Prosecution Insights
Last updated: July 17, 2026
Application No. 17/948,400

AUDITING AND SECURING PROGRAM CALLS

Non-Final OA §102
Filed
Sep 20, 2022
Examiner
KANAAN, SIMON P
Art Unit
2407
Tech Center
2400 — Computer Networks
Assignee
International Business Machines Corporation
OA Round
1 (Non-Final)
83%
Grant Probability
Favorable
1-2
OA Rounds
0m
Est. Remaining
99%
With Interview

Examiner Intelligence

Grants 83% — above average
83%
Career Allowance Rate
545 granted / 659 resolved
+24.7% vs TC avg
Strong +16% interview lift
Without
With
+16.0%
Interview Lift
resolved cases with interview
Typical timeline
3y 0m
Avg Prosecution
11 currently pending
Career history
673
Total Applications
across all art units

Statute-Specific Performance

§101
2.7%
-37.3% vs TC avg
§103
64.4%
+24.4% vs TC avg
§102
25.5%
-14.5% vs TC avg
§112
2.0%
-38.0% vs TC avg
Black line = Tech Center average estimate • Based on career data from 659 resolved cases

Office Action

§102
DETAILED ACTION Office Action Summary Claims 1-20 are pending in the instant application. Claims 1-20 are rejected under 35 USC § 102. Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. Claim Rejections - 35 USC § 102 The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action: A person shall be entitled to a patent unless – (a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention. Claims 1-20 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by McGee et al. (US Patent No: 6,694,434) hereinafter referred to as McGee. As per claim 1, McGee teaches … generating a caller list of callers that issue requests for calling a designated program at runtime; (McGee, figure 3A, item 52, and associated text, each application is checked to see if call permitted each application is a list of at least one item) generating an authorized caller list of authorized callers allowed to call the designated program, wherein the authorized callers are selected from among callers on the caller list; and (McGee, figure 3A, item 62 and 88, and associated text teaches checking to see if application is on the list of authorized application or whether it needs to be added to the list, this authorized list is created from the lists of callers who should be authorized) generating an authorization key for each of the authorized callers that the designated program will require as a condition for completing call requests. (McGee, figure 3B, item 68 and 70, and associated text, teaches generating application data compares the data, this data is the authorization key, since the claimed key is a key generated but not used as a key for decryption any identifier is a key) As per claim 2, McGee teaches … wherein the designated program is an executable application. (McGee, column 5, lines 49-51, teaches multiple executable files) As per claim 3, McGee teaches … wherein the designated program is a shared library file. (McGee, column 13 lines 54 through 57) As per claim 4, McGee teaches … wherein the generating of the caller list comprises analyzing the designated program with dynamic analysis resulting in a preliminary caller list of detected callers that issue requests for calling the designated program during the dynamic analysis. (McGee, figure 3A, item 52, and associated text, each application is checked to see if call permitted each application is a list of at least one item and it is being done dynamically) As per claim 5, McGee teaches … wherein the generating of the caller list further comprises generating a candidate caller list by comparing available programs to detected callers on the caller list and identifying, as candidate callers, available programs that have a preselected characteristic in common with at least one detected caller on the preliminary caller list. (McGee, figure 3A, item 62 and 88, and associated text teaches checking to see if application is on the list of authorized application or whether it needs to be added to the list, this authorized list is created from the lists of callers who should be authorized, the caller application is compared to existing list of authorized callers and if not on list determined if it should be added) As per claim 6, McGee teaches … wherein the preselected characteristic is selected from the group consisting of a security policy, a business relevance, a same path, a same library, and a same dataset. (McGee, column 4, lines 1-18, teaches authorization could be per account so programs from same account would have that similarity) As per claim 7, McGee teaches … wherein the generating of the caller list further comprises analyzing the candidate callers on the candidate caller list with static analysis resulting in a supplemental caller list of candidate callers that are configured to call the designated program. McGee, figure 3A, item 62 and 88, and associated text teaches checking to see if application is on the list of authorized application or whether it needs to be added to the list, final list is a static list if programs are all analyzed) As per claim 8, McGee teaches … wherein the caller list comprises the preliminary caller list combined with the supplemental caller list. McGee, figure 3A, item 62 and 88, and associated text teaches checking to see if application is on the list of authorized application or whether it needs to be added to the list, the lists keeps mutating therefor the lists till the final list are the supplemental lists.) As per claim 9, McGee teaches … blocking call requests to the designated program from callers that lack the authorization key. (McGee, column 4, line 56) As per claim 10, McGee teaches … further comprising: requiring, by the designated program, a memory address of a save location of a caller as a condition for completing call requests. (McGee, column 5, lines 49-51, teaches location of executable file) Claims 11-16 teach a computer readable storage medium that correspond to the method claims 1-10 and are rejected using the same rational. (Also [0112] of instant application, teaches that the medium is non-transitory) Claims 11-16 teach a computer system that correspond to the method claims 1-10 and are rejected using the same rational. Other Art of Record Bello et al. (US 20170169212 A1) teaches “Abstract: A method (and structure) for enforcing a security policy includes retrieving from a memory a program to be verified against a security policy and a security specification defining the security policy. A static program analysis is performed on the program, using a processor on a computer, to determine whether the program is compatible with the security specification. The program is rejected if the program is determined by the static program analysis as being incompatible with the security specification. If the program is determined during the static program analysis as compatible with the security specification under static analysis criteria, then building a call-graph representation of the program for use to evaluate any dynamically-loaded code during an execution of the program. Any paths, if any, of the call-graph representation that reach at least one policy-relevant operation is marked.” Lawson (US 9720925 B1) teaches “Abstract: Similarity analysis of software is disclosed. An input file is received. Pairs of files that consist of the input file and files included in a corpus are categorized into one of a possible match and a mismatch. Those pairs classified as possible matches are analyzed using a pairwise component analysis.” Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to SIMON P KANAAN whose telephone number is (571)270-3906. The examiner can normally be reached on M-F (7AM-4PM). Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Catherine Thiaw can be reached on (571) 272-1183. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /SIMON P KANAAN/Primary Examiner, Art Unit 2407
Read full office action

Prosecution Timeline

Sep 20, 2022
Application Filed
Oct 20, 2023
Response after Non-Final Action
Apr 29, 2026
Non-Final Rejection mailed — §102
Jul 14, 2026
Interview Requested

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12676759
Method and Apparatus for Managing Digital Certificate
2y 8m to grant Granted Jul 07, 2026
Patent 12675283
FIRMWARE VALIDATION FOR FIRMWARE UPDATES
1y 11m to grant Granted Jul 07, 2026
Patent 12673160
SECURE WIRELESS COMMUNICATIONS BETWEEN A GLUCOSE MONITOR AND OTHER DEVICES
1y 9m to grant Granted Jul 07, 2026
Patent 12665913
ANOMALY DETECTION METHOD, ANOMALY DETECTION DEVICE, AND RECORDING MEDIUM
3y 1m to grant Granted Jun 23, 2026
Patent 12665903
FRICTIONLESS MULTI-FACTOR AUTHENTICATION
1y 11m to grant Granted Jun 23, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

1-2
Expected OA Rounds
83%
Grant Probability
99%
With Interview (+16.0%)
3y 0m (~0m remaining)
Median Time to Grant
Low
PTA Risk
Based on 659 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month