Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
1.	Claims 1-2, 8-9 and 15-16 have been amended. Claims 1-20 have been examined.

Response to Arguments
2.	Applicant’s arguments with respect to claims 1, 8 and 15 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.

3.	In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

4.	The text of those sections of Title 35, U.S. Code not included in this action can be found in a prior Office action.



Claim Rejections - 35 USC § 103
5.	Claims 1-3, 5-6, 8-10, 12-13, 15-17 and 19-20 are rejected under 35 U.S.C. 103 as being unpatentable over Summers et al. (U.S. Patent Application Publication 2020/0104538; hereafter “Summers”), and further in view of Walsh et al. (U.S. Patent Application Publication 2016/0371472; hereafter “Walsh”).
	For claims 1, 8 and 15, Summers teaches a method, computing device and non-transitory computer readable storage medium for securing keyboard inputs on a client device executing a client application for accessing a virtual desktop or virtual application hosted on a remote server (note paragraphs [0038]-[0039], endpoint device executes application for accessing VM desktop), comprising:
	at least one processor (note paragraph [0036], processor); and
	memory including instructions that, when executed by the at least one processor (note paragraph [0036], memory stores specialized software that processors run), cause the computing device to perform the steps of:
	receiving a key press input on a keyboard of the client device (note paragraph [0046], block 304, keyboard data is received from a keyboard);
	by a keyboard filter driver operating on the client device (note paragraph [0047], keyboard driver may be modified to perform encryption filter functions), obfuscating a scancode corresponding to the key press input (note paragraph [0046], block 306, keyboard data is encrypted);
	transmitting a key press message containing the obfuscated scancode to the client application (note paragraph [0046], block 308, encrypted keyboard data is transmitted to the operating system);
	transmitting the key press message by the client application to the virtual desktop or virtual application (note paragraph [0046], block 310, encrypted keyboard data is sent to virtual machine server); and
	processing the key press message in the virtual desktop or virtual application, wherein the obfuscated scancode in the key press message is de-obfuscated prior to processing the key press message in the virtual desktop or virtual application (note paragraphs [0044] and [0046], block 312, encrypted keyboard data is decrypted by decryption application in virtual desktop);
	in response to focus being removed from a window of the client application, sending by the client application to the keyboard filter driver a control message containing an instruction for the filter driver to stop obfuscating key press scancodes (note paragraphs [0045]-[0046], block 314, once software application loses focus, command is sent to encryption filter to disengage the encryption mode) and a [[certificate]] for verifying authenticity of the control message (note paragraph [0048], encryption filter can be loaded with certificates to verify commands for entering and/or disengaging an encryption mode as coming only from authentic applications); and
	by the filter driver, verifying that the [[certificate]] is correct and stopping obfuscation of subsequent scancodes in response to the control message (note paragraphs [0046] and [0048], encryption filter verifies disengage command is coming from an authentic application).

	Summers differs from the claimed invention in that they fail to teach:
	a hash of the client application's executable file for verifying authenticity of the control message

	Walsh teaches:
	a hash of the client application's executable file for verifying authenticity of the control message (note paragraphs [0018] and [0040], driver verifies authenticity of requests using hash of binary executable of requesting application).

	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the keyboard data encryption of Summers and the application verification of Walsh. It would have been obvious because a simple substitution of one known element (verifying the authenticity of an application using a hash of the binary executable of Walsh) for another (verifying the authenticity of an application using a certificate of Summers) would yield the predictable results of encrypting keyboard data to protect against key loggers (Summers) where a command to disengage encryption key is verified (Summers) by authenticating the application that sent the command using a hash of the application’s binary executable (Walsh).


	For claims 2, 9 and 16, the combination of Summers and Walsh teaches claims 1, 8 and 15, wherein the memory further includes instructions that when executed by the at least one processor, cause the computing device to perform the steps of:
	detecting that focus is set on the window of the client application and, in response, sending a control message to the keyboard filter driver instructing it to begin obfuscating keyboard scancodes (note paragraphs [0040]-[0041], [0046] of Summers, block 302, once software application hosted by VM desktop has focus, command is sent to encryption filter to start encryption).

	For claims 3, 10 and 17, the combination of Summers and Walsh teaches claims 1, 8 and 15, wherein the obfuscation key is performed by adding a number to the scancode (note paragraph [0041] of Summers, keyboard data is encrypted by adding an encryption key).

	For claims 5, 12 and 19, the combination of Summers and Walsh teaches claims 1, 8 and 15, wherein:
	the keyboard filter driver performs the scancode obfuscation using an obfuscation key (note paragraph [0041] of Summers, keyboard data is encrypted with an encryption key), and wherein the keyboard filter driver conveys the obfuscation key to the client application (note paragraph [0043] of Summers, encryption filter conveys encryption key using index);
	the client application conveys the obfuscation key to the virtual desktop or virtual application (note paragraph [0043] of Summers, client application conveys encryption key to virtual desktop using index); and
	the virtual desktop or virtual application de-obfuscates the obfuscated scancode in the key press message using the obfuscation key (note paragraphs [0044] and [0046] of Summers, block 312, encrypted keyboard data is decrypted by decryption application in virtual desktop).

	For claims 6, 13 and 20, the combination of Summers and Walsh teaches claims 1, 8 and 15, wherein the obfuscation and de-obfuscation of the scancode is performed using public key cryptography (note paragraph [0041] of Summers, encryption key may use public/private key encryption).


6.	Claims 4, 11 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over the combination of Summers and Walsh as applied to claims 1, 8 and 15 above, and further in view of Pemmaraju (U.S. Patent Application Publication 2007/0182714).
	For claims 4, 11 and 18, the combination of Summers and Walsh teaches claims 1, 8 and 15, wherein: the keyboard filter driver performs the scancode obfuscation using an obfuscation key (note paragraph [0041] of Summers, keyboard data is encrypted with an encryption key), and wherein the keyboard filter driver conveys the obfuscation key to the client application (note paragraph [0043] of Summers, encryption filter conveys encryption key using index);

	The combination of Summers and Walsh differs from the claimed invention in that they fail to teach:
	the client application de-obfuscates the obfuscated scancode in the key press message using the obfuscation key; and the client application conveys the key press message with the de-obfuscated scancode to the virtual desktop or virtual application.

	Pemmaraju teaches:
	the client application de-obfuscates the obfuscated scancode in the key press message using the obfuscation key (note paragraph [0026], browser component decrypts encrypted keyboard data); and the client application conveys the key press message with the de-obfuscated scancode to the virtual desktop or virtual application (note paragraphs [0026] and [0028], decrypted keystroke message is sent to the browser for display; in combination with Summers, this would be sent for display in the virtual desktop).

	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the combination of Summers and Walsh and the browser decrypting encrypted keyboard data of Pemmaraju. It would have been obvious because a simple substitution of one known element (decryption of keyboard data by browser of Pemmaraju) for another (decryption of keyboard data by remote virtual desktop of Summers) would yield the predictable results of encrypting keyboard data to protect against key loggers (Summers) where the keyboard data is decrypted by a trusted client browser application (Pemmaraju) before being sent to a remote virtual desktop (Summers).


7.	Claims 7 and 14 are rejected under 35 U.S.C. 103 as being unpatentable over the combination of Summers and Walsh as applied to claims 1, 8 and 15 above, and further in view of Frolov (WO 2018/078212 A1).
	For claims 7 and 14, the combination of Summers and Walsh teaches claims 1 and 8, wherein the keyboard filter driver performs the scancode obfuscation using an obfuscation key (note paragraph [0041] of Summers, keyboard data is encrypted with an encryption key), 

	The combination of Summers and Walsh differs from the claimed invention in that they fail to teach;
	wherein the keyboard filter driver generates a different obfuscation key each time focus is set on the client application window.

	Frolov teaches:
	wherein the keyboard filter driver generates a different obfuscation key each time focus is set on the client application window (note page 12, liens 14-30, when software receives Set Keyboard Focus event it randomly generates tables used for keyboard data encryption, i.e. encryption key).

	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the combination of Summers and Walsh and the changing keyboard encryption key for each focus event of Frolov. It would have been obvious because a simple substitution of one known element (changing encryption key each focus event of Frolov) for another (changing encryption key for each session of Summers, note paragraph [0048]) would yield the predictable results of encrypting keyboard data to protect against key loggers (Summers) where the encryption key is changed each time client application is set to receive focus (Frolov).


Conclusion
8.	The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
	Waterson (U.S. Patent 9,317,701) was submitted as a third-party submission under 37 CFR 1.290 and teaches obfuscation of keyboard inputs (note Fig. 15) and considered by examiner.

	Adler et al. (U.S. Patent Application Publication 2017/0286141) teaches verifying system calls using a hash signature of the file (note paragraph [0022]).

	Katchapalayam et al. (U.S. Patent Application Publication 2019/0370013) teaches a driver verifying an access request by validating a digital signature of the application executable file (note paragraph [0077]).

9.	Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 

10.	Any inquiry concerning this communication or earlier communications from the examiner should be directed to DAVID J PEARSON whose telephone number is (571)272-0711. The examiner can normally be reached 6:00 - 5:30 pm; Monday through Thursday.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Taghi Arani can be reached on (571)272-3787. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/David J Pearson/Primary Examiner, Art Unit 2438