Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION
The following is an examiner’s statement of reasons for allowance: After a comprehensive search of the prior art no reference or reasonable combinations of references could be found covering the subject matter of amended claim(s) 1, 11 and 20. The prior art alone or in combination fail to teach or make obvious the amended subject matter when considered in combination with other limitations in the amended claim 1 and similarly amended claim(s) 11 and 20.  
The closest prior art has been made of record.  See attached PTO-892.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner’s amendment was given in a telephone interview with Johnathan Western on 01 December 2021.
LISTING OF CLAIMS
1.  (Currently Amended)  A method, comprising:
obtaining, at a device of a first security type, an application message for an application transaction, the application message having a transaction identifier (ID) for the application transaction;
inserting, by the device, an instruction related to the application transaction into a first header of the application message;
sending, by the device, the application message downstream with the instruction in the first header and the transaction ID;
receiving, at the device, an application response message from a downstream device in response to the application message, the downstream device of a second security type different from the first security type, the application response message having a reply to the instruction related to the application transaction in a second header of the application response message and the transaction ID correlating the application response message to the application transaction; and
performing, by the device, one or more reactive actions in response to the reply to the instruction related to the application transaction,
wherein the reply comprises at least one of: a direct answer to a question in the instruction; a link to a web location having an answer to a question in the instruction; an acknowledgement to performance of a command in the instruction; a non-acknowledgment to performance of a command in the instruction; or a link to a location of a security log generated for the application transaction.
 

2.  (Original)  The method as in claim 1, wherein the instruction is one of either a question related to the application transaction or a command related to the application transaction.


3.  (Original)  The method as in claim 2, wherein:
the question comprises at least one of: requesting a user associated with the application transaction; requesting a permission role of a user associated with the application; requesting device components on which the application transaction is being executed; requesting configuration settings of an application in which the application transaction is being executed; or requesting configuration settings of a device on which the application transaction is being executed; and
the command comprises at least one of: blocking the application transaction; forcing a logout in the application transaction; quarantining the application transaction; or escalating a security level of the application transaction. 

4.  (Canceled) 
 

5.  (Original)  The method as in claim 1, wherein the instruction and reply are associated with one or both of either the application transaction individually or an application in which the application transaction is being executed.
 

6.  (Original)  The method as in claim 1, wherein the reply is associated with an answer comprising one or more of runtime information, application information, transaction information, and security information.
 

7.  (Original)  The method as in claim 1, wherein the first security type is a network-based security process and wherein the second security type is an application-based security process.


8.  (Original)  The method as in claim 1, wherein the first security type is an application-based security process and wherein the second security type is a network-based security process.
 

9.  (Original)  The method as in claim 8, further comprising:
generating a security log for the application transaction;
storing the security log remotely from the device; and
wherein the instruction includes a web link to the stored security log.
 

10.  (Original)  The method as in claim 9, further comprising:
generating an additional log for an application in which the application transaction is being executed;
storing the additional log remotely from the device; and
wherein the instruction includes a web link to the stored additional log.
 

11.  (Currently Amended)  A method, comprising:
receiving, at a device of a first security type, an application message for an application transaction, the application message having a transaction identifier (ID) for the application transaction, the application message further having an instruction related to the application transaction inserted into a first header of the application message by an upstream device of a second security type different from the first security type;

obtaining, by the device, an application response message in response to the application message, the application response message having the transaction ID correlating the application response message to the application transaction;
inserting, by the device, a reply to the instruction related to the application transaction in a second header of the application response message; and
sending, by the device, the application response message with the reply to the instruction and the transaction ID toward the upstream device to cause the upstream device to perform one or more reactive actions in response to the reply,
wherein the reply comprises at least one of: a direct answer to a question in the instruction; a link to a web location having an answer to a question in the instruction; an acknowledgement to performance of a command in the instruction; a non-acknowledgment to performance of a command in the instruction; or a link to a location of a security log generated for the application transaction.
 

12.  (Original)  The method as in claim 11, wherein the instruction is one of either a question related to the application transaction or a command related to the application transaction.
 

13.  (Original)  The method as in claim 12, wherein:
the question comprises at least one of: requesting a user associated with the application transaction; requesting a permission role of a user associated with the application; requesting device components on which the application transaction is being executed; requesting configuration settings of an application in which the application transaction is being executed; 
the command comprises at least one of: blocking the application transaction; forcing a logout in the application transaction; quarantining the application transaction; or escalating a security level of the application transaction.
 

14.  (Canceled)
 

15.  (Original)  The method as in claim 11, wherein the instruction and reply are associated with one or both of either the application transaction individually or an application in which the application transaction is being executed.
 

16.  (Original)  The method as in claim 11, wherein the reply is associated with an answer comprising one or more of runtime information, application information, transaction information, and security information.
 

17.  (Original)  The method as in claim 11, wherein the first security type is a network-based security process and wherein the second security type is an application-based security process.
 

18.  (Original)  The method as in claim 11, wherein the first security type is an application-based security process and wherein the second security type is a network-based security process.
 


 

20.  (Currently Amended)  A tangible, non-transitory, computer-readable medium having computer-executable instructions stored thereon that, when executed by a processor on a computing device of a first security type, cause the computing device to perform a method comprising:
obtaining an application message for an application transaction, the application message having a transaction identifier (ID) for the application transaction;
inserting an instruction related to the application transaction into a first header of the application message;
sending the application message downstream with the instruction in the first header and the transaction ID;
receiving an application response message from a downstream device in response to the application message, the downstream device of a second security type different from the first security type, the application response message having a reply to the instruction related to the application transaction in a second header of the application response message and the transaction ID correlating the application response message to the application transaction; and
performing one or more reactive actions in response to the reply to the instruction related to the application transaction,
wherein the reply comprises at least one of: a direct answer to a question in the instruction; a link to a web location having an answer to a question in the instruction; an acknowledgement to performance of a command in the instruction; a non-acknowledgment to performance of a command in the instruction; or a link to a location of a security log generated for the application transaction.
 


Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to BRYAN LEE whose telephone number is (571)270-5606.  The examiner can normally be reached on Mon-Fri 9am-5pm.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, OSCAR LOUIE can be reached on (571)270-1684.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




/BRYAN LEE/Primary Examiner, Art Unit 2445