DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

1. The following is a Final Office Action in response to applicant’s arguments filed on December 9, 2020

Claims 1, 9, and 12 are amended
Claims 1-10 and 12-14 are pending



Response to Arguments
1.) Applicant’s argument filed on 12/9/2020 regarding objection of claim 12 has been fully considered, but is not persuasive.
In the remarks, applicant argues that the amendment to claim 12 renders the claim objection moot.
The examiner respectfully disagrees with the applicant. A review of the amended claim still shows that claim 12 depends on itself. Therefore, the claim objection is still maintained.
and is performed at an application level of the software component to repair a plurality of instances of the software component so that future executions of the application of the software component are not affected by the vulnerability”, necessitated the new ground(s) of rejection presented in this Office action. Therefore, Applicant's arguments with respect to claims 1-10 and 12-14 have been considered but are moot in view of the new ground(s) of rejection.
3.) Applicant’s argument filed on 12/9/2020 regarding 35 U.S.C. 103 rejection of claim 1 has been fully considered, but is not persuasive.
	In the remarks, applicant argues:
Jacobs, in paragraph 0057, does not teach anything regarding a vulnerability that relates to behavior of the application in interacting with reference data associated with an enterprise network. 
The examiner respectfully disagrees with the applicant. Jacobs discloses in paragraphs 0030 and 0082 that a security management facility is configured to provide behavioral based protection by monitoring code behavior. Additionally, security and file analysis may be applied in an enterprise network for controlling execution of an application, wherein implicitly, an executed application may access and depend on reference data information for performing designated functions.


Claim Objection

1.) Claim 12 is objected to for having an improper claim dependency. For the purpose of claim prosecution, it will be assumed that claim 12 depends on claim 9.




Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.



 	In regards to claim 1, Jacobs teaches a method for providing a secure computing environment, the method comprising: identifying at least one software component of an application, wherein the at least one software component is selected from the group consisting of a block of instructions, a method, a class, and a library of software components(see US 20080109871, Jacobs, para. 0030, where software code[i.e. component] is analyzed[i.e. identified] using behavioral based protection to identify malicious code);  	identifying an acceptable repair strategy that addresses the vulnerability at an application level of the software component(see US 20130198848, Wolff, para. 0028, 0044 and fig. 7, where a remediation expert learns of the vulnerabilities[720] and prepares remedial action[730] for a plurality of applications running on client devices[740]); and  	identifying a vulnerability associated with the at least one software component, wherein the vulnerability relates to behavior of the application in interacting with reference data associated with an enterprise network and any unauthorized changes to the reference data resulting from the interaction(see US 20080109871, Jacobs, para. 0030 and 0082, where intrusion prevention applies behavioral based protection by analyzing software code behavior, and wherein analysis facilities within an enterprise network may utilize file analysis to control execution of files [e.g. files utilizing reference data information] within an enterprise network); 	However, Wolff teaches executing the identified repair strategy at the application level during execution of the at least one software component to repair a plurality of instances of the software component so that future executions of the application are not affected by the vulnerability(see US 20130198848, Wolff, para. 0028 and fig. 7, where a self-healing payload may be installed on a plurality of devices[770], wherein the self-healing payload may include permanent software patches[780] to remedy application vulnerabilities).  	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Jacobs with the teaching of Wolff because a user would have been motivated to supplement the software remedies taught by Jacobs by enabling infected software to be replaced with new software during a software download session(see Wolff, para. 0028) 	 	In regards to claim 5, the combination of Jacobs and Wolff teaches the method of claim 1, wherein executing the identified repair strategy includes redeploying the application without requiring recompilation or programmer involvement(see US 20130198848, Wolff, para. 0028, where a remedial action in response to a vulnerability may include downloading programs[i.e. applications]).  	It would have been obvious to one of ordinary skill in the art before the effective (see Wolff, para. 0028) 	In regards to claim 7, the combination of Jacobs and Wolff teach the method of claim 1 wherein identifying the vulnerability associated with the at least one software component includes identifying a violation of a mandate of a predefined policy(see US 20080109871, Jacobs, para. 0032, where feedback information is used to provide violations of policy information used in the prevention of virus threats). 	In regards to claim 8, the combination of Jacobs and Wolff teaches the method of claim 1, wherein identifying the vulnerability includes examining the application in a detonation chamber(see US 20080109871, Jacobs, para. 0046, where isolation of a facility or quarantine an application[e.g. detonation chamber] is performed when malicious activity is detected). 	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Lietz with the teaching of Jacobs because a user would have been motivated to enable an organization to protect a virtual application on an enterprise network by employing policies to restrict malicious code from accessing the network(see Jacobs, para. 0025)


In regards to claim 9, Fitzgerald teaches a method for providing a secure computing environment, the method comprising: receiving a file annotated with metadata(see US 20080134177, Fitzgerald, para. 0009, where metadata associated with a VM is received); consulting the metadata associated with the file prior to a process interacting with the file to determine if the interaction would comply with a predetermined policy(see US 20080134177, Fitzgerald, para. 0256, where metadata is checked against compliance policies prior to execution in order to determine whether to permit or deny execution);examining the file in a detonation chamber before the interaction upon determining the interaction would not comply with the predetermined policy(see US 20080134177, Fitzgerald, para. 0256, executing in a sandbox[i.e. detonation chamber] if execution was in non-compliance);  	Fitzgerald does not teach receiving modification data regarding execution of the file in the detonation chamber; and performing at least one corrective action after examining the file in the detonation chamber, wherein the at least one corrective action is based on the modification data and is performed at an application level of the software component to repair a plurality of instances of the software component so that future executions of the application of the software component are not affected by the vulnerability  	However, Wolff teaches receiving modification data regarding execution of the (see US 20130198848, Wolff, para. 0016, where an application may be placed in a sandbox[i.e. detonation chamber], wherein the application is implicitly executed), wherein the modification data relates to changes made to reference data resulting from the file’s execution(see US 20130198848, Wolff, para. 0026, where an exploit may include harming[e.g. modifying] data); and performing at least one corrective action after examining the file in the detonation chamber, wherein the at least one corrective action is based on the modification data and is performed at an application level of the software component to repair a plurality of instances of the software component so that future executions of the application of the software component are not affected by the vulnerability(see US 20130198848, Wolff, para. 0028 and fig. 7, where a self-healing payload[i.e. corrective action] may be installed on a plurality of devices[770], wherein the self-healing payload may include permanent software patches[780] to remedy application vulnerabilities). 	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Jacobs with the teaching of Wolff because a user would have been motivated to supplement the software remedies taught by Jacobs by enabling infected software to be replaced with new software during a software download session(see Wolff, para. 0028)  	 	In regards to claim 10, the combination of Fitzgerald and Wolff teach the method of claim 9 wherein the file is annotated with provenance data(see US 20080134177, Fitzgerald, para. 0030, where the metadata may include historical metadata that includes system, performance, etc information).  	In regards to claim 13, the combination of Fitzgerald and Wolff teach the method of claim 9 wherein performing the at least one corrective action includes quarantining the file(see US 20080134177, Fitzgerald, para. 0256, where an execution within a sandbox occurs when a violation has been detected). 

3.) Claims 2-4, 6, and 14 are rejected under 35 U.S.C. 103 as being unpatentable over US 20080109871, Jacobs in view of US 20130198848, Wolff and further in view of US 20140026121, Jackson  	In regards to claim 2, the combination of Jacobs and Wolff teach the method of claim 1. The combination of Jacobs and Wolff do not teach wherein the acceptable repair strategy is application-agnostic 	However, Jackson teaches wherein the acceptable repair strategy is application-agnostic (see US 20140026121, Jackson, fig. 5, where an application fix is application type independent[i.e. agnostic]).  	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Jacobs and Wolff with the teaching of Jackson because a user would have been motivated to remedy a software vulnerability by using updated code or patches to repair defective applications.(see Jackson, para. 0002) (see US 20140026121, Jackson, para. 0124, where the process to normalize bytecode by removing information that was added by compilers to functional parts of the code).  	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Jacobs and Wolff with the teaching of Jackson because a user would have been motivated to remedy a software vulnerability by using updated code or patches to repair defective applications.(see Jackson, para. 0002) 	In regards to claim 4, the combination of Jacobs, Wolff and Jackson teach the method of claim 3 wherein executing the identified repair strategy further includes inserting at least one new software component into the application(see US 20140026121, Jackson, fig. 3, steps 311 and 317, where a fixed bytecode[i.e. new component] is substituted for the broken byte code).  	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Jacobs (see Jackson, para. 0002) 	In regards to claim 6, the combination of Jacobs and Wolff teaches the method of claim 1. The combination of Jacobs and Wolff does not teach wherein executing the identified repair strategy includes modifying the application software components in situ using runtime mechanisms. However, Jackson teaches wherein executing the identified repair strategy includes modifying the application software components in situ using runtime mechanisms (see US 20140026121, Jackson, para. 0055, where fixed software patches are pulled in during runtime as needed). 	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Jacobs and Wolff with the teaching of Jackson because a user would have been motivated to remedy a software vulnerability by using updated code or patches to repair defective applications.(see Jackson, para. 0002) 	In regards to claim 14, the combination of Jacobs and Wolff teach the method of claim 8. The combination of Jacobs and Wolff do not teach wherein performing the at least one corrective action includes issuing an alert 	However, Jackson teaches wherein performing the at least one corrective action includes issuing an alert (see US 20140026121, Jackson, para. 0049, where an alert is issued when a vulnerability is detected).  	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Jacobs and Wolff with the teaching of Jackson because a user would have been motivated to remedy a software vulnerability, taught by the combination of Jacobs and Wolff, by using updated code or patches to repair defective applications.(see Jackson, para. 0002)
 	4.) Claim 12 is rejected under 35 U.S.C 103 as being unpatentable over US 20080134177, Fitzgerald in view of US 20130198848, Wolff in view of US 20120042145, Sehr 	In regards to claim 12, the combination of Fitzgerald, Wolff and Sehr teach the method of claim 12 further comprising receiving a summary of changes made to the reference data(see US 20120042145, Sehr, para. 0099, where code can be audited[i.e. summary of changes] in a secure runtime environment).  	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Fitzgerald and Wolff with the teaching of Sehr because a user would have been motivated to protect a system’s security by providing a secure location for storing a reference data set for use in a protected execution environment that’s isolated from the surrounding system.(see Sehr, para. 0094)

CONCLUSION

Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to GREGORY LANE whose telephone number is (571)270-7469.  The examiner can normally be reached on 571 270 7469 from 8:00 AM to 6:00 PM.
If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, Taghi Arani, can be reached on 571 272 3787.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. 

/GREGORY A LANE/                                              Examiner, Art Unit 2438                                                                                                                                                          


/TAGHI T ARANI/Supervisory Patent Examiner, Art Unit 2438