DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claims 1, 2, 6-10, 12, 13, 17 and 18 are allowed.

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 2/22/22 has been entered.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 2/23/22 are being considered by the examiner.

EXAMINER’S AMENDMENT
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner’s amendment was given in an interview with Sikander Khan on 3/9/22.
The application has been amended as follows: 

1.  (Currently Amended)  A computer-implemented method of enforcing data loss prevention policies on resource-level transactions that do not identify resource data, the method including: 
intercepting resource-level transactions originated from endpoints that request copying of an organization's resources on cloud storage services from controlled locations to uncontrolled locations, wherein the resource-level transactions do not identify data stored in the resources, and the controlled locations are subject to inspection for data loss prevention by a network security system while the uncontrolled locations are not subject to inspection for data loss prevention by the network security system; 
comparing substrings in the resource-level transactions to entries in a resource list that identifies the organization's resources on the cloud storage services; 
finding matches based on the comparison and classifying the resource-level transactions as malicious data egress attempts; and 
blocking the malicious data egress attempts by preventing the copying, and thereby enforcing the data loss prevention policies, wherein cloud-based inline proxies interposed between the endpoints from which the resource-level transactions originate and the cloud storage services perform the intercepting, the comparing, the finding and classifying, and the blocking.

3-5. (Cancelled).

6.  (Currently Amended) The computer-implemented method of claim 1, wherein the resource list is maintained in cloud-based metadata stores.

11. (Cancelled). 

12. (Currently Amended) A non-transitory computer readable storage medium impressed with computer program instructions to enforce data loss prevention policies on resource-level transactions that do not identify resource data, the instructions, when executed on a processor, implement a method comprising: 
intercepting resource-level transactions originated from endpoints that request copying of an organization's resources on cloud storage services from controlled locations to uncontrolled locations, wherein the resource-level transactions do not identify data stored in the resources, and the controlled locations are subject to inspection for data loss prevention by a network security system while the uncontrolled locations are not subject to inspection for data loss prevention by the network security system; 
comparing substrings in the resource-level transactions to entries in a resource list that identifies the organization's resources on the cloud storage services; 
finding matches based on the comparison and classifying the resource-level transactions as malicious data egress attempts; and 
blocking the malicious data egress attempts by preventing the copying, and thereby enforcing the data loss prevention policies, wherein cloud-based inline proxies interposed between the endpoints from which the resource-level transactions originate and the cloud storage services perform the intercepting, the comparing, the finding and classifying, and the blocking.

14-16.  (Cancelled).

17. (Currently Amended) A system including one or more processors coupled to memory, the memory loaded with computer instructions to enforce data loss prevention policies on resource-level 
intercepting resource-level transactions originated from endpoints that request copying of an organization's resources on cloud storage services from controlled locations to uncontrolled locations, wherein the resource-level transactions do not identify data stored in the resources, and the controlled locations are subject to inspection for data loss prevention by a network security system while the uncontrolled locations are not subject to inspection for data loss prevention by the network security system; 
comparing substrings in the resource-level transactions to entries in a resource list that identifies the organization's resources on the cloud storage services; 
finding matches based on the comparison and classifying the resource-level transactions as malicious data egress attempts; and 
blocking the malicious data egress attempts by preventing the copying, and thereby enforcing the data loss prevention policies, wherein cloud-based inline proxies interposed between the endpoints from which the resource-level transactions originate and the cloud storage services perform the intercepting, the comparing, the finding and classifying, and the blocking.

19-20.  (Cancelled).

EXAMINER’S COMMENTS
This communication warrants No Examiner's Reason for Allowance, applicant's reply make evident the reasons for allowance, satisfying the “record as a whole” proviso of the rule 37 CFR 1.104(e). Specifically, examiner initiated interview to propose amendment to further clarify inventive concept, as 
Any comments Applicants considers necessary must be submitted no later than the payment of the Issue Fee and to avoid processing delays, should preferable accompany the Issue Fees. Such submission should be clearly labeled "Comments on Statement of Reasons for Allowance". In event of any post-allowance papers (e.g. IDS, 312 amendment, petition, etc.), Applicant is exhorted to mail papers to the Production Control branch in Publications or faxed to post-allowance papers correspondence branch at (703) 308-5864 to expedite issuing process or call PUB's Customer Service if any questions at (703) 305-8497. 

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Khurshid et al. U.S. Pub. No. 20210367976 discloses method for data loss prevention management.
Shinde et al. U.S. Pat. No. 10248797 discloses method for zero-day DLP protection having enhanced file upload processing.
Pai et al. U.S. Pub. No. 20170353496 discloses hardware-based virtualized security isolation.
Chandrasekhar U.S. Pat. No. 9692759 discloses control of cloud application access for enterprise customers.
Mclean et al. U.S. Pub. No. 20150074744 discloses method for managing data security by preventing an application from sending a protected file to another computing device over a communication network.
Lu et al. U.S. Pat. No. 8365243 discloses image leak prevention using geotagging.

Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn Feild can be reached on 571-272-2092. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/SHIN-HON (ERIC) CHEN/Primary Examiner, Art Unit 2431