DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claims 1, 10, 17 were amended, claims 1-20 are pending.
Priority
Applicant’s claim for the benefit of a prior-filed provisional application 62/544,024 under 35 U.S.C. 119(e) or under 35 U.S.C. 120, 121, 365(c), or 386(c) is acknowledged. 
 

Response to Arguments

Applicant's arguments filed 1, 10, 17 have been fully considered but they are not persuasive. Applicant argued on page 9 that Pai cannot be said to teach or suggest isolating "a sandboxed computing environment...," as recited in claim 1. As stated earlier office action, examiner respectfully disagrees. By definition sandboxing is a software management strategy that isolates applications from critical system resources and other programs. It provides an extra layer of security that prevents malware or harmful applications from negatively affecting your system. By looking into abstract of Pai it is evident that Pai discloses sandboxing/isolating techniques to protect operating system from kernel level attack( Abstract:   When an untrusted network resource is identified, the host operating system accesses the untrusted network resource within a container that is isolated from the host operating system kernel using techniques discussed herein. By restricting access to untrusted network resources to isolated containers, the host operating system is protected from even kernel-level attacks or infections that may result from an untrusted network resource).  Now let’s discuss how instant application implement isolation. [0010] para of instant application suggest isolation firewall may enforce a separation of the sandboxed computing environment and the workspace ([0010]   The host computer system may be configured to isolate, using an internal isolation firewall, the sandboxed computing environment from the workspace. For example, the internal isolation firewall may enforce a separation of the sandboxed computing environment and the workspace. The internal isolation firewall may segregate storage memory associated with the workspace from storage memory associated with the sandboxed computing environment. The internal isolation firewall may allow a predefined set of processes to be executed within the sandboxed computing environment). Pai [0027-28] teaches, the host operating system 102 includes a hardware-based virtualized security isolation (HVSI) subsystem 110 and manages one or more containers 130 (1-n). The HVSI determines if a requested network resource is untrusted. Pai [0070-71] further elaborates HVSI call network filter, which is equivalent as “firewall” that are configured to allow or block a network traffic for both host operating system 102 and any one or more containers 130. Thus network filter(firewall) create a between OS and isolated containers(sandboxed computing environment) ([0071] Network filter 116 is configured to monitor network traffic (e.g., HTTP traffic) to ensure that host operating system 102 and container 130 are not accessing network resources that are not allowed for the respective host operating system or container. In order to monitor HTTP traffic, network filter 116 .

Rest of the Applicant’s arguments with respect to claims 1, 10, 17 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


Claims 1-9 are rejected under 35 U.S.C. 103 as being unpatentable over  Pai et al. (US 20170353496 A1, hereinafter referred to as Pai ) in view of Weinberger et al(US 20170142144 A1).

Regarding claim 1, Pai teaches a host computer system configured to connect to a network, wherein the host computer system comprises:
a memory (“computer-readable media 706” / “memory/storage 712”); and a processor (“processing system 704” / “hardware elements 710”) (See ¶[0021], ¶[0032] and ¶[0132-0137]; also Fig. 7) configured to: 
implement a host operating system that enables operation of a workspace, the workspace configured to enable operation of a first set of one or more applications or processes (“[A] web application is run on a host operating system of a device… [a] web application is configured to access one or more network resources stored remotely from the device running the host operating system.”, see ¶[0005]. See also ¶[0014], ¶[0022] and ¶[0030].); 
implement a computing environment that is configured to enable operation of a second set of one or more applications or processes, is configured to authenticate with an authorization device (When an application in the host attempts to access a network resource, the host operating system determines if the resource is trusted or untrusted. If untrusted, the host operating system activates a container that is isolated from the host operating system and is configured to run a version of the application within the container - see ¶[0003]. Containers are used in conjunction with the hardware-based virtualized security isolation techniques (of subsystem 110) to protect the computing device from attacks by isolating applications and operating system components from untrusted network resources - see ¶[0014]. Container 130 includes virtual applications 206, which is an instance of application 202 included in the host operating system - see ¶[0041]. A web proxy may be present and require authentication before allowing users ; 
isolate, using an internal isolation firewall, the computing environment from the workspace, the internal isolation firewall being configured to prevent data from being communicated between the computing environment and the workspace without an explicit user input (The host operating system 102 includes a hardware-based virtualized security isolation (HVSI) subsystem 110 and manages one or more containers 130 (1-n). The HVSI determines if a requested network resource is untrusted; if so, it causes the host operating system to activate the container(s) - see ¶[0027-0028]. The host operating system 102 is isolated from container(s) 130 to protect the host from attacks resulting from untrusted network resources – see ¶[0039]. When HSVI is launched, it communicates with container manager 118 to create a container for a particular user logged on the computing system. Each container has a unique local account credential which prevents the host operating system 102 from accessing any containers that were created for a user that is not logged on. For the user in the computing device implementing the host operating system to interact with resources accessed by application 206 in the container, an interface of application 206 is displayed to the user - see ¶[0046] and ¶[0050]. In other words, if the user is not logged in, the host operating system cannot access the (isolated) containers. See also ¶[0034-0035] and ¶[0065-0077]); 
prevent, using a host-based firewall, communication between the host computer system and one or more other devices on the network (The HVSI determines if a requested network resource is untrusted; if so, it causes the host operating system to activate the container(s) - see ¶[0027-0028]. The network filter 116 (may be built in a firewall - ¶[0068]) also in the host operating system 102 intercepts requested network resources as they are transmitted from the network 108 to the host operating system 102 so that the HVSI subsystem 110 may compare them against one or more policies stored in policy manager 112 - see ¶[0031-0035]. After the container(s) is/are created, the network filter 116 filters all network resource calls from host operating system 102 and container 130 – see ¶[0051]. See also ¶[0065-0077]. “[N]etwork resources can be files, applications, emails, documents, Uniform Resource Locators (URLs), Internet Protocol (IP) addresses, Transmission Control Protocol (TCP) ports, Domain Name System (DNS) name, data stores, hardware devices, or combinations thereof.” – see ¶[0014]); and 
communicate, using the second set of one or more applications or processes operating on the computing environment, with untrusted network destinations via a proxy device (When an application in the host attempts to access a network resource, the host operating system determines if the resource is trusted or untrusted. If untrusted, the host operating system activates a container that is isolated from the host operating system and is configured to run a version of the application within the container - see ¶[0003]. Virtual application 206 in container 130 is configured to “interact with one or more untrusted network resources just as the host operating system 102 would interact with one or more trusted network resources” – see ¶[0049]. Virtual web application 206 in container 130 may access a network resource via a web proxy - ¶[0073-0076]).

Pai  does not exclusively but Weinberger teaches, implement a sandboxed computing environment that uses host operating system  and is configured to enable operation of a second set of one or more applications or processes; isolate, using an internal isolation firewall, the sandboxed computing environment that uses the hot operating system from the workspace (FIG 1 and associated text; [0067]; Sandboxing may be enforced by an operating system of the internal host 104 and may prevent the application executing in the sandbox from reading or writing to the LAN segment 102 and/or the enterprise network domain 101 or to read from or write to host interfaces of the internal host 104. Sandboxing may be a temporary action to allow cyber analysts time to determine whether the subject application is compromised and/or poses a cyber threat to the internal host 104, the LAN segment 106, and/or the enterprise network domain 101.).  	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to modify Pai’s method with teaching of Weinberger in order to detect cyber attack/ crime (Weinberger [0004]).
	
Regarding claim 2,  Furthermore, Pai teaches the host computer system, wherein the sandboxed computing environment is enforced by a sandbox container process that enables the internal isolation firewall (“For a process container, the application processes within the container run as if they were operating on their own individual system (e.g., computing device), which is accomplished using namespace isolation. Host operation system 102 implements namespace isolation [which] provides processes in a container a composed view consisting of the shared parts of host operating system 102 and the isolated parts of the operating system that are specific to each container such as filesystem, configuration, network, and so forth.”, see ¶[0034-0035]).

Regarding claim 3, Furthermore, Pai teaches the host computer system, wherein the workspace is enabled by and executed using a first memory space, and wherein the sandboxed computing environment is enabled by and executed using a second memory space, and wherein the first memory space and the second memory space are isolated by the sandbox container process (Containers provide full kernel isolation form host operating system – see ¶[0014]. See also ¶[0034-0035], ¶[0101] and Fig. 2 which illustrates the “partitioning” of the host operating system and the container(s).).

Regarding claim 4, Furthermore, Pai teaches the host computer system, wherein the internal isolation firewall enforces a separation of the sandboxed computing environment and the workspace by: 
segregating storage memory associated with the workspace from storage memory associated with the sandboxed computing environment (“[A] host operating system running on a host device, uses containers for hardware resource partitioning.”, see ¶[0014] – note that memory is a system resource as discussed in ¶[0019]. The container(s) base image includes information to activate an isolated container such as the amount of allocated resources (e.g., memory) required by the container – see ¶[0082]. Therefore, a container must be allocated a certain amount of resources (e.g., memory) for operation.); and 
allowing a predefined set of processes to be executed within the sandboxed computing environment, wherein the sandbox container process prevents execution in the sandboxed computing environment of a process outside of the predefined set of processes (Container 130 includes a logging system 214 to manage and monitor network resource activity within a containers 130 - ¶[0041]. Virtual application 206 in container 130 is allowed to interact/access only untrusted network resources (i.e., trusted network resources are only accessed by the host operating system 102) - see ¶[0049]. “[A] policy object indicates certain virtual applications that are allowed to open in an isolated container”, see ¶[0057]).

Regarding claim 5, Furthermore, Pai teaches the host computer system, wherein the sandboxed computing environment is configured to classify a network destination as trusted or untrusted based on one or more of a whitelist comprising a list of trusted network destinations or a blacklist comprising a list of untrusted network destinations (The HVSI subsystem 110 may consult a cloud-based service via network 108 to compare a particular web page against a list of potentially malicious network resources stored at the cloud-based service – see ¶[0048]. The HVSI subsystem 110 contacts policy manager 112 to obtain a list of trusted network resources for the host operating system, along with any policy objects and corresponding security parameters - see ¶[0059]. The HVSI subsystem 110 also monitors the behavior of resources accessed by the virtual application(s) in the isolated container(s) 130 obtains data from container 130 and calculates an updated local policy associated with the untrusted network resource. The HVSI subsystem 110 may use antivirus applications to scan an untrusted .

Regarding claim 6, Furthermore, Pai teaches the host computer system, wherein the trusted network destinations are communicated with via one or more of the first set of one or more applications and processes associated with the workspace (“[C]ontainer 130 is configured to interact with one or more untrusted network resources just as the host operating system 102 would interact with one or more trusted network resources.”, emphasis added, see [0049]. See also ¶[0015], ¶[0022] and ¶[0028]).

Regarding claim 7, Furthermore, Pai teaches the host computer system, wherein at least one of the untrusted network destinations is located on the Internet and is communicated with, using the proxy device, via a browser process operating within the sandboxed computing environment upon authentication via the authorization device ([0016] [0022] [0028] [0049] [0073-0074] (“[C]ontainer 130 is configured to interact with one or more untrusted network resources just as the host operating system 102 would interact with one or more trusted network resources.”, emphasis added, see [0049]. “In order to provide a seamless user experience for virtual applications 206 running in container 130 that require web proxy authentication, HVSI subsystem 110 is configured to provide user credentials to a web proxy from host operating system 102…When virtual web application 206 in container 130 attempts to access a network resource via a web proxy, the web proxy returns with a challenge for user credentials”, see ¶[0073-0076]. See also ¶[0015-0016], ¶[0022], and ¶[0028]).

Regarding claim 8, Furthermore, Pai teaches the host computer system, wherein the host-based firewall is configured to block incoming traffic from the one or more devices on the network and one or more devices on the Internet (“Network filter 116 additionally includes a filter driver, which is configured to intercept requested network resources as they are transmitted from the network 108 to the host operating system 102.”, see ¶[0031]. Note that network resources may be “files, applications, emails, documents, Uniform Resource Locators (URLs), Internet Protocol (IP) addresses, Transmission Control Protocol (TCP) ports, Domain Name System (DNS) name, data stores, hardware devices, or combinations thereof”, see ¶[0014].).

Regarding claim 9, Furthermore, Pai teaches the host computer system, wherein the authorization device and the proxy device are the same device (“[W]eb proxy 106 controls access to one or more resources accessed from network 108 by requiring authentication from host operating system 102”, see ¶[0022]. See also ¶[0067] and ¶[0073-0076]).


Claims 10-12 and 15-16 are rejected under 35 U.S.C. 103 as being unpatentable over Pai et al. (US 20170353496 A1) in view of Weinberger et al(US 20170142144 A1) and further in view of Sriramakrishnan (US 20170208067 A1), hereinafter referred to as Sriramakrishnan.

Regarding claim 10, Pai discloses a system comprising: an authorization device comprising a first processor, the first processor (“web proxy 106”) configured to: 
receive authentication credentials from a computing environment operating on a host computer system on a network, the computing environment being isolated from a workspace  using an internal isolation firewall, the workspace being associated with an operating system of the host computer system (Containers are used in conjunction with the hardware-based virtualized security isolation techniques (of subsystem 110) to protect the computing device from attacks by isolating applications and operating system components from untrusted network resources - see ¶[0014]. The host operating system 102 includes a hardware-based virtualized security isolation (HVSI) subsystem 110 and manages one or more containers 130 (1-n). The host operating system 102 is isolated from container(s) 130 to protect the host from attacks resulting from untrusted network resources – see ¶[0039]. A web proxy may be present and require authentication before allowing users and application to access network resources. In a scenario where a virtual application running in an isolated container ; and 
authenticate the computing environment of the host computer system using the received authentication credentials (Web proxy 106 facilitates access to network resources based on authentication of user credentials – see ¶[0073-0076]); and 
a proxy device comprising a second processor, the second processor (“web proxy 106” – Note that the authorization device and the web proxy are the same device as discussed in claim 9 above) configured to: 
receive, from a first application or process operating in the authenticated computing environment of the host computer system, a first request to communicate with a first untrusted network destination (Virtual web application 206 in container 130 attempts to access a network resource via a web proxy; proxy requires credentials (i.e., authentication) to allow access - see ¶[0073-0076]. Note that container 130 is configured to interact with one or more untrusted network resources just as the host operating system 102 would interact with one or more trusted network resources – see ¶[0049]);
allow the first application or process operating in the authenticated computing environment to communicate with the first untrusted network destination (Virtual application 206 in container 130 is configured to “interact with one or more untrusted network resources just as the host operating system 102 would interact with one or more trusted network resources” – see ¶[0049]. Virtual web application 206 in container 130 may access a network resource via a web proxy – see ¶[0073-0076]); 
receive, from a second application or process operating on the workspace of the host computer system, a second request to communicate with a second untrusted network destination (“[W]eb proxy 106 controls access to one or more resources accessed from network 108 by requiring authentication from host operating system 102…”, see ¶[0022]); and 
[[a proxy device configured to]] (i.e., HVSI subsystem and network filter) prevent the second application or process operating on the workspace of the host computer system from communicating with the second untrusted network destination (“HVSI subsystem 110 interfaces with network filter 116 to ensure that host operating system 102 is not able to access or otherwise open any one or more untrusted network resources.”, see ¶[0067]. Network filter 116 is configured to ensure that host operating system 102 and container 130 do not access network resources for which they are not allowed (i.e., host operating system cannot access untrusted resources; containers cannot access trusted resources). For this, network filter 116 performs header inspection with web proxy 106 facilitating the traffic - see ¶[0060] and ¶[0071]. The “HVSI subsystem 110 is configured to interact with network filter 116 to perform web proxy authentication” – see ¶[0073]).

Pai does not exclusively but Weinberger teaches, implement a sandboxed computing environment that using host operating system  (FIG 1 and associated text; [0067]; Sandboxing may be enforced by an operating system of the internal host 104 and may 

Pai in view of Weinberger fails to disclose that the proxy device is configured to prevent the second application or process operating on the workspace of the host computer system from communicating with the second untrusted network destination (i.e., the HVSI and the network filter prevent this communication).

However, Sriramakrishnan teaches a system and method including a web proxy that examines web request for web resources and selectively allows or denies access to them (see abstract); and, an agent configure to provide a sandbox  to isolate untrusted content (see ¶0015]). Sriramakrishnan teaches:
a proxy device configured to prevent the second application or process operating on the workspace of the host computer system from communicating with the second untrusted network destination (“[T]he web proxy may be configured to determine a connection origin of the web request; and the web proxy web may be configured to examine the request for the web resource to selectively allow or deny access to the web resource according to the connection origin of the web request”, see ¶[0013]. Web requests relating to untrusted content may be blocked after web proxy denies a web request and sends a denial message – see ¶[0086]. The sandbox-providing agent classifies web resources according to sandbox categories, including “trusted” and “untrusted” – see ¶[0103].)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the system in Pai in view of Weinberger to have the web proxy (i.e., proxy device) prevent the second application or process operating on the workspace of the host computer system from communicating with the second untrusted network destination, as taught by Sriramakrishnan. One would have been motivated to make such a combination because “access to web resources may be better controlled by the web proxy 503 so as to better protect the computer device from malicious content while a user experience may be improved” (Sriramakrishnan, ¶[0166]) “while maintaining a security of the computer device” (Sriramakrishnan, ¶[0125]).

Regarding claim 11, Furthermore, Pai teaches a system, wherein the authentication credentials are first authentication credentials, the sandboxed computing environment is a first sandboxed computing environment, the workspace is a first workspace, and the host computer system is a first host computer system, and wherein the first processor of the authorization device is further configured to:
receive second authentication credentials from a second sandboxed computing environment operating on a second host computer on the network, the second sandboxed computing environment being isolated from a second workspace of the second host computer system; and authenticate the second sandboxed computing environment of the second host computer system using the received second authentication credentials (As shown in Fig. 7 and discussed in ¶[0132-0151], the host operating system 102/714 and its components/functionalities are included in computing device 702 (¶0132]) – which represents one or more systems/devices that implement the isolation techniques described above and throughout the disclosure in Pai. The system 700 in Fig. 7 “enables ubiquitous environments for a seamless user experience when running applications on a personal computer (PC), a television device, and/or a mobile device” for instance, in which services/application run in similar manner in all environments (¶[0144]). Thus, user(s) may log on several different computing devices and the system is able to receive credentials and perform isolation techniques in a second, third or more devices having a host operating system (¶[0145-0148]). In addition, in an enterprise environment, multiple users may be connected and request access to network resources (¶[0015], which will require each user to use their own credentials as container(s) created for a particular user cannot be accessed by other users as discussed in ¶[0032]. Containers are used in conjunction with the hardware-based virtualized security isolation techniques (of HVSI subsystem 110) to protect the computing device from attacks by isolating applications and operating system components from untrusted network resources - see ¶[0014]. The host operating system 102 includes a hardware-based virtualized security isolation (HVSI) subsystem 110 and manages one or more containers 130 (1-n). The host operating system 102 is isolated from container(s) 130 to protect the host from attacks resulting from untrusted network resources – see ¶[0039]. A web proxy may be present and require authentication before allowing users and 

Regarding claim 12, Furthermore, Pai teaches a system, wherein the second processor of the proxy device is further configured to:
receive, from a third application or process operating in the authenticated second sandboxed computing environment of the second host computer system, a third request to communicate with a third untrusted network destination; and allow the third application or process operating in the authenticated second sandboxed computing environment to communicate with the third untrusted network destination (Containers 130 may include one or more applications that correspond to instances of applications in the host operating system and are used to access untrusted network resources – see ¶[0036]. The host operating system may be allowed to implement several virtual applications in an isolated container and thus, it may open one or more untrusted network resources – see ¶[0057]. Virtual applications in a container are subject to web proxy authentication: when a virtual web application(s) 206 in container 130 attempts to access a network resource via a web proxy, the proxy will require credentials (i.e., authentication) to allow access - see ¶[0073-0076]. Container(s) 130 is/are configured to interact with one or more untrusted network resources just as the host 

Regarding claim 15, Furthermore, Pai teaches a system, wherein the second processor of the proxy device is further configured to establish a communication channel between the host computer system and the first untrusted network destination (When an application running in the host operating system attempts to access a network resource and it is determined that the resource is untrusted, the host operating system activates an isolated container to run a version of the application and access the untrusted network – see ¶[0003]. “The web proxy 106 is representative of functionality that controls access to one or more network resources 122(1), . . . , 122(m) accessed remotely from the computing device implementing the host operating system 102.”, see ¶[0022]. The HVSI subsystem 110 and the network filter 116 interact to support the authentication process as required by the web proxy that will facilitate access to the network resource – see ¶[0073-0077]. See also Fig. 1. Note that the host operating system 102 may access an untrusted network resource facilitated by a web proxy by way of the application(s) running in container(s) 130 – which have been activated by the host operating system 102.)

Regarding claim 16, Furthermore, Pai teaches a system, further comprising a border firewall that is configured to prevent unauthorized communication between the network and untrusted network destinations (The HVSI determines if a requested network resource is untrusted; if so, it causes the host operating system to activate the container(s) - see ¶[0027-0028]. The network filter 116 (may be built in a firewall - ¶[0068]) also in the host operating system 102 intercepts requested network resources as they are transmitted from the network 108 to the host operating system 102 so that the HVSI subsystem 110 may compare them against one or more policies stored in policy manager 112 - see ¶[0031-0035]. After the container(s) is/are created, the network filter 116 filters all network resource calls from host operating system 102 and container 130 – see ¶[0051]. See also ¶[0065-0077].).

Claim 13 is rejected under 35 U.S.C. 103 as being unpatentable over Pai et al. (US 20170353496 A1) in view of Weinberger et al(US 20170142144 A1) and  in view of Sriramakrishnan (US 20170208067 A1), in further view of Hoy et al. (US 20130318594 A1), hereinafter referred to as Hoy.

Regarding claim 13, Furthermore, Pai in view of Weinberger teaches a system, wherein a network destination is classified as trusted or untrusted based on one or more of a whitelist comprising a list of trusted network destinations or a blacklist comprising a list of untrusted network destinations, and wherein the second processor of the [[proxy device]] (i.e., HVSI subsystem and network filter) is further configured to: 
receive, from the network, a third request to communicate with the network destination; determine that the network destination is a trusted network destination on the whitelist; and allow, based on the determination that the network destination is a trusted network destination, communication between the network destination and the network (“When host operating system 102 attempts to access a network resource, HVSI subsystem 110 communicates with the policy manager 112 to determine if the requested network resource is a trusted network resource.” – see ¶[0048]. “[C]ontainer 130 is configured to interact with one or more untrusted network resources just as the host operating system 102 would interact with one or more trusted network resources.” – see ¶[0049]. Note that virtual applications in the container are only allowed to access untrusted network resources, while applications running in the host operating system are only allowed to access trusted network resources. As discussed in claim 5 above, The HVSI subsystem 110 may consult a cloud-based service via network 108 to compare a particular web page against a list of potentially malicious network resources stored at the cloud-based service – see ¶[0048]; and, also the HVSI subsystem 110 contacts policy manager 112 to obtain a list of trusted network resources for the host operating system, along with any policy objects and corresponding security parameters - see ¶[0059].).
Pai in view of Weinberger fails to disclose that the proxy device is configured to receive, from the network, a third request to communicate with the network destination; determine that the network destination is a trusted network destination on the whitelist; and allow, based on the determination that the network destination is a trusted network destination, communication between the network destination and the network (i.e., the HVSI and the network filter allow this communication).
Sriramakrishnan teaches a system and method including a web proxy that examines web request for web resources and selectively allows or denies access to them (see abstract); and, an agent configure to provide a sandbox  to isolate untrusted content (see ¶0015]). Sriramakrishnan teaches:
a proxy device configured to receive, from the network, a third request to communicate with the network destination; [[determine that the network destination is a trusted network destination on the whitelist]] (i.e., sandbox-providing agent classifies web resources); and allow, based on the determination that the network destination is a trusted network destination, communication between the network destination and the network (“[T]he web proxy may be configured to determine a connection origin of the web request; and the web proxy web may be configured to examine the request for the web resource to selectively allow or deny access to the web resource according to the connection origin of the web request”, see ¶[0013]. The web proxy arranges access to web resources when the web request is allowed – see ¶[0020] and ¶[0025]. See also ¶[0085]. The sandbox-providing agent classifies web resources according to sandbox categories, including “trusted” and “untrusted” – see ¶[0103].)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the system in Pai in view of Weinberger to have the proxy device configured to receive, from the network, a third request to communicate with the network destination; and allow, based on the determination that the network destination is a trusted network destination, communication between the network destination and the network, as taught by Sriramakrishnan. One would have access to web resources may be better controlled by the web proxy 503 so as to better protect the computer device from malicious content while a user experience may be improved” (Sriramakrishnan, ¶[0166]) “while maintaining a security of the computer device” (Sriramakrishnan, ¶[0125]).
Sriramakrishnan fails to teach the proxy device configured to determine that the network destination is a trusted network destination on the whitelist (i.e., the sandbox-providing agent classifies web resources according to sandbox categories, including “trusted” and “untrusted”).
However, Hoy teaches a host computer supporting a virtual guest system running thereon, including a firewall that prevents it from communicating directly with the Internet, except with predetermined trusted sites (see abstract). Hoy teaches:
the proxy device configured to determine that the network destination is a trusted network destination on the whitelist (“A proxy/web-content filter 4 is connected with and cooperates with the firewall hardware 3 to control the type of data permitted to pass from the Internet 5 into the local system 1, filtering e.g., pornographic material or data not intended for the system 1, and also blocks communications from users on the LAN trying to reach disallowed sites…” – see ¶[0038]. “Proxy content filter 4 may optionally be used to screen undesirable or inappropriate incoming or outgoing data…” – see ¶[0073]. Note that trusted sites are stored/classified in a whitelist [0019] and [0068] and the proxy may be used to screen the data based on whitelisted sites, like firewall 3 does as discussed in ¶[0067-0073]. See also [0023] [0025] [0055-0057] [0075] [0081-0082]).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the system in Pai Weinberger and Sriramakrishnan to have the proxy device configured to determine that the network destination is a trusted network destination on the whitelist, as taught by Hoy. One would have been motivated to make such a combination to control/filter the type of data permitted to pass from the Internet to the local system (Hoy, ¶[0038]).

Claim 14 is rejected under 35 U.S.C. 103 as being unpatentable over Pai et al. (US 20170353496 A1) in view of Weinberger et al(US 20170142144 A1), in view of Sriramakrishnan (US 20170208067 A1), in further view of Dawson (US 20160226834 A1).

Regarding claim 14, Furthermore, Pai discloses the HSVI subsystem providing user credentials to a web proxy from host operating system 102 (¶[0074]) and the virtual security subsystem 210 is configured to call security subsystem 120 of host operating system 102 to provide authentication to the web proxy (¶[0075]).
Pai Weinberger and Sriramakrishnan fails to disclose the authentication credentials comprise preconfigured credentials stored within an encrypted configuration file.
However, Dawson teaches a system and method to facilitate secure communications between processes, servers and virtual machines (see ¶[0008]). Dawson teaches:
the authentication credentials comprise preconfigured credentials stored within an encrypted configuration file (The virtual machine (i.e., sandboxed environment) is preconfigured with user credential information and is stored in an encrypted data volume – see ¶[0053]).
Pai, Weinberger and Sriramakrishnan to include the authentication credentials comprise preconfigured credentials stored within an encrypted configuration file, as taught by Dawson. One would have been motivated to make such a combination to protect sensitive information as “the user credential information is stored in an encrypted read-only data volume within the onboard database, which is accessible using an encrypted messaging system. Thus, the user credential information is generally not modifiable and safe from the hostile environment…” (Dawson, ¶0037]).

Claims 17-20 are rejected under 35 U.S.C. 103 as being unpatentable over Pai et al. (US 20170353496 A1) in view of Weinberger et al(US 20170142144 A1) and  in view of Hoy et al. (US 20130318594 A1).

Regarding claim 17, Pai teaches an Internet isolation system comprising:
a host computer system comprising a first processor  (In an enterprise environment, multiple users are connected and share access to common enterprise data or networks – see ¶[0015].  “Network 108 represents functionality of a data network, such as the Internet, a local area network (LAN), a public telephone network, an intranet, other public and/or proprietary networks, combinations thereof, and so forth.” – see ¶[0022]. As shown in Fig. 7, host systems may include a variety of computing devices such as computers, mobile devices, television sets, among others – see ¶[0132-0151]), configure to: 
prevent, using a host-based firewall, communication and data transfer to another host computing system (The HVSI determines if a requested network resource is untrusted; if so, it causes the host operating system to activate the container(s) - see ¶[0027-0028]. The network filter 116 (may be built in a firewall - ¶[0068]) also in the host operating system 102 intercepts requested network resources as they are transmitted from the network 108 to the host operating system 102 so that the HVSI subsystem 110 may compare them against one or more policies stored in policy manager 112 - see ¶[0031-0035]. After the container(s) is/are created, the network filter 116 filters all network resource calls from host operating system 102 and container 130 – see ¶[0051]. See also ¶[0065-0077]. “[N]etwork resources can be files, applications, emails, documents, Uniform Resource Locators (URLs), Internet Protocol (IP) addresses, Transmission Control Protocol (TCP) ports, Domain Name System (DNS) name, data stores, hardware devices, or combinations thereof.” – see ¶[0014]), 
implement an operating system and a computing environment, the operating system configured to enable operation of a workspace that is configured to enable operation of a first set of one or more applications or processes, the computing environment configured to enable operation of a second set of one or more applications or processes (“[A] web application is run on a host operating system of a device… [a] web application is configured to access one or more network resources stored remotely from the device running the host operating system.”, see ¶[0005]. See also ¶[0014], ¶[0022] and ¶[0030]. When an application in the host attempts to access a network resource, the host operating system determines if the resource is trusted or untrusted. If untrusted, the host operating system activates a container that is isolated 
isolate, using an internal isolation firewall, the computing environment from the workspace (The host operating system 102 includes a hardware-based virtualized security isolation (HVSI) subsystem 110 and manages one or more containers 130 (1-n). The HVSI determines if a requested network resource is untrusted; if so, it causes the host operating system to activate the container(s) - see ¶[0027-0028]. The host operating system 102 is isolated from container(s) 130 to protect the host from attacks resulting from untrusted network resources – see ¶[0039]. When HSVI is launched, it communicates with container manager 118 to create a container for a particular user logged on the computing system. Each container has a unique local account credential which prevents the host operating system 102 from accessing any containers that were created for a user that is not logged on. For the user in the computing device implementing the host operating system to interact with resources accessed by application 206 in the container, an interface of application 206 is displayed to the user - see ¶[0046] and ¶[0050]. In other words, if the user is not logged in, the host operating system cannot access the (isolated) containers. See also ¶[0034-0035] and ¶[0065-0077]); 
an authorization device comprising a second processor  (“web proxy 116”) configured to authenticate the computing environment of host computer systems upon receipt of authentication credentials from the computing environment (A web proxy may be present and require authentication before allowing users and application to access network resources. In a scenario where a virtual application running in an isolated container requires web proxy authentication to access untrusted network resources, the HVSI subsystem 110 implementing virtual security subsystems 210 will provide the required credentials for the virtual application 206 running in container 130 to the web proxy - see ¶[0073-0076].); 
a proxy device comprising a third processor (“web proxy 106” – Note that the authorization device and the web proxy are the same device as discussed in claims 9 and 10 above) configured to: 
proxy communication between an untrusted network destinations and the authenticated computing environment (When an application in the host attempts to access a network resource, the host operating system determines if the resource is trusted or untrusted. If untrusted, the host operating system activates a container that is isolated from the host operating system and is configured to run a version of the application within the container - see ¶[0003]. Virtual application 206 in container 130 is configured to “interact with one or more untrusted network resources just as the host operating system 102 would interact with one or more trusted network resources” – see ¶[0049]. Virtual web application 206 in container 130 may access a network resource via a web proxy - ¶[0073-0076]), and 
[[prevent communication between the respective workspace of the host computer systems and the untrusted network destination]]; and 
a border firewall configured to block unauthorized communications between the network and the untrusted network destinations (“HVSI subsystem 110 interfaces with network filter 116 to ensure that host operating system 102 is not able to access or otherwise open any one or more untrusted network resources.”, see ¶[0067]. Network filter 116 is configured to ensure that host operating system 102 and container 130 do not access network resources for which they are not allowed (i.e., host operating system cannot access untrusted resources; containers cannot access trusted resources). For this, network filter 116 performs header inspection with web proxy 106 facilitating the traffic - see ¶[0060] and ¶[0071]. The “HVSI subsystem 110 is configured to interact with network filter 116 to perform web proxy authentication” – see ¶[0073]).

Pai does not exclusively but Weinberger teaches, implement a sandboxed computing environment that using host operating system (FIG 1 and associated text; [0067]; Sandboxing may be enforced by an operating system of the internal host 104 and may prevent the application executing in the sandbox from reading or writing to the LAN segment 102 and/or the enterprise network domain 101 or to read from or write to host interfaces of the internal host 104. Sandboxing may be a temporary action to allow cyber analysts time to determine whether the subject application is compromised and/or poses a cyber threat to the internal host 104, the LAN segment 106, and/or the enterprise network domain 101.).  It would have been obvious to one of ordinary skill in the art before 

Pai in view of Weinberger fails to teach prevent[ing], using a host-based firewall, communication and data transfer between the other host computer systems of the plurality of host computer systems (i.e., communication is prevented between the host and other devices in the network; Pai is not explicit about the other devices been other host systems); and, a proxy device configured to prevent communication between respective workspaces of each of the plurality of host computer systems and the untrusted network destinations.
However, Hoy teaches a host computer supporting a virtual guest system running thereon, including a firewall that prevents it from communicating directly with the Internet, except with predetermined trusted sites (see abstract). Hoy teaches:

prevent[ing], using a host-based firewall, communication and data transfer between the other host computer systems of the plurality of host computer systems (As shown in Fig. 2, the computer system is provided with a host-based firewall that limits communications from the host system by blocking communication between the host system and any IP address (except for trusted sites that have been whitelisted) - ¶[0075]) and, 
a proxy device configured to prevent communication between respective workspaces of each of the plurality of host computer systems and the untrusted network destinations (“A proxy/web-content filter 4 is connected with and cooperates with the firewall hardware 3 to control the type of data permitted to pass from the Internet 5 into the local system 1, filtering e.g., pornographic material or data not intended for the system 1, and also blocks communications from users on the LAN trying to reach disallowed sites…” – see ¶[0038]. Disallowed sites are not trusted and/or not specifically whitelisted. “Proxy content filter 4 may optionally be used to screen undesirable or inappropriate incoming or outgoing data…” – see ¶[0073]. See also ¶[0023], ¶[0025], ¶[0055-0057], ¶[0067-0075] and ¶[0081-0082]).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the system in Pai in view of Weinberger to include prevent[ing], using a host-based firewall, communication and data transfer between the other host computer systems of the plurality of host computer systems; and, a proxy device configured to prevent communication between respective workspaces of each of the plurality of host computer systems and the untrusted network destinations, as taught by Hoy. One would have been motivated to “provide a system for a computer that will allow safe browsing without a risk of such infection”; to “allow Internet access from only the bare minimum of servers or devices in the LAN that require it, and to restrict where they can go”; and, to “provide a system that rigorously monitors any exceptions, including DNS and SMTP exceptions, which might indicate a compromise of any trusted host system on the LAN” (Hoy, ¶[0013] and ¶[0016-0017]).

Regarding claim 18, Furthermore, -Pai teaches an Internet isolation system, the first processor of the host computing system is further internet isolation system is configured to: determine that a malware has infected the sandboxed computing environment; and prevent the malware from communicating with the workspace of the host computer system; (An untrusted network resource may have malware or be used by malicious users, as discussed in ¶[0014]. When the host operating system activates a container to access an untrusted network resource, and the container becomes compromised (e.g., infected), “the host operating system is isolated and protected from any infection or attack associated with untrusted network resources” – see ¶[0101-0103]. “[C]ontainers may be corrupted by one or more untrusted network resources without any negative repercussions for the operating system of the host device”, see ¶[0020]. See also ¶[0016]. Containers have, inter alia, an isolated file system, configuration and network – see ¶[0034]. Thus, files in the host operating system would be protected and isolated from any infection/attack from untrusted resources.).

Regarding claim 19, Pai fails to teach an Internet isolation system, wherein if malware infects a workspace of a host computer system of the plurality of host computer systems, the internet isolation system is configured to: prevent the malware from communicating with the other host computer systems of the plurality of host computer systems; and, prevent the malware from communicating with untrusted network destinations.
However, Hoy teaches an Internet isolation system, wherein the first processor of the host computing system is further configured to: if determine that a malware has infected the sandboxed computing environment; and prevent the malware from communicating with another host computer system (A host computer supports a virtual guest system (i.e., sandboxed environment) which is isolated from the host by an there would be no exfiltration of data, and malware beaconing, or any possibility of remote command and control” – see ¶[0034]. See ¶[0029-0034]. As shown in Fig. 2, the computer system is provided with a host-based firewall that limits communications from the host system by blocking communication between the host system and any IP address (except for trusted sites that have been whitelisted) - ¶[0075]).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the system in Pai in view of Weinberger to include an Internet isolation system, wherein if malware infects a workspace of a host computer system of the plurality of host computer systems, the internet isolation system is configured to: prevent the malware from communicating with the other host computer systems of the plurality of host computer systems; and, prevent the malware from communicating with untrusted network destinations, as taught by Hoy. One would have been motivated to “provide a system for a computer that will allow safe browsing without a risk of such infection”; to “allow Internet access from only the bare minimum of servers or devices in the LAN that require it, and to restrict where they can go”; and, to “provide a system that rigorously monitors any exceptions, including DNS and SMTP exceptions, which might indicate a compromise of any trusted host system on the LAN” (Hoy, ¶[0013] and ¶[0016-0017]).

Regarding claim 20, Pai fails to teach an Internet isolation system, wherein the respective host-based firewalls of each of the plurality of host computer systems prevent the malware from communicating with the respective workspaces of the plurality of host computer systems, and wherein the proxy device and the border firewall prevent the malware from communicating with the untrusted network destinations.
However, Hoy teaches an Internet isolation system, wherein the third processor of the proxy device is further configured to prevent the malware from communicating with an untrusted network destination. (Even if the guest system becomes compromised, and the malware somehow gets through the firewall and initiates an executable module on the host system, the module will not be able to communicate outside the local area network (ports are disabled – see ¶0025]), thus “there would be no exfiltration of data, and malware beaconing, or any possibility of remote command and control” – see ¶[0034]. See ¶[0029-0034]. As shown in Fig. 2, the computer system is provided with a host-based firewall that limits communications from the host system by blocking communication between the host system and any IP address (except for trusted sites that have been whitelisted) - ¶[0075]. “A proxy/web-content filter 4 is connected with and cooperates with the firewall hardware 3 to … blocks communications from users on the LAN trying to reach disallowed sites…” – see ¶[0038]. Disallowed sites are not trusted and/or not specifically whitelisted. See also ¶[0073]).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the system in Pai in view of Weinberger to include an Internet isolation system, wherein the respective host-based firewalls of each of the plurality of host computer systems prevent the malware from communicating with Hoy. One would have been motivated to “provide a system for a computer that will allow safe browsing without a risk of such infection”; to “allow Internet access from only the bare minimum of servers or devices in the LAN that require it, and to restrict where they can go”; and, to “provide a system that rigorously monitors any exceptions, including DNS and SMTP exceptions, which might indicate a compromise of any trusted host system on the LAN” (Hoy, ¶[0013] and ¶[0016-0017]).

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159.  See MPEP §§ 706.02(l)(1) - 706.02(l)(3) for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 

The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.

Claims 1, 3 and 6-8 provisionally rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-22 of copending application No. 16/163,884 in view of Pai et al. (US 20170353496 A1).  

Instant App. 16/059,381
Copending App. 16/163,884
1
1, 3, 5, 6 and 11
3
8, 14, 21
6
4
7
5 and 6
8
3 and 15


Although the claims at issue are not identical, they are not patentably distinct from each other because all elements of claims 1, 3 and 6-8 of the instant application correspond to elements of claims 1-22 of the copending application ‘884, except for “a host computer system” in claims 1, 3 and 6-8 (i.e., copending application teaches a mobile device). 
Regarding the limitation “the sandboxed computing environment configured to authenticate with an authorization device” in claim 1, claim 5 of copending application ‘884 includes the limitation “the second set of one or more applications or processes are configured to authenticate with at least one authentication device in order to communicate with the - 66 -Docket No.: LCOMENTMobileUSO1 untrusted network destinations, and wherein the processor is configured to select the at least one authentication device based on an identity of the network”. The second set of applications is running in the isolated computing environment (i.e., sandboxed computing environment) if claim 1 of copending application ‘884. Therefore, the isolated computing environment in copending application ‘884 is 
Regarding the limitation “the internal isolation firewall being configured to prevent data from being communicated between the sandboxed computing environment and the workspace without an explicit user input” in claim 1, claim 11 of copending application ‘884 includes the limitation “the internal isolation firewall is configured to prompt a user of the mobile device to allow communication between the workspace and the isolated computing environment”, which indicates that user input is needed to allow communication, and thus, implies that communication is blocked by default. That is, no user input is needed to block (i.e., prevent) communication as claimed in the instant application. 
Regarding the limitation “prevent, using a host-based firewall, communication between the host computer system and one or more other devices on the network” in claim 1, claim 3 of copending application ‘884 includes the limitation “the host-based firewall is configured to one or more of: allow one or more incoming communications from the network that are sent to the isolated computing environment or block one or more incoming communications from the network that are sent to the workspace”, where the host-based firewall blocks (i.e., prevents) communications between the host and the network, as required by claim 1 of the instant application.
Regarding the limitation “communicate, using the second set of one or more applications or processes operating on the sandboxed computing environment, with untrusted network destinations via a proxy device” in claim 1, claim 6 of copending application ‘884 includes the limitation “the second set of one or more applications or processes are configured to communicate via at least one proxy server in order to communicate with the untrusted network destinations, and wherein the processor is configured to select the at least one proxy server based on an identity of the network”, which clearly shows the second set of applications communicating with untrusted network resources via a proxy server, as required in claim 1 of the instant application.
Pai teaches that “a host computer system” may be a mobile device (see Fig. 7 and ¶[0132-0151]), as discussed in the rejections for claims 11 and 17 below.
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Pai with the copending application ‘884 in order to “[enable] ubiquitous environments for a seamless user experience” (Pai ¶[0144]).  Therefore, claims 1, 3 and 6-8 of the instant application would have been obvious over claims 1-22 of the reference application.
Claims 1, 2, 5, 7-8 and 17-20 provisionally rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-20 of copending application No. 16/146,490 in view of Pai et al. (US 20170353496 A1) and Hoy et al. (US 20130318594 A1).  
Instant App. 16/059,381
Copending App. No. 16/146,490
1
1, 5, 11 and 15
2
8
5
10
7
20
8
4
17
1, 11 and 14
18
11, 13, 15, 16 and 19
19
11, 13, 15, 16 and 19
20
11, 13, 15, 16 and 19


claims 1, 2, 5, 7-8 and 17-20 of the instant application correspond to elements of claims 1-20 of the copending application ‘490, except for “a proxy device configured to prevent communication between respective workspaces of each of the plurality of host computer systems and the untrusted network destinations” (in claim 17). 
Regarding the limitation “prevent, using a host-based firewall, communication between the host computer system and one or more other devices on the network” in claim 1, claim 15 of copending application ‘490 includes the limitation “the external communications from the external source to the malware are prevented by: one or more of the border firewall or the proxy device when the first device or the second device is connected to the trusted network; or the host-based firewall when the first device or the second device is connected to the untrusted network”, which clearly shows the host-based firewall blocking (i.e., preventing) communication between the host computer system and external sources, as required in claim 1 of the instant application.
Regarding the limitation “communicate, using the second set of one or more applications or processes operating on the sandboxed computing environment, with untrusted network destinations via a proxy device” in claim 1, claims 5 and 11 of copending application ‘490 include the limitations “the processor being configured to communicate through one or more of a border firewall or a proxy device” (claim 5) and “a proxy device configured to proxy communications between the untrusted network destinations and the respective authenticated isolated computing environments of the first and second devices” (claim 11), which clearly show the applications in the isolated 
Regarding the limitation “prevent, using a host-based firewall, communication and data transfer between the other host computer systems of the plurality of host computer systems” in claim 17, claims 11 and 14 of copending application ‘490 include the limitations “implement a host-based firewall configured to block incoming traffic” (claim 11) and “a host-based firewall on each of the first and second devices, the host-based firewall configured to: when the respective first or second device is connected to a trusted network, block incoming traffic from other devices on the trusted network; and when the respective first or second device is connected to an untrusted network, block outgoing and incoming traffic from the workspace of the respective first or second device”, which clearly shows the host-based firewall blocking (i.e., preventing) communication with other host computer systems (in the trusted network) or other devices (in the untrusted network), as required in claim 17 of the instant application.
Regarding the limitation “a border firewall configured to block unauthorized communications between the network and the untrusted network destinations” in claim 17, claim 11 of copending application ‘490 includes the limitations “a border firewall configured to prevent unauthorized communication between the local network and untrusted network destinations”, which clearly shows what is required in claim 17 of the instant application.
Pai in view of Hoy teach “a proxy device configured to prevent communication between respective workspaces of each of the plurality of host computer systems and the untrusted network destinations” (see Hoy, ¶[0023], ¶[0025], ¶[0038], ¶[0055-0057], ¶[0067-0075] and ¶[0081-0082]), as discussed in the rejections for claim 17 below.
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Pai and Hoy with the copending application ‘490 in order to “provide a system for a computer that will allow safe browsing without a risk of such infection”; to “allow Internet access from only the bare minimum of servers or devices in the LAN that require it, and to restrict where they can go”; and, to “provide a system that rigorously monitors any exceptions, including DNS and SMTP exceptions, which might indicate a compromise of any trusted host system on the LAN” (Hoy, ¶[0013] and ¶[0016-0017]). Therefore, claims 1, 2, 5, 7-8 and 17-20 of the instant application ‘490 would have been obvious over claims 1-20 of the reference application.
Claims 1-4 provisionally rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-20 of copending application No. 16/141,378 in view of Pai et al. (US 20170353496 A1).  
Instant App. 16/059,381
Copending App. No. 16/141,378
1
1 and 10
2
1 and 10
3
1 and 8
4
1, 8 and 15


Although the claims at issue are not identical, they are not patentably distinct from each other because all elements of claims 1-4 of the instant application correspond to elements of claims 1-20 of the copending application ‘378, except for “prevent, using a host-based firewall, communication between the host computer system and one or more other devices on the network” (in claim 1).
Pai teaches “prevent, using a host-based firewall, communication between the host computer system and one or more other devices on the network” (see ¶[0014], ¶[0027-0028], ¶[0031-0035], ¶[0051], ¶[0065-0077]), as discussed in the rejections for claim 1 below. 
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Pai with the copending application ‘378 in order to “protect the host device from malicious attacks” (Pai ¶[0015]).  Therefore, claims 1-4 of the instant application would have been obvious over claims 1-20 of the reference application.
This is a provisional nonstatutory double patenting rejection because the patentably indistinct claims have not in fact been patented.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure: 
Rajgopal et al. (US-20140115646-A1) – An apparatus for use as set top box, has secure access interface that is configured to support communications between set top box application and software framework;
Gan (US-20180139178-A1) - Device for detecting security conditions of user terminal, has security defense device for generating corresponding Indicators of compromised according to stable behavior feature and sending Indicators of compromised to user terminal;
Giura et al. (US-20150156203-A1) - System for providing secure browsing of unknown URLs in e.g. computing device, through transparent network proxy, has 
Ghosh et al. (US-20130145463-A1) – System for controlling and detecting malicious content provided on network, includes instruction for sending indication with anomalous behavior which is different from actual behavior;
Pulapaka et al. (US-20180198824-A1) - System for distributing access to services in host operating system of computing device, has service control manager for enabling communication between client stub of service implemented in client runtime environment;
Yablokov et al. (US-20180276396-A1) - Method for controlling access to content from user application executing in isolated environment, involves determining category of content, and controlling access to content of graphical user interface based on determined category;
Kashyap et al. (US-20170076092-A1) - System for monitoring process behavior and associated forensic analysis techniques, has set of instructions for determining whether process is compromised by analyzing behavior data;
Pratt (US-9386021-B1) - An apparatus for providing operating environments selective access to network resources, comprises guest operating system and hypertext transfer protocol request is provided in hypertext transfer protocol header;
Christopher et al. (US-8966464-B1) – System for dependency isolation between two or more tenants, includes computer-executable instructions which are executed by computer to associate tenant classloader with tenant;
Rodgers et al. (US-9531715-B1) - Method for accessing local resources, involves replacing placeholder credential in request with resource credential to obtain second request, sending it to local resource and providing received response to application.
	
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MOHAMMED WALIULLAH whose telephone number is (571)270-7987.  The examiner can normally be reached on 8.30 to 430 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Yin-Chen Shaw can be reached on 1-571-272-8878.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access 

/MOHAMMED WALIULLAH/Primary Examiner, Art Unit 2498