REMARKS
`
`The Applicants have carefully considered this application in connection with the
`
`Examiner’s Office Action and respectfully request reconsideration of this application in view of
`
`the foregoing amendments and the following remarks. The Applicants thank the Examiner for
`
`the Examiner Interview on August 22, 2011 and have taken into consideration the topics of
`
`discussion therein when addressing the objections and rejections to this application.
`
`The Applicants previously submitted Claims 1-73 in the application. While Claims 1, 3,
`
`10 and 15 have been amended, no claims have been cancelled herein. For the Examiner’s
`
`benefit, the Applicants have provided an Appendix II to clearly show the amendments to the
`
`specification and claims from the amendmentfiled on April 4, 2011. With respect to the
`
`specification,
`
`the Cross Reference to Multiple Reissue Applications is submitted without
`
`markings as no changes have been made from the previous amendment. Also, the Examiner has
`
`indicated that Claims 8, 9, 13 and 18 would be allowable if rewritten in independent form
`
`including all of the limitations of the base claim and any intervening claims. Accordingly,
`
`Claims 1-73 are currently pending in the application.
`
`I,
`
`Rejections under 35 U.S.C. §102
`
`The Examinerhas rejected Claims 1-5, 7, 10-12, 14-17, 19, 21-26, 29-48, 51-56, 58-67
`
`and 69-73 under 35 U.S.C. §102(b) as being anticipated by U.S. Patent Application Publication
`
`No. 2002/0002673 to Narin. As the Examineris no doubt aware, anticipation requires that each
`
`and every limitation of the claimed invention be disclosedin a single prior art reference. The
`
`disclosed limitations must either be disclosed expressly or inherently and must be arranged as in
`
`the rejected claims.
`
`ARAC-OIRE1
`
`Page 20 of 47
`
`

`

`For the reasons as set forth herein, the Applicants believe that Narin does not disclose a
`
`computer system, portable computer, computer program productor related methodasrecited in
`
`ones of independent Claims 1, 10, 15, 21, 32, 44 and 64 of the present application. In particular,
`
`the Applicants believe that Narin fails to disclose, among other things, a computer system,
`
`portable computer, computer program productor related method configured to execute (or open)
`
`first and second browserprocesses in accordance with at least one electronic data processor, and
`
`protect data (or a system file) residing in a first memory space(accessible by the first browser
`
`process) from corruption by a malware process executing as part of the second browser process
`
`as recited in ones of independent Claims 1, 10, 15, 21, 32, 44 and 64 of the present application.
`
`Narin provides a technique for allowing an open or untrusted application to provide
`
`untrusted or open features for a secure application that are not directly implemented within the
`
`secure application (or closed application). In accordance therewith, an open or untrusted
`
`application is run in a separate, auxiliary process from the closed or protected application. The
`
`auxiliary process is creating by running a hosting application that has minimal functionality, just
`
`enoughto be able to host an application and to communicate with the closed process. The
`
`auxiliary process is started by the closed process; the closed process controls the lifetime of the
`
`auxiliary process and terminates it when the open features that it provides are no longer
`
`necessary. (Paragraph [0006].)
`
`In the following excerpt, Narin teaches away from the closed process being a browser
`
`process. If the application is trusted, running a browser in-proc may subvert the security scheme
`
`of the trusted application. The browser code maynotbe secure to the same extentas the trusted
`
`application. Even if the browser codeitself is secure, the browser provides the capability to
`
`import executable code from other sources that may notbe trusted. If trust is to be maintained,
`
`ARAC-OIRE1
`
`Page 21 of 47
`
`

`

`executable code from unknown sources cannot be given access to the address spaceof the trusted
`
`application and therefore cannot be run in process. (Paragraph [0004].) Asit is well settled, a
`
`reference may be said to teach away when a person ofordinary skill, upon reading the reference,
`
`would be discouraged from following the path set out in the reference or would be led in a
`
`direction divergent from the path that was taken by the applicant. (See, e.g., Spectralytics v.
`
`Cordis Corp., Nos. 2009-1564, 2010-1004 (Fed. Cir. 2011) (citing In re Gurley, 27 F.3d 551,
`
`553 (Fed. Cir. 1994)).)
`
`Narin continues that in a world where computers are increasingly called upon to handle
`
`secure or sensitive information, there is a tension between trusted applications and open
`
`applications. Trusted applications typically provide a circumscribed set of functions that cannot
`
`be extended by a user, which meansthat such applications can be trusted to handle sensitive
`
`content in predictable ways. Open applications, on the other hand, provide a wide range of
`
`functionality that is, in some cases, user expandable - some open applications, such as browsers,
`
`can execute code that is user-implemented or imported from other sites on the Internet.
`
`(Paragraph [0016].)
`
`In the detailed description, Narin discusses how the secure application (the trusted
`
`application) makesuse of a non-secure software object (the open process or untrusted
`
`application), and clearly describes them as being distinct and different from each other. Narin
`
`describes a web browser as being an example of such a non-secure software object, meaning that
`
`a web browsing program cannotbe part of the secure application. Narin clearly saysin the first
`
`sentence below that the non-secure software object provides a service that is not directly
`
`implemented within the secure application. This can only mean that they are separate and
`
`distinct from each other.
`
`ARAC-OIRE1
`
`Page 22 of 47
`
`

`

`Secure application 312 uses non-secure software object 322 to perform an action or
`
`provide a service that is not directly implemented within application 312. Non-secure software
`
`object 322 is non-secure in the sense that its behavior cannotbe relied upon; for example, non-
`
`secure software object may be a program that imports and runsarbitrary code from a remote,
`
`non-authenticatable (possibly nefarious) source. A web browser is an example of such a non-
`
`secure software object 322, becauseit retrieves and executes scripts from remote locationsthat
`
`may or may not be trustworthy. As an example, application 312 may provide some type of web
`
`browsing capability to its user, but rather than performing the actual web browsing functions
`
`itself, application 312 may call upon a general-purpose browsing program to perform the web
`
`browsing. In this exemplary case, non-secure software object 322 is such a web browsing
`
`program. (Paragraph [0036].)
`
`Narin continues to draw the clear distinction between a web browser and a secure
`
`application, again, clearly teaching away from the secure application ever being a web browser.
`
`A web browseris an example of a non-secure object that should not be granted access to an
`
`address space where decrypted content or decryption keys may be stored. Although certain
`
`commercially-available browsers may be a known quantity that can be trusted not to content
`
`subversive code, one feature of a browseris that it can load and run arbitrary code from unknown
`
`sources(e.g., in the form of an ActiveX® control, a JAVAscript or applet, efc.). Thus, if the
`
`browserruns in the same process as a secure rendering application, the browser could be used to
`
`unwittingly download an ActiveX® control that would locate a buffer used by the rendering
`
`application to store decrypted content and, say, store that content to the hard disk. (Paragraph
`
`[0047].)
`
`ARAC-OIRE1
`
`Page 23 of 47
`
`

`

`Narin belabors the point by providing that the secure rendering application mayinstruct
`
`the browsing program to rendera list of links that the user may visit. If the user clicks on any of
`
`the links, the browsing program will retrieve the web page associated with that link and display it
`
`to the user. It should be observedthatit is the browsing program, and not the secure rendering
`
`application, that performsthe retrieval of web pages. It should further be observedthat the
`
`downloading of an arbitrary web page in the browserdoesnot, in and ofitself, compromise the
`
`security of the secure rendering application; since the browser executes in the secondprocess, it
`
`has no access to the address space of the secure rendering application that runsin thefirst
`
`process. (Paragraph [0049].)
`
`Narin makes the clearest distinction below between the browser and the secure
`
`application, referring to the web browsing function as being a separate program running in a
`
`separate process. Narin here is clearly teaching away from the secure application and the non-
`
`secure application both comprising browser processes. Preferably, integration between the
`
`secure rendering application and the browsing programis as transparent as possible. Thatis,
`
`when the user invokes the secure rendering application, the user should not be aware(andlikely
`
`does not care) that some of the application's function (i.e., the web browsing function,in this
`
`case) is being provided by a separate program running in a separate process. (Paragraph [0050].)
`
`Thus, it is quite clear from the excerpts of the reference reproduced abovethat Narin fails
`
`to disclose, among other things, a computer system, portable computer, computer program
`
`product or related method configured to execute (or open)first and second browserprocessesin
`
`accordancewith at least one electronic data processor, and protect data (or a system file) residing
`
`in a first memory space(accessible by the first browser process) from corruption by a malware
`
`process executing as part of the second browserprocess as recited in ones of independent Claims
`
`ARAC-OIRE1
`
`Page 24 of 47
`
`

`

`1, 10, 15, 21, 32, 44 and 64 of the present application. To reiterate, Narin distinguishes a
`
`browser program from a secure process, whereas the claimed invention can protect data (or a
`
`system file) residing in the first memory space (accessible by first browser process) from
`
`corruption by a malware process executing as part of a separate second browserprocess in
`
`accordance with at least one electronic data processor.
`
`While the Applicants believe that the distinctions above overcomethe rejection of the
`
`claimed subject matter in view of Narin, the Applicants will briefly address the limitations of
`
`Narin with respect to the first and second electronic data processors executing the first and
`
`second browserprocesses, respectively, in view of independent Claims 1, 10 and 15 of the
`
`present application. As the Examinercorrectly points out, Narin does mention that the
`
`computing environment may be embodiedin configurations including multiprocessor systems.
`
`(Paragraph [0019].) This is a simple listing of well known computing systems and does not
`
`teach executing the separate processes on separate processors. Moreover, there is no affirmative
`
`statement in Narin that the secure application and the web browser (a non-secure software
`
`object) thereof are executed (or can be executed) on separate processors and the only
`
`embodimentillustrated and described is a single processor running the two applications. In the
`
`environment of an embodimentof the present application as embodied in independent Claims1,
`
`10 and 15, there is a clear advantage to bifurcating the execution ofthe first and second browser
`
`processes on separate electronic data processors. As an example, a higher level of security may
`
`be achievedby partitioning the execution of the processes on physically separate processors.
`
`Narin is merely silent on the concept and any advantages associated with the same.
`
`Narin, therefore, fails to disclose the limitations of independent Claims 1, 10, 15, 21, 32,
`
`44 and 64, and the claims dependent thereon. Accordingly, the Applicants respectfully request
`
`ARAC-OIRE1
`
`Page 25 of 47
`
`

`

`the Examiner to withdraw the §102 rejection in view thereof with respect to Claims 1-5, 7, 10-
`
`12, 14-17, 19, 21-26, 29-48, 51-56, 58-67 and 69-73 of the present application.
`
`IL.
`
`Rejections under 35 U.S.C. §103(a)
`
`The Examinerhas rejected Claims 6, 20, 27, 28, 37, 38, 49, 50 and 68 under 35 U.S.C. §
`
`103(a) as being unpatentable over Narin in view of U.S. Patent No. 7,024,581 to Wang,efal.
`
`(“Wang”). The Examinerhasalso rejected Claim 57 under 35 U.S.C. § 103(a) as being
`
`unpatentable over Narin. For the reasons as set forth herein, Narin fails to teach or suggest a
`
`method of operating a computer system, a multi-processor computer system, a portable computer
`
`and method of operating the same, and a computer program productas recited in ones of
`
`independent Claims 1, 15, 21, 32, 44 and 64, and Wangfails to cure the deficiencies thereof.
`
`Thus, since Narin fails to teach or suggestall of the limitations of independent Claims 1, 15, 21,
`
`32, 44 and 64, and the secondaryreferencefails to cure the deficiencies thereof, the Examiner
`
`cannotestablish a prima facie case of obviousness of Claims6, 20, 27, 28, 37, 38, 49, 50, 57 and
`
`68, which depend from ones thereof. Accordingly, the Applicants respectfully request the
`
`Examinerto withdraw the §103 rejection with respect to Claims 6, 20, 27, 28, 37, 38, 49, 50, 57
`
`and 68 of the present application.
`
`Ill.
`
`Double Patenting
`
`The Examinerhas provisionally rejected Claims 21-73 on the groundsof nonstatutory
`
`double patenting over Claims 21-55 of co-pending U.S. Patent Application Serial No.
`
`12/720,207 to Rozman,et al. Although the Applicants do not necessarily agree, the Applicant
`
`has filed a Terminal Disclaimer herewith directed to U.S. Patent Application Serial No.
`
`12/720,207 in compliance with 37 CFR §1.321 to overcome the Examiner’s rejection thereto.
`
`ARAC-OIRE1
`
`Page 26 of 47
`
`

`

`IV.
`
`Conclusion
`
`In view of the foregoing amendments and remarks, the Applicants nowseeall of the
`
`claims currently pending in this application to be in condition for allowance and therefore
`
`earnestly solicit a Notice of Allowancetherefor.
`
`The Applicants request that the Examiner telephone the undersigned attorney of record at
`
`(972) 732-1001 if such would further expedite the prosecution of the present application. If the
`
`enclosed fees are insufficient, the Commissioner is hereby authorized to charge any additionalfees,
`
`or credit any overpayments, to Deposit Account No. 50-1065.
`
`Respectfully submitted,
`
`/Glenn W. Boisbrun/
`
`Glenn W. Boisbrun
`Attorney for Applicant
`Reg. No. 39,615
`
`August 29, 2011
`
`Date
`
`Slater & Matsil, L.L.P.
`17950 Preston Rd., Suite 1000
`Dallas, Texas 75252-5793
`Tel. 972-732-1001
`
`Fax: 972-732-9218
`
`ARAC-OIRE1
`
`Page 27 of 47
`
`

`

`APPENDIXI
`
`STATUS OF CLAIMS AND
`SUPPORT FOR CLAIM CHANGES
`
`1
`
`Thrice
`Amended
`
`Col 9 lines 30-37
`Fig. 1, 190, 195
`Col 18 lines 3-5
`
`Amended
`
`Col 11 lines 2-4
`Fig. 1, 120, 191,
`190, 110, 130
`Col 16 lines Ad.47
`
`Col 16 lines 24-30
`Col 6 lines 56-60
`Col 10 line 67
`Col 10 lines 34-37
`
`Fig. 1,120,191,190]|
`
`PSeee
`
`Amended
`40Original|
`SfOriginal|
`Twice
`Fig. 4, 420
`Amended
`
`Pp
`Pp
`Col 12 lines 46-58
`
`Col 18 lines 49-52 |
`8sfAmended|Col 18 lines 53-60 |
`}9[Amended|Col 18lines 61-65 |
`10
`Thrice
`Col 9 lines 30-37
`Col 11 lines 2-4
`Col 16 lines 24-30
`Amended
`Fig. 1, 190, 195
`Fig. 1, 120, 191,
`Col 6 lines 56-60
`Col 18 lines 3-5
`190, 110, 130
`Col 10 line 67
`Col 16 lines Ad.47
`Col 10 lines 34-37
`Amended
`p12Original|
`p13)[Original|
`SC
`Col 11 lines 2-4
`Col 16 lines 24-30
`Amended
`Fig. 1, 190, 195
`Fig. 1, 120, 191,
`Col 6 lines 56-60
`
`
` Solihne190, 110, 130te)10 line 67Het
`Plea(ee
`Amended
`190, 110, 130
`fsneedoor|Twice
`ame
`
`Fig. 4, 420
`
`Col 12 lines 46-58
`
`Col 9 lines 30-37 Fig. 1, 120, 150, 160|Fig. 1, 120, 140
`
`Fig. 1, 190
`Col 16 lines 24-30
`Fig. 1, 140, 170, 180
`Col 7 lines 63-67
`Col 6 lines 56-60
`Col 18 lines 23-28
`Col 9 line 53
`Col 10 line 67
`Col 18 lines 3-5
`Fig. 1, 120, 191,
`Col 11 lines 2-4
`190, 110, 130
`Col 8 lines 1-6
`
`ARAC-OIRE1
`
`Page 28 of 47
`
`

`

`Fig. 3, 320 Pp
`
`Ww
`
`e e
`
` Col 18 lines 30-33|Col 16 lines 19-21Ww i -
`
`il
`
`
`
`171, 180
`ew [Col7lines58-620||
`43
`Col 9 lines 30-37
`Col 16 lines 24-30
`Fig. 1, 120, 140
`44
`Fig. 1, 190
`Col 6 lines 56-60
`Fig. 1, 140, 170, 180
`Col 7 lines 63-67
`Col 10 line 67
`Col 18 lines 25-28
`Col 9 line 53
`Col 11 lines 2-4
`Fig. 1, 120, 191,
`Col 8 lines 1-6
`190, 110, 130
`Fig.
`1, 120, 191, 190
`Fig. 1, 120, 191,
`190, 195
`
`45
`4
`
`6
`
`ew
`New
`
`‘f
`
`Col 11 lines 38-41
`
`Fig. 1,140,190 |
`Fig. 4, 420
`Col 12 lines 46-58
`Col 12 lines 46-58|Col 7 lines 13-16
`
`51
`New
`Col 8 lines 23-26
`
`ARAC-OIRE1
`
`Page 29 of 47
`
`
` Z,o=
`Zz
` Z,o=
`
`e
`
`‘WwW
`
`N
`
`pis[SE
`
`NoGo |
`i
`
`coe[attetinesaaa|Cattotines3257
`
`190, 195
`[Fig1,140,190)||
`e€
`‘WwW
`
`|Col14lines62-67|Col9lines30-47,[|
`e€
`‘WwW
`Cw
`Col 18 lines 30-33
`Col 16 lines 19-21
`Col 9 lines 48-52
`
`NPM]NYNyPNTy\Oo|oo|~Nila]
`
`Col 11 lines 38-41
`
`e€
`
`‘WwW
`
`e e
`
`i
`
`e€
`
`Ww
`
`e€
`
`Ww
`
`‘WwW
`
`[Col8lines23-26|
`‘WwW
`e[Col19lines33-37,|
`‘WwW
`ew |Col7lines58-62|
`
`Col 9 lines 30-37
`Col 16 lines 24-30
`Fig. 1, 120, 140
`Fig. 1, 190
`Col 6 lines 56-60
`Fig. 1, 140, 170, 180
`Col 7 lines 63-67
`Col 10 line 67
`Col 18 lines 23-28
`Col 9 line 53
`Col 11 lines 2-4
`Fig. 1, 120, 191,
`Col 8 lines 1-6
`190, 110, 130
`Fig.
`1, 120, 191, 190
`Fig. 1, 120, 191,
`190, 195
`Fig. 1, 140, 190
`
`
`
`
`|
`COLTSTines30-38Col 16 lines 44-47 Col 10 lines 34-37
`
`
`ew
`Pp
`-
`ew
`Pp
`
`ew[Col8lines23-260||
`
`e|Col14lines62-67|Col9lines30-47,[|
`‘WwW
`e[Col19lines33-37,||
`‘WwW
`Cw
`42
`
`

`

`Col 19 lines 33-37
`New
`fFig2.22000|
`Ne
`‘WwW
`
`Ne |Col7lines58-62,|
`‘WwW
`
`e|Col14lines62-67|Col9lines30-47,[|
`‘WwW
`
`eee[attetnes447|Cottotines3237
`‘WwW
`e
`Col 18 lines 30-33
`Col 16 lines 19-21
`Col 9 lines 48-52
`e[Col13lines22-24|Fig2,220,|
`‘WwW
`
`e[Col1Olines19-22,|
`‘WwW
`[|Colland2[USPAT6216,112[|
`e€
`‘WwW
`
`[Col1Olines19-22,||
`e€
`‘WwW
`[|Colland2[USPAT6216,112[|
`Cw
`Pp[New|Col10lines19-22,|
`
`‘WwW
`Oe
`Col 16 lines 24-30
`Fig. 1, 120, 140
`Col 6 lines 56-60
`Fig. 1, 140, 170, 180
`Col 10 line 67
`Col 18 lines 25-28
`Col 11 lines 2-4
`Col 8 lines 1-6
`
`New
`
`Col 9 lines 30-37
`Fig. 1, 190
`Col 7 lines 63-67
`Col 9 line 53
`Fig. 1, 120, 191,
`190, 110, 130
`
` rf
`
`
`
`
`
`
`Col 13 lines 22-24
`190, 195
`[New[FigFO
`
`[New|Fig.1,120,191,190]|
`
`
`[New|Fig.4,420[Col12lines46-58|
`
`|New|Col8lines23-26[||Cd
`[New|Col19lines33-37,||
`|New|Col7lines58-62,|
`|New[Col10lines19-22,|
`73
`New
`Col | and 2
`US PAT6,216,112
`
`ARAC-OIRE1
`
`Page 30 of 47
`
`

`

`APPENDIX II
`
`SPECIFICATION AS AMENDED ACCORDING TO STANDARD AMENDMENT
`FORMAT
`
`No changes have been madeto the “Cross Reference to Multiple Reissue Applications”
`
`section and, as such, the section is set forth below without markings:
`
`Cross Reference to Multiple Reissue Applications
`
`This application is a reissue application of U.S. Patent No. 7,484,247, entitled “System
`
`and Method for Protecting a Computer System from Malicious Software,” issued on January 27,
`
`2009, and is related to another reissue application designated U.S. Patent Application Serial No.
`
`12/720,207 from U.S. Patent No. 7,484,247 filed concurrently herewith, which are incorporated
`
`herein by reference. This application is also related to another reissue application designated
`
`U.S. Patent Application Serial No. 12/854,149 from U.S. Patent No. 7,484,247 filed on August
`
`10, 2010 and a continuation application therefrom designated U.S. Patent Application Serial No.
`
`13/015,186 filed on January 27, 2011, which are incorporated herein by reference. This
`
`application is also related to another reissue application designated U.S. Patent Application
`
`Serial No. 12/941,067 from U.S. Patent No. 7,484,247 filed on November 7, 2010, which is
`
`incorporated herein by reference.
`
`ARAC-OIRE1
`
`Page 31 of 47
`
`

`

`CLAIMS AS AMENDED ACCORDING TO STANDARD AMENDMENT FORMAT
`
`1.
`
`(Currently Amended) A method of operating a computer system capable of
`
`exchanging data across a network of one or more computers and havingatleast a first and
`
`second electronic data processor capable of executing instructions using a commonoperating
`
`system, comprising:
`
`executingafirstbrowser processimstructions in a first logical process within the common
`
`operating system using the first electronic data processor, wherein the first logical process is
`
`capable of accessing data containedin a first memory space;
`
`executing a second browser processimstructions in a second logical process within the
`
`commonoperating system using the second electronic data processor, wherein the secondlogical
`
`process is capable of accessing data contained in the second memory space; and
`
`displaying data from thefirst logical process and the second logical process, wherein a
`
`video processor is adapted to combine data from the first and second logical processes and
`
`transmit the combined datato a display;
`
`wherein the computer system is configured such that the second electronic data processor
`
`is Operating in a protected mode and data residing on the first memory space is protected from
`
`corruption by a malware process downloaded from the network and executing as part of the
`
`second browserlesieat process.
`
`2.
`
`(Previously Presented) The method of claim | wherein the second memory space
`
`comprises memory selected from the group consisting of:
`
`a memory zone within a physical memory commonto the first memory space;
`
`ARAC-OIRE1
`
`Page 32 of 47
`
`

`

`a partition on a memory device;
`
`random access memory (RAM); and
`
`both volatile and nonvolatile memory.
`
`3.
`
`(Currently Amended) The method of claim | wherein the first logical process is
`
`
`
`capable of accessing data contained in the second memory spacesecondtoesicalprocess
`
`
`
`4,
`
`(Previously Presented) The method of claim | wherein the first logical process
`
`receives user interface data, and passesthe user interface data to the second logical process.
`
`5.
`
`(Previously Presented) The method of claim | wherein the first and second
`
`electronic data processors are part of a multi-core electronic data processor.
`
`6.
`
`(Previously Presented) The method of claim | and further comprising restoring at
`
`least one corrupted data file from a protected image.
`
`7.
`
`(Previously Presented) The method of claim | and further comprising
`
`automatically deleting at least one datafile residing on the second memory space when the
`
`second logical process is terminated.
`
`8.
`
`(Previously Presented) The method of claim | and further comprising:
`
`encrypting data with the first logical process;
`
`transferring the encrypted data from thefirst logical process to the second logical
`
`process; and
`
`ARAC-OIRE1
`
`Page 33 of 47
`
`

`

`transferring the encrypted data from the secondlogical process to the network interface
`
`device.
`
`9.
`
`(Previously Presented) The method of claim 8 and further comprising:
`
`decrypting the data with the network interface device; and
`
`transferring the decrypted data from the network interface device to the network.
`
`10.
`
`(Currently Amended) A multi-processor computer system using a common
`
`operating system capable of exchanging data across a network of one or more computers via a
`
`network interface device, comprising:
`
`
`a first electronic data processor capable of executing a first browser processinstructons
`
`using the commonoperating system and communicatively coupled to a first memory space;
`
`a second electronic data processor capable of executing a second browser
`
`processimstructions using the commonoperating system and communicatively coupled to a
`
`second memory space; and
`
`a video processor adapted to combine video data from thefirst and second electronic data
`
`processors and transmit the combined video data to a display;
`
`wherein the computer system is configured such that the second electronic data processor
`
`is Operating in a protected mode and data residing on the first memory space is protected from
`
`corruption by a malware process downloaded from the network and executing as part of the
`
`second browser processenthe-secondelectronic-data-processor.
`
`11.
`
`(Previously Presented) The computer system of claim 10 wherein the second
`
`memory space comprises memoryselected from the group consisting of:
`
`a memory zone within a physical memory commonto the first memory space;
`
`a partition on a memory device;
`
`ARAC-OIRE1
`
`Page 34 of 47
`
`

`

`random access memory (RAM); and
`
`both volatile and nonvolatile memory.
`
`12.
`
`(Previously Presented) The computer system of claim 10 wherein the first and
`
`second electronic data processors are part of a dual processor computer system.
`
`13.
`
`(Previously Presented) The computer system of claim 10 wherein the second
`
`electronic data processor and the video processorare co-located on a circuit card, the circuit card
`
`being communicatively coupledto the first electronic data processor.
`
`14.
`
`(Previously Presented) The computer system of claim 10 wherein the computer
`
`system is configured suchthat the first electronic data processor is protected from executing
`
`instructionsinitiated by a malware process downloaded from the network and executing on the
`
`secondelectronic data processor.
`
`15.
`
`(Currently Amended) A multi-processor computer system using a common
`
`operating system capable of exchanging data across a network of one or more computers,
`
`comprising:
`
`at least a first and second electronic data processor capable of executing instructions
`
`using the commonoperating system;
`
`at least a first and second memory space; and
`
`a video processor;
`
`wherein the first and second electronic data processors, first and second memoryspace,
`
`and video processor are configured to:
`
`execute_afirstbrowser processinstructions in a first logical process with the first
`
`electronic data processor, wherein the first logical process is executing within the common
`
`operating system and is capable of accessing data containedin the first memory space;
`
`ARAC-OIRE1
`
`Page 35 of 47
`
`

`

`execute a second browserprocess#structiens in a secondlogical process with the
`
`second electronic data processor, wherein the second logical process is executing within the
`
`commonoperating system and is capable of accessing data contained in the second memory
`
`space; and
`
`display data from the first logical process and the secondlogical process, wherein
`
`the video processor is adapted to combine data from the first and second logical processes and
`
`transmit the combined datato a display;
`
`wherein the computer system is configured such that the second electronic data processor
`
`is Operating in a protected mode and data residing on the first memory space is protected from
`
`corruption by a malware process downloaded from the network and executing as part of the
`
`second browerlesieal process.
`
`16.
`
`(Previously Presented) The computer system of claim 15 wherein the computer
`
`system is further configured such that the first logical process is protected from executing
`
`instructionsinitiated by a malware process downloaded from the network and executing as part
`
`of the second logical process.
`
`17.
`
`(Previously Presented) The computer system of claim 15 and further comprising
`
`at least one network interface device capable of exchanging data with the network and with a
`
`logical process that comprises a process selected from the group consisting of:
`
`the first logical process; and
`
`the second logical process.
`
`18.
`
`(Previously Presented) The computer system of claim 17 wherein the network
`
`interface device is capable of decrypting data received from the second logical process and
`
`ARAC-OIRE1
`
`Page 36 of 47
`
`

`

`transmitting the decrypted data to the network while preventing the second logical process from
`
`accessing the decrypted data.
`
`19.
`
`(Previously Presented) The computer system of claim 15 wherein the at least one
`
`electronic data processor comprises a processor selected from the group consisting of a multi-
`
`core electronic data processor; dual electronic data processors; and multiple electronic data
`
`processors.
`
`20.
`
`(Previously Presented) The computer system of claim 15 and further configured
`
`to restore-at least one corrupted data file from a protected image.
`
`21.
`
`(Previously Presented) A portable computer capable of executing instructions
`
`using a common operating system, comprising:
`
`a networkinterface device configured to exchange data across a network of one or more
`
`computers and access at least one website;
`
`at least a first memory space and a second memoryspace,the first memory space
`
`containing at least one system file;
`
`at least one electronic data processor communicatively coupled to the network interface
`
`device, the first and second memoryspace, and to a user interface, wherein the user interface is
`
`configured to receive input from a computer user;
`
`the at least one electronic data processor configured to execute a first browser process in
`
`a first logical process within the common operating system, wherein the first logical process is
`
`capable of accessing data containedin the first memory space;
`
`the at least one electronic data processor further configured to execute a second browser
`
`process in a second logical process within the commonoperating system, wherein the second
`
`logical process is capable of accessing data contained in the second memoryspace andis further
`
`ARAC-OIRE1
`
`Page 37 of 47
`
`

`

`capable of generating video data from a website accessed via the network; and
`
`a video processor configured to process video data from the second browser process for
`
`display;
`
`wherein the first browser process is capable of opening the second browser process andis
`
`further capable of passing data to the second browserprocess;
`
`wherein further the portable computer is configured such that the at least one system file
`
`residing on the first memory space is protected from corruption by a malware process
`
`downloaded from the network and executing within the second browser process.
`
`22.
`
`(Previously Presented) The portable computer of Claim 21 wherein thefirst
`
`browserprocess is capable of directly exchanging data with the network interface device and
`
`with the second browserprocess.
`
`23.
`
`(Previously Presented) The portable computer of Claim 22 wherein thefirst
`
`browserprocess is capable of passing data downloaded from the network to the second browser
`
`process.
`
`24.
`
`(Previously Presented) The portable computer of Claim 21 wherein the second
`
`browserprocess is capable of directly exchanging data with the network interface device and
`
`with the first browser process.
`
`25.
`
`(Previously Presented) The portable computer of Claim 21 wherein theat least
`
`one electronic data processor comprises a processor selected from the group consisting of:
`
`an Application Specific Integrated Circuit;
`
`a Field Programmable Gate Array;
`
`a plurality of electronic data processors; and
`
`a multi-core electronic data processor.
`
`ARAC-OIRE1
`
`Page 38 of 47
`
`

`

`26.
`
`(Previously Presented) The portable computer of Claim 21 wherein the second
`
`memory space comprises memoryselected from the group consisting of:
`
`a memory zone within a physical memory commonto the first memory space;
`
`a partition on a memory device;
`
`random access memory (RAM); and
`
`both volatile and nonvolatile memory.
`
`27.
`
`(Previously Presented) The portable computer of Claim 21 configured such that
`
`at least one corrupted file required for a browser process is capable of being restored from a
`
`protected image.
`
`28.
`
`(Previously Presented) The portable computer of Claim 27 wherein the protected
`
`imageis stored at a location selected from the group consistingof:
`
`a removabledrive;
`
`the first memoryspace;
`
`a partition on a memory device; and
`
`a nonvolatile memory disk.
`
`29.
`
`(Previously Presented) The portable computer of Claim 21 configured such that
`
`at least one corrupted file residing on the second memoryspaceis capable of being automatically
`
`deleted when the second browserprocess is terminated.
`
`30.
`
`(Previously Presented) The portable computer of Claim 21 configured such that
`
`the first browser process is protected from executing instructions initiated by a malware process
`
`downloaded from the network and executing as part of the second browser process.
`
`31.
`
`(Previously Presented) The portable computer of Claim 21 wherein attempts by
`
`malware to record data entry by the computer user are effectively blocked.
`
`ARAC-OIRE1
`
`Page 39 of 47
`
`

`

`32.
`
`(Previously Presented) A methodof operating a portable computer capable of
`
`executing instructions using a common operating system and havingat least one electronic data
`
`processor communicatively coupledto a first and second memory space and to a network
`
`interface device, comprising:
`
`exchanging data across a network of one or more computers with the network interface
`
`device and accessing at least one website;
`
`storing at least one system file within the first