DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . This office action is in response to the application filed on 05/10/2021. Claims 1, 6-8, 11, and 17-18 are amended.  Claims 10 and 19 are cancelled. Claims 1-9, 11-18, and 20 are pending.
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. 

Terminal Disclaimer

The terminal disclaimer filed on 05/10/2021 disclaiming the terminal portion of any patent granted on this application which would extend beyond the expiration date of U.S. Patent applications No. 15932242, 15935545, and 15932254 have been reviewed and is accepted.  The terminal disclaimer has been recorded.

EXAMINER’S AMENDMENT
An examiner's amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.

Authorization also was giving over the phone by Kevin Jablonski on 05/30/2021 to cancel claims 17-18, and 20 and amend claim 11. 
 The application has been amended as follows:
Please replace claim 1 with:
.        (Currently Amended)         A computing device, comprising:
           a processor configured to execute instructions stored in a memory; 
           a hardware-based communication module coupled to the processor and configured to communicate with one or more external computing devices through a computer network; 
           a software-based browser module stored in the memory and configured to be executed by the processor and configured to establish a communication link to at least one of the one or more external computing devices using the communication module; 
           a software-based zone control module stored in the memory configured to be executed by the processor and controlled by the browser module, the zone control module further configured to:
establish a first zone of control having permission rules based on specific server locations wherein only certain types of files or sites are allowed to load from the first zone of control, the first zone of control based on a first user-generated customized criteria that identifies a first geographic region corresponding exclusively to a first physical location of at least a first one of the one or more external computing devices such that communications that originate outside of the first zone of 
establish a second zone of control having permission rules based on specific server locations wherein only certain types of files or sites are allowed to load from the second zone of control, the second zone of control based on second user-generated customized criteria that that identifies a second geographic region that is mutually exclusive of the first geographic region, the second geographic region corresponding exclusively to a second physical location of at least a second one of the one or more external computing devices such that communications that originate outside of the second zone of control are restricted from accessing data generated by the communications within the second zone of control without impacting communications coordinated by the communication module , the second permission rule based on the second geographic region wherein at least one file type does not have permission to be communicated to the browser module within the second zone of control; 
a first cache memory exclusively associated with the first zone of control and configured to store data associated with communications within the first zone of control such that access to the first cache memory from any other communication channel outside of the first zone of control is prevented; and 
a second cache memory exclusively associated with the second zone of control and configured to store data associated with communications within the second zone of control such that access to the second cache memory from any other communication channel outside of the second zone of control and communications from within the first zone of control is prevented.   

Please cancel claim 6 .

Please replace claim 7 with:
7.        (Currently Amended)         The computing device of claim 1, wherein the first criteria further comprise a first domain-level distinction among the one or more external computing devices and the second criteria further comprise a second domain-level distinction among the one or more external computing devices.  

Please cancel claim 8 .

Please replace claim 11 with:
11.      (Currently Amended)         A computing system, comprising:
a first remote computing device configured to communicate data through a computer network, the first remote computing device physically located in a first geographic region; 
a second remote computing device configured to communicate data through the computer network, the second remote computing device physically located in a second geographic region;
a local computing device configured to communicate with the first remote computing device and the second remote computing device through the computer network, the local computing device further comprising:
           a processor configured to execute instructions stored in a memory; 
           a hardware-based communication module coupled to the processor and configured to facilitate communications associated with the local computing device through the computer network; 
first remote computing device and the second remote computing device 
                    a software-based zone control module stored in the memory and configured to be executed by the processor and controlled by the browser module, the zone control module further configured to:
establish a first zone of control having permission rules based on specific server locations wherein only certain types of files or sites are allowed to load from the first zone of control, the first zone of control based on a first user-generated customized criteria that that identifies the first geographic region such that communications that occur outside of the first zone of control are restricted from accessing data generated by the communications within the first zone of control without impacting communications coordinated by the communication module; and  
establish a second zone of control having permission rules based on specific server locations wherein only certain types of files or sites are allowed to load from the second zone of control, the second zone of control based on second user-generated customized criteria that identifies the second geographic region such that communications that occur outside of the second zone of control are restricted from accessing data generated by the communications within the second zone of control without impacting communications coordinated by the communication module.   
a first cache memory exclusively associated with the first zone of control and configured to store data associated with communications within the first zone of control such that access to the first cache memory from any other communication channel outside of the first zone of control is prevented; and 
a second cache memory exclusively associated with the second zone of control and configured to store data associated with communications within the second zone of control such that access to the second cache memory from any other communication channel outside of the second zone of control and communications from within the first zone of control is prevented.   

Please replace claim 12 with:
12.      (Currently Amended)         The computer system of claim 11, wherein the local computing device comprises a mobile computing device. 

Please replace claim 13 with:
13.      (Currently Amended)         The computer system of claim 11, wherein the first remote computing device comprises a server computing device.  

Please replace claim 14 with:
14.      (Currently Amended)         The computer system of claim 11, further comprising a third remote computing device configured to communicate with the local computing device outside of the first and second zones of control.  

Please replace claim 15 with:
15.      (Currently Amended)         The computer system of claim 11, further comprising a proxy server computing device coupled between the first remote computing device and the local computing device and within the first zone of control.  
Please replace claim 16 with:
16       (Currently Amended)         The computer system of claim 11, further comprising a third remote computing device that is within a third zone of control such that the third zone of control isolates communications coordinated by the browsing module that occur outside of the third zone of control and restricts other computing devices outside of the third zone of control from accessing data generated by the communications within the third zone of control without impacting communications in the first or second zones of control. 
Please cancel claims 17-18 .
Please cancel claim 20.
Allowable Subject Matter
Claims 1-5, 7, 9, and 11-16 are allowed.
The following is an examiner’s statement of reasons for allowance:
The present invention is relates to a system and method for establishing zones of control for communications among computing devices. Zones of control refer to the concept of unique user- controlled silos separating the interactions between computer devices over the network. When the user of a device connects to a networked computing environment of any kind, at least some data may be sent from the user's device onto the network, as well as downloaded to the user's device. These "data interactions" are usually frequent and numerous. With a private 
Regarding claim 1, although the prior art of record teaches a processor configured to execute instructions stored in a memory; a hardware-based communication module coupled to the processor and configured to communicate with one or more external computing devices through a computer network; a software-based browser module stored in the memory and configured to be executed by the processor and configured to establish a communication link to at least one of the one or more external computing devices using the communication module; a software-based zone control module stored in the memory configured to be executed by the processor and controlled by the browser module, the zone control module further configured to: a first cache memory exclusively associated with the first zone of control and configured to store data associated with communications within the first zone of control such that access to the first cache memory from any other communication channel outside of the first zone of control is prevented; and a second cache memory exclusively associated with the second zone of control and configured to store data associated with communications within the second zone of control such that access to the second cache memory from any other communication channel outside of the second zone of control and communications from within the first zone of control is prevented.   
None of the prior art, alone or in combination teaches establish a first zone of control having permission rules based on specific server locations wherein only certain types of files or sites are allowed to load from the first zone of control, the first zone of control isolating communications coordinated by the browsing module based on a first user-generated customized criteria that identifies a first geographic region corresponding exclusively to a first physical location of at least a first one of the one or more external computing devices such that communications that originate outside of the first zone of control are restricted from accessing data generated by the communications within the first zone of control without impacting communications coordinated by the communication module; and  establish a second zone of control having permission rules based on specific server locations wherein only certain types of files or sites are allowed to load from the second zone of control, the second zone of control  in view of the other limitations of claim 1.
Regarding claim 11, although the prior art of record teaches  a processor configured to execute instructions stored in a memory; a hardware-based communication module coupled to the processor and configured to facilitate communications associated with the local computing device through the computer network; a software-based browser module stored in the memory and configured to be executed by the processor and configured to establish a communication link to the first remote computing device and the second remote computing device using the communication module; and  a software-based zone control module stored in the memory and configured to be executed by the processor and controlled by the browser module, the zone control module further configured to: a first cache memory exclusively associated with the first zone of control and configured to store data associated with communications within the first zone of control such that access to the first cache memory from any other communication channel outside of the first zone of control is prevented; and a second cache memory exclusively associated with the second zone of control and configured to store data associated with communications within the second zone of control such that access to the second cache memory from any other communication channel outside of the second zone of control and communications from within the first zone of control is prevented.
None of the prior art, alone or in combination teaches establish a first zone of control having permission rules based on specific server locations wherein only certain types of files or sites are allowed to load from the first zone of control, the first zone of control isolating communications coordinated by the browsing module based on a first user-generated customized criteria that that identifies the first geographic region such that communications that occur outside of the first zone of control are restricted from accessing data generated by the communications within the first zone of control without impacting communications coordinated by the communication module; and  establish a second zone of control having permission rules based on specific server locations wherein only certain types of files or sites are allowed to load from the second zone of control, the second zone of control isolating communications coordinated by the browsing module based on second user-generated customized criteria that identifies the second geographic region such that communications that occur outside of the second zone of control are restricted from accessing data generated by the communications within the second zone of control without impacting communications coordinated by the communication module  in view of the other limitations of claim 11.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
Plummer(US2012/0096511)[ A machine-executable method implementable in a system operable to execute a browser application having at least one security-context zone and operable to apply at least one security policy to interaction between the system and web sites corresponding to domain identifiers populating the at least one security-context zone includes comparing a first set of domain identifiers populating a first security-context zone of the at least one security-context zone with a second set of domain identifiers.  The method further includes populating the first security-context zone with at least one second-set identifier not included in the first set of domain identifiers].
Wang(US2008/0313648) [Abstract, Systems and methodologies for accessing resources associated with a Web-based application in accordance with one or more embodiments disclosed herein may include a browser that obtains at least first resources from a first domain and second resources from a second domain and a resource management component that facilitates controlled communication between the first resources and the second resources and prevents the first resources and the second resources from accessing other resources that the first resources and the second resources are not permitted to access.  The resource management component may be further operable to contain restricted services in a sandbox containment structure and/or to isolate access-controlled resources in a service instance.  In addition, the resource management component may be operable to facilitate the flexible display of resources from disparate domains and/or controlled communication there between. s]. 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHAHRIAR ZARRINEH whose telephone number is (571)272-1207.  The examiner can normally be reached on Monday-Friday, 8:30am-5:30pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is 
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni Shiferaw can be reached on 571-272-3867.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/SHAHRIAR ZARRINEH/Examiner, Art Unit 2497