`
`UNITED STATES PATENT AND TRADEMARK OFFICE
`
`UNITED STATES DEPARTMENT OF COMMERCE
`United States Patent and Trademark Office
`Address: COMMISSIONER FOR PATENTS
`P.O. Box 1450
`Alexandria, Virginia 22313-1450
`www.uspto.gov
`
`APPLICATION NO.
`
`
`
`
` FILING DATE
`
`
`FIRST NAMED INVENTOR
`
`ATTORNEY DOCKET NO.
`
`
`
`
` CONFIRMATIONNO.
`
`
`12/720,147
`
`03/09/2010
`
`Allen F. Rozman
`
`ARAC-01RE1
`
`8473
`
`Allen F. Rozman
`a
`6402 Wildlife Trail
`Garland, TX 75044
`
`mee PdEXAMINER
`rE
`
`LAFORGIA, CHRISTIAN A
`
`ART UNIT
`
`2439
`
`MAIL DATE
`
`04/29/2011
`
`PAPER NUMBER
`
`DELIVERY MODE
`
`PAPER
`
`Please find below and/or attached an Office communication concerning this application or proceeding.
`
`The time period for reply, if any, is set in the attached communication.
`
`PTOL-90A (Rev. 04/07)
`
`

`

`
`Application No.
`Applicant(s)
`
`Office Action Summary
`
`12/720,147
`Examiner
`
`ROZMAN ETAL.
`Art Unit
`
`2439
`Christian LaForgia
`-- The MAILING DATEof this communication appears on the cover sheet with the correspondence address--
`Period for Reply
`
`A SHORTENED STATUTORY PERIOD FOR REPLYIS SET TO EXPIRE 3 MONTH(S) OR THIRTY(30) DAYS,
`WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION.
`Extensions of time may be available under the provisions of 37 CFR 1.136(a).
`In no event, however, may a reply betimely filed
`after SIX (6) MONTHS from the mailing date of this communication.
`If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication.
`-
`- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133).
`Anyreply received by the Office later than three months after the mailing date of this communication, evenif timely filed, may reduce any
`earned patent term adjustment. See 37 CFR 1.704(b).
`
`Status
`
`1)X] Responsive to communication(s)filed on 04 April 2011.
`a)L] This action is FINAL.
`2b)X] This action is non-final.
`3)L] Sincethis application is in condition for allowance except for formal matters, prosecution as to the merits is
`closed in accordance with the practice under Ex parte Quayle, 1935 C.D. 11, 453 O.G. 213.
`
`Disposition of Claims
`
`4)X] Claim(s) 1-73 is/are pending in the application.
`
`4a) Of the above claim(s)
`is/are withdrawn from consideration.
`
`5)L] Claims)
`is/are allowed.
`6)X] Claim(s) 1-73 is/are rejected.
`7)L] Claim(s) ____ is/are objected to.
`8)L] Claim(s)___ are subjectto restriction and/or election requirement.
`
`Application Papers
`
`9)L] The specification is objected to by the Examiner.
`0)X] The drawing(s) filed on 09 March 2010 is/are: a)X] accepted or b)[_] objected to by the Examiner.
`Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a).
`
`Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d).
`11)L] The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152.
`
`Priority under 35 U.S.C. § 119
`
`12)[] Acknowledgmentis made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f).
`a)L] All
`b)L_] Some * c)L] None of:
`1.) Certified copies of the priority documents have been received.
`2.L] Certified copies of the priority documents have been received in Application No.
`3.L] Copiesof the certified copies of the priority documents have been receivedin this National Stage
`application from the International Bureau (PCT Rule 17.2(a)).
`* See the attached detailed Office action for a list of the certified copies not received.
`
`Attachment(s)
`1) Xx Notice of References Cited (PTO-892)
`2) [_] Notice of Draftsperson’s Patent Drawing Review (PTO-948)
`3) X] Information Disclosure Statement(s) (PTO/SB/08)
`Paper No(s)/Mail Date 4/4/71.
`U.S. Patent and Trademark Office
`
`4) CT] Interview Summary (PTO-413)
`Paper No(s)/Mail Date. __
`5) L] Notice of Informal Patent Application
`6) Cc Other:
`
`PTOL-326 (Rev. 08-06)
`
`Office Action Summary
`
`Part of Paper No./Mail Date 20110425
`
`
`
`

`

`Application/Control Number: 12/720,147
`
`Art Unit: 2439
`
`Page 2
`
`DETAILED ACTION
`
`1.
`
`2.
`
`The amendment of 04 April 2011 has been noted and madeofrecord.
`
`Claims 1-73 have been presented for examination.
`
`Information Disclosure Statement
`
`3.
`
`The information disclosure statement (IDS) submitted on 04 April 2011 is in compliance
`
`with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement has been
`
`considered by the examiner.
`
`Response to Arguments
`
`4,
`
`Applicant’s arguments, see pages 20-21, filed 04 April 2011, with respect to the
`
`rejections made under 35 U.S.C. § 251 have been fully considered and are persuasive. The 35
`
`U.S.C. § 251 rejection of claims 1-57 has been withdrawn.
`
`5.
`
`Applicant’s arguments, see pages 20-21, filed 04 April 2011, with respect to the
`
`rejections made under 35 U.S.C. § 112 have been fully considered and are persuasive. The 35
`
`U.S.C. § 112 rejection of claims 25 and 44-57 has been withdrawn.
`
`6.
`
`Applicant’s arguments, see pages 20-21, filed 04 April 2011, with respect to the
`
`rejections made under 35 U.S.C. § 101 have been fully considered and are persuasive. The 35
`
`U.S.C. § 101 rejection of claims 44-57 has been withdrawn.
`
`7.
`
`Applicant's arguments with respect to the prior art rejection of claims 1-57 have been
`
`considered but are moot in view of the new groundsofrejection set forth below.
`
`Claim Rejections - 35 USC § 102
`
`8.
`
`The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the
`
`basis for the rejections under this section made in this Office action:
`
`

`

`Application/Control Number: 12/720,147
`
`Art Unit: 2439
`
`A personshall be entitled to a patent unless —
`
`Page 3
`
`(b) the invention was patented or described in a printed publication in this or a foreign country or in public use or
`on sale in this country, more than one year prior to the date of application for patent in the United States.
`
`9.
`
`Claims 1-4, 5, 7, 10-12, 14-17, 19, 21-26, 29-48, 51-56, 58-67, and 69-73 are rejected
`
`under 35 U.S.C. 102(b) as being anticipated by U.S. Patent Application Publication No.
`
`2002/0002673 Al to Narin, hereinafter Narin.
`
`10.
`
`Asper claim |, Narin teaches a method of operating a computer system capable of
`
`exchanging data across a network of one or more computers and havingatleast a first and
`
`secondelectronic data processor capable of executing instructions using a common operating
`
`system, comprising the steps of:
`
`executing browserinstructionsin a first logical process within the commonoperating
`
`system using the first electronic data processor, wherein the first logical process is capable of
`
`accessing data containedin a first memory space (Figures 2 [element 210, 212], 3 [element
`
`310]], 4 [step 402], paragraphs 0019, 0030, 0031, 0035, 0036, 0040, 0046, i.e. secure application
`
`offers a web browsing function in a multiprocessor system);
`
`executing instructions in a secondlogical process within the common operating system
`
`using the second electronic data processor, wherein the second logical process is capable of
`
`accessing data contained in the second memory space (Figures 2 [elements 220, 222], 3 [element
`
`320], 4 [step 404], paragraphs 0019, 0032, 0037, 0040-0041, 0050-0051); and
`
`displaying data from thefirst logical process and the second logical process, wherein a
`
`video processor is adapted to combine data from the first and secondlogical processes and
`
`transmit the combined datato a display (Figures | [element 190], 5, Abstract, paragraphs 0007,
`
`0050, 0051, the second process renders its output in a child window ofthe first process, so that
`
`

`

`Application/Control Number: 12/720,147
`
`Art Unit: 2439
`
`Page 4
`
`the use of a second process to host non-secure software objects is transparent to the user of the
`
`first process);
`
`wherein the computer system is configured such that data residing on the second
`
`electronic data processor is operating in a protected modeand data residing on the first memory
`
`space is protected from corruption by a malware process downloaded from the network and
`
`executing as part of the second logical process (Abstract, paragraph 0035-0036, 0039, the first
`
`process’s address space is inaccessible to the second process; provides defense against from the
`
`non-secure software object (i.e. web browsing functions, from observing or modifying anything
`
`going on with the secure application)).
`
`11.
`
`Regarding claim 2, Narin teaches wherein the second memory space comprises memory
`
`selected from the group consisting of: a memory zone within a physical memory commonto the
`
`first memory space (Figure 2 [element 141], paragraph 0025); a partition on a memorydevice;
`
`random access memory (RAM) (Figure 2 [element 132], paragraph 0023); both volatile and
`
`nonvolatile memory.
`
`12.
`
`Regarding claim 3, Narin teaches wherein the second logical process comprises a process
`
`selected from the group consisting of: an electronic mail process, an instant messaging process,
`
`an internet browser process (paragraphs 0007, 0036, 0045-0051), an interactive gaming process,
`
`a virtual private network (VPN) process, and a reader application process.
`
`

`

`Application/Control Number: 12/720,147
`
`Art Unit: 2439
`
`Page 5
`
`13.
`
`Regarding claim 4, Narin teaches wherein the first logical process receives user interface
`
`data and passes the userinterface data to the secondlogical process (Figures 3 [elements 326,
`
`238], 4 [step 408], paragraphs 0037-0038, 0041-0042).
`
`14.
`
`Regarding claim 5, Narin teaches wherein the first and secondelectronic data processors
`
`are part of a multi-core electronic data processor (paragraph 0019, multi-core electronic data
`
`processoris the functional equivalent of a multiprocessor system, neatly packagedin a single-
`
`chip).
`
`15.
`
`Regarding claim 7, Narin teaches automatically deleting at least one data file residing on
`
`the second memory space whenthe secondlogical process is terminated (Figure 4 [step 412],
`
`paragraph 0044).
`
`16.
`
`Asper claims 10 and 15, Narin teaches a multiprocessor computer system (Figure 1
`
`[element 120], paragraphs 0019, 0021, multiprocessor systems) using a common operating
`
`system capable of exchanging data across a network of one or more computers via a network
`
`interface device, comprising:
`
`a first electronic data processor capable of executing browserinstructions using the
`
`commonoperating system and communicatively coupled to a first memory space (Figures 2
`
`[element 210, 212], 3 [element 310]], 4 [step 402], paragraphs 0019, 0030, 0031, 0035, 0036,
`
`0040, 0046, i.e. secure application offers a web browsing function in a multiprocessor system);
`
`

`

`Application/Control Number: 12/720,147
`
`Art Unit: 2439
`
`Page 6
`
`a secondelectronic data processor capable of executing browserinstructions using the
`
`commonoperating system and communicatively coupled to a second memoryspace (Figures 2
`
`[elements 220, 222], 3 [element 320], 4 [step 404], paragraphs 0019, 0032, 0037, 0040-0041,
`
`0050-0051);
`
`a video processor adapted to combine video data from the first and second electronic
`
`processors and transmit the combinedvideo data to a display (Figures | [element 190], 5,
`
`Abstract, paragraphs 0007, 0050, 0051, the second process renders its output in a child window
`
`of the first process, so that the use of a second process to host non-secure software objects is
`
`transparentto the user ofthe first process);
`
`wherein the computer system is configured such that the second electronic data processor
`
`is Operating in a protected mode anddata residing onthefirst electronic memory spaceis
`
`protected from corruption by a malware process downloaded from the network and executing on
`
`the second electronic data processor (Abstract, paragraph 0035-0036, 0039, the first process’s
`
`address space is inaccessible to the second process; provides defense against from the non-secure
`
`software object (i.e. web browsing functions, from observing or modifying anything going on
`
`with the secure application)).
`
`17.
`
`Regarding claim 11, Narin teaches wherein the second memory space comprises memory
`
`selected from the group consisting of: a memory zone within a physical memory commonto the
`
`first memory space (Figure 2 [element 141], paragraph 0025); a partition on a memorydevice;
`
`random access memory (RAM) (Figure 2 [element 132], paragraph 0023); both volatile and
`
`nonvolatile memory.
`
`

`

`Application/Control Number: 12/720,147
`
`Art Unit: 2439
`
`Page 7
`
`18.
`
`Regarding claim 12, Narin teaches wherein the first and second electronic data processors
`
`are part of a dual processor computer system (Figure 1 [element 120], paragraphs 0019, 0021,
`
`multiprocessor systems).
`
`19,
`
`Regarding claims 14 and 16, Narin teaches wherein the computer system is configured
`
`such that the first electronic data processor is protected from executing instructions initiated by a
`
`malware process downloaded from the network and executing on the secondelectronic data
`
`processor(Abstract, paragraph 0035-0036, 0039, the first process’s address space is inaccessible
`
`to the second process; provides defense against from the non-secure software object (i.e. web
`
`browsing functions, from observing or modifying anything going on with the secure
`
`application)).
`
`20.
`
`Regarding claim 17, Narin teachesat least one network interface device capable of
`
`exchanging data with the network and with a logical process selected from the group consisting
`
`of: the first logical process and the second logical process (paragraph 0036, secure application
`
`312 may provide some type of web-browsing functionality, which would require exchanging
`
`data with the network interface device).
`
`21.
`
`Regarding claim 19, Narin teaches wherein the at least one electronic data processor
`
`comprises a processorselected from the group consisting of: a multi-core electronic data
`
`

`

`Application/Control Number: 12/720,147
`
`Art Unit: 2439
`
`Page 8
`
`processor; dual electronic data processors (Figure | [element 120], paragraphs 0019, 0021,
`
`multiprocessor systems).
`
`22.
`
`Asper claim 21, Narin teaches a portable computer capable of executing instructions
`
`using a common operating system (paragraph 0019, i.e. handheld or laptop devices), comprising:
`
`a network interface device (Figure | [element 170]) configured to exchange data across a
`
`network of one or more computers and accessat least one website (paragraphs 0026, 0027, 0048,
`
`0049);
`
`at least a first memory space (Figure 2 [elements 132, 141, 212]) and a second memory
`
`space (Figure 2 [elements 132, 141, 222]), the first memory space containing at least one system
`
`file (Figure 1 [element 134], paragraphs 0030, 0031);
`
`at least one electronic data processor (Figure | [element 120]) communicatively coupled
`
`(Figure 1 [element 121], system bus) to the network interface device (Figure 1 [element 170]),
`
`the first (Figure 2 [elements 132, 141, 212]) and second memoryspace (Figure 2 [elements 132,
`
`141, 222]), and to a user interface, wherein the user interface is configured to receive input from
`
`a computer user (Figure 1 [element 160], paragraph 0025);
`
`the at least one electronic data processor configured to execute a first browser process in
`
`a first logical process, wherein the first logical process is capable of accessing data contained in
`
`the first memory space (Figures 2 [element 210, 212], 3 [element 310]], 4 [step 402], paragraphs
`
`0030, 0031, 0035, 0036, 0040, 0046, i.e. secure application offers a web browsing function);
`
`the at least one electronic data processor further configured to execute a second browser
`
`process in a secondlogical process within the common operating system (Figures 2 [element
`
`

`

`Application/Control Number: 12/720,147
`
`Art Unit: 2439
`
`Page 9
`
`220], 3 [element 320], 4 [step 404], paragraphs 0032, 0037, 0040), wherein the secondlogical
`
`process is capable of accessing data contained in the second memory space (Figure 2 [elements
`
`220, 222]) and is further capable of generating video data from a website access via the network
`
`(Figures 3 [element 322], 4 [steps 406, 410], paragraphs 0040-0041,0050-0051, rendering
`
`webpage data, which oneofordinary skill in the art would construe as containing video data, in
`
`the non-secure process);
`
`a video processor (Figure | [element 190]) configured to transmit video data from the
`
`second browserprocessto a display (Figure 5, Abstract, paragraphs 0007, 0050, 0051, the
`
`second process renders its output in a child window ofthe first process, so that the use of a
`
`second process to host non-secure software objects is transparent to the user of the first process);
`
`wherein the first browser process is capable of opening the second browserprocess andis
`
`further capable of passing data to the second browserprocess (Figures 3 [elements 326, 238], 4
`
`[step 408], paragraphs 0037-0038, 0041-0042, secure application mayinitiate the hosting of the
`
`non-secure software object by instructing the host application to load and execute a non-secure
`
`software object within the separate process);
`
`wherein further the portable computer is configured such that the at least one system file
`
`residing on the first memory spaceis protected from corruption by a malware process
`
`downloaded from the network and executing within the second browser process (Abstract,
`
`paragraph 0035-0036, 0039, the first process’s address space is inaccessible to the second
`
`process; provides defense against from the non-secure software object(i.e. web browsing
`
`functions, from observing or modifying anything going on with the secure application)).
`
`

`

`Application/Control Number: 12/720,147
`
`Art Unit: 2439
`
`Page 10
`
`23.
`
`Regarding claim 22, Narin teaches wherein the first browser process is capable of
`
`exchanging data with the networkinterface device (paragraph 0036, secure application 312 may
`
`provide sometype of web-browsing functionality, which would require exchanging data with the
`
`network interface device) and with the second browser process (Figures 3 [elements 326, 238], 4
`
`[step 408], paragraphs 0037-0038, 0041-0042, secure application communicates with hosting
`
`application, which hosts non-secure objects).
`
`24. With regards to claim 23, Narin teaches wherein the first browser process is capable of
`
`passing data downloaded from the network to the second browser process (Figures 3 [elements
`
`326, 238], 4 [step 408], paragraphs 0037-0038, 0041-0042).
`
`25.
`
`Regarding claim 24, Narin teaches wherein the second browserprocess is capable of
`
`exchanging data with the networkinterface device (paragraph 0036, non-secure software object
`
`is a web browser, which includes the second process exchanging data via the networkinterface
`
`device) and with the first browser process (Figure 5, Abstract, paragraphs 0007, 0050, 0051, the
`
`second process communicates with the first process for the purpose of rendering its output in a
`
`child window ofthe first process).
`
`26.
`
`Regarding claim 25, Narin teaches wherein the at least one electronic data processoris
`
`selected from the group consisting of: an Application Specific Integrated Circuit; a Field
`
`Programmable Gate Array; a plurality of electronic data processors (Figure | [element 120],
`
`paragraphs 0019, 0021, multiprocessor systems); a multi-core electronic data processor.
`
`

`

`Application/Control Number: 12/720,147
`
`Art Unit: 2439
`
`Page 11
`
`27.
`
`Regarding claim 26, Narin teaches wherein the second memory spaceis selected from the
`
`group consisting of: a memory zone within a physical memory commonto the first memory
`
`space (Figure 2 [element 141], paragraph 0025); a partition on a memory device; random access
`
`memory (RAM)(Figure 2 [element 132], paragraph 0023); both volatile and nonvolatile
`
`memory.
`
`28.
`
`Regarding claim 29, Narin teachesat least one corruptedfile residing on the second
`
`memory spaceis capable of being automatically deleted when the second browserprocessis
`
`terminated (Figure 4 [step 412], paragraph 0044).
`
`29.
`
`Regarding claim 30, Narin teachesthat the first browser process is protected from
`
`executing instructionsinitiated by a malware process downloaded from the network and
`
`executing as part of the second browserprocess (Abstract, paragraph 0035-0036, the first
`
`process’s address space is inaccessible to the second process).
`
`30.
`
`Regarding claim 31, Narin teaches wherein attempts by malware to record data entry by
`
`the computeruserare effectively blocked (paragraph 0035, provide defense against observation
`
`and/or modification).
`
`31.
`
`Asper claim 32, Narin teaches a methodof operating a portable computer (paragraph
`
`0019, i.e. handheld or laptop devices) capable of executing instructions using a common
`
`

`

`Application/Control Number: 12/720,147
`
`Art Unit: 2439
`
`Page 12
`
`operating system and havingat least one electronic data processor (Figure | [element 120])
`
`communicatively coupled (Figure | [element 121], system bus) to a first (Figure 2 [elements
`
`132, 141, 212]) and second memoryspace (Figure 2 [elements 220, 222]) and to a network
`
`interface device (Figure | [element 170]), comprising:
`
`exchanging data across a network of one or more computers with the network interface
`
`device and accessing at least one website (paragraphs 0026, 0027, 0048, 0049);
`
`storing at least one system file within the first memory space (Figures | [element 134], 2
`
`[elements 132, 141, 212], paragraphs 0030, 0031);
`
`executing a first browser processinafirst logical process within the commonoperating
`
`system using the at least one electronic data processor, wherein the first logical process is
`
`configured to access data contained in the first memory space (Figures 2 [element 210, 212], 3
`
`[element 310]], 4 [step 402], paragraphs 0030, 0031, 0035, 0036, 0040, 0046, i.e. secure
`
`application offers a web browsing function);
`
`executing a second browserprocess in a second logical process within the common
`
`operating system using the at least one electronic data processor (Figures 2 [element 220], 3
`
`[element 320], 4 [step 404], paragraphs 0032, 0037, 0040), wherein the second logical process is
`
`configured to access data contained in the second memoryspace (Figure 2 [elements 220, 222])
`
`and is further configured to generate video data (Figures 3 [element 322], 4 [steps 406, 410],
`
`paragraphs 0040-0041,0050-0051, rendering webpage data, which one of ordinary skill in the art
`
`would construe as containing video data, in the non-secure process);
`
`opening the second browserprocess on instruction from the first browser process
`
`(Figures 3 [elements 326, 238], 4 [step 408], paragraphs 0037-0038, 0041-0042, secure
`
`

`

`Application/Control Number: 12/720,147
`
`Art Unit: 2439
`
`Page 13
`
`application mayinitiate the hosting of the non-secure software object by instructing the host
`
`application to load and execute a non-secure software object within the separate process);
`
`passing data from the first browser process to the second browserprocess (Figures 3
`
`[elements 326, 238], 4 [step 408], paragraphs 0037-0038, 0041-0042, secure application
`
`communicates with hosting application, which hosts non-secure objects);
`
`displaying website video data from the second browserprocess (Figure 5, Abstract,
`
`paragraphs 0007, 0050, 0051, the second process renders its output in a child window ofthefirst
`
`process, so that the use of a second process to host non-secure software objects is transparent to
`
`the user of the first process);
`
`wherein the portable computer is configured such that the at least one system file residing
`
`on the first memory space is protected from corruption by a malware process downloaded from
`
`the network and executing as part of the second browserprocess (Abstract, paragraph 0035-
`
`0036, 0039, the first process’s address space is inaccessible to the second process; provides
`
`defense against from the non-secure software object (i.e. web browsing functions, from
`
`observing or modifying anything going on with the secure application)).
`
`32.
`
`Regarding claim 33, Narin teaches wherein the portable computer is configured such that
`
`the first browser process is capable of exchanging data with the network interface device
`
`(paragraph 0036, secure application 312 may provide some type of web-browsing functionality,
`
`which would require exchanging data with the network interface device) and with the second
`
`browserprocess (Figures 3 [elements 326, 238], 4 [step 408], paragraphs 0037-0038, 0041-0042,
`
`secure application communicates with hosting application, which hosts non-secure objects).
`
`

`

`Application/Control Number: 12/720,147
`
`Art Unit: 2439
`
`Page 14
`
`33. With regards to claim 34, Narin teaches downloading data from the network and passing
`
`the data from the first browser process to the second browserprocess (Figures 3 [elements 326,
`
`238], 4 [step 408], paragraphs 0037-0038, 0041-0042).
`
`34.
`
`Regarding claim 35, Narin teaches wherein the portable computer is configured such that
`
`the second browserprocessis capable of directly exchanging data with the network interface
`
`device (paragraph 0036, non-secure software object is a web browser, which includes the second
`
`process exchanging data via the network interface device) and with the first browser process
`
`(Figure 5, Abstract, paragraphs 0007, 0050, 0051, the second process communicates with the
`
`first process for the purpose of rendering its output in a child window ofthefirst process).
`
`35.
`
`Regarding claim 36, Narin teaches wherein the second memory spaceis selected from the
`
`group consisting of: a memory zone within a physical memory commonto the first memory
`
`space (Figure 2 [element 141], paragraph 0025); random access memory (RAM)(Figure 2
`
`[element 132], paragraph 0023); both volatile and nonvolatile memory.
`
`36.
`
`Regarding claim 39, Narin teaches deleting at least one corrupted data file residing on the
`
`second memory space whenthe secondlogical process is terminated (Figure 4 [step 412],
`
`paragraph 0044).
`
`37.
`
`Regarding claim 40, Narin teaches wherein the at least one electronic data processoris
`
`

`

`Application/Control Number: 12/720,147
`
`Art Unit: 2439
`
`Page 15
`
`selected from the group consisting of: an Application Specific Integrated Circuit; a Field
`
`Programmable Gate Array; a plurality of electronic data processors (Figure | [element 120],
`
`paragraphs 0019, 0021, multiprocessor systems); a multi-core electronic data processor.
`
`38.
`
`Regarding claim 41, Narin teaches wherein the first browser process is protected from
`
`executing instructionsinitiated by a malware process downloaded from the network and
`
`executing as part of the second browserprocess (Abstract, paragraph 0035-0036, the first
`
`process’s address space is inaccessible to the second process).
`
`39,
`
`Regarding claim 42, Narin teaches displaying video data from the first browser process
`
`(Figure 5, Abstract, paragraphs 0007, 0050, 0051, the second process renders its output in a child
`
`windowofthe first process, so that the use of a second process to host non-secure software
`
`objects is transparent to the user of the first process).
`
`AQ.
`
`Regarding claim 43, Narin teaches wherein attempts by malware to record data entry by
`
`the computer userare effectively blocked (paragraph 0035, provide defense against observation
`
`and/or modification).
`
`Al.
`
`Asper claims 44 and 64, Narin teaches a method of and non-transitory computer readable
`
`medium containing instructions for operating a portable computer (paragraph 0019, i.e. handheld
`
`or laptop devices) comprising a network interface device (Figure 1 [element 170]), at least a first
`
`memory space (Figure 2 [elements 132, 141, 212]) and a second memoryspace (Figure 2
`
`

`

`Application/Control Number: 12/720,147
`
`Art Unit: 2439
`
`Page 16
`
`[elements 220, 222]), and at least one electronic data processor communicatively coupled (Figure
`
`1 [element 121], system bus) to the network interface device, the first and second memory space,
`
`and to a user interface, comprising:
`
`exchanging data across a network of one or more computers with the network interface
`
`device and accessing at least one website (paragraphs 0026, 0027, 0048, 0049);
`
`storing at least one system file in the first memory space (Figures | [element 134], 2
`
`[elements 132, 141, 212], paragraphs 0030, 0031);
`
`opening a first browser process, wherein the first browser process is capable of accessing
`
`data contained in the first memory space (Figures 2 [element 210, 212], 3 [element 310]], 4 [step
`
`402], paragraphs 0030, 0031, 0035, 0036, 0040, 0046, i.e. secure application offers a web
`
`browsing function);
`
`opening a second browser process (Figures 2 [element 220], 3 [element 320], 4 [step
`
`404], paragraphs 0032, 0037, 0040), wherein the second browserprocess is capable of accessing
`
`data contained in the second memoryspace (Figure 2 [elements 220, 222]), and is further
`
`capable of generating data for video display (Figures 3 [element 322], 4 [steps 406, 410],
`
`paragraphs 0040-0041,0050-0051, rendering webpage data, which one of ordinary skill in the art
`
`would construe as containing video data, in the non-secure process);
`
`passing data from the first browser process to the second browserprocess (Figures 3
`
`[elements 326, 238], 4 [step 408], paragraphs 0037-0038, 0041-0042, secure application
`
`communicates with hosting application, which hosts non-secure objects);
`
`wherein the portable computer is configured such that the at least one system file residing
`
`on the first memory space is protected from corruption by a malware process downloaded from
`
`

`

`Application/Control Number: 12/720,147
`
`Art Unit: 2439
`
`Page 17
`
`the network and executing as part of the second browserprocess (Abstract, paragraph 0035-
`
`0036, the first process’s address space is inaccessible to the second process; provides defense
`
`against from the non-secure software object (i.e. web browsing functions, from observing or
`
`modifying anything going on with the secure application)).
`
`42.
`
`Regarding claim 45, Narin teaches wherein the first browser processis capable of
`
`exchanging data with the networkinterface device (paragraph 0036, secure application 312 may
`
`provide sometype of web-browsing functionality, which would require exchanging data with the
`
`network interface device) and with the second browser process (Figures 3 [elements 326, 238], 4
`
`[step 408], paragraphs 0037-0038, 0041-0042, secure application communicates with hosting
`
`application, which hosts non-secure objects).
`
`43. With regards to claim 46, Narin teaches downloading data from the network and passing
`
`the downloaded data from thefirst browser process to the second browserprocess (Figures 3
`
`[elements 326, 238], 4 [step 408], paragraphs 0037-0038, 0041-0042).
`
`44.
`
`Concerning claim 47, Narin teaches storing the downloadeddata on the second memory
`
`space (paragraph 0036, non-secure software object runs web-browsing which includes
`
`downloading data).
`
`45.
`
`Regarding claim 48, Narin teaches wherein the second browserprocess is capable of
`
`exchanging data with the networkinterface device (paragraph 0036, non-secure software object
`
`

`

`Application/Control Number: 12/720,147
`
`Art Unit: 2439
`
`Page 18
`
`is a web browser, which includes the second process exchanging data via the networkinterface
`
`device) and with the first browser process (Figure 5, Abstract, paragraphs 0007, 0050, 0051, the
`
`second process communicates with the first process for the purpose of rendering its output in a
`
`child window ofthe first process).
`
`46.
`
`Regarding claim 51, Narin teaches that at least one corruptedfile residing on the second
`
`memory spaceis capable of being automatically deleted when the second browserprocess is
`
`terminated (Figure 4 [step 412], paragraph 0044).
`
`47.
`
`Regarding claim 52, Narin teaches wherein the first browser processis protected from
`
`executing instructionsinitiated by a malware process downloaded from the network and
`
`executing as part of the second browserprocess (Abstract, paragraph 0035-0036, 0039, the first
`
`process’s address space is inaccessible to the second process; provides defense against from the
`
`non-secure software object (i.e. web browsing functions, from observing or modifying anything
`
`going on with the secure application)).
`
`A8.
`
`Regarding claim 53, Narin teachesthe first browser process instructing the second
`
`browser process to open (Figures 3 [elements 326, 238], 4 [step 408], paragraphs 0037-0038,
`
`0041-0042, secure application mayinitiate the hosting of the non-secure software object by
`
`instructing the host application to load and execute a non-secure software object within the
`
`separate process).
`
`

`

`Application/Control Number: 12/720,147
`
`Art Unit: 2439
`
`Page 19
`
`49,
`
`Regarding claim 54, Narin teaches wherein attempts by malware to record data entry by
`
`the computer userare effectively blocked (paragraph 0035, provide defense against observation
`
`and/or mo