DETAILED ACTION

1.	Pending claims for reconsideration are claims 1-20. Claims 1, 9, and 17 have been amended. 		

Response to Arguments

2.	Applicant's arguments filed 1/05/2020 have been fully considered but they are not persuasive. 

a.	Applicant argues in substance –  the rejections of the independent claims 
under 35 U.S.C. §103 based upon Deweese et al. in view of Hughes et al. were discussed, along with a potential amendment to these claims. It was agreed that, subject to further search and consideration, these amendments would overcome the above-noted rejections of the independent claims. Support for the amendments may be found at paragraphs 0040-0041 of the PGPub for the present application, for example. No new matter is being added.
In response to applicant arguments – Upon careful consideration to the amendment “and while the at least one client computing device is logged into the user account determine whether the enterprise persona or the private persona is active based upon a context associated with the at least one client computing device,” Deweese discloses that multiple persona device management generally comprises methods and systems for isolating, 
    PNG
    media_image1.png
    634
    888
    media_image1.png
    Greyscale
persona relates to various settings, policies, rules, configurations or attributes associated with a particular end user environment. Accordingly, groups of individual personas may be categorized based on defined rules and policies applicable to said group and managed simultaneously. 
Claim Rejections - 35 USC § 103

The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


3.	Claims 1-3, 5-9, 11-17, and 19-20 are rejected under 35 U.S.C. 103 as being unpatentable over Pub.No.: US 2016/0277387 A1 to Deweese et al in view of Patent No.: US 9,826,100 B2 to Hughes et al(hereafter referenced as Hughes).
Regarding claim 1, DeWeese discloses “a computing system comprising: at least one client computing device” (client device [Fig.1/item 103]) ; “and a server configured to -log (management module 127 interacting with mobile management system [par.0030] see also [Fig.1]) the at least one client computing device into a user account”( step 809 optionally requires user device 103 authentication to proceed to the next stage. According to various embodiments, authentication can be performed utilizing a plurality of processes such as a fingerprint scan, entering a PIN or password, Swiping a specific pattern on the screen, a biometric access functionality, or the device may be configured for an automatic authorization without user input. If user authentication is successful, method 800 proceeds to step 811 in which the server allows access to the managed and requested persona [par.0109]), “the user account having an enterprise persona and a (enterprise email configuration profile [par.0035]), “and while the at least one client computing device is logged into the user account” (If user authentication is successful, method 800 proceeds to step 811 in which the server allows access to the managed and requested persona [par.0109]) “determine whether the enterprise persona or the private persona is active based upon a context associated with the at least one client computing device” (utilize active settings to determine is active [par.0006] also see par.0030]).
DeWeese does not explicitly disclose “when the enterprise persona is active, provide the at least one client computing device with access to a Software as a Service (SaaS) application with a first set of capabilities enabled, and when the private persona is active, provide access to the SaaS application with a second set of capabilities enabled that is different than the first set of capabilities.
However, Hughes in an analogous art discloses when the enterprise persona is active(when the user accesses an Saas proxy [Fig.7/item 702), “provide the at least one client computing device with access to a Software as a Service (SaaS) application with a first set of capabilities enabled”(login credentials are assigned to valid user 808, allowing for the user to login to the Saas usage proxy via enterprise login credentials Hughes [Col.8/lines 4] thus allowing an Saas application to be launched (i.e. capabilities are enabled for the specific application once launched), “and when the private persona is active, provide access to the SaaS application with a second set of capabilities enabled that is different than the first set of capabilities”(first set of capabilities allows for a communication channel and second set of capabilities via second login credentials allow for different permissions Hughes [Col.4/lines 64-67]).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention Deweese’s Multi persona management devices with Hughes devices comprising SAAS-software as a service application in order to provide additional security. One of ordinary skill in the art would have been motivated to combine because Deweese teaches a client and server device comprising an enterprise persona, Hughes teaches a SaaS application comprising a set of capabilities, and both are from the same field of endeavor.  
Regarding claim 2 in view of claim 1, the references combined disclose “wherein the server determines whether the enterprise persona or the private persona is active based upon a location of the client computing device” (data use restrictions of the enterprise persona may be based on the current time and/or location of the restricted user device DeWeese [par.0034]).
Regarding claim 3 in view of claim 1, the references combined disclose “wherein the server determines whether the enterprise persona or the private persona is active based upon a type of data to be accessed by the at least one client computing device” (third party server interconnected to mobile device management system allows for determination of type of access DeWeese [Fig.1]).
Regarding claim 5 in view of claim 1, the references combined disclose “wherein the first set of capabilities includes access to data from other user accounts” (access to user data via link between client and Saas application Hughes [Fig.7/710]), “and the second set of capabilities includes access only to data from the user's respective account” (second login credentials allow for different permissions of user Hughes [Col.4/lines 64-67]).
Regarding claim 6 in view of claim 1, the references combined disclose “wherein the server provides access to a first instance of the SaaS application with a first set of capabilities enabled for the enterprise persona, and provides access to a second instance of the SaaS application with the second set of capabilities enabled for the private persona” (first set of capabilities allows for a communication channel and second set of capabilities via second login credentials allow for different permissions Hughes [Col.4/lines 64-67]).
Regarding claim 7 in view of claim 6, the references combined disclose “wherein the server is further configured to migrate between the first and second instances of the SaaS application while the at least one client computing device remains authenticated based upon a change in the context” (Saas authentication module via server provides for migration during authentication Hughes [Fig.6/item 610]).
Regarding claim 8 in view of claim 1, the references combined disclose “wherein the first set of capabilities includes data recording, and the second set of capabilities does not include data recording”(capture device may record spoken words, motions, [par.0057]).
claim 9, DeWeese discloses “A method for using a server comprising: logging at least one client computing device into a user account” (single user is logged into a plurality of personas on client device [par.0129] via mobile device management system of the central server[Fig.1])), “the user account having an enterprise persona and a private persona associated therewith” (enterprise email configuration profile [par.0035]; “and while the at least one client computing device is logged into the user account” (client single user logged into a plurality of personas [par.0129])  , “determining whether the enterprise persona or the private persona is active based upon a context associated with the at least one client computing device” (utilize active settings to determine is active [par.0006] also see par.0030])
DeWeese does not explicitly disclose “when the enterprise persona is active, providing the at least one client computing device with access to a Software as a Service (SaaS) application with a first set of capabilities enabled; and when the private persona is active, providing the at least one client computing device with access to the SaaS application with a second set of capabilities enabled that is different than the first set of capabilities” 
However, Hughes in an analogous art teaches “when the enterprise persona is active” (when the user accesses an Saas proxy [Fig.7/item 702), “providing the at least one client computing device with access to a Software as a Service (SaaS) application with a first set of capabilities enabled” (login credentials are assigned to valid user 808, allowing for the user to login to the Saas usage proxy via enterprise login credentials Hughes [Col.8/lines 4] thus allowing an Saas application to be launched (i.e. capabilities are enabled for the specific application once launched); “and when the private persona is active, providing the at least one client computing device with access to the SaaS application with a second set of capabilities enabled that is different than the first set of capabilities” (first set of capabilities allows for a communication channel and second set of capabilities via second login credentials allow for different permissions Hughes [Col.4/lines 64-67]).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention Deweese’s Multi persona management devices with Hughes devices comprising SAAS-software as a service application in order to provide additional security. One of ordinary skill in the art would have been motivated to combine because Deweese teaches a client and server device comprising an enterprise persona, Hughes teaches a SaaS application comprising a set of capabilities, and both are from the same field of endeavor.  
Regarding claim 11 in view of claim 9, the references combined disclose “wherein determining comprises determining whether the enterprise persona or the private persona is active based upon a location of the client computing device” (data use restrictions of the enterprise persona may be based on the current time and/or location of the restricted user device DeWeese [par.0034]).
Regarding claim 12 in view of claim 9, the references combined disclose “wherein the first set of capabilities includes access to data from other user accounts” (access to user data via link between client and Saas application Hughes [Fig.7/710]), “and the second set of capabilities includes access only to data from the user's respective account” (second login credentials allow for different permissions of user Hughes [Col.4/lines 64-67]).
Regarding claim 13 in view of claim 9, the references combined disclose “wherein determining comprises determining whether the enterprise persona or the private persona is active based upon a type of data to be accessed by the at least one client computing device” (third party server interconnected to mobile device management system allows for determination of type of access DeWeese [Fig.1]).
Regarding claim 14 in view of claim 9, the references combined disclose “wherein the first set of capabilities includes data recording, and the second set of capabilities does not include data recording” (capture device may record spoken words, motions, [par.0057]).
Regarding claim 15 in view of claim 9, the references combined disclose “wherein providing access to the SaaS application further comprises providing access to a first instance of the SaaS application with a first set of capabilities enabled for the enterprise persona, and providing access to a second instance of the SaaS application with the second set of capabilities enabled for the private persona” (first set of capabilities allows for a communication channel and second set of capabilities via second login credentials allow for different permissions Hughes [Col.4/lines 64-67]).
claim 16 in view of claim 15, the references combined disclose “further comprising migrating between the first and second instances of the SaaS application while the at least one client computing device remains authenticated based upon a change in the context” (Saas authentication module via server provides for migration during authentication Hughes[Fig.6/item 610]).
Regarding claim 17, DeWeese discloses “a non-transitory computer-readable medium having computer-executable instructions for causing a server to perform steps comprising: logging at least one client computing device into a user account” (single user is logged into a plurality of personas on client device [par.0129] via mobile device management system of the central server[Fig.1])), “the user account having an enterprise persona and a private persona associated therewith” (enterprise email configuration profile [par.0035]; and while the at least one client computing device is logged into the user account, “determining whether the enterprise persona or the private persona is active based upon a context associated with the at least one client computing device” (utilize active settings to determine is active [par.0006] also see par.0030]).
DeWeese does not explicitly disclose “when the enterprise persona is active, providing the at least one client computing device with access to a Software as a Service (SaaS) application with a first set of capabilities enabled; and when the private persona is active, providing the at least one computing device with access to the SaaS application with a second set of capabilities enabled that is different than the first set of capabilities. 
 (when the user accesses an Saas proxy [Fig.7/item 702), “providing the at least one client computing device with access to a Software as a Service (SaaS) application with a first set of capabilities enabled” (login credentials are assigned to valid user 808, allowing for the user to login to the Saas usage proxy via enterprise login credentials Hughes [Col.8/lines 4] thus allowing an Saas application to be launched (i.e. capabilities are enabled for the specific application once launched) “and when the private persona is active, providing the at least one computing device with access to the SaaS application with a second set of capabilities enabled that is different than the first set of capabilities”(first set of capabilities allows for a communication channel and second set of capabilities via second login credentials allow for different permissions Hughes [Col.4/lines 64-67]).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention Deweese’s Multi persona management devices with Hughes devices comprising SAAS-software as a service application in order to provide additional security. One of ordinary skill in the art would have been motivated to combine because Deweese teaches a client and server device comprising an enterprise persona, Hughes teaches a SaaS application comprising a set of capabilities, and both are from the same field of endeavor.  
Regarding claim 19 in view of claim 17, the references combined disclose “wherein determining comprises determining whether the enterprise persona or (data use restrictions of the enterprise persona may be based on the current time and/or location of the restricted user device DeWeese [par.0034]).
Regarding claim 20 in view of claim 17, the references combined disclose “wherein the first set of capabilities includes access to data from other user accounts” (access to user data via link between client and Saas application Hughes [Fig.7/710]), “and the second set of capabilities includes access only to data from the user's respective account” (second login credentials allow for different permissions of user Hughes [Col.4/lines 64-67]).

4.	Claims 4, 10, and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Pub.No.: US 2016/0277387 A1 to Deweese et al in view of Patent No.: US 9,826,100 B2 to Hughes et al(hereafter referenced as Hughes), in further view of Pub.No.: US 2018/0027006 A1 to Zimmerman et al(hereafter referenced as Zimmerman).
Regarding claim 4 in view of claim 1, neither DeWesse nor Hughes explicitly disclose “wherein the first and second sets of capabilities are associated with different respective data loss prevention (DLP) access levels.” 
However, Zimmerman in an analogous art teaches “wherein the first and second sets of capabilities are associated with different respective data loss prevention (DLP) access levels” (First and second policy utilizes an enterprise API which pulls policy definitions from enterprise systems such as data loss prevention DLP systems via raw data from the CSF-cloud security fabric [Fig.1/item 100]).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention Deweese’s Multi persona management devices and Hughes devices comprising SAAS-software as a service application with Zimmerman’s Cloud security fabric that utilizes a DLP policy in an enterprise in order to provide additional security. One of ordinary skill in the art would have been motivated to combine because Deweese teaches a client and server device comprising an enterprise persona, Hughes teaches a SaaS application comprising a set of capabilities, Zimmerman teaches a cloud security fabric that utilizes a DLP policy in an enterprise and all are from the same field of endeavor.  
Regarding claim 10 in view of claim 9, the references combined disclose “wherein the first and second sets of capabilities are associated with different respective data loss prevention (DLP) access levels” 
However, Zimmerman in an analogous art teaches “wherein the first and second sets of capabilities are associated with different respective data loss prevention (DLP) access levels” (First and second policy utilizes an enterprise API which pulls policy definitions from enterprise systems such as data loss prevention DLP systems via raw data from the CSF-cloud security fabric [Fig.1/item 100]).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention Deweese’s Multi 
Regarding claim 18 in view of claim 17, the references combined disclose “wherein the first and second set of capabilities are associated with different respective data loss prevention (DLP) access levels.” 
However, Zimmerman in an analogous art teaches “wherein the first and second sets of capabilities are associated with different respective data loss prevention (DLP) access levels” (First and second policy utilizes an enterprise API which pulls policy definitions from enterprise systems such as data loss prevention DLP systems via raw data from the CSF-cloud security fabric [Fig.1/item 100]).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention Deweese’s Multi persona management devices and Hughes devices comprising SAAS-software as a service application with Zimmerman’s Cloud security fabric that utilizes a DLP policy in an enterprise in order to provide additional security. One of ordinary skill in the art would have been motivated to combine because Deweese teaches a client and server device comprising an enterprise persona, Hughes teaches a SaaS application comprising a set .  

Conclusion

THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 


Any inquiry concerning this communication or earlier communications from the examiner should be directed to MICHAEL D ANDERSON whose telephone number is (571)270-5159.  The examiner can normally be reached on Mon-Fri 9am-6pm.

If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey Nickerson can be reached on (469) 295-9235.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/MICHAEL D ANDERSON/Examiner, Art Unit 2432                                                                                                                                                                                                        
/MORSHED MEHEDI/Primary Examiner, Art Unit 2432