Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Notice of Pre-AIA  or AIA  Status
This Office Action is in response to the application 15/918,836 filed 11/28/2020; Claims 1-19, and 16; Claims 3-4 have been amended; Claim 2 has been cancelled; Claims 1, 10, and 16 are independent claims.  Claims 1 and 3-20 have been examined and are pending.
Authorization for this Examiner’s Amendment was given in a telephone interview with Applicant’s representative, Mr. PATEL, CHIRAG (Reg. No.: 50555) has agreed and authorized the Examiner to amend claims 1, 10, and 16; Cancelled claims 7 and 11. 
Examiner’s Amendments
Claims
Replacing claims 1-20 as following:
(Currently Amended) A physical article of manufacture including one or more non-transitory computer-readable storage media, encoding computer-executable instructions for executing on a computer system a computer process, the computer process comprising:
flagging one or more of executable files, shared object library files, and registration keys necessary for a non-core functionality of an application; 

determining the non-core functionality of the application by determining functionalities that access a server configuration file as the non-core functionality,
wherein disabling the application’s access to the flagged shared object library files further comprises disabling the application’s access to the flagged shared object library files using an application execution controller.
(Canceled)
(Currently Amended) The physical article of manufacture of claim 1, wherein determining the non-core functionality of the application further comprises determining functionalities that access a server operating system as a non-core functionality.
(Currently Amended) The physical article of manufacture of claim 1, wherein determining the non-core functionality of the application further comprises determining functionalities that access an application configuration file as a non-core functionality.
(Original) The physical article of manufacture of claim 1, wherein the non-core functionality of the application is a common dialog based functionality.
(Original) The physical article of manufacture of claim 5, wherein disabling the application’s access to the common dialog based functionality further comprises disabling the application’s access to the registration keys necessary to execute the common dialog based functionality.
(Canceled) 
(Original) The physical article of manufacture of claim 1, wherein the computer process further comprising generating a scheduled task with group policy preferences specifying the application’s access permissions to the flagged executable files, the flagged shared object library files, and the flagged registration keys.
(Original) The physical article of manufacture of claim 8, wherein the computer process further comprising running the scheduled task on the server on a periodic basis to enforce the group policy preferences. 
(Currently Amended) A method, implemented by one or more computer-executable instructions stored on a non-transitory memory for executing on a computer system, of providing a secure remote desktop session, the method comprising:
determining a non-core functionality of an application running on a server by determining functionalities that access a server configuration file as the non-core functionality;
identifying a plurality of non-core functionality resources necessary for executing the non-core functionality; and
,
wherein the plurality of non-core functionality resources comprises one or more executable files accessed by the non-core functionality and disabling the application’s access to the plurality of non-core functionality resources further comprises restricting the application’s access to the one or more executable files.
(Canceled) 
(Original) The method of claim 11, wherein the plurality of non-core functionality resources comprises one or more shared object library files accessed by the one or more executable files and disabling the application’s access to the plurality of non-core functionality resources further comprises restricting the one or more executable files’ access of the one or more shared object library files.
(Original) The method of claim 12, wherein the plurality of non-core functionality resources comprises one or more identification keys accessed by the one or more shared object library files and disabling the application’s access to the plurality of non-core functionality resources further comprises restricting the one or more shared object library files’ access of the one or more identification keys.
(Original) The method of claim 10, wherein disabling the application’s access to the plurality of non-core functionality resources further comprising generating a task to be run on a periodic basis on the server, the task configured to set group policy 
(Currently Amended) The method of claim 10, wherein determining the non-core functionality of the application running on the server further comprises determining functionalities that access at least one an application configuration file and server operating system.
(Currently Amended) A system comprising:
non-transitory memory;
one or more processor units;
a non-core functionality identification module stored in the non-transitory memory and executable by the one or more processor units, the non-core functionality identification module configured to determine a non-core functionality of an application running on a server by determining functionalities that access a server configuration file as the non-core functionality; 
a non-core functionality resource identification module stored in the memory and executable by the one or more processor units, the non-core functionality resource identification module configured to identifying a plurality of non-core functionality resources necessary for executing the non-core functionality; and
a non-core functionality resource access prevention module stored in the memory and executable by the one or more processor units, the non-core functionality resource access prevention module configured to disable the application’s access to the plurality of non-core functionality resources,
wherein the plurality of non-core functionality resources comprises one or more executable files accessed by the non-core functionality and disabling the application’s access to the plurality of non-core functionality resources further comprises restricting the application’s access to the one or more executable files.
(Original) The system of claim 16, wherein the non-core functionality resource identification module is further configured to identify at least one of an executable file, a shared object library file, and an identification key as one or more of the plurality of non-core functionality resources necessary for executing the non-core functionality.
(Original) The system of claim 17, wherein the non-core functionality resource access prevention module is further configured to generate a scheduled task with group policy preferences specifying the application’s access permissions to the non-core functionality resources necessary for executing the non-core functionality.
(Original) The system of claim 18, wherein the non-core functionality resource access prevention module is further configured to run the scheduled task on the server on a periodic basis to enforce the group policy preferences.
(Original) The system of claim 16, wherein the non-core functionality of the application is a common dialog based functionality.


Examiner's Statement of reason for Allowance
Claims 1, 3-6, 8-9, 10, and 12-20 are allowed.
The following is an examiner’s statement of reasons for allowance: 
The invention is directed system a system discloses providing secure remote desktop session host experience to a user for a selected application while controlling the user's access to non-core functionalities of the selected application.  An implementation of the system disclosed herein identifies a non-core functionality of an application running on a server, flags the executable files, shared object library files, and the registration keys necessary for the non-core functionality of the application, and disables the application's access to the identified executable files, the identified shared object library files, and the identified registration key.
The closest prior art are Lu (“Lu,” US 2016/0197730), Bursell (“Bursell,” US 2014/0258446), Berk et al. (“Berk,” US 2015/0135167), and Vertes (“Vertes,” US 2004/0111720) generally directed to various aspect of generally directed to various aspect the physical article of manufacture includes instruction for flagging one or more of executable files, shared object library files, and registration keys necessary for a non-core functionality of an application.  The application access is disabled to the flagged executable files, the flagged shared object library files, and the flagged registration keys.  The non-core functionality of the application is determined and further comprises determining functionalities that access a server operating system as a non-core functionality. 
“determining the non-core functionality of the application by determining functionalities that access a server configuration file as the non-core functionality,” and “wherein disabling the application’s access to the flagged shared object library files further comprises disabling the application’s access to the flagged shared object library files using an application execution controller.”
None of Lu, Bursell, Berk, and Vertex teaches or suggests, alone or in combination, the particular combination of steps or elements as recited in the independent claims 10 and 16. For examples, it failed to teach “determining a non-core functionality of an application running on a server by determining functionalities that access a server configuration file as the non-core functionality” and “wherein the plurality of non-core functionality resources comprises one or more executable files accessed by the non-core functionality and disabling the application’s access to the plurality of non-core functionality resources further comprises restricting the application’s access to the one or more executable files.”
This feature in light of other features describes in the independent claims 1, 10, and 16 are allowable over the prior art of record.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to CANH LE whose telephone number is (571)270-1380.  The examiner can normally be reached on Monday-Friday: 6:00 AM-3:30 PM, other Friday off.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu Pham can be reached on 571-270-5002.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. 
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



/Canh Le/
Examiner, Art Unit 2439
March 17th, 2021 


/LUU T PHAM/Supervisory Patent Examiner, Art Unit 2439