SYSTEM AND METHOD FOR PROVIDING EXCLUSIVE ACCESS TO SECONDARY STORAGE TO APPLICATION ON ANDROID DEVICE

DETAILED ACTION Notice of AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . The present office action is responsive to communications received on 6/12/2023. Claims 1-18 are pending. Information Disclosure Statement The information disclosure statement (IDS) submitted on 6/12/2023 is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner. Claim Objections Claims 7-8 are objected to because of the following informalities: Claim 7 recites “give permission only to the desired application to access secondary storage with the SELinux label” (last limitation). There is no primary storage in the claim. Should this be “external storage” instead? (See claim 1) In addition, claim 8 “wherein the external storage on the Android device” may have insufficient antecedent basis for this limitation in the claim. Claim 8 recites the limitation “the application” in “give the application permission to access the secondary external storage”. There is insufficient antecedent basis for this limitation in the claim. Should this be “the desired application” instead? (See claim 2) Appropriate correction is required. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claim 1-18 are rejected under 35 U.S.C. 103 as being unpatentable over Main (US 20200244637 A1) in view of Yuan (NPL “How to Block the Malicious Access to Android External Storage”, 2018, listed in IDS). Regarding claim 1, Main teaches a method for providing exclusive access to Android storage, the method comprising: creating, on an Android device, an application domain for a desired application; ([0045, 0051, 0053] a method comprising providing isolated domains, wherein a system 100 includes an applications space 140 for implementing one or more domains, and wherein the domains may be controlled remotely or locally to specify apps, data, configuration, connectivity and security policy for the particular domain.) creating, on the Android device, a Security-Enhanced Linux (SELinux) label for Media Storage on the Android device; ([0090] SELinux may be modified also to become domain aware. In one embodiment, this is done via the role-based access control fields in the policy, or by creating different policies for different domains and using the Domain Manager 124 dynamically to adjust policy during run-time, or in the case of Android™ by assigning domain specific SELinux™ security labels to processes when they are created by modifying Zygote and/or the Middleware Mandatory Access Control features of SEAndroid™ to become domain aware.) Main teaches secure domain management for mobile devices, but does not explicitly teach giving, on the Android device, permission only to the desired application to access external storage on the Android device with the SELinux label. This aspect of the claim is identified as a difference. However, Yuan in an analogous art explicitly teaches giving, on the Android device, permission only to the desired application to access external storage on the Android device with the SELinux label. ([p. 291, p. 293] Our work is designed to provide ACL access control at the file-level for external storage of Android. Only when the certain permissions are granted to the UID attached to an APP, the APP is able to access the file on external storage in a way specified by the permissions. Enrich SEAndroid policies. Android has introduced a security mechanism based on SELinux [30], called SEAndroid [32], to enhance system security. Any additional function to Android system must be declared in the SEAndroid policies before being enabled.) It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the “mobile device security” concept of Main, and the “access to Android external storage” approach of Yuan. One of ordinary skill in the art would have been motivated to perform such a modification to effectively prevent illegal access to the files on the external storage with negligible performance overhead by enforcing ACL access control on the external storage of Android (Yuan [Abstract]). Regarding claim 2, Main in view of Yuan teaches all the features with respect to claim 1, as outlined above. The combination further teaches wherein the external storage on the Android device includes a primary external storage and a secondary external storage, the method comprising: giving the desired application permission to access the secondary external storage on the Android device. ([Yuan p. 290] Figure 1 shows how Android works with FUSE filesystem. As shown in Fig. 1, raw external storage devices are mounted as EXT4 filesystem (built-in SD card) or VFAT filesystem (removable SD card). Android uses FUSE to wrap the raw external storage devices. Thus, any access to external storage has to go through FUSE first, and then uses userspace filesystem called sdcard daemon to access real filesystems.) Regarding claim 3, Main in view of Yuan teaches all the features with respect to claim 2, as outlined above. The combination further teaches wherein the secondary external storage is a secure digital (SD) card. ([Yuan p. 287] External storage (e.g., SD card)) Regarding claim 4, Main in view of Yuan teaches all the features with respect to claim 1, as outlined above. The combination further teaches wherein the desired application is an internal television application on the Android device. ([Main 0003] a device owner may have different ease of access, privacy and security requirements for mobile banking applications and data than they have for games applications) Regarding claim 5, Main in view of Yuan teaches all the features with respect to claim 1, as outlined above. The combination further teaches wherein the Android device is a customer-premise equipment (CPE). ([Main 0046] a mobile device such as a smartphone, tablet, laptop, or a desktop [0049] a mobile device running an Android™ operating system.) Regarding claim 6, Main in view of Yuan teaches all the features with respect to claim 1, as outlined above. The combination further teaches wherein the Android device is a smart phone or tablet. ([Main 0046] a mobile device such as a smartphone, tablet, laptop, or a desktop [0049] a mobile device running an Android™ operating system.) Regarding claims 7-18, the scope of the claims is similar to that of claim 1-6, respectively. Accordingly, the claims are rejected using a similar rationale. Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. US 9641552 B2, "Extending SELinux policy with enforcement of file name translations" by Paris. US 20180075259 A1, "Systems and methods for secure machine for hardware security module (hsm) adapter" by Manapragada. US 20150150119 A1, "Framework for fine-grain access control from high-level application permissions" by Holland. Any inquiry concerning this communication or earlier communications from the examiner should be directed to HAN YANG whose telephone number is (408)918-7638. The examiner can normally be reached on Monday to Friday, 9:00-5:00. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Carl Colin can be reached on (571)272-3862. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /HAN YANG/Primary Examiner, Art Unit 2493