DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Amendment
This communication is in response to the amendment filed on 03/19/2021.
Claims 1-2, 4-5, 7-13 and 18-22 are pending.
Claims 3, 6 14 and 17 are cancelled.
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 03/19/2021 has been entered.

Response to Arguments
Regarding 35 USC 103
Applicant’s Argument’sApplicant’s arguments regarding 35 USC 103, pages 6-8, claims 1 and 12, filed on 03/12/2021 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-2, 4-5, 7 and 9 are rejected under 35 U.S.C. 103 as being unpatentable over Raleigh (US20170078886) in view of Hansen (US20140250296) and in further view of Thomas (US20110246753).
As to claim 1, Raleigh teaches a security surveillance system for a mobile device  with a wireless interface (¶0112 device control element; ¶0128 mobile devices; ¶0208 Wifi, interface; ¶0429 secure, network monitoring) and a control unit that is connected to the wireless interface (¶0087 network equipment elements connected to the device; ¶0151 components of the device, interface; ¶0165 device includes controller; ¶0208 Wifi, interface controller) and that controls further elements of the mobile device based on wireless data traffic received by the wireless interface, (¶0208 network traffic being controlled  interface controller(Wifi); ¶0222 wireless network traffic; ¶0524 network communication  is obtained through the device user interface) the security surveillance system comprising: a security controller included in the mobile device, (¶0112 controller (e.g., a network device based service control element; ¶0165 wireless communications device  includes secure controller; ¶0429 secure, network monitoring) wherein the security controller is implemented as a dedicated device and the security controller is coupled to the wireless interface, (¶0087 controller, dedicated devices; ¶0129 controller implementation; ¶0165 secure controller; ¶0208 interface controller, Wifi; ¶0333 input device and output device, including input and interfaces, ¶0571 computer  may be coupled to or include the I/O devices) and the security controller receives the data traffic provided to the control unit and inspects at least the received data traffic incoming (¶0087 controller  obtain the network  information, from device, traffic  quality; ¶0113 controller provides for device assisted monitoring, and/or functionality (e.g., Deep Packet Inspection (DPI); ¶0122 controller receives, collects information; ¶0165 secure controller;) via the wireless interface at the mobile device according to a number of predefined data rules, (¶0084 traffic control policy rules; ¶0088 preassigned policies; ¶0208 network traffic, interface controller(Wifi); ¶0524 network communication  is obtained through the device user interface) wherein the security controller generates a warning signal if the data traffic violates one of the predefined data rules, (¶0133 controller identify breaches in the service policy, violation; ¶0165 secure controller; ¶0171 controller provides notification ¶0187 notification based on policy is generated; ¶0434 notifying the user of violation).
Although Raleigh teaches the system recited above, wherein Raleigh fails to expressly teach a warning indicator that is coupled to the security controller and that generates a warning indication based on the warning signal. 
Hansen, however discloses, and a warning indicator that is coupled to the security controller and that generates a warning indication based on the warning signal (¶0018 user devices display (including indicator); ¶0020 security controller to provide an indication; ¶0044 security controller generates a warning signal; ¶0057 warning signal generated in response to potential malicious element).
Thus given the teachings of Hansen it would have been obvious to one of ordinary skill persons in the art before the effective filing date of the claimed invention to combine the teachings of Hansen and Raleigh for a device secure processor/controller with indicator to issue alerts. One of ordinary skill in the art would be motivated to allow for setting security flags to detect changes. (See Hansen para 0031)
Although the combination of Raleigh and Hansen teach the system recited above, wherein Raleigh and Hansen fail to expressly teach wherein the security controller comprises a virtual machine that executes at least part of the operating system that is parallel executed by the control unit of the mobile device, and wherein the security controller comprises a behavior monitor that is arranged external to the virtual machine and configured to inspect and monitor a 
Thomas, however discloses, wherein the security controller comprises a virtual machine that executes at least part of the operating system that is parallel executed by the control unit of the mobile device, (¶0009 controller including virtual machine; ¶0062 mobile device; ¶0063 security system controller; ¶0068 controller, control the operating system execution environments) and wherein the security controller comprises a behavior monitor that is arranged external to the virtual machine (¶0009 controller including virtual machine; ¶0062 mobile device; ¶0063 security system controller) and configured to inspect and monitor a behavior of software executed in the virtual machine in view of the received data traffic incoming via the wireless interface. (¶0030 security management provide analyzing behavior software code executes; ¶0065 launched, a software application to virtual machine; ¶0066 controller may evaluate, analyze, read, and network communications).
Thus given the teachings of Thomas it would have been obvious to one of ordinary skill persons in the art before the effective filing date of the claimed invention to combine the teachings of Thomas, Raleigh and Hansen for virtual machine device controller monitors application activity/behavior. One of ordinary skill in the art would be motivated to allow for removing/quarantining certain applications with malicious code. (See Thomas para 0028)
As to claim 2, the combination of Raleigh, Hanse and Thomas teach the system recited in claim 1, wherein Raleigh further teaches the security surveillance system of claim 1, wherein the security controller comprises a computer program that is executed by the control unit of the mobile device. (¶0165 wireless communications device includes secure controller; ¶0198 an application executing on the device and a network element and/or service cloud for protecting network; ¶0418 controller pushes app (application)).
As to claim 4, the combination of Raleigh, Hanse and Thomas teach the system recited in claim 2, wherein Raleigh further teaches the security surveillance system of claim 2, wherein the security controller comprises a hardware driver for the wireless interface for an operating system of the control unit of the mobile device. (¶0078 wireless device that includes operating system (OS); ¶0165 wireless communications device includes secure controller; ¶0208 system includes hardware interface controller driver; interface controller (Wifi)). 
As to claim 5, the combination of Raleigh, Hanse and Thomas teach the system recited in claim 2, wherein Raleigh further teaches the security surveillance system of claim 2, wherein the security controller comprises a communication stack function of a communication software stack of an operating system of the control unit of the mobile device. (¶0165 wireless communications device includes secure controller; ¶0174 service controller, communication stack software; ¶0176 device communications stack; ¶0429 operating system includes network stack).
As to claim 7, the combination of Raleigh, Hanse and Thomas teach the system recited in claim 1, wherein Raleigh further teaches the security surveillance system of claim 1, wherein the virtual machine is provided in the control unit. (¶0171 service processor and/or service controller; ¶0203 processor in a secure virtual machine; ¶0428 VM based system, controller).
As to claim 9, the combination of Raleigh, Hanse and Thomas teach the system recited in claim 1, wherein Raleigh further teaches the security surveillance system of claim 1, wherein the security controller controllably blocks data traffic that violates one of the predefined data rules. (¶0088 preassigned policies; ¶0133 controller includes an access control, policy violation; ¶0210 controller implementing blocking activity).
Claim 8 is rejected under 35 U.S.C. 103 as being unpatentable over Raleigh (US20170078886) in view of Hansen (US20140250296) and in further view of Thomas US20110246753 and in further view of Gupta (EP2949144).
As to claim 8, although the combination of Raleigh, Hansen and Thomas teach the system recited in claim 1, wherein the combination of Raleigh, Hansen and Thomas fail to expressly teach The security surveillance system of claim 1, wherein the security controller comprises digital analysis circuitry that is coupled between a RF circuit of the wireless interface and digital circuitry of the wireless interface or the control unit of the mobile device.
Gupta, however discloses, the security surveillance system of claim 1, wherein the security controller comprises digital analysis circuitry that is coupled between a RF circuit of the wireless interface and digital circuitry of the wireless interface or the control unit of the mobile device. (¶0143 mobile computing device include a digital signal processor; ¶0146 control processor coupled to a radio frequency (RF); ¶0151 mobile computing device include a separate RF circuit).
Thus given the teachings of Gupta it would have been obvious to one of ordinary skill persons in the art before the effective filing date of the claimed invention to combine the teachings of Gupta, Raleigh, Hansen and Thomas for a device controller/processor with an interface comprising digital and RF circuitry. One of ordinary skill in the art would be motivated to allow for processing encoded signal. (See Gupta para 0052)
Claim 10 is rejected under 35 U.S.C. 103 as being unpatentable over Raleigh (US20170078886) in view of Hansen (US20140250296) and in further view of Thomas US20110246753 and in further view of Bettini (US20140331281).
As to claim 10, although the combination of Raleigh, Hansen and Thomas teach the method recited in claim 1, wherein the combination of Raleigh, Hansen and Thomas fail to expressly teach the security surveillance system of claim 1, comprising an external network emulator that emulates a communication network and controllably transmits data traffic to the mobile device that violates at least one of the data rules.
Bettini, however discloses, the security surveillance system of claim 1, comprising an external network emulator that emulates a communication network and controllably transmits data traffic to the mobile device that violates at least one of the data rules. (¶0031 an emulator; ¶ ¶0075 emulator send text (data); ¶0138 traffic data that violates an aspect of a policy).
Thus given the teachings of Bettini it would have been obvious to one of ordinary skill persons in the art before the effective filing date of the claimed invention to combine the teachings of Bettini, Raleigh, Hansen and Thomas for a device controller/processor with emulator emulating communications. One of ordinary skill in the art would be motivated to allow for a database for storing reports based on analysis of applications. (See Bettini para 0103)
Claim 11 is rejected under 35 U.S.C. 103 as being unpatentable over Raleigh (US20170078886) in view of Hansen (US20140250296) and in further view of Thomas US20110246753 and in further view of Beam (US20170126728).
As to claim 11, although the combination of Raleigh, Hansen and Thomas teach the method recited in claim 1, wherein the combination of Raleigh, Hansen and Thomas fail to 
Beam, however discloses, the security surveillance system of claim 1, wherein the security controller comprises a configuration interface for receiving data rules, and a configuration memory for storing the received data rules. (¶0039 configuration interface configuration; security policy rules received for storage; ¶0050 security management control module).
Thus given the teachings of Beam it would have been obvious to one of ordinary skill persons in the art before the effective filing date of the claimed invention to combine the teachings of Beam, Raleigh, Hansen and Thomas for interface to receive and store rules/policies. One of ordinary skill in the art would be motivated to allow for automatically constructing security policies having ordered rules within the policies for the identified set of security devices. (See Beam para 0024)
Claim 12-13, 15-16 and 18 is rejected under 35 U.S.C. 103 as being unpatentable over Raleigh (US20170078886) in view of view of Thomas (US20110246753).
As to claim 12, Raleigh teaches a security surveillance method for a mobile device with a wireless interface (¶0112 device control element; ¶0128 mobile devices; ¶0208 Wifi, interface controller; ¶0429 secure, network monitoring) and a control unit that is connected to the wireless interface (¶0087 network equipment elements connected to the device; ¶0151 components of the device, interface; ¶0165 device includes controller; ¶0208 Wifi, interface controller) and that controls further elements of the mobile device based on wireless data traffic (¶0208 network traffic being controlled  interface controller(Wifi); ¶0222 wireless network traffic; ¶0524 network communication  is obtained through the device user interface) the security surveillance method comprising: receiving the data traffic provided to the control unit by a security controller, inspecting, by the security controller, (¶0087 controller  obtain the network  information, from device, traffic  quality; ¶0113 controller provides for device assisted monitoring, and/or functionality (e.g., Deep Packet Inspection (DPI); ¶0122 controller receives, collects information; ¶0165 secure controller) at least the received data traffic incoming via the wireless interface at the mobile device according to a number of predefined data rules with a security controller that is coupled to the wireless interface, (¶0084 traffic control policy rules; ¶0087 controller  obtain the network  information, from device, traffic  quality ¶0088 preassigned policies; ¶0165 secure controller; ¶0208 network traffic, interface controller(Wifi); ¶0524 network communication  is obtained through the device user interface) and generating a warning signal with the security controller if the data traffic violates one of the predefined data rules, (¶0133 controller identify breaches in the service policy, violation; ¶0171 controller provides notification; ¶0187 notification based on policy is generated; ¶0434 notifying the user of violation) wherein the security surveillance method is executed in the mobile device, (¶0112 controller (e.g., a network device based service control element)
Although Raleigh teaches the system recited above, wherein Raleigh fails to expressly teach wherein a virtual machine that executes at least part of an operating system that is in parallel executed by the control unit of the mobile device implements the functionality of the security controller; inspects and monitors a behavior of software executed in the virtual machine in view of the received data traffic incoming via the wireless interface.
Thomas, however discloses, wherein a virtual machine that executes at least part of an operating system  that is in parallel executed by the control unit of the mobile device implements the functionality of the security controller, (¶0009 controller including virtual machine; ¶0062 mobile device) and a behavior monitor of the security controller that is arranged external to the virtual machine (¶0009 controller including virtual machine; ¶0062 mobile device; ¶0063 security system controller) inspects and monitors a behavior of software executed in the virtual machine in view of the received data traffic incoming via the wireless interface. (¶0030 security management provide analyzing behavior software code executes; ¶0065 launched, a software application to virtual machine; ¶0066 controller may evaluate, analyze, read, and network communications).
Thus given the teachings of Thomas it would have been obvious to one of ordinary skill persons in the art before the effective filing date of the claimed invention to combine the teachings of Thomas and Raleigh for virtual machine device controller monitors application activity/behavior. One of ordinary skill in the art would be motivated to allow for a rules database to identify what is allowed and what is unacceptable according to policy/rules. (See Thomas para 0044)
As to claim 13, the combination of Raleigh and Thomas teach the method of claim 12, wherein Raleigh further teaches the security surveillance method of claim 12, wherein the control unit of the mobile device executes a computer program that implements the functionality of the security controller. (¶0165 wireless communications device includes secure controller; ¶0198 an application executing on the device and a network element and/or service cloud for protecting network; ¶0418 controller pushes app (application)).
As to claim 15, the combination of Raleigh and Thomas teach the method of claim 13, wherein Raleigh further teaches the security surveillance method of claim 13, wherein a hardware driver for the wireless interface for an operating system of the control unit of the mobile device implements the functionality of the security controller. (¶0078 wireless device that includes operating system (OS); ¶0165 wireless communications device includes secure controller; ¶0208 system includes hardware interface controller driver; interface controller (Wifi)).
As to claim 16, the combination of Raleigh and Thomas teach the method of claim 13, wherein Raleigh further teaches the security surveillance method of claim 13, wherein the security controller is implemented by a communication stack function of a communication software stack of an operating system of the control unit of the mobile device. (¶0165 wireless communications device includes secure controller; ¶0174 service controller, communication stack software; ¶0176 device communications stack; ¶0429 operating system includes network stack).
As to claim 18, the combination of Raleigh and Thomas teach the method of claim 13, wherein Raleigh further teaches the security surveillance method of claim , wherein the virtual machine is provided in the control unit. (¶0171 service processor and/or service controller; ¶0203 processor in a secure virtual machine; ¶0428 VM based system, controller).
Claims 19-20 are rejected under 35 U.S.C. 103 as being unpatentable over Raleigh (US20170078886) in view of view of Thomas (US20110246753) and in further view of Gupta (EP2949144).
As to claim 19, although the combination of Raleigh, Hansen and Thomas teach the method recited in claim 12, wherein the combination of Raleigh, Hansen and Thomas fail to expressly teach Gupta, however discloses, the security surveillance method of claim 12, wherein digital analysis circuitry that is coupled between a RF circuit of the wireless interface and digital circuitry of the wireless interface or the control unit of the mobile device performs the step of inspecting.
Gupta, however discloses, the security surveillance method of claim 12, wherein digital analysis circuitry that is coupled between a RF circuit of the wireless interface and digital circuitry of the wireless interface or the control unit of the mobile device performs the step of inspecting. (¶0077 provide behavior analysis of the computing system's behaviors; ¶0143 mobile computing device  include a digital signal processor; ¶0146 control processor coupled to a radio frequency (RF); ¶0151 mobile computing device  include a separate RF  circuit)
Thus given the teachings of Gupta it would have been obvious to one of ordinary skill persons in the art before the effective filing date of the claimed invention to combine the teachings of Gupta, Raleigh, Hansen and Thomas for a device controller/processor with an interface comprising digital and RF circuitry. One of ordinary skill in the art would be motivated to allow for decoding data packets. (See Gupta para 0154)
As to claim 20, although the combination of Raleigh, Hansen and Thomas teach the method recited in claim 12, wherein the combination of Raleigh, Hansen and Thomas fail to expressly teach the security surveillance method of claim 12, wherein digital analysis circuitry that is coupled between a RF circuit of the wireless interface and digital circuitry of the wireless interface or the control unit of the mobile device performs the step of inspecting.
Gupta, however discloses, the security surveillance method of claim 12, wherein digital analysis circuitry that is coupled between a RF circuit of the wireless interface and digital circuitry of the wireless interface or the control unit of the mobile device performs the step of inspecting. (¶0077 provide behavior analysis of the computing system's behaviors; ¶0143 mobile computing device include a digital signal processor; ¶0146 control processor coupled to a radio frequency (RF); ¶0151 mobile computing device include a separate RF circuit).
Thus given the teachings of Gupta it would have been obvious to one of ordinary skill persons in the art before the effective filing date of the claimed invention to combine the teachings of Gupta, Raleigh, Hansen and Thomas for a device controller/processor with an interface comprising digital and RF circuitry. One of ordinary skill in the art would be motivated to allow for filtering the received information. (See Gupta para 0134)
Claim 21 are rejected under 35 U.S.C. 103 as being unpatentable over Raleigh (US20170078886) in view of view of Thomas (US20110246753) and in further view of Bettini (US 20140331281).
As to claim 21, although the combination of Raleigh, Hansen and Thomas teach the method recited in claim 12, wherein the combination of Raleigh, Hansen and Thomas fail to expressly teach the security surveillance method of claim 12, comprising emulating a communication network and controllably transmitting data traffic to the mobile device that violates at least one of the data rules with an external network emulator.
Bettini, however discloses, the security surveillance method of claim 12, comprising emulating a communication network and controllably transmitting data traffic to the mobile ((¶0031 an emulator; ¶ ¶0075 emulator send text (data); ¶0138 traffic data that violates an aspect of a policy).
Thus given the teachings of Bettini it would have been obvious to one of ordinary skill persons in the art before the effective filing date of the claimed invention to combine the teachings of Bettini, Raleigh, Hansen and Thomas for a device controller/processor with emulator emulating communications. One of ordinary skill in the art would be motivated to allow for creating application profiles based on behavior associated with the application. (See Bettini para 0039)
Claim 22 are rejected under 35 U.S.C. 103 as being unpatentable over Raleigh (US20170078886) in view of view of Thomas (US20110246753) and in further view of Beam (US20170126728).
As to claim 22, although the combination of Raleigh, Hansen and Thomas teach the method recited in claim 12, wherein the combination of Raleigh, Hansen and Thomas fail to expressly teach Beam, however discloses, the security surveillance method of claim 12, wherein the security controller comprises a configuration interface for receiving data rules, and a configuration memory for storing the received data rules.
Beam, however discloses, the security surveillance method of claim 12, wherein the security controller comprises a configuration interface for receiving data rules, and a configuration memory for storing the received data rules. (¶0039 configuration interface configuration; security policy rules received  for storage; ¶0050 security management control module)
Thus given the teachings of Beam it would have been obvious to one of ordinary skill persons in the art before the effective filing date of the claimed invention to combine the teachings of Beam, Raleigh, Hansen and Thomas for interface to receive and store rules/policies. One of ordinary skill in the art would be motivated to allow for automatically modifying policies of devices in response to detection of threats. (See Beam para 0029)
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to TONY WILLIAMS whose telephone number is (469)295-9115.  The examiner can normally be reached on Mon-Fri 8:00-5:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Umar Cheema can be reached on (571)570-3037.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to 






/T.W. /Examiner, Art Unit 2454


/UMAR CHEEMA/Supervisory Patent Examiner, Art Unit 2454