DETAILED ACTION
Claims 1-20 are pending in this application.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 5, 8, and 9 are rejected under 35 U.S.C. 103 as being unpatentable over U.S. Pub. No. 2006/0212803 A1 to Arokiaswany et al. in view of U.S. Pat. No. 8,423,651 B1 issued to Grieve et al. and further in view of U.S. Pat. No. 8,307,278 B1 issued to Spear.

As to claim 1, Arokiaswany teaches a system, comprising: 
at least one processor; and 
a memory component having instructions stored thereon, which, when executed by the processor, cause the processor to perform operations comprising: 
presenting data from a distributed network of data sources via a user interface of a user device associated with a user, by: 
in response to receiving a page load request from the user device, by a container server (Web Server 115), identifying a set of frames (inline frame) associated with the user, by the container server, the set of frames comprising individual ones of the distributed network of data sources (each document may have its own unique set of hyperlinks) loaded into respective frames of a container page (Dynamic Frame Web Page 120)(“... In general, with reference to FIG. 1, exemplary system 90 includes a system and method for dynamically resizing a portal frame within a web page to the dimensions of content from a secondary web page. In one embodiment, system 90 is configured to determine the height and width of secondary web page content as it is loaded within a browser application and resizes the secondary content accordingly. System 90 facilitates interaction between user 100 and portal web 110 through a web client 105. Web client 105 is connected to a web server 115 through a network connection (e.g., Internet, Intranet, LAN, WAN). Web server 115 may retrieve a requested dynamic frame web page 120 and transmit it in the form of an HTML stream to be rendered at web client 105...Dynamic frame web page 120 includes an extension of the HTML IFrame to display an external web page 135. IFrame is an inline frame which enables developers to embed one or more other HTML documents into a single HTML document. The inline frame's embedded data is displayed inside a sub-window of the browser's window. Although it may appear to users that they are viewing a single document, the two or more documents are independent, and each are treated as complete documents, instead of treating one as part of the other. Therefore, each document may have its own unique set of hyperlinks, user interface controls and functions. Those skilled in the art will appreciate that while the inline frame is herein referred to as an IFrame, the system 90 may be equally applicable to any number of various inline frame configurations...” paragraphs 0014/0015); and
generating the container page for display via the user interface, by the container server, the container page including the frames (Dynamic Frame Web Page 120) (“...Dynamic frame web page 120 includes an extension of the HTML IFrame to display an external web page 135. IFrame is an inline frame which enables developers to embed one or more other HTML documents into a single HTML document. The inline frame's embedded data is displayed inside a sub-window of the browser's window. Although it may appear to users that they are viewing a single document, the two or more documents are independent, and each are treated as complete documents, instead of treating one as part of the other. Therefore, each document may have its own unique set of hyperlinks, user interface controls and functions. Those skilled in the art will appreciate that while the inline frame is herein referred to as an IFrame, the system 90 may be equally applicable to any number of various inline frame configurations...” paragraph 0015).
Arokiaswany is silent with reference to authenticating the set of frames, by the container server, to identify authenticated frames,
facilitating secure communications between the authenticated frames of the container page, by:
receiving a message from a first one of the authenticated frames, by the container server,
verifying authenticated status of the first one, by the container server,
identifying one or more target frames associated with the message, by the container server, the authenticated frames comprising the one or more target frames,
transmitting the message to the one or more target frames, based on the authenticated status, to generate a transmitted message, and 
presenting an updated version of the data from the distributed network of data sources, based on the secure communications, by: 
58updating the container page presented via the user device, by the container server, based on at least the transmitted message, to generate an updated container page, the updated version comprising the updated container page.
Grieve teaches authenticating (Cross-domain security module 56 (security module 56) the set of frames, by the container server, to identify authenticated frames (Parent Web Application 50/Child Web Application 60) (“...Once a shared worker 14, and/or a communications link to shared worker 14, has been established by shared worker verification module 64, as mentioned above, due to browser security restrictions, parent web application 50 may be prevented from communicating with web applications associated with domain B, including shared worker application 14, e.g., to send shared worker 14 a request to access information from one or more network servers 16D-16F associated with domain B. However, web browser 12 may be configured to allow specific types of cross-domain communications in this configuration. For example, communications between parent web application 50 and child web application 60 to establish secure cross-domain communications may be allowed. In one example, child web application 50 may be configured to ignore all messages from parent web application  50 not related to secure authentication of parent web application 50 until parent web application  50 has been authenticated...Parent web application 50 includes cross-domain security module 56. Cross-domain security module 56 (security module 56) may be configured to communicate with an associated cross-domain security module 62 (security module 62) of child web application 60 to securely authenticate communications between parent web application 50 (domain A) and web applications associated with domain B, including shared worker application 14. In various examples discussed below, security module 62 may be configured to receive information from security module 56, and communicate that information to one or more network servers 16D-16F, to determine whether or not parent web application 50 should be allowed to securely communicate with one or more web applications (e.g., shared worker application 14) associated with domain B...In one example, security module 56 may be configured to communicate, to security module 66, one or more identifications of parent web application 50 and/or domain A. Security module 56 may communicate the received one or more identifications to a network server associated with domain B, e.g., one or more of network servers 16D-16F (network server 16D in the example of FIG. 6). In some examples, network server 16D-16F may be a network server associated with domain B that is dedicated to authentication of secure communication requests. One or more of network servers 16D-16F may include a list of domains and/or web applications for which secure communications should be authorized (e.g., a whitelist). According to this example, network server 16D-16F may be configured to compare the one or more identifications received from security module 62 to the list of authorized domains and/or web applications. If the one or more identifications are included in the list, network server 16D may return an indication of authentication to security module 62...” Col. 12 Ln. 65-67, Col. 13 Ln. 1-50),
facilitating secure communications between the authenticated frames of the container page, by:
receiving a message from a first one of the authenticated frames, by the container server, verifying authenticated status of the first one, by the container server, identifying one or more target frames associated with the message, by the container server, the authenticated frames comprising the one or more target frames, and
transmitting the message to the one or more target frames, based on the authenticated status, to generate a transmitted message (Parent Web Application 50/Child Web Application 60) (“...Once a shared worker 14, and/or a communications link to shared worker 14, has been established by shared worker verification module 64, as mentioned above, due to browser security restrictions, parent web application 50 may be prevented from communicating with web applications associated with domain B, including shared worker application 14, e.g., to send shared worker 14 a request to access information from one or more network servers 16D-16F associated with domain B. However, web browser 12 may be configured to allow specific types of cross-domain communications in this configuration. For example, communications between parent web application 50 and child web application 60 to establish secure cross-domain communications may be allowed. In one example, child web application 50 may be configured to ignore all messages from parent web application  50 not related to secure authentication of parent web application 50 until parent web application  50 has been authenticated...Parent web application 50 includes cross-domain security module 56. Cross-domain security module 56 (security module 56) may be configured to communicate with an associated cross-domain security module 62 (security module 62) of child web application 60 to securely authenticate communications between parent web application 50 (domain A) and web applications associated with domain B, including shared worker application 14. In various examples discussed below, security module 62 may be configured to receive information from security module 56, and communicate that information to one or more network servers 16D-16F, to determine whether or not parent web application 50 should be allowed to securely communicate with one or more web applications (e.g., shared worker application 14) associated with domain B...In one example, security module 56 may be configured to communicate, to security module 66, one or more identifications of parent web application 50 and/or domain A. Security module 56 may communicate the received one or more identifications to a network server associated with domain B, e.g., one or more of network servers 16D-16F (network server 16D in the example of FIG. 6). In some examples, network server 16D-16F may be a network server associated with domain B that is dedicated to authentication of secure communication requests. One or more of network servers 16D-16F may include a list of domains and/or web applications for which secure communications should be authorized (e.g., a whitelist). According to this example, network server 16D-16F may be configured to compare the one or more identifications received from security module 62 to the list of authorized domains and/or web applications. If the one or more identifications are included in the list, network server 16D may return an indication of authentication to security module 62...” Col. 12 Ln. 65-67, Col. 13 Ln. 1-50).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claim invention to modify the system of Arokiaswany with the teaching of Grieve because the teaching of Grieve would improve the system of Arokiaswany by providing a technique of facilitating inter-domain communications by authenticating web applications associated with a different domain to enable inter-domain communications between the web applications.   
Spear teaches presenting an updated version of the data from the distributed network of data sources, based on the communications, by: 
58updating (I-frame Updater 180) the container page presented (master frame web page) via the user device, by the container server, based on at least the transmitted message, to generate an updated container page, the updated version comprising the updated container page (“...In general, web browser 140 operates by providing an i-frame manager 170 that hosts a master frame web page that is partitioned into a plurality of inline frames. These inline frames are displayed by web page display module 160. Web page display module 160 accesses the appropriate content to fill the inline frames from server 194 connected to computing device 100 over network 192 via network connection 190. This content may include web pages from web page storage 196 and web service content 198. Meanwhile, i-frame manager 170 ensures that the appropriate content is directed to the appropriate i-frame, and i-frame updater 180 works in the background to synchronize the i-frames, so that each view of web content is kept up to date. I-frame updater 180 works to ensure that edits made in windows are reflected in relevant buffers, and web services reflect an updated version of the web service content. It does this by treating inline frames as documents within documents. Whenever an event that changes the contents of an i-frame occurs, whether it is due to user input or other changes of the i-frame, i-frame updater 180 intercepts the change. I-frame updater reflects the change appropriately in the relevant buffer, and causes web page display module 160 to display the change in all relevant i-frames in web browser 140...In stage 250, the inline frames are updated based on the markup language instructions so as to keep current at least one of the content web pages, the views of the content web pages, or the web service frame as a user interacts with the inline frames of the master frame web page. Stage 250 may be performed by i-frame manager 170 acting in conjunction with i-frame updater 180 in web browser 140...” Col. 3 Ln. 23-45, Col. 4 Ln. 50-56).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claim invention to modify the system of Arokiaswany and Grieve with the teaching of Spear because the teaching of Spear would improve the system of Arokiaswany and Grieve by providing an i-frame updater that works in the background to synchronize the i-frames, so that each view of web content is kept up to date (Spear Col. 4 Ln. 50-56).   

As to claim 5, Grieve teaches the system of Claim 1, wherein verifying authenticated status of the first one, by the container server, further comprises: 
59identifying a source identifier for the first one of the authenticated frames, from the message (whitelist); comparing the source identifier to stored, authenticated identifiers, to locate a match (whitelist); and when the source identifier matches one of the stored, authenticated identifiers, determining previous authentication of the first one, based on the match (whitelist); and verifying the authenticated status of the first one, based on the previous authentication (whitelist) (“...In one example, security module 56 may be configured to communicate, to security module 66, one or more identifications of parent web application 50 and/or domain A. Security module 56 may communicate the received one or more identifications to a network server associated with domain B, e.g., one or more of network servers 16D-16F (network server 16D in the example of FIG. 6). In some examples, network server 16D-16F may be a network server associated with domain B that is dedicated to authentication of secure communication requests. One or more of network servers 16D-16F may include a list of domains and/or web applications for which secure communications should be authorized (e.g., a whitelist). According to this example, network server 16D-16F may be configured to compare the one or more identifications received from security module 62 to the list of authorized domains and/or web applications. If the one or more identifications are included in the list, network server 16D may return an indication of authentication to security module 62...In another example, security module 56 may itself include a list of a list of domains and/or web applications for which secure communications should be authorized (whitelist). According to this example, security module 56 may receive the one or more identifications of domain A and/or parent web application 50, and security module itself may perform a comparison to determine whether or not to enable cross-domain communications with parent web application 50...The child web application 80 may then attempt to authenticate first web application  70 for secure communications. For example, child web application 80 may communicate an identification of first web application 70 to one or more network servers associated with www.google.com/contacts for comparison to a list ("white list") of previously determined domains and/or web application with which secure communications are allowed for web applications associated with www.google.com/contacts. In another example, child web application  80 may authenticate secure communications via secure token exchange as described above with respect to FIG. 6...” Col. 13 Ln. 31-58, Col. 17 Ln. 32-43).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claim invention to modify the system of Arokiaswany and Spear with the teaching of Grieve because the teaching of Grieve would improve the system of Arokiaswany and Spear by providing a mechanism that allows some identified entities to access a particular privilege, service, mobility, or recognition.   

As to claims 8 and 9, see the rejection of claims 1 and 5 respectively.

Claim 2 is rejected under 35 U.S.C. 103 as being unpatentable over U.S. Pub. No. 2006/0212803 A1 to Arokiaswany et al. in view of U.S. Pat. No. 8,423,651 B1 issued to Grieve et al. and further in view of U.S. Pat. No. 8,307,278 B1 issued to Spear as applied to claim 1 above, and further in view of U.S. Pub. No. 2012/0047517 A1 to Townsend et al.

As to claim 2, Arokiaswany as modified by Grieve and Spear teaches the system of Claim 1, however it is silent with reference to (HOWEVER, Townsend teaches) wherein the operations further comprise: determining the message includes a filter request, by the container server; and synchronizing a plurality of data sources from the distributed network, by: displaying filter parameters based on the filter request; and broadcasting the message including the filter request to the authenticated frames, in response to the filter request, wherein transmitting the message comprises broadcasting the message including the filter request (a contact center may receive data in response to a request issued by the frame) (“...At operation 602, agent systems 248, 256, and 264 each may include a Comet connection 250, 258, and 266, respectively, to connect the agent systems 248, 256, and 264 to the networked contact center 202. In an example embodiment, agent systems 248, 256, and 264 further may include an event publisher, such as a TIBCO PageBus Publisher, which is an open source message bus implemented in JavaScript. An inline frame ("frames") (e.g., elements 252, 254 of agent system 248, elements 260, 262 of agent system 256, elements 268, 270 of agent system 264) of an agent UI provided in an Internet browser window for interacting with a contact center may receive data in response to a request issued by the frame. In one example embodiment, the data may be pushed to the frame by a backend component of the networked contact center 202. In one example embodiment, the JCM server 210 may receive the data from a data source (e.g., local CRM, database, third party CRM) and push the data to an application server supporting Apache Tomcat technologies. The data may then be transmitted from the application server to the agent UI. The frame may receive the data and update itself with the newly received data...At operation 604, the requesting frame may publish the incoming event corresponding to the received data on a message bus. The requesting frame may publish the incoming event with a topic name. Each frames may have an instance of the message bus, while an outer frame surrounding the frames may be designated as the parent frame. The parent frame may have an instance of the message bus as well. Each frame may be an AJAX component. In one example embodiment, the incoming event may be published to the parent frame message bus instance. Alternatively, the incoming event may be published to the message bus instance of the requesting inline frame...” paragraphs 0049/0050); 
wherein updating the container page further comprises presenting synchronized versions of the authenticated frames updated according to the filter parameters (updates data displayed) (“...At operation 606, other frames who have subscribed to the topic may listen to the message bus and be alerted to the publication of an event having a topic name matching their subscription. At operation 608, the subscribing frames read the data off the bus and use the data to update themselves. In one example embodiment, publication of the data and incoming event may be implemented using TIBCO PageBus, an open source message bus implemented in JavaScript. The publication of data to other inline frames in the agent UI may eliminate redundant requests and retrievals of data that may occur if each inline frame submits the same request...The system of claim 10, wherein a first inline frame of the plurality of inline frames of the user interface receives the requested information and publishes the requested information with a topic on the message bus, wherein a second inline frame of the plurality of inline frames subscribing to the topic retrieves the requested information from the message bus, and wherein the second inline frame updates data displayed in the second inline frame with the requested data...” paragraph 0051/claim 11).  
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claim invention to modify the system of Arokiaswany, Grieve and Spear with the teaching of Townsend because the teaching of Townsend would improve the system of Arokiaswany, Grieve and Spear by providing a technique for a frame to receive data and update itself with the newly received data.

Claims 3, 4 and 14 are rejected under 35 U.S.C. 103 as being unpatentable over U.S. Pub. No. 2006/0212803 A1 to Arokiaswany et al. in view of U.S. Pat. No. 8,423,651 B1 issued to Grieve et al. and further in view of U.S. Pat. No. 8,307,278 B1 issued to Spear as applied to claims 1 and 8 above, and further in view of U.S. Pub. No. 2008/0301643 A1 to Appleton et al.

As to claim 3, Grieve teaches the system of Claim 1, wherein the operations further comprise: when the message includes a data request, identifying a target frame (uniform resource indicators), based on the data request, the one or more target frames including the target frame (“...Browser 12 may be configured to enable a user to manipulate access to information accessible via network 2. For example, browser 12 may provide a user with an ability to enter one or more uniform resource indicators (URIs, e.g., www.google.com) in order to access a web application, such as, for example, a hypertext markup language (HTML) document. A web application, and/or information used by a web application, may be stored on one or more network servers 16A-16E. Browser 12 may be configured to access web applications and/or other information stored on network servers 16A-16E for presentation to a user of computing device 10, among other uses...Known browsers are typically configured such that each time a web application requests access to information available via network 2, the web application must access the information from one or more network servers 16A-16E, regardless of whether another web application has already accessed the same information. To reduce redundancy, a particular web application may store accessed information (e.g., an HTML document) in a cache for use by the web application. However, known browsers are only configured to use information stored in a cache for a single web application, and a single instance of that web application (e.g., a browser window or tab displaying a particular HTML document). If another web application (or another instance of the same web application) desires to access the same information already acquired, the other web application must again access the information via one or more network servers 16A-16E...” Col. 4 Ln. 27-54).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claim invention to modify the system of Arokiaswany and Spear with the teaching of Grieve because the teaching of Grieve would improve the system of Arokiaswany and Spear by providing a technique of facilitating inter-domain communications by authenticating web applications associated with a different domain to enable inter-domain communications between the web applications.   
Appleton teaches determining (src) suitability of the target frame to satisfy the data request; and transmitting the data request to the target frame, based on the suitability, wherein transmitting the message comprises transmitting the data request (“...The router library generally provides for packetizing and maintaining a pool of iframes that may be used for communication, so as to avoid having to create and destroy many iframes. A class associated with the pool keeps track of the current state of each iframe associated with the particular router, including by marking an iframe as locked when it is created or when its src is set to a particular packet. When the iframe is loaded, the pool class assumes that the packet has been delivered and marks the iframe as unlocked (or free for reuse). Where different mapplets relate to different domains, a router may be created for each domain and associated with the mapplets for that domain...” paragraph 0088).  
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claim invention to modify the system of Arokiaswany, Spear and Grieve with the teaching of Appleton because the teaching of Appleton would improve the system of Arokiaswany, Spear and Grieve by providing a technique of efficiently distributing (load balancing) incoming network traffic across a group of backend servers.

As to claim 4, Appleton teaches the system of Claim 1, wherein the operations further comprise: when the message includes a data response to a data request, identifying a data requestor frame associated with the data request, to create an identified data requestor frame (where a request that expects a response supplies the details (e.g., source iframe, relay url to use)); and forwarding the data response to the identified data requestor frame, wherein transmitting the message comprises forwarding the data response (“...In general, the communication occurs through the use of invisible iframes that serve as relays for information sent from the application to one or more of the modules, and vice-versa. Each solid box in client device 302 represents an iframe on a main maps page, whereas the dashed box represents a state of the maps application 324. Communications between modules generally use remote procedure calls (RPCs) having ephemeral connections, where a request that expects a response supplies the details (e.g., source iframe, relay url to use) by which is expects to receive the response...One example of a JavaScript call in a mapplets API is: [0081] map.getCenterAsync( ); This requests that the map return the latitude and longitude of the center of the current viewport (viewed area on the map). This call is made by a mapplet iframe to the main page containing the map. The serialized command corresponding to this call may look like [0082] 4&1&callback5 In this example, 4 is id of the service "get the current center of the map", 1 is the id of the map being interrogated, and callback5 is an id assigned by the mapplet to the response. The serialized response to this request may look like: [0083] callbackService&callback5&33.5,-27.3 where callbackService is the id for a special service indicating this is a response to a query; callback5 is the id assigned to the callback (so the mapplet javascript knows where to direct the result), and 33.5,-27.3 is the latitude and longitude of the center of the map (the response, passed to the callback)...” paragraphs 0062/0080).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claim invention to modify the system of Arokiaswany, Spear and Grieve with the teaching of Appleton because the teaching of Appleton would improve the system of Arokiaswany, Spear and Grieve by providing a technique of efficiently providing a response to a request.
 
As to claim 14, Appleton teaches the method of Claim 8, further comprising: when the message includes a data response to a data request, identifying a data request ID assigned to the data requestor frame, by the container server (where a request that expects a response supplies the details (e.g., source iframe, relay url to use)), the data request ID being included in an original transmission of the data request; matching the data response to the data requestor frame, by the container server, to create an identified data requestor frame; and forwarding the data response to the identified data requestor frame, wherein transmitting the message comprises forwarding the data response (“...In general, the communication occurs through the use of invisible iframes that serve as relays for information sent from the application to one or more of the modules, and vice-versa. Each solid box in client device 302 represents an iframe on a main maps page, whereas the dashed box represents a state of the maps application 324. Communications between modules generally use remote procedure calls (RPCs) having ephemeral connections, where a request that expects a response supplies the details (e.g., source iframe, relay url to use) by which is expects to receive the response...One example of a JavaScript call in a mapplets API is: [0081] map.getCenterAsync( ); This requests that the map return the latitude and longitude of the center of the current viewport (viewed area on the map). This call is made by a mapplet iframe to the main page containing the map. The serialized command corresponding to this call may look like [0082] 4&1&callback5 In this example, 4 is id of the service "get the current center of the map", 1 is the id of the map being interrogated, and callback5 is an id assigned by the mapplet to the response. The serialized response to this request may look like: [0083] callbackService&callback5&33.5,-27.3 where callbackService is the id for a special service indicating this is a response to a query; callback5 is the id assigned to the callback (so the mapplet javascript knows where to direct the result), and 33.5,-27.3 is the latitude and longitude of the center of the map (the response, passed to the callback)...” paragraphs 0062/0080).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claim invention to modify the system of Arokiaswany, Spear and Grieve with the teaching of Appleton because the teaching of Appleton would improve the system of Arokiaswany, Spear and Grieve by providing a technique of efficiently providing a response to a request.

Claim 13 is rejected under 35 U.S.C. 103 as being unpatentable over U.S. Pub. No. 2006/0212803 A1 to Arokiaswany et al. in view of U.S. Pat. No. 8,423,651 B1 issued to Grieve et al. and further in view of U.S. Pat. No. 8,307,278 B1 issued to Spear as applied to claim 8 above, and further in view of U.S. Pub. No. 2009/0132713 A1 to Dutta et al.

As to claim 13, Grieve teaches the method of Claim 8, further comprising: 
when the message includes a data request, storing an identity of a data requestor frame, to create a stored identity (whitelist), verifying a second authenticated status of the second one, by the container server; identifying the data requestor frame associated with the second message, by the container server, based on the stored identity, the authenticated frames comprising the data requestor frame and the data response frame (According to this example, network server 16D-16F may be configured to compare the one or more identifications received from security module 62 to the list of authorized domains and/or web applications) (“...In one example, security module 56 may be configured to communicate, to security module 66, one or more identifications of parent web application 50 and/or domain A. Security module 56 may communicate the received one or more identifications to a network server associated with domain B, e.g., one or more of network servers 16D-16F (network server 16D in the example of FIG. 6). In some examples, network server 16D-16F may be a network server associated with domain B that is dedicated to authentication of secure communication requests. One or more of network servers 16D-16F may include a list of domains and/or web applications for which secure communications should be authorized (e.g., a whitelist). According to this example, network server 16D-16F may be configured to compare the one or more identifications received from security module 62 to the list of authorized domains and/or web applications. If the one or more identifications are included in the list, network server 16D may return an indication of authentication to security module 62...In another example, security module 56 may itself include a list of a list of domains and/or web applications for which secure communications should be authorized (whitelist). According to this example, security module 56 may receive the one or more identifications of domain A and/or parent web application 50, and security module itself may perform a comparison to determine whether or not to enable cross-domain communications with parent web application 50...The child web application 80 may then attempt to authenticate first web application  70 for secure communications. For example, child web application 80 may communicate an identification of first web application 70 to one or more network servers associated with www.google.com/contacts for comparison to a list ("white list") of previously determined domains and/or web application with which secure communications are allowed for web applications associated with www.google.com/contacts. In another example, child web application  80 may authenticate secure communications via secure token exchange as described above with respect to FIG. 6...” Col. 13 Ln. 31-58, Col. 17 Ln. 32-43).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claim invention to modify the system of Arokiaswany and Spear with the teaching of Grieve because the teaching of Grieve would improve the system of Arokiaswany and Spear by providing a mechanism that allows some identified entities to access a particular privilege, service, mobility, or recognition.   
Dutta teaches wherein the first one of the frames comprises the data requestor frame (XDR Request 132); receiving a second message from a second one of the frames, by the container server, the second message comprising a data response to the data request, and the second one comprising a data response frame (XDR Response 138); 62transmitting the second message to the data requestor frame, to generate a second transmitted message (figure 1); and presenting a second updated version of the data from the distributed network of data sources, based on the communications, by: updating the container page presented via the user device based on at least the second transmitted message, to generate a second updated container page, the second updated version comprising the second updated container page (“...Single-roundtrip exchange for cross-domain data access is discussed herein. A Web browser can display a Web page from one domain and receive a request from that Web page for data that resides in a different domain. The browser sends a cross-domain request to a server in that different domain. If the server supports cross-domain requests, then the server returns a cross-domain response to the browser including the requested data. The data from the different domain can thus be obtained in a single roundtrip exchange between the browser and the server hosting that different domain. The server hosting the Web page being displayed by the browser is not involved in, and need have no knowledge of, this cross-domain data access...The single-roundtrip exchange for cross-domain data access discussed herein describes a request and response format that allows cross-domain communication. Both the requesting browser and the server hosting the targeted domain opt in to supporting this request and response format, so legacy systems that do not opt in are not adversely affected by this request and response format...Web pages displayed by Web browser 108 can include a cross-domain data request. This request is oftentimes included as part of a script or other instructions that are executed as the Web page is displayed, although the request can alternatively be included in the Web page in different manners. The cross-domain data request includes an indication of the data that is being requested as well as a target Web page or domain from which the data is being requested. This indication of the data that is being requested can explicitly identify the data that is being requested (e.g., URL to the data file) or can implicitly identify the data that is being requested (e.g., URL to a program or other component that is to identify the particular data that is to be returned, also referred to as pushing the data to Web browser 108). The request is referred to as a cross-domain request because the request is for data from a different domain than the domain that the Web page is part of...In response to the cross-domain data request in Web page 122', Web browser 108 sends a XDR (cross-domain request) request 132 to the target domain, which is target domain 116 in the example of FIG. 1. XDR module 134 receives the request and determines whether cross-domain data requests are supported by domain 116. If cross-domain data requests are supported by domain 116, and the requested data 136 is available for cross-domain data requests, then the data 136 is returned as part of the XDR response 138 to Web browser 108. The returned data can be thoroughly examined by the requesting Web page without restriction. A mashup combining the Web page content 122' and the received data 136 can then be displayed...The data returned to Web browser 108 as part of XDR response 138 can be in any of a variety of different forms, such as a Unicode text or byte stream. In one or more embodiments, this data is made available to the requesting Web page via an object property, such as a ResponseText property discussed in more detail below...” paragraphs 0013/0014/0018-0020).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claim invention to modify the system of Arokiaswany, Spear, Grieve and Appleton with the teaching of Dutta because the teaching of Dutta would improve the system of Arokiaswany, Spear, Grieve and Appleton by providing a technique of single-roundtrip exchange for cross-domain data access (Dutta paragraph 0013).

Claim 15 is rejected under 35 U.S.C. 103 as being unpatentable over U.S. Pub. No. 2006/0212803 A1 to Arokiaswany et al. in view of U.S. Pat. No. 8,423,651 B1 issued to Grieve et al. and further in view of U.S. Pat. No. 8,307,278 B1 issued to Spear as applied to claim 8 above, and further in view of U.S. Pub. No. 2012/0158521 A1 to McCullen and further in view of W.O. No. 2013/120325 A1 to Guan et al.

As to claim 15, Arokiaswany as modified by Grieve and Spear teaches the method of Claim 8, however it is silent with reference to (HOWEVER, McCullen teaches) wherein authenticating the set of frames further comprises: assigning a frame identifier to one of the set of frames, by the container server; transmitting a handshake communication to the one of the set of frames, by the container server, the handshake communication including the frame identifier and a container identifier for the container page; and the authenticated frames including the one of the set of frames, and the authenticated frames being associated with a plurality of stored frame identifiers.  (“...Refer to FIGS. 7 and 8. In use, when a boxed image associated to a selectable website link is selected in dashboard web page 120, an “iframe” 140 is displayed by the web browser. “iframe” 140 displays the contents of the web page 141 associated to the selectable website link. Web page 141 is fully operable including any functions defined by the associated web site and associated web server. “iframe” 140 also includes its own set of browser controls 142 comprising a back control, forward control, refresh control, zoom controls and close control as well as sizing and reducing controls for the “iframe” window. As a user migrates deeper into a website within an “iframe”, the current URL is saved in the database at the host server and is associated to the selectable website link. If the user closes the “iframe” and then, at a later time, reopens a new “iframe” for the selectable website link, the connection manager object opens the saved current URL the new “iframe”, if authentication is not required....In the example of FIG. 8, "eBay" boxed image was selected and the "eBay" main web page is displayed in the “iframe”. If a user had previously registered with the "eBay" website having an "eBay" username and password, the "eBay" username and password is also automatically stored in the database of the host server for the personal organizer system. When the user selects the "eBay" boxed image, the dashboard web page directs the request to the communication manager object for the session which gets the "eBay" username and password from the database, opens a special API (if it exists) and exchanges a handshake protocol with an "eBay" web service API (if it exists) to authenticate the username and password. The communication manager object then instructs the "eBay" web page to open in an “iframe” with the "eBay" username and password. This API based authentication process is made available to and repeated for all linked websites in the dashboard web page, whether accessed by the set of preset website links, the set of widgets or the set of selectable website links...” paragraphs 0059/0060).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claim invention to modify the system of Arokiaswany, Spear and Grieve with the teaching of Appleton because the teaching of Appleton would improve the system of Arokiaswany, Spear and Grieve by providing a technique of efficiently providing a response to a request.
Guan teaches receiving a handshake complete message from the one of the set of frames, in response to transmitting the handshake communication, the handshake complete message transmitted using the container identifier; and storing the frame identifier for future verification of communications from the one of the set of frames, by the container server (“...The first browser sends a handshake request to the WebSocket gateway through the web application. When the communication starts, the first browser may send a handshake request message based on the HTTP format to the WebSocket gateway to request to establish a TCP connection with the WebSocket gateway. The handshake request message includes a user ID of the first user, an ID of the user communication group to which the first user belongs, and an IP address and port of the first browser. The information may be formed by adding a cell to the handshake request message...WebSocket Gateway updates the message forwarding table...The WebSocket gateway parses the handshake request message and extracts the user of the first user contained therein...ID, the ID of the user communication group to which the first user belongs, and the IP address and port of the first browser, and then, The information and the correspondence between the user ID of the first user and the IP address and port of the first browser are recorded in the message forwarding table, and the updates of the message forwarding table is completed...The WebSocket gateway returns a response message of the handshake request message to the first browser...”).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claim invention to modify the system of Arokiaswany, Spear, Grieve and Appleton with the teaching of Guan because the teaching of Guan would improve the system of Arokiaswany, Spear, Grieve and Appleton by providing a message forwarding table for storing handshake related information for later use.

Claims 16, 17 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over U.S. Pub. No. 2012/0047517 A1 to Townsend et al. in view of U.S. Pat. No. 8,423,651 B1 issued to Grieve et al.

As to claim 16, Townsend teaches a method, comprising: 
presenting data from a plurality of data sources (multiple data sources) on a container webpage (Agent User Interface 248/256/264/agent UI) comprising a set of frames (Frames 252/254/260/262/268/270), the container webpage being presented via a user interface of a user device associated with a user (“...As shown in FIG. 5, the method 500 may commence at operation 502, with an agent user interface being provided in an Internet browser on an agent machine. The agent user interface may be a web-enabled application provided as a web service by web and application servers of the networked contact center 202. The agent UI may be an application that leverages AJAX and COMET technologies to provide real-time interaction between the agent machine and the networked contact center. The agent UI web application may be a mashup, that is, the agent UI may interact with and display data from multiple data sources. Each data source may be given its own frame for displaying data in the agent UI. In one example embodiment, the frames in the web application may interact with each other and refresh upon one frame receiving updated data... At operation 504, certain third party domains from which data is to be retrieved may be set as "trusted" domains in the Internet browser of the agent machine. A trust may enable the agent UI to engage in cross-domain communications to access resources residing in a different domain. For example, in the embodiment of FIG. 4, the agent UI did not have access to certain third party domains related to third party proprietary CRM systems. In the example embodiment of FIG. 5, by setting the third party proprietary CRM systems as "trusted" domains, the agent UI may be able to interface with the third party domains to access data stored in the third party CRM systems. Use of "trusted" domains may obviate the need for a proxy server to translate generic agent UI HTTP requests into appropriate third party CRM calls...At operation 506, the agent UI, or one of its frames, may issue an HTTP request for data. The HTTP request may use a long polling COMET transport to open a persistent or long-lasting connection between the agent machine and the backend components of the networked contact center. By using a persistent or long-lasting connection, the number of connections between the agent machine and the contact center may be minimized...” paragraph 0044-0046); 
facilitating communications between the set of frames using the container webpage to receive and potentially re-transmit messages from one of the set of frames, by: 
receiving a user input filter request via one of the set of frames presented by the container webpage, by the container server (a contact center may receive data in response to a request issued by the frame) (“...At operation 602, agent systems 248, 256, and 264 each may include a Comet connection 250, 258, and 266, respectively, to connect the agent systems 248, 256, and 264 to the networked contact center 202. In an example embodiment, agent systems 248, 256, and 264 further may include an event publisher, such as a TIBCO PageBus Publisher, which is an open source message bus implemented in JavaScript. An inline frame ("frames") (e.g., elements 252, 254 of agent system 248, elements 260, 262 of agent system 256, elements 268, 270 of agent system 264) of an agent UI provided in an Internet browser window for interacting with a contact center may receive data in response to a request issued by the frame. In one example embodiment, the data may be pushed to the frame by a backend component of the networked contact center 202. In one example embodiment, the JCM server 210 may receive the data from a data source (e.g., local CRM, database, third party CRM) and push the data to an application server supporting Apache Tomcat technologies. The data may then be transmitted from the application server to the agent UI. The frame may receive the data and update itself with the newly received data...At operation 604, the requesting frame may publish the incoming event corresponding to the received data on a message bus. The requesting frame may publish the incoming event with a topic name. Each frames may have an instance of the message bus, while an outer frame surrounding the frames may be designated as the parent frame. The parent frame may have an instance of the message bus as well. Each frame may be an AJAX component. In one example embodiment, the incoming event may be published to the parent frame message bus instance. Alternatively, the incoming event may be published to the message bus instance of the requesting inline frame...” paragraphs 0049/0050); and 
synchronizing the set of frames according to the user input filter request, by re-broadcasting the user input filter request to ones of the set of frames, to generate a synchronized set of frames (updates data displayed) (“...At operation 606, other frames who have subscribed to the topic may listen to the message bus and be alerted to the publication of an event having a topic name matching their subscription. At operation 608, the subscribing frames read the data off the bus and use the data to update themselves. In one example embodiment, publication of the data and incoming event may be implemented using TIBCO PageBus, an open source message bus implemented in JavaScript. The publication of data to other inline frames in the agent UI may eliminate redundant requests and retrievals of data that may occur if each inline frame submits the same request...The system of claim 10, wherein a first inline frame of the plurality of inline frames of the user interface receives the requested information and publishes the requested information with a topic on the message bus, wherein a second inline frame of the plurality of inline frames subscribing to the topic retrieves the requested information from the message bus, and wherein the second inline frame updates data displayed in the second inline frame with the requested data...” paragraph 0051/claim 11); and 
presenting (displaying data in the agent UI/updates data displayed) an updated version of the data from the plurality of data sources, based on the communications, via the user interface, including presenting the synchronized set of frames on the container webpage, the updated version comprising at least the synchronized set of frames (“...As shown in FIG. 5, the method 500 may commence at operation 502, with an agent user interface being provided in an Internet browser on an agent machine. The agent user interface may be a web-enabled application provided as a web service by web and application servers of the networked contact center 202. The agent UI may be an application that leverages AJAX and COMET technologies to provide real-time interaction between the agent machine and the networked contact center. The agent UI web application may be a mashup, that is, the agent UI may interact with and display data from multiple data sources. Each data source may be given its own frame for displaying data in the agent UI. In one example embodiment, the frames in the web application may interact with each other and refresh upon one frame receiving updated data... The system of claim 10, wherein a first inline frame of the plurality of inline frames of the user interface receives the requested information and publishes the requested information with a topic on the message bus, wherein a second inline frame of the plurality of inline frames subscribing to the topic retrieves the requested information from the message bus, and wherein the second inline frame updates data displayed in the second inline frame with the requested data..” paragraph 0044/claim 11).  
Townsend does not explicitly teach facilitating indirect secure communications between authenticated set of frames.
Grieve teaches facilitating indirect secure communications (Cross-domain security module 56 (security module 56)) between authenticated set of frames (Parent Web Application 50/Child Web Application 60) (“...Once a shared worker 14, and/or a communications link to shared worker 14, has been established by shared worker verification module 64, as mentioned above, due to browser security restrictions, parent web application 50 may be prevented from communicating with web applications associated with domain B, including shared worker application 14, e.g., to send shared worker 14 a request to access information from one or more network servers 16D-16F associated with domain B. However, web browser 12 may be configured to allow specific types of cross-domain communications in this configuration. For example, communications between parent web application 50 and child web application 60 to establish secure cross-domain communications may be allowed. In one example, child web application 50 may be configured to ignore all messages from parent web application  50 not related to secure authentication of parent web application 50 until parent web application  50 has been authenticated...Parent web application 50 includes cross-domain security module 56. Cross-domain security module 56 (security module 56) may be configured to communicate with an associated cross-domain security module 62 (security module 62) of child web application 60 to securely authenticate communications between parent web application 50 (domain A) and web applications associated with domain B, including shared worker application 14. In various examples discussed below, security module 62 may be configured to receive information from security module 56, and communicate that information to one or more network servers 16D-16F, to determine whether or not parent web application 50 should be allowed to securely communicate with one or more web applications (e.g., shared worker application 14) associated with domain B...In one example, security module 56 may be configured to communicate, to security module 66, one or more identifications of parent web application 50 and/or domain A. Security module 56 may communicate the received one or more identifications to a network server associated with domain B, e.g., one or more of network servers 16D-16F (network server 16D in the example of FIG. 6). In some examples, network server 16D-16F may be a network server associated with domain B that is dedicated to authentication of secure communication requests. One or more of network servers 16D-16F may include a list of domains and/or web applications for which secure communications should be authorized (e.g., a whitelist). According to this example, network server 16D-16F may be configured to compare the one or more identifications received from security module 62 to the list of authorized domains and/or web applications. If the one or more identifications are included in the list, network server 16D may return an indication of authentication to security module 62...” Col. 12 Ln. 65-67, Col. 13 Ln. 1-50)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claim invention to modify the system of Townsend with the teaching of Grieve because the teaching of Grieve would improve the system of Townsend by providing a technique of facilitating inter-domain communications by authenticating web applications associated with a different domain to enable inter-domain communications between the web applications.   
As to claim 17, Grieve teaches the method of Claim 16, wherein presenting data from the plurality of data sources on the container webpage, further comprises: in response to receiving a page load request from the user device, by a container server, identifying the set of frames associated with the user, by the container server, the set of frames comprising individual ones of the plurality of data sources loaded into respective frames of the container webpage; authenticating the set of frames, by the container server, to identify authenticated frames; and generating the container webpage for display via the user interface, by the container server, the container webpage including the authenticated frames (Parent Web Application 50/Child Web Application 60) (“...Once a shared worker 14, and/or a communications link to shared worker 14, has been established by shared worker verification module 64, as mentioned above, due to browser security restrictions, parent web application 50 may be prevented from communicating with web applications associated with domain B, including shared worker application 14, e.g., to send shared worker 14 a request to access information from one or more network servers 16D-16F associated with domain B. However, web browser 12 may be configured to allow specific types of cross-domain communications in this configuration. For example, communications between parent web application 50 and child web application 60 to establish secure cross-domain communications may be allowed. In one example, child web application 50 may be configured to ignore all messages from parent web application  50 not related to secure authentication of parent web application 50 until parent web application  50 has been authenticated...Parent web application 50 includes cross-domain security module 56. Cross-domain security module 56 (security module 56) may be configured to communicate with an associated cross-domain security module 62 (security module 62) of child web application 60 to securely authenticate communications between parent web application 50 (domain A) and web applications associated with domain B, including shared worker application 14. In various examples discussed below, security module 62 may be configured to receive information from security module 56, and communicate that information to one or more network servers 16D-16F, to determine whether or not parent web application 50 should be allowed to securely communicate with one or more web applications (e.g., shared worker application 14) associated with domain B...In one example, security module 56 may be configured to communicate, to security module 66, one or more identifications of parent web application 50 and/or domain A. Security module 56 may communicate the received one or more identifications to a network server associated with domain B, e.g., one or more of network servers 16D-16F (network server 16D in the example of FIG. 6). In some examples, network server 16D-16F may be a network server associated with domain B that is dedicated to authentication of secure communication requests. One or more of network servers 16D-16F may include a list of domains and/or web applications for which secure communications should be authorized (e.g., a whitelist). According to this example, network server 16D-16F may be configured to compare the one or more identifications received from security module 62 to the list of authorized domains and/or web applications. If the one or more identifications are included in the list, network server 16D may return an indication of authentication to security module 62...” Col. 12 Ln. 65-67, Col. 13 Ln. 1-50)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claim invention to modify the system of Townsend with the teaching of Grieve because the teaching of Grieve would improve the system of Townsend by providing a technique of facilitating inter-domain communications by authenticating web applications associated with a different domain to enable inter-domain communications between the web applications.   

As to claim 19, Grieve teaches the method of Claim 17, wherein facilitating indirect secure communications between the authenticated frames of the container webpage, further comprises: receiving a message from a first one of the authenticated frames, by the container server, the one of the set of frames comprising the first one of the authenticated frames, and the messages comprising the message; verifying authenticated status of the first one, by the container server; identifying one or more target frames associated with the message, by the container server, the authenticated frames comprising the one or more target frames; and transmitting the message to the one or more target frames, based on the authenticated status, by the container server (Parent Web Application 50/Child Web Application 60) (“...Once a shared worker 14, and/or a communications link to shared worker 14, has been established by shared worker verification module 64, as mentioned above, due to browser security restrictions, parent web application 50 may be prevented from communicating with web applications associated with domain B, including shared worker application 14, e.g., to send shared worker 14 a request to access information from one or more network servers 16D-16F associated with domain B. However, web browser 12 may be configured to allow specific types of cross-domain communications in this configuration. For example, communications between parent web application 50 and child web application 60 to establish secure cross-domain communications may be allowed. In one example, child web application 50 may be configured to ignore all messages from parent web application  50 not related to secure authentication of parent web application 50 until parent web application  50 has been authenticated...Parent web application 50 includes cross-domain security module 56. Cross-domain security module 56 (security module 56) may be configured to communicate with an associated cross-domain security module 62 (security module 62) of child web application 60 to securely authenticate communications between parent web application 50 (domain A) and web applications associated with domain B, including shared worker application 14. In various examples discussed below, security module 62 may be configured to receive information from security module 56, and communicate that information to one or more network servers 16D-16F, to determine whether or not parent web application 50 should be allowed to securely communicate with one or more web applications (e.g., shared worker application 14) associated with domain B...In one example, security module 56 may be configured to communicate, to security module 66, one or more identifications of parent web application 50 and/or domain A. Security module 56 may communicate the received one or more identifications to a network server associated with domain B, e.g., one or more of network servers 16D-16F (network server 16D in the example of FIG. 6). In some examples, network server 16D-16F may be a network server associated with domain B that is dedicated to authentication of secure communication requests. One or more of network servers 16D-16F may include a list of domains and/or web applications for which secure communications should be authorized (e.g., a whitelist). According to this example, network server 16D-16F may be configured to compare the one or more identifications received from security module 62 to the list of authorized domains and/or web applications. If the one or more identifications are included in the list, network server 16D may return an indication of authentication to security module 62...” Col. 12 Ln. 65-67, Col. 13 Ln. 1-50)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claim invention to modify the system of Townsend with the teaching of Grieve because the teaching of Grieve would improve the system of Townsend by providing a technique of facilitating inter-domain communications by authenticating web applications associated with a different domain to enable inter-domain communications between the web applications.   

Claim 18 is rejected under 35 U.S.C. 103 as being unpatentable over U.S. Pub. No. 2012/0047517 A1 to Townsend et al. in view of U.S. Pat. No. 8,423,651 B1 issued to Grieve et al. as applied to claim 17 above, and further in view of U.S. Pub. No. 2014/010447 A1 to Lekies et al.  and further in view of W.O. No. 2013/120325 A1 to Guan et al.

As to claim 18, Townsend as modified by Grieve teaches the method of Claim 17, however it is silent with reference to (HOWEVER, Lekies teaches) wherein authenticating the set of frames further comprises: 
assigning a frame identifier to one of the set of frames (two browser documents), by the container server; 64transmitting a handshake communication to the one of the set of frames, by the container server, the handshake communication including the frame identifier and a container identifier for the container page (postMessage API); and receiving a handshake complete message from the one of the set of frames, in response to transmitting the handshake communication, the handshake complete message transmitted using the container identifier; and storing the frame identifier for future verification of communications from the one of the set of frames, by the container server (verify the authenticity of the sending page), the authenticated frames including the one of the set of frames, and the authenticated frames being associated with a plurality of stored frame identifiers (“...Continuing with the example transitional implementation, the main application communicates with the key handling JavaScripts on the secure sub-domain using the postMessage API. In some examples, the postMessage API is a mechanism by which two browser documents are able to communicate across domain boundaries in a secure manner. A postMessage can be sent by calling the method postMessage (message, targetOrigin). While the message attribute takes a string message, the targetOrigin attribute represents the origin of the receiving page. In order to receive such a message the receiving page registers an event handler function for the message event. When receiving a message via the event handler function, the browser passes additional metadata to the receiving page. In some examples, the additional metadata includes the origin of the sender. Consequently, the postMessage API can be used to verify the authenticity of the sending page...If the sending page is authenticated (e.g., a successful key exchange), the component responsible for the initial handshake passes the SSK key via postMessage to the secure sub-domain. The receiving JavaScript stores the SSK, depending on the configured lifespan of the SSK, either via the sessionStorage of the sub-domain or a localStorage mechanism...Continuing with the example transitional implementation, following the initial authentication, all further requests are to carry a correct HMAC signature in order to be recognized as authenticated. Consequently, all outgoing requests are initiated via JavaScript. In some examples, this is achieved by replacing hyperlink targets and form actions with JavaScript event handlers, which pass the target URL to the signing component. In some examples, the signing component normalizes the request data and passes the normalized request data, using the post-message API of the browser, to the secure iframe. The following example listing (Listing 1) can be provided:..” paragraphs 0085-0087).
	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claim invention to modify the system of Townsend and Grieve with the teaching of Lekies because the teaching of Lekies would improve the system of Townsend and Grieve by providing a PostMessage handshake API for managing communication and strict security policy to securely allow multiple frames defined by a single, base Web-page document to communicate even where the documents embedded within those windows are loaded from different origins.
Guan teaches receiving a handshake complete message from the one of the set of frames, in response to transmitting the handshake communication, the handshake complete message transmitted using the container identifier; and storing (updates the message forwarding table) the frame identifier for future verification of communications from the one of the set of frames, by the container server (“...The first browser sends a handshake request to the WebSocket gateway through the web application. When the communication starts, the first browser may send a handshake request message based on the HTTP format to the WebSocket gateway to request to establish a TCP connection with the WebSocket gateway. The handshake request message includes a user ID of the first user, an ID of the user communication group to which the first user belongs, and an IP address and port of the first browser. The information may be formed by adding a cell to the handshake request message...WebSocket Gateway updates the message forwarding table...The WebSocket gateway parses the handshake request message and extracts the user of the first user contained therein...ID, the ID of the user communication group to which the first user belongs, and the IP address and port of the first browser, and then, The information and the correspondence between the user ID of the first user and the IP address and port of the first browser are recorded in the message forwarding table, and the updates of the message forwarding table is completed...The WebSocket gateway returns a response message of the handshake request message to the first browser...”),
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claim invention to modify the system of Townsend, Grieve and Lekies with the teaching of Guan because the teaching of Guan would improve the system of Townsend, Grieve and Lekies by providing a message forwarding table for storing handshake related information for later use.
Claim 18 is rejected under 35 U.S.C. 103 as being unpatentable over U.S. Pub. No. 2012/0047517 A1 to Townsend et al. in view of U.S. Pat. No. 8,423,651 B1 issued to Grieve et al. as applied to claim 17 above, and further in view of U.S. Pub. No. 2010/00281107 A1 to Fallows et al. and further in view of W.O. No. 2013/120325 A1 to Guan et al.

As to claim 18, Townsend as modified by Grieve teaches the method of Claim 17, however it is silent with reference to (HOWEVER, Fallows teaches) wherein authenticating the set of frames further comprises: 
assigning a frame identifier to one of the set of frames (multiple frames), by the container server (Gateway Server 42); 64transmitting a handshake communication (PostMessage Layer 74) to the one of the set of frames, by the container server, the handshake communication including the frame identifier and a container identifier for the container page; and the authenticated frames including the one of the set of frames, and the authenticated frames being associated with a plurality of stored frame identifiers (“...A PostMessage layer 74 is provided to support emulated cross-origin messaging by providing additional API calls accessible to Web-applications executing within the context of the client browser 52. As implemented in the preferred embodiments of the present invention, the PostMessage layer 74 manages the strict security policy implementations of conventional Web-browsers, yet securely allow multiple frames defined by a single, base Web-page document to communicate even where the documents embedded within those windows are loaded from different origins. Communication between the base document and documents embedded within the page is permitted through the PostMessage layer 74 provided the target explicitly expects and accepts messages from the named source origin. Bidirectional communication is supported where the source explicitly listens for and accepts messages from the named target origin. Some current conventional Web-browsers support an initial native implementation of the PostMessage API. The PostMessage layer 74 preferably detects the existence and compliance of any existing PostMessage API. In the absence of a native PostMessage API or if the native PostMessage API is non-compliant, the PostMessage layer 74 is enabled to handle, through emulation, all PostMessage API calls...In the preferred embodiments, the PostMessage layer 74 emulates the PostMessage API utilizing an implementation dependent on the nature of the embedded window technology, typically being JavaScript, Flash and Silverlight. For each, an embedded document, or the equivalent, is retrieved within the scope of the embedded window origin. This embedded document functionally provides for bridge commutations processing compatible with the PostMessage API. In the case of JavaScript, consistent with the currently preferred embodiments, emulation is implemented in a structured manner using client iframes as bridges to corresponding origins handled by the gateway server 42 and thereby functionally establish source to target communications paths. PostMessage messages are communicated through the iframes as short data segments transferred as URL id fragments, typically the post-"#" part of the iframe URL. Larger messages are split into multiple data segments for transfer. In the case of Java, Flash and Silverlight, the installed runtimes, operated in combination with the window corresponding embedded documents, provide a basis for establishing communications using a technology-corresponding bridging mechanism as constructed in accordance with the present invention...Verification of the source origin is preferably performed by the gateway server 42. In the JavaScript emulation environment, the gateway server 42 verifies that each received request includes an XMLHttpRequest "Referer" header having a value that matches the target origin of gateway server 42, and an XMLHttpRequest "X-Origin" header having a value of a permitted source origin. Preferably, the value of the "X-Origin" header is determined by the communications bridge routine downloaded from the gateway server 42 into the iframe 96 instance. Since the gateway server 42 originates the communications bridge routine and the communications bridge routine determines the source origin of the document 92 containing the iframe 96 instance from the Web-browser client 52, the value of the "X-Origin" header can then be trusted by the gateway server 42 to accurately identify the source origin of the request...” paragraphs 0042/0043/0055).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claim invention to modify the system of Townsend and Grieve with the teaching of Fallpws because the teaching of Fallows would improve the system of Townsend and Grieve by providing a PostMessage handshake API for managing communication and strict security policy to securely allow multiple frames defined by a single, base Web-page document to communicate even where the documents embedded within those windows are loaded from different origins.
Guan teaches receiving a handshake complete message from the one of the set of frames, in response to transmitting the handshake communication, the handshake complete message transmitted using the container identifier; and storing (updates the message forwarding table) the frame identifier for future verification of communications from the one of the set of frames, by the container server (“...The first browser sends a handshake request to the WebSocket gateway through the web application. When the communication starts, the first browser may send a handshake request message based on the HTTP format to the WebSocket gateway to request to establish a TCP connection with the WebSocket gateway. The handshake request message includes a user ID of the first user, an ID of the user communication group to which the first user belongs, and an IP address and port of the first browser. The information may be formed by adding a cell to the handshake request message...WebSocket Gateway updates the message forwarding table...The WebSocket gateway parses the handshake request message and extracts the user of the first user contained therein...ID, the ID of the user communication group to which the first user belongs, and the IP address and port of the first browser, and then, The information and the correspondence between the user ID of the first user and the IP address and port of the first browser are recorded in the message forwarding table, and the updates of the message forwarding table is completed...The WebSocket gateway returns a response message of the handshake request message to the first browser...”),
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claim invention to modify the system of Townsend, Grieve and Fallows with the teaching of Guan because the teaching of Guan would improve the system of Townsend, Grieve and Fallows by providing a message forwarding table for storing handshake related information for later use.

Claim 20 is rejected under 35 U.S.C. 103 as being unpatentable over U.S. Pub. No. 2012/0047517 A1 to Townsend et al. in view of U.S. Pat. No. 8,423,651 B1 issued to Grieve et al. as applied to claim 19 above, and further in view of U.S. Pat. No. 8,307,278 B1 issued to Spear.

As to claim 20, Townsend as modified by Grieve teaches the method of Claim 19, however it is silent with reference to wherein presenting an updated version of the data from the plurality of data sources, based on the indirect secure communications, further comprises: updating the container webpage presented via the user device, by the container server, based on transmitting the message, to generate an updated container webpage, the updated version comprising the updated container webpage.
Spear teaches wherein presenting an updated version of the data from the plurality of data sources, based on the indirect secure communications (I-frame Updater 180), further comprises: updating the container webpage presented via the user device, by the container server, based on transmitting the message, to generate an updated container webpage, the updated version comprising the updated container webpage (“...In general, web browser 140 operates by providing an i-frame manager 170 that hosts a master frame web page that is partitioned into a plurality of inline frames. These inline frames are displayed by web page display module 160. Web page display module 160 accesses the appropriate content to fill the inline frames from server 194 connected to computing device 100 over network 192 via network connection 190. This content may include web pages from web page storage 196 and web service content 198. Meanwhile, i-frame manager 170 ensures that the appropriate content is directed to the appropriate i-frame, and i-frame updater 180 works in the background to synchronize the i-frames, so that each view of web content is kept up to date. I-frame updater 180 works to ensure that edits made in windows are reflected in relevant buffers, and web services reflect an updated version of the web service content. It does this by treating inline frames as documents within documents. Whenever an event that changes the contents of an i-frame occurs, whether it is due to user input or other changes of the i-frame, i-frame updater 180 intercepts the change. I-frame updater reflects the change appropriately in the relevant buffer, and causes web page display module 160 to display the change in all relevant i-frames in web browser 140...In stage 250, the inline frames are updated based on the markup language instructions so as to keep current at least one of the content web pages, the views of the content web pages, or the web service frame as a user interacts with the inline frames of the master frame web page. Stage 250 may be performed by i-frame manager 170 acting in conjunction with i-frame updater 180 in web browser 140...” Col. 3 Ln. 23-45, Col. 4 Ln. 50-56).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claim invention to modify the system of Townsend and Grieve with the teaching of Spear because the teaching of Spear would improve the system of Townsend and Grieve by providing an i-frame updater that works in the background to synchronize the i-frames, so that each view of web content is kept up to date (Spear Col. 4 Ln. 50-56).   

Allowable Subject Matter
Claims 6, 7, 10, 11 and 12 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.









Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
U.S. Pub. No. 2008/0294716 A1 to Couvreur and directed to a process of executing “postMessage” message between domains.
U.S. Pub. No. 2016/0205088 A1 to Sreesha et al. and directed to a web browser for sending to a web-application server a request to access a web application.
U.S. Pub. No. 2007/0300064 A1 to Issacs et al. and directed to a cross-domain communication between plurality of domains.
U.S. Pub. No. 2010/0125895 A1 to Shull et al. and directed to a system for authenticating domains operates by authenticating a first domain and the extensions that make up the URI of an initial or primary Internet network call. 
U.S. Pub. No. 2008/0263566 A1 to Buerge et al. and directed to a system that allows modules associated with different domains to communicate, such as within a container document.
U.S. Pat. No. 9,560,110 B1 issued to James et al. and directed to a method for synchronizing shared content served in embedded inline frame through a page on a third-party service.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to CHARLES E ANYA whose telephone number is (571)272-3757. The examiner can normally be reached Mon-Fir. 9-6pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, SOUGH HYUNG can be reached on 571-272-6799. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/CHARLES E ANYA/Primary Examiner, Art Unit 2194