Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Priority
This application is a continuation-in-part of U.S. Pat. No. 10,511,605, issued on Dec. 17, 2019, filed on Jun. 1, 2016 as U.S. application Ser. No. 15/170,048. U.S. application Ser. No. 15/170,048 claims the benefit of U.S. Application No. 62/171,716 filed on Jun. 5, 2015. Both of which are herein incorporated by reference in their entirety.
DETAILED ACTION
This Office Action is in response to an amendment application received on 06/28/2022. In the response, Applicant has amended claims 1, 12 and 17-19. Claims 2-5, 11 and 20 have been cancelled. Claims 21-26 have been added as new claims. 
For this Office Action, claims 1, 6-10, 12-19 and 21-26 have been received for consideration and have been examined. 
Response to Arguments
Claim Rejection under 35 USC § 112(a)
	Applicant’s amendments to claim 1-10 have been reviewed by the examiner and appear to overcome the 35 USC § 112(a) rejection. Therefore, this rejection has been withdrawn.
Claim Rejection under 35 USC § 112(b)
	Applicant’s amendments to claim 1-10 have been reviewed by the examiner and appear to overcome the 35 USC § 112(b) rejection. Therefore, this rejection has been withdrawn.
Claim Rejection under 35 USC § 103
Applicant’s arguments, filed 06/28/2022, with respect to the rejection(s) of claim(s) under 35 USC § 103 have been fully considered and are persuasive. Therefore, the rejection has been withdrawn. However, upon further consideration, a new ground(s) of rejection is made in view of new amendments to the claims.

Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claim 1 is rejected under 35 U.S.C. 102(a)(2) as being anticipated by Boccon-Gibod et al., hereinafter referred as “Gibod” (US20070180519A1).
Regarding claim 1, Gibod discloses:
A system for securing electronic data, the system comprising:
a non-transitory computer readable medium of a host device (i.e., John’s computer as a host device) storing a data structure (i.e., email message), the data structure comprising: 
an identifier (i.e., assigned permissions associated with the protected document); an executable program (i.e., the DRM plugin); embedded data (i.e., embedded license) ([0221] discloses a user John attaching a protected document in the email message in which he assigns permissions to the protected document, license info and add this to DRM plugin before sending to George via email); 
a non-transitory computer readable medium of a receiving device (i.e., George’s computer as a receiving device) receiving the data structure from the host device (FIG. 21; [0223-0224] discloses George receives the protected document from John’s computer via email message), wherein: 
the embedded data is only accessible by first executing the executable program (FIG. 21; [0224] discloses that the DRM plugin checks the embedded (or attached) license and determine if George is allowed to access the protected document); and 
the executable program is executed by the receiving device, wherein: the executable program when executed determines if the receiving device attempting to access the embedded data has permission to access the embedded data (FIG. 21; [0224] discloses when George opens the document, the DRM plugin checks the embedded (or attached) license, and learns that the “Special Projects Team” node must be reachable);
if the receiving device is determined not to have the permission to access the embedded data, the executable program destroys at least a portion of the embedded data ([0226] discloses a scenario in which the protected document file is sent by John is received by another user Carol who is not intended to receive the protected document file. When Carol tries to access the protected document file, the DRM plugin will retrieve the license bundled with the file and evaluate the terms of the license however, since Carol is not a member of the team, there is no Link from “Carol” to the “Special Projects Team” Group Node. Since “Special Projects Team” is not reachable, Carol is not permitted to access the file; [0248-0249] discloses destroying the protected document files by the system when the system determines that particular user is not permitted to access the protected document files even though the system indicates that access has not been granted); and 
if the receiving device is determined to have the permission to access the embedded data, the executable program allows the receiving device to access the embedded data ([0224] discloses that the plugin at George’s computer constructs (and validates) a chain of links from George’s computer's Device Node to the User Node “George”; and from User Node “George” to Group Node “Special Projects Team”. Since George’s device has a valid chain of Links, his plugin permits access to the file).

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim(s) 6-7 are rejected under 35 U.S.C. 103 as being unpatentable over Boccon-Gibod et al., hereinafter referred as “Gibod” (US20070180519A1) in view of Burgess et al., (US20120151553A1).
Regarding claim 6, Gibod fails to disclose:
The system of claim 1, wherein the data structure contains financial data.
However, Burgess discloses:
	wherein the data structure contains financial data ([0214] In this embodiment, “high” security level requires the use of stripping out highly sensitive data from the document data and storing it in a separate cognitive data file. Samples of highly sensitive data could comprise identity numbers such as social security numbers, names, locations, financial numbers, pricing information, etc.).	
It would have been obvious to an ordinary skill in the art before the effective filing date of the claimed invention to modify Gibod’s DRM system and include protection of Financial data, as disclosed by Burgess.
	The motivation to include protection of Financial data is to increase types of data protection which can be protected into Gibod’s DRM system.
Regarding claim 7, Gibod fails to disclose:
The system of claim 1, wherein the data structure contains healthcare data.
However, Burgess discloses:
	wherein the data structure contains healthcare data ([0086] This automated control logic can implement data security standards though the use of rule-based logic as an aid to automate a data security policy (e.g., Health Insurance Portability and Accountability Act)).
It would have been obvious to an ordinary skill in the art before the effective filing date of the claimed invention to modify Gibod’s DRM system and include protection of Healthcare data, as disclosed by Burgess.
	The motivation to include protection of Healthcare data is to increase types of data protection which can be protected into Gibod’s DRM system.

Claim(s) 8-10 are rejected under 35 U.S.C. 103 as being unpatentable over Boccon-Gibod et al., hereinafter referred as “Gibod” (US20070180519A1) in view of Mahaffey et al., (US20150128205A1).
Regarding claim 8, Gibod fails to disclose:
The system of claim 1, wherein the permission is determined by comparing the receiving device to a whitelist.
However, Mahaffey discloses:
	wherein the permission is determined by comparing the receiving device to a whitelist ([0126] Providing a secure connection or safe browsing experience may be facilitated through controlling a domain name system (DNS) server for resolving network addresses of all connections via whitelisting or blacklisting by specific domains or top-level domains (TLDs) or categories of destinations; [0314] Whitelisting techniques, blacklisting techniques, or both may used to help determine the network connection type. For example, in a specific implementation, a security policy includes a listing of remote destination categories. In this specific implementation, if a remote destination falls within a category of the listing, a network connection of a first type may be required between the mobile communications device and the remote destination).
	It would have been obvious to one of the ordinary person skilled in the art before the effective filing date of the claimed invention to modify the Gibod reference and include a system which monitors outgoing requests to remote device(s) and check whether they are in allowed [whitelist] category to communicate with the local device, as disclosed by Mahaffey.
	The motivation to monitor and check the remote device(s) whether they are in allowed category to communication with the local device is to proactively protect the local device from communicating with malicious entities.
Regarding claim 9, Gibod fails to disclose:
The system of claim 1, wherein the permission is determined by comparing the receiving device to a blacklist.
However, Mahaffey discloses:
wherein the permission is determined by comparing the receiving device to a blacklist ([0058] attempted connections to blacklisted domains and/or internet protocol (IP) addresses or ranges may be detected and/or prevented. The blacklisting of domains and addresses may be at any level of the domain structure. For example, a domain may be blacklisted if it matches “*.ru” or “*.badsite.ru.” Furthermore, blacklisting may include specific IP addresses, or IP address blocks for specific organizations or geographic top-level domains).
It would have been obvious to one of the ordinary person skilled in the art before the effective filing date of the claimed invention to modify the Gibod reference and include a system which monitors outgoing requests to remote device(s) and check whether they are in disallowed [blacklist] category to communicate with the local device, as disclosed by Mahaffey.
	The motivation to monitor and check the remote device(s) whether they are in allowed category to communication with the local device is to proactively protect the local device from communicating with malicious entities.  
Regarding claim 10, Gibod fails to disclose:
The system of claim 1, wherein the permission is determined by comparing a GPS location of the receiving device to a blacklist of geographic locations.
However, Mahaffey discloses:
wherein the permission is determined by comparing a GPS location of the receiving device to a blacklist of geographic locations ([0266] In some implementations, an operation may be performed in response to determining that an application is attempting to connect to or request content from a server in a particular country. For example, a SNC policy manager may include a country blacklist that specifies that all traffic being sent to one or more particular countries should be dropped. A system component, such as a safe browsing module, may identify a destination country for each request leaving the mobile communications device based on the country that the DNS address associated with the request resolves to. If the country identified based on the DNS address matches a country identified in the blacklist, a system component, such as a SNC service manager, may drop the request).
It would have been obvious to one of the ordinary person skilled in the art before the effective filing date of the claimed invention to modify the Gibod reference and include a system which monitors outgoing requests to remote device(s) and check whether they are in disallowed [blacklist] category to communicate with the local device, as disclosed by Mahaffey.
The motivation to monitor and check the remote device(s) whether they are in allowed category to communication with the local device is to proactively protect the local device from communicating with malicious entities.  

Claim(s) 12-14 and 21-26 are rejected under 35 U.S.C. 103 as being unpatentable over Boccon-Gibod et al., hereinafter referred as “Gibod” (US20070180519A1) in view of Zhai et al., (US20160352759A1) in view of Joa et al., (US20120198570A1) and further in view of Cignetti et al., (US9231923B1).
Regarding claim 12, Gibod discloses:
	A method for securing electronic data, the method comprising:
	embedding data to be secured in a data structure such that the embedded data is not accessible without first executing an executable program ([0221] discloses a user John attaching a protected document in the email message in which he assigns permissions to the document, license info and add this to DRM plugin before sending to George via email), 
wherein the data structure is stored in a non-transitory computer readable medium of a host device ([0221] discloses a user John attaching a protected document in the email message in which he assigns permissions to the document, license info and add this to DRM plugin before sending to George via email); 
determining if a receiving device has permission to access the embedded data (FIG. 21; [0224] discloses that the DRM plugin checks the embedded (or attached) license and determine if George is allowed to access the protected document); 
if the receiving device is determined not to have the permission to access the embedded data, destroying at least a portion of the embedded data ([0226] discloses a scenario in which the protected document file is sent by John is received by another user Carol who is not intended to receive the protected document file. When Carol tries to access the protected document file, the DRM plugin will retrieve the license bundled with the file and evaluate the terms of the license however, since Carol is not a member of the team, there is no Link from “Carol” to the “Special Projects Team” Group Node. Since “Special Projects Team” is not reachable, Carol is not permitted to access the file; [0248-0249] discloses destroying the protected document files by the system when the system determines that particular user is not permitted to access the protected document files even though the system indicates that access has not been granted); 
if the receiving device is determined to have the permission to access the embedded data, allowing the receiving device to access the embedded data ([0224] discloses that the plugin at George’s computer constructs (and validates) a chain of links from George’s computer's Device Node to the User Node “George”; and from User Node “George” to Group Node “Special Projects Team”. Since George’s device has a valid chain of Links, his plugin permits access to the file).
Gibod fails to disclose:
	transmitting the data structure to a receiving device outside of a predefined area; during a transmission of data, the sensor device is configured to: receive the data structure during the transmission from the host device to the receiving device; detect the identifier of the received data structure; determine the permission associated with the identifier; when the permission associated with the identifier indicates that the data structure is permitted to be transmitted to the receiving device, transmit the received data structure to the receiving device; and when the permission associated with the identifier indicates that the data structure is not permitted to be transmitted to the receiving device, deny access to at least the portion of the embedded data.
However, Zhai discloses:
	a sensor device positioned between (See Figures 2 & 4 depict security sensor positioned between two nodes) a receiving device and the host device ([0045] The NIDS is configured to monitor data on a transmission line (wireless, Ethernet, fiber optics, etc.) between at least a pair of nodes of a network. The nodes can be any device that transmits or receives data; [0047] FIG. 4 schematically shows that a security sensor may be deployed in a network that transmits data wirelessly. The security sensor may sniff data in wireless communication without physical connection to any nodes of the network; [0048] If an event monitored by the security matches an attack signature, the security sensor may further determine how to handle the event … the system 500 may disable or enable the attack signatures, limit [outside the permitted locations] the applicability of the attack signatures by time, geological location, logic location, IP addresses, etc.).
It would have been obvious to one of the ordinary person skilled in the art before the effective filing date of the claimed invention to modify the reference of Gibod and include a dedicated sensor to monitor the data transmission between two hosts, as disclosed by Zhai. 
The motivation to combine the references is to be able to ensure that legitimate and allowed communication is occurring between the authorized entities only and is secured from malicious actors.
The combination of Gibod and Zhai fails to disclose:
	the sensor device to detect the data structure when transmitted from the host device to the receiving device outside of a predefined area; wherein, during a transmission of data, the sensor device is configured to: receive the data structure during the transmission from the host device to the receiving device; detect the identifier of the received data structure; determine the permission associated with the identifier; when the permission associated with the identifier indicates that the data structure is permitted to be transmitted to the receiving device, transmit the received data structure to the receiving device; and when the permission associated with the identifier indicates that the data structure is not permitted to be transmitted to the receiving device, deny access to at least the portion of the embedded data.
However, Joa discloses:
	the sensor device (i.e., the server 101/system determines a location of the portable access device) to detect the data structure when transmitted from the host device (i.e., portable access device (PAD)) to the receiving device (i.e., access to a dataset in the remote access device) outside of a predefined area ([0026] In step 207 the system determines a location identified with the access request [from the portable access device]. The determination in step 207 may be based on location information 205 received from the device requesting access to the dataset; [0028] In step 211, the system determines whether the location associated with the device requesting access is allowed to access the requested dataset. If any location within the degree of error associated with the location information is within an unauthorized area, then access may be denied);
	wherein, during a transmission of data, the sensor device is configured to: receive the identifier of the data structure (i.e., network address associated with device requesting access to the dataset) during the transmission from the host device to the receiving device ([0026] In step 207 the system determines a location identified with the access request … location information 205 may be retrieved by the system based on a network address of the device requesting access by looking up the address in a database that correlates a known device address to a corresponding specific location); 
detect the identifier of the received data structure ([0026] location information 205 may be retrieved by the system based on a network address of the device requesting access by looking up the address in a database that correlates a known device address to a corresponding specific location); 
determine the permission associated with the identifier ([0028] In step 211, the system determines whether the location associated with the device requesting access is allowed to access the requested dataset); 
when the permission associated with the identifier indicates that the data structure is permitted (i.e., location is authorized) to be transmitted to the receiving device, transmit the received data structure to the receiving device ([0030] Upon querying database 209, the system in step 211 determines whether location 205 is authorized to access the requested dataset … If the location is authorized to access the dataset, then in step 213 the system provides the user/PAD the requested access to the dataset); and 
when the permission associated with the identifier indicates that the data structure is not permitted to be transmitted to the receiving device, deny access to at least the portion of the embedded data ([0030] Upon querying database 209, the system in step 211 determines whether location 205 is authorized to access the requested dataset. If the location is not authorized to access the dataset, then the method proceeds to step 217 where access to the dataset is denied).
It would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to modify Gibod and Zhai references and include a system and a method of determining access permission to a dataset based at least in part of a geographic location of the user’s device attempting to access the dataset, as disclosed by Joa.
The motivation to determine the access permission to a dataset based on geographic location is to prevent access to sensitive data when the user’s device is not at the authorized location.
The combination of Gibod, Zhai and Joa fails to disclose:
	the sensor device destroy the data by overwriting at least the portion of the embedded data. 
However, Cignetti discloses:
	the server [sensor device] destroy the data by overwriting at least the portion of the embedded data (Col. 14, Line # 46-51; Returning to FIG. 10, if it is determined that the encryption keys have not been exposed 1006, the keys or other sensitive data may then be selectively deleted or otherwise destroyed 1008. The data may be deleted or otherwise destroyed 1008 by overwriting the keys with random data, non-random data, zeros, ones or other suitable information).
	It would have been obvious to an ordinary skill in the art before the effective filing date of the claimed invention to modify the Gibod, Zhai and Joa references and include a technique for enhancing data security in which sensitive data is destroyed by overwriting the data in determination that the data has been potentially accessed by unauthorized entity, as disclosed by Cignetti.
	The motivation to destroy the sensitive data in case the data has been potentially accessed by the unauthorized entity is to discourage the unauthorized entity to perform further attempts to access the sensitive data.  
Regarding claim 13, the combination of Gibod, Zhai, Joa and Cignetti discloses:
The method of claim 12, wherein the sensor device is a network router (Zhai: [0046] FIG. 3 schematically shows a security sensor deployed in a host that is a part of the infrastructure of a network. The host manages traffic between at least two nodes of the network. One of the nodes may be remote. For example, the host can manage traffic between a local server and the internet. The host may be a router, a switch, or a firewall).
Regarding claim 14, the combination of Gibod, Zhai, Joa and Cignetti discloses:
The method of claim 12, wherein the sensor device is a network sniffer (Zhai: [0047] FIG. 4 schematically shows that a security sensor may be deployed in a network that transmits data wirelessly. The security sensor may sniff data in wireless communication without physical connection to any nodes of the network).
Regarding claim 21, Gibod fails to disclose:
The system of claim 1, further comprising: a sensor device positioned between the receiving device and the host device to detect the data structure when transmitted from the host device to the receiving device outside of a predefined area, wherein, during a transmission of data, the sensor device is configured to: receive the data structure during the transmission from the host device to the receiving device; detect the identifier of the received data structure; determine the permission associated with the identifier; when the permission associated with the identifier indicates that the data structure is permitted to be transmitted to the receiving device, transmit the received data structure to the receiving device; when the permission associated with the identifier indicates that the data structure is not permitted to be transmitted to the receiving device, destroy at least the portion of the embedded data by overwriting at least the portion of the embedded data; and set a flag of the data structure.
However, Zhai discloses:
	a sensor device positioned between (See Figures 2 & 4 depict security sensor positioned between two nodes) a receiving device and the host device ([0045] The NIDS is configured to monitor data on a transmission line (wireless, Ethernet, fiber optics, etc.) between at least a pair of nodes of a network. The nodes can be any device that transmits or receives data; [0047] FIG. 4 schematically shows that a security sensor may be deployed in a network that transmits data wirelessly. The security sensor may sniff data in wireless communication without physical connection to any nodes of the network; [0048] If an event monitored by the security matches an attack signature, the security sensor may further determine how to handle the event … the system 500 may disable or enable the attack signatures, limit [outside the permitted locations] the applicability of the attack signatures by time, geological location, logic location, IP addresses, etc.).
It would have been obvious to one of the ordinary person skilled in the art before the effective filing date of the claimed invention to modify the reference of Gibod and include a dedicated sensor to monitor the data transmission between two hosts, as disclosed by Zhai. 
The motivation to combine the references is to be able to ensure that legitimate and allowed communication is occurring between the authorized entities only and is secured from malicious actors.
The combination of Gibod and Zhai fails to disclose:
	the sensor device to detect the data structure when transmitted from the host device to the receiving device outside of a predefined area; wherein, during a transmission of data, the sensor device is configured to: receive the data structure during the transmission from the host device to the receiving device; detect the identifier of the received data structure; determine the permission associated with the identifier; when the permission associated with the identifier indicates that the data structure is permitted to be transmitted to the receiving device, transmit the received data structure to the receiving device; and when the permission associated with the identifier indicates that the data structure is not permitted to be transmitted to the receiving device, the sensor device set a flag of the data structure; deny access to at least the portion of the embedded data.
However, Joa discloses:
	the sensor device (i.e., the server 101/system determines a location of the portable access device) to detect the data structure when transmitted from the host device (i.e., portable access device (PAD)) to the receiving device (i.e., access to a dataset in the remote access device) outside of a predefined area ([0026] In step 207 the system determines a location identified with the access request [from the portable access device]. The determination in step 207 may be based on location information 205 received from the device requesting access to the dataset; [0028] In step 211, the system determines whether the location associated with the device requesting access is allowed to access the requested dataset. If any location within the degree of error associated with the location information is within an unauthorized area, then access may be denied);
	wherein, during a transmission of data, the sensor device is configured to: receive the identifier of the data structure (i.e., network address associated with device requesting access to the dataset) during the transmission from the host device to the receiving device ([0026] In step 207 the system determines a location identified with the access request … location information 205 may be retrieved by the system based on a network address of the device requesting access by looking up the address in a database that correlates a known device address to a corresponding specific location); 
detect the identifier of the received data structure ([0026] location information 205 may be retrieved by the system based on a network address of the device requesting access by looking up the address in a database that correlates a known device address to a corresponding specific location); 
determine the permission associated with the identifier ([0028] In step 211, the system determines whether the location associated with the device requesting access is allowed to access the requested dataset); 
when the permission associated with the identifier indicates that the data structure is permitted (i.e., location is authorized) to be transmitted to the receiving device, transmit the received data structure to the receiving device ([0030] Upon querying database 209, the system in step 211 determines whether location 205 is authorized to access the requested dataset … If the location is authorized to access the dataset, then in step 213 the system provides the user/PAD the requested access to the dataset); and 
when the permission associated with the identifier indicates that the data structure is not permitted to be transmitted to the receiving device, deny access to at least the portion of the embedded data ([0030] Upon querying database 209, the system in step 211 determines whether location 205 is authorized to access the requested dataset. If the location is not authorized to access the dataset, then the method proceeds to step 217 where access to the dataset is denied).
It would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to modify Gibod and Zhai references and include a system and a method of determining access permission to a dataset based at least in part of a geographic location of the user’s device attempting to access the dataset, as disclosed by Joa.
The motivation to determine the access permission to a dataset based on geographic location is to prevent access to sensitive data when the user’s device is not at the authorized location.
The combination of Gibod, Zhai and Joa fails to disclose:
	the sensor device set a flag of the data structure; the sensor device destroy the data by overwriting at least the portion of the embedded data. 
However, Cignetti discloses:
	the sensor device set a flag of the data structure (Col. 13, Line # 9-17; discloses determining if an event will occur where encryption keys will be exposed then server send signal to delete the keys to prevent the keys from being stored persistently or transmitted over a network in plaintext form);
the server [sensor device] destroy the data by overwriting at least the portion of the embedded data (Col. 14, Line # 46-51; Returning to FIG. 10, if it is determined that the encryption keys have not been exposed 1006, the keys or other sensitive data may then be selectively deleted or otherwise destroyed 1008. The data may be deleted or otherwise destroyed 1008 by overwriting the keys with random data, non-random data, zeros, ones or other suitable information).
	It would have been obvious to an ordinary skill in the art before the effective filing date of the claimed invention to modify the Gibod, Zhai and Joa references and include a technique for enhancing data security in which sensitive data is destroyed by overwriting the data in determination that the data has been potentially accessed by unauthorized entity, as disclosed by Cignetti.
	The motivation to destroy the sensitive data in case the data has been potentially accessed by the unauthorized entity is to discourage the unauthorized entity to perform further attempts to access the sensitive data.
Regarding claim 22, the combination of Gibod, Zhai, Joa and Cignetti discloses:
The system of claim 21, wherein the sensor device destroys the embedded data by setting the flag of the data structure to an armed state (Cignetti: Col. 13, Line # 9-17; discloses determining if an event will occur where encryption keys will be exposed then server send signal to delete the keys to prevent the keys from being stored persistently or transmitted over a network in plaintext form).
Regarding claim 23, the combination of Gibod, Zhai, Joa and Cignetti discloses:
The system of claim 21, wherein the sensor device allows the data structure to be transmitted to the receiving device by setting the flag of the data structure to a disarmed state (Joa: [0030] Upon querying database 209, the system in step 211 determines whether location 205 is authorized to access the requested dataset … If the location is authorized to access the dataset, then in step 213 the system provides the user/PAD the requested access to the dataset).
Regarding claim 24, the combination of Gibod, Zhai, Joa and Cignetti discloses:
The method of claim 12, wherein the sensor device sets a flag of the data structure (Cignetti: Col. 13, Line # 9-17; discloses determining if an event will occur where encryption keys will be exposed then server send signal to delete the keys to prevent the keys from being stored persistently or transmitted over a network in plaintext form).
Regarding claim 25, the combination of Gibod, Zhai, Joa and Cignetti discloses:
The method of claim 24, wherein the sensor device destroys the embedded data by setting the flag of the data structure to an armed state (Cignetti: Col. 13, Line # 9-17; discloses determining if an event will occur where encryption keys will be exposed then server send signal to delete the keys to prevent the keys from being stored persistently or transmitted over a network in plaintext form).
Regarding claim 26, the combination of Gibod, Zhai, Joa and Cignetti discloses:
The method of claim 24, wherein the sensor device allows the data structure to be transmitted to the receiving device by setting the flag of the data structure to a disarmed state (Joa: [0030] Upon querying database 209, the system in step 211 determines whether location 205 is authorized to access the requested dataset … If the location is authorized to access the dataset, then in step 213 the system provides the user/PAD the requested access to the dataset).


Claim(s) 15-16 are rejected under 35 U.S.C. 103 as being unpatentable over Boccon-Gibod et al., hereinafter referred as “Gibod” (US20070180519A1) in view of Zhai et al., (US20160352759A1) in view of Joa et al., (US20120198570A1) in view of Cignetti et al., (US9231923B1) and further in view of Burgess et al., (US20120151553A1).
Regarding claim 15, the combination of Gibod, Zhai, Joa and Cignetti fails to disclose:
	The method of claim 12, wherein the data structure contains financial data.
However, Burgess discloses:
	wherein the data structure contains financial data ([0214] In this embodiment, “high” security level requires the use of stripping out highly sensitive data from the document data and storing it in a separate cognitive data file. Samples of highly sensitive data could comprise identity numbers such as social security numbers, names, locations, financial numbers, pricing information, etc.).	
It would have been obvious to an ordinary skill in the art before the effective filing date of the claimed invention to modify Gibod, Zhai, Joa and Cignetti system and include protection of Financial data, as disclosed by Burgess.
	The motivation to include protection of Financial data is to increase types of data protection which can be protected into Gibod, Zhai, Joa and Cignetti system.
Regarding claim 16, the combination of Gibod, Zhai, Joa and Cignetti fails to disclose:
	The method of claim 12, wherein the data structure contains healthcare data.
However, Burgess discloses:
	wherein the data structure contains healthcare data ([0086] This automated control logic can implement data security standards though the use of rule-based logic as an aid to automate a data security policy (e.g., Health Insurance Portability and Accountability Act)).
It would have been obvious to an ordinary skill in the art before the effective filing date of the claimed invention to modify Gibod, Zhai, Joa and Cignetti system and include protection of Healthcare data, as disclosed by Burgess.
	The motivation to include protection of Healthcare data is to increase types of data protection which can be protected into Gibod, Zhai, Joa and Cignetti system.

Claim(s) 17-19 are rejected under 35 U.S.C. 103 as being unpatentable over Boccon-Gibod et al., hereinafter referred as “Gibod” (US20070180519A1) in view of Zhai et al., (US20160352759A1) in view of Joa et al., (US20120198570A1) in view of Cignetti et al., (US9231923B1) and further in view of Mahaffey et al., (US20150128205A1).
Regarding claim 17, the combination of Gibod, Zhai, Joa and Cignetti fails to disclose:
The method of claim 12, wherein the permission is determined by comparing the receiving device to a whitelist.
However, Mahaffey discloses:
	wherein the permission is determined by comparing the receiving device to a whitelist ([0126] Providing a secure connection or safe browsing experience may be facilitated through controlling a domain name system (DNS) server for resolving network addresses of all connections via whitelisting or blacklisting by specific domains or top-level domains (TLDs) or categories of destinations; [0314] Whitelisting techniques, blacklisting techniques, or both may used to help determine the network connection type. For example, in a specific implementation, a security policy includes a listing of remote destination categories. In this specific implementation, if a remote destination falls within a category of the listing, a network connection of a first type may be required between the mobile communications device and the remote destination).
	It would have been obvious to one of the ordinary person skilled in the art before the effective filing date of the claimed invention to modify the Gibod, Zhai, Joa and Cignetti references and include a system which monitors outgoing requests to remote device(s) and check whether they are in allowed [whitelist] category to communicate with the local device, as disclosed by Mahaffey.
	The motivation to monitor and check the remote device(s) whether they are in allowed category to communication with the local device is to proactively protect the local device from communicating with malicious entities.
Regarding claim 18, the combination of Gibod, Zhai, Joa and Cignetti fails to disclose:
The method of claim 12, wherein the permission is determined by comparing the receiving device to a blacklist.
However, Mahaffey discloses:
wherein the permission is determined by comparing the receiving device to a blacklist ([0058] attempted connections to blacklisted domains and/or internet protocol (IP) addresses or ranges may be detected and/or prevented. The blacklisting of domains and addresses may be at any level of the domain structure. For example, a domain may be blacklisted if it matches “*.ru” or “*.badsite.ru.” Furthermore, blacklisting may include specific IP addresses, or IP address blocks for specific organizations or geographic top-level domains).
It would have been obvious to one of the ordinary person skilled in the art before the effective filing date of the claimed invention to modify the Gibod, Zhai, Joa and Cignetti references and include a system which monitors outgoing requests to remote device(s) and check whether they are in disallowed [blacklist] category to communicate with the local device, as disclosed by Mahaffey.
	The motivation to monitor and check the remote device(s) whether they are in allowed category to communication with the local device is to proactively protect the local device from communicating with malicious entities.  
Regarding claim 19, the combination of Gibod, Zhai, Joa and Cignetti fails to disclose:
The method of claim 10, wherein the permission is determined by comparing a GPS location of the receiving device to a blacklist of geographic locations.
However, Mahaffey discloses:
wherein the permission is determined by comparing a GPS location of the receiving device to a blacklist of geographic locations ([0266] In some implementations, an operation may be performed in response to determining that an application is attempting to connect to or request content from a server in a particular country. For example, a SNC policy manager may include a country blacklist that specifies that all traffic being sent to one or more particular countries should be dropped. A system component, such as a safe browsing module, may identify a destination country for each request leaving the mobile communications device based on the country that the DNS address associated with the request resolves to. If the country identified based on the DNS address matches a country identified in the blacklist, a system component, such as a SNC service manager, may drop the request).
It would have been obvious to one of the ordinary person skilled in the art before the effective filing date of the claimed invention to modify the Gibod, Zhai, Joa and Cignetti reference and include a system which monitors outgoing requests to remote device(s) and check whether they are in disallowed [blacklist] category to communicate with the local device, as disclosed by Mahaffey.
The motivation to monitor and check the remote device(s) whether they are in allowed category to communication with the local device is to proactively protect the local device from communicating with malicious entities.  

Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SYED M AHSAN whose telephone number is (571)272-5018. The examiner can normally be reached 8:30 AM - 6:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffery L. Nickerson can be reached on 469-295-9235. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/Jeffrey Nickerson/Supervisory Patent Examiner, Art Unit 2432                                                                                                                                                                                                        

/S.M.A./Patent Examiner, Art Unit 2432