DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 8 June 2021 has been entered. In this amendment, claims 1, 4-7, 10-13, and 16-18 have been amended.
Claims 1-20 are presented for examination.

Response to Arguments
With regards to the objection to the drawings, the applicant has submitted amendments, and the examiner hereby withdraws the objection.
Applicant's arguments filed 8 June 2021 have been fully considered but they are not persuasive.
As to claims 1, 7, and 13, it is argued by the applicant's representative that Nathan does not disclose the visual hacking comprising an act of illicitly collecting confidential information from the protected endpoint by visual means. The examiner respectfully disagrees. The examiner notes that hacking is by definition the illegal gaining of access to a computer network or system and therefore illicit. Nathan discloses that an unauthorized viewer may purposely view content on the client device 
Further, as to claims 4, 10, and 16, it is argued by the applicant's representative that Nathan does not disclose that the surveillance image data contains content showing the capturing of the image of sensitive, confidential, or private information from the endpoint device. The examiner respectfully disagrees. Nathan discloses that camera-based security mechanism monitors the surroundings of the authorized user with viewer-facing cameras and detects additional unauthorized viewers viewing the displayed confidential information (i.e. capturing the confidential content from the device) (0020, lines 10-23; Figures 3A, 3B). 

Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.

Claim(s) 1, 2, 7, 8, 13, and 14 is/are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Nathan et al. (US 2014/0198958 A1 and Nathan hereinafter).
As to claims 1 and 13, Nathan discloses a system and method for camera-based portal content security, the system and method having:
receiving a surveillance image from a protected endpoint (client device), the protected endpoint comprising an endpoint device and an endpoint agent (client application), the endpoint agent monitoring user behavior during user/device interactions (0045, lines 1-2; 0053, lines 23-26; 146, 149, 102, Figure 1);
processing the surveillance image to generate surveillance image data (0043, lines 13-16); 
performing a visual hacking detection operation using the surveillance image data, the visual hacking detection operation determining whether visual hacking has been detected, the visual hacking comprising an act of illicitly collecting confidential information from the protected endpoint by visual means, the visual hacking comprising recording the confidential information by an unauthorized user without knowledge of an authorized user (i.e. additional viewer, optical device, or camera viewing displayed confidential portal content) (0020, lines 17-23; 0043, lines 13-16). 

As to claim 7, Nathan discloses
a processor (0048, line 5; 144, Figure 1); 
a data bus coupled to the processor (Figure 1); 
a non-transitory, computer-readable storage medium embodying computer program code, the non-transitory, computer-readable storage medium being coupled to the data bus, the computer program code interacting with a plurality of computer operations and comprising instructions executable by the processor and configured for (0090, lines 1-4): 
receiving a surveillance image from a protected endpoint (client device), the protected endpoint comprising an endpoint device and an endpoint agent (client application), the endpoint agent monitoring user behavior during user/device interactions (0045, lines 1-2; 0053, lines 23-26; 146, 149, 102, Figure 1);
processing the surveillance image to generate surveillance image data (0043, lines 13-16); 
performing a visual hacking detection operation using the surveillance image data, the visual hacking detection operation determining whether visual hacking has been detected, the visual hacking comprising an act of illicitly collecting confidential information from the protected endpoint by visual means, the visual hacking comprising recording the confidential information by an unauthorized user without knowledge of an authorized user (i.e. additional viewer, optical device, or camera viewing displayed confidential portal content) (0020, lines 17-23; 0043, lines 13-16).

As to claims 2, 8, and 14, Nathan discloses:
blocking content from being displayed on the endpoint device (obfuscate confidential portal content) (0020, lines 21-23). 

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 4-6, 10-12, and 16-18 is/are rejected under 35 U.S.C. 103 as being unpatentable over Nathan in view of Anderson et al. (US 2010/0205667 A1 and Anderson hereinafter).
As to claims 4, 10, and 16, Nathan discloses:
wherein: the visual hacking comprises illicitly capturing of an image of sensitive, confidential or private information from the endpoint device (viewer views, captures with camera) (0020, lines 19-21); 
the surveillance image data contains content showing the capturing of the image of sensitive, confidential or private information from the endpoint device by the unauthorized user (0020, lines 19-21);
the content showing the capturing of the image is processed with associated event data to generate a stream of event data (0053, lines 7-34).
It is also believed that Anderson discloses a system and method for video-based privacy support, the system and method having:
the content showing the capturing of the image is processed with associated event data to generate a stream of event data (0075, lines 3-8).
Given the teaching of Anderson, a person having ordinary skill in the art before the effective filing date of the claimed invention would have readily recognized the desirability and advantages of modifying the teachings of Nathan with the teachings of Anderson by processing a surveillance image with associated event data to generate a stream. Anderson recites motivation by disclosing that processing surveillance data allows a user or authorized personnel to track and analyze a plurality of incidents to look for patterns (0083, lines 12-16). It is obvious that the teachings of Anderson would have improved the teachings of Nathan by processing surveillance data in order to track and analyze incidents to look for patterns.


performing a risk-adaptive protection operation when visual hacking has been detected (obfuscates displayed content), the risk-adaptive operation being performed by a security analytics system, the security analytics system receiving the stream of event data (0020, lines 21-23). 
It is also believed that Anderson discloses:
performing a risk-adaptive protection operation when visual hacking has been detected, the risk-adaptive operation being performed by a security analytics system, the security analytics system receiving the stream of event data (0075, lines 3-8).
Given the teaching of Anderson, a person having ordinary skill in the art before the effective filing date of the claimed invention would have readily recognized the desirability and advantages of modifying the teachings of Nathan with the teachings of Anderson by receiving the stream and performing a risk-adaptive operation. Please refer to the motivation recited above with respect to claims 4, 10, and 16 as to why it is obvious to apply the teachings of Anderson to the teachings of Nathan.

As to claims 6, 12, and 18, Nathan does not explicitly disclose:
wherein: the risk-adaptive protection operation interacts with a risk-adaptive security policy, the risk-adaptive security policy comprising a security policy implemented to be revised by a security analytics system to adaptively remediate risk when performing the visual hacking detection operation. 
Nonetheless, this feature is well known in the art and would have been an obvious modification of the teachings disclosed by Nathan, as taught by Anderson.
Anderson discloses:
wherein: the risk-adaptive protection operation interacts with a risk-adaptive security policy, the risk-adaptive security policy comprising a security policy implemented to be revised by a security analytics system to adaptively remediate risk when performing the visual hacking detection operation (0075, lines 3-8; 0082, lines 1-6). 
Given the teaching of Anderson, a person having ordinary skill in the art before the effective filing date of the claimed invention would have readily recognized the desirability and advantages of modifying the teachings of Nathan with the teachings of Anderson by revising a security policy. Please refer to the motivation recited above with respect to claims 4, 10, and 16 as to why it is obvious to apply the teachings of Anderson to the teachings of Nathan.

Claims 3, 9, and 15 is/are rejected under 35 U.S.C. 103 as being unpatentable over Nathan as applied to claims 1, 7, and 13 above, and further in view of Koganti et al. (US 2017/0329966 A1 and Koganti hereinafter).
As to claims 3, 9, and 15, Nathan fails to specifically disclose:
wherein: the visual hacking detection operation results in one of a true positive determination, a false positive determination, a true negative determination, a false negative determination and an indeterminate determination. 
Nonetheless, this feature is well known in the art and would have been an obvious modification of the teachings disclosed by Nathan, as taught by Koganti.
Koganti discloses a system and method for electronic device based security management, the system and method having:
wherein: the visual hacking detection operation results in one of a true positive determination, a false positive determination, a true negative determination, a false negative determination and an indeterminate determination (0010, lines 12-19, 30-35; 0050, lines 1-7). 
Given the teaching of Koganti, a person having ordinary skill in the art before the effective filing date of the claimed invention would have readily recognized the desirability and advantages of modifying the .

Claims 19 and 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Nathan as applied to claim 13 above, and further in view of Zhang et al. (US 2006/0117172 A1 and Zhang hereinafter).
As to claim 19, Nathan discloses:
wherein the computer executable instructions are deployable to a client system from a server system at a remote location (0087, lines 15-18; 0094, lines 1-6). 
Zhang also discloses a system and method for transparence computing on a computer network, the system and method having:
wherein the computer executable instructions are deployable to a client system from a server system at a remote location (0031, lines 17-19).
Given the teaching of Zhang, a person having ordinary skill in the art before the effective filing date of the claimed invention would have readily recognized the desirability and advantages of modifying the teachings of Nathan with the teachings of Zhang by using instructions deployable to a client from a remote server, as is well-known and commonly used. Zhang recites motivation by disclosing that using deployable instructions provides software tools to user devices (0004, lines 4-11). It is obvious that the teachings of Zhang would have improved the teachings of Nathan by using instructions deployable to clients from a remote server in order to provide software tools to clients.

As to claim 20, Nathan fails to specifically disclose:
wherein the computer executable instructions are provided by a service provider to a user on an on-demand basis. 
Nonetheless, this feature is well known in the art and would have been an obvious modification of the teachings disclosed by Nathan, as taught by Zhang.
wherein the computer executable instructions are provided by a service provider to a user on an on-demand basis (0031, lines 17-19). 
Given the teaching of Zhang, a person having ordinary skill in the art before the effective filing date of the claimed invention would have readily recognized the desirability and advantages of modifying the teachings of Nathan with the teachings of Zhang by using instructions provided by a service provider on an on-demand basis, as is well-known and commonly used. Please refer to the motivation recited above with respect to claim 19 as to why it is obvious to apply the teachings of Zhang to the teachings of Nathan.

Prior Art Made of Record
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
Buck (US 2014/0201844 A1) discloses a system and method for detection of and privacy preserving response to observation of display screen.
Kratz et al. (US Patent 9,355,236 B1) discloses a system and method for biometric user authentication using 3D in-air hand gestures.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SARAH SU whose telephone number is (571)270-3835.  The examiner can normally be reached on 7:30 AM - 4:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn Feild can be reached on 571-272-2092.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




/SARAH SU/Primary Examiner, Art Unit 2431