DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . This office action is in response to the application filed on 07/08/2021. Claims 1, 10, and 16 are amended.  Claims 3-4, 8, and 19 are cancelled. Claims 1-2, 5-7, 9-18, and 20.
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. 
Examiner Note 
This Corrected Notice of Allowance has been issued to include consideration of IDS filed on 07/28/2021.
Terminal Disclaimer


The terminal disclaimer filed on 07/29/2020 disclaiming the terminal portion of any patent granted on this application which would extend beyond the expiration date of U.S. Patent applications No. 15865887, 15935245, and 15932242 have been reviewed and is accepted.  The terminal disclaimer has been recorded.

Allowable Subject Matter
Claims 1-2, 5-7, 9-18, and 20 are allowed.
The following is an examiner’s statement of reasons for allowance:
The present invention is relates to a system and method for extending zones of control through a hotspot for communications to and from computing devices based on specific criteria corresponding to zones of control. An encrypted virtual private network (VPN) for a browsing session may be established at a first computing device and remote server computers matching the parameters of the established zone. Then, a user of the first computing device may further establish a wireless hotspot network suited to allow additional remote computing devices to piggy-back on the one or more established encrypted virtual private networks. Thus, other connected devices using the hotspot connection to reach a broader computer network (e.g., the Internet) are then also taking advantage of the encrypted VPN being provided by the host of the hotspot. Each connected computing device may then also have various communications isolated through zonal control from the hotspot device.
Regarding claim 1, although the prior art of record teaches a processor configured to execute instructions stored in a memory; a software-based browser module stored in the memory and configured to be executed by the processor and configured to establish first and second encrypted communication links with respective first and second external computing devices; a software-based zone control module stored configured to be executed by the processor in the memory and controlled by the browser module; a hardware-based communication module coupled to the processor and configured to communicate with the one or more external computing devices through a Serial No.: 15/932,254 Atty Docket No.: 011172.003US1 Atty/Agent: Kevin D. Jablonskicomputer network using the communication link through the browser module wherein communications are isolated in the first zone of control, the communication module further configured to establish a local hotspot network wherein communications through the local hotspot network are isolated in the first zone of control; and a cache memory exclusively associated with the first zone of control and configured to store data associated with communications within the first zone of control such that access to the cache memory from any other communication link outside of the first zone of control is prevented.
None of the prior art, alone or in combination teaches establish a first zone of control having permission rules based on specific server locations wherein only certain types of files or sites are allowed to load from the first zone of control, the first zone of control isolating communications Serial No.: 15/932,254 Atty Docket No.: 011172.003US1 Atty/Agent: Kevin D. Jablonskicoordinated by the browser module based on a first user-generated customized criteria that identifies a first geographic region corresponding exclusively to a first physical location of at least a first one of the one or more external computing devices such that communications that originate outside of the first zone of control are restricted from accessing data generated by the communications within the first zone of control without impacting communications coordinated by the communication module; and establish a second zone of control having permission rules based on specific server locations wherein only certain types of files or sites are allowed to load from the second zone of control, the second zone of control isolating communications coordinated by the browser module based on second user- generated customized criteria that identifies a second geographic region that is mutually exclusive of the first geographic region, the second geographic region corresponding exclusively to a second physical location of at least a second one of the one or more external computing devices such that communications that originate outside of the second zone of control are restricted from accessing data generated by the communications within the second zone of control without impacting communications coordinated by the communication module, the second permission rules based on the second geographic region wherein at least one file type does not have permission to be communication to the browser modules within the second zone of control in view of the other limitations of claim 1.
Regarding claim 10, although the prior art of record teaches a server computing device configured to communicate data through a computer network; a first local computing device configured to communicate with the server computing device through the computer network, the first local computing device further comprising: a processor configured to execute instructions stored in a memory; a software-based browser module stored in the memory and configured to be executed by the processor and configured to establish first and second encrypted communication links with respective first and second external computing devices; a hardware-based communication module coupled to the processor and configured to communicate with the one or more external computing devices through a computer network using the communication link through the browser module wherein communications are isolated in the first zone of control, the communication module further configured to establish a local hotspot network wherein communications through the local hotspot network are isolated in the first zone of control; and a cache memory exclusively associated with the first zone of control and configured to store data associated with communications within the first zone of control such that access to the cache memory from any other communication link outside of the first zone of control is prevented; and a second local computing device configured to connect to the local hotspot network and configured to communicate data through the second zone of control.
 establish a first zone of control having permission rules based on specific server locations wherein only certain types of files or sites are allowed to load from the first zone of control, the first zone of control isolating communications coordinated by the browser module based on a first user-generated customized criteria that identifies a first geographic region corresponding exclusively to a first physical location of at least a first one of the one or more external computing devices such that communications that originate outside of the first zone of control are restricted from accessing data generated by the communications within the first zone of control without impacting communications coordinated by the communication module; and establish a second zone of control having permission rules based on specific server locations wherein only certain types of files or sites are allowed to load from the second zone of control, the second zone of control isolating communications coordinated by the browser module based on second user- generated customized criteria that identifies a second geographic region that is mutually exclusive of the first geographic region, the second geographic region corresponding exclusively to a second physical location of at least a second one of the one or more external computing devices such that communications that originate outside of the second zone of control are restricted from accessing data generated by the communications within the second zone of control without Serial No.: 15/932,254 Atty Docket No.: 011172.003US1 Atty/Agent: Kevin D. Jablonskiimpacting communications coordinated by the communication module, the second permission rules based on the second geographic region wherein at least one file type does not have permission to be communication to the browser modules within the second zone of control in view of the other limitations of claim 10.
Regarding claim 16, although the prior art of record teaches instantiating a browser having a private encrypted communication channel at a first local computing device; Serial No.: 15/932,254 Atty Docket No.: 011172.003US1 Atty/Agent: Kevin D. Jablonskiestablishing a first zone of control associated with received data from at least one external computing device, the first zone of control associated with the instantiated browser and associated with a first isolated cache memory; isolating communications coordinated by the instantiated browser that occur outside of the first and second zones of control from communications that occur within the first and second zones of control via encryption and isolating communications between the first and second zones such that access by a communication within the second zone of control to data stored in the first cache memory is prevented and such that access by a communication within the first zone of control to data stored in the second cache memory is prevented; and facilitating communication of the isolated communications within the zone of control with a second local computing device through a local hotspot network.
None of the prior art, alone or in combination teaches the first zone of control having permission rules based on specific server locations wherein only certain types of files or sites are allowed to load from the first zone of control, the first zone of control isolating communications coordinated by the browser module based on a first user-generated customized criteria that identifies a first geographic region corresponding exclusively to a first physical location of at least a first one of the one or more external computing devices such that communications that originate outside of the first zone of control are restricted from accessing data generated by the communications within the first zone of control without impacting communications coordinated by the communication module; establishing a first zone of control associated with received data from at least one external computing device, the first zone of control associated with the instantiated browser and associated with a first isolated cache memory, the second zone of control having permission rules based on specific server locations wherein only certain types of files or sites are allowed to load from the second zone of control, the second zone of control isolating communications coordinated by the browser module based on second user-generated customized criteria that identifies a second geographic region that is mutually exclusive of the first geographic region, the second geographic region corresponding exclusively to a second physical location of at least a second one of the one or more external computing devices such that communications that originate outside of the second Serial No.: 15/932,254_10- Atty Docket No.: 011172.003US1 Atty/Agent: Kevin D. Jablonskizone of control are restricted from accessing data generated by the communications within the second zone of control without impacting communications coordinated by the communication module, the second permission rules based on the second geographic region wherein at least one file type does not have permission to be communication to the browser modules within the second zone of control in view of the other limitations of claim 16.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Conclusion

Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHAHRIAR ZARRINEH whose telephone number is (571)272-1207.  The examiner can normally be reached on Monday-Friday, 8:30am-5:30pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is 
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni Shiferaw can be reached on 571-272-3867.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/SHAHRIAR ZARRINEH/Examiner, Art Unit 2497