DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Objections
Claims 1,14,16 are objected to because of the following informalities: 

With respect to claim 1, claim 1 recites the limitation “method comprising steps a computer processor” in line 2, should be changed to “method comprising steps, a computer processor”.

With respect to claim 1, line 4, the word "combing" is a typographical error, and for the purposes of this opinion, will be interpreted as the word "combining".

With respect to claim 1, claim 1 refers to "the remote client device", in line 9. There is a lack of antecedent basis for this limitations in the claim. For the purpose of this opinion, as best understood, the claim is interpreted to read "the client device" 

With respect to claim 14, line 1 "An apparatus of remote access computer security" contains a grammatical error. For the purpose of this opinion, as best understood, the preamble is interpreted to read "An apparatus for remote access computer security''.
The method of claim 24" in line 1, however, claim 24 is not present in the application. As best understood, claim 16 has been interpreted to depend on claim 14.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-3, 5-8, 10-12, 14-18, 20-23 are rejected under 35 U.S.C. 103 as being unpatentable over SINOR (2016/0335451) in view of RALEIGH et al (2017/0078922).
With respect to claims 1,14,23, SINOR discloses A computer implemented method of remote access computer security, the method comprising steps performed by a programmed computer processor (computer processor executes a set of instructions (programmed); paragraph [0083], the steps (method for protection of data stored on cloud-computing platform (remote access computer security); paragraph [0083]) comprising: by a computer, receiving and combining data on a client device, data on a user of the client device (a server (computer) receives and processes a remote client device login page (data on a client device) provided by a client application over a network operating communication protocol along with user credentials (data on a user of the client device) to access remotely stored data in storage device over a communication session (combining data); paragraphs [0047]-[0049], [0064]); client requests the server, access to remotely stored data over the communication session and the server provides data protection method (policy) that determines the data which is not accessible by the user; paragraphs [0013]; [0050]); and controlling remote access of the user to the information technology service using the client device over the network, based on the determined policy (based on data protection method, the user is not permitted access to certain data records that are remotely stored via the client application of the client device; paragraph [0013]).
SINOR does not explicitly disclose restricting activity of the user based on combination data of data on a network, and data on an information technology service. However, RALEIGH discloses a method comprising: restricting activity (para [0823], “user service usage activity (e.g., a service usage activity initiated by a device user) is being limited based on’) of the user based on combination data of data on a network (para [0823], “for the present network busy state or congestion state”), and data on an information technology service (para [0823], “for the present service plan at the present time”). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify SINOR by restricting activity of the user based on combination data of data on a network, and data on an information technology service taught by RALEIGH to use the system in different networks.




client device login page comprises client public and private key pair for encrypting and decrypting data (configuration of the client device); paragraphs [0012], [0064]).

With respect to claim 3, SINOR further discloses wherein the data on the client device comprises data listing at least one application installed on the client device (client device login page comprises client application installed on client device; paragraph [0064]).

With respect to claim 5, SINOR further discloses wherein said receiving of the data on the client device comprises communicating with a client application running on the client device and extracting at least a part of the data on the client device from configuration data of the client device (client device receives data by communicating with client application running on the client device, extracts client private key to decrypt the portions of data (part of the data on the client device) which are authorized to be accessed; paragraphs [0032], [0051]).

With respect to claim 7, SINOR further discloses wherein said receiving of the data on the client device comprises receiving a digital certificate indicating installation of a client application extracting data on the client device from configuration data of the client device, on the client device (receiving data on client device comprises receiving a certificate (digital certificate) from server upon establishing SSL connection, client application extracts client private key to decrypt the portions of data (part of the data on the client device} which are authorized to be accessed; paragraphs [0051], [0060]).

With respect to claim 8, SINOR further discloses wherein said receiving of the data on the network comprises communicating with a client application running on the client device and extracting at least a part of the data on the network, on the client device, from communication data pertaining to the network, while the client device is connected to the network (server provides encrypted data to the user over the network via client application running on the client device thereby the network extracts security protocol to be applied to the data (communication data pertaining to the network) of the client device while client device is connected to the network; paragraphs [0032], [0050], [0064]).

With respect to claim 10, SINOR further discloses wherein said receiving of the data on the network comprises receiving data on the network from at least one client device other than the client device in use by the user (receiving electronic communication from a remote computing device (other than the client device in use by the user) requesting access to data via the network operating with communication protocol; paragraphs [0016], [0032]).

With respect to claim 6, SINOR further discloses wherein said receiving of the data on the client device comprises receiving data indicating installation of a client application extracting data on the client device from configuration data of the client receiving data on the remote client device comprises authenticating user for receiving a certificate from server upon connection establishment (indicating installation) client application extracts client private key to decrypt the portions of data which are authorized to be accessed from client public key (from configuration data of the client device); paragraphs [0016], [0051], [0060]).

With respect to claim 11, SINOR further discloses wherein said receiving of the data on the information technology service comprises receiving data on configuration of the information technology service (remotely stored data received via server comprises receiving desired data from a web service (data on configuration of the information technology service); paragraph [0047]).

With respect to claim 12, SINOR further discloses wherein said receiving of the data on the information technology service comprises receiving data on user-configuration of the information technology service (remote storage device receives user request to access desired data records (data on user-configuration of the information technology service) stored in remote storage; paragraphs [0047]-[0049]).

With respect to claim 15, SINOR further discloses wherein said data receiver is further configured to receive at least a part of the data on the client device, by communicating with a client application running on the client device and extracting at least a part of the data on the client device from configuration data of the client device (client device receives data by communicating with client application running on the client device, extracts client private key to decrypt the portions of data which are authorized to be accessed; paragraphs [0032], [0051]).

With respect to claim 16, SINOR further discloses wherein said data receiver is further configured to receive at least a part of the data on the client device, by receiving data indicating installation of a client application extracting data on the client device from configuration data of the client device, on the client device (receiving data on the client device comprises receiving a certificate from server upon connection establishment client application extracts client private key to decrypt the portions of data which are authorized to be accessed from client public key; paragraphs [0051], [0060]).

With respect to claim 17, SINOR further discloses wherein said data receiver is further configured to receive at least a part of the data on the client device, by receiving a digital certificate indicating installation of a client application extracting data on the client device from configuration data of the client device, on the client device (receiving data on client device comprises receiving a certificate from server upon establishing SSL connection, client application extracts client private key to decrypt the portions of data which are authorized to be accessed; paragraphs [0051], (0060]).

With respect to claim 18, SINOR discloses wherein said data receiver is further configured to receive at least a part of the data on the network, by communicating with a client application running on the client device and extracting data on the network, on the client device, from communication data pertaining to the network, while the client device server provides encrypted data to the user over the network via client application running on the client device thereby the network extracts security protocol to be applied to the data of the client device while client device is connected to the network; paragraphs [0032], [0050], [0064]).

With respect to claim 20, SINOR further discloses wherein said data receiver is further configured to receive at least a part of the data on the network, by receiving data on the network from at least one client device other than the client device in use by the user (receiving electronic communication from a remote computing device requesting access to data via the network operating with communication protocol; paragraphs [0016], [0032]).

With respect to claim 21, SINOR further discloses wherein said data receiver is further configured to receive at least a part of the data on the information technology service, by receiving data on configuration of the information technology service (remotely stored data received via server comprises receiving desired data from a web service; paragraph (0047]).

With respect to claim 22, SINOR further discloses wherein said data receiver is further configured to receive at least a part of the data on the information technology service, by receiving data on user-configuration of the information technology service (remote storage device receives user request to access desired data records stored in remote storage; paragraphs [0047]-[0049]).
Claims 4, 9, 13, 19 are rejected under 35 U.S.C. 103 as being unpatentable over SINOR (2016/0335451) in view of RALEIGH et al (2017/0078922) and MILCHTAICH (2016/0323746).
With respect to claim 4, SINOR discloses the method of claim 1. SINOR does not disclose wherein the data on the client device comprises data on a status of at least one application installed on the client device. MILCHTAICH discloses wherein the data on the client device comprises data on a status of at least one application installed on the client device (data on the client device comprises a request for up-to-date (status of at least one application installed) reference values of client application installed on client device; paragraphs [0264]). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of SINOR to provide wherein the data on the client device comprises data on a status of at least one application installed on the client device, as taught by MILCHTAICH, in order to gain the advantage of pertaining specific access point information upon updating reference values associated with access points (See MILCHTAICH; paragraphs [0264] – [0265]).

With respect to claim 9, SINOR discloses the method of claim 1. SINOR does not disclose wherein said receiving of the data on the network comprises communicating with a client application running on the client device and extracting at least a part of the data on the network from a scan for access points carried out by the client device. MILCHTAICH discloses wherein said receiving of the data on the network comprises communicating with a client application running on the client device and extracting at server receiving the reference set values (data on the network) of the network comprises communicating with a client application running on the client device to extract one or more predefined events on the network (part of the data on the network) to attempt (scan) to connect to an access point via the client device; paragraphs [0075]-[0076], [0079]). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of SINOR to provide wherein said receiving of the data on the network comprises communicating with a client application running on the client device and extracting at least a part of the data on the network from a scan for access points carried out by the client device, as taught by MILCHTAICH, in order to gain the advantage of establishing a connection to the active access point in order to browse internet via active access point (See MILCHTAICH; paragraphs [0299]).

With respect to claim 13, SINOR discloses the method of claim 1. SINOR does not disclose further comprising: white the user is communicating with the information technology service using the client device over the network, periodically updating the combined data with new data, re-determining the policy in light of the updated combined data, and controlling the access based on the re-determined policy. MILCHTAICH discloses further comprising: while the user is communicating with the information technology service using the client device over the network, periodically updating the combined data with new data (threat determiner 140 restricts user to browse the internet using client device over the network periodically updating the threat evaluation function (combined data) with threat indication (new data); paragraphs [0218]-[0221], [0267]), re-determining the policy in light of the updated combined data, and controlling
the access based on the re-determined policy (threat determiner 140 presents a message (re-determining the policy) by restricting communication to the access point upon receiving threat evaluation function indicating new threat; paragraphs [0218] –[0221]). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of SINOR to provide while the user is communicating with the information technology service using the client device over the network, periodically updating the combined data with new data, re-determining the policy in light of the updated combined data, and controlling the access based on the re-determined policy, as taught by MILCHTAICH, in order to gain the advantage of determining threat for access point by applying threat evaluation function on the calculated indicators (See MILCHTAICH; claim 11).

With respect to claim 19, SINOR discloses the apparatus of claim 14. SINOR does not disclose wherein said data receiver is further configured to receive at least a part of the data on the network, by communicating with a client application running on the client device and extracting data on the network from a scan for access points carried out by the client device. MILCHTAICH discloses wherein said data receiver is further configured to receive at least a part of the data on the network, by communicating with a client application running on the client device and extracting data on the network from a scan for access points carried out by the client device (server
receives reference set values of the network comprises communicating with a client application running on the client device to extract one or more predefined events on the network (part of the data on the network) to attempt to connect to an access point via the client device; paragraphs [0075] - [0076], [0079]). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the apparatus of SINOR to provide wherein said data receiver is further configured to receive at least a part of the data on the network, by communicating with a client application running on the client device and extracting data on the network from a scan for access points carried out by the client device, in order to gain the advantage of establishing a connection to the active access point in order to browse internet via active access point (See MILCHTAICH; paragraphs [0299]).

Any inquiry concerning this communication or earlier communications from the examiner should be directed to TU T NGUYEN whose telephone number is (571)272-2424.  The examiner can normally be reached on M-F 8:00-5:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kamal B Divecha can be reached on (571) 272-5863.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.




/TU T NGUYEN/Primary Examiner, Art Unit 2453                                                                                                                                                                                                        09/29/2021