DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This is in reply to papers filed on 2024-07-26. Claims 1-15 are pending. Claims 1, 8, 14 is/are independent.
Priority papers submitted under 35 U.S.C. § 119(a)-(d) and 35 U.S.C. § 365(a)-(c) are acknowledged.
Allowable Subject Matter
Claim 4 is objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims. Per claim 4, the prior art of record fails to disclose at least the required partial delegation mode in which both the app store and a separate cryptographic provider participate in providing cryptographic material for diversifying the app binary.
Claim(s) 6-7 would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims and rewritten to overcome the rejection(s) under 35 U.S.C. § 112 set forth in this Office action. Per claims 6-7, these claims depend from claim 4 above.
Claim 10 is objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims and rewritten to overcome the rejection(s) under 35 U.S.C. § 112 set forth in this Office action. Claim 10 contains subject matter similar to claim 4 above mutadis mutandis.
Claim 11 is objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims and rewritten to overcome the objections to informalities set forth in this Office action. Per claim 11, the prior art of record fails to disclose at least providing a master secret in a provisioning profile as part of a full delegation mode.
Claim(s) 12 would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims and rewritten to overcome the objections to informalities set forth in this Office action. Per claims 12, these claims depend from claim 11 above.
Claim(s) 13 would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims and rewritten to overcome the objections to informalities set forth in this Office action. Per claims 13, these claims depend from claim 12 above.
Information Disclosure Statement PTO-1449
The Information Disclosure Statement(s) submitted by applicant on 2024-07-26 has/have been considered. The submission is in compliance with the provisions of 37 CFR § 1.97. Form PTO-1449 signed and attached hereto.
Claim Objections
Claim(s) 5, 11-13 is/are objected to because of the following informalities: The examiner suggests the following corrections:
Claim 5:
Amend the claim to read, in part, as follows "whereby said cryptographic material is derived "
Claim 11:
Amend the claim to read, in part, as follows "delegation mode, if a master secret "
Amend the claim to read, in part, as follows "if said master secret in provisioning profile is not "
Claim 12:
Amend the claim to read, in part, as follows "if said master secret" (twice)
Claim 13:
Amend the claim to read, in part, as follows "binary hosted on said AppStore"
Dependent claims 12-13 are objected to for the reasons presented above with respect to objected claims 5 and in view of their dependence thereon.
Claim Rejections - 35 U.S.C. § 112
The following is a quotation of 35 U.S.C. § 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
Claim(s) 6-7 is/are rejected under 35 U.S.C. § 112(b) or 35 U.S.C. § 112 ¶ 2 (pre-AIA ) as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA the applicant regards as the invention.
In claim 6 , the phrase "said AppStore" makes the claims indefinite and unclear in that it lacks antecedent basis.
In claim 7 , the phrase "on AppStore" makes the claims indefinite and unclear in that it lacks antecedent basis.
The following is a quotation of 35 U.S.C. § 112(d):
(d) REFERENCE IN DEPENDENT FORMS.—Subject to subsection (e), a claim in dependent form shall contain a reference to a claim previously set forth and then specify a further limitation of the subject matter claimed. A claim in dependent form shall be construed to incorporate by reference all the limitations of the claim to which it refers.
Claim(s) 9-10 is/are rejected under 35 U.S.C. § 112(d) / 35 U.S.C. § 112 ¶ 4 (pre-AIA ) as being of improper dependent form for failing to include a reference to a claim previously set forth, upon which it depends. See MPEP § 608.01(n)(III).
In particular, claim 9 states "The method of claim 9". In the interest of compact prosecution and for purposes of applying the art to the claims only, Examiner interprets claim 9 as if it depended from claim 8. To continue with this interpretation, Applicant must confirm it by a suitable amendment.
Dependent claims 10 are rejected for the reasons presented above with respect to rejected claims 9 and in view of their dependence thereon.
Applicant may cancel the claim(s), amend the claim(s) to place the claim(s) in proper dependent form, rewrite the claim(s) in independent form, or present a sufficient showing that the dependent claim(s) complies with the statutory requirements.
Summary of Claim Rejections under 35 U.S.C. § 102 and § 103
The following table summarizes the rejections set forth in detail below of the claims over the prior art.
Claim No.
Mitchell '317
Mitchell '317 in view of Mikhailov '016
1
[Wingdings font/0xFC]
2
[Wingdings font/0xFC]
3
[Wingdings font/0xFC]
4
5
[Wingdings font/0xFC]
6
7
8
[Wingdings font/0xFC]
9
[Wingdings font/0xFC]
10
11
12
13
14
[Wingdings font/0xFC]
15
[Wingdings font/0xFC]
Claim Rejections - 35 U.S.C. § 102
The following is a quotation of the appropriate paragraphs of AIA 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention.
(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
Claim(s) 1, 3, 5, 8 is/are rejected under 35 U.S.C. § 102 as being anticipated by U.S. Publication 20160132317 to Mitchell et al. (hereinafter "Mitchell '317"). Mitchell '317 is prior art to the claims under 35 U.S.C. § 102(a)(1) and 35 U.S.C. § 102(a)(2).
Per claim 1 (independent):
Mitchell '317 discloses a method for mobile application instantaneous secure communication (distributes diversified apps with injected keys [Mitchell '317 ¶ 0025-0026, 0059-0060]; app communicates with developer's app management system [Mitchell '317 ¶ 0031, 0021-0022] securely using diversified credentials [Mitchell '317 ¶ 0005, 0031, 0042, 0052])
Mitchell '317 discloses receiving a request to host a mobile app binary (app developer submits app to app store for purchase/download by user devices [Mitchell '317 ¶ 0032, 0019, 0017])
Mitchell '317 discloses receiving a provisioning profile indicating a delegation mode for diversification of said mobile app binary (app developer specifies "application diversification schedule and/or policy" [Mitchell '317 ¶ 0033-0034, 0039-0041]; in some policies, app store introduces diversity [Mitchell '317 ¶ 0036, 0048-0049]; in some policies, developer system generates diverse versions of app [Mitchell '317 ¶ 0039]; diversification policies include fixed time, random pattern, geographic, and/or by device parameters [Mitchell '317 ¶ 0034])
Mitchell '317 discloses responsive to a downloading of the mobile app binary, injecting cryptographic material during an application diversification process of said mobile app binary according to the delegation mode whereby a diversified mobile app is produced (mobile device requests app from app store [Mitchell '317 ¶ 0032]; app developer specifies "application diversification schedule and/or policy" [Mitchell '317 ¶ 0033-0034, 0039-0041]; in some policies, app store introduces diversity [Mitchell '317 ¶ 0036, 0048-0049]; in some policies, developer system generates diverse versions of app [Mitchell '317 ¶ 0039]; diversification policies include fixed time, random pattern, geographic, and/or by device parameters [Mitchell '317 ¶ 0034]; injects cryptographic material into app [Mitchell '317 ¶ 0032, 0025])
Mitchell '317 discloses upon completion of said application diversification process, said diversified mobile app uses said cryptographic material to differentiate an instance of said mobile app binary to a backend server, or accessed service, after said downloading (distributes diversified apps with injected keys [Mitchell '317 ¶ 0025-0026, 0059-0060]; app communicates with developer's app management system [Mitchell '317 ¶ 0031, 0021-0022] securely using diversified credentials [Mitchell '317 ¶ 0005, 0031, 0042, 0052]; app uses diversified cryptographic material to communicate with developer [Mitchell '317 ¶ 0052, 0025]; diversified cryptographic material used to differentiate app instances [Mitchell '317 ¶ 0052, 0031])
Mitchell '317 discloses instantaneously establish a secure communication channel to said backend server or accessed service (distributes diversified apps with injected keys [Mitchell '317 ¶ 0025-0026, 0059-0060]; app communicates with developer's app management system [Mitchell '317 ¶ 0031, 0021-0022] securely using diversified credentials [Mitchell '317 ¶ 0005, 0031, 0042, 0052])
Per claim 3 (dependent on claim 1):
Mitchell '317 discloses the elements detailed in the rejection of claim 1 above, incorporated herein by reference
Mitchell '317 discloses the delegation mode is selected from the group comprising: i) a no delegation mode, ii) a partial delegation mode, and iii) a full delegation mode (app developer specifies "application diversification schedule and/or policy" [Mitchell '317 ¶ 0033-0034, 0039-0041]; in some policies, app store introduces diversity [Mitchell '317 ¶ 0036, 0048-0049]; in some policies, developer system generates diverse versions of app [Mitchell '317 ¶ 0039]; diversification policies include fixed time, random pattern, geographic, and/or by device parameters [Mitchell '317 ¶ 0034]; injects cryptographic material into app [Mitchell '317 ¶ 0032, 0025])
Per claim 5 (dependent on claim 1):
Mitchell '317 discloses the elements detailed in the rejection of claim 1 above, incorporated herein by reference
Mitchell '317 discloses said injecting is performed responsive to a deriving step, whereby cryptographic material is derived according to said delegation mode comprises one of i) a secret for no delegation mode; ii) a derived symmetric key for full delegation mode; iii) a keypair with accompanying certificate for either partial delegation mode or full delegation mode (app developer specifies "application diversification schedule and/or policy" [Mitchell '317 ¶ 0033-0034, 0039-0041]; in some policies, developer system generates diverse versions of app [Mitchell '317 ¶ 0039]; diversification policies include fixed time, random pattern, geographic, and/or by device parameters [Mitchell '317 ¶ 0034]; injects cryptographic material into app [Mitchell '317 ¶ 0032, 0025]).
Per claim 8 (independent):
Mitchell '317 discloses notifying an AppStore of a mobile app binary hosted thereon (app developer submits app to app store for purchase/download by user devices [Mitchell '317 ¶ 0032, 0019, 0017])
The remaining limitations of the claim(s) correspond(s) to features of claim(s) 14 and the claim(s) is/are rejected for the reasons detailed with respect to those claims.
Mitchell '317 discloses the delegation mode is one of i) a no delegation mode, ii) a partial delegation mode, and iii) a full delegation mode (app developer specifies "application diversification schedule and/or policy" [Mitchell '317 ¶ 0033-0034, 0039-0041]; in some policies, app store introduces diversity [Mitchell '317 ¶ 0036, 0048-0049]; in some policies, developer system generates diverse versions of app [Mitchell '317 ¶ 0039]; diversification policies include fixed time, random pattern, geographic, and/or by device parameters [Mitchell '317 ¶ 0034]; injects cryptographic material into app [Mitchell '317 ¶ 0032, 0025])
Claim Rejections - 35 U.S.C. § 103
The following is a quotation of AIA 35 U.S.C. 103 that forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. § 103(a) are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary. Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
Claim(s) 2, 9, 14-15 is/are rejected under 35 U.S.C. § 103 as being unpatentable over Mitchell '317 in view of U.S. Publication 20180211016 to Mikhailov et al. (hereinafter "Mikhailov '016"). Mikhailov '016 is prior art to the claims under 35 U.S.C. § 102(a)(1) and 35 U.S.C. § 102(a)(2).
Per claim 2 (dependent on claim 1):
Mitchell '317 discloses the elements detailed in the rejection of claim 1 above, incorporated herein by reference
Mitchell '317 does not disclose upon establishing said secure communication channel said diversified mobile app provides for either of i) out-of-the-box provisioning and secure onboarding with an AppVendor, and ii) licensing to consume said service from another platform other than said AppVendor
However, Mitchell '317 discloses upon establishing said secure communication channel said diversified mobile app provides for communication with an AppVendor (app communicates with developer's app management system [Mitchell '317 ¶ 0031, 0021-0022] securely using diversified credentials [Mitchell '317 ¶ 0005, 0031, 0042, 0052])
Further:
Mikhailov '016 discloses upon establishing said secure communication channel said diversified mobile app provides for ii) licensing to consume said service from another platform other than said AppVendor (app uses cryptographic credentials to access back end multimedia delivery service [Mikhailov '016 ¶ 0015-0016]; app acquires media license key [Mikhailov '016 ¶ 0064] via cryptographic authentication [Mikhailov '016 ¶ 0111-0130])
It would have been obvious to a person having ordinary skill in the art (1) before the effective filing date of the claimed invention and (2) before the invention was made to have modified Mitchell '317 with the back end services and licenses of Mikhailov '016 to arrive at an apparatus, method, and product including:
upon establishing said secure communication channel said diversified mobile app provides for either of i) out-of-the-box provisioning and secure onboarding with an AppVendor, and ii) licensing to consume said service from another platform other than said AppVendor
A person having ordinary skill in the art would have been motivated to combine them at least because accessing back end services and licenses would increase the range of capabilities of the app of Mitchell '317 and take advantage of Mitchell '317's secure communications to grant access to network resources. A person having ordinary skill in the art would have been further motivated to combine them at least because Mikhailov '016 teaches [Mikhailov '016 ¶ 0015-0016, 0064, 0111-0130] modifying a scheme for secure communications with apps [Mitchell '317 ¶ 0025-0026, 0059-0060, 0031, 0021-0022, 0005, 0031, 0042, 0052] such as that of Mitchell '317 to arrive at the claimed invention; because Mikhailov '016 and Mitchell '317 are in the same field of endeavor; because doing so constitutes use of a known technique (back end services and licenses [Mikhailov '016 ¶ 0015-0016, 0064, 0111-0130]) to improve similar devices and/or methods (scheme for secure communications with apps [Mitchell '317 ¶ 0025-0026, 0059-0060, 0031, 0021-0022, 0005, 0031, 0042, 0052]) in the same way; because doing so constitutes applying a known technique (back end services and licenses [Mikhailov '016 ¶ 0015-0016, 0064, 0111-0130]) to known devices and/or methods (scheme for secure communications with apps [Mitchell '317 ¶ 0025-0026, 0059-0060, 0031, 0021-0022, 0005, 0031, 0042, 0052]) ready for improvement to yield predictable results; and because the modification amounts to combining prior art elements according to known methods to yield predictable results. Here, (1) the prior art included each element (as detailed above); (2) one of ordinary skill in the art could have combined the elements as claimed by known methods, and in this combination, each element merely performs the same function as it does separately (scheme for secure communications with apps [Mitchell '317 ¶ 0025-0026, 0059-0060, 0031, 0021-0022, 0005, 0031, 0042, 0052] ensures secure access to back end services and licenses [Mikhailov '016 ¶ 0015-0016, 0064, 0111-0130]); (3) one of ordinary skill in the art would have recognized that the results of the combination were predictable; and (4) other considerations do not overcome this conclusion.
Per claim 9 (dependent on claim 8):
Mitchell '317 discloses the elements detailed in the rejection of claim 8 above, incorporated herein by reference
The remaining limitations of the claim(s) correspond(s) to features of claim(s) 2 and the claim(s) is/are rejected for the reasons detailed with respect to those claims.
Per claim 14 (independent):
Mitchell '317 discloses a method for mobile application instantaneous secure communication (distributes diversified apps with injected keys [Mitchell '317 ¶ 0025-0026, 0059-0060]; app communicates with developer's app management system [Mitchell '317 ¶ 0031, 0021-0022] securely using diversified credentials [Mitchell '317 ¶ 0005, 0031, 0042, 0052])
Mitchell '317 discloses responsive to a request for downloading a mobile app binary, receiving a diversified mobile app injected with cryptographic material (mobile device requests app from app store [Mitchell '317 ¶ 0032]; app developer specifies "application diversification schedule and/or policy" [Mitchell '317 ¶ 0033-0034, 0039-0041])
Mitchell '317 discloses by way of an application diversification process according to one of: i) a no delegation mode, ii) a partial delegation mode, and iii) a full delegation mode (in some policies, app store introduces diversity [Mitchell '317 ¶ 0036, 0048-0049]; in some policies, developer system generates diverse versions of app [Mitchell '317 ¶ 0039]; diversification policies include fixed time, random pattern, geographic, and/or by device parameters [Mitchell '317 ¶ 0034]; injects cryptographic material into app [Mitchell '317 ¶ 0032, 0025])
Mitchell '317 does not disclose upon completion of said application diversification process, said diversified mobile app uses said cryptographic material to instantaneously establish a secure communication channel for i) out-of-the-box provisioning and secure onboarding with an AppVendor associated with said mobile app binary or ii) licensing to consume said service from another platform other than that of said AppVendor hosting said mobile app binary
However, Mitchell '317 discloses upon completion of said application diversification process, said diversified mobile app uses said cryptographic material to instantaneously establish a secure communication channel for communication with an AppVendor associated with said mobile app binary (app communicates with developer's app management system [Mitchell '317 ¶ 0031, 0021-0022] securely using diversified credentials [Mitchell '317 ¶ 0005, 0031, 0042, 0052])
Further:
Mikhailov '016 discloses upon completion of said application diversification process, said diversified mobile app uses said cryptographic material to instantaneously establish a secure communication channel for ii) licensing to consume said service from another platform other than that of said AppVendor hosting said mobile app binary (app uses cryptographic credentials to access back end multimedia delivery service [Mikhailov '016 ¶ 0015-0016]; app acquires media license key [Mikhailov '016 ¶ 0064] via cryptographic authentication [Mikhailov '016 ¶ 0111-0130])
For the reasons detailed above with respect to claim 2, it would have been obvious to a person having ordinary skill in the art (1) before the effective filing date of the claimed invention and (2) before the invention was made to have modified Mitchell '317 with the back end services and licenses of Mikhailov '016 to arrive at an apparatus, method, and product including:
upon completion of said application diversification process, said diversified mobile app uses said cryptographic material to instantaneously establish a secure communication channel for i) out-of-the-box provisioning and secure onboarding with an AppVendor associated with said mobile app binary or ii) licensing to consume said service from another platform other than that of said AppVendor hosting said mobile app binary
Per claim 15 (dependent on claim 14):
Mitchell '317 discloses a mobile device for mobile application instantaneous secure communication; a power supply to provide power; a memory to store instructions and data; a communication module to transmit and receive data; a display to present information and receive user input; a processor to run a computer program; said computer program comprising a non-transitory computer readable medium storing program code to be executed by at least one computer processing unit (CPU) in a computational environment, whereby execution of the program code causes the at least one CPU to perform operations (processor(s), memory, computer readable media, storage, executable instructions [Mitchell '317 ¶ 0019-0022, 0068-0072])
The remaining limitations of the claim(s) correspond(s) to features of claim(s) 14 and the claim(s) is/are rejected for the reasons detailed with respect to those claims.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to THEODORE C PARSONS whose telephone number is (571)270-1475. The examiner can normally be reached on MTWRF 7:30-4:30.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jung Kim can be reached on (571) 272-3804. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from Patent Center. Status information for published applications may be obtained from Patent Center. Status information for unpublished applications is available through Patent Center for authorized users only. Should you have questions about access to Patent Center, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) Form at https://www.uspto.gov/patents/uspto-automated- interview-request-air-form.
/THEODORE C PARSONS/Primary Examiner, Art Unit 2494
Prosecution Insights