DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 12/17/2021 has been entered.
Response to Amendment
This communication is in response to the amendment filed on 12/17/2021.
Claims 1-2, 4-5, 7-13, 15-16 and 18-22 are pending.
Claims 3, 6, 14 and 17 are cancelled.
Claims 1 and 12 are further amended.
Response to Arguments
Regarding 35 USC 103
Applicant’s ArgumentsApplicant’s arguments regarding 35 USC 103, pages 7-8, claims 1 and 12, filed on 12/17/2021 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-2, 4-5, 7-10, 12-13, 15-16 and 18-21 are rejected under 35 U.S.C. 103 as being unpatentable over Touboul (US20130219457) in view of Nefedov (US20160292434) and in further view of Danford (US20120015644).
As to claim 1, Touboul teaches a security surveillance system for a mobile device with a wireless interface and a control unit that is connected to the wireless interface (¶0014 mobile security system ; scanning  internet traffic; ¶0015 mobile device, wireless network interface; ¶0032 monitor data (traffic); ¶0043mobile security system processor, module)  and that controls further elements of the mobile device based on wireless data traffic received by the wireless interface, (¶0015 mobile device wireless network interface; receiving internet traffic; ¶0032 mobile security system manage devices; ¶0043 mobile security system processor, module) the security surveillance system comprising: a security controller included in the mobile device, (¶0005 mobile device network security system; ¶0028 mobile device coupled via a mobile security system; ¶0032 monitor data (traffic); ¶0043 mobile security system  includes modules (controllers)) wherein the security controller is implemented as a dedicated device and the security controller is coupled to the wireless interface, (¶0011 mobile device (with) mobile security system module; ¶0015 mobile device security system comprises a wireless network interface; ¶0030 mobile security system  a device dedicated to network security; ¶0077 components and circuits (of) network (are) interconnected) and (¶0015 wireless network interface on a mobile device for receiving internet traffic; redirecting the internet traffic at the kernel level to a mobile security system; a security engine for scanning (based on)  a security policy; ¶0051 security engine analyze  traffic arriving from the internet; ¶0055 mobile device security engines). 
Although Touboul teaches the system recited above, wherein Touboul fails to expressly teach wherein the security controller generates a warning signal if the data traffic violates one of the predefined data rules, and a warning indicator that is coupled to the security controller and that generates a warning indication based on the warning signal,  wherein the security controller is arranged between an RF circuit of the wireless interface and a digital interface of the wireless interface, and wherein the security controller comprises an analog-to-digital converter for coupling the security controller to the RF circuit.
Nefedov, however discloses, wherein the security controller generates a warning signal if the data traffic violates one of the predefined data rules, (¶0039 compliance with  data access policies(e.g., transfers); ¶0040 generated and prompted to the user as an alert to signify non-compliance with the data access policies; indicate violations; ¶0045 policies may be determined to be in a predetermined format; ¶0060 control logic generate notifications,  with respect to the compliance (including violations) with respect to the data access policies) and a warning indicator that is coupled to the security controller and that generates a warning indication based on the warning signal, (¶0031 where the UE is a mobile device; ¶0059 user device control logic; ¶0060 control logic generate notifications, with respect to the compliance (including violations) with respect to the data access policies to user interface; ¶0105 user interface which illustrates a notification/alert; ¶0107  UE  utilizing a user interface)  wherein the security controller is arranged between an RF circuit of the wireless interface and a digital interface of the wireless interface, (¶0082 compliance platform, processor, control logic; ¶0083 compliance platform determines one or more initial policies; policies include security policies; ¶0116 devices and processors are connected; system also includes one or more communications interface; wireless communications interface; digital  communications interface; ¶0129 Main Control Unit (MCU) of mobile terminal;  provides circuitry, interface of the mobile terminal) and wherein the security controller comprises an analog-to-digital converter for coupling the security controller to the RF circuit. (¶0082 compliance platform, processor, control logic; ¶0083 compliance platform determines one or more initial policies; policies include security policies; ¶0116  devices with their own processors are connected; ¶0128 mobile terminal, analog and/or digital circuitry, Radio Frequency (RF) circuitry; ¶0133 Main Control Unit; (MCU) Analog to Digital Converter; ¶0134  MCU control functions of the mobile terminal).
Thus given the teachings of Nefedov it would have been obvious to one of ordinary skill person in the art before the effective filing date of the claimed invention to combine the teachings of Nefedov and Touboul for a system comprising analog/digital converter and security control unit/processor coupled circuitry and interfaces to generate notifications based on policy violations via a user interface. One of ordinary skill in the art would be motivated to allow for creating compliance profiles to determine one or more adaptions to one or more policies. (See Nefedov para 0005)
Although the combination of Touboul and Nefedov teach the system recited above, wherein the combination of Touboul and Nefedov fail to expressly teach wherein the security 
Danford, however discloses, wherein the security controller comprises a virtual machine with a dedicated processing device for emulating hardware of the control unit, said virtual machine executes at least part of an operating system that is in parallel executed by the control unit of the mobile device, (¶0024 virtual machine that emulates the hardware controller of the mobile device, allowing a copy of the  operating system to be run; ¶0029 virtual machines  required to emulate the hardware of different mobile device) and wherein the security controller comprises a behavior monitor that is arranged external to the virtual machine, (¶0027 mobile device offer more comprehensive security and controls; ¶0030 mobile device may comprise controller; ¶0060 device management server 104 monitors the physical mobile devices) and configured to inspect and monitor a behavior of software executed in the virtual machine in view of the received data traffic incoming via the wireless interface,  (¶0027 mobile device offer more comprehensive security and controls; ¶0029 virtual instances of respective mobile devices; comprises one or more virtual machines; ¶0030 mobile device may comprise controller;  ¶0060 device management server monitors the physical mobile devices; ¶0077 software tested in the virtual instance). 
Thus given the teachings of Danford it would have been obvious to one of ordinary skill person in the art before the effective filing date of the claimed invention to combine the (See Danford para 0077)
 As to claim 2, the combination of Touboul, Nefedov and Danford teach the system recited in claim 1, wherein Touboul further teaches the security surveillance system of claim 1, wherein the security controller comprises a computer program that is executed by the control unit of the mobile device. (¶0005 network security system and the security software resident on the device; mobile device; ¶0043 mobile device security processor, applications). 
As to claim 4, the combination of Touboul, Nefedov and Danford teach the system recited in claim 1, wherein Touboul further teaches the security surveillance system of claim 2, wherein the security controller comprises a hardware driver for the wireless interface for an operating system of the control unit of the mobile device. (¶0047 hardware, drivers of the mobile; mobile device security system may include a WiFi network interface). 
As to claim 5, the combination of Touboul, Nefedov and Danford teach the system recited in claim 1, wherein Danford further teaches the security surveillance system of claim 2, wherein the security controller comprises a communication stack function of a communication software stack of an operating system of the control unit of the mobile device. (¶0033 mobile device, communications or device protocol stacks).
Thus given the teachings of Danford it would have been obvious to one of ordinary skill person in the art before the effective filing date of the claimed invention to combine the teachings of Danford, Touboul and Nefedov for controller comprising communications stack. (See Danford para 0045)
As to claim 7, the combination of Touboul, Nefedov and Danford teach the system recited in claim 1, wherein Danford further teaches the security surveillance system of claim 1, wherein the virtual machine is provided in the control unit. (¶0024 virtual machine that emulates the hardware controller of the mobile device, allowing a copy of the operating system to be run).
Thus given the teachings of Danford it would have been obvious to one of ordinary skill person in the art before the effective filing date of the claimed invention to combine the teachings of Danford, Touboul and Nefedov for providing virtual machine. One of ordinary skill in the art would be motivated to allow for an unmodified operating system to run on the network via a virtual machine. (See Danford para 0031)
As to claim 8, the combination of Touboul, Nefedov and Danford teach the system recited in claim 1, wherein Nefedov further teaches The security surveillance system of claim 1, wherein the security controller comprises digital analysis circuitry that is coupled between a RF circuit of the wireless interface and digital circuitry of the wireless interface or the control unit of the mobile device. (¶0082 compliance platform, processor, control logic; ¶0083 compliance platform determines one or more initial policies; policies include security policies; ¶0116 devices and processors are connected; system also includes one or more communications interface; wireless communications interface; digital  communications interface; ¶0128 mobile terminal, analog and/or digital circuitry, Radio Frequency (RF) circuitry).
Thus given the teachings of Nefedov it would have been obvious to one of ordinary skill person in the art before the effective filing date of the claimed invention to combine the (See Nefedov para 0132)
As to claim 9, the combination of Touboul, Nefedov and Danford teach the system recited in claim 1, wherein Danford further teaches the security surveillance system of claim 1, wherein the security controller controllably blocks data traffic that violates one of the predefined data rules. (¶0029 block the traffic coming (based) on implement a policy).
Thus given the teachings of Danford it would have been obvious to one of ordinary skill person in the art before the effective filing date of the claimed invention to combine the teachings of Danford, Touboul and Nefedov for blocking traffic based on policy. One of ordinary skill in the art would be motivated to allow for implementing authentication functions to ensure communication sessions are validated. (See Danford para 0038)
As to claim 10, the combination of Touboul, Nefedov and Danford teach the system recited in claim 1, wherein Danford further teaches the security surveillance system of claim 1, comprising an external network emulator that emulates a communication network and controllably transmits data traffic to the mobile device that violates at least one of the data rules. (¶0007 remotely manage emulation component; ¶0034 control points may emulate the operation and pass data).
Thus given the teachings of Danford it would have been obvious to one of ordinary skill person in the art before the effective filing date of the claimed invention to combine the teachings of Danford, Touboul and Nefedov for emulating communications. One of ordinary skill in the art would be motivated to allow for providing a quarantine section for virtual instances. (See Danford para 0032)
As to claim 12, Touboul teaches a security surveillance method for a mobile device with a wireless interface and a control unit that is connected to the wireless interface (¶0014 mobile security system ; scanning  internet traffic; ¶0015 mobile device wireless network interface; ¶0032 monitor data (traffic); ¶0043mobile security system processor, module) and that controls further elements of the mobile device based on wireless data traffic received by the wireless interface, (¶0015 mobile device wireless network interface; receiving internet traffic; ¶0032 mobile security system manage devices; ¶0043 mobile security system processor, module) the security surveillance method comprising: receiving the data traffic provided to the control unit by a security controller, (¶0010 mobile device; and a security engine; ¶0014 receiving internet traffic on a mobile device via mobile security system; ¶0032 monitor data (traffic); ¶0051 traffic arriving from the internet (to) security engine) inspecting, by the security controller, at least the received data traffic incoming via the wireless interface at the mobile device according to a number of predefined data rules with a security controller that is coupled to the wireless interface, (¶0015 wireless network interface on a mobile device for receiving internet traffic; redirecting the internet traffic at the kernel level to a mobile security system; a security engine for scanning (based on)  a security policy; ¶0051 security engine analyze  traffic arriving from the internet; ¶0055 mobile device security engines) wherein the security surveillance method is executed in the mobile device, (¶0005 mobile device network security system; ¶0011 security engine may include security monitor; mobile device (with) mobile security system module;  ¶0028 mobile device coupled via a mobile security system) wherein the security controller is implemented as a dedicated device, (¶0005 mobile device network security system; ¶0028 mobile device coupled via a mobile security system; ¶0030 mobile security system  a device dedicated to network security;  ¶0043 mobile security system  includes modules (controllers)).
Although Touboul teaches the system recited above, wherein Touboul fails to expressly teach generating a warning signal with the security controller if the data traffic violates one of the predefined data rules, wherein the security controller is arranged between an RF circuit of the wireless interface and a digital interface of the wireless interface, and wherein the security controller comprises an analog-to-digital converter for coupling the security controller to the RF circuit.
Nefedov, however discloses, and generating a warning signal with the security controller if the data traffic violates one of the predefined data rules, (¶0039 compliance with  data access policies(e.g., transfers); ¶0040 generated and prompted to the user as an alert to signify non-compliance with the data access policies; indicate violations; ¶0045 policies may be determined to be in a predetermined format; ¶0059 user device control logic; ¶0060 control logic generate notifications, reports, etc., with respect to the compliance (including violations) with respect to the data access policies) wherein the security controller is arranged between an RF circuit of the wireless interface and a digital interface of the wireless interface, (¶0082 compliance platform, processor, control logic; ¶0083 compliance platform determines one or more initial policies; policies include security policies; ¶0116 devices and processors are connected; system also includes one or more communications interface; wireless communications interface; digital  communications interface; ¶0129 Main Control Unit (MCU) of mobile terminal;  provides circuitry, interface of the mobile terminal) and wherein the security controller comprises an analog-to-digital converter for coupling the security controller to the RF circuit; (¶0082 compliance platform, processor, control logic; ¶0083 compliance platform determines one or more initial policies; policies include security policies; ¶0116 devices with their own processors are connected; ¶0128 mobile terminal, analog and/or digital circuitry, Radio Frequency (RF) circuitry; ¶0133 Main Control Unit; (MCU) Analog to Digital Converter; ¶0134 MCU control functions of the mobile terminal).
Thus given the teachings of Nefedov it would have been obvious to one of ordinary skill person in the art before the effective filing date of the claimed invention to combine the teachings of Nefedov and Touboul for system comprising analog/digital converter security control unit/processor coupled circuitry and interfaces to generate notifications based on policy violations via a user interface One of ordinary skill in the art would be motivated to allow for making policies more restrictive using encryption tools to better protect user privacy. (See Nefedov para 0041/0115)
Although the combination of Touboul and Nefedov teach the system recited above, wherein the combination of Touboul and Nefedov fail to expressly teach wherein a virtual machine comprises a dedicated processing device for emulating hardware of the control unit, said virtual machine executes at least part of an operating system that is in parallel executed by the control unit of the mobile device implements the functionality of the security controller, and wherein a behavior monitor of the security controller that is arranged external to the virtual machine and inspects and monitors a behavior of software executed in the virtual machine in view of the received data traffic incoming via the wireless interface.
Danford, however discloses, wherein a virtual machine comprises a dedicated processing device for emulating hardware of the control unit, said virtual machine executes at least part of an operating system that is in parallel executed by the control unit of the mobile device implements the functionality of the security controller, (¶0024 virtual machine that emulates the hardware controller of the mobile device, allowing a copy of the  operating system to be run; ¶0029 virtual machines  required to emulate the hardware of different mobile device) and wherein a behavior monitor of the security controller that is arranged external to the virtual machine (¶0027 mobile device offer more comprehensive security and controls; ¶0030 mobile device may comprise controller; ¶0060 device management server 104 monitors the physical mobile devices) inspects and monitors a behavior of software executed in the virtual machine in view of the received data traffic incoming via the wireless interface. (¶0027 mobile device offer more comprehensive security and controls; ¶0029 virtual instances of respective mobile devices; comprises one or more virtual machines; ¶0030 mobile device may comprise controller; ¶0060 device management server 104 monitors the physical mobile devices; ¶0077 software tested in the virtual instance).
Thus given the teachings of Danford it would have been obvious to one of ordinary skill person in the art before the effective filing date of the claimed invention to combine the teachings of Danford, Touboul and Nefedov for controller/processor associated with a virtual machine; wherein the virtual machine executes a monitoring application to analyze application data/traffic. One of ordinary skill in the art would be motivated to allow for detecting abnormal behavior. (See Danford para 0028)
As to claim 13, the combination of Touboul, Nefedov and Danford teach the method recited in claim 12, wherein Touboul further teaches the security surveillance method of claim 12, wherein the control unit of the mobile device executes a computer program that implements the functionality of the security controller. (¶0005 network security system and the security software resident on the device; mobile device; ¶0043 mobile device security processor, applications).
As to claim 15, the combination of Touboul, Nefedov and Danford teach the method recited in claim 13, wherein Touboul further teaches the security surveillance method of claim 13, wherein a hardware driver for the wireless interface for an operating system of the control unit of the mobile device implements the functionality of the security controller. (¶0047 hardware, drivers of the mobile; mobile device security system may include a WiFi network interface). 
As to claim 16, the combination of Touboul, Nefedov and Danford teach the method recited in claim 13, wherein Danford further teaches the security surveillance method of claim 13, wherein the security controller is implemented by a communication stack function of a communication software stack of an operating system of the control unit of the mobile device. (¶0033 mobile device, communications or device protocol stacks).
Thus given the teachings of Danford it would have been obvious to one of ordinary skill person in the art before the effective filing date of the claimed invention to combine the teachings of Danford, Touboul and Nefedov for comprising communications stack. One of ordinary skill in the art would be motivated to allow for synchronization of network drivers. (See Danford para0075)
As to claim 18, the combination of Touboul, Nefedov and Danford teach the method recited in claim 12, wherein Danford further teaches the security surveillance method of claim 12, wherein the virtual machine is provided in the control unit. (¶0024 virtual machine that emulates the hardware controller of the mobile device, allowing a copy of the operating system to be run).
Thus given the teachings of Danford it would have been obvious to one of ordinary skill person in the art before the effective filing date of the claimed invention to combine the (See Danford para 0031)
As to claim 19, the combination of Touboul, Nefedov and Danford teach the method recited in claim 12, wherein Nefedov further teaches The security surveillance method of claim 12, wherein digital analysis circuitry that is coupled between a RF circuit of the wireless interface and digital circuitry of the wireless interface or the control unit of the mobile device performs the step of inspecting. (¶003 analyzes data access; ¶0082 compliance platform, processor, control logic; ¶0083 compliance platform determines one or more initial policies; policies include security policies; ¶0116 devices and processors are connected; system also includes one or more communications interface; wireless communications interface; digital  communications interface; ¶0128 mobile terminal, analog and/or digital circuitry, Radio Frequency (RF) circuitry)
Thus given the teachings of Nefedov it would have been obvious to one of ordinary skill person in the art before the effective filing date of the claimed invention to combine the teachings of Nefedov, Touboul and Danford for controller comprises digital and RF circuitry with wireless and digital interfaces. One of ordinary skill in the art would be motivated to allow faster transfer of information. (See Nefedov para 0111)
As to claim 20, the combination of Touboul, Nefedov and Danford teach the method recited in claim 12, wherein Danford further teaches The security surveillance method of claim 12, wherein data traffic that violates one of the predefined data rules is controllably blocked by the security controller. (¶0029 block the traffic coming (based) on  implement a policy)
Thus given the teachings of Danford it would have been obvious to one of ordinary skill person in the art before the effective filing date of the claimed invention to combine the teachings of Danford, Touboul and Nefedov for blocking data/traffic based on policy. One of ordinary skill in the art would be motivated to allow for submitting queries to determine operating systems and current application traffic operating on the network. (See Danford para 0059)
As to claim 21, the combination of Touboul, Nefedov and Danford teach the method recited in claim 12, wherein Danford further teaches the security surveillance method of claim 12, comprising emulating a communication network and controllably transmitting data traffic to the mobile device that violates at least one of the data rules with an external network emulator. (¶0007 remotely manage emulation component; ¶0034 control points may emulate the operation and pass data).
Thus given the teachings of Danford it would have been obvious to one of ordinary skill person in the art before the effective filing date of the claimed invention to combine the teachings of Danford, Touboul and Nefedov for emulating network traffic. One of ordinary skill in the art would be motivated to allow for removing and isolating virtual instances and place them in quarantine section. (See Danford para 0040)
Claims 11 and 22 are rejected under 35 U.S.C. 103 as being unpatentable over Touboul (US20130219457) in view of Nefedov (US20160292434) and in further view of Danford (US20120015644) and in further view of Rieke (US20170048268).
As to claim 11, although the combination of Touboul, Nefedov and Danford teach the system recited in claim 1, the combination of Touboul, Nefedov and Danford fail to expressly 
Rieke, however discloses, the security surveillance system of claim 1, wherein the security controller comprises a configuration interface for receiving data rules, and a configuration memory for storing the received data rules. (¶0044 configuration interface configuration settings, policies; ¶0045 information relevant for the execution of policies; security controls; ¶0049 store security data, policy data; ¶0060 components receive information; ¶0062 security control interface; ¶0098 interface components).
Thus given the teachings of Rieke it would have been obvious to one of ordinary skill person in the art before the effective filing date of the claimed invention to combine the teachings of Rieke, Touboul, Nefedov and Danford for a configuration interface for receiving and storing data rules. One of ordinary skill in the art would be motivated to allow for setting a unique identifier for configuration data. (See Rieke para 0021)
As to claim 22, although the combination of Touboul, Nefedov and Danford teach the method recited in claim 12, the combination of Touboul, Nefedov and Danford fail to expressly teach the security surveillance method of claim 12, wherein the security controller comprises a configuration interface for receiving data rules, and a configuration memory for storing the received data rules.
Rieke, however discloses, the security surveillance method of claim 12, wherein the security controller comprises a configuration interface for receiving data rules, and a configuration memory for storing the received data rules. (¶0044 configuration interface configuration settings, policies; ¶0045 information relevant for the execution of policies; security controls; ¶0049 store security data, policy data; ¶0060 components receive information; ¶0062 security control interface; ¶0098 interface components).
Thus given the teachings of Rieke it would have been obvious to one of ordinary skill person in the art before the effective filing date of the claimed invention to combine the teachings of Rieke, Touboul, Nefedov and Danford for a configuration interface for receiving and storing data rules. One of ordinary skill in the art would be motivated to allow for starting or stopping programs based upon configuration data updates. (See Rieke para 0048)
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to TONY WILLIAMS whose telephone number is (469)295-9115. The examiner can normally be reached Mon-Fri 8:00-5:00.

If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Umar Cheema can be reached on (571)570-3037. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/T.W. /Examiner, Art Unit 2454



/UMAR CHEEMA/Supervisory Patent Examiner, Art Unit 2454