DETAILED ACTION
This Action is in response to Application Number 16449005 received on 6/21/2019.
Claims 1-4 are presented for examination.
Notice of Pre-AIA  or AIA  Status
The present application is being examined under the pre-AIA  first to invent provisions. 
Claim Objections
Claim 2 is objected to because of the following informalities:  
Claim 2 appears to mistakenly depend from itself by reciting, “The method of claim 2”.  For examination purposes, claim 2 is interpreted as depending from claim 1.
 Appropriate correction is required.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 2-4 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.



Claim 3 recites the limitation, “a server computer in a first communication session receiving via a computer network from endpoint computers of the computer network requests for access configuration files”.  It is unclear as to how plural requests from multiple endpoint computers can be within a single “first communication session”.  Applicant’s specification appears to explain the opposite, in that a single client computer has its own communication session with the server, as shown in paragraph [0006], for example.  For examination purposes, the limitation will be interpreted in accordance with the specification, with each client having its own session.
Claim 4 recites the limitation, “the server computer controlling storage of data received from one or more endpoint computers regarding in the unique communication sessions other than the first communication session violations of policies included in the dispatched access configuration files”.  Due to the run-on structure of this limitation, it is unclear as to the intended scope.  It is unclear if the limitation is intended to recite that the “data” is received in the unique communication sessions, or if the “violations of policies” occurs in the unique communication sessions.  .  For examination purposes, 
Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of pre-AIA  35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed in the United States before the invention by the applicant for patent or (2) a patent granted on an application for patent by another filed in the United States before the invention by the applicant for patent, except that an international application filed under the treaty defined in section 351(a) shall have the effects for purposes of this subsection of an application filed in the United States only if the international application designated the United States and was published under Article 21(2) of such treaty in the English language.

Claim 1 is rejected under pre-AIA  35 U.S.C. 102(e) as being anticipated by Allan et al. (US 7580996).

Regarding claim 1, Allan disclosed a method of controlling computer network access comprising: 
(a) a server computer in a first communication session receiving via a computer network from an endpoint computer of the computer network a request for an access configuration file suitable to be used in a third communication session (Allan, col. 6, lines 12-14, Figure 2A Allan disclosed client machine 210 sending “configuration/policy update requests 210 which are received by Management Server 202 per Figure 2; See also col. 6, lines 51-67, “Monitoring agent 220 sends triggered configuration/policy update request 230 to management server 202”; col. 6, line 66 through col. 7, line 2, “In 
(b) the server computer dispatching to said endpoint computer the access configuration file dispatched in step (b) (Allan, col. 6, line 67 through col. 7, line 5, "In response, management server 202 sends configuration/policy update responses 232 to monitoring agent 220, which stores the updates in configuration/policy file 222");
(c) following step (b) the server computer dispatching to said endpoint computer an update to the access configuration file dispatched in step (b) or another access configuration file (Allan, col. 6, line 51 through col. 7, line 5, The teachings of Allan disclosed the manner of requesting/receiving these "configuration/policy update responses" in a manner that allows for such to be repeated; For example, see col. 9, lines 11-15, "The process shown in Fig. 4 is essentially a non-ending loop that may be terminated when the monitoring agent is killed or the system is shut down”), 

3 is rejected under pre-AIA  35 U.S.C. 102(e) as being anticipated by Hayes, Jr. et al. (US 6339826)

Regarding claim 3, Hayes disclosed a method of controlling computer network access comprising: 
(a) a server computer in a first communication session receiving via a computer network from endpoint computers of the computer network requests for access configuration files suitable to be used in unique communication sessions other than the first communication session (Hayes, Fig. 8, 704, col. 4, lines 10-20, 34-50  Hayes disclosed "the system allows users to roam, that is, to log-in from any computer in the system at any time and have it configured automatically at run time according to the preferences stored for the user at the server";  At 704, the user requests Desktop.html which is a configuration file that includes a list of applications and associated parameters to which the user has access permission; see also, col. 13, lines 59-67 which explicitly shows a request for a file;  The limitation that the file is “suitable to be used in unique communication sessions other than the first communication session” is merely descriptive of the files and therefore non-functional descriptive material, as the steps of the claim would be performed the same regardless of this description of the files;  Regardless, See Hayes, col. 4, line 65 through col. 5, line 2, Hayes disclosed that the desktop object file is built by the server at log on time, and thus every time each user logs in, the desktop object is provided.  As such, the desktop objects being requested are suitable to be used in unique communication sessions other than the first communication session, as claimed.); 

(c)    the server computer dispatching a generic access configuration file to each endpoint computer for which a unique access configuration file was not prepared (Hayes, col. 4, lines 34-50 Hayes disclosed in response to logging in, the server sends a file that includes a list of applications and associated parameters to which the user has access permission; col. 5, lines 10-13, Hayes disclosed a “desktop object” is downloaded to the user station; Hayes col. 7, lines 54-67, Hayes disclosed that configurations may be at the ”group” level, which means that multiple users may receive the same “group” level object; col. 7, lines 15-20, Hayes also disclosed "default memberships" which applies default permissions/privileges to such users; As such it is evident that a unique access configuration file is not stored at the server for such a user, since the server provides the basic "Default membership" permissions/privileges and not a user specific access permission, and therefore amounts to a generic configuration; col. 4, lines 30-50, Hayes disclosed following access permissions, and therefore the .

Claim Rejections - 35 USC § 103
The following is a quotation of pre-AIA  35 U.S.C. 103(a) which forms the basis for all obviousness rejections set forth in this Office action:
(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are such that the subject matter as a whole would have been obvious at the time the invention was made to a person having ordinary skill in the art to which said subject matter pertains.  Patentability shall not be negatived by the manner in which the invention was made.

Claim 2 is rejected under pre-AIA  35 U.S.C. 103(a) as being unpatentable over Allan et al. (US 7580996) in view of Jacobson (US 6735701).

Regarding claim 2, Allan disclosed the method of claim 1, including
the server computer storing data received from said endpoint computer regarding in a third communication session information related to at least one policy included in the first access configuration file, the updated access configuration file, or the other access configuration file (Allan, col. 6, lines 12-35, Allan further disclosed the Monitoring agent 220 sniffing all data traffic generated, to which the data traffic is scanned for specific types of information as specified by configuration/policy file 222;  Allan further disclosed the Monitoring agent 220 employing a packet sniffer to examine the client’s outgoing data traffic and monitor for specific events as previously specified in the 
Allan did not explicitly disclose the data received as being with regards to a “violation” of the at least one policy.
In an analogous art, Jacobson disclosed a network policy management and effectiveness system for maintaining policy compliance on a computer network, which provides the concept of monitoring network activity to insure users are in compliance with the organization’s network security policies (Jacobson, col. 10, lines 60-67), to which the policy compliance monitor oversees user profile, email compliance, internet compliance, document management and software compliance functions to collect network user security policy compliance activities (col. 11, lines 4-9) in which the policy compliance and reporting module monitors and records user and network system activities including violations (col. 13, lines 25-40).  Jacobson does not limit the monitoring to any particular communication session, as the teachings involve collecting and storing policy/violation information across all communication sessions the users have for all of the above activities.
One of ordinary skill in the art at the time of the invention would have been motivated to combine the teachings of Allan and Jacobson since both relate to enforcement of specific permissions provided to the users of the network and as such both are within similar environments.  
.

Claim 4 is rejected under pre-AIA  35 U.S.C. 103(a) as being unpatentable over Hayes, Jr. et al. (US 6339826) in view of Jacobson (US 6735701).

Regarding claim 4, Hayes disclosed the method of claim 3, but did not explicitly disclose: (d) the server computer controlling storage of data received from one or more endpoint computers regarding in the unique communication sessions other than the first communication session violations of policies included in the dispatched access configuration files.
In an analogous art, Jacobson disclosed a network policy management and effectiveness system for maintaining policy compliance on a computer network, which provides the concept of monitoring network activity to insure users are in compliance with the organization’s network security policies (Jacobson, col. 10, lines 60-67) in which the policy compliance and reporting module monitors and records user and network system activities including violations (col. 13, lines 25-40).  Jacobson does not limit the monitoring to any particular communication session, as the teachings involve 
One of ordinary skill in the art at the time of the invention would have been motivated to combine the teachings of Hayes and Jacobson since both relate to enforcement of specific permissions provided to the users of the network and as such both are within similar environments.
Therefore it would have been obvious to one of ordinary skill in the art at the time the invention was made to incorporate the policy monitoring techniques of Jacobson within the teachings of Hayes in order to produce a system that not only provides specific policy/permissions that each user must abide to, but also provides the ability to monitor the user’s activity in order to ensure that the user follows his/her specific policy, thereby providing an extra layer of protection to an organization in ensuring that its users abide to their specific policies.

Response to Arguments
Applicant’s arguments filed on 2/12/2021 have been carefully considered but they are not fully persuasive.  
The previous 35 USC 112 rejections have been withdrawn in view of the amendments.  However, the amendments to the claims appear to introduce new 35 USC 112 issues.  See the rejections above.
The Applicant does not present any arguments with respect to the cited prior art.
Examiner further notes that the added limitation to claim 1, in merely describing that the “request for an access configuration file suitable to be used in a third communication session” amounts to merely describing the file of the “request”, and therefore amounts to nonfunctional descriptive material as the step of requesting would 
Therefore the rejection is respectfully maintained.
It is the Examiner’s position that Applicant has not yet submitted claims drawn to limitations, which define the operation and apparatus of Applicant’s disclosed invention in manner, which distinguishes over the prior art.
Failure for Applicant to significantly narrow definition/scope of the claims and supply arguments commensurate in scope with the claims implies the Applicant intends broad interpretation be given to the claims.  The Examiner has interpreted the claims with scope parallel to the Applicant in the response and reiterates the need for the Applicant to more clearly and distinctly define the claimed invention.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
Pitzel et al. (US 7062765) disclosed a user requesting a configuration file from a server, to which the server provides the configuration file (Fig. 4 and related portions of disclosure).
Malmar et al. (US 7155490) disclosed, “Web-based computer applications are downloaded from the server onto the network-enabled device, and executed in conjunction with the web-based operating system. Those portions of the web-based operating system software and web-based computer application software are downloaded to the network-enabled device as needed” (Abstract).

Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Rupal Dharia can be reached on 571-272-3880.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.