Prosecution Insights
Last updated: July 17, 2026
Application No. 19/111,690

APPLICATION LAYER SECURITY POLICY IMPLEMENTATION

Non-Final OA §103§112
Filed
Mar 13, 2025
Priority
Sep 14, 2022 — provisional 63/375,581 +1 more
Examiner
CARNES, THOMAS A
Art Unit
2436
Tech Center
2400 — Computer Networks
Assignee
Secure Industries Midco Inc.
OA Round
1 (Non-Final)
69%
Grant Probability
Favorable
1-2
OA Rounds
1y 11m
Est. Remaining
99%
With Interview

Examiner Intelligence

Grants 69% — above average
69%
Career Allowance Rate
53 granted / 77 resolved
+10.8% vs TC avg
Strong +68% interview lift
Without
With
+68.1%
Interview Lift
resolved cases with interview
Typical timeline
3y 3m
Avg Prosecution
25 currently pending
Career history
104
Total Applications
across all art units

Statute-Specific Performance

§101
0.4%
-39.6% vs TC avg
§103
94.2%
+54.2% vs TC avg
§102
3.5%
-36.5% vs TC avg
§112
1.2%
-38.8% vs TC avg
Black line = Tech Center average estimate • Based on career data from 77 resolved cases

Office Action

§103 §112
DETAILED ACTION This Office Action is in response to the communication filed on 03/13/2025. Claims 1-20 are pending. Claims 1-20 are rejected. Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Claim Interpretation Claim 5, OnBeforeRequest function is being interpreted as loading content so that the process to load remote content can be interrupted and client device can be made to fetch the data. Claim 6, externally_connectable function is being interpreted as inbound traffic filtering. Claim Objections Claim 11 is objected to because of the following informalities: Claim 11 recites “nontransitive” which appear to be a typographical error and should read “non-transitory”. The same typographical error occurs in the specification at paragraph 0078. Appropriate correction is required. Specification The disclosure is objected to because of the following informalities: paragraph 0078 recites “nontransitive” which appear to be a typographical error and should read “non-transitory”. Appropriate correction is required. Claim Rejections - 35 USC § 112 The following is a quotation of 35 U.S.C. 112(b): (b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention. The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph: The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention. Claim 1, 3, 11, 13, 16, and 18 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention. The term “relevant function” in claim 3, 13 and 18 is a relative term which renders the claims indefinite. The term “relevant function” is not defined by the claim, the specification does not provide a standard for ascertaining the requisite degree, and one of ordinary skill in the art would not be reasonably apprised of the scope of the invention. The claims do not define and the specifications do not provide a definition as to what function(s) are “relevant” or what they are “relevant” to. Examiner is interpreting “relevant function” to include any function associated with the network request which is associated with any URI. Claims 1, 11 and 16 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being incomplete for omitting essential structural cooperative relationships of elements, such omission amounting to a gap between the necessary structural connections. See MPEP § 2172.01. The omitted structural cooperative relationships are: Claims 1, 11 and 16 recite: analyzing… “according to”… data. It is not clear how analyzing is happening “according to” the data. For example, does the data identify what is analyzed or how the analyzing is performed? Claims 1, 11 and 16 recite: applying… “based on”… data. It is not clear how applying is happening “based on” the data. For example, does the data identify what is applied or how the applying is performed? Claims 1, 11 and 16 recite: displaying… “according to”…security policies. It is not clear how displaying is happening “according to” the security policies. For example, do the security policies identify what is displayed/rendered or how the displaying/rendering is performed? Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows: 1. Determining the scope and contents of the prior art. 2. Ascertaining the differences between the prior art and the claims at issue. 3. Resolving the level of ordinary skill in the pertinent art. 4. Considering objective evidence present in the application indicating obviousness or nonobviousness. Claims 1-8, 11-14 and 16-19 are rejected under 35 U.S.C. 103 as being unpatentable over Luo (U.S. 20200342103), in view of Call (U.S. 20140283069). Regarding claim 1, Luo discloses: A method, comprising: (Luo [0010, Claim 5] teaches method/process) receiving, by processing circuitry via an application layer in a browser, a set of uniform resource indicators (URIs), each URI of the set of URIs indicating an address of a website to which a user has requested access; (Luo [0024, 0031-0042, 0056-0065] teaches receiving, from a browser (application layer) a set of URLs (URIs) which contain addresses) sending the set of URIs to a cloud controller external to the processing circuitry, the cloud controller being configured to locate the set of URIs in a threat intelligence database; (Luo [0019, 0022-0030, 0032-0042, 0052-0065] teaches that the URI’s can be received and processed on the cloud where processing includes comparing the URL/site against known malicious sites/URLs which teaches locating the URI in a threat database (whitelist/blacklist)) receiving, from the cloud controller, threat intelligence data from the threat intelligence database; (Luo [0027, 0051-0069] teaches receiving (from the cloud) a verdict (threat intelligence data)) applying a set of security policies to the browser based on the threat intelligence data; and (Luo [0014-0023, 0052, 0062-0069] teaches implementing rules/policies take an appropriate actions including block/prevent/allow/rendering/executing according to the verdict) displaying a rendered browser image on a display for the user according to the set of security policies. (Luo [0062-0069] teaches rendering (displaying) on a user display when the verdict is safe) While Luo teaches identifying and recording URL samples using Document Object Model (DOM) on the server-side Luo does not explicitly disclose: analyzing a document object model (DOM) of a website associated with the set of URIs according to the threat intelligence data; However, in the same field of endeavor Woodard discloses: analyzing a document object model (DOM) of a website associated with the set of URIs according to the threat intelligence data; (Call [0005-0022, 0102-0107] teaches that website DOM models, associated with URL’s, can be analyzed, according to threat intelligence data, on a client computer) Luo and Call are analogous art because they are from the same field of endeavor cybersecurity. Before the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Luo and Call before him or her, to modify the method of Luo to include the client side DOM analysis of Call because it will improve cybersecurity and efficiency The motivation for doing so would be [“in addition to preventing malicious code from operating properly, the systems discussed here can also identify malicious operation. For example, in addition to or as an alternative to being randomly modified so as to prevent inter-operation at network endpoints by malicious code, the web server code may be supplemented with instrumentation code that is programmed to identify alien content in the rendered web page on the client computer.”] (Paragraph 0003-00011, 0070 by Call)]. Therefore, it would have been obvious to combine Luo and Call to obtain the invention as specified in the instant claim. Claim 11 recites limitations substantially similar in scope as claim 1 above, therefore, is also rejected under the same rationale set forth above. Additionally claim 11 discloses: A computer program product comprising a nontransitive storage medium, the computer program product including code that, when executed by processing circuitry, causes the processing circuitry to perform a method, the method comprising: (Luo [0010, 0024, 0029] teaches non-transitory computer program product including processor and memory) Additionally claim 16 discloses: An electronic apparatus, the electronic apparatus comprising: memory; and processing circuitry coupled to the memory, the processing circuitry being configured to: (Luo [0010] teaches apparatus including processor and memory) Regarding claims 2, 12, and 17, Luo in view of Call discloses all the limitations of claim 1, Luo additionally discloses: The method as in claim 1, wherein the set of security policies include at least one of block, allow, render read-only, remove browser isolation, or alternate content of the website via the DOM to at least one of remove or disable content that potentially includes threats. (Luo [0014-0023, 0052, 0062-0069] teaches implementing rules/policies take an appropriate actions including block/prevent/allow/rendering/executing according to the verdict) Regarding claims 3, 13, and 18, Luo in view of Call discloses all the limitations of claim 1, Luo additionally discloses: The method as in claim 1, further comprising: performing a hooking operation on a network request loop to produce a hooked network request loop, the set of URIs being rendered from a relevant function of the hooked network request loop. (Luo [0030-0036, 0040-0042, 0055-0062] teaches hooking data of different types associated with the URL including every API that may load remote web content) Regarding claim 4, Luo in view of Call discloses all the limitations of claim 3, Luo additionally discloses: The method as in claim 3, wherein the hooking operation is performed with a standard hooking technique of at least one extension in the browser. (Luo [0037-0042, 0056-0061] teaches browsers extensions and associated standard hooking operations) Regarding claim 5, Luo in view of Call discloses all the limitations of claim 3, Luo additionally discloses: The method as in claim 3, wherein the relevant function is an OnBeforeRequest function. (Luo [0056-0065] teaches the instrumented virtual machine environment is configured to hook every API that may load remote web content (e.g., iframe content, plugins, and page navigation), so that the process to load remote content can be interrupted and client device can be made to fetch the data (OnBeforeRequest). Regarding claim 6, Luo in view of Call discloses all the limitations of claim 3, Luo additionally discloses: The method as in claim 3, wherein the relevant function is an externally_connectable function. (Luo [0014] teaches inbound traffic filtering (externally_connectable function)) Regarding claims 7, 14, and 19, Luo in view of Call discloses all the limitations of claim 3, Luo does not explicitly disclose: The method as in claim 3, wherein applying the set of security policies includes: inserting, via at least one content script, the set of security policies into the DOM. However, in the same field of endeavor Call teaches: The method as in claim 3, wherein applying the set of security policies includes: inserting, via at least one content script, the set of security policies into the DOM. (Call [0080-0091, 0097-0105, 0114-0119] teaches making modifications/changes to a web page’s DOM which can correspond to security policies; additionally, the DOM can be on the client-side) It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify with Call for similar reasons as cited in claim 1. Regarding claim 8, Luo in view of Call discloses all the limitations of claim 3, Luo does not explicitly disclose: The method as in claim 3, wherein the DOM is continuously inserted into the network request loop. However, in the same field of endeavor Call teaches: The method as in claim 3, wherein the DOM is continuously inserted into the network request loop. (Call [0008-0012, 0080-0091, 0097-0105, 0114-0119] teaches making modifications/changes to a web page’s DOM which can correspond to security policies; additionally, the DOM can be on the client-side and doing so continually which provides real-time analysis and intervention) It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify with Call for similar reasons as cited in claim 1. Claims 9-10, 15 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Luo (U.S. 20200342103), in view of Call (U.S. 20140283069), in further view of Woodard (U.S. 20140283069). Regarding claims 9, 15, and 20, Luo in view of Call discloses all the limitations of claim 1, Luo does not explicitly disclose: The method as in claim 1, wherein applying the set of security policies includes: disabling a data input field of the browser. However, in the same field of endeavor Woodard teaches: The method as in claim 1, wherein applying the set of security policies includes: disabling a data input field of the browser. (Woodard [Col 7 line 63-67] teaches that actions may include blocking the communication or disabling input fields associated with the request, such as on a page associated with the request to prevent entry of sensitive information such as passwords) Luo in view of Call and Woodard are analogous art because they are from the same field of endeavor cybersecurity. Before the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Luo in view of Call and Woodard before him or her, to modify the method of Luo in view of Call to include the disabling input field of Woodard because it will prevent entry of sensitive information such as passwords when doing so would leak that information to a malicious actor. The motivation for doing so would be [“prevent entry of sensitive information such as passwords”] ([Col 7 line 63-67] by Woodard)]. Therefore, it would have been obvious to combine Luo in view of Call and Woodard to obtain the invention as specified in the instant claim. Regarding claims 10, Luo in view of Call discloses all the limitations of claim 9, Luo does not explicitly disclose: The method as in claim 9, wherein the data input field includes a password entry box. However, in the same field of endeavor Woodard teaches: The method as in claim 9, wherein the data input field includes a password entry box. (Woodard [Col 7 line 63-67] teaches that actions may include blocking the communication or disabling input fields associated with the request, such as on a page associated with the request to prevent entry of sensitive information such as passwords) It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify with Woodard for similar reasons as cited in claim 9. Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Hod 2020-07-22 (U.S. 20210026969) A method and system of detecting script-based attacks. In this approach, behavioral analysis is performed against a traceable data structure, preferably in the form of a call flow graph (CFG) that is generated at an instrumented end user client browser. The CFG comprises a set of runtime JavaScript execution data points and one or more associated event chains that include the execution data points and their relative ordering. It is generated in a client browser in association with an interaction with a page, and it represents a context-based record of that specific interaction. By collecting similar CFGs from other such interactions with that page, the system identifies execution flow anomalies that represent malicious JavaScript attack(s). These attacks can then be mitigated, e.g., by updating the page or access policy associated with the page such that the attack cannot be successfully executed against other users interacting with the page. Liu 2019-09-17 (U.S. 20200012781) Techniques for rendering an object using multiple versions of an application in a single process for dynamic malware analysis are disclosed. In some embodiments, a system, process, and/or computer program product for rendering an object using multiple versions of an application in a single process for dynamic malware analysis includes receiving a sample at a cloud security service, in which the sample includes an embedded object; detonating the sample using a browser executed in an instrumented virtual machine environment; and rendering the embedded object using a plurality of versions of an application in a single process during a dynamic malware analysis using the instrumented virtual machine environment. Any inquiry concerning this communication or earlier communications from the examiner should be directed to THOMAS A CARNES whose telephone number is (571)272-4378. The examiner can normally be reached Monday-Friday. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Shewaye Gelagay can be reached at (571) 272-4219. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. THOMAS A. CARNES Examiner Art Unit 2436 /THOMAS A CARNES/Examiner, Art Unit 2436
Read full office action

Prosecution Timeline

Mar 13, 2025
Application Filed
Jun 03, 2026
Non-Final Rejection mailed — §103, §112 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12682116
Trust Monitoring for Input to Messaging Group
4y 9m to grant Granted Jul 14, 2026
Patent 12675589
TIME-DELAY-BASED ACCESS CONTROL FOR CONTINUOUS INTEGRATION PIPELINES
3y 5m to grant Granted Jul 07, 2026
Patent 12619693
User credential authentication using blockchain and machine learning
3y 6m to grant Granted May 05, 2026
Patent 12619753
DYNAMIC TIME-BASED DATA ACCESS POLICY DEFINITION AND ENFORCEMENT
2y 12m to grant Granted May 05, 2026
Patent 12615281
MACHINE LEARNED ALERT CLASSIFICATION SYSTEM
1y 8m to grant Granted Apr 28, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

1-2
Expected OA Rounds
69%
Grant Probability
99%
With Interview (+68.1%)
3y 3m (~1y 11m remaining)
Median Time to Grant
Low
PTA Risk
Based on 77 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month