Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Arguments
Applicant’s arguments, filed 12/17/20, with respect to the rejection(s) of claim(s) 1-20 under 103 have been fully considered and are persuasive.  Therefore, the rejection has been withdrawn.  However, upon further consideration, a new ground(s) of rejection is made in view of Kim.


Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

s 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over Hoche-Mong (US Patent 8156199) in view of Schryver (US Patent Pub. 20170054761) and in view of Kim (US Patent Pub. 2012/0008554).

As per claims 1, 14 and 18:  Hoche-Mong discloses a computing apparatus, comprising: 
a hardware platform comprising a processor and a memory (Col 3, lines 62-65; System 2 comprises a set of client devices 4A through 4N (collectively, client devices 4) and a set of network data centers 6A through 6N (collectively, data centers 6));
a network stack to provide network or internet access and locally intercept a domain name-based access request (Col 2, lines 10-34; The VPN client intercepts any Domain Name System (DNS) requests issued by applications or the operating system of the client device and, based on the stored load-balancing information, locally generates DNS responses in response to the intercepted requests).
Hoche-Mong does not specifically disclose software to access a network or internet resource according to a domain name; query a domain policy repository to determine whether the domain name should be blocked, and to query an external domain name system (DNS) server for an internet protocol (IP) address for the domain name and pass the request through the network stack if the domain name should not be blocked.
Schryver discloses DNS resolver 102 queries the RPZ database to determine whether the requested domain is blacklisted at step 704. For example, DNS resolver Paragraph 58, 84). 
Therefore, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains, having the teachings of Hoche-Mong and Schryver in it’s entirety, to modify the technique of Hoche-Mong for intercepts any Domain Name System (DNS) requests and locally generates DNS responses in response to the intercepted requests by adopting Schryver's teaching for query the RPZ database to determine if RPZ database has a policy corresponding to the domain name. The motivation would have been to improve dynamic safe browsing.
However, Hoche-Mong and Schryver do not specifically disclose a standalone local VPN.
Kim discloses a method for a UE to directly access a local PDN such as a ... VPN service, provided by a commercial network service provider. The present invention provides a local PDN access method of a UE that enables a remote UE to access a standalone local PDN via a communication network.
Therefore, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains, having the teachings of Hoche-Mong, Schryver and Kim in it’s entirety, to modify the technique of Hoche-Mong for intercepts any Domain Name System (DNS) requests and locally generates DNS responses in response to the 
As per claims 2, 15 and 19:  The combination of Hoche-Mong, Schryver and Kim discloses the computing apparatus of claim 1, wherein the VPN is further configured to redirect the request to a "domain blocked" page or IP address if the domain should be blocked (See Schryver; Paragraph 48; The action may be, for example, to block the request or to redirect the request, for example by returning an IP address of a website indicating that the domain is suspicious).
As per claim 3:  The combination of Hoche-Mong, Schryver and Kim discloses the computing apparatus of claim 2, wherein the VPN is further configured to provide explanatory information if the domain should be blocked and involves a secure network transaction protocol of the network stack (See Schryver; Paragraph 49; If the received RPZ blacklist data indicates that a record should be updated (e.g., a domain is no longer suspect or a new policy is associated with a domain), RPZ manager 110 may not immediately overwrite or delete the outdated data).
As per claim 4:  The combination of Hoche-Mong, Schryver and Kim discloses the computing apparatus of claim 2, wherein the "domain blocked" page is a locally-hosted pseudo web page (Col 2, lines 10-34; The VPN client intercepts any Domain Name System (DNS) requests issued by applications or the operating system of the client device and, based on the stored load-balancing information, locally generates DNS responses in response to the intercepted requests).
As per claim 5:  The combination of Hoche-Mong, Schryver and Kim discloses the computing apparatus of claim 2, wherein the "domain blocked" page is a remote web See Schryver; Paragraph 48; The action may be, for example, to block the request or to redirect the request, for example by returning an IP address of a website indicating that the domain is suspicious).
As per claims 6 and 16:  The combination of Hoche-Mong, Schryver and Kim discloses the computing apparatus of claim 5, wherein the VPN is further configured to rewrite a response to the request to provide explanatory information about a secure communication error (See Schryver; Paragraph 67).
As per claim 7:  The combination of Hoche-Mong, Schryver and Kim discloses the computing apparatus of claim 1, wherein determining whether the domain name should be blocked comprises making a per-query decision (See Schryver; Paragraph 48; The action may be, for example, to block the request or to redirect the request, for example by returning an IP address of a website indicating that the domain is suspicious).
As per claim 8:  The combination of Hoche-Mong, Schryver and Kim discloses the computing apparatus of claim 1, wherein the domain policy repository is a local repository (See Schryver; Paragraph 58, 84; DNS resolver 102 queries the RPZ database to determine whether the requested domain is blacklisted at step 704).
As per claim 9:  The combination of Hoche-Mong, Schryver and Kim discloses the computing apparatus of claim 1, wherein the domain policy repository is a remote or third-party repository (See Schryver; Paragraph 58, 84; DNS resolver 102 queries the RPZ database to determine whether the requested domain is blacklisted at step 704).
As per claim 10:  The combination of Hoche-Mong, Schryver and Kim discloses the computing apparatus of claim 9, wherein querying the domain repository comprises providing a user-specific query (See Schryver; Paragraph 58, 84; DNS resolver 102 queries the RPZ database to determine whether the requested domain is blacklisted at step 704).
As per claim 11:  The combination of Hoche-Mong, Schryver and Kim discloses the computing apparatus of claim 9, wherein querying the remote or third-party repository comprises providing a subscriber-specific query (See Schryver; Paragraph 58, 84; DNS resolver 102 queries the RPZ database to determine whether the requested domain is blacklisted at step 704).
As per claim 12:  The combination of Hoche-Mong, Schryver and Kim discloses the computing apparatus of claim 10, wherein the apparatus is a mobile computing device (Col 4, lines 1-4; Client devices 4 may be personal computers, network telephones, set top boxes, network televisions, mobile devices, intermediate network devices, gaming platform, or other network appliances)..
As per claim 13:  The combination of Hoche-Mong, Schryver and Kim discloses the computing apparatus of claim 10, wherein the apparatus is an Apple iOS or Google Android device (Col 4, lines 1-4; Client devices 4 may be personal computers, network telephones, set top boxes, network televisions, mobile devices, intermediate network devices, gaming platform, or other network appliances); (Col 5, lines 50-55; client device 4A includes several components. In this example, client device 4A includes a plurality of extranet software applications 20. One of applications 20 may be a web browser such as Microsoft Internet Explorer, Apple Safari, or Mozilla Firefox).
As per claim 17:  The combination of Hoche-Mong, Schryver and Kim discloses the one or more tangible, non-transitory computer-readable mediums of claim 14, wherein determining whether the domain name should be blocked comprises querying user context and preferences (See Schryver; Paragraph 48; The action may be, for example, to block the request or to redirect the request, for example by returning an IP address of a website indicating that the domain is suspicious).
As per claim 20:  The combination of Hoche-Mong, Schryver and Kim discloses the method of claim 19, wherein the VPN is further to circumvent a secure network transaction protocol of the network stack if the domain should be blocked (See Schryver; Paragraph 48; The action may be, for example, to block the request or to redirect the request, for example by returning an IP address of a website indicating that the domain is suspicious).

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not 

Contact Information
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ANTHONY D BROWN whose telephone number is (571)270-1472.  The examiner can normally be reached on 730-330pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey Pwu can be reached on 571-272-6798.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private 





/ANTHONY D BROWN/Primary Examiner, Art Unit 2433