Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 6/10/2022 has been entered.

Information Disclosure Statement
The information disclosure statement (IDS) submitted is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Response to Arguments
In communications filed on 6/10/2021, claims 1-20 are presented for examination. Claims 1, 10, and 19 are independent.
Amended claim(s): 1, 2, 4, 8, 10, 11, 13, 17, 19, and 20.
Applicants’ arguments, see Applicant Arguments/Remarks filed 6/10/2022, with respect to claim(s) rejected under prior art have been fully considered and are persuasive in so far as Levy does not explicitly discloses newly added limitation “determine a risk level associated with the untrusted network destination.” However, newly cited art Bud teaches determining risk level associated with a requested webpage, and based on the risk level using a separate VM to access the webpage (Bud: ¶76, ¶103-¶114). The combination of Levy and Bud teaches all the elements of the claimed invention.  

Specification
The amendment filed 6/10/22 is objected to under 35 U.S.C. 132(a) because it introduces new matter into the disclosure.  35 U.S.C. 132(a) states that no amendment shall introduce new matter into the disclosure of the invention.  The added material which is not supported by the original disclosure is as follows: Claims 4 and 13 recite “wherein the first browser application is configured to receive configuration files associated with the host operating system”. There is no support in Applicant’s disclosure as originally filed for the limitation.
Applicant is required to cancel the new matter in the reply to this Office Action.

Claim Rejections - 35 USC § 112
The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.

The following is a quotation of the first paragraph of pre-AIA  35 U.S.C. 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention.

Claims 4 and 13 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement. The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA  35 U.S.C. 112, the inventor(s), at the time the application was filed, had possession of the claimed invention. Claims 4 and 13 recite “wherein the first browser application is configured to receive configuration files associated with the host operating system”. There is no support in Applicant’s disclosure as originally filed for the limitation.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
Claim(s) 1-8, 10-17, 19, and 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over US 20070136579 A1 (hereinafter ‘Levy’) in view of US 20160154539 A1 (hereinafter ‘Bud’).
 
As regards claim 1, Levy (US 20070136579 A1) discloses: A host computer system configured to connect to a network, the host computer system comprising: a memory; and a processor configured to (Levy: Figs 1-2, ¶15-¶17): 
receive a request from a first browser application to communicate with an untrusted network destination (Levy: Figs. 9-10, ¶54. ¶126, i.e., the request to access remote website from the browsers and determining whether a url i.e., network destination, is permitted to be accessed), wherein the first browser application executes in a workspace, wherein the workspace has access to a host operating system and a system kernel, and wherein the workspace uses a first memory space; (Levy: Figs. 1-2, ¶15-17, ¶50-¶52, ¶61, ¶67, i.e., the BOS wherein the BOS runs as a VM (i.e., workspace) on top of physical HW on top of a host operating system such as Linux OS)
However, Levy does not but in analogous art, Bud (US 20160154539 A1) teaches: determine a risk level associated with the untrusted network destination; (Bud: ¶103-¶106, i.e., determining the risk level of a requested webpage)
Before the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art to modify Levy to include determining risk level of a requested web page as taught by Bud with the motivation to isolate the risky content from a high risk level site from infecting the system (Bud: ¶76, ¶103-¶111) 
Levy et al combination further discloses: in response to the determined risk level and the request from first browser application, execute a second browser application to run in an isolated computing environment, comprises a sandboxed computing environment enforced by a sandbox container process that uses an internal isolation firewall, wherein the isolated computing environment has access to the host operating system and uses a second memory space, and wherein the second memory space is separate from the first memory space (Levy: Figs 2, 4, 9, 10, ¶45-¶56, ¶61, ¶67, ¶72, ¶126-¶130, i.e., browser process/application is sandbox in its own virtual machine, isolating the process from other processes using a firewall, wherein opening the url in a different VM with firewall wherein the VM instance and the browser application is instantiated in response to a request. See in particular Fig. 9 step 312 and Fig. 10 step 416. See also, Bud: ¶103-¶106, i.e., determining the risk level of a requested webpage, and opening the page in a separate instance within a different VM running on the host)
isolate the second browser application isolated computing environment from the workspace using the internal isolation firewall, wherein the internal isolation firewall prevents data from being communicated between the second browser application and the workspace (Levy: Figs 2, 4, 9, 10, ¶45-¶56, ¶61, ¶67, ¶72, ¶126-¶130, i.e., browser process is sandbox in its own virtual machine, isolating the process from other processes using a firewall, wherein opening the url in a different VM with firewall with user’s permission. See also, Bud: ¶103-¶111) 
and send data from the second browser application in the isolated computing environment to the untrusted network destination. (Levy: Figs 2, 4, 9, 10, ¶45-¶56, ¶61, ¶67, ¶72, ¶126-¶130, i.e., browser process is sandbox in its own virtual machine, isolating the process from other processes using a firewall, wherein opening the url in a different VM with firewall with user’s permission. See also, Bud: Fig. 1, ¶103-¶111) 

Claims 10 and 19 recite substantially the same features recited in claim 1 above, and are rejected based on the aforementioned rationale in the rejection.

As regards claim 2, Levy et al combination discloses the host computer system of claim 1, wherein the isolated computing environment is isolated from the workspace. (Levy: Figs 2, 9, 10, ¶45-¶50, ¶111-¶112, ¶126-¶130, i.e., browser process is sandbox in its own virtual machine, isolating the process. See also, Bud: Fig. 1, ¶103-¶111)

Claims 11 and 20 recite substantially the same features recited in claim 2 above, and are rejected based on the aforementioned rationale in the rejection.

As regards claim 3, Levy et al combination discloses the host computer system of claim 1, wherein the second browser application is implemented via a browser application plug-in. (Levy: Figs 1-2, ¶15-¶16) 

Claim 12 recites substantially the same features recited in claim 3 above, and is rejected based on the aforementioned rationale in the rejection.

As regards claim 4, Levy et al combination discloses the host computer system of claim 1, wherein the first browser application is configured to receive configuration files associated with the host operating system, wherein the configuration files comprise one or more of a whitelist, a blacklist, or authentication credentials, wherein the whitelist comprises a list of trusted network destinations and the blacklist comprises a list of untrusted network destinations. (Levy: ¶12, ¶79-¶82, configuration of lists of files, applications, including the urls that browsers can access. 

Claim 13 recites substantially the same features recited in claim 4 above, and is rejected based on the aforementioned rationale in the rejection.

As regards claim 5, Levy et al combination discloses the host computer system of claim 4, wherein the processor is configured to determine the untrusted network destination using one or more of a whitelist comprising a list of trusted network destinations or a blacklist comprising a list of untrusted network destinations. (Levy: Figs. 9-10, ¶12, ¶79-¶82 ¶111-¶112, ¶126, opening the url in a browser process if the url is permitted to be accessed) 

Claim 14 recites substantially the same features recited in claim 5 above, and is rejected based on the aforementioned rationale in the rejection.

As regards claim 6, Levy et al combination discloses the host computer system of claim 4, wherein the second browser application is configured to authenticate, using an authentication credentials in a configuration file, with an authorization device to communicate with the untrusted network destination. (Levy: ¶16, ¶41, ¶47, Figs 2, 9, 10, ¶45-¶50, ¶126-¶130, i.e., browser process is sandbox in its own virtual machine, isolating the process from other processes using a firewall, wherein opening the url in a different VM with firewall with user’s permission)

Claim 15 recites substantially the same features recited in claim 6 above, and is rejected based on the aforementioned rationale in the rejection.

As regards claim 7, Levy et al combination discloses the host computer system of claim 1, wherein the second browser application is configured to communicate with the untrusted network destination via a proxy device. (Levy: Fig. 2, ¶45. See also, Hoy: Fig. 1, ¶38)

Claim 16 recites substantially the same features recited in claim 7 above, and is rejected based on the aforementioned rationale in the rejection.

As regards claim 8, Levy et al combination discloses the host computer system of claim 1, wherein the risk level is a first risk level, the untrusted network destination is a first untrusted network destination, wherein the sandboxed environment is a first sandboxed environment, and the second browser application configured to run in the first sandboxed computing environment and a second sandboxed network environment, (Levy: Fig. 1-4, ¶10, ¶26-¶28, ¶39, i.e., multiple sandboxes wherein each browser instance is executed in its own sandboxed VM) and wherein the first sandboxed computing environment is configured to communicate with the first untrusted network destination associated with one or more of a first category or the first risk level and the second sandboxed computing environment is configured to communicate with a second untrusted network destination associated with one or more of a second category or a second risk level. (Levy: Fig. 1-4, ¶10, ¶26-¶28, ¶39-¶48, i.e., multiple sandboxes wherein each browser instance is executed in its own sandboxed VM based on different application types i.e., category; ¶111-¶112, ¶126-¶130, i.e., browser process is sandbox in its own virtual machine, isolating the process from other processes using a firewall. See also, Bud: Fig. 1, ¶76, ¶103-¶114)

Claim 17 recites substantially the same features recited in claim 8 above, and is rejected based on the aforementioned rationale in the rejection.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
Claim 9 and 18 is/are rejected under 35 U.S.C. 103 as being unpatentable over Levy in view of Bud in view of US 20160057167 A1 (hereinafter ‘Bach’).

As regards claim 9, Levy et al combination discloses the host computer system of claim 1, wherein the first browser application is associated with…, the first tab configured to communicate with a trusted network destination, and wherein the second browser application is associated with a second tab,…configured to communicate with the untrusted network destinations. (Levy: Fig. 1-4, ¶10, ¶26-¶28, ¶39-¶48, i.e., multiple sandboxes wherein each browser instance is executed in its own sandboxed VM based on different application types i.e., category; ¶111-¶112, ¶126-¶130, i.e., browser process is sandbox in its own virtual machine, isolating the process from other processes using a firewall.)
However, Levy does not explicitly disclose the use of browser tabs. However, before the effective filing date of the invention, it browser tabs were a well-known and a commonly used browser function to execute browser instances to access different sites. For instance, Bach (US 20160057167 A1) in analogous art, teaches using browser tabs wherein the tabs are associated with whitelist/blacklist of URLs in a web browser (Bach: Fig. 2, 4-6, ¶73-¶77, i.e., the browser tabs associated with whitelist/blacklist)
Before the effective filing date of the invention, it would have been obvious to one of ordinary skill in the art to modify Levy to include browser tabs associated with whitelist/blacklist of urls as taught by Bach with the motivation to use well-known browser function of tabs to launch browser instances. (Bach: Fig. 2, 4-6, ¶73-¶79) 

Claim 18 recites substantially the same features recited in claim 9 above, and is rejected based on the aforementioned rationale in the rejection.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SYED A ZAIDI whose telephone number is (571)270-5995. The examiner can normally be reached Monday-Thursday: 5:30AM-5:30PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey Nickerson can be reached on (469) 295-9235. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/SYED A ZAIDI/Primary Examiner, Art Unit 2432