DETAILED ACTION
1.	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
2.	This action is in response to amendment filed on 2/11/202, in which claims 1 – 6, 9, 11, 14, 16, and 19 was amended, and claims 1 - 22 was presented for further examination.
3.	Claims 1 – 22 are now pending in the application.

Continued Examination Under 37 CFR 1.114
4.	A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 2/11/2021 has been entered.
 
Response to Arguments
5.	Applicant's arguments filed on 2/11/2021 have been fully considered but they are not persuasive. (see Remarks below).




Remarks
6.1	As per amended claim 1, applicant argues in substance in pages 9 – 11 that the combine teaching of Tamayo-Rios et al (US 2013/0067243 A1), Birk et al (US 2014/0181909 A1), and Grab et al (US 2013/0174273 A1)   does not disclose 
wherein the application on the client device is configured to grant access to a first subset of the content items stored on the client device based on the client device comprising a first subset of device characteristics as required in the one or more access rules for the first subset of the content items and deny access to a second subset of the content items stored on the client device based on the client device comprising a second subset of device characteristics as required in the one or more access rules for the second subset of the content items.
	Examiner respectfully disagrees.
In response to applicant’s argument, the combine teaching of Tamayo-Rios et al (US 2013/0067243 A1), in view of Kiang et al (US 2013/0268999 A1) disclose wherein the application on the client device is configured to grant access to a first subset of the content items stored on the client device based on the client device comprising a first subset of device characteristics as required in the one or more access rules for the first subset of the content items and deny access to a second subset of the content items stored on the client device based on the client device comprising a second subset of device characteristics as required in the one or more access rules for the second subset of the content items (Tamayo-Rios: para.[0064] – para.[0065] and para.[0071]).
	Tamayo-Rios discloses method for allowing content stored on multiple devices of user to be synchronized with cloud content. A security key are granted to requesting application to access to the requested content. An application identifier is assign to a portion of the data, the application identifier of the requesting device are compare with application identifier of the requesting content to determine whether the requesting entity can be granted an access to the content. If there is a match, an access is granted (see para.[0003] – para.[0004]). A device are associated with enterprise policies or permission that describe the content that can be synchronized to it, any non-enterprise device cannot be synchronized with enterprise device, the system control this synchronization through the permission or enterprise policies stored on the devices (see para.[0005] and para.[0017])). User devices are mapped to user profile for the user permission to be associated with user the computing devices (see para.[0030]). User account can be associated various type of user permission and user data (see para.[0047]). The synchronization can be limited to a device with enterprise type of permission or policy to prevent work related data from synchronizing with personal device (see para.[0064]). A request for synchronization is initiated by client device, the class of the device that may include device identifier, physical features of the device or other common characteristics of the devices are identified by enterprise system, the system determine whether the device characterizes and application request ID are permitted to synchronized the enterprise system based on permission and access policy on the enterprise system. The permission is granted or denied based on the outcome. (see para.[0065] and para.[0071]).


Double Patenting
7.	The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159.  See MPEP §§ 706.02(l)(1) - 706.02(l)(3) for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Claims 1, 6, 11, 16 are rejected on the ground of nonstatutory double patenting as being unpatentable over claim 1 of Patent #: US 9,817,987 B2. The claimed are similar as detail below; 
Instant Application# #: 15/801,900
Patent #: US  9817987 B2
1. A computer-implemented method comprising: receiving, from an application stored on a client device that is authorized to access a user account of a synchronized content management system, a request to access content items associated with the user account, wherein the content items are stored on the client device, wherein the application is authorized to access the content items when one or more access rules for each of the content items are met; in response to the request, obtaining the one or more access rules for the content items associated with the user account, wherein the one or more access rules define access restrictions for the content items stored on the client device by the application stored on the client device; wherein the application on the client device is configured to grant access to a first subset of the content items stored on the client device based on the client device comprising a first subset of device characteristics as required in the one or more access rules for the first subset of the content items  and deny access to a second subset of the content items stored on the client device based on the client device comprising a second subset of device characteristics as required in the one or more access rules for the second subset of the content items.
1. A computer-implemented method, comprising: receiving, at a synchronized online content management system, a request from an application on a client device to access a user account, the request comprising a request property indicating at least one of an application type of the application or a device type of the client device, wherein the user account has permission to access all user account items stored in the synchronized online content management system within the user account via user account credentials; in response to the request, determining at least one of the application type or the device type; obtaining one or more access rules for the user account items by the application on the client device; wherein the one or more access rules include location specific access rules and define different synchronization restrictions for the user account items by the application on the client device, the synchronization restrictions providing which user account items stored on the synchronized content management system can be synchronized by the application on the client device and those that cannot be synchronized, wherein the synchronization restrictions are based on at least the determination of the application type or device type; applying the synchronization restrictions from the one or more access rules to determine which particular user account items can by synchronized with the application on the client device; enabling synchronization of the particular user account items with the application on the client device; presenting, via the application on the client device, the user account items including the particular user account items and the user account items that cannot be synchronized, wherein the user account items that cannot be synchronized are restricted from access at the application on the client device in accordance with the synchronization restrictions; receiving, at the synchronized online content management system, a request from the application on the client device to access the synchronized particular user account items, wherein the request to access the synchronized particular user account items includes an IP address used to make the request; determining an authenticity of the IP address utilizing the location specific access rules; and allowing the application on the client device to access the particular user account items when the IP address is determined to be authentic
6. A computer-implemented method comprising: receiving, from an application stored on a client device authorized to access a user account on a synchronized content management system, a request to access content items associated with the user account, wherein the application is authorized to access each of the content items when one or more access rules for each of the content items are met; in response to the request, obtaining the one or more access rules for the content items associated with the user account, wherein the one or more access rules define access restrictions for the content items by the application stored on the client device; applying the one or more access rules for each content item, wherein access is granted to a first subset of the content items stored on the client device based on the client device comprising a first subset of device characteristics as required in the one or more access rules for the first subset of the content items  and access is denied to a second subset of the content items stored on the client device based on the client device comprising a second subset of device characteristics as required in the one or more access rules for the second subset of the content items.
1. A computer-implemented method, comprising: receiving, at a synchronized online content management system, a request from an application on a client device to access a user account, the request comprising a request property indicating at least one of an application type of the application or a device type of the client device, wherein the user account has permission to access all user account items stored in the synchronized online content management system within the user account via user account credentials; in response to the request, determining at least one of the application type or the device type; obtaining one or more access rules for the user account items by the application on the client device; wherein the one or more access rules include location specific access rules and define different synchronization restrictions for the user account items by the application on the client device, the synchronization restrictions providing which user account items stored on the synchronized content management system can be synchronized by the application on the client device and those that cannot be synchronized, wherein the synchronization restrictions are based on at least the determination of the application type or device type; applying the synchronization restrictions from the one or more access rules to determine which particular user account items can by synchronized with the application on the client device; enabling synchronization of the particular user account items with the application on the client device; presenting, via the application on the client device, the user account items including the particular user account items and the user account items that cannot be synchronized, wherein the user account items that cannot be synchronized are restricted from access at the application on the client device in accordance with the synchronization restrictions; receiving, at the synchronized online content management system, a request from the application on the client device to access the synchronized particular user account items, wherein the request to access the synchronized particular user account items includes an IP address used to make the request; determining an authenticity of the IP address utilizing the location specific access rules; and allowing the application on the client device to access the particular user account items when the IP address is determined to be authentic
11. A computer-implemented method comprising: sending, from an application stored on a client device authorized to access a user account of a synchronized content management system, a request to access content items associated with the user account, wherein the application is authorized to access the content items when the client device is associated with at least one context; synchronizing, by the application stored on the client device, the content items associated with the user account of the synchronized content management system, wherein the synchronizing includes downloading one or more access rules for the content items associated 4Serial No.: 15/801,900 Confirmation No.: 1609 Docket No.:085118-581517_P221USC1 with the user account and the one or more access rules define access restrictions for the content items by the application stored on the client device; applying, by the application stored on the client device, the one or more access rules to determine a first subset of content items stored on the client device based on the client device comprising a first subset of device characteristics as required in the one or more access rules associated with the first subset of the content items and a second subset of content items stored on the client device based on the client device comprising a second subset of device characteristics as required in the one or more access rules associated with the second subset of the content items; presenting, via the application stored on the client device, a representation of the content items associated with the user account; and in response to a request to access a content item from the content items associated with the user account through the application stored on the client device, allowing access to the first subset of content items and restricting access to the second subset of content items.
1. A computer-implemented method, comprising: receiving, at a synchronized online content management system, a request from an application on a client device to access a user account, the request comprising a request property indicating at least one of an application type of the application or a device type of the client device, wherein the user account has permission to access all user account items stored in the synchronized online content management system within the user account via user account credentials; in response to the request, determining at least one of the application type or the device type; obtaining one or more access rules for the user account items by the application on the client device; wherein the one or more access rules include location specific access rules and define different synchronization restrictions for the user account items by the application on the client device, the synchronization restrictions providing which user account items stored on the synchronized content management system can be synchronized by the application on the client device and those that cannot be synchronized, wherein the synchronization restrictions are based on at least the determination of the application type or device type; applying the synchronization restrictions from the one or more access rules to determine which particular user account items can by synchronized with the application on the client device; enabling synchronization of the particular user account items with the application on the client device; presenting, via the application on the client device, the user account items including the particular user account items and the user account items that cannot be synchronized, wherein the user account items that cannot be synchronized are restricted from access at the application on the client device in accordance with the synchronization restrictions; receiving, at the synchronized online content management system, a request from the application on the client device to access the synchronized particular user account items, wherein the request to access the synchronized particular user account items includes an IP address used to make the request; determining an authenticity of the IP address utilizing the location specific access rules; and allowing the application on the client device to access the particular user account items when the IP address is determined to be authentic
16. A computer-implemented method comprising: sending, from an application stored on a client device authorized to access a user account on a synchronized content management system, a request to access content items associated with the user account, wherein the application is authorized to access each of the content items when one or more access rules for each of the content items are met; synchronizing between the application stored on the client device and the synchronized content management system the content items associated with the user account, wherein access to the content items are based on the one or more access rules defining a first subset of the content items stored on the client device based on the client device comprising a first subset of device characteristics as required in the one or more access rules associated with the first subset of the content items and a second subset the content items stored on the client device based on the client device comprising a second subset of device characteristics as required in the one or more access rules associated with the second subset of the content items; presenting, via the application stored on the client device, a representation of the content items associated with the user account; and allowing access to the first subset of the content items.
1. A computer-implemented method, comprising: receiving, at a synchronized online content management system, a request from an application on a client device to access a user account, the request comprising a request property indicating at least one of an application type of the application or a device type of the client device, wherein the user account has permission to access all user account items stored in the synchronized online content management system within the user account via user account credentials; in response to the request, determining at least one of the application type or the device type; obtaining one or more access rules for the user account items by the application on the client device; wherein the one or more access rules include location specific access rules and define different synchronization restrictions for the user account items by the application on the client device, the synchronization restrictions providing which user account items stored on the synchronized content management system can be synchronized by the application on the client device and those that cannot be synchronized, wherein the synchronization restrictions are based on at least the determination of the application type or device type; applying the synchronization restrictions from the one or more access rules to determine which particular user account items can by synchronized with the application on the client device; enabling synchronization of the particular user account items with the application on the client device; presenting, via the application on the client device, the user account items including the particular user account items and the user account items that cannot be synchronized, wherein the user account items that cannot be synchronized are restricted from access at the application on the client device in accordance with the synchronization restrictions; receiving, at the synchronized online content management system, a request from the application on the client device to access the synchronized particular user account items, wherein the request to access the synchronized particular user account items includes an IP address used to make the request; determining an authenticity of the IP address utilizing the location specific access rules; and allowing the application on the client device to access the particular user account items when the IP address is determined to be authentic



Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


8.	Claims 1, 6, 11, and 16 recites “deny access to a second subset of the content items stored on the client device based on the client device comprising a second subset of device characteristics as required in the one or more access rules for the second subset of the content items”. This claimed feature deny access to content, though the requesting device comprises the require information for accessing the data. Examiner cannot ascertain how this is possible when the device is accessing content based on device access level. 

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

9.	Claims 1 – 3, 5 – 8, 10, and 21 - 22 are rejected under 35 U.S.C. 103 as being unpatentable over Tamayo-Rios et al (US 2013/0067243 A1), in view of Kiang et al (US 2013/0268999 A1).
As per claim 1, Tamayo-Rios et al (US 2013/0067243 A1) discloses,
A computer-implemented method comprising: receiving, from an application stored on a client device that is authorized to access a user account of a synchronized content management system (para.[0023]; “Access to a particular one of the data packages 110 can be controlled based on a particular application ID. …. an access policy associated with one of the data packages 110 can restrict access to the data package to applications that have a particular application ID” and para.[0027]; “The sync host 120 is representative of functionality to synchronize data between the computing device 102 and other devices”).
a request to access content items associated with the user account (para.[0059]; “receives a request from a requesting application for the encrypted sensitive data”). 
wherein the content items are stored on the client device (para.[0022]; “computing device 102 are one or more data packages …. a particular one of the data packages 110 can store data for an associated one of the applications”, where computing device is “client device” and para.[0036]; “computing device 102 may be configured in a variety of different ways, such as for mobile 202, computer 204, and television 206 uses”).
wherein the application is authorized to access the content items when one or more access rules for each of the content items are met (para.[0022]; “access to data from the particular data package can be restricted to the associated application” and para.[0023]; “an access policy associated with one of the data packages 110 can restrict access to the data package to applications that have a particular application ID”).
in response to the request, obtaining the one or more access rules for the content items associated with the user account (para.[0023]; “an access policy associated with one of the data packages 110 can restrict access to the data package to applications that have a particular application ID. If the request to access the data package does not originate from an application with the appropriate application ID, access to the data package may be denied, e.g., by the operating system of computing device” and para.[0030]; “a device identifier for the computing device 102 can be mapped to a user profile for the user to associate user permissions with the computing device”).
wherein the one or more access rules define access restrictions for the content items stored on the client device by the application stored on the client device (para.[0023]; “an access policy associated with one of the data packages 110 can restrict access to the data package to applications that have a particular application ID”, para.[0032]; “access to a particular data storage compartment can be restricted to a user with permission”, and para.[0047]; “user account can be associated with various types of user permissions and user data”).
wherein the application on the client device is configured to grant access to a first subset of the content items stored on the client device based on the client device comprising a first subset of device characteristics as required in the one or more access rules for the first subset of the content items (para.[0064]; “synchronization of enterprise data can be limited to devices with enterprise-type permissions and/or policies”, para.[0065]; “data can be determined to be enterprise data based on a device type for the device, a type of application that generates the data”, and para.[0071]; “policies can specify sync parameters and permissions based on a variety of different data and device types”).
and deny access to a second subset of the content items stored on the client device based on the client device comprising a second subset of device characteristics as required in the one or more access rules for the second subset of the content items (para.[0071]; “prevent sensitive personal data from being synced from a personal, non-enterprise device, to the enterprise device. Other sync policies can specify sync parameters and permissions based on a variety of different data and device types” and claim 17; “if the application identifier for the application does not match the application identifier used to mark the encrypted data, denying the application access to the encrypted data”, where deny access to personal data based on device type is “deny access to a second subset of the content items stored on the client device”).
	The Examiner believes Tamayo-Rios et al (US 2013/0067243 A1) discloses fully anticipates each and every feature of claim 1. In the alternative, it would have been obvious to one of ordinary skill in the art at the time invention was made to incorporate Kiang et al (US 2013/0268999 A1) into Tamayo-Rios et al (US 2013/0067243 A1) to include one or more access rules define access restrictions (Kiang: para.[0080]; “access control list which details permissions including for example, the access and operation rights of an object by an individual”). The modification would be obvious because one of ordinary skill in the art would be motivated to allow multiple access control list defined for individual devices of a user of the system of Kiang to be used in accessing synchronization management system of the system of Tamayo-Rios for limiting the number of user devices permitted to access specific application.

As per claim 2, the rejection of claim 1 is incorporated and further Tamayo-Rios et al (US 2013/0067243 A1) discloses,
further comprising determining an application type of the application stored on the client device (para.[0023]; “an access policy associated with one of the data packages 110 can restrict access to the data package to applications that have a particular application ID”).
wherein the device characteristics comprise the application type of the application stored on the client device, the one or more access rules provide a different access level based on the determined application type (para.[0071]; “policies can specify sync parameters and permissions based on a variety of different data and device types”).  

As per claim 3, the rejection of claim 1 is incorporated and further Tamayo-Rios et al (US 2013/0067243 A1) discloses,
further comprising determining a client device type of the client device that stores the application, wherein the device characteristics comprise the client device type of the client device that stores the2Serial No.: 15/801,900 Confirmation No.: 1609 Docket No.:085118-581517_P221USC1 application, the one or more access rules provide a different access level based on the determined device type (para.[0022]; “access to data from the particular data package can be restricted to the associated application” and para.[0065]; “data can be determined to be enterprise data based on a device type for the device, a type of application that generates the data”).  

As per claim 5, the rejection of claim 1 is incorporated and further Kiang et al (US 2013/0268999 A1) discloses,
wherein the device characteristics comprise an IP address used to make the request, the one or more access rules are based on the IP address used to make the request (para.[0047]; “additional information, such as the IP address 406 and/or device authentication date 410 can be stored for each authorized device”).

As per claim 6, Tamayo-Rios et al (US 2013/0067243 A1) discloses,
A computer-implemented method comprising: receiving, from an application stored on a client device authorized to access a user account on a synchronized content management system (para.[0023]; “Access to a particular one of the data packages 110 can be controlled based on a particular application ID. …. an access policy associated with one of the data packages 110 can restrict access to the data package to applications that have a particular application ID” and para.[0027]; “The sync host 120 is representative of functionality to synchronize data between the computing device 102 and other devices”).
 a request to access content items associated with the user account (para.[0059]; “receives a request from a requesting application for the encrypted sensitive data”). 
wherein the application is authorized to access each of the content items when one or more access rules for each of the content items are met (para.[0022]; “access to data from the particular data package can be restricted to the associated application” and para.[0023]; “an access policy associated with one of the data packages 110 can restrict access to the data package to applications that have a particular application ID”).
in response to the request, obtaining the one or more access rules for the content items associated with the user account (para.[0023]; “an access policy associated with one of the data packages 110 can restrict access to the data package to applications that have a particular application ID. If the request to access the data package does not originate from an application with the appropriate application ID, access to the data package may be denied, e.g., by the operating system of computing device” and para.[0030]; “a device identifier for the computing device 102 can be mapped to a user profile for the user to associate user permissions with the computing device”). 
wherein the one or more access rules define access restrictions for the content items by the application stored on the client device (para.[0022]; “access to data from the particular data package can be restricted to the associated application” and para.[0023]; “an access policy associated with one of the data packages 110 can restrict access to the data package to applications that have a particular application ID”).;
applying the one or more access rules for each content item (para.[0032]; “access to a particular data storage compartment can be restricted to a user with permission”).
wherein access is granted to a first subset of the content items stored on the client device based on the client device comprising a first subset of device characteristics as required in the one or more access rules for the first subset of the content items (para.[0064]; “synchronization of enterprise data can be limited to devices with enterprise-type permissions and/or policies”, para.[0065]; “data can be determined to be enterprise data based on a device type for the device, a type of application that generates the data”, and para.[0071]; “policies can specify sync parameters and permissions based on a variety of different data and device types”).
and access is denied to a second subset of the content items stored on the client device based on the client device comprising a second subset of device characteristics as required in the one or more access rules for the second subset of the content items (para.[0071]; “prevent sensitive personal data from being synced from a personal, non-enterprise device, to the enterprise device. Other sync policies can specify sync parameters and permissions based on a variety of different data and device types” and claim 17; “if the application identifier for the application does not match the application identifier used to mark the encrypted data, denying the application access to the encrypted data”, where deny access to personal data based on device type is “deny access to a second subset of the content items stored on the client device”).
	The Examiner believes Tamayo-Rios et al (US 2013/0067243 A1) discloses fully anticipates each and every feature of claim 1. In the alternative, it would have been obvious to one of ordinary skill in the art at the time invention was made to incorporate Kiang et al (US 2013/0268999 A1) into Tamayo-Rios et al (US 2013/0067243 A1) to include one or more access rules define access restrictions (Kiang: para.[0080]; “access control list which details permissions including for example, the access and operation rights of an object by an individual”). The modification would be obvious because one of ordinary skill in the art would be motivated to allow multiple access control list defined for individual devices of a user of the system of Kiang to be used in accessing synchronization management system of Tamayo-Rios for limiting the number of user devices permitted to access specific application.

As per claim 7, the rejection of claim 6 is incorporated and further Tamayo-Rios et al (US 2013/0067243 A1) discloses,
further comprising determining an application type of the application stored on the client device, wherein the one or more access rules provide a different access level based on the determined application type (para.[0023]; “an access policy associated with one of the data packages 110 can restrict access to the data package to applications that have a particular application ID” para.[0071]; “policies can specify sync parameters and permissions based on a variety of different data and device types”).  
  
As per claim 8, the rejection of claim 6 is incorporated and further Tamayo-Rios et al (US 2013/0067243 A1) discloses,
further comprising determining a client device type of the client device that stores the application, wherein the one or more access rules provide a different access level based on the determined device type (para.[0022]; “access to data from the particular data package can be restricted to the associated application” and para.[0065]; “data can be determined to be enterprise data based on a device type for the device, a type of application that generates the data”).  
  
As per claim 10, the rejection of claim 6 is incorporated and further Kiang et al (US 2013/0268999 A1) discloses,
wherein the one or more access rules are based on an IP address used to make the request (para.[0047]; “additional information, such as the IP address 406 and/or device authentication date 410 can be stored for each authorized device”).

As per claim 21, the rejection of claim 1 is incorporated and further Tamayo-Rios et al (US 2013/0067243 A1) discloses,
wherein the at least one context further includes a type of the client device (para.[0065]; “enterprise data based on a device type for the device”).  

As per claim 22, the rejection of claim 1 is incorporated and further Tamayo-Rios et al (US 2013/0067243 A1) discloses,
wherein the type of the client device includes desktop computer, mobile computer, and mobile communication device (para.[0036]; “computing device 102 may be configured in a variety of different ways, such as for mobile 202, computer 204, and television 206 uses”).

10.	Claims 11 – 13 and 16 – 18 are rejected under 35 U.S.C. 103 as being unpatentable over Tamayo-Rios et al (US 2013/0067243 A1), in view of Rexer et al (US 2013/0311894 A1).
As per claim 11, Tamayo-Rios et al (US 2013/0067243 A1) discloses,
A computer-implemented method comprising: sending, from an application stored on a client device authorized to access a user account of a synchronized content management system (para.[0023]; “Access to a particular one of the data packages 110 can be controlled based on a particular application ID. …. an access policy associated with one of the data packages 110 can restrict access to the data package to applications that have a particular application ID” and para.[0027]; “The sync host 120 is representative of functionality to synchronize data between the computing device 102 and other devices”).
a request to access content items associated with the user account (para.[0059]; “receives a request from a requesting application for the encrypted sensitive data”). wherein the application is authorized to access the content items when the client device is associated with at least one context (para.[0032]; “access to a particular data storage compartment can be restricted to a user with permission”).
 synchronizing, by the application stored on the client device, the content items associated with the user account of the synchronized content management system, wherein the synchronizing includes downloading one or more access rules for the content items associatedConfirmation No.: 1609 Docket No.:085118-581517_P221USC1with the user account and the one or more access rules define access restrictions for the content items by the application stored on the client device (para.[0064]; “control to which of the user's devices certain types of data get synchronized. ……… synchronization of enterprise data can be limited to devices with enterprise-type permissions and/or policies. This can prevent sensitive work-related data from being synchronized from an enterprise device to a personal device unless there is an indication that such synchronization is permitted”).
applying, by the application stored on the client device, the one or more access rules to determine a first subset of content items stored on the client device based on the client device comprising a first subset of device characteristics as required in the one or more access rules  associated with the first subset of the content items  and a second subset of content items stored on the client device based on the client device comprising a second subset of device characteristics as required in the one or more access rules associated with the second subset of the content items (para.[0023]; “an access policy associated with one of the data packages 110 can restrict access to the data”, para.[0060]; “ascertains whether an application ID for the requesting application matches the application ID for the particular application” and para.[0065]; “determines that enterprise data is stored locally on a device…….. the data can be determined to be enterprise data based on a device type for the device, a type of application that generates the data”).
and in response to a request to access a content item from the content items associated with the user account through the application stored on the client device, allowing access to the first subset of content items and restricting access to the second subset of content items (para.[0064]; “synchronization of enterprise data can be limited to devices with enterprise-type permissions and/or policies”, para.[0065]; “data can be determined to be enterprise data based on a device type for the device, a type of application that generates the data”, and para.[0071]; “policies can specify sync parameters and permissions based on a variety of different data and device types”).
	Tamayo-Rios does not specifically disclose presenting, via the application stored on the client device, a representation of the content items associated with the user account.
	However, Rexer et al (US 2013/0311894 A1) in an analogous art discloses,
presenting, via the application stored on the client device, a representation of the content items associated with the user account (Fig.4 #426; “Present, a list of the applications to all users in the enterprise selectable for use by the users in accessing the corporate content or interacting with other users in the cloud environment”). 
	Therefore, it would have been obvious to one of ordinary skill in the art at the time the invention was filed to incorporate process of protecting of shared device of the system of Rexer into synchronization management system of the system of Tamayo-Rios to interact with content and synchronized only specific content they can access thereby protecting the integrity of the content and the system.

As per claim 12, the rejection of claim 11 is incorporated and further Tamayo-Rios et al (US 2013/0067243 A1) discloses,
further comprising determining an application type of the application stored on the client device, wherein the one or more access rules define different access levels for different operating system types (para.[0023]; “access to the data package may be denied, e.g., by the operating system of computing device” and claim 13; “querying an operating system of the device for the application identifier for the application”).  

As per claim 13, the rejection of claim 11 is incorporated and further Tamayo-Rios et al (US 2013/0067243 A1) discloses,
further comprising determining a client device type of the client device that stores the application, wherein the one or more access rules provide a different access level based on the determined device type (para.[0023]; “an access policy associated with one of the data packages 110 can restrict access to the data package to applications that have a particular application ID” para.[0071]; “policies can specify sync parameters and permissions based on a variety of different data and device types”).  
  
As per claim 16, Tamayo-Rios et al (US 2013/0067243 A1) discloses,
A computer-implemented method comprising: sending, from an application stored on a client device authorized to access a user account on a synchronized content management system (para.[0023]; “Access to a particular one of the data packages 110 can be controlled based on a particular application ID. …. an access policy associated with one of the data packages 110 can restrict access to the data package to applications that have a particular application ID” and para.[0027]; “The sync host 120 is representative of functionality to synchronize data between the computing device 102 and other devices”).
a request to access content items associated with the user account (para.[0059]; “receives a request from a requesting application for the encrypted sensitive data”). 
wherein the application is authorized to access each of the content items when one or more access rules for each of the content items are met (para.[0022]; “access to data from the particular data package can be restricted to the associated application” and para.[0023]; “an access policy associated with one of the data packages 110 can restrict access to the data package to applications that have a particular application ID”).
synchronizing between the application stored on the client device and the synchronized content management system the content items associated with the user account (para.[0064]; “control to which of the user's devices certain types of data get synchronized. ……… synchronization of enterprise data can be limited to devices with enterprise-type permissions and/or policies. This can prevent sensitive work-related data from being synchronized from an enterprise device to a personal device unless there is an indication that such synchronization is permitted”).
wherein access to the content items are based on the one or more access rules defining a first subset of the content items stored on the client device based on the client device comprising a first subset of device characteristics as required in the one or more access rules associated with the first subset of the content items and a second subset the content items stored on the client device based on the client device comprising a second subset of device characteristics as required in the one or more access rules associated with the second subset of the content items (para.[0023]; “an access policy associated with one of the data packages 110 can restrict access to the data package to applications, para.[0060]; “ascertains whether an application ID for the requesting application matches the application ID for the particular application” and para.[0065]; “determines that enterprise data is stored locally on a device…….. the data can be determined to be enterprise data based on a device type for the device, a type of application that generates the data”).
and allowing access to the first subset of the content items (para.[0001]; “allow data to be synchronized to a device”, where allow data to be synchronized is allowing access to the first data as claimed.). 
	Tamayo-Rios does not specifically disclose presenting, via the application stored on the client device, a representation of the content items associated with the user account
	However, Rexer et al (US 2013/0311894 A1) in an analogous art discloses,
presenting, via the application stored on the client device, a representation of the content items associated with the user account (Fig.4 #426; “Present, a list of the applications to all users in the enterprise selectable for use by the users in accessing the corporate content or interacting with other users in the cloud environment”). 
	Therefore, it would have been obvious to one of ordinary skill in the art at the time the invention was filed to incorporate process of protecting of shared device of the system of Rexer into synchronization management system of the system of Tamayo-Rios to interact with content and synchronized only specific content they can access thereby protecting the integrity of the content and the system.

As per claim 17, the rejection of claim 16 is incorporated and further Tamayo-Rios et al (US 2013/0067243 A1) discloses,
further comprising determining an application type of the application stored on the client device, wherein the one or more access rules provide a different access level based on the determined application type (para.[0023]; “an access policy associated with one of the data packages 110 can restrict access to the data package to applications that have a particular application ID” para.[0071]; “policies can specify sync parameters and permissions based on a variety of different data and device types”).  
  
As per claim 18, the rejection of claim 16 is incorporated and further Tamayo-Rios et al (US 2013/0067243 A1) discloses,
further comprising determining a client device type of the client device that stores the application, wherein the one or more access rules provide a different access level based on the determined device type (para.[0022]; “access to data from the particular data package can be restricted to the associated application” and para.[0065]; “data can be determined to be enterprise data based on a device type for the device, a type of application that generates the data”).  
  
11.	Claims 4 and 9 are rejected under 35 U.S.C. 103 as being unpatentable over Tamayo-Rios et al (US 2013/0067243 A1), in view of Kiang et al (US 2013/0268999 A1), and further in view of Landry et al (US 2007/0100834 A1).
As per claim 4, the rejection of claim 1 is incorporated, Tamayo-Rios et al (US 2013/0067243 A1) and Kiang et al (US 2013/0268999 A1) does not disclose wherein the one or more access rules comprise at least one of read access or write access based on an application type or a device type, and the user account is authorized to at least one of the read access or the write access.  
	However, Landry et al (US 2007/0100834 A1) in an analogous art discloses,
wherein the one or more access rules comprise at least one of read access or write access based on an application type or a device type, and the user account is authorized to at least one of the read access or the write access (para.[0098]; “control which fields of each table and which views are accessible by users and what is the access level (read-only, ability to modify fields and/or add/delete records”). 
	Therefore, it would have been obvious to one of ordinary skill in the art at the time the invention was file to incorporate sharing of data of the system of Landry into accessing synchronization management system of the system of Tamayo-Rios and multiple access control list defined for individual devices of a user of the system of Kiang to provide consistent information on connected device by preventing secured data from being expose to unauthorized devices or users.

As per claim 9, the rejection of claim 1 is incorporated, Tamayo-Rios et al (US 2013/0067243 A1) and Kiang et al (US 2013/0268999 A1) does not disclose wherein the one or more access rules comprise at least one of read access or write access based on an application type or a device type.  
	However, Landry et al (US 2007/0100834 A1) in an analogous art discloses,
wherein the one or more access rules comprise at least one of read access or write access based on an application type or a device type (para.[0098]; “control which fields of each table and which views are accessible by users and what is the access level (read-only, ability to modify fields and/or add/delete records”). 
	Therefore, it would have been obvious to one of ordinary skill in the art at the time the invention was file to incorporate sharing of data of the system of Landry into accessing synchronization management system of the system of Tamayo-Rios and multiple access control list defined for individual devices of a user of the system of Kiang to provide consistent information on connected device by preventing secured data from being expose to unauthorized devices or users.

12.	Claims 14 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Tamayo-Rios et al (US 2013/0067243 A1), in view of Rexer et al (US 2013/0311894 A1), and further in view of Landry et al (US 2007/0100834 A1).
As per claim 14, the rejection of claim 1 is incorporated, Tamayo-Rios et al (US 2013/0067243 A1) and Rexer et al (US 2013/0311894 A1) does not disclose wherein the one or more access rules comprise at least one of read access or write access based on an application type or a device type.  
	However, Landry et al (US 2007/0100834 A1) in an analogous art discloses,
wherein the one or more access rules comprise at least one of read access or write access based on an application type or a device type (para.[0098]; “control which fields of each table and which views are accessible by users and what is the access level (read-only, ability to modify fields and/or add/delete records”). 
	Therefore, it would have been obvious to one of ordinary skill in the art at the time the invention was file to incorporate sharing of data of the system of Landry into accessing synchronization management system of the system of Tamayo-Rios and protection of shared device of the system of Rexer to provide consistent information on connected device by preventing secured data from being expose to unauthorized devices or users.

As per claim 19, the rejection of claim 1 is incorporated, Tamayo-Rios et al (US 2013/0067243 A1) and Rexer et al (US 2013/0311894 A1) does not disclose wherein the one or more access rules comprise at least one of read access or write access based on an application type or a device type.  
	However, Landry et al (US 2007/0100834 A1) in an analogous art discloses,
wherein the one or more access rules comprise at least one of read access or write access based on an application type or a device type (para.[0098]; “control which fields of each table and which views are accessible by users and what is the access level (read-only, ability to modify fields and/or add/delete records”). 
	Therefore, it would have been obvious to one of ordinary skill in the art at the time the invention was file to incorporate sharing of data of the system of Landry into accessing synchronization management system of the system of Tamayo-Rios and protection of shared device of the system of Rexer to provide consistent information on connected device by preventing secured data from being expose to unauthorized devices or users.

13.	Claims 15 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Tamayo-Rios et al (US 2013/0067243 A1), in view of Rexer et al (US 2013/0311894 A1), and further in view of Kiang et al (US 2013/0268999 A1).
As per claim 15, the rejection of claim 11 is incorporated, Tamayo-Rios et al (US 2013/0067243 A1) and Rexer et al (US 2013/0311894 A1) does not disclose wherein the one or more access rules are based on an IP address used to make the request.  
	However, Kiang et al (US 2013/0268999 A1) in an analogous art discloses,
wherein the one or more access rules are based on an IP address used to make the request (para.[0047]; “additional information, such as the IP address 406 and/or device authentication date 410 can be stored for each authorized device”).
Therefore, it would have been obvious to one of ordinary skill in the art at the time the invention was file to incorporate multiple access control list defined for individual devices of a user of the system of Kiang into accessing synchronization management system of the system of Tamayo-Rios and protection of shared device of the system of Rexer to limit the number of user devices permitted to access specific application.

As per claim 20, the rejection of claim 16 is incorporated, Tamayo-Rios et al (US 2013/0067243 A1) and Rexer et al (US 2013/0311894 A1) does not disclose wherein the one or more access rules are based on an IP address used to make the request.  
	However, Kiang et al (US 2013/0268999 A1) in an analogous art discloses,
wherein the one or more access rules are based on an IP address used to make the request (para.[0047]; “additional information, such as the IP address 406 and/or device authentication date 410 can be stored for each authorized device”).
Therefore, it would have been obvious to one of ordinary skill in the art at the time the invention was file to incorporate multiple access control list defined for individual devices of a user of the system of Kiang into accessing synchronization management system of the system of Tamayo-Rios and protection of shared device of the system of Rexer to limit the number of user devices permitted to access specific application.

Conclusion
14.	The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
TITLE: Client application file access, US 2013/0132463 A1 authors: Garcia-Ascanio et al.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to AUGUSTINE K. OBISESAN whose telephone number is (571)272-2020.  The examiner can normally be reached on Monday - Friday 8:30am - 5:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Tamara Kyle can be reached on 571-272-4241.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


/AUGUSTINE K. OBISESAN/
Primary Examiner
Art Unit 2156



2/26/2021