DETAILED ACTION

Currently pending claims are 1 – 15.


Response to Arguments
Applicant's arguments with respect to instant claims have been fully considered but are moot in view of the new ground(s) of rejection necessitated by Applicant's amendment – please see the following section for the detail of rationale to make the corresponding prior-art(s) rejections as set forth below. 

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claims 1, 3 – 10, 13 & 15 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Durham et al. (U.S. Patent 2005/0213768). 

As per claim 1, 9 & 13, Durham teaches a method, comprising: 
storing, by a device, a set of security rules for the device (Durham: Abstract & Figure 5 / E-504 – 512 and Para [0052] / [0054]: storing various network access security policies by an embedded security agent at a device to verify a device platform security as needed); 
monitoring, by the device, compliance for the set of security rules (Durham: see above); and 
upon detecting, by the device, noncompliance of an identified security rule: (Durham: see above & Para [0052]: if the embedded security agent at the device detedting and determining that the computing platform has been compromised – i.e. noncompliance of an identified security rule): 

disabling, by the device, network access for the device by disabling a hardware component of the device (see as follows); and establishing, by the device, a trigger to disable network access for the device when network access for the device is restored prior to returning the device to compliance with the identified security rule, wherein the trigger disables the hardware component of the device to disable the network access in response to the hardware component of the device being enabled prior to the device being in compliance with the identified security rule (Durham: see above & Para [0052] / [0054]: the embedded security agent at the device can perform security protection during the time when the computing platform has been compromised (Para [0052] Line 1 – 4) such as preventing network accessing from transmitting to the network on its network access port(s) (i.e. a hardware device / component) or triggering (causing) a reboot – i.e. prior to returning the device to compliance (as it’s no longer compromised) with the identified security rule (Para [0052] Line 1 – 4) – this is consistent with the disclosure of the instant specification (SPEC-PG.PUB: [0016] Line 8 – 13: disabling a hardware device (component) includes preventing other applications or components from communicating with the hardware component and so forth).  

As per claim 3 – 4, Durham teaches where disabling network access for the device includes disabling a hardware component associated with network access (Durham:see above: when stopping the network access, at least, a respective T/R (hardware tranceiver device) must be disabled on a particular communications port of a network card (adaptor)).  

As per claim(s) 5 – 6, the claims contain(s) similar limitations to claim(s) 1 and thus is/are rejected with the same rationale.

As per claim 7, Durham teaches restoring network access to the device based on an administrator override (Durham: see above: (a) storing various network access security policies by an embedded security agent at a device to verify the device platform security as needed, wherein (b) when a network manager (i.e. administrator) causing a client device to reboot (restart) when the client device has been compromised, network accessing from a communication device would be prevented (disabled) from transmission to the network on its network access port(s)).  

As per claim 8, 10 and 15, Durham teaches attempting to return the device to compliance with the identified security rule prior to disabling network access for the device (Durham: see above).  

Claim Rejections - 35 USC § 103

The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


Claim 2, 11, 12 & 14 are rejected under 35 U.S.C.103 as being unpatentable over Durham et al. (U.S. Patent 2005/0213768), in view of Li et al. (U.S. Patent 10,278,073).  

As per claim 2, 11, 12 and 14, Li (& Durham) teaches where the trigger is based on one of a Windows WMI event and a platform invocation call (Li: Col. 3 Line 12 – 16, Col. 1 Line 65 – Col. 2 Line 14 and Col. 3 Line 5 – 11: (a) monitoring and checking the respective network access security policies by the terminal so as to validate and stop a network access when a security status of the corresponding terminal is in noncompliance state and for example, (b) a call being initiated by a SIM card of a smart phone device under 3GPP network (i.e. a platform invocation call)).  
It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention was made to propose the modification of triggering a security protection based on one of a Windows WMI event and a platform invocation call because Li teaches monitoring and checking the respective network access security policies by the terminal so as to validate and stop a network access when a security status of the corresponding terminal is in noncompliance state and for example, a call being initiated by a SIM card of a smart phone device under 3GPP network (i.e. a platform invocation call) within the Durham’s system of in a case of the embedded security agent of the device detecting and determining that the computing platform has been compromised – i.e. noncompliance of an identified security rule), the device security agent can perform security protection during the time when the computing platform has been compromised (see above).

As per claim 11 and 14, Li (& Durham) teaches where the network access control module also establishes a trigger to disable an installed network device upon detection of installation of the installed network device (Li: Col. 1 Line 65 – Col. 2 Line 14: (a) monitoring and checking the respective network access security policies by the terminal so as to validate and stop a network access when a security status of the corresponding terminal is in noncompliance state and for example, (b) disabling (stopping) network access for the device accordingly upon determining a noncompliance of an identified security rule (i.e. in an unsecured state) when matching a list of preset conditions such as a new SIM card (i.e. a new network component) of the terminal is installed (i.e. changed) and thus suspicious).
It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention was made to propose the modification of establishing a trigger to disable an installed network device upon detection of installation of the installed network device l because Li teaches monitoring and checking the respective network access security policies by the terminal so as to validate and stop a network access when a security status of the corresponding terminal is in noncompliance state and for example, disabling (stopping) network access for the device accordingly upon determining a noncompliance of an identified security rule (i.e. in an unsecured state) when matching a list of preset conditions such as a new SIM card (i.e. a new network component) of the terminal is installed (i.e. changed) and thus suspicious) within the Durham’s system of in a case of the embedded security agent of the device detecting and determining that the computing platform has been compromised – i.e. noncompliance of an identified security rule), the device security agent can perform security protection during the time when the computing platform has been compromised (see above).

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 

---------------------------------------------------
                  /Longbit Chai/
           Longbit Chai E.E. Ph.D.
    Primary Examiner, Art Unit 2431
                   No. #2338 – 2022
---------------------------------------------------