DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claims 1-20 are pending.
Claims 1 and 11 are currently amended. 
Response to Arguments
Applicant’s argument filed 06/30/2021 have been fully considered.
In response to Applicant’s argument that Niemela-Banerjee-Desai fails to disclose “identifying, based on the analyzing, a target network address that the application is configured to use to redirect the network device to a target network resource, the target network address being at least one of: embedded in a source code of the application or included in a list of trusted network addresses associated with the application; comparing the target network address to a whitelist of trusted target network addresses”. Examiner respectfully disagree. Banerjee teaches “comparing the target network address to a whitelist of trusted target network addresses”. Banerjee discloses “comparing the target network address to a whitelist of trusted target network addresses”. Banerjee teaches “discloses “the configuration file component 304 can identify any information regarding how an application(s) is configured to communicate with other application(s), including IP addresses (Interpreted that the application includes an ip address) and ports of the application(s), processes associated with the execution of the application(s), source/destination process endpoints, process hierarchy (e.g., parent process to child process), process path, command line arguments, user groups, and the like [0045].” This shows the when the application communicates with other application. It identifies the Ip address. Furthermore, Banerjee discloses “the whitelist agents can inspect configuration files for the applications to identify properties or configuration data associated with a given application. For example, in one 
Desai teaches “identifying, based on the analyzing, a target network address that the application is configured to use to redirect the network device to a target network resource, the target network address being at least one of: embedded in a source code of the application or included in a list of trusted network addresses associated with the application”. Desai discloses “application-level access control where access to certain network resources is not allowed from blacklisted applications or allowed only using a specific whitelisted application that conforms to the security standards of the enterprise. Evaluate the request, redirecting the request to an authorized app if the application is legitimate based on the whitelist [0061-0062]. the admin configures applications (e.g., whitelist, blacklist) and their custom URL schemes. REDIRECT to Application "SafeBrowser" if URL matches "*.company.com," (c) REDIRECT to Application "BOX" if URL contains "data.company.com," [0069] Fig 7 and 8 (interpreted as the application is configured to use the target network resource when it is included in a list of trusted network address with the application)”. Shows that URL (target network address) is being compared in order to determine if it needs to be redirected. It is being compared by a list of trusted network addresses associated with the application.

In response to 35 USC 103, Applicant’s arguments with respect to independent claim(s) 1 and 11 and along with their respective dependent claims have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.
Claim Rejections - 35 USC § 112
Claims 1 and 11 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement. The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA  35 U.S.C. 112, the inventor(s), at the time the application was filed, had possession of the claimed invention. Paragraph 66 discloses “authorization server 102 may maintain a whitelist or trusted list of network address information corresponding to destination network resources 103”. Paragraph 87 discloses “applications on network device 101 may have embedded network address information (e.g., URLs, URIs, IP addresses, etc.) that they are configured to use for outbound communications. For example, some applications may maintain network address information that they are configured to use, some may further include such network address information in their own whitelist (i.e., trusted list), and others may be hardcoded with network address information (i.e., as part of the application's source code)”. Nothing in the specification discloses that the whitelist being developed independent form target network resources embedded in the source code of the application. Dependent claims are also rejected for same rationale set forth above. 
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory 
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 2, 6, 7, 11, 12 16, and 17 is/are rejected under 35 U.S.C. 103 as being unpatentable over Niemela (US 20190188377), Banerjee et al. (US 20170093918 hereinafter as Banerjee), Desai et al. (US 20170223024 hereinafter Desai), and in further view of Singh et al. (US 20200145423 hereinafter Singh).
Re. claim 1, Niemela teaches a non-transitory computer readable medium including instructions that, when executed by at least one processor, cause the at least one processor to perform operations for detecting application misconfiguration security threats, the operations comprising: scanning a computing environment to identify an application on at least one an authorization server or a network device, the application being configured for network communications (Niemela teaches the behaviour of the computer system is monitored to detect one or more procedures of the monitored applications and/or services that do not match the expected behaviours of the monitored applications and services. Each procedure of the one or more procedures of the monitored applications and/or services is identified by a characteristic action and one or more expected actions. The procedures may include any one or more of: establishment of a secure session, communication over a secure session, network operations (interpreted that application configured for network communications) [0029]. The computer runs a number of further applications, and the security application 14 monitors actions taken by those further applications. The client computer 1 may connect to a server 2, and the security application 14 sends results of the monitoring to the server 2 for analysis, or the analysis may be performed at the client computer 1 by the security application (interpreted that application on the device)[0017]); assessing, based on the comparing, whether the network security configuration is misconfigured (Niemela teaches if one or more procedures is detected not to match the expected behaviours of the monitored applications and services, S307 is entered where said application and/or service is identified as malicious or suspicious. In an embodiment, upon detection of one or more procedures not matching the expected behaviours, the method may further comprise analysing whether the detected one or more procedures match activities that are required to exploit said vulnerability types and/or misconfigurations and determining the severity of maliciousness of said application and/or service on the basis of the result of the analysis [0030]); and providing, based on a determination that the network security configuration is misconfigured, a configuration validation status indicating a misconfiguration vulnerability in the application (Niemela teaches the security application may provide a warning about the detected vulnerability/misconfiguration [0028]).
Although Niemela discloses detecting misconfigurations in a database, Niemela does not explicitly discloses but Banerjee discloses analyzing a network security configuration of the application (Banerjee  teaches the whitelist agent(s) can determine what web servers, application servers, databases, scripting engines, etc., deployed to the computing instance, are used for executing an application for an end-user. Once determined, the whitelist agents can inspect configuration files for the applications to identify properties or configuration data associated with a given application [0023]); comparing the target network address to a whitelist of trusted target network addresses (Banerjee teaches the configuration file component 304 can identify any information regarding how an application(s) is configured to communicate with other application(s), including IP addresses (Interpreted that the application includes an ip address) and ports of the application(s), processes associated with the execution of the application(s), source/destination process endpoints, process hierarchy (e.g., parent process to child process), process path, command line arguments, user groups, and the like [0045]. The whitelist can be returned to the agent on a given virtual machine, and the agent can use the whitelist to evaluate network communication generated by the application. For example, in one embodiment, once the whitelist agent determines that a network communication is directed to an address that is not on the constructed whitelist, the whitelist agent can prevent the communication or raise an alert (e.g., to an administrator or end-user) [0023]).
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Banerjee into the invention of Niemela for the purpose of detecting anomalies to prevent network intrusion and improved protection against data exfiltration techniques (Banerjee [0022] [0055]).
Although Niemela-Banerjee discloses a destination address of the configuration files, Niemela-Banerjee do not explicitly disclose but Desai discloses Identifying, based on the application, a target network address that the application is configured to use to redirect the network device to a target network resource, the target network address being at least one of: embedded in a source code of the application or included in a list of trusted network addresses associated with the application (Desai application-level access control where access to certain network resources is not allowed from blacklisted applications or allowed only using a specific whitelisted application that conforms to the security standards of the enterprise. Evaluate the request, redirecting the request to an authorized app if the application is legitimate based on the whitelist [0061-0062]. the admin configures applications (e.g., whitelist, blacklist) and their custom URL schemes. REDIRECT to Application "SafeBrowser" if URL matches "*.company.com," (c) REDIRECT to Application "BOX" if URL contains "data.company.com," [0069] Fig 7 and 8 (interpreted as the application is configured to use the target network resource when it is included in a list of trusted network address with the application).
(Desai [0003]).
Although Niemela-Banerjee-Desai discloses whitelist, Niemela-Banerjee-Desai do not explicitly disclose but Singh discloses the whitelist being developed independent from target network resources embedded in the source code of the application (Singh teaches the specialized tool 54 scans content that is accessed by the users 30 to identify new network addresses 56 and stores the scanning results in a database 58. The specialized tool 54 periodically evaluates the scanning results to determine whether any new network addresses 56 should be included on the whitelist 52. The specialized tool 54 processes the web page source code to identify links ¶74. The specialized tool 54 may see that the employees read defect descriptions, comments, blogs, etc. which include embedded links to further information (i.e., additional content at other content sources 26) ¶86. Having a browser 160 (e.g., an embedded or hosted browser or other client app) that accesses VDI resources (e.g., a web app or a SaaS app, a simple URL, etc.) ¶91).
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Singh into the invention of Niemela-Banerjee-Desai for the purpose of the whitelist without requiring the users to make manual requests (Singh ¶39).
Re. claim 2, Niemela-Banerjee-Desai-Singh teach the non-transitory computer readable medium of claim 1. Although Niemela discloses identifying an application, Niemela does not explicitly disclose but Banerjee discloses wherein scanning the computing environment comprises scanning multiple applications (Banerjee teaches once the whitelist agents 106A-106N identify the application(s) 104A-104N, the whitelist agents 106A-106N can inspect configuration files 108A-108N to identify properties or configuration data associated with applications 104A-104N [0034]).
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Banerjee into the invention of Niemela for the purpose of detecting anomalies to prevent network intrusion and improved protection against data exfiltration techniques (Banerjee [0022] [0055]).
Re. claim 6, Niemela-Banerjee-Desai-Singh teach the non-transitory computer readable medium of claim 1, the operations further comprise disabling network communications capabilities for the target network address (Niemela teaches upon identifying said application and/or service as malicious or suspicious, the application and/or service is handled by one or more of: terminating a process of the application/service, terminating the characteristic action or an action resulting from the characteristic action, removing or otherwise making safe the application/service and performing a further malware scan on the application/service [0031]).
Although Niemela discloses comparing in a database, Niemela does not explicitly disclose but Banerjee discloses wherein when the target network address is not included in the whitelist of trusted target network addresses (Banerjee teaches once the whitelist agent determines that a network communication is directed to an address that is not on the constructed whitelist [0023]).
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Banerjee into the invention of Niemela for the purpose of detecting anomalies to prevent network intrusion and improved protection against data exfiltration techniques (Banerjee [0022] [0055]).
Re. claim 7, Niemela-Banerjee-Desai-Singh teach the non-transitory computer readable medium of claim 1, the operations further comprise generating an alert identifying the target network address (Niemela teaches an alert is triggered when detecting any operations on said applications/services that do not match “the baseline” and especially when said modifications match activities required to exploit a known vulnerability in said application [0031]).
Although Niemela discloses comparing in a database, Niemela does not explicitly disclose but Banerjee discloses wherein when the target network address is not included in the whitelist of trusted target network addresses (Banerjee teaches once the whitelist agent determines that a network communication is directed to an address that is not on the constructed whitelist [0023]).
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Banerjee into the invention of Niemela for the purpose of detecting anomalies to prevent network intrusion and improved protection against data exfiltration techniques (Banerjee [0022] [0055]).
Re. claim 11, Niemela discloses a computer-implemented method for detecting application misconfiguration security threats, the method comprising: scanning a computing environment to identify an application on at least one an authorization server or a network device, the application being configured for network communications (Niemela teaches the behaviour of the computer system is monitored to detect one or more procedures of the monitored applications and/or services that do not match the expected behaviours of the monitored applications and services. Each procedure of the one or more procedures of the monitored applications and/or services is identified by a characteristic action and one or more expected actions. The procedures may include any one or more of: establishment of a secure session, communication over a secure session, network operations (interpreted that application configured for network communications) [0029]. The computer runs a number of further applications, and the security application 14 monitors actions taken by those further applications. The client computer 1 may connect to a server 2, and the security application 14 sends results of the monitoring to the server 2 for analysis, or the analysis may be performed at the client computer 1 by the security application (interpreted that application on the device)[0017]); (Niemela teaches if one or more procedures is detected not to match the expected behaviours of the monitored applications and services, S307 is entered where said application and/or service is identified as malicious or suspicious. In an embodiment, upon detection of one or more procedures not matching the expected behaviours, the method may further comprise analysing whether the detected one or more procedures match activities that are required to exploit said vulnerability types and/or misconfigurations and determining the severity of maliciousness of said application and/or service on the basis of the result of the analysis [0030]); and providing, based on a determination that the network security configuration is misconfigured, a configuration validation status indicating a misconfiguration vulnerability in the application (Niemela teaches the security application may provide a warning about the detected vulnerability/misconfiguration [0028]).
Although Niemela discloses detecting misconfigurations in a database, Niemela does not explicitly discloses but Banerjee discloses analyzing a network security configuration of the application (Banerjee  teaches the whitelist agent(s) can determine what web servers, application servers, databases, scripting engines, etc., deployed to the computing instance, are used for executing an application for an end-user. Once determined, the whitelist agents can inspect configuration files for the applications to identify properties or configuration data associated with a given application [0023]); comparing the target network address to a whitelist of trusted target network addresses (Banerjee teaches the configuration file component 304 can identify any information regarding how an application(s) is configured to communicate with other application(s), including IP addresses (Interpreted that the application includes an ip address) and ports of the application(s), processes associated with the execution of the application(s), source/destination process endpoints, process hierarchy (e.g., parent process to child process), process path, command line arguments, user groups, and the like [0045]. The whitelist can be returned to the agent on a given virtual machine, and the agent can use the whitelist to evaluate network communication generated by the application. For example, in one embodiment, once the whitelist agent determines that a network communication is directed to an address that is not on the constructed whitelist, the whitelist agent can prevent the communication or raise an alert (e.g., to an administrator or end-user) [0023]).
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Banerjee into the invention of Niemela for the purpose of detecting anomalies to prevent network intrusion and improved protection against data exfiltration techniques (Banerjee [0022] [0055]).
Although Niemela-Banerjee discloses a destination address of the configuration files, Niemela-Banerjee do not explicitly disclose but Desai discloses Identifying, based on the application, a target network address that the application is configured to use to redirect the network device to a target network resource, the target network address being at least one of: embedded in a source code of the application or included in a list of trusted network addresses associated with the application (Desai application-level access control where access to certain network resources is not allowed from blacklisted applications or allowed only using a specific whitelisted application that conforms to the security standards of the enterprise. Evaluate the request, redirecting the request to an authorized app if the application is legitimate based on the whitelist [0061-0062]. the admin configures applications (e.g., whitelist, blacklist) and their custom URL schemes. REDIRECT to Application "SafeBrowser" if URL matches "*.company.com," (c) REDIRECT to Application "BOX" if URL contains "data.company.com," [0069] Fig 7 and 8 (interpreted as the application is configured to use the target network resource when it is included in a list of trusted network address with the application).
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Desai into the invention of (Desai [0003]).
Although Niemela-Banerjee-Desai discloses whitelist, Niemela-Banerjee-Desai do not explicitly disclose but Singh discloses the whitelist being developed independent from target network resources embedded in the source code of the application (Singh teaches the specialized tool 54 scans content that is accessed by the users 30 to identify new network addresses 56 and stores the scanning results in a database 58. The specialized tool 54 periodically evaluates the scanning results to determine whether any new network addresses 56 should be included on the whitelist 52. The specialized tool 54 processes the web page source code to identify links ¶74. The specialized tool 54 may see that the employees read defect descriptions, comments, blogs, etc. which include embedded links to further information (i.e., additional content at other content sources 26) ¶86. Having a browser 160 (e.g., an embedded or hosted browser or other client app) that accesses VDI resources (e.g., a web app or a SaaS app, a simple URL, etc.) ¶91).
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Singh into the invention of Niemela-Banerjee-Desai for the purpose of the whitelist without requiring the users to make manual requests (Singh ¶39).
Re. claim 12, Niemela-Banerjee-Desai-Singh teach the computer-implemented method of claim 11. Although Niemela discloses identifying an application, Niemela does not explicitly disclose but Banerjee discloses wherein scanning the computing environment comprises scanning multiple applications (Banerjee teaches once the whitelist agents 106A-106N identify the application(s) 104A-104N, the whitelist agents 106A-106N can inspect configuration files 108A-108N to identify properties or configuration data associated with applications 104A-104N [0034]).
(Banerjee [0022] [0055]).
Re. claim 16, Niemela-Banerjee-Desai-Singh teaches the computer-implemented method of claim 11, the operations further comprise disabling network communications capabilities for the target network address (Niemela teaches upon identifying said application and/or service as malicious or suspicious, the application and/or service is handled by one or more of: terminating a process of the application/service, terminating the characteristic action or an action resulting from the characteristic action, removing or otherwise making safe the application/service and performing a further malware scan on the application/service [0031]).
Although Niemela discloses comparing in a database, Niemela does not explicitly disclose but Banerjee discloses wherein when the target network address is not included in the whitelist of trusted target network addresses (Banerjee teaches once the whitelist agent determines that a network communication is directed to an address that is not on the constructed whitelist [0023]).
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Banerjee into the invention of Niemela for the purpose of detecting anomalies to prevent network intrusion and improved protection against data exfiltration techniques (Banerjee [0022] [0055]).
Re. claim 17, Niemela-Banerjee-Desai-Singh teach the computer-implemented method of claim 11, the operations further comprise generating an alert identifying the target network address (Niemela teaches an alert is triggered when detecting any operations on said applications/services that do not match “the baseline” and especially when said modifications match activities required to exploit a known vulnerability in said application [0031]).
 (Banerjee teaches once the whitelist agent determines that a network communication is directed to an address that is not on the constructed whitelist [0023]).
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Banerjee into the invention of Niemela for the purpose of detecting anomalies to prevent network intrusion and improved protection against data exfiltration techniques (Banerjee [0022] [0055]).
Claims 3 and 13 is/are rejected under 35 U.S.C. 103 as being unpatentable over Niemela (US 20190188377), Banerjee et al. (US 20170093918 hereinafter as Banerjee), Desai et al.  (US 20170223024 hereinafter Desai), Singh et al. (US 20200145423 hereinafter Singh), and in further view of D et al. (US 20180063140 hereinafter as D).
Re. claim 3, Niemela-Banerjee-Desai-Singh teaches the non-transitory computer readable medium of claim 1. Niemela-Banerjee-Desai-Singh discloses the network security configuration, Niemela-Banerjee-Desai-Singh do not explicitly disclose but D discloses wherein the network security configuration of the application is an OAuth configuration (D teaches the generic client library in turn interfaces with a data store that includes service-specific OAuth configuration information for each of a plurality of services. The generic client library may use the service-specific configuration information to make the hypertext transfer protocol (HTTP) calls required to complete the steps of the OAuth protocol. Once the steps of the OAuth protocol are complete, the application may use the resulting tokens to access resources provided by the services [0012]).
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by D into the invention of (D [0002]).
Re. claim 13, Niemela-Banerjee-Desai-Singh teach the computer-implemented method of claim 11. Niemela-Banerjee-Desai-Singh discloses the network security configuration, Niemela-Banerjee-Desai-Singh do not explicitly disclose but D discloses wherein the network security configuration of the application is an OAuth configuration (D teaches the generic client library in turn interfaces with a data store that includes service-specific OAuth configuration information for each of a plurality of services. The generic client library may use the service-specific configuration information to make the hypertext transfer protocol (HTTP) calls required to complete the steps of the OAuth protocol. Once the steps of the OAuth protocol are complete, the application may use the resulting tokens to access resources provided by the services [0012]).
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by D into the invention of Niemela-Banerjee-Desai-Singh for the purpose of authorizing third party applications to access resources in the service on behalf of clients without sharing a user's login credentials. (D [0002]).
Claims 4, 5, 14, and 15 is/are rejected under 35 U.S.C. 103 as being unpatentable over Niemela (US 20190188377), Banerjee et al. (US 20170093918 hereinafter as Banerjee), Desai et al.  (US 20170223024 hereinafter Desai), Singh et al. (US 20200145423 hereinafter Singh), and in further view of Srinivasan et al. (US 20190103968 hereinafter as Srinivasan).
Re. claim 4, Niemela-Banerjee-Desai-Singh teach the non-transitory computer readable medium of claim 1. Niemela-Banerjee-Desai-Singh discloses the target network resource and network device, Niemela-Banerjee-Desai-Singh do not explicitly disclose but Srinivasan discloses wherein the target network resource is a network resource accessible by the network device conditional on the network device asserting an access token (Srinivasan teaches Since the user has already been authenticated, at 220, Cloud Gate 114 then permits access to protected resource 108 [0072]. Distributed system 400 includes one or more client computing devices 402, 404, 406, and 408, coupled to a server 412 via one or more communication networks 410. Clients computing devices 402, 404, 406, and 408 may be configured to execute one or more applications, including non-confidential clients, that may use the services of a token relay system for acquiring access tokens [0116] Fig. 2 and 4).
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Srinivasan into the invention of Niemela-Banerjee-Desai-Singh for the purpose of acquiring tokens, which can then be used to securely access protected resources such as REST based web resources (Srinivasan [0003]).
Re. claim 5, Niemela-Banerjee-Desai-Singh-Srinivasan teaches the non-transitory computer readable medium of claim 4, furthermore Srinivasan discloses wherein the access token is dynamically provisioned by an authorization server (Srinivasan teaches token issuer authority 110 may be an authorization server such as an OAuth server that is configured to issue OAuth access tokens [0039] Fig. 2). 
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Srinivasan into the invention of Niemela-Banerjee-Desai-Singh for the purpose of acquiring tokens, which can then be used to securely access protected resources such as REST based web resources. Client can ask for a token without requiring an actual authorization code (Srinivasan [0003] [0009]).
Re. claim 14, Niemela-Banerjee-Desai-Singh teach the computer-implemented method of claim 11. Niemela-Banerjee-Desai-Singh discloses the target network resource and network device, Niemela-Banerjee-Desai-Singh do not explicitly disclose but Srinivasan discloses wherein the target network resource is a network resource accessible by the network device conditional on the network device asserting an access token (Srinivasan teaches Since the user has already been authenticated, at 220, Cloud Gate 114 then permits access to protected resource 108 [0072]. Distributed system 400 includes one or more client computing devices 402, 404, 406, and 408, coupled to a server 412 via one or more communication networks 410. Clients computing devices 402, 404, 406, and 408 may be configured to execute one or more applications, including non-confidential clients, that may use the services of a token relay system for acquiring access tokens [0116] Fig. 2 and 4).
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Srinivasan into the invention of Niemela-Banerjee-Desai-Singh for the purpose of acquiring tokens, which can then be used to securely access protected resources such as REST based web resources (Srinivasan [0003]).
Re. claim 15, Niemela-Banerjee-Desai-Singh teach the computer-implemented method of claim 14, furthermore Srinivasan discloses wherein the access token is dynamically provisioned by an authorization server (Srinivasan teaches token issuer authority 110 may be an authorization server such as an OAuth server that is configured to issue OAuth access tokens [0039] Fig. 2). 
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Srinivasan into the invention of Niemela-Banerjee-Desai-Singh for the purpose of acquiring tokens, which can then be used to securely access protected resources such as REST based web resources. Client can ask for a token without requiring an actual authorization code (Srinivasan [0003] [0009]).
Claims 8 and 18 is/are rejected under 35 U.S.C. 103 as being unpatentable over Niemela (US 20190188377), Banerjee et al. (US 20170093918 hereinafter as Banerjee), Desai et al.  (US 20170223024 hereinafter Desai), Singh et al. (US 20200145423 hereinafter Singh), and in further view of Geller et al. (US 8447829 hereinafter as Geller).
Re. claim 8, Niemela-Banerjee-Desai-Singh teach the non-transitory computer readable medium of claim 1. Niemela-Banerjee-Desai-Singh do not explicitly disclose but Geller discloses wherein the (Geller teaches ACS 150 may determine whether the principal 100 has sufficient privileges to perform the requested access operation with respect to the specified resource 140 (block 408) [Col 14 lines 45-48]).
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Geller into the invention of Niemela-Banerjee-Desai-Singh for the purpose of denying or offering a user access to all services based on the user authentication (Geller [Col 1 lines 42-50]).
Re. claim 18, Niemela-Banerjee-Desai-Singh teach the computer-implemented method of claim 11. Niemela-Banerjee-Desai-Singh do not explicitly disclose but Geller discloses wherein the operations further comprise determining, based on the target network address, whether an identity associated with the network device has sufficient privileges to access the target network resource (Geller teaches ACS 150 may determine whether the principal 100 has sufficient privileges to perform the requested access operation with respect to the specified resource 140 (block 408) [Col 14 lines 45-48]).
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Geller into the invention of Niemela-Banerjee-Desai-Singh for the purpose of denying or offering a user access to all services based on the user authentication (Geller [Col 1 lines 42-50]).
Claims 9, 10, 19, and 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Niemela (US 20190188377), Banerjee et al. (US 20170093918 hereinafter as Banerjee), Desai et al.  (US 20170223024 hereinafter Desai), Singh et al. (US 20200145423 hereinafter Singh), and in further view of Juncker et al. (US 20180375891 hereinafter as Juncker).
(Juncker teaches The user privilege criteria can also include an indication of whether the login user has elevated privileges regarding access to resources on the computing device 104 and/or the network [0042]. Other examples of privilege mitigation measures 114 include preventing access to privileged and/or confidential files, disabling network access, prompting a user to resolve an identified security risk, and/or disabling the computing device 104 [0046] Fig. 3 and 4).
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Juncker into the invention of Niemela-Banerjee-Desai-Singh for the purpose of preventing hackers from gaining access to computing device or network that may cause considerable damage. Improves security by reducing a security risk (Junker [0034] [0039]).
Re. claim 10, Niemela-Banerjee-Desai-Singh-Juncker teaches the non-transitory computer readable medium of claim 9, furthermore Juncker discloses wherein the operations further comprise performing, based on the determining whether the identity can elevate its privileges, at least one of: disabling the network device from accessing the target network resource or generating an alert (Juncker teaches The user privilege criteria can also include an indication of whether the login user has elevated privileges regarding access to resources on the computing device 104 and/or the network [0042]. Other examples of privilege mitigation measures 114 include preventing access to privileged and/or confidential files, disabling network access, prompting a user to resolve an identified security risk, and/or disabling the computing device 104 [0046] Fig. 3 and 4).
(Junker [0034] [0039]).
Re. claim 19, Niemela-Banerjee-Desai-Singh teach the computer-implemented method of claim 11. Niemela-Banerjee-Desai-Singh do not explicitly disclose but Juncker discloses wherein the operations further comprise determining, based on the target network address, whether an identity associated with the network device will elevate its privileges by accessing the target network resource (Juncker teaches The user privilege criteria can also include an indication of whether the login user has elevated privileges regarding access to resources on the computing device 104 and/or the network [0042]. Other examples of privilege mitigation measures 114 include preventing access to privileged and/or confidential files, disabling network access, prompting a user to resolve an identified security risk, and/or disabling the computing device 104 [0046] Fig. 3 and 4).
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Juncker into the invention of Niemela-Banerjee-Desai-Singh for the purpose of preventing hackers from gaining access to computing device or network that may cause considerable damage. Improves security by reducing a security risk (Junker [0034] [0039]).
Re. claim 20, Niemela-Banerjee-Desai-Singh teach the computer-implemented method of claim 19, furthermore Juncker discloses wherein the operations further comprise performing, based on the determining, at least one of: disabling the network device form accessing the target network resource or generating an alert (Juncker teaches The user privilege criteria can also include an indication of whether the login user has elevated privileges regarding access to resources on the computing device 104 and/or the network [0042]. Other examples of privilege mitigation measures 114 include preventing access to privileged and/or confidential files, disabling network access, prompting a user to resolve an identified security risk, and/or disabling the computing device 104 [0046] Fig. 3 and 4).
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Juncker into the invention of Niemela-Banerjee-Desai-Singh for the purpose of preventing hackers from gaining access to computing device or network that may cause considerable damage. Improves security by reducing a security risk (Junker [0034] [0039]).
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Dani et al. (US 20210021629) discloses a developer machine. Such machines will have lower security restrictions as they may have whitelisted applications. The system can also be a developer machine based on certain file types .
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to KEVIN A AYALA whose telephone number is (571)270-3912.  The examiner can normally be reached on Monday-Thursday 8AM-5PM; Friday: Variable EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Shewaye Gelagay can be reached on 571-272-4219.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/K.A./Examiner, Art Unit 2436                                                                                                                                                                                                        /SHEWAYE GELAGAY/Supervisory Patent Examiner, Art Unit 2436