DETAILED ACTION

Claims 1-20 are presented for examination.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Information Disclosure Statement
The Information Disclosure Statement(s) submitted by applicant on 04/01/2021 and 07/28/2020 has/have been considered. The submission is in compliance with the provisions of 37 CFR § 1.97. Form PTO-1449 signed and attached hereto.
Double Patenting

The non-statutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper time-wise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A non-statutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg , 140 F.3d 1428, 46 USPQ2d 1226 (Fed.Cir. 1998); In re Goodman , 11 F.3d 1046, 29 USPQ2d 2010 (Fed. 
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or1.321(d) may be used to overcome an actual or provisional rejection based on non-statutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP §§ 706.02(l)(1) - 706.02(l)(3) for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g.,PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal  Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information absolute Terminal Disclaimers, refer to
www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.

Claims 1, 12, and 20 are rejected on the ground of non-statutory double patenting as being unpatentable over claims 1-19 of U.S. Patent No. 9,411,978. Although the claims at issue are not identical, they are not patentably distinct from each other because they are directed to a same system for controlling access to a target platform by a computing device. Claims 1 and 12 anticipate independent claim 1 of the instant application respectively as they contain all the limitations in claim 1.

Claims 1, 12, and 20 are rejected on the ground of non statutory double patenting as being unpatentable over claims 1-22 of U.S. Patent No. 10,193,893. Although the claims at issue are not identical, they are not patentably distinct from each other because they are directed to a same system for controlling access to a target platform by a computing device. Claims 1 and 16 anticipate independent claim 1 of the Instant application respectively as they contain all the limitations in claim 1.

Claims 1, 12, and 20 are rejected on the ground of non statutory double patenting as being unpatentable over claims 1-21 of U.S. Patent No. US 10771472. Although the claims at issue are not identical, they are not patentably distinct from each other because they are directed to a same system for controlling access to a target platform by a computing device. Claim 1 anticipate independent claim 1 of the Instant application respectively as they contain all the limitations in claim 1.


Appropriate corrections required.

	
Notice of Pre-AIA  or AIA  Status

The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

Claim Rejections - 35 USC § 103

The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


Claims1-5, 7-16, and 18-20 are rejected under 35 U.S.C. 103 as being unpatentable over  Horn et al. (US Patent Application No. 2009/0129338 A1) (Hereinafter Horn)  in view of Caldwell et al. (US Patent Application No. 2011/0116442 .

	
As per claim 1,  Horn discloses a system for data access control, comprising: 
a computing device having a processor and at least one non-transitory memory containing instructions executable by the processor to (para.15 of Horn, an apparatus/mobile device): 
determine a first unique device identifier associated with a first access point being used by the computing device to access a network (para 13, 15, 47, 48, 57, 63, 69 of Horn, the apparatus/mobile device determines an identifier of the access point); 
based on the request and is associated with a first application executing on the computing device (para.55-58, broadcast signal evaluator 302 and an access list controller 304 determine access point identifier and the restricted association indicator, determine which access point to connect to based on the restricted association and the list); and 
control access of the first application to data associated with a target server to which the computing device is connected through the first access point based on the access control data (para 44-48, the mobile device utilizes access points to access to computer resources at a corporation. One or more of the access points can be restricted access points which restrict the mobile device from accessing the resources. The mobile device detects a restricted association indicator in the broadcast signal and additionally evaluate/compare the access point to a list of accessible identifiers to determine whether to utilize the access point to access the resources).

Caldwell discloses sending a request to an access control update server for access control data, the request including the first unique device identifier (para 32 of Caldwell, the mobile device communicates an identifier of an access point to a request to a provisioning server. In response, the provisioning server sends back a response indicating an acceptance or rejection, e.g. access control data).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Horn and Caldwell. The motivation would have been to modify Horn in view of Caldwell to request and obtain the first access control data from the access control server in order to implement a centralized access control management, thereby, improve consistency, reduce maintenance and configuration time. 
Horn in view of Caldwell does not explicitly disclose receiving, from the access control update server, the requested access control data, wherein appropriate access control data is determined, by the access control update server. However, Barton discloses receiving, from the access control update server, the requested access control data, wherein appropriate access control data is determined, by the access control update server (par.178 of Barton, the mobile device transmits a request for an update to the policy information which manages application stored on the mobile device, and receives the updated policy information from the access gateway). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Horn and Caldwell with Barton. The 

As per claim 2, claim is rejected for the same reasons and motivation as claim 1,  above. In addition, Barton discloses wherein the computing device is further configured to update the access control data by sending a request to the access control update server and receiving updated access control data from the access control update server (para 178, the mobile device transmits a request for an update to the policy information which manages application stored on the mobile device, and receives the updated policy information from the access gateway).

As per claim 3, claim is rejected for the same reasons and motivation as claim 1,  above. In addition, Horn discloses wherein the computing device is further configured to: determine a second identifier associated with a second access point being used by the computing device to access the network (para 44-45 of Horn, there are a plurality of access points and the mobile device can attempt to reselect an access point with highest ranking among the plurality of access points) ;
Barton discloses request and receive from the access control update server second access control data associated with the second identifier and the first application (para 85-86 the client agent on the mobile device obtains policies from gateway server to control the behavior or access to enterprise resources of the management applications. This implicitly discloses that the client agent determines a 
control access to data by the first application based on the second access control data (par.85-86 of Barton, controlling behavior or access to enterprise resources of the managed applications based on the policies).

As per claim 4, claim is rejected for the same reasons and motivation as claim 1,  above. In addition, Horn discloses, wherein the access control data is a default level of access (para 47 the default level of access is utilization of the access point).

As per claim 5, claim is rejected for the same reasons and motivation as claim 1,  above. In addition, Horn discloses, wherein the access control data includes environmental data associated with at least one of the computing device or the first access point (para 52 the environment data associated with the mobile device such as corporate environment. A corporate access point restricts access only to corporate issued mobile device).

As per claim 7, claim is rejected for the same reasons and motivations, as claim 1, above.  In addition, Barton discloses wherein the computing device is further configured to: request second access control data, the second access control data associated with the first identifier and a second application executing on the computing device (para 85-86, the mobile device comprises a plurality of managed applications); and 


control access to data over the network by the second application based on the second access control data. (par.85-86 of Barton, controlling behavior or access to enterprise resources of the managed applications based on the policies).

As per claim  8, claim is rejected for the same reasons and motivations, as claim 1, above.  In addition, Barton Discloses wherein the access control data specifies a different level of access than the second access control data (para 85, application-specific policy-controlled, clearly, different policy for different application provide different level of access).

As per claim  9, claim is rejected for the same reasons and motivations, as claim 1, above.  In addition, Barton Discloses wherein the first application and second application are isolated applications (para.85-86,example of the managed applications: mail, browser, wrapped application, etc. Clearly, each of these applications is isolated application).

As per claim  10, claim is rejected for the same reasons and motivations, as claim 1, above.  In addition, Barton Discloses wherein the computing device is configured to execute an access control module that controls access to data by the first application and the second application (para.85-87,  the client agent obtains policies and controls the access to enterprise resources by the managed applications)

As per claim  11, claim is rejected for the same reasons and motivations, as claim 1, above.  In addition, Horn Discloses wherein the computing device is configured to determine if a path to a target server is an acceptable path and, in response to determining that the path is not an acceptable path, blocking access by the first application to the target server (para 44-48, the mobile device utilizes access points to access to computer resources at a corporation. One or more of the access points can be restricted access points which restrict the mobile device from accessing the resources. The mobile device detects a restricted association indicator in the broadcast signal and additionally evaluate/compare the access point to a list of accessible identifiers to determine whether to utilize the access point to access the resources).

As per claim 12 claim is rejected for the same reasons and motivation as claim 1, above.

As per claim 13, claim is rejected for the same reasons and motivation as claims 12 and 2, above.

As per claim 14, claim is rejected for the same reasons and motivation as claims 12 and 3, above.

As per claim 15, claim is rejected for the same reasons and motivation as claims 12 and 4, above.

As per claim 16, claim is rejected for the same reasons and motivation as claims 12 and 5, above.

As per claim 18, claim is rejected for the same reasons and motivation as claims 12 and 7, above.

As per claim 19, claim is rejected for the same reasons and motivation as claims 12 and 8, above.

As per claim 20, claim is rejected for the same reasons and motivations, as claim 1, above.  

Claims 6 and 17 are rejected under 35 U.S.C. 103 as being unpatentable over  Horn et al. (US Patent Application No. 2009/0129338 A1) (Hereinafter Horn)  in view of Caldwell et al. (US Patent Application No. 2011/0116442 A1) (Hereinafter Caldwell) in further view of Barton et al. (US Patent Application No.  2014/0108793 A1) (Hereinafter .

As per claims 6 and 17, Horn, Caldwell, in view of Barton does not disclose wherein the environmental data includes geographical data associated with the computing device or the first access point. However, Grant, discloses wherein the environmental data includes geographical data associated with the computing device or the first access point (para 41, 75,  controlling access to computer resources based on location of the user’s computer). It would have been obvious to one with ordinary skill in the art before the effective filing date of the instant application to modify Horn, Caldwell, and  Barton in view of Grant to control access to data over a network based on geographical data associated with the computing device in order to enhance security by ensure only devices at predetermined location can access to the data over the network.

Conclusion

Please see the attached PTO-892 for the prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to MOHAMMAD A SIDDIQI whose telephone number is (571)272-3976. The examiner can normally be reached Monday-Friday.

If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Carl G Colin can be reached on 571-272-3862. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/MOHAMMAD A SIDDIQI/Primary Examiner, Art Unit 2493