DETAILED ACTION
	The instant application having Application No. 17/225,187 filed on04/08/2021 is presented for examination by the Examiner.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 1-2, 9-10 and 17-18 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
Claim 9 recites the limitation “..the user device..” in line 3. There is a lack of antecedent basis for this limitation in the claim.
Claim 2 recites the limitation “..the cloud system..” in line 8.  There is a lack of antecedent basis for this limitation in the claim.
Claims 10 & 18 are rejected for the same rationale as claim 2 above. 
Claim 17 is rejected for the same rationale as claim 9 above.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.


Claims 1-20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significant more. 
The following is an analysis under the 2019 Revised Patent Subject Matter Eligibility Guidance. Independent claim 1 is analyzed below:
Step 1-Is the claim directed to a process, machine, manufacture or composition of matter?
Step 1 Analysis-Yes, claim 9 is a method claim.
Step 2A Prong One-Does the claim recite Judicial Exception (i.e.: Abstract Idea, Law of Nature or Natural Phenomenon?)
Step 2A Prong One Analysis-Yes, claim 9 recites the abstract idea of a Method of organizing human activity. The limitations “..determining if a user of a user device is permitted to access the application; ” “determining a posture of the user device;” and “allowing access to the application..” are basically steps which describe a process that, under broadest reasonable interpretation, pertains to access control, a fundamental economic practice and a method of organizing human activity. That is, other than reciting “..the user device..” nothing in the claim elements preclude the steps from being interpreted as a method of organizing human activity pertaining to access control.  If claims limitations, under broadest reasonable interpretation, cover a method of organizing human activity but for the recitation of generic computer components, then the claims fall within the “Method of Organizing Human Activity” grouping of abstract ideas. Accordingly, the claim recites an abstract idea.
Step 2A Prong Two-Does the claim recite additional elements that integrate the Judicial Exception into a Practical Application? 
Step 2A Prong Two Analysis-No, the claim does not recite any application of the abstract ideas because it does not impose any meaningful limits on practicing the abstract idea. 
Step 2B-Does the claim recite additional elements that amount to significantly more than the Judicial Exception? 
Step 2B Analysis-No, as analyzed in the step 2A Prong Two Analysis above, the claim does not recite additional elements that amount to significantly more than the Judicial Exception. Therefore, claim 9 is non-statutory. 

Independent claims 1, 17 and all the dependent claims 2-8, 10-16, and 18-20 are also rejected for the same rational as claim 9 above.

Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


Claims 1, 9 and 17 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Nellen (US 2019/0141015 A1-hereinafter Nellen.) 
Regarding claim 1, Nellen discloses a non-transitory computer-readable medium comprising instructions that, when executed, cause a user device to perform the steps of: 
responsive to a request to access an application, wherein the application is in one of a public cloud, a private cloud, and an enterprise network, and wherein the user device is remote over the Internet, determining if a user of the user device is permitted to access the application (at least figure 1, [0063][0065][0074]-[0076][0100], i.e.: in response to a request to access an application/network-security function on secure cloud, determine if user of a user device is permitted to access the application/network-security function); 
determining a posture of the user device (at least [0076][0087], i.e.: location information, resource usage, processing load, memory consumption and etc. of the user device is determined); and 
allowing access to the application based on whether the user is permitted to access the application and based on the posture of the user device (at least [0076]-[0077][0100], application/network-security function is provided to the user.)

	Claims 9 & 17 are rejected for the same rationale as claim 1 above.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 2-5, 10-13, 15 and 18-19 are rejected under 35 U.S.C. 103 as being unpatentable over Nellen.
Regarding claim 2, Nellen discloses the non-transitory computer-readable medium of claim 1. Nellen also discloses in response to determining that the user device is permitted to access the application and/or if the posture passes, stitching together connections a connection between a cloud-based system, the application, and the user device and a connection between the cloud system and the application via a connector to provide access to the application (at least figures 1,10A-10C, [0071][0061][0063] [0166]-[0167], i.e.: connections are brought edge device.)
Nellen does not explicitly disclose the steps include in response to determining that the user is not permitted to access the application and/or if the posture fails, notifying the user device the application does not exist, wherein the user device is prevented from ascertaining an existence of applications that the user device is not permitted to access.
However, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to notify the user device that the application does not exist when it is determined that the user is not permitted to access the application and that the user device is prevented from ascertaining an existence of applications that the user device is not permitted to access in order to divert the user device from keep trying to access the application and to protect valuable processing resources in case the user device is compromised.

Regarding claim 3, Nellen discloses the non-transitory computer-readable medium of claim 2. Nellen also discloses the stitching together the connections includes the cloud-based system creating both a connection to the user device and to the application to enable the user device and the application to communicate (at least figures 1, 10A-10C, wherein the secure cloud connects to both the data resources/application and the user device.)

Regarding claim 4, Nellen discloses the non-transitory computer-readable medium of claim 3. Nellen also discloses the stitching together the connections includes at least two tunnels between the user device and the application (at least figures 1, 10A-10C, [0166]-[0167], connection/tunnel between user device and secure cloud, and connection between secure cloud and data sources/application.)

Regarding claim 5, Nellen discloses the non-transitory computer-readable medium of claim 1. Nellen also discloses the posture includes whether the user device is executing a specific process and whether the specific process has a thumbprint that matches (at least [0087][0126], name of process running on user device, and a profile the processing running on the user device is maintained and managed at a cloud server.)

Claims 10 & 18 are rejected for the same rationale as claim 2 above.
Claims 11 & 19 are rejected for the same rationale as claim 3 above.
Claim 12 is rejected for the same rationale as claim 4 above.
Claims 13 & 15 are rejected for the same rationale as claim 5 above.

Claims 6-8 and 14-16 are rejected under 35 U.S.C. 103 as being unpatentable over Nellen and in view of Kostiainen et al. (US 2008/0320308 A1-hereinafter Kostiainen.)
Regarding claim 6, Nellen discloses the non-transitory computer-readable medium of claim 1. Nellen also discloses the posture includes attestation on the user device (at least [0087][0126], i.e.: file and hashes of the file.) 
Nellen does not explicitly disclose having a Trusted Platform Module (TPM.)
However, Kostiainen discloses a Trusted Platform Module (at least [0010]-[0011] and [0013], TPM.)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the medium of Nellen to include the teachings of Kostiainen to ensure platform integrity by taking and storing security measurements.
Regarding claim 7, Nellen discloses the non-transitory computer-readable medium of claim 1. Nellen also discloses the posture includes identify attestation based on the user device (at least [0087][0126], i.e.: file name and hashes of file.)
Nellen does not explicitly disclose having a Trusted Platform Module (TPM.)
However, Kostiainen discloses a Trusted Platform Module (at least [0010]-[0011] and [0013], TPM.)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the medium of Nellen to include the teachings of Kostiainen to ensure platform integrity by taking and storing security measurements.

Regarding claim 8, Nellen discloses the non-transitory computer-readable medium of claim 1. Nellen also discloses the posture includes remote attestation based on measurements on the user device (at least [0087][0126], i.e.: resource usage stored at secure cloud.)
Nellen does not explicitly disclose having a Trusted Platform Module (TPM.)
However, Kostiainen discloses a Trusted Platform Module (at least [0010]-[0011] and [0013], TPM.)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the medium of Nellen to include the teachings of Kostiainen to ensure platform integrity by taking and storing security measurements.

Claim 14 is rejected for the same rationale as claim 6 above.
Claim 15 is rejected for the same rationale as claim 7 above.
Claim 16 is rejected for the same rationale as claim 8 above.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to PHY ANH TRAN VU whose telephone number is (571)270-7317. The examiner can normally be reached Monday-Friday 7 am-1 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Taghi T Arani can be reached on (571) 272-3787. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/PHY ANH T VU/Primary Examiner, Art Unit 2438