DETAILED ACTION
Claims 1, 9 & 17 have been amended. Claims 2, 4-5, 10, 12-13, 18, 20 have been canceled. Claims 21-23 have been newly added. Claims 1, 3, 6-9, 11, 14-17, 19, 21-23remain pending.
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
EXAMINER’S AMENDMENT
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner’s amendment was given in a telephone interview with Naveed Hasan on November 08, 2021. The application has been amended as follows: 
In the claims:
(Currently Amended) A method, comprising:
creating, by a client device, a secure connection from an inline frame associated with a first application on the client device to an authorization server for accessing a second application; 
identifying, by the inline frame, one or more events that represent inputs for the user authorization credential, wherein the inline frame prevents storage of the user authorization credential and the first application is prevented from accessing the user authorization credential;
proxying, by the inline frame, the identified one or more events to the authorization server using the secure connection;
receiving an authorization code from the authorization server in response to the proxying;
 	redirecting, by the inline frame, the authorization code to the first application on the client device; [[and]]
transmitting, from the client device to the authorization server, the authorization code to receive an access token for accessing the second application; 
generating, by the inline frame, a form for receiving the user authorization credential; and
updating the form with a graphical symbol to avoid interrogation of a document object model (DOM) element associated with the form;
inserting, by the client device, the inline frame in the first application upon receiving a message from the second application to insert the inline frame according to a restricted access policy; and 
closing the inline frame upon receiving the access token from the authorization server.
(Canceled)
(Original) The method of claim 1, further comprising: 
inserting, by the client device, the inline frame in the first application based on an agreement between the first application and the second application according to a restricted access policy. 
(Canceled) 
 (Canceled) 
(Original) The method of claim 1, further comprising:
encrypting the one or more events proxied to the authorization server using a public-private key pair.
(Original) The method of claim 1, wherein creating the secure connection comprises:
establishing a connection between the inline frame and the authorization server using a secure connection protocol from a group comprising transport layer security (TLS), secure socket layer (SSL), secure socket shell (SSH), and hypertext transfer protocol over SSL/ TLS (HTTPS).
(Original) The method of claim 1, wherein the first application is a first hypertext markup language (HTML) page and the second application is a second HTML page, and wherein the second HTML page is different from the first HTML page.
(Currently Amended) An apparatus, comprising:
a memory for storing operations; and

a processor coupled to the memory, wherein the instructions, when executed by the processor, cause the processor to:
creating, by a client device, a secure connection from an inline frame associated with a first application on the client device, to an authorization server for accessing a second application; 
identifying, by the inline frame, one or more events that represent inputs for the user authorization credential, wherein the inline frame prevents storage of the user authorization credential and the first application is prevented from accessing the user authorization credential;
proxying, by the inline frame, the identified one or more events to the authorization server using the secure connection;
receiving an authorization code from the authorization server in response to the proxying; 
redirecting, by the inline frame, the authorization code to the first application on the client device; and
transmitting, from the client device to the authorization server, the authorization code to receive an access token for accessing the second application;
generating, by the inline frame, a form for receiving the user authorization credential; and
updating the form with a graphical symbol to avoid interrogation of a document object model (DOM) element associated with the form;
inserting, by the client device, the inline frame in the first application upon receiving a message from the second application to insert the inline frame according to a restricted access policy; and 
closing the inline frame upon receiving the access token from the authorization server.
(Canceled)
(Original) The apparatus of claim 9, wherein the operations further comprise: 
inserting, by the client device, the inline frame in the first application based on an agreement between the first application and the second application according to restricted access policy.
(Canceled)
(Canceled) 
(Original) The apparatus of claim 9, wherein the operations further comprise: 
encrypting the one or more events proxied to the authorization server using a public-private key pair.
(Original) The apparatus of claim 9, wherein for creating the secure connection, the operations further comprise:
establishing a connection between the inline frame and the authorization server using a secure connection protocol from a group comprising transport layer security (TLS), secure socket layer (SSL), secure socket shell (SSH), and hypertext transfer protocol over SSL/ TLS (HTTPS).
(Original) The apparatus of claim 9, wherein the first application or the second application is a hypertext markup language (HTML) page.
(Currently Amended) A non-transitory, tangible computer-readable device having instructions stored thereon that, when executed by at least one computing device of a client device, causes the at least one computing device to perform operations comprising:
creating, by the client device, a secure connection from an inline frame associated with a first application on the client device, to an authorization server for accessing a second application;
identifying, by the inline frame, one or more events that represent inputs for the user authorization credential, wherein the inline frame prevents storage of the user authorization credential and the first application is prevented from accessing the user authorization credential;
proxying, by the inline frame, the identified one or more events to the authorization server using the secure connection;
receiving an authorization code from the authorization server in response to the proxying;
redirecting, by the inline frame, the authorization code to the first application on the client device; and
transmitting, from the client device to the authorization server, the authorization code to receive an access token for accessing the second application;
generating, by the inline frame, a form for receiving the user authorization credential; and
updating the form with a graphical symbol to avoid interrogation of a document object model (DOM) element associated with the form;
inserting, by the client device, the inline frame in the first application upon receiving a message from the second application to insert the inline frame according to a restricted access policy; and 
closing the inline frame upon receiving the access token from the authorization server.
(Canceled)
(Original) The non-transitory, tangible computer-readable device of claim 17, wherein the operations further comprise: 
inserting, by the client device, the inline frame in the first application based on an agreement between the first application and the second application according to a restricted access policy.
(Canceled)
(New) The non-transitory, tangible computer-readable device of claim 17, wherein the operations further comprise:
encrypting the one or more events proxied to the authorization server using a public-private key pair.
(New) The non-transitory, tangible computer-readable device of claim 17, wherein when creating the secure connection the operations further comprise:
establishing a connection between the inline frame and the authorization server using a secure connection protocol from a group comprising transport layer security (TLS), secure socket layer (SSL), secure socket shell (SSH), and hypertext transfer protocol over SSL/ TLS (HTTPS).
(New) The method of claim 1, wherein the first application is a first hypertext markup language (HTML) page and the second application is a second HTML page, and wherein the second HTML page is different from the first HTML page.

PLEASE CANCEL CLAIMS 2, 4-5, 10, 12-13, 18, 20. 

Allowable Subject Matter
Claims 1, 3, 6-9, 11, 14-17, 19, 21-23 are allowed. No reason for allowance is needed as the record is clear in light of applicant’s arguments and examiner amendment above. See MPEP 1302.14(l).

According to MPEP 1302.14 (I): “In most cases, the examiner’s actions and the applicant’s replies make evident the reasons for allowance, satisfying the “record as a whole” proviso of the rule. This is particularly true when applicant fully complies with 37 CFR 1.111 (b) and (c) and 37 CFR 1.133(b). Thus, where the examiner’s actions clearly point out the reasons for rejection and the applicant’s reply explicitly presents reasons why claims are patentable over the reference, the reasons for allowance are in all probability evident from the record and no statement should be necessary.”
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHARIF ULLAH whose telephone number is (571)272-5453.  The examiner can normally be reached on Mon-Fri 7:30-5:00.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached on 5712723739.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/SHARIF E ULLAH/Primary Examiner, Art Unit 2495