DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This is in response to the correspondence filed on 06/03/22.  Claims 1-20 are still pending and have been considered below.

Claim Rejections - 35 USC § 103
The text of those sections of Title 35, U.S. Code not included in this action can be found in a prior Office action.
Claim(s) 1-20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Tripp (2014/0137084) in view of Jung et al. (2011/0145918) and further in view of Sun et al. (2011/0069626).
Claim 1:  Tripp discloses a computer-implemented method comprising:
generating a model of a device under test(model containers for a program code under test) [pages 2-3, paragraphs 0021 & 0026], the model comprising a data path similar to the device under test and an attribute network(model containers are relational abstractions of actual containers and include corresponding lists of supporting operations, which are used to analyze data-flow of program code under test) [page 3, paragraph 0034 | page 5, paragraphs 0056-0057];
detecting an introduction of data into the model and an end point of the data along the data path(data-flow analysis from source statement to sink statement) [page 3, paragraphs 0029-0030]; and
issuing, in response to the end point being indicative of a vulnerability, an alert(labeled as having a security vulnerability) [page 6, paragraph 0065];
but does not explicitly disclose detecting an introduction of protected data into the model; marking the protected data with an attribute; and detecting an end point of the marked protected data along the data path.
However, Jung et al. discloses a similar invention [page 2, paragraph 0023] and further discloses detecting an introduction of protected data into the model and marking the protected data with an attribute(monitors for input of sensitive data and marks data associated with sensitive data indicator as tainted data) [page 1, paragraph 0014 | page 3, paragraph 0026]; and detecting an end point of the marked protected data along the data path(tracks propagation of tainted data between inputs and outputs) [pages 3-4, paragraph 0032 | page 5, paragraph 0041].
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to further modify the disclosure of Tripp with the additional features of Jung et al., in order to accurately and efficiently track sensitive data as the data flows through a target application, as suggested by Jung et al. [page 1, paragraphs 0004 & 0013].
Nonetheless, the combination of Tripp and Jung et al. still does not rise to the level of disclosing tracking a flow of the protected data along the data path in real-time.
However, Sun et al. discloses a similar invention for monitoring devices/systems under test [page 3, paragraphs 0038-0040] and further discloses tracking a flow of data along a data path in real-time(tracking selected/specific flow(s) and displaying statistics in real-time) [page 4, paragraph 0046 | page 5, paragraphs 0056-0057].
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to further modify the disclosures of Tripp and Jung et al. with the additional features of Sun et al., in order to allow users of a device under test to readily see how the device under test is performing, as suggested by Sun et al. [pages 6-7, paragraph 0066].
Claim 2:  Tripp, Jung et al. and Sun et al. disclose the method of claim 1, and Tripp further discloses wherein the data path comprises parallel data paths(model containers and operations performed in parallel) [page 5, paragraph 0056 | page 6, paragraph 0062].
Claim 3:  Tripp, Jung et al. and Sun et al. disclose the method of claim 1, and Jung et al. further discloses wherein the protected data is introduced to the model through a stimulus comprising the protected data and unprotected data(monitoring multiple input channels for sensitive data input) [pages 2-3, paragraph 0024].
Claim 4:  Tripp, Jung et al. and Sun et al. disclose the method of claim 1, and Tripp further discloses wherein detecting the introduction of the protected data is in response to an exception occurring in the model(detection of use of container within program code under test) [page 5, paragraph 0052].
Claim 5:  Tripp, Jung et al. and Sun et al. disclose the method of claim 1, and Tripp further discloses wherein detecting the end point of the marked protected data is in response to detecting a security mitigation event(detecting sensitive operations) [page 3, paragraph 0029] [Jung et al.: page 2, paragraph 0023].
Claim 6:  Tripp, Jung et al. and Sun et al. disclose the method of claim 1, and Jung et al. further discloses wherein the protected data includes a plurality of protected data items and each protected data item includes a respective attribute(various types and categories of sensitive data) [page 1, paragraph 0014].
Claim 7:  Tripp, Jung et al. and Sun et al. disclose the method of claim 6, and Jung et al. further discloses wherein each respective attribute describes a class of protected data(type, category, file attributes, etc.) [page 3, paragraphs 0026-0028].
Claim 8:  Tripp discloses a system comprising:
a memory having computer readable instructions [page 1, paragraph 0014]; and
one or more processors for executing the computer readable instructions, the computer readable instructions controlling the one or more processors to perform operations comprising:
generating a model of a device under test [pages 2-3, paragraphs 0021 & 0026] comprising a data path similar to the device under test and an attribute network [page 3, paragraph 0034 | page 5, paragraphs 0056-0057];
detecting an introduction of data into the model and an end point of the data along the data path [page 3, paragraphs 0029-0030]; and
issuing, in response to the end point being indicative of a vulnerability, an alert [page 6, paragraph 0065];
but does not explicitly disclose detecting an introduction of protected data into the model; marking the protected data with an attribute; and detecting an end point of the marked protected data along the data path.
However, Jung et al. discloses a similar invention [page 2, paragraph 0023] and further discloses detecting an introduction of protected data into the model and marking the protected data with an attribute [page 1, paragraph 0014 | page 3, paragraph 0026]; and detecting an end point of the marked protected data along the data path [pages 3-4, paragraph 0032 | page 5, paragraph 0041].
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to further modify the disclosure of Tripp with the additional features of Jung et al., in order to accurately and efficiently track sensitive data as the data flows through a target application, as suggested by Jung et al. [page 1, paragraphs 0004 & 0013].
Nonetheless, the combination of Tripp and Jung et al. still does not rise to the level of disclosing tracking a flow of the protected data along the data path in real-time.
However, Sun et al. discloses a similar invention for monitoring devices/systems under test [page 3, paragraphs 0038-0040] and further discloses tracking a flow of data along a data path in real-time [page 4, paragraph 0046 | page 5, paragraphs 0056-0057].
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to further modify the disclosures of Tripp and Jung et al. with the additional features of Sun et al., in order to allow users of a device under test to readily see how the device under test is performing, as suggested by Sun et al. [pages 6-7, paragraph 0066].
Claim 9:  Tripp, Jung et al. and Sun et al. disclose the system of claim 8, and Tripp further discloses wherein the data path comprises parallel data paths [page 5, paragraph 0056 | page 6, paragraph 0062].
Claim 10:  Tripp, Jung et al. and Sun et al. disclose the system of claim 8, and Jung et al. further discloses wherein the protected data is introduced to the model through a stimulus comprising the protected data and unprotected data [pages 2-3, paragraph 0024].
Claim 11:  Tripp, Jung et al. and Sun et al. disclose the system of claim 8, and Tripp further discloses wherein detecting the introduction of the protected data is in response to an exception occurring in the model [page 5, paragraph 0052].
Claim 12:  Tripp, Jung et al. and Sun et al. disclose the system of claim 8, and Tripp further discloses wherein detecting the end point of the marked protected data is in response to detecting a security mitigation event [page 3, paragraph 0029] [Jung et al.: page 2, paragraph 0023].
Claim 13:  Tripp, Jung et al. and Sun et al. disclose the system of claim 8, and Jung et al. further discloses wherein the protected data includes a plurality of protected data items and each protected data item includes a respective attribute [page 1, paragraph 0014].
Claim 14:  Tripp, Jung et al. and Sun et al. disclose the system of claim 13, and Jung et al. further discloses wherein each respective attribute describes a class of protected data [page 3, paragraphs 0026-0028].
Claim 15:  Tripp discloses a computer program product comprising a computer readable storage medium having program instructions embodied therewith, the program instructions executable by a processor to cause the processor to perform operations comprising:
generating a model of a device under test [pages 2-3, paragraphs 0021 & 0026] comprising a data path similar to the device under test and an attribute network [page 3, paragraph 0034 | page 5, paragraphs 0056-0057];
detecting an introduction of data into the model and an end point of the data along the data path [page 3, paragraphs 0029-0030]; and
issuing, in response to the end point being indicative of a vulnerability, an alert [page 6, paragraph 0065];
but does not explicitly disclose detecting an introduction of protected data into the model; marking the protected data with an attribute; and detecting an end point of the marked protected data along the data path.
However, Jung et al. discloses a similar invention [page 2, paragraph 0023] and further discloses detecting an introduction of protected data into the model and marking the protected data with an attribute [page 1, paragraph 0014 | page 3, paragraph 0026]; and detecting an end point of the marked protected data along the data path [pages 3-4, paragraph 0032 | page 5, paragraph 0041].
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to further modify the disclosure of Tripp with the additional features of Jung et al., in order to accurately and efficiently track sensitive data as the data flows through a target application, as suggested by Jung et al. [page 1, paragraphs 0004 & 0013].
Nonetheless, the combination of Tripp and Jung et al. still does not rise to the level of disclosing tracking a flow of the protected data along the data path in real-time.
However, Sun et al. discloses a similar invention for monitoring devices/systems under test [page 3, paragraphs 0038-0040] and further discloses tracking a flow of data along a data path in real-time [page 4, paragraph 0046 | page 5, paragraphs 0056-0057].
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to further modify the disclosures of Tripp and Jung et al. with the additional features of Sun et al., in order to allow users of a device under test to readily see how the device under test is performing, as suggested by Sun et al. [pages 6-7, paragraph 0066].
Claim 16:  Tripp, Jung et al. and Sun et al. disclose the computer program product of claim 15, and Tripp further discloses wherein the data path comprises parallel data paths [page 5, paragraph 0056 | page 6, paragraph 0062].
Claim 17:  Tripp, Jung et al. and Sun et al. disclose the computer program product of claim 15, and Jung et al. further discloses wherein the protected data is introduced to the model through a stimulus comprising protected data and unprotected data [pages 2-3, paragraph 0024].
Claim 18:  Tripp, Jung et al. and Sun et al. disclose the computer program product of claim 15, and Tripp further discloses wherein detecting the introduction of the protected data is in response to an exception occurring in the model [page 5, paragraph 0052].
Claim 19:  Tripp, Jung et al. and Sun et al. disclose the computer program product of claim 15, and Tripp further discloses wherein detecting the end point of the marked protected is in response to detecting a security mitigation event [page 3, paragraph 0029] [Jung et al.: page 2, paragraph 0023].
Claim 20:  Tripp, Jung et al. and Sun et al. disclose the computer program product of claim 15, and Jung et al. further discloses wherein the protected data includes a plurality of protected data items and each protected data item includes a respective attribute [page 1, paragraph 0014].

Response to Arguments
Applicant’s arguments with respect to the claim(s) have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to EDWARD ZEE whose telephone number is (571)270-1686. The examiner can normally be reached Monday-Friday 9AM-5PM EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Joseph Hirl can be reached on (571)272-3685. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/EDWARD ZEE/Primary Examiner, Art Unit 2435