al. (US 2018/0159896 A1), hereinafter “Soman”.
6. As to claim 1, Soman teaches a method by a remote browsing administrator device comprising at least one processor, the method comprising:
receiving, from a client device, a request for a remote browsing session the request received from a first browser running on a client device ([0021]: secure browsing device 120 receives (201) a request for an internet browser from end user device 110);
retrieving user profile information associated with the first browser ([0034]: Based on the browsing URIs and IP addresses, browser request module 115 may determine that a secure browser is required to accommodate a request for the end user, wherein the browsing URIs and IP addresses of the blacklists or whitelists (i.e., bookmarks) correspond to user profile information);
based on the request, allocating a remote browsing server, the remote browsing server comprising a remote browsing connector and a second browser ([0023] and [0025]: After allocating the virtual machine to end user device 110, secure browsing 120 further provides (203) a remote connection to the internet browser to end user device 110 to permit the end user device to receive the visual representation of the browser executing in the virtual machine as well as provide user input to the browser to the virtual machine); and
causing the first browser to connect to the second browser via the remote browsing connector such that a video stream of renderings of the second browser are displayed on the first browser and user input from the first browser is transmitted to the second browser, wherein the video stream of renderings displayed on the first browser and the user input transmitted to the second browser are based on permissions associated with the user profile information ([0027]: When the end user device is accessing the browser on the virtual machine using a remote desktop protocol, the graphical user interface (GUI) of the desktop is generated on the server hosting the virtual machine and the GUI image data is then encoded and transmitted over the network to the client device, where it is decoded and displayed to the user … Any user input information, such as keyboard and mouse events detected over the secure browser window on the end user device, are transmitted from the device to the virtual machine over the network connection).
7. As to claim 4, Soman teaches the method of claim 1, wherein based on the permissions, a first webpage or type of content is opened by the first browser ([0034]: trusted URIs processed locally via the local browser), and a second webpage or different type of content is opened by the second browser ([0034]: untrusted URIs processed externally via a browser executing on a virtual machine), and a video stream of renderings of the second webpage is displayed on the first browser ([0027]: When the end user device is accessing the browser on the virtual machine using a remote desktop protocol, the graphical user interface (GUI) of the desktop is generated on the server hosting the virtual machine and the GUI image data is then encoded and transmitted over the network to the client device, where it is decoded and displayed to the user).
8. As to claim 5, Soman teaches the method of claim 4, wherein the second webpage or the different type of content is from a trusted domain, internet protocol address, or range of internet protocol addresses ([0034]: Based on the browsing IP addresses, browser request module 115 may determine that a secure browser is required to accommodate a request for the end user).
9. As to claims 6-7. Soman teaches the method of claim 1, wherein the allocating the remote browsing server comprises: instantiating the remote browsing server, wherein the remote browsing server is a virtual machine ([0057]: Once requested, the secure browsing service may allocate a virtual machine for the secure browsing event, and provide a remote connection to the browser in the allocated virtual machine).
10. As to claim 8, Soman teaches the method of claim 1, wherein the remote browsing server is instantiated after receiving the request ([0057]: Once requested, the secure browsing service may allocate a virtual machine for the secure browsing event, and provide a remote connection to the browser in the allocated virtual machine).
11. As to claim 9, Simon teaches the method of claim 1, wherein the remote browsing server is instantiated prior to receiving the request ([0065]: In other instances, the virtual machine that’s allocated to the end user device may comprise an idle virtual machine that is not providing browsing operations for any other user).
12. As to claim 10, Simon teaches the method of claim 1, wherein the allocating comprises selecting the remote browsing server from a plurality of remote browsing servers (Fig. 9 and [0065]: identify a virtual machine in virtual machines 911 to support the request, and assign the virtual machine for use by the requesting end user device).
13. As to claims 11 and 14-20, claims 11 and 14-20 are corresponding administrator device claims that recite similar limitations as of method claims 1 and 4-10; therefore, they are rejected under the same rationale.
Claim Rejections - 35 USC § 103
14. In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
15. Claims 2-3 and 12-13 are rejected under 35 U.S.C. 103 as being unpatentable over Soman, in view of Hill et al. (US 9,208,316 B1), hereinafter “Hill”.
16. As to claim 2, Soman teaches the method of claim 1, but does not explicitly disclose “based on the permissions, one or more types of user input are disabled”.
In an analogous art, Hill discloses “based on the permissions, one or more types of user input are disabled” (Fig. 7E and col. 17, lines 1-7: when the phishing web site may be known and present in the blacklist 186, the input controls provided for entry of the user’s credit card number and expiration data has been disabled).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Soman and Hill to achieve the claimed invention to allow the system to detect and disable potentially harmful items that are embedded within or referenced by retrievable network resources such as web pages and other types of documents (Hill, col. 2, lines 29-32).
17. As to claim 3, Soman-Hill teaches the method of claim 1, wherein based on the permissions, one or more webpages or types of content are not accessible (Hill, Fig 7E and col. 17, lines 1-58: the input controls for entry of the user’s credit card number and expiration data have been disabled and replaced with clickable images to navigate to a web page which contains information about the potential phishing attack).
18. As to claims 12-13, claims 12-13 are corresponding administrator device claims that recite similar limitations as of method claims 2-3; therefore, they are rejected under the same rationale.
19. A shortened statutory period for reply to this action is set to expire THREE (3) months from the mailing date of this communication. See 37 CFR 1.134.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to QUANG N NGUYEN whose telephone number is (571) 272-3886.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, KAMAL B. DIVECHA, can be reached at (571) 272-5863. The fax phone number for the organization is (571) 273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/QUANG N NGUYEN/
Primary Examiner, Art Unit 2441
Prosecution Insights