DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim 12 is canceled.
Claims 1, 2, 8, 11, and 15 are amended.
Claims 1-11 and 13-20 are pending.
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 11/12/2020 has been entered.
 
Claim Objections
Claim 1 is objected to because of the following informalities:  recites "determination by the monitoring component that the advertisement....” Lacks antecedent basis. Appropriate correction is required.
Response to Arguments
Applicant argument filed 10/16/2020 have been fully considered.
In response to claim objection to claims 11 and 12 have been withdrawn in light of claim amendment.
Applicant’s arguments with respect to independent claims 1, 8, and 15 along with their respective dependent claims have been considered but are moot because the arguments do not apply to any of the references being used in the current rejection.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 4, and 5 is/are rejected under 35 U.S.C. 103 as being unpatentable over Jain et al. (US 20160119289 hereinafter Jain) in view of Lacey et al. (US 20160098577 hereinafter Lacey), and in further view of Watkins et al. (US 9027140 hereinafter as Watkins).
Re. claim 1, Jain teaches a system, comprising: a memory that stores computer executable components (Jain teaches a memory [0140]); and a processor that executes the computer executable components stored in the memory (Jain teaches a processor [0140]), wherein the computer executable components comprise: a database component that receives, receives, from a first entity, data associated with the first entity and one or more rules defining use of the data by a second entity (Jain teaches that the gateway can implement DLP. The DLP policy are being defined [0075]. Generate mappings between fields of data entered within a client device interface and portions of data received from the client device 100. when the gateway 104 is subsequently configured to operate in a data protection mode, the encoding module 125 can use the generated mappings stored in the form mappings storage module 155 to identify portions of received data that correspond to fields identified by a security policy accessed from the security policy storage module 160 [0049]. The security policy storage module stores security policies for use by the encoding module to encode payload data received from the client device [0054] Gateway is interpreted as the second entity. Client is interpreted as first entity. Please see Figs. 1, 8 and 9); a monitoring component that analyzes content communicated, over a network, by the second entity (communicatively coupled via a network 105 and gateway device 104 [0034] Fig. 1), to determine whether the content violates the one or more rules defining the use of the data by the second entity (Jain teaches the gateway 104 proactively scans the communication content in real-time while applying 802 a DLP policy. When the gateway 104 detects 804 a violation of the DLP policy in response to the scanning (for instance, by identifying a type of sensitive data 800 being transferred, the transfer of which is prohibited by the DLP policy) [0076]); and a notification component that generates information indicative of one or more violations of the one or more rules based on a determination by the monitoring component that the content violates the one or more rules (Jain teaches the gateway 104 then generates a violation report 806 detailing the violation of the DLP policy, and provides the report to the client 100 [0076]).
Although Jain discloses data and one or more rules, Jain do not explicitly disclose but Lacey discloses wherein the data and the one or more rules are defined by the first entity (Lacey teaches the request is validated against a set of rules established by the user (either on their device or on the gateway), and is then further validated against their active context [0037]. One or more devices associated with the client environment 114 (e.g., the client device 102-1) sends PII permissions back to the hub server 104. In some implementations, the returned permissions include approval or denial of the request (in whole or in part, as described herein), as well as assignments of particular context profiles for which the permissions are granted [0038]. A user may elect to initiate the process of sharing PII, in order to facilitate a transaction, for example (or for any purpose). In such instance, the user selects a context and initiates outbound sharing of information (including selected PII) with an entity, subject to any rules and/or restrictions imposed by the hub server 104, the profile-based PII gateway 116, and/or any rules or restrictions associated with the user's context profiles [0040]).
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Lacey into the invention of Jain for the purpose of having a response that is automatically managed based on the rules and user’s context and provides security by giving authority to entities that are authorized to view the personal information (Lacey [0037]).
Although Jain-Lacey discloses violation of one or more rules based on a determination that the second entity, Jain-Lacey do not explicitly disclose but Watkins wherein the analysis of the content comprises: determination by the monitoring component that the advertisement is generated by the second entity in violation of the one or more rules based on a determination that the second entity (Watkins teaches an ad network provider can send any new ad content to the cloud service (interpreted as second enitity) to determine whether such new ad content includes or links to any malware and/or violates any rules/aspects of a policy configured by the ad network provider [Col 4 lines 56-67]. A CPE 220 of cloud service for automated application malware filtering for ad networks 222 uses ad content metadata 214 and feature and behavior data 216 to facilitate the generation of a report that identifies any ad content that was determined to be in violation of a policy and/or a policy for the entity (e.g., an enterprise policy) [Col 9 lines 14-59] (generating ad content that were determined to be malicious)): tracked activity of a device associated with the first entity on the Internet (Watkins teaches the ad content is submitted directly to an end mobile device, shown as ad content target device 106. if the ad content is not determined to be acceptable (e.g., based on a policy, such as an enterprise or other policy for apps and ad content), then the ad content can be filtered (e.g., blocked) as shown at 114 [Col 6 lines 1-29]. CPE 110 analyzes the submitted ad content [Col 6 lines 30-46]); made an inference of certain sensitive information associated with the first entity based on the tracked activity (Watkins teaches MDCE 218 scans ad content (interpreted as sensitive information), including any applications in or linked to the ad content, in an automated manner to determine what data is included within the ad content and/or such applications (if any). This data (e.g., metadata (interpreted as sensitive information), such as app metadata) is extracted, stored, and used by CPE 220 to facilitate ad content processing [Col 10 lines 42-67] [Col 6 lines 1-29]); and generated the advertisement based on the inferred sensitive information (Watkins teaches an ad network provider can send any new ad content to the cloud service to determine whether such new ad content includes or links to any malware and/or violates any rules/aspects of a policy configured by the ad network provider [Col 4 lines 56-67]. a CPE 220 of cloud service for automated application malware filtering for ad networks 222 uses ad content metadata 214 and feature and behavior data 216 to facilitate the generation of a report that identifies any ad content that was determined to be in violation of a policy and/or a policy for the entity (e.g., an enterprise policy) [Col 9 lines 14-59] (generating ad content that were determined to be malicious)).
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Watkins into the invention of Jain-Lacey for identifying malware in advertising networks of apps for mobile devices and filtering such potentially malicious ad content (Watkins [Col 2 lines 55-59]).
Re. claim 4, Jain-Lacey-Watkins teaches the system of claim 1. Jain-Lacey do not explicitly disclose but Watkins discloses wherein the monitoring component comprises: a capturing component that captures the content (Watkins teaches the ad content metadata is stored in a data store. different databases can be used for storing and search. Such content, such as for images and searching or other rep Resentations [Col 14 lines 13-19]); and an extraction component that extracts one or more data entities from the content (Watkins teaches the cloud service can compare an app extracted from the ad content and determine whether the app matches any previously analyzed apps available from one or more public app stores [Col 3 lines 50-67]).
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Watkins into the invention of Jain-Lacey for identifying malware in advertising networks of apps for mobile devices and filtering such potentially malicious ad content (Watkins [Col 2 lines 55-59]).
Re. claim 5, Jain-Lacey-Watkins teaches the system of claim 1, wherein the monitoring component comprises: a logic component that maps one or more data entities extracted from the content to one or more semantic entities (Jain teaches that the gateway 104 can scan the email body, can identify portions of the email containing sensitive data (such as phone numbers, social security numbers, credit card numbers, etc.), and can map the identified email portion to a portion of the payload corresponding to the email received by the gateway [0087]. if the string “SSN” is found in received data, the portion of the data associated with the string “SSN” can be flagged as a social security number [0075] [0091]).
Claims 8, 11, 15, 17 and 18 is/are rejected under 35 U.S.C. 103 as being unpatentable over Jain et al. (US 20160119289 hereinafter Jain) in view of Lacey et al. (US 20160098577 hereinafter Lacey), Eaton et al. (US 20090016599 hereinafter Eaton), and in further view of Watkins et al. (US 9027140 hereinafter as Watkins).
Re. claim 8, Jain teaches a computer-implemented method, comprising: receiving, by a system operatively coupled to a processor, from a first entity, data associated with the first entity and one or more rules defining use of the data by a second entity (Jain teaches that the gateway can implement DLP. The DLP policy are being defined [0075]. Generate mappings between fields of data entered within a client device interface and portions of data received from the client device 100. when the gateway 104 is subsequently configured to operate in a data protection mode, the encoding module 125 can use the generated mappings stored in the form mappings storage module 155 to identify portions of received data that correspond to fields identified by a security policy accessed from the security policy storage module 160 [0049]. The security policy storage module stores security policies for use by the encoding module to encode payload data received from the client device [0054] Gateway is interpreted as the second entity. Client is interpreted as first entity. Please see Figs. 1, 8 and 9); analyzing, by the system, content communicated, over a network, by the second entity (communicatively coupled via a network 105 and gateway device 104 [0034] Fig. 1), to determine whether the content violates the one or more rules defining the use of the data by the second entity (Jain teaches the gateway 104 proactively scans the communication content in real-time while applying 802 a DLP policy. When the gateway 104 detects 804 a violation of the DLP policy in response to the scanning (for instance, by identifying a type of sensitive data 800 being transferred, the transfer of which is prohibited by the DLP policy) [0076]); and generating, by the system, information indicative an inference of one or more violations of the one or more rules based on a determination that the content violates the one or more rules (Jain teaches the gateway 104 then generates a violation report 806 detailing the violation of the DLP policy, and provides the report to the client 100 [0076]).
Although Jain discloses data and one or more rules, Jain do not explicitly disclose but Lacey discloses wherein the data and the one or more rules are defined by the first entity (Lacey teaches the request is validated against a set of rules established by the user (either on their device or on the gateway), and is then further validated against their active context [0037]. One or more devices associated with the client environment 114 (e.g., the client device 102-1) sends PII permissions back to the hub server 104. In some implementations, the returned permissions include approval or denial of the request (in whole or in part, as described herein), as well as assignments of particular context profiles for which the permissions are granted [0038]. A user may elect to initiate the process of sharing PII, in order to facilitate a transaction, for example (or for any purpose). In such instance, the user selects a context and initiates outbound sharing of information (including selected PII) with an entity, subject to any rules and/or restrictions imposed by the hub server 104, the profile-based PII gateway 116, and/or any rules or restrictions associated with the user's context profiles [0040]).
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Lacey into the invention of Jain for the purpose of having a response that is automatically managed based on the rules and user’s context and provides security by giving authority to entities that are authorized to view the personal information (Lacey [0037]).
Although Jain-Lacey discloses mapping one or more data entities extracted from the content to one or more semantic entities, Jain-Lacey do not explicitly disclose but Eaton discloses mapping, by the system, based on a machine learning model, one or more data entities extracted from the content to one or more sematic entities (Eaton teaches the machine learning engine may include a semantic analysis model and a cognitive model. The semantic analysis model may label events observed by the computer vision engine with semantic meaning. That is, the semantic analysis model may identity what the tracked elements in the scene are doing. The cognitive model may be configured to identify patterns of behavior, leading to a "learning" of what events occur within a scene. Thus, the cognitive model may, over time, develop semantic labels to apply to observed behavior. In one embodiment, the system provides for progressive levels of complexity in what may be learned from the scene. For example, combinations of primitive events "seen" by the computer vision engine may be labeled as instances of a higher-order behavior, e.g., the primitive events of "car enters scene," "car moves to location A," and "car stops" might be labeled as "parking" by the semantic analysis model [0021]).
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Eaton into the invention of Jain-Lacey for the purpose of provide a machine-learning engine configured to recognize and learn (Eaton [0007]).
Although Jain-Lacey-Eaton discloses violation of one or more rules based on a determination that the second entity, Jain-Lacey-Eaton do not explicitly disclose but Watkins wherein the analysis of the content comprises: determining that the content is generated by the second entity in violation of the one or more rules based on a determination that the second entity (Watkins teaches an ad network provider can send any new ad content to the cloud service (interpreted as second enitity) to determine whether such new ad content includes or links to any malware and/or violates any rules/aspects of a policy configured by the ad network provider [Col 4 lines 56-67]. A CPE 220 of cloud service for automated application malware filtering for ad networks 222 uses ad content metadata 214 and feature and behavior data 216 to facilitate the generation of a report that identifies any ad content that was determined to be in violation of a policy and/or a policy for the entity (e.g., an enterprise policy) [Col 9 lines 14-59] (generating ad content that were determined to be malicious)): tracked activity of a device associated with the first entity on the Internet (Watkins teaches the ad content is submitted directly to an end mobile device, shown as ad content target device 106. if the ad content is not determined to be acceptable (e.g., based on a policy, such as an enterprise or other policy for apps and ad content), then the ad content can be filtered (e.g., blocked) as shown at 114 [Col 6 lines 1-29]. CPE 110 analyzes the submitted ad content [Col 6 lines 30-46]); made an inference of certain sensitive information associated with the first entity based on the tracked activity (Watkins teaches MDCE 218 scans ad content (interpreted as sensitive information), including any applications in or linked to the ad content, in an automated manner to determine what data is included within the ad content and/or such applications (if any). This data (e.g., metadata (interpreted as sensitive information), such as app metadata) is extracted, stored, and used by CPE 220 to facilitate ad content processing [Col 10 lines 42-67] [Col 6 lines 1-29]); and generated the content based on the inferred sensitive information (Watkins teaches an ad network provider can send any new ad content to the cloud service to determine whether such new ad content includes or links to any malware and/or violates any rules/aspects of a policy configured by the ad network provider [Col 4 lines 56-67]. a CPE 220 of cloud service for automated application malware filtering for ad networks 222 uses ad content metadata 214 and feature and behavior data 216 to facilitate the generation of a report that identifies any ad content that was determined to be in violation of a policy and/or a policy for the entity (e.g., an enterprise policy) [Col 9 lines 14-59] (generating ad content that were determined to be malicious)).
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Watkins into the invention of Jain-Lacey-Eaton for identifying malware in advertising networks of apps for mobile devices and filtering such potentially malicious ad content (Watkins [Col 2 lines 55-59]).
Re. claim 11, Jain-Lacey-Eaton-Watkins teaches the computer-implemented method of claim 8. Jain-Lacey-Eaton do not explicitly disclose but Watkins discloses wherein the analyzing comprises: capturing, by the system, the content (Watkins teaches the ad content metadata is stored in a data store. different databases can be used for storing and search. Such content, such as for images and searching or other rep Resentations [Col 14 lines 13-19]); and extracting, by the system, one or more data entities from the content (Watkins teaches the cloud service can compare an app extracted from the ad content and determine whether the app matches any previously analyzed apps available from one or more public app stores [Col 3 lines 50-67]).
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Watkins into the invention of Jain-Lacey-Eaton for identifying malware in advertising networks of apps for mobile devices and filtering such potentially malicious ad content (Watkins [Col 2 lines 55-59]).
(Jain teaches that the gateway can implement DLP. The DLP policy are being defined [0075]. Generate mappings between fields of data entered within a client device interface and portions of data received from the client device 100. when the gateway 104 is subsequently configured to operate in a data protection mode, the encoding module 125 can use the generated mappings stored in the form mappings storage module 155 to identify portions of received data that correspond to fields identified by a security policy accessed from the security policy storage module 160 [0049]. The security policy storage module stores security policies for use by the encoding module to encode payload data received from the client device [0054] Gateway is interpreted as the second entity. Client is interpreted as first entity. Please see Figs. 1, 8 and 9); analyze content communicated, over a network, by the second entity (communicatively coupled via a network 105 and gateway device 104 [0034] Fig. 1), to determine whether the content violates the one or more rules (Jain teaches the gateway 104 proactively scans the communication content in real-time while applying 802 a DLP policy. When the gateway 104 detects 804 a violation of the DLP policy in response to the scanning (for instance, by identifying a type of sensitive data 800 being transferred, the transfer of which is prohibited by the DLP policy) [0076]); and generate information indicative a determination of the one or more violations of the one or more rules based on a determination that the content violates the one or more rules (Jain teaches the gateway 104 then generates a violation report 806 detailing the violation of the DLP policy, and provides the report to the client 100 [0076]).
 (Lacey teaches the request is validated against a set of rules established by the user (either on their device or on the gateway), and is then further validated against their active context [0037]. One or more devices associated with the client environment 114 (e.g., the client device 102-1) sends PII permissions back to the hub server 104. In some implementations, the returned permissions include approval or denial of the request (in whole or in part, as described herein), as well as assignments of particular context profiles for which the permissions are granted [0038]. A user may elect to initiate the process of sharing PII, in order to facilitate a transaction, for example (or for any purpose). In such instance, the user selects a context and initiates outbound sharing of information (including selected PII) with an entity, subject to any rules and/or restrictions imposed by the hub server 104, the profile-based PII gateway 116, and/or any rules or restrictions associated with the user's context profiles [0040]).
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Lacey into the invention of Jain for the purpose of having a response that is automatically managed based on the rules and user’s context and provides security by giving authority to entities that are authorized to view the personal information (Lacey [0037]).
Although Jain-Lacey discloses one or more data entities extracted from the content to one or more semantic entities, Jain-Lacey do not explicitly disclose but Eaton discloses wherein analysis comprises: a derivation of a logical inference about one or more data entities extracted from the content based on employment of a semantic reasoner that accesses domain ontologies that include inference definitions and instructions that dictate how the semantic reasoner analyzes the one or more data entities and derives the logical inference (Eaton teaches the machine learning engine may include a semantic analysis model and a cognitive model. The semantic analysis model may label events observed by the computer vision engine with semantic meaning. That is, the semantic analysis model may identity what the tracked elements in the scene are doing. The cognitive model may be configured to identify patterns of behavior, leading to a "learning" of what events occur within a scene. Thus, the cognitive model may, over time, develop semantic labels to apply to observed behavior. In one embodiment, the system provides for progressive levels of complexity in what may be learned from the scene. For example, combinations of primitive events "seen" by the computer vision engine may be labeled as instances of a higher-order behavior, e.g., the primitive events of "car enters scene," "car moves to location A," and "car stops" might be labeled as "parking" by the semantic analysis model [0021])
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Eaton into the invention of Jain-Lacey for the purpose of provide a machine-learning engine configured to recognize and learn behaviors, as well as to identify and distinguish between normal and abnormal behavior within a scene, by analyzing movements and activities (Eaton [0007]).
Although Jain-Lacey-Eaton discloses violation of one or more rules based on a determination that the second entity, Jain-Lacey-Eaton do not explicitly disclose but Watkins wherein the analysis of the content comprises: determination that the content is generated by the second entity in violation of the one or more rules based on a determination that the second entity (Watkins teaches an ad network provider can send any new ad content to the cloud service (interpreted as second enitity) to determine whether such new ad content includes or links to any malware and/or violates any rules/aspects of a policy configured by the ad network provider [Col 4 lines 56-67]. A CPE 220 of cloud service for automated application malware filtering for ad networks 222 uses ad content metadata 214 and feature and behavior data 216 to facilitate the generation of a report that identifies any ad content that was determined to be in violation of a policy and/or a policy for the entity (e.g., an enterprise policy) [Col 9 lines 14-59] (generating ad content that were determined to be malicious)): tracked activity of a device associated with the first entity on the Internet (Watkins teaches the ad content is submitted directly to an end mobile device, shown as ad content target device 106. if the ad content is not determined to be acceptable (e.g., based on a policy, such as an enterprise or other policy for apps and ad content), then the ad content can be filtered (e.g., blocked) as shown at 114 [Col 6 lines 1-29]. CPE 110 analyzes the submitted ad content [Col 6 lines 30-46]); made an inference of certain sensitive information associated with the first entity based on the tracked activity (Watkins teaches MDCE 218 scans ad content (interpreted as sensitive information), including any applications in or linked to the ad content, in an automated manner to determine what data is included within the ad content and/or such applications (if any). This data (e.g., metadata (interpreted as sensitive information), such as app metadata) is extracted, stored, and used by CPE 220 to facilitate ad content processing [Col 10 lines 42-67] [Col 6 lines 1-29]); and generated the content based on the inferred sensitive information (Watkins teaches an ad network provider can send any new ad content to the cloud service to determine whether such new ad content includes or links to any malware and/or violates any rules/aspects of a policy configured by the ad network provider [Col 4 lines 56-67]. a CPE 220 of cloud service for automated application malware filtering for ad networks 222 uses ad content metadata 214 and feature and behavior data 216 to facilitate the generation of a report that identifies any ad content that was determined to be in violation of a policy and/or a policy for the entity (e.g., an enterprise policy) [Col 9 lines 14-59] (generating ad content that were determined to be malicious)).
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Watkins into the invention of Jain-Lacey-Eaton for identifying malware in advertising networks of apps for mobile devices and filtering such potentially malicious ad content (Watkins [Col 2 lines 55-59]).
(Watkins teaches the ad content metadata is stored in a data store. different databases can be used for storing and search. Such content, such as for images and searching or other rep Resentations [Col 14 lines 13-19]); and extract the one or more data entities from the content (Watkins teaches the cloud service can compare an app extracted from the ad content and determine whether the app matches any previously analyzed apps available from one or more public app stores [Col 3 lines 50-67]).
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Watkins into the invention of Jain-Lacey-Eaton for identifying malware in advertising networks of apps for mobile devices and filtering such potentially malicious ad content (Watkins [Col 2 lines 55-59]).
Re. claim 18, Jain-Lacey-Eaton-Watkins teaches the computer program product of claim 15, wherein the program instructions further cause the processor to: map the one or more data entities extracted from the content to one or more semantic entities (Jain teaches that the gateway 104 can scan the email body, can identify portions of the email containing sensitive data (such as phone numbers, social security numbers, credit card numbers, etc.), and can map the identified email portion to a portion of the payload corresponding to the email received by the gateway [0087]. if the string “SSN” is found in received data, the portion of the data associated with the string “SSN” can be flagged as a social security number [0075] [0091]).
Claim 2 is/are rejected under 35 U.S.C. 103 as being unpatentable over Jain et al. (US 20160119289 hereinafter Jain) in view of Lacey et al. (US 20160098577 hereinafter Lacey), Watkins et al. (US 9027140 hereinafter as Watkins), and in further view of Markisohn et al. (US 20090150683 hereinafter Markisohn) .
(Jain teaches a client device is a computing device capable of processing data as well as transmitting data to and receiving data from the other entities. The client device 100 includes one or more processors, memory, storage, and networking components [0036] [0049] [0054]).
Although Jain-Lacey discloses content, Jain-Lacey do not explicitly disclose but Watkins discloses wherein the content comprises advertisement content (Watkins teaches (Watkins teaches the ad content is submitted directly to an end mobile device, shown as ad content target device 106. if the ad content is not determined to be acceptable (e.g., based on a policy, such as an enterprise or other policy for apps and ad content), then the ad content can be filtered (e.g., blocked) as shown at 114 [Col 6 lines 1-29]. CPE 110 analyzes the submitted ad content [Col 6 lines 30-46]).
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Watkins into the invention of Jain-Lacey for identifying malware in advertising networks of apps for mobile devices and filtering such potentially malicious ad content (Watkins [Col 2 lines 55-59]).
Although Jain-Lacey-Watkins discloses a storage component that stores the received data and rule, Jain-Lacey-Watkins do not explicitly disclose but Markisohn discloses wherein access to the database component is exclusive to the first entity (Markisohn teaches databases may be stored locally in storage devices [0022]. Only a user with access to a specific client 100' can access results database 114 or create more results databases with the key corresponding to the specific client 100' [0031]).
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Markisohn into the invention of Jain-Lacey-Watkins for the purpose of having content more secured which improves security (Markisohn [0003])
Claims 9, and 16 is/are rejected under 35 U.S.C. 103 as being unpatentable over Jain et al. (US 20160119289 hereinafter Jain) in view of Lacey et al. (US 20160098577 hereinafter Lacey), Eaton et al. (US 20090016599 hereinafter Eaton), Watkins et al. (US 9027140 hereinafter as Watkins), and in further view of Markisohn et al. (US 20090150683 hereinafter Markisohn) .
Re. claim 9, Jain-Lacey-Eaton-Watkins teaches the computer-implemented method of claim 8, further comprising: storing, by the system, the data and the one or more rules component (Jain teaches a client device is a computing device capable of processing data as well as transmitting data to and receiving data from the other entities. The client device 100 includes one or more processors, memory, storage, and networking components [0036] [0049] [0054]).
Although Jain-Lacey-Eaton-Watkins discloses a storage component that stores the received data and rule, Jain-Lacey-Eaton-Watkins do not explicitly disclose but Markisohn discloses wherein access to the data and the one or more rules is exclusive to the first entity (Markisohn teaches Databases may be stored locally in storage devices [0022]. Only a user with access to a specific client 100' can access results database 114 or create more results databases with the key corresponding to the specific client 100' [0031]).
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Markisohn into the invention of Jain-Lacey-Eaton-Watkins for the purpose of having content more secured which improves security (Markisohn [0003]).
Re. claim 16, Jain-Lacey-Eaton-Watkins teaches the computer program product of claim 15, wherein the program instructions further cause the processor to: store the data and the one or more rules component (Jain teaches a client device is a computing device capable of processing data as well as transmitting data to and receiving data from the other entities. The client device 100 includes one or more processors, memory, storage, and networking components [0036] [0049] [0054]).
(Markisohn teaches Databases may be stored locally in storage devices [0022]. Only a user with access to a specific client 100' can access results database 114 or create more results databases with the key corresponding to the specific client 100' [0031]).
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Markisohn into the invention of Jain-Lacey-Eaton-Watkins for the purpose of having content more secured which improves security (Markisohn [0003]).
Claim 3 is/are rejected under 35 U.S.C. 103 as being unpatentable over Jain et al. (US 20160119289 hereinafter Jain) in view of Lacey et al. (US 20160098577 hereinafter Lacey), Watkins et al. (US 9027140 hereinafter as Watkins), and in further view of Banerjee (US Patent 8832848).
Re. claim 3, Jain-Lacey-Watkins teaches the system of claim 1, wherein the one or more rules comprise: one or more sensitivity levels associated with the data (Jain teaches the client's overall data can be categorized in varying degrees of sensitivity in terms of needed strength of protection from the server [0057]).
Although Jain-Lacey-Watkins discloses sensitivity level, Jain-Lacey-Watkins do not explicitly disclose but Banerjee discloses one or more uses associated with the one or more sensitivity levels (Banerjee teaches the sensitivity detection module 202 may detect information about the type of content that data includes. For instance, the sensitivity detection module 202 may inspect data traffic that is being communicated into the content sharing service 114 to determine data classification information for the content. The sensitivity detection module 202 may determine the user is a member of certain security groups or that the user has permission to view certain types of data or geographically resident-constrained data [Col 4 line 56 –Col 5 line 3]. Please see Fig. 2 and Fig. 4).
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Banerjee into the invention of Jain-Lacey-Watkins for the purpose of enforcing the rule if it is determined that the sensitivity level is high, which leads to additional access requirements and security protection (Banerjee [Col 1 lines 23-30] [Col 5 lines 40-45]).
Claim 10 is/are rejected under 35 U.S.C. 103 as being unpatentable over Jain et al. (US 20160119289 hereinafter Jain) in view of Lacey et al. (US 20160098577 hereinafter Lacey), Eaton et al. (US 20090016599 hereinafter Eaton), Watkins et al. (US 9027140 hereinafter as Watkins), and in further view of Banerjee (US Patent 8832848).
Re. claim 10, Jain-Lacey-Eaton-Watkins teaches the computer-implemented method of claim 8, wherein the one or more rules comprise: one or more sensitivity levels associated with the data (Jain teaches the client's overall data can be categorized in varying degrees of sensitivity in terms of needed strength of protection from the server [0057]); to facilitate at least one of improved processing accuracy and improved processing efficiency for automatic detection of unauthorized use of the data by the second entity (Jain teaches can provide data services that require the performance of various data operations on unprotected data [0003]).
Although Jain-Lacey-Eaton-Watkins discloses sensitivity level, Jain-Lacey-Eaton-Watkins do not explicitly disclose but Banerjee discloses one or more uses associated with the one or more sensitivity levels (Banerjee teaches the sensitivity detection module 202 may detect information about the type of content that data includes. For instance, the sensitivity detection module 202 may inspect data traffic that is being communicated into the content sharing service 114 to determine data classification information for the content. The sensitivity detection module 202 may determine the user is a member of certain security groups or that the user has permission to view certain types of data or geographically resident-constrained data [Col 4 line 56 –Col 5 line 3]. Please see Fig. 2 and Fig. 4).
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Banerjee into the invention of Jain-Lacey-Eaton for the purpose of enforcing the rule if it is determined that the sensitivity level is high, which leads to additional access requirements and security protection (Banerjee [Col 1 lines 23-30] [Col 5 lines 40-45]).
Claim 6 is/are rejected under 35 U.S.C. 103 as being unpatentable over Jain et al. (US 20160119289 hereinafter Jain) in view of Lacey et al. (US 20160098577 hereinafter Lacey), Watkins et al. (US 9027140 hereinafter as Watkins), and in further view of Gorbansky et al. (US 20160098405 hereinafter Gorbansky).
Re. claim 6, Jain-Lacey-Watkins teaches the system of claim 1. Although Jain discloses analysis of the data includes pattern matching, keyword matching and the like, Jain-Lacey-Watkins do not explicitly disclose but Gorbansky discloses wherein the monitoring component comprises: an evaluating component that matches one or more semantic entities to at least one of the data and the one or more rules based on a hash function (Gorbansky teaches Any suitable hash value formula may be used for text or other data in the object. Objects that may be rendered differently according to their native object models, yet contain identical semantic content, have identical hash values. Identify semantically identical objects as being identical and can, therefore, de-duplicate a set of objects [0085]. hash calculator 114 enable a user to set m or to select from a set of predetermined values of m, so as to set the level of similarity required for a match, such as "similar," "very similar" and "nearly identical." [0086] Fig. 12).
(Gorbansky [0085]).
Claims 13 and 19 is/are rejected under 35 U.S.C. 103 as being unpatentable over Jain et al. (US 20160119289 hereinafter Jain) in view of Lacey et al. (US 20160098577 hereinafter Lacey), Eaton et al. (US 20090016599 hereinafter Eaton), Watkins et al. (US 9027140 hereinafter as Watkins), and in further view of Eckhardt et al. (US 20180307645 hereinafter Eckhardt).
Re. claim 13, Jain-Lacey-Eaton-Watkins teaches the computer-implemented method of claim 8. Although Jain discloses analysis of the data includes pattern matching, keyword matching and the like, Jain-Lacey-Eaton-Watkins do not explicitly disclose but Eckhardt discloses wherein the analyzing comprises: matching, by the system, one or more semantic entities to at least one of the data and the one or more rules (Eckhardt teaches the RT-RT message will be processed through the data rule sets of the filter 310 by the CPU 308. If the RT-RT message is authenticated by the filter 310, i.e., matches at least one of the data rules of the data rule sets of the filter 310 and there are no other violations, CPU 308 will direct the filter 310 to copy the RT-RT message directly to memory block 316b by way of signal path 320b [0031] [0011]).
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Eckhardt into the invention of Jain-Lacey-Eaton-Watkins for purpose of matching the words in order to indicate if they are invalid or illegal command words, unauthorized data transfer and other low level of attacks (Eckhardt [0011]).
Re. claim 19, Jain-Lacey-Eaton-Watkins teaches the computer program product of claim 15. Although Jain discloses analysis of the data includes pattern matching, keyword matching and the like, Jain-Lacey-Eaton-Watkins do not explicitly disclose but Eckhardt discloses wherein the program (Eckhardt teaches the RT-RT message will be processed through the data rule sets of the filter 310 by the CPU 308. If the RT-RT message is authenticated by the filter 310, i.e., matches at least one of the data rules of the data rule sets of the filter 310 and there are no other violations, CPU 308 will direct the filter 310 to copy the RT-RT message directly to memory block 316b by way of signal path 320b [0031] [0011]).
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Eckhardt into the invention of Jain-Lacey-Eaton-Watkins for purpose of matching the words in order to indicate if they are invalid or illegal command words, unauthorized data transfer and other low level of attacks (Eckhardt [0011]).
Claim 7 is/are rejected under 35 U.S.C. 103 as being unpatentable over Jain et al. (US 20160119289 hereinafter Jain) in view of Lacey et al. (US 20160098577 hereinafter Lacey), Watkins et al. (US 9027140 hereinafter as Watkins), and in further view of Torney et al. (US Patent 9111069 hereinafter Torney).
Re. claim 7, Jain-Lacey-Watkins teaches system of claim 1. Although Jain-Lacey-Watkins discloses analyzing the content based on a specification or rule, Jain-Lacey-Watkins do not explicitly disclose but Torney discloses further comprising: a specification component comprising one or more specifications defined by the first entity, wherein the monitoring component further analyzes the content based on the one or more specifications (Torney teaches the DLP product includes a DLP scanning with language detection engine to identify the language of the data content to be scanned and scanning the data content with DLP policies that are specific to that identified language. In this manner, the DLP product can operate in a more efficient manner [Col 4 lines 31-57]).
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Torney into the invention of (Torney [Col 4 lines 31-57]).
Claims 14, and 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Jain et al. (US 20160119289 hereinafter Jain) in view of Lacey et al. (US 20160098577 hereinafter Lacey), Eaton et al. (US 20090016599 hereinafter Eaton), Watkins et al. (US 9027140 hereinafter as Watkins), and in further view of Torney et al. (US Patent 9111069 hereinafter Torney).
Re. claim 14, Jain-Lacey-Eaton-Watkins teaches the computer-implemented method of claim 8. Although Jain-Lacey-Eaton-Watkins discloses analyzing the content based on a specification or rule, Jain-Lacey-Eaton-Watkins do not explicitly disclose but Torney discloses wherein the analyzing is based on one or more specifications defined by the first entity, to facilitate at least one of improved processing accuracy and improved processing efficiency for automatic detection of unauthorized use of the data by the second entity (Torney teaches the DLP product includes a DLP scanning with language detection engine to identify the language of the data content to be scanned and scanning the data content with DLP policies that are specific to that identified language. In this manner, the DLP product can operate in a more efficient manner [Col 4 lines 31-57]).
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Torney into the invention of Jain-Lacey-Eaton-Watkins for purpose of having a product that can operate in an efficient manner (Torney [Col 4 lines 31-57]).
Re. claim 20, Jain-Lacey-Eaton-Watkins teaches the computer program product of claim 15. Although Jain-Lacey-Eaton-Watkins discloses analyzing the content based on a specification or rule, Jain-Lacey-Eaton-Watkins do not explicitly disclose but Torney discloses wherein the program instructions further cause the processor to: analyze the content based on one or more specifications defined by the first entity, to facilitate at least one of improved processing accuracy and improved processing efficiency (Torney teaches the DLP product includes a DLP scanning with language detection engine to identify the language of the data content to be scanned and scanning the data content with DLP policies that are specific to that identified language. In this manner, the DLP product can operate in a more efficient manner [Col 4 lines 31-57]).
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Torney into the invention of Jain-Lacey-Eaton-Watkins for purpose of having a product that can operate in an efficient manner (Torney [Col 4 lines 31-57]).
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to KEVIN A AYALA whose telephone number is (571)270-3912.  The examiner can normally be reached on Monday-Thursday 8AM-5PM; Friday: Variable EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Shewaye Gelagay can be reached on 571-272-4219.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact 






/K.A./Examiner, Art Unit 2436                                                                                                                                                                                                        
/SHEWAYE GELAGAY/Supervisory Patent Examiner, Art Unit 2436