Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION
The communication received on 5/7/21 has been entered.

Response to Arguments/Amendments
Applicant's arguments are essentially directed towards the newly introduced limitation.  They have been considered but are moot in view of the new ground(s) of rejection.


Claims 1-20 are pending.
The text of those sections of Title 35, U.S. Code not included in this action can be found in a prior Office action.


In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

Claim Rejections - 35 USC § 112

(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.

The following is a quotation of the first paragraph of pre-AIA  35 U.S.C. 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention.

Claims 1-20 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement. The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA  35 U.S.C. 112, the inventor(s), at the time the application was filed, had possession of the claimed invention. 
Specifically, the examiner was unable to find the support for the newly added limitations to the independent claims (1 and 13), especially within the context of the (following limitations of the) claims. 
The examiner carefully reviewed applicant’s specification, especially as pertaining to authentication in the context of the access point.  However, unlike the claim language that requires authenticating a user … and in response to authenticating the user … placing the client device in communication with the access point through at least one network, the specification clearly articulates that it is the access point that authenticates the user.  There is no conditional access to the access point based on 

Claim Rejections - 35 USC § 103
Claims 1-3 and 13-14 are rejected under 35 U.S.C. 103 as being unpatentable over Dotan (USPN 8701174) as applied in view of Wang (USPUB 20180375921) and Nagami (USPUB 20080092217).
As per claims 1 and 13, Dotan teaches an authentication system comprising: a server including at least one server processor configured to execute an application (Protected resource 24, e.g. Online banking); and a desktop virtualization system including at least one virtualization system processor configured to (the system including virtual desktop server 26 and authenticating engine 28, see Fig. 2 and the associated text, includes at least one processor.  A skilled in the art as well as noted by Dotan, computers utilize processors to perform computing tasks, including executing applications. Note that without given any specific definition, the processor could be also reasonably interpreted as an entity that processes particular tasks, including executing and authenticating), instantiate a virtual desktop (see virtual desktop (vd) 100 on a virtual desktop server (vds) 26);  authenticate a user of a client device (user token(s) authentication, col. 8 lines 50-65 (thereafter 8/50-65));  in response to authenticating the user of the client device, place the client device in communication with the virtual desktop through at least one network (vds provides a vd session to the end user device, 8/66-9/4);  launch a secure browser in the virtual desktop; and using the secure browser, place the client device in communication with the server through the at least one network wherein the application is configured to perform processing in response to at least one command from the client device sent through the secure browser of the virtual desktop (if authentication successful the user is enabled to access to resources via browser application 102, 
As per claim 2, Dotan teaches the client device including at least one client processor (end user device 22 illustrated in Fig. 2 discussed in the associated text). 
As per claims 3 and 14, although Dotan teaches the at least one client processor is configured to: perform processing associated with authenticating the user and sending the at least one command (e.g. 4/55-60) and although not expressly cited, Official Notice is taken that preventing processing associated with tasks unrelated to the processing associated with authenticating the user and sending the at least one command would have been an old and well known in the art before the effective filling date of the invention offering the benefit of increased security.  
Although, as presented above, one could argue that in the broadest reasonable interpretation the virtual desktop server and authentication engine processing tasks resulting in the required limitations could be interpreted as a desktop virtualization system including at least one virtualization system processor, having a system utilizing a variety of tasks, such as authenticating and offering virtual desktop capabilities to access resources, would have an obvious variant skill in the art before the effective filling date of the invention (see Wang’s virtualization host in Fig. 1 and discussed in the associated text, for example) merely amounting to a design choice while offering the predictable benefit of customization.
Dotan as modified, does not require placing the client device in communication with the access point through at least one network being based on authentication of a user of client device.  However, in the related art, Nagami suggest such .

Claims 4-12 and 15-20 are rejected under 35 U.S.C. 103 as being unpatentable over Dotan (USPN 8701174) in view of Wang (USPUB 20180375921) and Nagami (USPUB 20080092217), and further in view of Mozer (USPUB 20020194003) and Grandcolas (USPUB 20070050840).
As per claims 4-6, 8-10, 15-17 and 19, Dotan (/as modified) teaches the client device supplying credentials to the virtualization system processor for authenticating user but fails to teach the client comprising biometric sensor providing additional biometric credentials and the processor determining that the received additional biometric credentials match known credentials of the user.  However, in the related art, Mozer suggests such solution (client system 210 includes a biometric input device for gathering biometric data of a user, para 21, client prompts the user for 
As per claims 7 and 18, Dotan (/as modified) teaches receiving the one-time passcode from the client device; and determining that the one-time passcode from the client device matches the one-time passcode (authenticating when received from the client device correct OTP, e.g. 7/7-46) but fails to teach the one-one time passcode issued by the authentication service.  However, implementing known solution of the authentication service matching the issued one-time passcode as illustrated by Grandcolas (transaction server generates one-time activation code for delivery to the customer’s email address and determines whether the received one-time code is valid, see para 59-60, for example) offering the predictable benefit of security and customization. 
As per claims 11-12 and 20, Dotan (/as modified) teaches upon successful authentication of the information received from the client launching the secure browser in the virtual desktop to enable access to resource to utilize a banking application (if authentication successful the user is enabled to access to resources such as a banking website via browser application 102, at least one server processor, 6/7-17, 9/18-19, etc.) but Dotan (/as modified) does not expressly teach receive user authentication information from the secure browser; and prior to ). However, in the related art, Grandcolas (the customer selecting on a financial institution portal a link to a sensitive transaction, an authorization page is displayed that explains the need for an authorization code.  The secret code entered by the customer on the authorization page is compared by the portal with the stored secret code, para 56, 61-62, etc.  A skilled in the art would appreciate that computing devices offer the functionalities using processors). It would have been obvious to one of ordinary skill in the art before the effective filling date of the invention to include Grandcolas’ teaching into Dotan’s (/as modified) invention given the predictable benefit of increased security and customization.

Conclusion

Allowable Subject Matter
Claims XXX are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.

Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP 
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to Peter Poltorak whose telephone number is (571) 272-3840.  The examiner can normally be reached Monday through Thursday from 9:00 a.m. to 5:00 p.m. 
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey Pwu can be reached on (571) 272-6798.  The fax phone number for the organization where this application or proceeding is assigned is (571) 273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
	/PIOTR POLTORAK/           Primary Examiner, Art Unit 2433