DETAILED ACTION

1.	Notice of Pre-AIA  or AIA  Status:  The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
2.	Claims 1-20 are presented for examination. 
3.	This Office Action is in response to application 16/240233 filed on January 4, 2019.
4.	Claims 2, 6, 9, 10, 13, 16 and 17 are objected to as being dependent upon a rejected base claim (claims 1, 8 or 15), but would be allowable if rewritten to overcome the rejection(s) under 35 U.S.C. 112, 2nd paragraph, set forth in this Office Action and to include all of the limitations of the base claim and any intervening claims (claims 5 and 12).  Also, Applicant to include necessary features for a smooth transition from feature to feature to prevent gaps/disconnects/lack of relationships (i.e., a potential 35 U.S.C. 112(b), 2nd paragraph rejection) between features.

5.	Claims 4 and 5 (a claims 11, 12, 18, 19 respectively) have been rejected over prior arts.  Any one of dependent claims 4 or 5, each rejected under a different prior art, would be allowable if the claim is rewritten to overcome the rejection(s) under 35 U.S.C. 112(b), 2nd paragraph, set forth in this Office Action and to include all of the limitations of the base claim (1, 8 and 15) and any intervening claims.  Also, Applicant to include necessary features for a smooth transition from feature to feature to prevent gaps/disconnects/lack of relationships issues (i.e. potential 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), 2nd paragraph rejection) between features.

Claim Interpretation

6.	Claim 3 recites “command queue of the computing device”.  Specification [0021] states “provision enterprise data 124 to the client device 106 through use of a command queue provided by the management service” and “the management service 115 can store commands in a command queue with a particular client device 106 and accessible by the particular client device,” and “which causes the client devices 106 to retrieve commands from the command queue provided by the management service,” [0022] states “the contents of the command queue can include a baseline configuration file 133 generated by the baseline service,” and [0023] states” the command queue can include a command that the management component 127 should cause to be executed on the client device 106.”  Based on these specification explanations, an appropriate interpretation is applied to all the claims.

Claim Rejections – 35 USC § 112
7.	The following is a quotation of 35 U.S.C. 112(b):

(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.

8.	Claims 1-20 are rejected under 35 U.S.C. 112(b), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention.

9.	Claim 1 recites “the list of policies including a machine policy.”  The phrase “machine policy” is vague where “machine” can refer to any of the following:  “vendor’s server,” “user device,” “computing device,” “employee devices,” “non-domain devices,” “computing devices not belonging to the organization,” “client device,” “user device,” “Microsoft Windows devices,” “enrolled devices,” “managed devices,” “given device group,” “display device,” “storage device,”  “device 106,” “given device,” “particular device,” and “memory devices.”  The phrase “machine policy” renders the claim indefinite because unclear which machine and which policy the phrase represents making the claim unclear which subject of the limitation(s) refers to.  Until Applicant clarifies the “machine policy” (e.g., via a wherein clause that has explicit specification support), the 103 rejection will map the vaguely recited “machine policy” (i.e., specification title describes the vague policy being a configuration for managed devices) to rules applied to client devices.  While “machine policy” has little explicit support which “device” or “policy” it represents, Applicant to clarify the recited “machine policy” such that the 103 rejection can be made more accurate.  The same is true in claims 8 and 15.

Claims 2-7, 9-14 and 16-20 incorporate the deficiencies of claims 1, 8 and 15, through dependency, and are also rejected.

10.	Claim 1 recites “the list of policies associated with an operating system of the client device,” “the list of policies including a machine policy,” and “apply the list of policies for the client device.”  The phrases “operating system of the client device” and “machine policy” are not the same as “the client device” rendering the claim indefinite because “operating system of the client device” and “machine policy” do not have a relationship with “applying the list of policies [] for the client device” making the claim unclear which subject of the limitation(s) refers to.  The specification [0012] states “policies can correspond to both machine policies and user policies,” [0036] [0041] [0047] [0055] [0063] [0063] [0037] state “the management component 127 can apply user policies and/or machine policies.”  “machine policy” and “client device” are not the same.  Applicant to clarify claim such that there is a clear relationship between these features.  The same is true in claims 8 and 15.

Claims 2-7, 9-14 and 16-20 incorporate the deficiencies of claims 1, 8 and 15, through dependency, and are also rejected.

Claim Rejections - 35 USC § 103
11.	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

12.	Claims 1, 7, 8, 14, 15 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Quantas et al., US pub 20180109430, hereinafter Quantas, and in view of Beckman et al., US pub 20150089673, hereinafter Beckman.

13.	Regarding claims 1, 8 and 15, Quantas teach a system for machine policy enforcement (“policy enforcement” [0002] [0006]), the system comprising:
a client device enrolled in a management service (“once a client device is enrolled with a first management service” [0009] [0020] [0022]); and
at least one application executable in the client device (“application programming interfaces (APIs)” [0011], “application package” [0065], “managed containers” [0005] [0008] [0008] [0025] [0031] [0032] [0033]), 
wherein the at least one application, when executed, causes the client device to:
obtain a baseline configuration file (“set of management policies and/or compliance rules”, “configuration data”) from a computing device associated with the management service (“management service 60”), the baseline configuration file comprising a list of policies (“set of management policies”, “management policies”) associated with an operating system of the client device (“the management device 60 can retrieve a set of management policies and/or compliance rules from the management data 54 and transfer them to the client device” [0022], “installation of a management profile in a profile bank of an operating system of the client device” [0020] [0021], “the configuration data can include credentials, such as certificates, profiles, tokens, passwords, PINS, etc. that the client device should use” [0025], “the management service 60 can instruct the management agent 38 and the operating system of the client device to enforce the management policies, compliance rules, and configuration data stored in the device management data” [0026]), and
apply the list of policies for the client device by modifying a registry (“manage the operating aspects”, “can be registered”) of the operating system in accordance with the list of policies (“the management service 60 and/or the management agent 38 can be registered as a device administrator of the client device, permitting the management service 60 and/or management agent 38 to manage the operating aspects and use of the client device” [0020], “the management service 60 and/or management agent 38 can then be registered as a device administrator of the client device 30”, “the management agent 38 can be registered as the device administrator of the client device 30 through the installation of a management profile in a profile bank of an operating system of the client device 30 upon a user’s acceptance of various terms and conditions related to the management of the client device” [0035]).
Quantas do not teach policies including a machine policy feature, but in a similar field of endeavor Beckman teach:
and the list of policies (“rules”) including a machine policy (“rules [] at client devices”) (“the set of rules may reside at least partially on the client device” [0008] [0040] [0066], “ability to enforce company policy and rules on how enterprise content is managed both in and out of backend systems and at client devices” [0030]).

Thus, it would have been obvious before the effective filing date of the claimed invention to a person of ordinary skill in the art to readily recognize the advantage of modifying Quantas’s system that provides the user “companies and other organizations can control certain operating aspects of computing devise issued to employees and other personnel using management services.  Management services focus on containerization, data segregation, policy enforcement, application distribution and management, security for email, documents, and other on-device data, and other aspects of device management” (Quantas [0006]) with the features of Beckman’s system to provide “protecting managed content based on geographic locations of user devices” (Beckman [0005]) and “a client device communicatively connected to the application gateway server computer may include a managed container” (Beckman [0006]). 

The motivation being “based on a request from a client device” (Quantas [0008]) and “a user of the client device 30 can request federated device management associated with the affiliate management service” (Quantas [0030]) which includes “enterprises wanting to retain control over enterprise content – including applications – downloaded to devices that may or may not be owned by the enterprises” (Beckman [0004]), “ability to enforce company policy and rules on how enterprise content is managed both in and out of backend systems and at client devices” (Beckman [0030]), and “when a user desired to open a document, an application associated with the document may call managed container” (Beckman [0091]).

14.	Regarding claims 7, 14 and 20, Quantas do not teach list of policies include Group Policy settings feature, but in a similar field of endeavor Beckman teach wherein the list of policies (“are not allowed to download”, “from an online app store or a website”) include Group Policy settings (“employees of a company”) (“users (e.g., employees of a company operating or using an application gateway server computer) do not need to or are not allow to download (e.g., from an online app store or a website on the Internet) any application into a managed container” [0042], “an administrator may designate an application to be deployed to a selected group of users such as employees in a human resources department or may designate the application as mandatory for everyone in an organization” [0059]).

15.	Claims 4, 11 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Quantas and Beckman, as applied to claims 1, 8 and 15 above, and further in view of Ramarao et al., US Pub 20040199647, hereinafter Ramarao.

16.	Regarding claims 4, 11 and 18, Quantas and Beckman do not teach baseline configuration file is an XML document feature, but in a similar field of endeavor Ramarao teach wherein the baseline configuration file comprises an extensible markup language (XML) document ([0033]).

Thus, it would have been obvious before the effective filing date of the claimed invention to a person of ordinary skill in the art to readily recognize the advantage of modifying Quantas’s and Beckman’s system that provides the user “companies and other organizations can control certain operating aspects of computing devise issued to employees and other personnel using management services.  Management services focus on containerization, data segregation, policy enforcement, application distribution and management, security for email, documents, and other on-device data, and other aspects of device management” (Quantas [0006]) with the features of Ramarao’s system to provide “access control software 460 comprises a configuration file 462 that lists the privileges that each agent in the OVO environment is permitted” (Ramarao [0029]) and “the configuration file can either be written in a proprietary if it is intended to be a stand-alone application, or be written so as to conform to an XML Schema” (Ramarao [0033]).

The motivation being “a centralized Policy Manager that is intended to enforce centrally defined policy based restrictions on the type of remote actions, writing the configuration in XML would help in integrating [] with the overall Policy based Security architecture of a solution” (Ramarao [0033]), “access control software 460 determines that the requested action is not permitted” (Ramarao [0036]), and “if the sending node is not listed on the configuration file of access control software 460, any action it requests will be prevented from occurring” (Ramarao [0037]).

17.	Claims 5, 12 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Quantas and Beckman, as applied to claims 1, 8 and 15 above, and further in view of Lee et al., US Pub 20170171245, hereinafter Lee.

18.	Regarding claims 5, 12 and 19, Quantas and Beckman do not teach detect a change to the registry that differs from a policy of the policies feature, but in a similar field of endeavor Lee teach wherein the at least one application further causes the client device to at least detect a change to the registry that differs from a policy included in the list of policies ([0104]).

Thus, it would have been obvious before the effective filing date of the claimed invention to a person of ordinary skill in the art to readily recognize the advantage of modifying Quantas’s and Beckman’s system that provides the user “companies and other organizations can control certain operating aspects of computing devise issued to employees and other personnel using management services.  Management services focus on containerization, data segregation, policy enforcement, application distribution and management, security for email, documents, and other on-device data, and other aspects of device management” (Quantas [0006]) with the features of Lee’s system to provide “automatically reconfiguring a policy of a multi-tenant service” (Lee [0010]), “the program code is operative to reconfigure the first tenant specific policy according to the detected event” (Lee [0013]) and “provides comprehensive policy enforcement of dynamically changing assets” (Lee [0104]).

The motivation being “a need to improve security in a cloud environment” (Lee [0009]) and “by having the cloud provider update the registry or an event service which monitors the cloud control AIPs, a mechanism is provided to notify the service providers of a change which requires an update to the tenant specific polices” (Lee [0104]).

Conclusion
19.	The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Applicant is reminded that in amending in response to a rejection of claims, the patentable novelty must be clearly shown in view of the state of the art disclosed by the references cited and the objection made.  Applicant must show how the amendments avoid such references and objections.  See 37 CFR 1.111(c).

20.	 Any inquiry concerning this communication or earlier communications from the examiner should be directed to O. Charlie Vostal whose telephone number is 571-270-3992 (via email:  Ondrej.Vostal@uspto.gov  “without a written authorization by applicant in place, the USPTO will not respond via internet e-mail to an Internet correspondence” MPEP 502.02 II and https://www.uspto.gov/sites/default/files/documents/sb0439.pdf ).  The examiner can normally be reached on 8:30am to 5:00pm EST Monday thru Friday.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor,  Thu Nguyen can be reached on 571-272-6967.  The fax phone number for the organization where this application or proceeding is assigned is 571-270-4992.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the Public PAIR system, see http://portal.uspto.gov/pair/PublicPair.  Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

	/ONDREJ C VOSTAL/           Primary Examiner, Art Unit 2452                                                                                                                                                                                             
	January 14, 2021