DETAILED ACTION
1	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . This office action is in reply to RCE filed on 03/04/2022. Claims 1, 8 and 15 have been amended. New claims 21-22 are added. Claims 1-6, 8-13 and 15-22 are pending. Claims 1, 8 and 15 are independent form are presented for examination.

Request Continued Examination (RCE)
2	A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 03/04/2022 has been entered.

Claim Rejections - 35 USC § 112
3	The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


4	Claims 21 and 22 recites the limitation of “the resource of the first type” and "applications of the first type" in line 2 of each claim.  There is insufficient antecedent basis for these limitations in claim 1.
	Appropriate correction is required.

Response to Argument
5	Applicant’s arguments filed on 03/04/2022 have been fully considered but they are moot based on the new grounds of rejection below.

Claim Rejections - 35 USC § 103
6	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

7	Claims 1-6, 8-13 and 15-22 are rejected under 35 U.S.C. 103 as being unpatentable over Desai et al. (Desai, hereinafter) (U.S. Patent Application Publication No. 2017/0223024 A1) in view of Biswas et al. (Biswas, hereinafter) (U.S. Patent Application Publication No. 2018/0285554 A1) further in view of Troelsen (https://doi.org/10.1007/978-1-4302-0160-1_15).
	Regarding claim 1, Desai teaches a method for securing an information handling system from untrusted client applications, comprising: 
identifying, by a processor of the information handling system, an identifier of a client application that has requested a connection to a resource of a first of the information handling system ([0062] & [0033]; determining the application/process on the client device that request a process/connection to the server…a client application that request for access to a server by their information key which is derived from the name of the executable file (application)); 
([0061]-[0062]; obtaining applications status such as it’s blacklisted or whitelisted by using application(s) identifier); and 
determining, by the processor, whether to establish a connection between the client application and the information handling system based, at least in part, on analysis of the access control list ([0062]; determining an application on the user device performing the request (step 620; and performing one of (1) denying the request if the application is unauthorized to access the network resources, (2) redirecting the request to an authorized application on the user device if the application is legitimate but unauthorized to access the network resources, and (3) allowing the request if the application is authorized to access the network resources (step 630)).
But Desai doesn’t explicitly teach an identifier of a client application is a process identifier of a client application; a resource of a first type; wherein the client application is a second type; and a process associated with the process identifier.
However, Biswas in analogous art, discloses a resource of a first type ([0064], [0057] & [0003]; the first resource(s) is an UWP app service resource); and
 wherein the client application is a second type ([0064], [0057] & [0003]; the client application that initiates a connection is a second type (Win32 App)).
It would have been obvious to one ordinary skill in the art before the effective filing date of the claimed invention was made to combine the teaching of Desai, and Biswas because Biswas’s teaching would allow Desai’s system to enhance secure communication between client and server.

However, Troelsen in analogous art, discloses an identifier of a client application is a process identifier of a client application (Page 1, Para. 5(last); every Win32 (Application) process is assigned a unique process identifier (PID) and may be independently loaded and unloaded by the OS as necessary (as well as programmatically using Win32 API calls), Fig. 15-1); and
a process associated with the process identifier (Page 1, Para. 5(last); every Win32 process is assigned a unique process identifier (PID), Fig. 15-1).
It would have been obvious to one ordinary skill in the art before the effective filing date of the claimed invention was made to combine the teaching of Desai, and Troelsen because Troelsen’s teaching would allow Desai’s system to enhance the discoverability of client applications.

Regarding claim 2, Desai further teaches the method of claim 1, wherein determining comprises determining whether the access control list ([0062]; a list which contains an access control information for a client applications) includes a security identifier ([0062]; includes a security identifiers such as “authorized or whitelisted” and “unauthorized/blacklisted”) previously identified by the information handling system as a trusted security identifier ([0061]-[0062]; determining by cloud-based security system that the received control list includes an “authorized/whitelisted” applications that conforms to the security standards of the enterprise).  

Regarding claim 3, Desai further teaches the method of claim 2, further comprising establishing a connection between the client application and the information handling system when the access control list includes the trusted ([0061]-[0062]; authorized/whitelisted) security identifier ([0061]-[0062]; the IT admin can impose application-level access control where access to certain network resources is not allowed from blacklisted applications or allowed only using a specific whitelisted application that conforms to the security standards of the enterprise…(3) allowing the request if the application is authorized to access the network resources (step 630)). 

Regarding claim 4, Desai further teaches the method of claim 2, further comprising neglecting to establish a connection between the client application and the information handling system when the access control list does not include the trusted security identifier ([0062]; determining an application on the user device performing the request (step 620; and performing one of (1) denying the request if the application is unauthorized to access the network resources).

Regarding claim 5, Desai further teaches the method of claim 1, further comprising: 
loading a list of trusted ([0062]; authorized) client applications ([0061]-[0062]; the process 600 includes receiving a list of whitelist (authorized) and blacklist (unauthorized) applications for determining the application…authorized applications are identified as whitelisted applications); 
([0033] & [0062]-[0064]; an information key is derived from the name of the executable file (application) and used in access control); and 
storing the trusted security identifier and/or the access control list derived for each of the at least one of the trusted client applications ([0033], [0035] & [0062]-[0064]; receiving a list of whitelist (authorized) applications and stored in the data store).

Regarding claim 6, Desai further teaches the method of claim 5, wherein deriving comprises deriving each trusted security identifier and/or access control list from a name of one of the trusted client applications ([0033]; an information key is derived from the name of the executable file (application) and used in access control).

As for claims 8-13, the limitations of claims 8-13 are similar to the limitations of claims 1-6 above, respectively. Therefore, the limitations of claims 8-13 are rejected in the analysis of claims 1-6 above, and the claims are rejected on that basis.

As for claims 15-20, the limitations of claims 15-20 are similar to the limitations of claims 1-6 above, respectively. Therefore, the limitations of claims 15-20 are rejected in the analysis of claims 1-6 above, and the claims are rejected on that basis.


However, Biswas in analogous art, discloses wherein the resource of the first type is a UWP RPC resource ([0064], [0057] & [0003]; the first resource(s) is an UWP app service resource); and
 the client application of the second type is a Win32 application ([0064], [0057] & [0003]; the client application that initiates a connection is a second type (Win32 App)).
It would have been obvious to one ordinary skill in the art before the effective filing date of the claimed invention was made to combine the teaching of Desai, and Biswas because Biswas’s teaching would allow Desai’s system to enhance secure communication between client and server.

Regarding claim 22, But Desai doesn’t explicitly teach the method of claim 1, wherein the access control list comprises a listing of applications of the first type and applications of the second type.
However, Biswas in analogous art, discloses wherein the access control list comprises a listing of applications of the first type and applications of the second type ([0005], [0057] & [0003]; an access trust is established between applications of the first type (UWP Apps) and a second type (Win32 Apps)…Once trust is established, the UWP Apps may opt-in for communication of certain Events from the Win32 App. In such a system, the Win32 App can be certain it is opening App Service connections only to UWP Apps that are trusted and that are interested in receiving a particular type of communication).
It would have been obvious to one ordinary skill in the art before the effective filing date of the claimed invention was made to combine the teaching of Desai, and Biswas because Biswas’s teaching would allow Desai’s system to enhance secure communication between client and server.

Conclusion
8	Any inquiry concerning this communication or earlier communications from the examiner should be directed to MELAKU HABTEMARIAM whose telephone number is 571-272-8373.  The examiner can normally be reached on Monday - Friday 8-6 ET.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Joon Hwang can be reached on (571)272-4036.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).




/M. H. /
Melaku Habtemariam, 
Examiner, Art Unit 2447
3/7/22

/SURAJ M JOSHI/Primary Examiner, Art Unit 2447