DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Amendment
This action is in response to the communications and remarks filed on 02/18/2022. Claims 1 and 11 have been amended. Claims 1-20 have been examined and are pending.
Response to Arguments
Applicant’s Amendments necessitated a new ground of rejection; accordingly, Applicant’s arguments see pages 7-8 of remarks, filed 02/18/2022, with respect to amended independent claim 1, Pulapaka (2018/0198824 A1), have been considered but are moot in view of the new ground of rejections Banga et al., hereinafter (“Banga”), US PG Publication (20150143374 A1), was submitted in 02/18/2022 IDS, in view of Barton et., hereinafter (“Barton”), US PG Publication (20140040979 A1), was submitted in 09/28/2021 IDS applied below.
Applicant’s Amendments necessitated a new ground of rejection; accordingly, Applicant’s arguments see pages 9-11 of remarks, filed 02/18/2022, with respect to amended independent claim 11, Pulapaka (2018/0198824 A1), in view of Barton, (2014/0040979 A1), have been considered but are moot in view of the new ground of rejections Barton et., hereinafter (“Barton”), US PG Publication (20140040979 A1), was submitted in 09/28/2021 IDS, in view of Banga et al., hereinafter (“Banga”), US PG Publication (20150143374 A1), was submitted in 02/18/2022 IDS applied below.

Applicants’ arguments in the instant Amendment, filed on 02/18/2022, with respect to limitations listed below, have been fully considered but they are not persuasive.
Applicant’s arguments: “...Rejections of Independent Claim 1...First, Pulapaka does not teach or suggest a second memory space used by the isolated computing environment and a first memory space used by the workspace. The Office alleges that: (i) the claimed "isolating computing environment" corresponds to the HVSI subsystem 110 in Pulapaka;6 and (ii) the claimed "workspace" corresponds to the host operation system 102 in Pulapaka.7 However, the HVSI subsystem 110 and the host operation system 102 do not use separate memory spaces. 
		Pulapaka may mention using multiple memory spaces for virtual addresses, but those memory spaces can only be used by the containers 130(n).8 That is the multiple memory spaces cannot be used by the HVSI subsystem 110. So, contrary to what is alleged by the Office Action, Pulapaka does not teach a second memory space used by the HVSI subsystem 110 and a first memory space used by the host operation system 102. Accordingly, Pulapaka does not teach or suggest a second memory space used by the isolated computing environment and first memory space used by the workspace. 
		Second, Pulapaka does not teach or suggest providing an isolation between the first and second memory spaces. The Office Action alleges that: (i) the claimed "internal isolation firewall" corresponds to the security subsystem 120 in Pulapaka;9 and (ii) the claimed "first memory space" and "second memory space" correspond to the containers 130(n) in... Therefore, Pulapaka does not teach "implement an internal isolation firewall to isolate the second memory space used by the isolated computing environment from the first memory space used by the workspace," as recited in claim 1. Consequently, independent claim 1, and the claims that depend therefrom, are patentable over the cited refences, whether alone or in combination, for at least the reasons above. Accordingly, Applicant requests that the rejections under 35 U.S.C. § 102 and 35 U.S.C. § 103 be withdrawn.” 
The Examiner respectfully submits that a new ground of rejections have been made due to Applicant’s amendments as seen below. Pulapaka is no longer cited to teach the amendments to claim 1.
Applicant’s arguments: “...Rejection of Independent Claim 11 The Office Action rejects claims 11-20 under 35 U.S.C. § 103 for allegedly being 
unpatentable over Pulapaka in view of Barton12.13 Applicant disagrees with these rejections. As amended, independent claim 11 recites, "isolate, using an internal isolation firewall, an isolated computing environment using a second memory space from a workspace using a first memory space." But Pulapaka and Barton do not teach or suggest this feature. 
		First, Pulapaka does not teach or suggest a second memory space used by the isolated computing environment and a first memory space used by the workspace. The Office alleges that: (i) the claimed "isolating computing environment" corresponds to the HVSI subsystem 110 in Pulapaka;14 and (ii) the claimed "workspace" corresponds to the host operation system 102 in Pulapaka.15 However, the HVSI subsystem 110 and the host operation system 102 do not use separate memory spaces. Pulapaka may mention using multiple memory spaces for virtual addresses, but those memory spaces can only be used by the containers 130(n).16 
		Second, Pulapaka does not teach or suggest providing an isolation between the first and second memory spaces. The Office Action alleges that: (i) the claimed "internal isolation firewall" corresponds to the security subsystem 120 in Pulapaka;17 and (ii) the claimed "first memory space" and "second memory space" correspond to the containers 130(n) in Pulapaka.18 
		However, in Pulapaka there is nothing isolating any of the memory spaces or the containers 130(n). This is because Pulapaka does not isolate the memory spaces or the containers. And the security subsystem 120 in Pulapaka is merely used to verify a user logging on to a device implementing the host operating system 102, handle password changes for the logged on user, or create access tokens for a logged on user.19 There is no mention of the security subsystem 120 providing any isolation to the containers 130(n), much less providing isolation to any separate memory spaces. As such, Pulapaka does not teach or suggest providing an isolation between the first and second memory spaces. 
		Therefore, Pulapaka does not teach "isolate, using an internal isolation firewall, an isolated computing environment using a second memory space from a workspace using a first memory space," as recited in claim 11.”
The Examiner respectfully submits that a new ground of rejections have been made due to Applicant’s amendments as seen below. Pulapaka is no longer cited to teach the amendments to claim 1.
Applicant’s arguments: “Second, Barton also does not teach or suggest "isolate, using an internal isolation firewall, an isolated computing environment using a second memory space from a workspace using a first memory space," nor does the Office allege it teaches this feature.20 Barton is only cited by the Office for allegedly teaching a border firewall configured to prevent unauthorized communication between the local network and untrusted network destinations.21 As such, Barton does not cure the deficiencies of Pulapaka...” 
The Examiner respectfully submits that a new ground of rejections have been made due to Applicant’s amendments as seen below.
Acknowledgement of Applicant's response to obviousness-type double patenting and is further noted as set forth in the Non-Final Office Action mailed 10/18/2021. However, the terminal disclaimers for 15/637,951 and 15/637,878 have been held in abeyance per Applicant’s request. Examiner maintains the Double Patenting rejection.
Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159.  See MPEP §§ 706.02(l)(1) - 706.02(l)(3) for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Claim 1 and 11 are provisionally rejected on the ground of nonstatutory double patenting as being unpatentable over claim 1 of copending Application Nos. 15/637,951 and 15/637,878, respectively. Although the claims at issue are not identical, they are not patentably distinct from each other because of the use of a workspace of an internal or isolated network separate from a private network, coupled with a firewall allow or disallowing communications based on controlling the potential malware presence.
Instant Application 16/146,490
US PG Publication
15/637,951 
US PG Publication
15/637,878
Claim 1
1. A host computer system configured to connect to a network, wherein the host computer system comprises:



a processor configured to:

implement a workspace, wherein the workspace is  configured to use a first memory space and is configured to enable operation of a first set of one or more applications or processes

implement an isolated computing environment, wherein the isolated computing environment is configured to use a first memory space and is configured to enable operation of a second set of one or more applications or processes 

 implement an internal isolation firewall to isolate the second memory space [[of]] used by the isolated computing environment from the first memory space [[of]] used by the workspace using an internal isolation firewall, wherein the internal isolation firewall is configured to prevent data from being communicated between the isolated computing environment and the workspace; and 

implement one or more mechanisms that prevent malware from receiving communication from the network.
Claim 1 
1. A host computer system, wherein the host computer system comprises a processor and memory configured to implement at least:

a first memory space that is configured to enable storage and operation of a workspace configured to execute a first set of one or more applications and processes running on a trusted operating system of the host computer system;

a second memory space that is configured to enable storage and operation of a second set of one or more applications and processes associated with a sandboxed computing environment configured to run on the trusted operating system, wherein the second set of one or more applications and processes comprise a first browser process configured to operate within the sandboxed computing environment, the first browser process being configured to access the Internet and other untrusted resources;

a sandbox container process that enforces the sandboxed computing environment, wherein the sandbox container process segregates the workspace associated with the first memory space from the sandboxed computing environment associated with the second memory space, and wherein the sandbox container process is configured to prevent data from being communicated between the sandboxed computing environment and the workspace without an explicit user input, and wherein the sandbox container process is configured to:

determine that a second browser process operating in the workspace is attempting to access an untrusted network destination;

configure an instance of the second browser process in the sandboxed computing environment to access the untrusted network destination;
determine that the first browser process operating in the sandboxed computing environment is attempting to access a trusted network destination; and

configure an instance of the first browser process in the workspace in order to access the trusted network destination; and

a first firewall configured to operate between the workspace of the first memory space and a local area network (LAN), wherein the first firewall is configured to determine whether the host computer system is connected to a trusted LAN or an untrusted LAN, wherein the first firewall implements a first configuration when the host computer system is connected to the trusted LAN and a second configuration when the host computer system is connected to the untrusted LAN, wherein the second configuration is such that the first firewall prevents unauthorized communication between the first set of one or more applications and processes and one or more untrusted network destinations.

Claim 1
18. A host computer system configured to connect to a trusted local area network (LAN), the host computer system comprising:

a processor and memory configured to:

configure a first memory space that is configured to enable storage and operation of a workspace configured to execute a first set of one or more applications and processes running on an operating system of the host computer system, the first set of one or more applications and processes allowed to execute in the workspace comprising a first browser process; and

configure a second memory space that is configured to enable storage and operation a second set of one or more applications and processes associated with a sandboxed computing environment configured to run on the operating system, wherein the second memory space is isolated from the first memory space, the second set of one or more applications and processes allowed to execute in the sandboxed computing environment comprising a second browser process;
determine a first network destination;

determine whether the first network destination is trusted or untrusted;
if the first network destination is determined to be trusted, provide access to the trusted network destination via the first browser process executed in the workspace; and

if the first network destination is determined to be untrusted, provide access to the untrusted network destination via the second browser process executed in the sandboxed computing environment.


This is a provisional nonstatutory double patenting rejection because the patentably indistinct claims have not in fact been patented.
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 02/18/2022 was filed after the mailing date of the Non-Final on 10/18/2021.  The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner. 

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 1-2, 7-8 and 10 are rejected under 35 U.S.C. 103 as being unpatentable over Banga et al., hereinafter (“Banga”), US PG Publication (20150143374 A1), was submitted in 02/18/2022 IDS, in view of Barton et., hereinafter (“Barton”), US PG Publication (20140040979 A1), was submitted in 09/28/2021 IDS.
Regarding currently amended claim 1, Banga teaches a host computer system configured to connect to a network, wherein the host computer system comprises:  [Banga, ¶¶0025, 0033, and 0036: Fig. 2 shows client as any type of Internet endpoint or computer system capable of connecting to a network]

a processor configured to:  [Banga, ¶¶0038 and 0118: client 200 executes  processes on hardware 210 as part of a computer system shown in Fig. 9 that includes: processor 904]
implement a workspace, wherein the workspace is configured to use a first memory space and is configured to enable operation of a first set of one or more applications or processes  [ Banga, ¶¶0048-0051: A LVM 240 (a first memory space) serves as the primary entity being managed by the IT administrator and is responsible for storing the main file system 242 of client 200, which typically run only infrastructure OS programs (a workspace) and trusted enterprise applications.]
implement an isolated computing environment, wherein the isolated computing environment is configured to use a second memory space and is configured to enable operation of a second set of one or more applications or processes [Banga, ¶¶0034-0036 and 0037-0038: Through micro-virtualization techniques (an isolated computing environment) employs efficient mechanism for eliminating the risk of executing untrusted code and/or the client 200 separately executes processes as part of VMs 230, 240, 250, 260  on hardware 210. The VM0 (i.e., VM0 230 of FIG. 2) (a second memory space), is secured so that VM0 may serve as the root of trust with a guaranteed integrity. VM0 may contain core operating system 232 and one or more applications 234 (a second set of one or more applications or processes).  ¶0041: VM0 230 may be permanently disconnected from any network (i.e., VM0 230 is not connected to any local network or the Internet). Specifically, VM0 230 may not contain any type of networking stack, such as a TCP/IP network stack.]
implement an internal isolation firewall to isolate the second memory space [[of]] used by the isolated computing environment from the first memory space [[of]] used by the workspace using an internal isolation firewall, wherein the internal isolation firewall is being configured to prevent data from being communicated between the isolated computing environment and the workspace user[ Banga, ¶0048: operating system 244 (corresponds to Microsoft Windows OS or any other general purpose OS such as Linux or MacOS) of LVM 240. ¶0051: the network access of LVM 240 is restricted to just the corporate network as implemented by firewall VM 250. Firewall VM 250 is a specialized virtual machine that comprises firewall software/applications to restrict network access of VMs running in client 200 to appropriate and/or necessary network access points. Such practice is consistent with the need for only the responsible IT administrator to be capable of connecting to LVM 240 to manage LVM 240 and processes executing therein.] and 
While Banga teaches one or more mechanisms that prevent malware host [Banga, ¶0033: use of fine-grained operating system (OS) virtualization to secure an Internet endpoint from being compromised by malicious code. ¶0054: a Untrusted Code Virtual Machine (UCVM) is created by (a) cloning a copy of legacy virtual machine (LVM) 240, or a stripped-down version of LVM 240, in memory. Each UCVM possesses its own instance or copy of the operating system, which is isolated and separate from the main operating system (including its code and data) executing within VM0 230 or LVM 240]; however, Banga fails to explicitly teach but Barton teaches implement one or more mechanisms that prevent malware host from receiving communication from the network.  [Barton, ¶¶0098-0099: local data transfer to prevent data from being locally transferred outside the application container; preventing both replay and cryptanalytic attacks. See also ¶0271: client agent application may serve as “sandbox” preventing malicious application from accessing other areas of a mobile device]
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to combine the teachings of securing an internet endpoint using fine-grained operating system virtualization of Banga before him or her by including the teachings of a policy-based application management of Barton. The motivation/suggestion would have been obvious to try the virtualization aspects of VM230 and VM240 of Banga with the client agent applications of preventing attacks of Barton [¶¶0098-0099 and 0271].  
Regarding claim 2, the combination of Banga and Barton teach claim 1 as described above.
Banga teaches wherein the communication comprises one or more of instructions to gather data, instructions to exfiltrate data, instructions to destroy data, instructions to encrypt data, instructions to download additional malware, or instructions to execute the additional malware.  [Banga, ¶0126: receive data]
 Regarding currently amended claim 7, the combination of Banga and Barton teach claim 1 as described above.
Banga teaches wherein when the malware is received by the workspace, the internal isolation firewall is configured to prevent the malware from communicating with the network via the isolated computing environment.   [See Banga, ¶¶0039-0040: through efficient use of micro-virtualization  (the internal isolation firewall) techniques while employing full OS virtualization, perform separate VMs so all potential malicious code can be destroyed after executing on its own VM. ¶0048: operating system 244 (corresponds to Microsoft Windows OS or any other general purpose OS such as Linux or MacOS) of LVM 240. ¶0051: the network access of LVM 240 is restricted to just the corporate network as implemented by firewall VM 250...]
 Regarding claim 8, the combination of Banga and Barton teach claim 1 as described above.
Banga teaches wherein the isolated computing environment is a sandboxed computing environment enforced by a sandbox container process that enables the internal isolation firewall.  [Banga, ¶¶0015 and 0034-0035: the invention use of dynamic operating system (OS) micro-virtualization creates a level of sandboxing; where the VM include virtual containers like Intel® SGX and User-Mode Linux (UML) to emulate this environment, as Examiner interprets.]
Regarding claim 10, the combination of Banga and Barton teach claim 1 as described above.
However, Banga fails to explicitly teach but Barton teaches wherein the processor is configured to classify network destinations as trusted or untrusted based on one or more of a whitelist comprising a list of trusted network destinations or a blacklist comprising a list of untrusted network destinations.  [Barton, ¶0249: URL filtering (whitelist/blacklist)] 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to combine the teachings of securing an internet endpoint using fine-grained operating system virtualization of Banga before him or her by including the teachings of a policy-based application management of Barton. The motivation/suggestion would have been obvious to try to content-filtering and policy aspects of Barton [Barton, ¶¶0248-0249].  
Claim 3-6 and 13 are rejected under 35 U.S.C. 103 as being unpatentable over Banga et al., hereinafter (“Banga”), US PG Publication (20150143374 A1), was submitted in 02/18/2022 IDS, in view of Barton et., hereinafter (“Barton”), US PG Publication (20140040979 A1), was submitted in 09/28/2021 IDS, in view of Kotler et al., hereinafter ("Kotler"), US PG Publication (20160308895 A1).
Regarding claim 3, the combination of Banga and Barton teach claim 1 as described above.
While Banga teaches one or more mechanisms that prevent malware [Barton, ¶¶0098-0099: local data transfer be prevent data from being locally transferred outside the application container; preventing both replay and cryptanalytic attacks ]; however, Banga fails to explicitly teach the combination of Banga and Barton fail to explicitly teach but the Todd teaches comprising one or more mechanisms are configured to prevent the malware from establishing a command channel with the network [Kotler, ¶¶0082 and 0091-0092: re-simulation and verification of breach configurations in order to prevent the potential breach; an example scenario includes: the command and command channels can be impacted by malware communications.]
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to combine the teachings of Banga and Barton before him or her by including the teachings of a system and method for securing a computer system against malicious actions by utilizing virtualized elements of Kotler. The motivation/suggestion would have been obvious to try to features of a re-simulation to identify breaches by malware communications in attempts to establish a command channel [Kotler, ¶¶0082 and 0091-0092].  
Regarding currently amended claim 4, the combination of Banga, Barton, and Kotler teach claim [[1]] 3 as described above.
While Banga teaches the host computer system [See Banga, ¶¶0025, 0033, and 0036: Fig. 2 shows client as any type of Internet endpoint or computer system]; however, Banga fails to explicitly teach but the combination of Banga and Barton teach wherein the one or more mechanisms comprise a host-based firewall, the host-based firewall configured to:
when the host computer system is connected to a trusted network, block incoming traffic from other devices on the trusted network;  [Barton, Abstract: “Managed applications are typically allowed to exchange data with other managed applications, but are blocked from exchanging data with other applications”. ¶¶0553-0535: an improved technique for managing enterprise applications on mobile devices by creating a managed, selectively prohibiting from sharing files with unmanaged mobile devices (block incoming traffic from other devices on the trusted network). ¶¶00549, 0555, and 0560: a managed operation mode of the managed partition 310 of mobile device 302 (the host computer system) may connect to enterprise resources 304 and enterprise services 308 through virtual private network connections/microVPNs (a trusted network).] and
when the host computer system is connected to an untrusted network, block outgoing traffic from and incoming traffic to the workspace of the host computer system.  [Barton, Abstract: “Managed applications are typically allowed to exchange data with other managed applications, but are blocked from exchanging data with other applications”. ¶¶0560, 0564, and 0585: an application running in managed mode may connect to enterprise resources 304 and enterprise services 308 through virtual private network connections, as described about with reference to FIG. 3. The virtual private network connections may be microVPNs. an application running in the less secure managed mode may have access to secure data container 328, but might not be able to connect to enterprise resources 304 and enterprise services 308 (block outgoing traffic from and incoming traffic to the workspace of the host computer system) through virtual private network connections. The mobile device 302 through the access gateway 360 may access the application store 378, through the public Internet 348 (an untrusted network) providing access to unwrapped applications 380 and pre-wrapped applications 382.]
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to combine the teachings of securing an internet endpoint using fine-grained operating system virtualization of Banga before him or her by including the teachings of a policy-based application management of Barton. The motivation/suggestion would have been obvious to try the client features of an Internet endpoint of Banga with the microVPN aspects of Barton with features of a re-simulation to identify breaches by malware communications in attempts to establish a command channel of Kotler [Kotler, ¶¶0082 and 0091-0092].   
Regarding currently amended claim 5, the combination of Banga, Barton, and Kotler teach claim [[1]] 3 as described above.
While Banga teaches a firewall [Banga, ¶0086: external network through FW  VM 250]; however, Banga fails to explicitly teach but Barton teaches wherein the one or more mechanisms comprise the processor being configured to communicate through one or more of a border firewall or a proxy device. [Barton, Fig. 9 and ¶0210: The physical or logical subnetwork between the two illustrated firewalls 922 and 924 can be referred to as the "demilitarized zone" (DMZ) (a border firewall), or alternatively as a "perimeter network." Typically, the DMZ contains and exposes the enterprise's external services to a larger untrusted network, usually the Internet. Ordinarily, the purpose of the DMZ is to add an additional layer of security to the enterprise's local area network (LAN); an external attacker only has access to equipment in the DMZ, rather than any other part of the enterprise network.]
 Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to combine the teachings of securing an internet endpoint using fine-grained operating system virtualization of Banga before him or her by including the teachings of a policy-based application management of Barton. The motivation/suggestion would have been obvious to try the virtualization aspects of Banga with the connection of a network via a DMZ of Barton with features of a re-simulation to identify breaches by malware communications in attempts to establish a command channel of Kotler [Kotler, ¶¶0082 and 0091-0092].   
Regarding currently amended claim 6, the combination of Banga, Barton, and Kotler teach claim 5 as described above.
While Banga teaches a border firewall [Banga,  ¶0051: Firewall VM 250 (border firewall) is a specialized virtual machine that comprises firewall software/applications to restrict network access of VMs running in client 200 to appropriate and/or necessary network access points]; however, Banga fails to explicitly teach but Barton teaches wherein the communication from the network to the malware are prevented by:
the one or more of the border firewall or the proxy device when the host computer system is connected to a trusted network;  [Barton et al 20140040979 A1, Fig. 9 and ¶0210: The physical or logical subnetwork between the two illustrated firewalls 922 and 924 can be referred to as the "demilitarized zone" (DMZ) (a border firewall), or alternatively as a "perimeter network." Typically, the DMZ contains and exposes the enterprise's external services to a larger untrusted network, usually the Internet. Ordinarily, the purpose of the DMZ is to add an additional layer of security to the enterprise's local area network (LAN); an external attacker only has access to equipment in the DMZ, rather than any other part of the enterprise network.] or
a host-based firewall when the host computer system is connected to an untrusted network. 
Regarding claim 13, the combination of Barton and Banga teach claim 11 as described above.
While Banga teaches one or more mechanisms that prevent malware [Barton, ¶¶0098-0099: local data transfer be prevent data from being locally transferred outside the application container; preventing both replay and cryptanalytic attacks ]; however, the combination of Barton and Banga fail to explicitly teach but the Todd teaches comprising one or more mechanisms are configured to prevent the malware from establishing a command channel with the network  [Kotler, ¶¶0082 and 0091-0092: re-simulation and verification of breach configurations in order to prevent the potential breach; an example scenario includes: the command and command channels can be impacted by malware communications.]
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to combine the teachings of Banga and Barton before him or her by including the teachings of a system and method for securing a computer system against malicious actions by utilizing virtualized elements of Kotler. The motivation/suggestion would have been obvious to try to breach simulation functions to identify command channel intrusions [Kotler, ¶¶0082 and 0091-0092].
 Claims 9 are rejected under 35 U.S.C. 103 as being unpatentable over Banga et al., hereinafter (“Banga”), US PG Publication (20150143374 A1), was submitted in 02/18/2022 IDS, in view of Barton et., hereinafter (“Barton”), US PG Publication (20140040979 A1), was submitted in 09/28/2021 IDS, in view of Bunch, US PG Publication (2004/0249938 A1).
Regarding claim 9, the combination of Banga and Barton teach claim 1 as described above.
However, the combination of Banga and Barton teach fail to explicitly teach but Bunch teaches wherein the processor is configured to terminate a browser process operating in the isolated computing environment upon expiration of a predetermined amount of time without receiving or sending data. [Bunch, ¶¶0078: Upon reaching preset limits (a predetermined amount of time) (such as number of records, time elapsed, etc.) or on termination of the browser process (terminate a browser process operating in the isolated computing environment)]
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to combine the teachings of Banga and Barton before him or her by including the teachings of a system and method for monitoring access to a network by a computer of Bunch. The motivation/suggestion would have been obvious to try to manipulating operations through terminating a browser if preset limits are set by Bunch [¶¶0077-0078].  
 
Claims 11-12 and 14-20 are rejected under 35 U.S.C. 103 as being unpatentable over Barton et., hereinafter (“Barton”), US PG Publication (20140040979 A1), was submitted in 09/28/2021 IDS, in view of Banga et al., hereinafter (“Banga”), US PG Publication (20150143374 A1), was submitted in 02/18/2022 IDS.
Regarding currently amended claim 11, Barton teaches a system comprising:
 a local network having a first device and a second device connected thereto, the first device and the second device each configured to:  [Barton, ¶0325: If the network access policy permits network usage but does not permit VPN access, then the network service calls are routed directly to the mobile device platform network services though the local network that the device is attached to rather than being tunneled back to the corporate intranet.]
implement a host-based firewall configured to block incoming traffic;  [See Barton, Abstract: “Managed applications are typically allowed to exchange data with other managed applications, but are blocked from exchanging data with other applications”. ¶¶0553-0535: an improved technique (a host-based firewall) for managing enterprise applications on mobile devices by creating a managed, selectively prohibiting from sharing files with unmanaged mobile devices (block incoming traffic from other devices on the trusted network). ¶¶0549, 0555, and 0560: a managed operation mode of the managed partition 310 of mobile device 302 (the host computer system) may connect to enterprise resources 304 and enterprise services 308 through virtual private network connections/microVPNs (a trusted network).]
an authorization device configured to: [Barton, ¶0079-0080: an access gateway which allows a user to provide a single set of authentication credentials to be verified by authentication service 358.]
receive authentication credentials from the isolated computing environment; [Barton, ¶0079: through VPN support and enables single-sign-on processes may allow a user to provide a single set of authentication credentials, which are then verified by an authentication service 358]; and
authenticate the isolated computing environment using the received authentication credentials; [See Barton, ¶0079: ... a single set of authentication credentials, which are then verified by an authentication service 358]  and 
a border firewall configured to prevent unauthorized communication between the local network and untrusted network destinations; [Barton, Fig. 9 and ¶0210: The physical or logical subnetwork between the two illustrated firewalls 922 and 924 can be referred to as the "demilitarized zone" (DMZ) (a border firewall), or alternatively as a "perimeter network." Typically, the DMZ contains and exposes the enterprise's external services to a larger untrusted network, usually the Internet. Ordinarily, the purpose of the DMZ is to add an additional layer of security to the enterprise's local area network (LAN); an external attacker only has access to equipment in the DMZ, rather than any other part of the enterprise network.] 
a proxy device configured to proxy communications between the untrusted network destinations and the respective authenticated isolated computing environments of the first and second devices, [Barton, ¶¶0396-0399: FIG. 25 depicts the system with client device 2505 (comprised of: end point device, client computers 107, 109, 211-214, mobile device 302, mobile device 402, or any other device), a proxy device 2510, resource(s) 2520, and/or authentication service(s) 2515 (authenticated isolated computing environments of the first and second devices), which may be configured to perform SSO and operate under the control of one or more policy files. The proxy device 2510 (a proxy device) may provide the client device 2505 with context information that identifies the authentication session between the proxy device 2510 and the resource/authentication server.]
wherein when malware is received by the first device or the second device, the system configured to implement one or more mechanisms that prevent malware received by the first device or the second device from receiving external communications from an external source, the one or more mechanisms configured to prevent control of the malware by the external source. [See Barton, ¶0271: client agent application may serve a “sandbox” preventing malicious application from accessing other areas of a mobile device]
While Barton teaches a firewall [Barton, ¶0074: policies are implanted on firewall(s)]; however, Barton fails to explicitly teach but Banga teaches isolate, using an internal isolation firewall, an isolated computing environment using a first memory space, the internal isolation firewall being configured to prevent data from being communicated between the isolated computing environment and the workspace without an explicit user input; [See Banga, ¶0048: operating system 244 (corresponds to Microsoft Windows OS or any other general purpose OS such as Linux or MacOS) of LVM 240. ¶0051: the network access of LVM 240 is restricted to just the corporate network as implemented by firewall VM 250. Firewall VM 250 is a specialized virtual machine that comprises firewall software/applications to restrict network access of VMs running in client 200 to appropriate and/or necessary network access points. Such practice is consistent with the need for only the responsible IT administrator to be capable of connecting to LVM 240 to manage LVM 240 and processes executing therein.]
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to combine the teachings of a policy-based application management of Barton before him or her by including the teachings of securing an internet endpoint using fine-grained operating system virtualization of Banga. The motivation/suggestion would have been obvious to try to the microVPN features of Barton with the LVM 240 analogous to an internal isolation firewall performing corporate network firewall functions of Banga [¶¶0048 and 0051].  
 Regarding claim 12, the combination of Barton and Banga teach claim 11 as described above.
Barton teaches wherein the communication comprises one or more of instructions to gather data, instructions to exfiltrate data, instructions to destroy data, instructions to encrypt data, instructions to download additional malware, or instructions to execute the additional malware.  [Barton, ¶0076: process data received from the enterprise resources 304, and the like. ]

Regarding claim 14, the combination of Barton and Banga teach claim 11 as described above.
Barton teaches wherein the one or more mechanisms comprise a host- based firewall on each of the first and second devices, the host-based firewall configured to: 
when the respective first or second device is connected to a trusted network, block incoming traffic from other devices on the trusted network;  [Barton, Abstract: “Managed applications are typically allowed to exchange data with other managed applications, but are blocked from exchanging data with other applications”. ¶¶0553-0535: an improved technique for managing enterprise applications on mobile devices by creating a managed, selectively prohibiting from sharing files with unmanaged mobile devices (block incoming traffic from other devices on the trusted network). ¶¶00549, 0555, and 0560: a managed operation mode of the managed partition 310 of mobile device 302 (the host computer system) may connect to enterprise resources 304 and enterprise services 308 through virtual private network connections/microVPNs (a trusted network).] and 
when the respective first or second device is connected to an untrusted network, block outgoing and incoming traffic from the workspace of the respective first or second device.  [Barton, Abstract: “Managed applications are typically allowed to exchange data with other managed applications, but are blocked from exchanging data with other applications”. ¶¶0560, 0564, and 0585: an application running in managed mode may connect to enterprise resources 304 and enterprise services 308 through virtual private network connections, as described about with reference to FIG. 3. The virtual private network connections may be microVPNs. an application running in the less secure managed mode may have access to secure data container 328, but might not be able to connect to enterprise resources 304 and enterprise services 308 (block outgoing traffic from and incoming traffic to the workspace of the host computer system) through virtual private network connections. The mobile device 302 through the access gateway 360 may access the application store 378, through the public Internet 348 (an untrusted network) providing access to unwrapped applications 380 and pre-wrapped applications 382.]
 
Regarding claim 15, the combination of  Barton and Banga teach claim 14 as described above.
Barton teaches wherein the external communications from the external source to the malware are prevented by:
 one or more of the border firewall or the proxy device when the first device or the second device is connected to the trusted network;  [Barton et al 20140040979 A1, Fig. 9 and ¶0210: The physical or logical subnetwork between the two illustrated firewalls 922 and 924 can be referred to as the "demilitarized zone" (DMZ) (a border firewall), or alternatively as a "perimeter network." Typically, the DMZ contains and exposes the enterprise's external services to a larger untrusted network, usually the Internet. Ordinarily, the purpose of the DMZ is to add an additional layer of security to the enterprise's local area network (LAN); an external attacker only has access to equipment in the DMZ, rather than any other part of the enterprise network.]  or
 the host-based firewall when the first device or the second device is connected to the untrusted network.

Regarding claim 16, the combination of Barton and Banga teach claim 11 as described above.
However, Barton fails to teach but Banga teaches wherein the malware is received by the workspace of the first device or the second device, the internal isolation firewall configured to prevent the malware from communicating with the external source via the isolated computing environment; [See Banga, ¶¶0039-0040: through efficient use of micro-virtualization  (the internal isolation firewall) techniques while employing full OS virtualization, perform separate VMs so all potential malicious code can be destroyed after executing on its own VM. ¶0048: operating system 244 (corresponds to Microsoft Windows OS or any other general purpose OS such as Linux or MacOS) of LVM 240. ¶0051: the network access of LVM 240 is restricted to just the corporate network as implemented by firewall VM 250...]
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to combine the teachings of a policy-based application management of Barton before him or her by including the teachings of securing an internet endpoint using fine-grained operating system virtualization of Banga. The motivation/suggestion would have been obvious to try to the microVPN features of Barton with the LVM 240 analogous to an internal isolation firewall performing corporate network firewall functions of Banga [¶¶0048 and 0051].  

Regarding claim 17, the combination of Barton and Banga teach claim 11 as described above.
While Barton teaches a sandbox [Barton, ¶0187: sandbox]; however, Barton fails to explicitly teach but Banga teaches wherein the isolated computing environment is sandboxed computing environment enforced by a sandbox container process that enables the internal isolation firewall.  [Banga, ¶¶0015 and 0034-0035: the invention use of dynamic operating system (OS) micro-virtualization creates a level of sandboxing; where the VM include virtual containers like Intel® SGX and User-Mode Linux (UML) to emulate this environment, as Examiner interprets.]
 Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to combine the teachings of a policy-based application management of Barton before him or her by including the teachings of securing an internet endpoint using fine-grained operating system virtualization of Banga. The motivation/suggestion would have been obvious to try to the microVPN features of Barton with the LVM 240 analogous to an internal isolation firewall performing corporate network firewall functions of Banga [¶¶0048 and 0051].  

Regarding claim 18, the combination of Barton and Banga teach claim 11 as described above.
Barton teaches wherein the border firewall is configured to block data received for a session associated with a process operating in the isolated computing environment when the session has been terminated.  [See Barton, Fig. 9 and ¶¶0209-0210: The enterprise system 910 (isolated computing environment) preferably includes an external firewall 922 and an internal firewall 924. The physical or logical subnetwork between the two illustrated firewalls 922 and 924 can be referred to as the "demilitarized zone" (DMZ) (a border firewall), or alternatively as a "perimeter network." ¶0244: Web browser 1732 can receive and participate in a remote control session; ¶0340: intercepting an API call consulting an application’s policy and blocking] 
 Regarding claim 19, the combination of Barton and Banga teach claim 11 as described above.
Barton teaches wherein the proxy device is configured to:  receive, from the malware on the workspace of the first device, a request to communicate with an untrusted network destination; [Barton, ¶0396-0397 and 0410: the client device 2505 may communicate to proxy device 2150, untrusted and authorized servers using different authentication, communication and/or HTTP protocols to access resources 2520 .] and
prevent the malware from communicating with the untrusted network destination. [Barton, Fig. 9 and ¶0210: use of DMZ to prevent exposure to untrusted network] 
 
Regarding claim 20, the combination of Barton and Banga teach claim 11 as described above.
Barton teaches wherein the proxy device is configured to: receive, from an application or process operating in the authenticated isolated computing environment of the first device, a request to communicate with an untrusted network destination; [Barton, ¶0396-0397 and 0410: the client device 2505 may communicate to proxy device 2150, untrusted and authorized servers using different authentication, communication and/or HTTP protocols to access resources 2520 .] and
allow, based on the authentication of the authenticated isolated computing environment, the application or process operating in the authenticated isolated computing environment to communicate with the untrusted network destination. [Barton, ¶0410: HTTP protocols allow communicate with untrusted or unauthorized servers.] 




Conclusion
Applicant's submission of an information disclosure statement under 37 CFR 1.97(c) with the fee set forth in 37 CFR 1.17(p) on 02/18/2022 prompted the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 609.04(b).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). 
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
	
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SAKINAH W TAYLOR whose telephone number is (571)270-0682.  The examiner can normally be reached on Monday-Friday, 9:45-5:45.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, ELENI SHIFERAW can be reached on 571-272-3867.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



/Sakinah White Taylor/Primary Examiner, Art Unit 2497