Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Examiner’s Note
	Examiner called Applicant and told him that the instant continuation case may be placed in allowable condition if the Applicant files an eTD to overcome the potential conflict with the parent case which been allowed and for which a patent  has been issued, (US 10824770).
 	The Applicant agreed to consider the recommendation and get back, after consultation with his client, asap with a response. Subsequently, the Applicant filed an eTD on 7/26/20222 which has been approved.
The case has now been placed in allowable condition. 
Allowable Subject Matter
Claims 1-20 are allowed.
	   The following is an examiner’s statement of reasons for allowance:
Regarding claims 1,8 & 15, although the prior art of record teaches (such as, Olson (US20060200665 as mentioned in IDS) generating a document by a web application executing in the web browser, none of the prior art, alone or in combination teaches wherein the document comprises a plurality of elements including a secure display element, the secure display element comprising a secure display element name and a first encrypted value; decrypting, by a cryptographic tool of the web browser, the first encrypted value to generate a first clear value, wherein the web browser is programmed to prevent the web application from accessing the first clear value; and rendering the document with a rendering engine of the web browser at the output device of the client computing device, the rendering using the first clear value; in view of other limitations of claims 1, 8 & 15..
	The closest prior art (patent publications) made of records are: 
Olson (US20060200665 as mentioned in IDS) teaches systems and methods for protecting sensitive data stored in a text-based configuration file. In a web server application, data associated with sensitive information such as connection information for a remote database may be stored within a configuration file and accessed whenever a request for information from that database is received. To prevent unwanted access to remote database, the portion of the configuration file with sensitive information is encrypted. A decryption provider selected by the requesting server or client application decrypts the sensitive data using the decryption key, retrieves protected data from the remote database, and the configuration server provides a response based on the sensitive data protecting access to the remote database. The encryption/decryption process is transparent to the web server application consuming the configuration. 
Varadarajan (US10462135B2) teaches Various system configurations and methods for maintaining, accessing, and utilizing secure data of a web browser in a hardware-managed secure data store are disclosed herein. In an example, operations for management of sensitive data such as passwords may be provided with the use of secure enclaves operating in a trusted execution environment. For example, such secure enclaves may be used for sealing and persisting sensitive data associated with a remote service, and transmitting the sensitive data to the remote service, while an unsealed form of the sensitive data is not accessible outside of the trusted execution environment. In further examples, operations for generating a password, storing or updating existing passwords, and replacing web browser input fields with secure data are disclosed.
Landsman (US20070033155) discloses client-server architectures for allowing web applications to operate even when the client and server are disconnected. Exemplary architectures include a local web engine associated with a local cache which can be separate from a browser cache and browser application. Exemplary data structures include web documents having one or more control commands embedded in the head with manifest code. Exemplary methods include operating web applications when the client is offline, caching web applications, executable code, web documents, security code, and/or remote files, allowing web application access of local files, and operating client/web applications.
Dahan (US20170195363 as mentioned in IDS) teaches detecting and preventing phishing attacks in real-time features protection of users from feeding sensitive data to phishing sites, educating users for theft awareness, and protecting enterprise credentials. A requested document traversing a gateway is embedded with a detection module. When a user accesses the document, the embedded detection module is executed in the context of the document, checks if the document is prompting the user for sensitive information, determining if the document is part of a phishing attack, and initiates mitigation, warning, and/or education techniques. 
  Lin (US20170279823 ) teaches a network attack determination method, a secure network data transmission method, and a corresponding apparatus. In this application, a browser client terminal obtains attack rules formulated by a rule configuration server, and after obtaining feedback information that is returned by a network according to a webpage browsing request, determines, according to a comparison result between the attack rules and the feedback information, whether the webpage browsing request encounters a network attack, thereby resolving a problem in the prior art that a network attack cannot be identified. In addition, after determining that a network attack is encountered, the browser client terminal performs network data transmission in a secure manner, which can avoid impact from the network attack, and improve security of network data transmission. 
 Qureshi (US20140007182 ), teaches  a system that includes components and features for enabling enterprise users to securely access enterprise resources (documents, data, application servers, etc.) using their mobile devices. An enterprise can use some or all components of the system to, for example, securely but flexibly implement a BYOD (bring your own device) policy in which users can run both personal applications and secure enterprise applications on their mobile devices. The system may, for example, implement policies for controlling mobile device accesses to enterprise resources based on device attributes (e.g., what mobile applications are installed), user attributes (e.g., the user's position or department), behavioral attributes, and other criteria. Client-side code installed on the mobile devices may further enhance security by, for example, creating a secure container for locally storing enterprise data, creating a secure execution environment for running enterprise applications, and/or creating secure application tunnels for communicating with the enterprise system. 
Song (US20170295144 as mentioned in IDS) teaches various embodiments that implement a secure content distribution architecture involving a content delivery network (CDN). A web server system can encrypt a content file and store the encrypted content file in an origin data center. The web server system can store a decryption key for decrypting the content file. The CDN can fetch the encrypted content file after the content file is first requested by the CDN from the origin cache system. When a client device requests access to a website supported by the web server system, the web server system can provide a blueprint of a page of the website, a link to the content file in the CDN, and the decryption key for decrypting the content file. The client device can then request the encrypted content file from the CDN and utilize the decryption key to decrypt the encrypted content file. 
  Figueroa (US20180255068 ) discloses embodiments that protect clients from open redirect security vulnerabilities in Web applications. A primary application receives a request for an operation to be performed on behalf of a secondary application. The request includes a return location parameter containing i) a return location, and ii) an encrypted portion. After completing the requested operation, the primary application retrieves the return location parameter and a cryptographic key uniquely associated with the secondary application. The primary application decrypts the encrypted portion of the return location parameter to generate a decrypted value, and uses the decrypted value to validate the return location contained in the return location parameter. The primary application transmits a redirect message to the client that causes the client to be redirected to the return location contained in the return location parameter only in response to the return location being successfully validated based on the decrypted value. 
 Cahill (US 20110016169 ) discloses the functionality of a browser application is enhanced using a browser plug-in, which enables the browser application to access portions of a file system not otherwise accessible to the browser application. The enhanced functionality provided by the browser plug-in is used in one example by an image uploading web application. The browser application may also start a task in the background, such as a task for uploading several images, and then monitor the progress of the task even when the browser application navigates away from the page that initiated the task. The browser application may usae a local web server running on the client device to perform tasks, including the rendering of images and monitoring progress of long running tasks. 
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance”.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHER KHAN whose telephone number is (571)272-8574.  The examiner can normally be reached on Monday-Friday-8:00am - 5:00pm (EST).If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni Shiferaw can be reached on 571-272-3867.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/SHER A KHAN/           Primary Examiner, Art Unit 2497