DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
1.This action is responsive to the communication filed on August 29, 2024. At this time, claims 1-66 have been cancelled. Claims 67-86 are pending and addressed below.
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
Claim Objections
Claims 68-79 are objected to because of the following informalities: As to claims 68-79, the claims recite “ The method of…” Examiner suggests “ The computer-implemented method” to be consistent with the preamble of claim 67. Appropriate correction is required.
Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the "right to exclude" granted by a patent and to prevent possible harassment by multiple assignees.
A nonstatutory obviousness-type double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998}; in re Goodman. 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); in re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1885): In re Van Qmum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982): In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970): and in re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer In compliance with 37 CFR 1,321 (c) or 1,321 (d) may be used to overcome an actual or provisional rejection based on a nonstatutory double patenting ground provided the conflicting application or patent either is shown to be commonly owned with this application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement.
Effective January 1, 1984, a registered attorney or agent of record may sign a terminal disclaimer. A terminal disclaimer signed by the assignee must fully comply with 37 CFR 3.73(b).
Claims 67, 80 and 84 are rejected on the ground of nonstatutory obviousness-type double patenting as being unpatentable over claims 1, 10 and 15 of US Patent number 12164634. The conflicting claims are not identical, they are not patentably distinct from each other because the current application contains claims that are broader in scope than the claims of the patent number 12164634 and are anticipated by the claims 1, 10 and 15.
This is a non- provisional double patenting rejection since the conflicting claims have in fact been patented.
Claims Comparison Table
Current Application 18/819,135
Patent Application Number 12164634
84. A computing apparatus, comprising: a hardware platform comprising a processor circuit and a memory and instructions encoded within the memory to instruct the processor circuit to: register a security scanner application with a share function of an operating system, wherein the share function provides a graphical menu to share or send items; upon determining that a user has used the share function on a software object and selected the security scanner application as a target of the share function, scan the software object to determine a security reputation of the software object; and notify the user of the security reputation.
1. A computing apparatus, comprising: a hardware platform comprising a processor and a memory; an operating system (OS) comprising a graphical user interface (GUI) with a user-initiatable share function, and an interface to register a share target for the share function; and instructions encoded within the memory to provide a security agent, the instructions to instruct the processor to: receive from the OS a notification that an object has been shared to the security agent via the share function; responsive to the notification, initiate a security scan or reputation action for the shared object; receive a security or reputation response from the security scan or reputation action; and based at least in part on the security scan or reputation response, display a security or reputation notification via the GUI.
80. One or more tangible, nontransitory computer-readable storage media having stored thereon executable instructions to: register a security scanner application with a share function of an operating system, wherein the share function provides a graphical menu to share or send items; upon determining that a user has used the share function on a software object and selected the security scanner application as a target of the share function, scan the software object to determine a security reputation of the software object; and notify the user of the security reputation.
21. One or more tangible, nontransitory computer-readable storage media having stored thereon executable instructions to: hook into a function of an operating system (OS) as a target of the function, wherein the target provides a shared object-to-target infrastructure; receive a notification that an object has been shared via the function; responsive to the notification, initiate a security or reputation transaction for the shared object; receive a security or reputation result from the security or reputation transaction; and display the security or reputation result to an end user via a graphical user interface (GUI) of the OS.
67. A computer-implemented method, comprising: registering a security scanner application with a share function of an operating system, wherein the share function provides a graphical menu to share or send items; upon determining that a user has used the share function on a software object and selected the security scanner application as a target of the share function, scanning the software object to determine a security reputation of the software object; and notifying the user of the security reputation.
39. A computer-implemented method, comprising: registering a security agent program as a user-selectable share target for a built-in share function of an operating system (OS); receive from the OS a notification that an object was shared to the security agent program via the built-in share function; responsive to the notification, requesting a reputation for the object; receiving a reputation for the object; and based at least in part on the reputation, notifying an end user of the reputation and/or taking a remedial action.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 67- 68, 80, 82, 83-85 are rejected under 35 U.S.C 103 as being unpatentable over Kiehtreiber, US 20150347749 A1 in view of Nachenberg, US 8225406 B1 (IDS Submitted, 09/11/2024).
67. Kiehtreiber discloses a computer-implemented method, (See Kiehtreiber, abstract; according to one embodiment, in response to an inquiry received from a first application for an extension service associated with a first of a plurality of extension points of an operating system, a list of one or more extensions is identified that have been registered for the first extension point with the operating system, where the first application is executed within a first sandboxed environment. ) comprising: registering a security scanner application with a share function of an operating system, wherein the share function provides a graphical menu to share or send items; (See Kiehtreiber, [0084-0087] FIG. 6A is a block diagram illustrating a system for registering an extension according to one embodiment of the invention. System 600 may be implemented as part of an operating system as described above. Referring to FIG. 6A, an extension framework, such as the one as shown in FIG. 3A, maintains extension registry 350 having described therein a list of extensions that has been installed and registered in the operating system. In one embodiment, extension registry 350 includes multiple entries, each corresponding one of the installed or registered extensions. Each extension entry includes, but is not limited to, extension ID 610, extension provider ID 602, and extension key 603. Extension ID 610 may uniquely identify a type or class of extension services that is defined and agreed upon between an operating system provider and extension providers, such as a UTI. Extension provider ID 611 may uniquely identify an extension provider that provides an extension service, which may be authorized or certified by a predetermined authority… Extension key 612 may represent a particular version or instance of an extension currently installed or registered with the system. it is assumed extensions 621-622 are provided by the same extension provider, where extension 621 is an earlier version while extension 622 is a newer version. When extension 621 was installed by installation module 320, a corresponding entry 650 was created, where field 610 stores an extension class ID (e.g., UTI) associated with the type of extension services that extension 621 provides, in this example, content sharing services.) upon determining that a user has used the share function on a software object and selected the security scanner application as a target of the share function, [[scanning the software object to determine a security reputation of the software object]]; (See Kiehtreiber, [0087-0088]; As a result, in response to a subsequent request for invoking the extension associated with entry 650, newer version of extension 622 will be identified and launched… processing logic receives a request from a first application inquiring a particular extension service (e.g., identified by a particular UTI) associated with a particular extension point extended by one or more other applications. In response to the request, at block 652, processing logic identifies a list of one or more extensions installed and capable of providing the requested service via that particular extension point, including identifying the latest versions of the extensions.)
Kiehtreiber does not appear to explicitly disclose scanning the software object to determine a security reputation of the software object; and notifying the user of the security reputation.
However, Nachenberg discloses scanning the software object to determine a security reputation of the software object; (See Nachenberg, col 14, lines 32-47; one or more steps of an exemplary method for using reputation data to detect shared-object-based security threats. Such a method may comprise: 1) identifying a process, 2) identifying an executable file associated with the process, 3) identifying at least one shared object loaded by the process, 4) obtaining reputation data for both the executable file and the shared object from a reputation service, 5) determining that the shared object represents a potential security risk by a) comparing the reputation data for the executable file with the reputation data for the shared object and b) determining that the reputation data for the shared object is significantly different from the reputation data for the executable file, and then 6) performing a security operation on the shared object.) and notifying the user of the security reputation. (See Nachenberg, col 1, lines 48-55; then the client-side system may determine that this shared object represents a potential security risk. In this example, the client-side system may perform a security operation on the identified shared object by, for example, quarantining or removing the shared object, preventing the shared object from loading, flagging the shared object for further evaluation, and/or removing references to the shared object (e.g., load points for the shared object stored in a computing device's registry) from the computing device. See also Fig 6; Display device 624 generally represents any type or form of device capable of visually displaying information forwarded by display adapter 626. Similarly, display adapter 626 generally represents any type or form of device configured to forward graphics, text, and other data from communication infrastructure 612 (or from a frame buffer, as known in the art) for display-on-display device 624.)
Kiehtreiber and Nachenberg are analogous art because they are from the same field of endeavor which is Operating system share function. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claim invention to modify the invention of Kiehtreiber with the teaching of Nachenberg to include the reputation service because it would have allowed to detect shared-object-based security threats. (See Nachenberg, col 1, lines 35-37)
68.The combination of Kiehtreiber and Nachenberg discloses the method of claim 67, wherein the security reputation includes a reputation for maliciousness. (See Nachenberg, col 4, lines 15-17; using reputation data to detect shared objects that represent potential security threats) Kiehtreiber and Nachenberg are analogous art because they are from the same field of endeavor which is Operating system share function. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claim invention to modify the invention of Kiehtreiber with the teaching of Nachenberg to include the reputation service because it would have allowed to detect shared-object-based security threats. (See Nachenberg, col 1, lines 35-37)
80. As to claim 80, the claim is rejected under the same rationale as claim 67. See the rejection of claim 67 above.
82. The combination of Kiehtreiber and Nachenberg discloses the one or more tangible, nontransitory computer-readable storage media of claim 80, wherein the software object comprises a browser extension. (See Kiehtreiber, [0005])
83. The combination of Kiehtreiber and Nachenberg discloses the one or more tangible, nontransitory computer-readable storage media of claim 80, wherein the software object comprises a downloaded file. (See Kiehtreiber, [0089])
84. As to claim 84, the claim is rejected under the same rationale as claim 67. See the rejection of claim 67 above. a hardware platform comprising a processor circuit and a memory and instructions encoded within the memory to instruct the processor circuit to (See Kiehtreiber, [0004]; desktop computers, notebook and handheld computers, and other similar devices utilizing a microprocessor, microcontroller, or a digital signal processor, to execute coded instructions)
85. As to claim 85, the claim is rejected under the same rationale as claim 68. See the rejection of claim 68 above.
Claims 69-74, 76, 86 are rejected under 35 U.S.C 103 as being unpatentable over Kiehtreiber, US 20150347749 A1 in view of Nachenberg, US 8225406 B1 (IDS Submitted, 09/11/2024)in further view of Dixon, US 20060253584 A1.
69. The combination of Kiehtreiber and Nachenberg does not appear to explicitly disclose the method of claim 67, wherein the security reputation includes a reputation for data security. However, Dixon discloses wherein the security reputation includes a reputation for data security. (See Dixon, [0007-0008])
Kiehtreiber, Nachenberg and Dixon are analogous art because they are from the same field of endeavor which is Operating system share function. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claim invention to modify the invention of Kiehtreiber and Nachenberg with the teaching of Dixon to include the reputation service because it would have allowed real-time, reputation-based Web services. (See Dixon, [0004])
70. The combination of Kiehtreiber and Nachenberg does not appear to explicitly disclose the method of claim 67, wherein the security reputation includes a reputation for data privacy. However, Dixon discloses wherein the security reputation includes a reputation for data privacy. (See Dixon, [ 0329]; data privacy) Kiehtreiber, Nachenberg and Dixon are analogous art because they are from the same field of endeavor which is Operating system share function. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claim invention to modify the invention of Kiehtreiber and Nachenberg with the teaching of Dixon to include the reputation service because it would have allowed real-time, reputation-based Web services. (See Dixon, [0004])
71. The combination of Kiehtreiber and Nachenberg does not appear to explicitly disclose the method of claim 67, wherein the security reputation includes a reputation for phishing. However, Dixon discloses wherein the security reputation includes a reputation for phishing. (See Dixon, [0007]; reputation for phishing) Kiehtreiber, Nachenberg and Dixon are analogous art because they are from the same field of endeavor which is Intrusion detection. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claim invention to modify the invention of Kiehtreiber and Nachenberg with the teaching of Dixon to include the reputation service because it would have allowed real-time, reputation-based Web services. (See Dixon, [0004])
72. The combination of Kiehtreiber and Nachenberg does not appear to explicitly disclose the method of claim 67, wherein the security reputation includes a reputation for adware. However, Dixon discloses wherein the security reputation includes a reputation for adware. (See Dixon, [0007]; reputation for adware) Kiehtreiber, Nachenberg and Dixon are analogous art because they are from the same field of endeavor which is Intrusion detection. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claim invention to modify the invention of Kiehtreiber and Nachenberg with the teaching of Dixon to include the reputation service because it would have allowed real-time, reputation-based Web services. (See Dixon, [0004])
73. The combination of Kiehtreiber and Nachenberg does not appear to explicitly disclose the method of claim 67, wherein the security reputation includes a reputation for utility. However, Dixon discloses wherein the security reputation includes a reputation for utility. (See Dixon, [0283] ) Kiehtreiber, Nachenberg and Dixon are analogous art because they are from the same field of endeavor which is Intrusion detection. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claim invention to modify the invention of Kiehtreiber and Nachenberg with the teaching of Dixon to include the reputation service because it would have allowed real-time, reputation-based Web services. (See Dixon, [0004])
74. The combination of Kiehtreiber and Nachenberg does not appear to explicitly disclose the method of claim 67, wherein the security reputation includes a reputation for spyware.
However, Dixon discloses wherein the security reputation includes a reputation for spyware. (See Dixon, [0007]) ) Kiehtreiber, Nachenberg and Bui are analogous art because they are from the same field of endeavor which is Intrusion detection. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claim invention to modify the invention of Kiehtreiber and Nachenberg with the teaching of Dixon to include the reputation service because it would have allowed real-time, reputation-based Web services. (See Dixon, [0004])
76. The combination of Kiehtreiber and Nachenberg does not appear to explicitly disclose the method of claim 67, wherein scanning the software object comprises performing a local scan. However, Dixon discloses wherein scanning the software object comprises performing a local scan. (See Dixon, [0032])
Kiehtreiber, Nachenberg and Dixon are analogous art because they are from the same field of endeavor which is Intrusion detection. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claim invention to modify the invention of Kiehtreiber and Nachenberg with the teaching of Dixon to include the reputation service because it would have allowed real-time, reputation-based Web services. (See Dixon, [0004])
86. As to claim 86, the claim is rejected under the same rationale as claim 69. See the rejection of claim 69 above.
Claim 75 is rejected under 35 U.S.C 103 as being unpatentable over Kiehtreiber, US 20150347749 A1 in view of Nachenberg, US 8225406 B1 (IDS Submitted, 09/11/2024) in further view of VESCIO, US pat. No 20180069882 A1.
75. The combination of Kiehtreiber and Nachenberg does not appear to explicitly disclose the method of claim 67, wherein the security reputation includes a reputation for ransomware. However, VESCIO discloses wherein the security reputation includes a reputation for ransomware. (See VESCIO, [0069-0070] )
Kiehtreiber, Nachenberg and VESCIO are analogous art because they are from the same field of endeavor which is Intrusion detection. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claim invention to modify the invention of Kiehtreiber and Nachenberg with the teaching of VESCIO to include the reputation service because it would have allowed for risk measurement and modeling may be understood. According to an exemplary embodiment, such a method and system may be used to improve the performance of one or more systems, such as information networks, belonging to a business or other organization, by improving the efficiency of resource allocation to address various threats to the one or more systems and improving the quality of information used to manage threats. (See VESCIO, [0008])
Claims 77 is rejected under 35 U.S.C 103 as being unpatentable over Kiehtreiber, US 20150347749 A1 in view of Nachenberg, US 8225406 B1 (IDS Submitted, 09/11/2024) in further view of Shavell, US 10404733 B1.
77. The combination of Kiehtreiber and Nachenberg does not appear to explicitly disclose the method of claim 67, wherein scanning the software object comprises causing a cloud-based scan to be performed. However, Shavell discloses wherein scanning the software object comprises causing a cloud-based scan to be performed. (See Shavell, col 8, lines 55-67) Kiehtreiber, Nachenberg and Shavell are analogous art because they are from the same field of endeavor which is Intrusion detection. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claim invention to modify the invention of Kiehtreiber and Nachenberg with the teaching of Shavell to include the scanning service because it would have allowed for performing security remediation on a computing system in response to updates from a reputation service. (See Shavell, col 1, lines 7-10)
Claims 78-79 are rejected under 35 U.S.C 103 as being unpatentable over Kiehtreiber, US 20150347749 A1 in view of Nachenberg, US 8225406 B1 (IDS Submitted, 09/11/2024) in further view of Shavell, US 10404733 B1 in further view of Rasanen, US pat.No 20180139216 A1.
78. The combination of Kiehtreiber, Nachenberg and Shavell does not appear to explicitly disclose the method of claim 77, wherein causing the cloud-based scan to be performed comprises sending a copy of the software object to a cloud scanning service. However, Rasanen discloses wherein causing the cloud-based scan to be performed comprises sending a copy of the software object to a cloud scanning service. (See Rasanen, [0048], [0065]; copy of file that has been scanned)
Kiehtreiber, Nachenberg, Shavell and Rasanen are analogous art because they are from the same field of endeavor which is Intrusion detection. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claim invention to modify the invention of Kiehtreiber and Nachenberg and Shavell with the teaching of Rasanen to include the scanning service because it would have allowed supplemental scan to be performed for protection of system.
79. The combination of Kiehtreiber, Nachenberg, Shavell and Rasanen discloses the method of claim 77, wherein causing the cloud-based scan to be performed comprises sending metadata about the software object to a cloud scanning service. (See Rasanen, [0016]-0024], [0059]; metadata of the file)
Kiehtreiber, Nachenberg, Shavell and Rasanen are analogous art because they are from the same field of endeavor which is Intrusion detection. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claim invention to modify the invention of Kiehtreiber and Nachenberg and Shavell with the teaching of Rasanen to include the scanning service because it would have allowed supplemental scan to be performed for protection of system.
Claim 81 is rejected under 35 U.S.C 103 as being unpatentable over Kiehtreiber, US 20150347749 A1 in view of Nachenberg, US 8225406 B1 (IDS Submitted, 09/11/2024) in further view of Walker, US pat. No 20200104145 A1.
81. The combination Kiehtreiber and Nachenberg does not appear to explicitly disclose the one or more tangible, nontransitory computer-readable storage media of claim 80, wherein the software object comprises an application from an app store. However, Walker discloses wherein the software object comprises an application from an app store. (See Walker, [0042] )
Kiehtreiber, Nachenberg and Walker are analogous art because they are from the same field of endeavor which is Intrusion detection. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claim invention to modify the invention of Kiehtreiber and Nachenberg with the teaching of WALKER to include the app store because it would have allowed supplement app service to a user.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Rusakov, US 9122872 B1, title “System And Method For Treatment Of Malware Using Antivirus Driver. “
Hansen, US 20210152595 A1, title “ METHODS AND SYSTEMS FOR RANSOMWARE DETECTION, ISOLATION AND REMEDIATION.“
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JOSNEL JEUDY whose telephone number is (571)270-7476. The examiner can normally be reached M-F 10:00-8:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Arani T Taghi can be reached at (571)272-3787. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
Date: 2/2/2026
/JOSNEL JEUDY/Primary Examiner, Art Unit 2438