DETAILED ACTION
	This application has been examined. Claims 1-20 are pending.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .  
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 3/7/2022 has been entered.
 
Response to Arguments
Applicant's arguments filed 3/7/2022 have been fully considered but they are moot in view of the new grounds for rejection. 


Johns-Gupta-Weinstein disclosed (re. Claim 1) injecting monitoring logic (Weinstein-Paragraph 45,agent 210 is inserted into a memory space of the native app… use an injection tool (such as Frida) to inject the bridge logic 208 into the app's memory space ) from the security service into a document object model at the client agent including instructions into the document object model to monitor dynamically loaded activity within the inline frame of the web page at the client agent including detecting creating the inline frame and contents loaded into the inline frame;(Johns-Paragraph 141,Paragraph 34, the condition inspector 132 may inspect the pages 110, 112 for an inclusion of undesirable content, Paragraph 35, once the condition inspector 132 determines a possible inclusion of a condition that is not permitted within the context of any page hosting an associated widget of the widget generator 104, ) 


 
 
 
Priority
	The effective date of the claims described in this application is May 13, 2020.

Information Disclosure Statement
 The Applicant is respectfully reminded that each individual associated with the filing and prosecution of a patent application has a duty of candor and good faith in dealing with the Office, which includes a duty to disclose to the Office all information known to that individual to be material to patentability as defined in 37 CFR  1.56.

There were no information disclosure statements filed with this application.

 


 
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-2,7-8,11-18 is/are rejected under 35 U.S.C. 103 as being unpatentable over Johns (USPGPUB 2016/0028743) further in view of Gupta (USPGPUB 2020/0028848) further in view of Weinstein (USPGPUB 2019/0020673).

In regard to Claim 1 
Johns Paragraph 39 disclosed wherein widgets are associated with associated DOM models, which themselves may be rendered by the rendering engine 126, and subject to security policies of the security manager 130. Johns Paragraph 48-Paragraph 49 wherein disclosed a frame 214 may be included within the page 212 for purposes of embedding a widget 216 provided in conjunction with the widget context 204 and the widget script 210.  The frame 214 generally represents an inline frame, or iframe, that is associated with a node of the DOM tree of the DOM 206, and that is commonly used to achieve the type of seamless embedding of the widget 216.

Johns disclosed (re. Claim 1) method, comprising:
injecting monitoring logic into a document object model (Johns-Paragraph 38, protection manager 102 may itself be implemented as generating a java script code portion, e.g., as a java script library that is included within all widgets generated by the widget generator 104, Paragraph 64, protection manager 102 may simultaneously and automatically generate a corresponding protection script instance for inclusion within the thus-generated widget, Paragraph 132, protection script may inject an absolutely positioned, transparent DOM overlay 808 of its own, completely covering the widget 806, as well as a small area surrounding it, as shown in FIG. 8 and referenced above. The overlay 808 has the purpose of registering intended interactions with the widget 806 beforehand, using a mouse-over event handler)  at a client (Johns-Paragraph 61, protection script may be provided to the browser application in conjunction with the widget, the protection script being executable within a page context of the page and separate from a widget context of the widget,Paragraph 19, browser application implemented by the  client systems )   to monitor an activity within a dynamically loaded inline frame of a web page;(Johns-Paragraph 48, an inline frame, or iframe, that is associated with a node of the DOM tree of the DOM 206, and that is commonly used to achieve the type of seamless embedding of the widget 216. ) 
receiving data regarding the activity within the dynamically loaded inline frame; (Johns-Paragraph 61, protection script may be provided to the browser application in conjunction with the widget, the protection script being executable within a page context of the page and separate from a widget context of the widget, wherein the protection script, during execution, validates a condition associated with a frame of the page that is used to render the widget, and enables functionality of the widget within the page, based on validation of the condition)  and
applying a policy (Johns-Paragraph 39, subject to security policies of the security manager 130 )  to validate or invalidate the activity within the dynamically loaded inline frame.(Johns-Paragraph 35-protection manager 102 may disable, or prevent an enabling, of the functionality (or a portion thereof) of the associated widget ) 
While Johns substantially disclosed the claimed invention Johns  does not disclose (re. Claim 1)  injecting monitoring logic in a user agent.

While Johns substantially disclosed the claimed invention Johns does not disclose (re. Claim 1) receiving data at the security service proxy server regarding the dynamically loaded activity within the inline frame.
While Johns substantially disclosed the claimed invention Johns does not disclose (re. Claim 1) applying a policy at a server . 
Gupta Paragraph 32 disclosed wherein access to the application is made available for invocation (e.g., via a web page application list, or a pull-down menu, or such as from a link within an iFrame).  Gupta Paragraph 23 disclosed wherein reverse proxy authorization service exposes user application request information (e.g., user credentials, application identifier, etc.) to the mapping facility. The single application digital certificate and certain user-specific information is used to form a communication link for secure access (e.g., using an access token) between a user's context (e.g., browser session or iFrame) and the particular subject application instance that the particular user is authorized to access.
Gupta disclosed (re. Claim 1)  a proxy server   ( Gupta-Paragraph 23,reverse proxy authorization service, Paragraph 44,an application authorization server 326 ) that is applying a policy at a server. ( Gupta-Paragraph 38,reverse proxy authorization service 102 consults an application database to access the data stored in the mapping data structure 114 so as to identify details pertaining to a particular authorized instance of "appB" that user1 can access,Paragraph 56, mapping data structure 114 can be used   to identify and securely connect to a particular containerized application instance that a particular user is authorized to access.  The Examiner notes wherein the mapping data structure 114 is equivalent to a policy that is applied by the reverse proxy authorization service ) 
Gupta disclosed (re. Claim 1) receiving data at the security service proxy server regarding the dynamically loaded activity within the inline frame; (Gupta-Paragraph 46, user1 interacting with an iFrame 310 associated with application "B" that is rendered by HTTP server 322 in browser 110.sub.1. For example, clicking on the "B" icon in iFrame 310 might launch a call for application "B" that is received by HTTP server 322. Such a call might include a set of user credentials 302 and/or an application identifier 304 )  
Johns and Gupta are analogous art because they present concepts and practices regarding monitoring of user activity within inline frames.  At the time of the effective filing date of the claimed invention it would have been obvious to combine Gupta into Johns.  The motivation for the said combination would have been to enable instantiating an application that is specific to a particular user's context.(Gupta-Paragraph 32)
Johns-Gupta disclosed (re. Claim 1) monitoring according to a security policy, (Johns-Paragraph 38, protection manager 102 may itself be implemented as generating a java script code portion, e.g., as a java script library that is included within all widgets generated by the widget generator 104, Paragraph 64, protection manager 102 may simultaneously and automatically generate a corresponding protection script instance for inclusion within the thus-generated widget, Paragraph 132, protection script may inject an absolutely positioned, transparent DOM overlay 808 of its own, completely covering the widget 806, as well as a small area surrounding it, as shown in FIG. 8 and referenced above. The overlay 808 has the purpose of registering intended interactions with the widget 806 beforehand, using a mouse-over event handler)  the web page including an Inline frame wherein contents loaded into the inline frame are not detected at the proxy server. (Johns-Paragraph 48, an inline frame, or iframe, that is associated with a node of the DOM tree of the DOM 206, and that is commonly used to achieve the type of seamless embedding of the widget 216. )

 	injecting monitoring logic into a document object model at the client  (Johns-Paragraph 61, protection script may be provided to the browser application in conjunction with the widget, the protection script being executable within a page context of the page and separate from a widget context of the widget,Paragraph 19, browser application implemented by the  client systems )     to monitor dynamically loaded activity within the inline frame of the  web page; (Johns-Paragraph 48, an inline frame, or iframe, that is associated with a node of the DOM tree of the DOM 206, and that is commonly used to achieve the type of seamless embedding of the widget 216. )
 	receiving data at the security service proxy server regarding the dynamically loaded activity within the inline frame; (Gupta-Paragraph 46, user1 interacting with an iFrame 310 associated with application "B" that is rendered by HTTP server 322 in browser 110.sub.1. For example, clicking on the "B" icon in iFrame 310 might launch a call for application "B" that is received by HTTP server 322. Such a call might include a set of user credentials 302 and/or an application identifier 304 )  and
 	applying the security policy (Johns- Paragraph 35-protection manager 102 may disable, or prevent an enabling, of the functionality (or a portion thereof) of the associated widget ,Paragraph 39, subject to security policies of the security manager 130 )   at the security service proxy server ( Gupta-Paragraph 38,reverse proxy authorization service 102 consults an application database to access the data stored in the mapping data structure 114 so as to identify details pertaining to a particular authorized instance of "appB" that user1 can access,Paragraph 56, mapping data structure 114 can be used   to identify and securely connect to a particular containerized application instance that a particular user is authorized to access.  The Examiner notes wherein the mapping data structure 114 is equivalent to a policy that is applied by the reverse proxy authorization service ) to validate or invalidate access of the web page and the dynamically loaded activity within the inline frame. (Johns-Paragraph 35-protection manager 102 may disable, or prevent an enabling, of the functionality (or a portion thereof) of the associated widget )


While Johns-Gupta substantially disclosed the claimed invention Johns-Gupta does not disclose (re. Claim 1)   injecting monitoring logic in a user agent.
Weinstein Paragraph 45 disclosed wherein agent 210 is inserted into a memory space of the native app to facilitate the various functionality described herein. Typically, the memory space of the native app is not accessible unless the user device 104 is "jailbroken." If the user device 104 is jailbroken, however, traditional methods for modifying mobile apps can be used to add the agent 210 to the native app. In some embodiments, however, when the user device 104 is not jailbroken, the security instrumentation system 102 is configured to use an injection tool (such as Frida) to inject the bridge logic 208 into the app's memory space.
Weinstein disclosed (re. Claim 1)   injecting monitoring logic in a user agent.(Weinstein-Paragraph 45,agent 210 is inserted into a memory space of the native app… use an injection tool (such as Frida) to inject the bridge logic 208 into the app's memory space ) 

Johns and Weinstein are analogous art because they present concepts and practices regarding monitoring of user activity within inline frames.  At the time of the effective filing date of the claimed invention it would have been obvious to combine Weinstein into Johns-Gupta.  The motivation for the said combination would have been to enable providing a real-time display of the interaction with the one or more user interface elements on the app alongside the presentation of the serialized user interface elements via the web browser. (Weinstein-Paragraph 52)
Johns-Gupta disclosed (re. Claim 1)  including an Inline frame created at the client agent  (Johns-Paragraph 49, frame 214 generally represents an inline frame, or iframe, that is associated with a node of the DOM tree of the DOM 206) wherein contents loaded into the inline frame created at the client agent (Johns-Paragraph 48, when a page 212 is rendered in conjunction with the page context 202, a frame 214 may be included within the page 212 for purposes of embedding a widget 216 provided in conjunction with the widget context 204 and the widget script 210. ) 
injecting monitoring logic (Weinstein-Paragraph 45,agent 210 is inserted into a memory space of the native app… use an injection tool (such as Frida) to inject the bridge logic 208 into the app's memory space )  into a document object model at the client agent including instructions into the document object model to monitor dynamically loaded activity within the inline frame of the web page at the client agent; (Johns-Paragraph 38, protection manager 102 may itself be implemented as generating a java script code portion, e.g., as a java script library that is included within all widgets generated by the widget generator 104, Paragraph 64, protection manager 102 may simultaneously and automatically generate a corresponding protection script instance for inclusion within the thus-generated widget, Paragraph 132, protection script may inject an absolutely positioned, transparent DOM overlay 808 of its own, completely covering the widget 806, as well as a small area surrounding it, as shown in FIG. 8 and referenced above. The overlay 808 has the purpose of registering intended interactions with the widget 806 beforehand, using a mouse-over event handler)  
receiving data from the monitoring logic at the security service proxy server regarding the dynamically loaded activity within the inline frame at the client agent (Johns- Paragraph 35-protection manager 102 may disable, or prevent an enabling, of the functionality (or a portion thereof) of the associated widget ,Paragraph 39, subject to security policies of the security manager 130, Paragraph 38,reverse proxy authorization service 102 consults an application database to access the data stored in the mapping data structure 114 so as to identify details pertaining to a particular authorized instance of "appB" that user1 can access,Paragraph 56, mapping data structure 114 can be used   to identify and securely connect to a particular containerized application instance that a particular user is authorized to access.  The Examiner notes wherein the mapping data structure 114 is equivalent to a policy that is applied by the reverse proxy authorization service)   

Johns-Gupta-Weinstein disclosed (re. Claim 1) injecting monitoring logic (Weinstein-Paragraph 45,agent 210 is inserted into a memory space of the native app… use an injection tool (such as Frida) to inject the bridge logic 208 into the app's memory space ) from the security service into a document object model at the client agent including instructions into the document object model to monitor dynamically loaded activity within the inline frame of the web page at the client agent including detecting creating the inline frame and contents loaded into the inline frame;(Johns-Paragraph 141,Paragraph 34, the condition inspector 132 may inspect the pages 110, 112 for an inclusion of undesirable content, Paragraph 35, once the condition inspector 132 determines a possible inclusion of a condition that is not permitted within the context of any page hosting an associated widget of the widget generator 104, )
In regard to Claim 2
Johns-Gupta-Weinstein disclosed (re. Claim 2) downloading a program to inject the monitoring logic into the document object model.(Johns-Paragraph 64,Figure 4, sending of a disabled widget and associated protection script to a client system in conjunction with downloading of a page that specifies and identifies the widget for inclusion/embedding therein ) 
In regard to Claim 7
Johns-Gupta-Weinstein disclosed (re. Claim 7) wherein the dynamically loaded activity within the inline frame is a client-side event.(Johns-Paragraph 19, browser application 116  may be implemented by the types of client systems ) 
In regard to Claim 8
Johns-Gupta-Weinstein disclosed (re. Claim 8) wherein an invalidated activity is blocked.(Johns-Paragraph 35, protection manager 102 may disable, or prevent an enabling, of the functionality (or a portion thereof) of the associated widget ) 
In regard to Claim 11
Claim 11 (re. computer readable storage device) recites substantially similar limitations as Claim 1.   Claim 11 is rejected on the same basis as Claim 1.
 In regard to Claim 15
Claim 15 (re. system) recites substantially similar limitations as Claim 1.   Claim 15 is rejected on the same basis as Claim 1.

In regard to Claim 12
Johns-Gupta-Weinstein disclosed (re. Claim 12) wherein the instructions to inject monitoring logic are performed in a client device. (Johns-Paragraph 19, browser application 116  may be implemented by the types of client systems )
In regard to Claim 13
Johns-Gupta-Weinstein disclosed (re. Claim 13) wherein the document object model is included in a web browser. (Johns- browser application 116 )
In regard to Claim 14
Johns-Gupta-Weinstein disclosed (re. Claim 14) wherein the data regarding the activity is received from the monitoring logic. (Johns-Paragraph 61, protection script may be provided to the browser application in conjunction with the widget, the protection script being executable within a page context of the page and separate from a widget context of the widget, wherein the protection script, during execution, validates a condition associated with a frame of the page that is used to render the widget, and enables functionality of the widget within the page, based on validation of the condition)  
 In regard to Claim 16
While Johns substantially disclosed the claimed invention Johns does not disclose (re. Claim 16)  a proxy server system.
Gupta Paragraph 32 disclosed wherein access to the application is made available for invocation (e.g., via a web page application list, or a pull-down menu, or such as from a link within an iFrame).  Gupta Paragraph 23 disclosed wherein reverse proxy authorization service exposes user application request information (e.g., user credentials, application identifier, etc.) to the mapping facility. The single application digital certificate and certain user-specific information is used to form a communication link for secure access (e.g., using an access token) between a user's context (e.g., browser session or iFrame) and the particular subject application instance that the particular user is authorized to access 
Gupta disclosed (re. Claim 16)  a proxy server system.( Gupta-Paragraph 23,reverse proxy authorization service )
Johns and Gupta are analogous art because they present concepts and practices regarding monitoring of user activity within inline frames.  At the time of the effective filing date of the claimed invention it would have been obvious to combine Gupta into Johns.  The motivation for the said combination would have been to enable instantiating an application that is specific to a particular user's context.(Gupta-Paragraph 32)
 
In regard to Claim 17
Johns-Gupta-Weinstein disclosed (re. Claim 17) wherein the proxy server system directs web traffic between a client device and a content server.(Gupta-Figure 3, Paragraph 66, iFrame 310 that is accessed by user "usr1", the HTTP server 322, the reverse proxy authorization service 102, and a web server WS.sub.B, that is configured with a representative application "B" instance that is associated with user "usr1". ) 
In regard to Claim 18
Johns-Gupta-Weinstein disclosed (re. Claim 18) a security service.(Gupta-Paragraph 33, carry out an authentication and authorization protocol with the reverse proxy authorization service ) 


Claims 3,4,10 is/are rejected under 35 U.S.C. 103 as being unpatentable over Johns (USPGPUB 2016/0028743) further in view of Gupta (USPGPUB 2020/0028848) further in view of Weinstein (USPGPUB 2019/0020673)
In regard to Claim 3
Johns-Gupta-Weinstein disclosed (re. Claim 3) wherein the injecting monitoring logic includes injecting monitoring logic into a document object model. (Johns-Paragraph 38, protection manager 102 may itself be implemented as generating a java script code portion, e.g., as a java script library that is included within all widgets generated by the widget generator 104, Paragraph 48, an inline frame, or iframe, that is associated with a node of the DOM tree of the DOM 206, and that is commonly used to achieve the type of seamless embedding of the widget 216, Paragraph 64, protection manager 102 may simultaneously and automatically generate a corresponding protection script instance for inclusion within the thus-generated widget, Paragraph 132, protection script may inject an absolutely positioned, transparent DOM overlay 808 of its own, completely covering the widget 806, as well as a small area surrounding it, as shown in FIG. 8 and referenced above. The overlay 808 has the purpose of registering intended interactions with the widget 806 beforehand, using a mouse-over event handler )   
While Johns-Gupta substantially disclosed the claimed invention Johns-Gupta does not disclose (re. Claim 3)   injecting monitoring logic in a user agent.
Weinstein Paragraph 45 disclosed wherein agent 210 is inserted into a memory space of the native app to facilitate the various functionality described herein. Typically, the memory space of the native app is not accessible unless the user device 104 is "jailbroken." If the user device 104 is jailbroken, however, traditional methods for modifying mobile apps can be used to add the agent 210 to the native app. In some embodiments, however, when the user device 104 is not jailbroken, the security instrumentation system 102 is configured to use an injection tool (such as Frida) to inject the bridge logic 208 into the app's memory space.
Weinstein disclosed (re. Claim 3)   injecting monitoring logic in a user agent.(Weinstein-Paragraph 45,agent 210 is inserted into a memory space of the native app… use an injection tool (such as Frida) to inject the bridge logic 208 into the app's memory space ) 

Johns and Weinstein are analogous art because they present concepts and practices regarding monitoring of user activity within inline frames.  At the time of the effective filing date of the claimed invention it would have been obvious to combine Weinstein into Johns-Gupta.  The motivation for the said combination would have been to enable providing a real-time display of the interaction with the one or more user interface elements on the app alongside the presentation of the serialized user interface elements via the web browser. (Weinstein-Paragraph 52)

In regard to Claim 4
Johns-Gupta-Weinstein disclosed (re. Claim 4) wherein the user agent includes a web browser.(Johns- browser application 116 ) 

In regard to Claim 10
Johns-Gupta-Weinstein disclosed (re. Claim 10) wherein a validated activity proceeds within a user agent. (Weinstein-Paragraph 45,agent 210 is inserted into a memory space of the native app… use an injection tool (such as Frida) to inject the bridge logic 208 into the app's memory space )

Claims 6 is/are rejected under 35 U.S.C. 103 as being unpatentable over Johns (USPGPUB 2016/0028743) further in view of Gupta (USPGPUB 2020/0028848) further in view of Weinstein (USPGPUB 2019/0020673) further in view of Dunagann (USPGPUB 2010/0058293).
In regard to Claim 6
Johns-Gupta-Weinstein disclosed (re. Claim 6) wherein the dynamically loaded inline frame (Johns-Paragraph 48, an inline frame, or iframe, that is associated with a node of the DOM tree of the DOM 206, and that is commonly used to achieve the type of seamless embedding of the widget 216. )  is created within a user agent injected (Weinstein-Paragraph 45,agent 210 is inserted into a memory space of the native app… use an injection tool (such as Frida) to inject the bridge logic 208 into the app's memory space ) with hypertext markup language from the web page. 

While Johns-Gupta substantially disclosed the claimed invention Johns-Gupta does not disclose (re. Claim 6) wherein the   inline frame includes an empty inline frame.
Dunagan Figure 4, Figure 5, Paragraph 33-34 disclosed detouring component 104 within iframe 504 executes in the host domain with an empty "src" portion.
Dunagan disclosed (re. Claim 6) wherein the inline frame includes an empty inline frame. (Dunagan-Figure 4, Figure 5, Paragraph 33-34 disclosed detouring component 104 within iframe 504 executes in the host domain with an empty "src" portion. ) 

Johns and Dunagan are analogous art because they present concepts and practices regarding monitoring of user activity within inline frames.  At the time of the effective filing date of the claimed invention it would have been obvious to combine Dunagan into Johns-Gupta.  The motivation for the said combination would have been to implement the detouring component 104 to create proxy objects that define particular rules for advertisements displayed in the third portion 406, such as restrictions on an amount of time an advertisement can expand, a restriction on color schemes that can be used in the advertisement, a restriction on an amount of linking text that can be included in an advertisement, amongst other restrictions. (Dunagan-Paragraph 33)

 
Claims 19-20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Johns (USPGPUB 2016/0028743) further in view of Gupta ( USPGPUB 2020/0028848) further in view of Weinstein (USPGPUB 2019/0020673) further in view of Cohen (USPGPUB 2015/0135302).
In regard to Claim 19
While Johns-Gupta substantially disclosed the claimed invention Johns-Gupta does not disclose (re. Claim 19) wherein the security service is a cloud access security broker. 
Cohen Paragraph 26,Paragraph 53 disclosed wherein managed network proxy node can function as policy enforcement nodes and provide full auditing of cloud activities. The network proxy can be used to perform an audit of user activity whereby any user action can be parsed and/or audited from the traffic stream. The network proxy can be used in policy enforcement.
Cohen disclosed (re. Claim 19) wherein the security service is a cloud access
security broker. (Cohen-Paragraph 26,Paragraph 53,managed network proxy node can function as policy enforcement nodes and provide full auditing of cloud activities. The network proxy can be used to perform an audit of user activity whereby any user action can be parsed and/or audited from the traffic stream. The network proxy can be used in policy enforcement. ) 

 	Johns,Gupta and Cohen are analogous art because they present concepts and practices regarding monitoring of user activity within inline frames.  At the time of the effective filing date of the claimed invention it would have been obvious to combine Cohen into Johns-Gupta.  The motivation for the said combination would have been to enable transparently forwarding traffic between the user and the SaaS provider through the managed network proxy. In these embodiments, access to the SaaS application can be restricted to only users of the proxy. These techniques enable the operation of a security control without any installation on the user device or user's local network.(Cohen-Paragraph 60)

In regard to Claim 20
Johns-Gupta-Cohen disclosed (re. Claim 20) wherein the security service monitors static web pages.(Cohen-Paragraph 166, In the context of static pages (e.g., those that do not contain client-executable JavaScript code), this can be done on the server side, by the proxy. ) 


Claims 9 is/are rejected under 35 U.S.C. 103 as being unpatentable over Johns (USPGPUB 2016/0028743) further in view of Gupta (USPGPUB 2020/0028848) further in view of Weinstein (USPGPUB 2019/0020673) further in view of Demir (US Patent 8555391)
In regard to Claim 9
While Johns-Gupta substantially disclosed the claimed invention Johns-Gupta does not disclose (re. Claim 9) wherein an invalidated activity generates an alert to an administrator.
Demir Column 9 Lines 50-60 disclosed wherein reporting engine 218 is configured to send an alert to a designated administrator of site 114 that allows the administrator to initiate a remediation action (via quarantine engine 220) that will prevent the iframe from being served to any future visitors to the page.
Demir disclosed (re. Claim 9) wherein an invalidated activity generates an alert to an administrator.(Demir -Column 9 Lines 50-60,reporting engine 218 is configured to send an alert to a designated administrator of site 114 ) 
Johns and Demir are analogous art because they present concepts and practices regarding monitoring of user activity within inline frames.  At the time of the effective filing date of the claimed invention it would have been obvious to combine Demir into Johns-Gupta.  The motivation for the said combination would have been to enable determining one or more scores that indicate the vulnerability of the site to being used in a future malware attack. (Dunagan-Column 4 Lines 65)

Claims 5 is/are rejected under 35 U.S.C. 103 as being unpatentable over Johns (USPGPUB 2016/0028743) further in view of Gupta (USPGPUB 2020/0028848) further in view of Weinstein (USPGPUB 2019/0020673) further in view of Covington (US Patent 7325188).
In regard to Claim 5
While Johns-Gupta substantially disclosed the claimed invention Johns-Gupta does not disclose (re. Claim 5) wherein the dynamically loaded activity includes an attempt to export data from within the dynamically loaded inline frame.
Covington Column 11 Lines 60-65 disclosed wherein there may be instances when the designer of the target Web page does not want any element from the target Web page to be displayed in another Web site. In these instances, the designer may set one or more META tags to prohibit the capturing of either individual elements or the entire target Web page. Therefore, after the target Web page is downloaded, it is examined to determine whether the designer of the target Web page prohibited the capturing of any elements.
Covington disclosed (re. Claim 5) wherein the dynamically loaded activity includes an attempt to export data from within the dynamically loaded inline frame.(Covington- Column 11 Lines 60-65, there may be instances when the designer of the target Web page does not want any element from the target Web page to be displayed in another Web site. In these instances, the designer may set one or more META tags to prohibit the capturing of either individual elements or the entire target Web page. Therefore, after the target Web page is downloaded, it is examined to determine whether the designer of the target Web page prohibited the capturing of any elements…Column 15 Lines 15-25, if the determination is made that the element does not support being captured, then displaying an error message in the Web part in the document. ) 

Johns and Covington are analogous art because they present concepts and practices regarding monitoring of user activity within inline frames.  At the time of the effective filing date of the claimed invention it would have been obvious to combine Covington into Johns-Gupta.  The motivation for the said combination would have been to enable a designer of the target Web page to prevent any element from the target Web page to be displayed in another Web site by allowing the designer to set one or more META tags to prohibit the capturing of either individual elements or the entire target Web page.

Conclusion

Examiner’s Note: In the case of amending the claimed invention, Applicant is respectfully requested to indicate the portion(s) of the specification which dictate(s) the structure relied on for proper interpretation and also to verify and ascertain the metes and bounds of the claimed invention.
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Please refer to the enclosed PTO-892 form.
 
 Any inquiry concerning this communication or earlier communications from the examiner should be directed to GREG C BENGZON whose telephone number is (571)272-3944.  The examiner can normally be reached on Monday - Friday 8 AM - 4:30 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.  
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, John Follansbee can be reached on (571) 272-3964.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


	/GREG C BENGZON/           Primary Examiner, Art Unit 2444