DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Specification
The disclosure is objected to because of the following informalities:
In paragraph 52, line 18, “248” should be -246-.
In paragraph 144, line 7, “operation 906” should be –operation 905-.
Appropriate correction is required.

Drawings
The drawings are objected to because:
In Figure 2, “152” should be -252-.
In Figure 2, “Public Internet 284” should be –Public Internet 248-.
The drawings are objected to as failing to comply with 37 CFR 1.84(p)(4) because reference character “284” has been used to designate both the Public Internet and the software development kit.
Corrected drawing sheets in compliance with 37 CFR 1.121(d) are required in reply to the Office action to avoid abandonment of the application. Any amended replacement drawing sheet should include all of the figures appearing on the immediate prior version of the sheet, even if only one figure is being amended. The figure or figure number of an amended drawing should not be labeled as “amended.” If a drawing figure is to be canceled, the appropriate figure must be removed from the replacement sheet, and where necessary, the remaining figures must be renumbered and appropriate changes made to the brief description of the several views of the drawings for consistency. Additional 

Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


Claim(s) 1-20 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by White et al. (US 2018/0020001), hereafter referred to as White’001.

Referring to independent claim 1, White’001 anticipates a method of managing access to data in secured containers, the method comprising: providing, via an embedded browser of a client application (built-in applications including browser application, paragraph 128, lines 2-4) on a client device (end-user device 104, see figure 1 and paragraph 17, lines 11-12), access to a first network application hosted on a server (request for data sent to mobile services cloud platform, see figure 4, step 408 and 

As to claim 2, White’001 anticipates the method of claim 1, further comprising determining, in accordance to the application of the policy (policy decision and policy constraints 202 received, see figure 5, step 520 and paragraph 60, lines 1-3), whether to restrict a replication of the data stored in the secure container onto a second network application of the plurality of network applications (determine if the policy decision was to restrict access to sensitive data 204, see figure 5, step 522 and paragraph 60, lines 3-4).

As to claim 3, White’001 anticipates the method of claim 1, further comprising detecting, via the embedded browser, a command on the client to replicate the data stored in the secure container (additional contextual attributes, see figure 4, step 424 and paragraph 54, lines 1-4); and wherein applying the policy further comprises applying the policy in response to detecting the command to 

As to claim 4, White’001 anticipates the method of claim 3, further comprising identifying the data to be replicated corresponding to the command to replicate to apply the policy (reveal policy constraints and encrypted sensitive data 204, see figure 4, step 412 and paragraph 53, lines 2-5).

As to claim 5, White’001 anticipates the method of claim 1, further comprising modifying at least a portion of the data stored on the secure container to replicate onto a second network application of the plurality of network applications (sensitive data encrypted and encapsulated with policy constraints and decision in encrypted capsule, see figure 5, steps 526-528 and paragraph 60, lines 6-10).

As to claim 6, White’001 anticipates the method of claim 1, further comprising presenting, via the embedded browser, a prompt indicating a restriction of replication, responsive to determining to restrict the replication of the data (application displays error to the user in response to being informed of lack of access, see figure 4, step 420 and paragraph 53, lines 17-20).

As to claim 7, White’001 anticipates the method of claim 1, wherein applying the policy further comprises applying the policy based on at least one of: a source application, a destination application, a device type, a data type, a device location, or an account identifier (data privacy module 108 contains current contextual attributes of application 106/device 104/user 110 and compares attributes with context requirements, see figure 1 and paragraph 35, lines 3-6).



As to claim 9, White’001 anticipates the method of claim 1, wherein storing the data in the secure container further comprises encrypting the data to be stored (sensitive data encrypted and encapsulated with policy constraints and decision in encrypted capsule, see figure 5, steps 526-528 and paragraph 60, lines 6-10).

As to claim 10, White’001 anticipates the method of claim 1, wherein the secure container resides on at least one of the client device and the server hosting the first network application (encrypted capsule 120 received, see figure 4, step 410 and paragraph 53, lines 1-2).

As to independent claim 11, this claim mostly comprises the limitations of independent claim 1, as shown above.
Further, White’001 anticipates a system for managing access to data in secured containers, comprising: an embedded browser of a client application executable on one or more processors (processors 810, see figure 8 and paragraph 123, lines 8-9; “another machine” 870, see figure 8 and paragraph 137, line 15); and an interprocess communication (IPC) manager interfacing with the client application to perform the steps of the method of claim 1 (data privacy module 108 or application 106 running on end-user device 104 perform method 400, see figure 4 and paragraph 51, lines 3-5).



Note that claim 13 contains the corresponding limitations of claim 3 as shown above; therefore, it is rejected using the same reasoning accordingly.

Note that claim 14 contains the corresponding limitations of claim 4 as shown above; therefore, it is rejected using the same reasoning accordingly.

Note that claim 15 contains the corresponding limitations of claim 5 as shown above; therefore, it is rejected using the same reasoning accordingly.

Note that claim 16 contains the corresponding limitations of claim 6 as shown above; therefore, it is rejected using the same reasoning accordingly.

Note that claim 17 contains the corresponding limitations of claim 7 as shown above; therefore, it is rejected using the same reasoning accordingly.

Note that claim 18 contains the corresponding limitations of claim 8 as shown above; therefore, it is rejected using the same reasoning accordingly.

Note that claim 19 contains the corresponding limitations of claim 9 as shown above; therefore, it is rejected using the same reasoning accordingly.

.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Qureshi et al. (US 2014/0006347) appears to disclose a secure document manager comprising an access manager to enable specific applications to access data stored in particular containers.
Luo et al. (US 2018/0268156) appears to disclose a secure access manager maintaining a data structure with a table of entries corresponding to secure containers.
Redberg (US 2015/0154418) appears to disclose each client being controlled via a rights management system whereby the manner of encryption, storage, access, and management of files and related metadata is controlled, as well as the mode in which multiple cloud providers interact with the client across one or more cloud platforms.
Barton et al. (US 2014/0108793) appears to disclose a mobile device configuring secure containers defined by a policy for a managed application.

Contact Information
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JOHN B ROCHE whose telephone number is (571)270-1721.  The examiner can normally be reached on Monday-Friday, 10:30 - 7.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/J.B.R/Examiner, Art Unit 2184                                                                                                                                                                                                        


/HENRY TSAI/Supervisory Patent Examiner, Art Unit 2184