DETAILED ACTION
I.	Claims 1-20 have been examined.
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 11/02/2020 has been considered by the examiner.
Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


Claims 1-20 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by United States Patent Application Publication No. US 20170180363 A1 to Smith et al., hereinafter Smith.
Regarding claim 1, Smith teaches a method in a computing device for providing secure hyper-personalization (paragraph 18), comprising: 
in a secured virtual container executing on the computing device and isolated from an operating system executing on the computing device (paragraph 19): 
storing feature data (Figure 2, paragraph 21, “storage for various variables and resources” and paragraph 25, “the data 152 stored in the TEE 114 may include a first user profile 230, a second user profile 232, a third user profile 234, a first delegate profile 236, a second delegate profile 238, or one or more additional profiles 240 in various embodiments”); 
selecting a first set of features from the stored feature data (paragraph 34, “Reference sample data based at least in part on user characteristics and stored in the user profiles 316 may be used to compare with the generated sample data to determine a match of a first user, a second user, or both users”); 
generating a first inference value for a first inference category based at least in part on the first set of features (paragraph 24, “the classifier module 216 may classify data based on sensor output, application usage patterns, or user interface interaction patterns in a manner such that the data may be associated with particular users and the classifications of particular sensor data patterns, application usage patterns, or user interface interaction patterns may be considered to be user characteristics such that when a user characteristic changes it may be inferred that a user of the computing device 100 has changed”, paragraph 25, “his automatic management of specific profiles may be combined with machine learning of user characteristics, interactions, or behaviors during shared and/or single user sessions to tune the profile-controlled 
and notifying availability of the first inference value corresponding to the first inference category to a broker external to the secured virtual container (Figure 3 and paragraph 36); 
and in the broker in the computing device: 
receiving the first inference value from the secured virtual container (paragraphs 18 and 36); 
and providing the first inference value to at least one running process in the operating system, wherein the at least one running process is configured to perform a personalization operation based at least in part on the first inference value (paragraph 21, “enforce respective access rights simultaneously for a plurality of users. In embodiments, a continuous passively authenticated context may be maintained for each of the plurality of users.”, paragraph 22, “The logged-in user may access the resources with a first set of resource access rights while a second delegate user may access the resources with a different set of access rights.”, paragraph 24, “The secure modules 150 of the TEE 114 may include a contextual authentication module 210 that may be associated with particular users and the classifications of particular sensor data patterns, application usage patterns, or user interface interaction patterns may be considered to be user characteristics such that when a user characteristic changes it may be inferred that a user of the computing device 100 has changed.”, and paragraph 36, “The logged-in user 326 may access the resources 332 with a set of resource access rights while the delegate user 328 may access the resources 332 with a different set of access rights. ”).
Regarding claim 2, Smith teaches wherein the first inference value is generated by a first inference generation model included in the secured virtual container (paragraph 24).
Regarding claim 3, Smith teaches wherein the feature data and the first inference generation model are maintained securely to each be inaccessible outside the secured virtual container (paragraph 19).
Regarding claim 4, Smith teaches wherein feature data includes at least one of transient data, personal data specific to at least one user of the computing device, and policies to be enforced by the computing device (paragraph 25, “Profiles may also be used to restrict content for use by children to allow parental control of browsing, application usage, and in-app purchasing. In embodiments, automatic device state based profile settings may be applied on a per-application and a per-service basis. For example, the contextual authentication module 210 may distinguish user one 170 using 
Regarding claim 5, Smith teaches wherein transient data comprises short-term operating data collected by the computing device within a pre-determined recent time interval, operating data comprising at least one of: the lock state of the computing device, the identity of the at least one user of the computing device, the location of the computing device, policy violations on the computing device, the identity of persons 
Regarding claim 6, Smith teaches wherein personal data specific to at least one user comprises at least one of the following types of data corresponding to the at least one user: risk profile, financial profile, habits, hobbies, relationships, demographic data and application personalization data (paragraph 27, “user characteristics such as application usage patterns or user interface interaction patterns with particular users”).
Regarding claim 7, Smith teaches wherein the first inference generation model comprises a suitably trained machine learning model configured to output the first inference value (paragraph 27, “During the training process, the classifier module 216 may use machine learning to associate biometric user characteristics such as hand movement, gait, or image patterns based at least in part on sensor data with particular users.”).
Regarding claim 8. Smith teaches wherein the secured virtual container and the operating system are each executing through a shared hypervisor (paragraphs 17, 18, 19, 21, and 24).
Regarding claim 9, Smith teaches receiving additional feature data at the secured virtual container at a time subsequent to receiving the feature data, the additional feature data at least reflecting changes in the first set of features; merging the additional feature data with the first set of features to provide a second set of features; providing the second set of features to the first inference generation model, the first inference generation model further configured to generate a second inference value 
Regarding claim 10, Smith discloses a system, comprising: 
one or more processor circuits (paragraph 17); 
one or more memory devices connected to the one or more processor circuits, the one or more memory devices storing computer program logic for execution by the one or more processor circuits (paragraph 17), 
the computer program logic comprising: 
an operating system (paragraphs 19 and 21); 
a secured virtual container isolated from the operating system (paragraph 19); 
a personalization broker executing in the operating system (Figure 3 and paragraph 36); 
a personalization data processor executing in the secured virtual container and configured to: 
store feature data (Figure 2, paragraph 21, “storage for various variables and resources” and paragraph 25, “the data 152 stored in the TEE 114 may include a first user profile 230, a second user profile 232, a third user profile 234, a first delegate profile 236, a second delegate profile 238, or one or more additional profiles 240 in various embodiments”); 

generate a first inference value for a first inference category based at least in part on the first set of features (paragraph 24, “the classifier module 216 may classify data based on sensor output, application usage patterns, or user interface interaction patterns in a manner such that the data may be associated with particular users and the classifications of particular sensor data patterns, application usage patterns, or user interface interaction patterns may be considered to be user characteristics such that when a user characteristic changes it may be inferred that a user of the computing device 100 has changed”, paragraph 25, “his automatic management of specific profiles may be combined with machine learning of user characteristics, interactions, or behaviors during shared and/or single user sessions to tune the profile-controlled behavior for the applications and services to the user or combination of users” and paragraph 34, “The CAT system 304 may include biometric and/or behaviometric machine learning (ML) classifiers 318 that may be used to generate sample data suitable for establishing a user identity based at least in part on user characteristics such as biometric or behaviometric information. Reference sample data based at least in part on user characteristics and stored in the user profiles 316 may be used to compare with the generated sample data to determine a match of a first user, a second user, or both users.”); 

and the personalization broker configured to: receive the first inference value from the personalization data processor (paragraphs 18 and 36); 
and provide the first inference value to at least one running process in the operating system, wherein the at least one running process is configured to perform a personalization operation based at least in part on the first inference value (paragraph 21, “enforce respective access rights simultaneously for a plurality of users. In embodiments, a continuous passively authenticated context may be maintained for each of the plurality of users.”, paragraph 22, “The logged-in user may access the resources with a first set of resource access rights while a second delegate user may access the resources with a different set of access rights.”, paragraph 24, “The secure modules 150 of the TEE 114 may include a contextual authentication module 210 that includes a sensor processing module 212, a profile selection module 214, and a classifier module 216. In various embodiments, the classifier module 216 may classify data based on sensor output, application usage patterns, or user interface interaction patterns in a manner such that the data may be associated with particular users and the classifications of particular sensor data patterns, application usage patterns, or user interface interaction patterns may be considered to be user characteristics such that when a user characteristic changes it may be inferred that a user of the computing device 100 has changed
Regarding claim 11, Smith discloses wherein the first inference value is configured to be generated by a first inference generation model included in the personalization data processor (paragraph 24).
Regarding claim 12, Smith discloses wherein the first inference generation model comprises a suitably trained machine learning model configured to output the first inference value (paragraph 25, “Profiles may also be used to restrict content for use by children to allow parental control of browsing, application usage, and in-app purchasing. In embodiments, automatic device state based profile settings may be applied on a per-application and a per-service basis. For example, the contextual authentication module 210 may distinguish user one 170 using social networking application A hosted by social network server 164, users two and three using video streaming service B hosted by media server 162, etc., and manage specific profiles for each. In embodiments, this automatic management of specific profiles may be combined with machine learning of user characteristics, interactions, or behaviors during shared and/or single user sessions to tune the profile-controlled behavior for the applications and services to the user or combination of users.”, paragraph 26, “ the user characteristics templates 242 are based on biometric or behaviometric data generated by a machine learning classifier. In various embodiments, the user characteristics templates 242 may be included as a part of the user profiles. For example, the first user profile 230 may contain the first template 244, the second user profile 232 may contain the second template 246, and/or the third user profile 234 may contain the third template 248 in embodiments. The data 152 may also include a user focus identifier 260 in various embodiments”, and paragraph 27, “The classifier module 216 may also use machine 
Regarding claim 13, Smith discloses wherein the secured virtual container is further configured to maintain the feature data and the first inference generation model are securely such that each is inaccessible outside the secured virtual container (paragraph 25, “Profiles may also be used to restrict content for use by children to allow parental control of browsing, application usage, and in-app purchasing. In embodiments, automatic device state based profile settings may be applied on a per-application and a per-service basis. For example, the contextual authentication module 210 may distinguish user one 170 using social networking application A hosted by social network server 164, users two and three using video streaming service B hosted by media server 162, etc., and manage specific profiles for each. In embodiments, this automatic management of specific profiles may be combined with machine learning of user characteristics, interactions, or behaviors during shared and/or single user sessions to tune the profile-controlled behavior for the applications and services to the user or combination of users.”, paragraph 26, “ the user characteristics templates 242 are based on biometric or behaviometric data generated by a machine learning classifier. In various embodiments, the user characteristics templates 242 may be included as a part of the user profiles. For example, the first user profile 230 may contain the first template 244, the second user profile 232 may contain the second 
Regarding claim 14, Smith discloses wherein feature data comprises at least one of transient data, personal data specific to at least one user of the computing device, and policies to be enforced by the computing device (paragraph 27, “user characteristics such as application usage patterns or user interface interaction patterns with particular users”).
Regarding claim 15, Smith discloses wherein transient data comprises short-term operating data collected by the computing device within a pre-determined recent time interval, operating data comprising at least one of: the lock state of the computing device, the identity of the at least one user of the computing device, the location of the computing device, policy violations on the computing device, the identity of persons physically present with the at least one user of the computing device, the task being performed on the computing device, reminders, SMS or MMS messages, emails, memory and/or file access signals, application states and application specific data (paragraph 25, “Profiles may also be used to restrict content for use by children to allow parental control of browsing, application usage, and in-app purchasing. In 
Regarding claim 16. Smith discloses wherein personal data specific to at least one user comprises at least one of the following types of data corresponding to the at 
Regarding claim 17, Smith discloses wherein the secured virtual container and the operating system are each configured to execute through a shared hypervisor (paragraphs 17, 18, 19, 21, and 24).
Regarding claim 18. Smith discloses wherein the personalization data processor is further configured to: receive additional feature data at a time subsequent to receiving the feature data, the additional feature data at least reflecting changes in the first set of features; merge the additional feature data with the first set of features to provide a second set of features; provide the second set of features to the first inference generation model, the first inference generation model further configured to generate a second inference value based at least in part on the second set of features; and in response to a request received from the personalization broker for the inference value corresponding to the first inference category, and at a time subsequent to the receipt of the additional feature data, provide the second inference value to the personalization broker.
Regarding claim 19, Smith discloses a computer program product comprising a computer-readable memory device having computer program logic recorded thereon that when executed by at least one processor of a computing device causes the at least one processor to perform operations, the operations comprising: 
executing a personalization broker in an operating system running on the computing device; executing a secured virtual container on the computing device, the secured 
store feature data (Figure 2, paragraph 21, “storage for various variables and resources” and paragraph 25, “the data 152 stored in the TEE 114 may include a first user profile 230, a second user profile 232, a third user profile 234, a first delegate profile 236, a second delegate profile 238, or one or more additional profiles 240 in various embodiments”); 
select a first set of features from the stored feature data (paragraph 34, “Reference sample data based at least in part on user characteristics and stored in the user profiles 316 may be used to compare with the generated sample data to determine a match of a first user, a second user, or both users”); 
generate a first inference value for a first inference category based at least in part on the first set of features (paragraph 24, “the classifier module 216 may classify data based on sensor output, application usage patterns, or user interface interaction patterns in a manner such that the data may be associated with particular users and the classifications of particular sensor data patterns, application usage patterns, or user interface interaction patterns may be considered to be user characteristics such that when a user characteristic changes it may be inferred that a user of the computing device 100 has changed”, paragraph 25, “his automatic management of specific profiles may be combined with machine learning of user characteristics, interactions, or behaviors during shared and/or single user sessions to tune the profile-controlled behavior for the applications and services to the user or combination of users” and paragraph 34, “The CAT system 304 may include biometric and/or behaviometric 
and notify availability of the first inference value corresponding to the first inference category to the personalization broker (Figure 3 and paragraph 36); 
and the personalization broker configured to: receive the first inference value from the secured virtual container (paragraphs 18 and 36); 
and provide the first inference value to at least one running process in the operating system, wherein the at least one running process is configured to perform a personalization operation based at least in part on the first inference value (paragraph 21, “enforce respective access rights simultaneously for a plurality of users. In embodiments, a continuous passively authenticated context may be maintained for each of the plurality of users.”, paragraph 22, “The logged-in user may access the resources with a first set of resource access rights while a second delegate user may access the resources with a different set of access rights.”, paragraph 24, “The secure modules 150 of the TEE 114 may include a contextual authentication module 210 that includes a sensor processing module 212, a profile selection module 214, and a classifier module 216. In various embodiments, the classifier module 216 may classify data based on sensor output, application usage patterns, or user interface interaction patterns in a manner such that the data may be associated with particular users and the classifications of particular sensor data patterns, application usage patterns, or user interface interaction patterns may be considered to be user characteristics such that when a user characteristic changes it may be inferred that a user of the computing device 100 has changed.”, and paragraph 36, “The logged-in user 326 may access the resources 332 with a set of resource access rights while the delegate user 328 may access the resources 332 with a different set of access rights.”).
Regarding claim 20, Smith discloses wherein the secured virtual container is further configured to: receive additional feature data at a time subsequent to receiving the feature data, the additional feature data at least reflecting changes in the first set of features; merge the additional feature data with the first set of features to provide a second set of features; generate a second inference value for the first inference category based at least in part on the second set of features; and in response to a request received from the personalization broker for the inference value corresponding to the first inference category, and at a time subsequent to receiving the additional feature data, provide the second inference value to the personalization broker.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. The references cited on form PTO-892 are cited to further show the state of the art with respect to secure virtual environments.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JEREMIAH L AVERY whose telephone number is (571)272-8627. The examiner can normally be reached M-F 8:30am -5:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn Feild can be reached on 571-272-2092. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



/JEREMIAH L AVERY/Primary Examiner, Art Unit 2431