DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on July 28, 2022 has been entered.
 
Acknowledgments
Applicant’s amendment filed on July 22, 2022 is acknowledged. Accordingly claims 1-16 and 19-32 remain pending and have been examined.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-16 and 19-30 is/are rejected under 35 U.S.C. 103 as being unpatentable over Hadsall U.S. Patent No. 9,898,610 B1 in view of Jakobsson U.S. Patent No. 9,137,238 B1 and/or Maron et al (hereinafter “Marion”) U.S. Patent No. 9,634,999 B1.

As per claims 1 and 21, Hadsall discloses a non-transitory computer-readable medium that stores instructions that, when executed by one or more processors, cause the one or more processors to perform actions, the actions comprising:
receiving by an executing computer device, user inputs representing an action of a user of an instance of a local application on a rendering computing device, the instance of the local application on the rendering computer providing one or more portions of an output of a remote application instance on the executing computing device that is remotely located, separate, and distinct from the rendering computing device the local application instance and the remote application instance cooperatively providing an application isolation session (col. 6, line 63-col. 7, line 19, which discloses that “The user may enter an input, via a mouse click, touch press, keyboard click, etc., representing one or more user credentials and the one or more user credentials may be received at the computing device (block 202).”; col. 31, lines 12-25, which discloses that “For example, the methods may be part of a browser application or an application running on the computing device 104 as a plug-in or other module of the browser application.”); 
determining that the user inputs representing the user action includes a trigger event of one or more trigger events determined based on a role associated with the user (col. 7, lines 12-44, which discloses that “Once a user has logged into the application, a processor of the computing device may execute an instruction to determine if a sensitive data flag has been triggered (block 204).”);
the trigger event including a predetermined number of keystrokes satisfying a character types variety requirement;
responsive to the determining that the user inputs representing the user action includes the trigger event, evaluating one or more characteristics of one or more fields in the output of the remote application instance to detect one or more candidate sensitive-information fields in the output of the remote application instance on the executing computing device (col. 7, lines 12-44, which discloses that “Once a user has logged into the application, a processor of the computing device may execute an instruction to determine if a sensitive data flag has been triggered (block 204).  Generally speaking, the sensitive data flag indicates that sensitive user data is being, or about to be, displayed within a viewport of the display of the computing device.  For example, the user may have requested an account balance, transaction number, contact information, etc.”);
evaluating one or more values of the one or more detected candidate sensitive-information fields to determine that the one or more values include candidate sensitive information (col. 2, lines 1-27, which discloses that “The method may include (1) receiving, via a computer network and/or one or more processors, a user credential authenticating a user of the computing device, and/or (2) determining, by the one or more processors, that a sensitive data flag has been triggered, The sensitive data flag may indicate that sensitive user data is displayed within a viewport of the computing device.”);
generating one or more secure versions of the determined candidate sensitive information based on the evaluation (col. 8, lines 1-20, which discloses that “If the processor executing the instruction determines that a second biometric identifier is detected, (YES branch of block 210), the processor may further execute an instruction to obscure the sensitive data within the viewport of the display of the computing device (block 212).  For example, the sensitive data may be obscured by blurring, or otherwise masking, the appearance of the sensitive data, blacking it out, no longer displaying the sensitive data, etc.”) ;
comparing the one or more generated secure versions of the determined candidate sensitive information to one or more stored values to verify that the determined candidate sensitive information includes actual sensitive information (col. 11, line 56-col. 12, lines 10, which discloses that “Accordingly, when a user attempts to view sensitive data, the biometric detection service, application, and/or functionality may detect the biometric identifier of the user, and/or compare it to the biometric identifiers on the unauthorized user list.  If the biometric identifier matches a biometric identifier belonging to a user on the unauthorized user list, then any sensitive data being, or about to be, displayed on the display of the computing device may be obscured.”); and
responsive to the comparison, preventing the verified actual sensitive information from being provided from the local application instance or the remote application instance to another application or computing device (col. 15, lines 25-53, which discloses that “determining that sensitive or confidential information is being displayed, or about to be displayed, on the display 708; blurring or masking (any and/or only) sensitive or confidential  information that is being displayed on the display 710; removing or preventing only the sensitive or confidential information from being displayed on the display 712; preventing internet access to the website, and/or directing the user to a secondary website where limited or no confidential information is allowed to be displayed 714; sending a warning to the authorized user or computer owner of the potential eavesdropper 716; and/or directing other remedial or corrective actions 718.”).
What Hadsall does not explicitly teach is
the trigger event including a predetermined number of keystrokes satisfying a character types variety requirement.
Jakobsson and/or Marion discloses non-transitory computer-readable medium wherein:
the trigger event including a predetermined number of keystrokes satisfying a character types variety requirement (see Jakobsson: claim 14, which discloses that “ wherein: receiving input provided by the user further comprises tracking a number of characters typed by the user in conjunction with entering the credential; and authenticating the credential further comprises: determining a number of key strokes required to input at least one of the constituent words; and determining whether the user is pasting in the credential or whether the user device has undesirable auto-completion settings.”; Marion: Col. 10, line 64-col. 11, lines 9, which discloses that “The new password may be received in response to the prompt. In some embodiments, a new password is validated to determine whether the new password meets certain password complexity requirements. For example, a password complexity requirement may dictate that a password include a certain number of characters, include a certain variety of characters (e.g., an upper case letter, a number, a symbol, etc.), and/or satisfy other requirements.”)
Accordingly it would have been obvious to one of ordinary skill in the art at time of applicant’s invention to modify the non-transitory computer-readable medium of Hadsall and incorporate the non-transitory computer-readable medium wherein: the trigger event including a predetermined number of keystrokes satisfying a character types variety requirement in view of the teachings of Jakobsson and/or Marion in order to prevent unauthorized access to sensitive data or information. 

As per claim 2, Hadsall further discloses the non-transitory computer-readable medium, wherein the actions further comprise: before detecting an action of a user of an instance of a local application on a rendering computing device:
detecting one or more key event listeners in script loaded in the local application instance or the remote application instance (col. 17, lines 40-65); and
disabling the one or more detected key event listeners (col. 17, lines 40-65).

As per claim 3, Hadsall further discloses the non-transitory computer-readable medium of claim 1, wherein the trigger event includes a user action on a web page that is determined to be absent from a whitelist (col. 17, lines 40-65).

As per claim 4, Hadsall further discloses the non-transitory computer-readable medium, wherein the trigger event includes a form submit event (col. 7, lines 12-44).

As per claim 5, Hadsall further discloses the non-transitory computer-readable medium, wherein a total number of the one or more detected candidate sensitive-information fields in the output of the remote application instance is less than a total number of input fields in the output of the remote application instance (col. 7, lines 12-44).

As per claims 6 and 25, Hadsall further discloses the non-transitory computer-readable medium, wherein evaluating the one or more values of the one or more detected candidate sensitive-information fields comprises:
evaluating the one or more values of the one or more detected candidate sensitive-information fields for compliance with one or more enterprise sensitive-information rules (col. 7, lines 12-44);
determining that the one or more values of the one or more detected candidate sensitive-information fields comply with the one or more enterprise sensitive-information rules (col. 7, lines 12-44); and
determining that the one or more values include candidate sensitive information based on the determination that the one or more values of the one or more detected candidate sensitive-information fields comply with the one or more enterprise sensitive-information rules (col. 7, lines 12-44).

As per claim 7, Hadsall discloses the non-transitory computer-readable medium, wherein comparing the one or more generated secure versions of the determined candidate sensitive information to one or more stored values comprises:
providing the one or more generated secure versions of the determined candidate sensitive information to an enterprise authentication service (col. 11, line 56-col. 12, lines 10); and
obtaining from the enterprise authentication service an indication that the one or more generated secure versions of the determined candidate sensitive information have been verified to include actual sensitive information (col. 11, line 56-col. 12, lines 10).

As per claim 8, Hadsall further discloses the non-transitory computer-readable medium, wherein comparing the one or more generated secure versions of the determined candidate sensitive information to one or more stored values comprises:
comparing a generated secure version of a first portion of the determined candidate sensitive information to one or more values that are stored on the rendering computing device or the executing computing device to determine that the generated secure version of the first portion of the determined candidate sensitive information includes actual sensitive information (col. 11, line 56-col. 12, lines 10);
providing a generated secure version of a second portion of the determined candidate sensitive information to an authentication manager (col. 11, line 56-col. 12, lines 10); and
obtaining from the authentication manager an indication that the generated secure version of the second portion of the determined candidate sensitive information has been verified to include actual sensitive information (col. 11, line 56-col. 12, lines 10).

As per claim 9, Hadsall further discloses the non-transitory computer-readable medium, wherein the actions further comprise:
providing to the user an option to request that a whitelist include a web page that caused the remote application instance to provide the output (col. 11, line 56-col. 12, lines 10);
obtaining user selection of the option to request from the user (col. 11, line 56-col. 12, lines 10); and
responsive to the request being granted, determining that the user action fails to include the trigger event during a subsequent occasion in which the web page causes the remote application instance to provide the output and allowing the verified actual sensitive information to be provided from the local application instance and the remote application instance to a web host of the web page (col. 11, line 56-col. 12, lines 10).

As per claim 10, Hadsall further discloses the non-transitory computer-readable medium, wherein the actions further comprise:
notifying the user that the verified actual sensitive information includes one or more enterprise credentials that are prohibited from being employed with non-enterprise accounts, services, or web pages (col. 15, lines 25-53); and
requiring the user to change credential information associated with the user and a non-enterprise account, service, or web page associated with the trigger event (col. 15, lines 25-53,).

As per claim 11, Hadsall further discloses the non-transitory computer-readable medium, wherein preventing the verified actual sensitive information from being provided from the local application instance or the remote application instance to another application or computing device comprises clearing or modifying one or more portions of the verified actual sensitive information before providing one or more user inputs from the local application instance on the rendering computing device to the remote application instance on the executing computing device (col. 15, lines 25-53).

As per claim 12, Hadsall further discloses the non-transitory computer-readable medium, wherein preventing the verified actual sensitive information from being provided from the local application instance or the remote application instance to another application or computing device comprises clearing or modifying one or more portions of the verified actual sensitive information before providing one or more values for at least one of the one or more fields in the output of the remote application instance that are determined to not include sensitive information from the local application instance on the rendering computing device to the remote application instance on the executing computing device (col. 15, lines 25-53).

As per claim 13 and 26;  Hadsall further discloses the non-transitory computer-readable medium, wherein preventing the verified actual sensitive information from being provided from the local application instance or the remote application instance to another application or computing device comprises clearing or modifying one or more portions of the verified actual sensitive information after providing one or more values for the one or more fields in the output of the remote application instance from the local application instance on the rendering computing device to the remote application instance on the executing computing device and before providing one or more values for at least one of the one or more fields in the output of the remote application instance that are determined to not include sensitive information from the remote application instance on the executing computing device to a third-party web host (col. 15, lines 25-53).

As per claim 14, Hadsall further discloses the non-transitory computer-readable medium, wherein the local application instance on the rendering computing device is an instance of a web browser, and one or more of the actions are performed by a web application loaded in the web browser instance on the rendering computing device (col. 31, lines 12-25).

As per claim 15, Hadsall further discloses the non-transitory computer-readable medium, wherein the local application instance on the rendering computing device is an instance of an isolator application, and one or more of the actions are performed by the isolator application instance on the rendering computing device (col. 31, lines 12-25).

As per claim 16, Hadsall further discloses the non-transitory computer-readable medium, wherein one or more of the actions are performed by the executing computing device (col. 7, lines 12-44).

As per claim 19, Hadsall further discloses the non-transitory computer-readable medium, wherein the actions further comprise providing, from the executing computing device, one or more files to the rendering computing device to cause the local application instance on the rendering computing device to provide one or more indications of one or more user inputs to the remote application instance on the executing computing device (col. 7, lines 12-44).

As per claim 20, Hadsall further discloses the non-transitory computer-readable medium, wherein the actions further comprise providing, from the executing computing device, one or more files to the rendering computing device to cause the local application instance on the rendering computing device to perform one or more of the actions (col. 7, lines 12-44).

As per claim 22, Hadsall further discloses the non-transitory computer-readable medium, wherein preventing the verified actual sensitive information from being provided from the local application instance or the remote application instance to another application or computing device comprises executing one or more prevention solutions in a cascading hierarchy (col. 15, lines 25-53).

As per claim 23, Hadsall further discloses the non-transitory computer-readable medium, wherein evaluating information that the user attempts to provide to the remote application instance via the local application instance to determine that the evaluated information includes candidate sensitive information comprises evaluating information that the user attempts to provide to the remote application instance responsive to a determination that the output of the remote application instance is based on a non-whitelisted website (col. 15, lines 25-53).

As per claim 24, Had further discloses the non-transitory computer-readable medium, wherein evaluating information that the user attempts to provide to the remote application instance via the local application instance to determine that the evaluated information includes candidate sensitive information comprises evaluating information that the user attempts to provide to the remote application instance responsive to a determination that the user initiates a form submit event (col. 15, lines 25-53).

As per claim 27, Hadsall further discloses the non-transitory computer-readable medium, wherein the local application instance on the rendering computing device is an instance of a web browser, and one or more of the actions are performed by a web application loaded in the web browser instance on the rendering computing device (col. 31, lines 12-25).

As per claim 28, Hadsall further discloses the non-transitory computer-readable medium, wherein the local application instance on the rendering computing device is an instance of an isolator application, and one or more of the actions are performed by the isolator application instance on the rendering computing device (col. 31, lines 12-25).

As per claim 29, Hadsall further discloses the non-transitory computer-readable medium, wherein the remote application instance is executing on an executing computing device that is remotely located, separate, and distinct from the rendering computing device, and one or more of the actions are performed by the executing computing device (see fig. 1 including associated text).

As per claim 30, Hadsall further discloses the non-transitory computer-readable medium, wherein the remote application instance is executing on an executing computing device that is remotely located, separate, and distinct from the rendering computing device, and the actions further comprise providing, from the executing computing device, one or more files to the rendering computing device to cause the local application instance on the rendering computing device to provide one or more indications of one or more user inputs to the remote application instance on the executing computing device (col. 15, lines 25-53).

As per claim 31 and 32, Hadsall further discloses the method, wherein determining that the user inputs representing the user action includes the trigger event comprises:
identifying the role associated with the user (see fig. 5 and associated text); and
determining that the user inputs include one or more user action types defined as trigger events for the identified role associated with the user (see fig. 5 and associated text).

Conclusion

Any inquiry concerning this communication or earlier communications from the examiner should be directed to Charles C. Agwumezie whose number is (571) 272-6838. The examiner can normally be reached on Monday – Friday 8:00 am – 5:00 pm.
	If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, John Hayes can be reached on (571) 272 – 6708.
	Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/CHINEDU C AGWUMEZIE/Primary Examiner, Art Unit 3685                                                                                                                                                                                                        August 23, 2022