Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claims 1-13 currently are pending. 
Please refer to the action below.

Examiner Notes
The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art.  However, the claimed subject matter, not the specification, is the measure of the invention. 

Claim Interpretation
The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the 

The following is a quotation of pre-AIA  35 U.S.C. 112, sixth paragraph:
An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.

The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art. The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the description in the specification when 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is invoked. 
As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph:

(B)          the term “means” or “step” or the generic placeholder is modified by functional language, typically, but not always linked by the transition word “for” (e.g., “means for”) or another linking word or phrase, such as “configured to” or “so that”; and 
(C)          The term “means” or “step” or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function. 
Use of the word “means” (or “step”) in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites sufficient structure, material, or acts to entirely perform the recited function. 
Absence of the word “means” (or “step”) in a claim creates a rebuttable presumption that the claim limitation is not to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is not interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 
Claim limitations in this application that use the word “means” (or “step”) are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. Conversely, claim limitations in this application that do not use the word “means” (or “step”) are not being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action.
         This application includes one or more claim limitations that do not use the word “means,” but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, because the claim limitation(s) uses a generic placeholder that is coupled with functional language without reciting sufficient structure to perform the recited function and the generic placeholder is not preceded by a structural modifier.  Such claim limitation(s) is/are: 
            ((“unit configured”)). 
The units is thereby interpreted as component of the CPU 201 of para. 0067 or components of the TPM 1101 of para. 0060 of the disclosure.
          Because this/these claim limitation(s) is/are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, it/they is/are being 
        If applicant does not intend to have the claim limitation(s) treated under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112 , sixth paragraph, applicant may amend the claim(s) so that it/they will clearly not invoke 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, or present a sufficient showing that the claim recites/recite sufficient structure, material, or acts for performing the claimed function to preclude application of 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph.

For more information, see MPEP § 2173 et seq. and Supplementary Examination Guidelines for Determining Compliance With 35 U.S.C. 112 and for Treatment of Related Issues in Patent Applications, 76 FR 7162, 7167 (Feb. 9, 2011).

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be 
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim 1, 10, and 12 is/are rejected under 35 U.S.C. 103 as being unpatentable over The Description of the Related Art (DRA), in view of David et al. (US 20180191738, A1). 

     Regarding claim 1, DRA teaches an information processing apparatus for performing run-time alteration detection for an execution module during operation based on a white list (at least para. 0004 of the DRA’s disclosure teaches the 
the information processing apparatus comprising: 
a request reception unit configured to receive a request for executing the execution module (para. 0004, request reception); 
a first alteration detection unit configured to detect an alteration of the white list upon reception of the execution request (para. 0004, based on calculated and compared hash values stores, detecting an abnormally from the hash values and thereby detecting said  alteration of the white list upon reception of the execution request);
a second alteration detection unit configured to detect an alteration of an execution module which has issued the execution request, by using a white list determined to have no alteration by the first alteration detection unit (para. 0004 further teaches using a white list of known normal modules determined to have no alteration by said first alteration detection unit, further configured to detect at an activation mode an alteration of said execution module which has issued the execution request, by using a white list determined to have no alteration by the first alteration detection unit); and 

   However, DRA does not specifically cite said error control unit configured to, select and control whether to deactivate the system of the information processing apparatus or to inhibit only execution of the execution module which has issued the execution request, depending on a current activation mode of the information processing apparatus and an activation mode using the execution module which has issued the execution request.
    David teaches a case in at least para. 0030 and 0060 a normal mode of operation and further in para. 0013 and 0077 a safe mode of operation further configured with at least a software security validation system comprising an error control unit configured to, select and control whether to deactivate the altered or compromised programs in the system, or the system based on a current safe activation mode or that of a normal activation mode, in the case of a normal mode of at least para. 


the information processing method comprising: 
receiving as request reception, a request for executing the execution module (para. 0004, request reception); 
detecting as first alteration detection, an alteration of the white list upon reception of the execution request (para. 0004, based on calculated and compared hash values stores, detecting an abnormally from the hash values and thereby detecting said  alteration of the white list upon reception of the execution request);
detecting as second alteration detection. an alteration of an execution module which has issued the execution request by using a white list determined to have no alteration by the first alteration detection (para. 0004 further teaches using a white list of known normal modules determined to have no alteration by said first alteration detection unit, further configured to detect at an activation mode an alteration of said execution module which has issued the execution request, by 
selecting and controlling, as error control, upon detection of an alteration by the second alteration detection, whether to deactivate a system of the information processing apparatus or to inhibit only execution of the execution module which has issued the execution request (para. 0004-0005 of DRA further teaches said activation modes, and said error control unit further configured to upon detection of said alteration detection by the second alteration detection unit, select and control to deactivate the system of the information processing apparatus, using the execution module which has issued the execution request).
   However, DRA does not specifically cite said selecting and controlling, as error control, upon detection of said alteration by the second alteration detection, whether to deactivate a system of the information processing apparatus or to inhibit only execution of the execution module which has issued the execution request, depending on said a current activation mode of the information processing apparatus and an activation mode.
    David teaches a case in at least para. 0030 and 0060 a normal mode of operation and further in para. 0013 and 0077 a safe mode of operation further configured with at least a software security validation system comprising an error control unit configured to, select and control whether to deactivate the altered or compromised 

     Regarding claim 12, DRA teaches an non-transitory storage medium storing a program causing a computer to execute an information processing method (at least para. 0002-0005 of DRA teaches a control program system storing normal whitelist and to execute alteration detection at runtime of requested execution modules by at least a known CPU comprising said storage medium and a processor indicative of said computer), 
the method comprising: 
receiving as request reception, a request for executing the execution module (para. 0004, request reception); 
detecting as first alteration detection, an alteration of the white list upon reception of the execution request (para. 0004, based on calculated and compared hash values stores, detecting an abnormally from the hash values and thereby detecting said  alteration of the white list upon reception of the execution request);
detecting as second alteration detection. an alteration of an execution module which has issued the execution request by using a white list determined to have no alteration by the first alteration detection (para. 0004 further teaches using a white list of known normal modules determined to have no alteration by said first alteration detection unit, further configured to detect at an activation mode an alteration of said execution module which has issued the execution request, by 
selecting and controlling, as error control, upon detection of an alteration by the second alteration detection, whether to deactivate a system of the information processing apparatus or to inhibit only execution of the execution module which has issued the execution request (para. 0004-0005 of DRA further teaches said activation modes, and said error control unit further configured to upon detection of said alteration detection by the second alteration detection unit, select and control to deactivate the system of the information processing apparatus, using the execution module which has issued the execution request).
   However, DRA does not specifically cite said selecting and controlling, as error control, upon detection of said alteration by the second alteration detection, whether to deactivate a system of the information processing apparatus or to inhibit only execution of the execution module which has issued the execution request, depending on said a current activation mode of the information processing apparatus and an activation mode.
    David teaches a case in at least para. 0030 and 0060 a normal mode of operation and further in para. 0013 and 0077 a safe mode of operation further configured with at least a software security validation system comprising an error control unit configured to, select and control whether to deactivate the altered or compromised .

Claims 4, 11, and 13 is/are rejected under 35 U.S.C. 103 as being unpatentable over The Description of the Related Art (DRA), in view of David, and further in view of Moussa et al. (US 2016/0203313, A1). 

     Regarding claim 4, DRA teaches an information processing apparatus for performing run-time alteration detection for an execution module during operation based on a white list (at least para. 0004 of the DRA’s disclosure teaches the reception of the module execution request for performing at least a run-time alteration detection for said execution module during operation based on a white list), 
the information processing apparatus comprising: 
a request reception unit configured to receive a request for executing the execution module (para. 0004, request reception); 
a first alteration detection unit configured to detect an alteration of the white list upon reception of the execution request (para. 0004, based on calculated and compared hash values stores, detecting an abnormally from the hash values and thereby detecting said  alteration of the white list upon reception of the execution request);

an error control unit configured to, upon detection of an alteration by the second alteration detection unit, select and control whether to deactivate a system of the information processing apparatus, using the execution module which has issued the execution request (para. 0004-0005 of DRA further teaches said activation modes, and said error control unit further configured to upon detection of said alteration detection by the second alteration detection unit, select and control to deactivate the system of the information processing apparatus, using the execution module which has issued the execution request).
   However, DRA does not specifically cite said error control unit configured to, select and control whether to deactivate the system of the information processing apparatus or to inhibit only execution of the execution module which has issued the execution request, depending on a current activation mode of the information 
    David teaches a case in at least para. 0030 and 0060 a normal mode of operation and further in para. 0013 and 0077 a safe mode of operation further configured with at least a software security validation system comprising an error control unit configured to, select and control whether to deactivate the altered or compromised programs in the system, or the system based on a current safe activation mode or that of a normal activation mode, in the case of a normal mode of at least para. 0030 and 0060, control whether to deactivate the altered or compromised programs in the system and to inhibit only execution of the execution module which has issued the execution request, and said error control unit further configured to, when detecting the compromised requests, in the safe mode of para. 0013 and 0077 select and control whether to deactivate the system of the information processing apparatus, and/or inhibit only the detected altered program whether using the execution module which has issued the execution request, based on the operating modes. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of DRA in 
   However, DRA in view of David are silent regarding wherein the white list generation unit configured to, upon detection of an alteration of the white list by the first alteration detection unit, regenerate the white list by confirming whether the information processing apparatus is normal.
   Moussa teaches a trusted platform module in at least para. 0034-0036, and 0048 configured to perform at least at runtime detection of programs alteration, further comprises a white list generation unit based on matched programs integrity in at least para. 0048 configured to, upon detection of a normal alteration of the white list by the first alteration detection unit, regenerate the white list by confirming whether the information processing apparatus is normal. It would have been obvious to one of ordinary skill in the art before the effective filing date of the 

     Regarding claim 11, DRA teaches an information processing method provided with an information processing apparatus for performing run-time alteration detection for an execution module during operation based on a white list (at least para. 0004 of the DRA’s disclosure teaches the reception of the module execution request for performing at least a run-time alteration detection for said execution module during operation based on a white list), 
the information processing method comprising: 
receiving, as request reception, a request for executing the execution module (para. 0004, request reception); 
detecting, as first alteration detection, an alteration of the white list upon reception of the execution request (para. 0004, based on calculated and compared hash values stores, detecting an abnormally from the hash values and thereby detecting said  alteration of the white list upon reception of the execution request);

selecting and controlling, as error control, upon detection of an alteration by the second alteration detection, whether to deactivate a system of the information processing apparatus or to inhibit only execution of the execution module which has issued the execution request (para. 0004-0005 of DRA further teaches said activation modes, and said error control unit further configured to upon detection of said alteration detection by the second alteration detection unit, select and control to deactivate the system of the information processing apparatus, using the execution module which has issued the execution request).
   However, DRA does not specifically cite said selecting and controlling, as error control, upon detection of an alteration by the second alteration detection, whether to deactivate a system of the information processing apparatus or to inhibit only execution of the execution module which has issued the execution request, 
regenerating, as white list generation, upon detection of an alteration of the white list by the first alteration detection, the white list by confirming whether the information processing apparatus is normal.
    David teaches a case in at least para. 0030 and 0060 a normal mode of operation and further in para. 0013 and 0077 a safe mode of operation further configured with at least a software security validation system comprising an error control unit configured to, select and control whether to deactivate the altered or compromised programs in the system, or the system based on a current safe activation mode or that of a normal activation mode, in the case of a normal mode of at least para. 0030 and 0060, control whether to deactivate the altered or compromised programs in the system and to inhibit only execution of the execution module which has issued the execution request, and said error control unit further configured to, when detecting the compromised requests, in the safe mode of para. 0013 and 0077 select and control whether to deactivate the system of the information processing apparatus, and/or inhibit only the detected altered program whether using the execution module which has issued the execution request, based on the operating modes. It would have been obvious to one of ordinary skill in the art before the 
   However, DRA in view of David are silent regarding wherein regenerating, as white list generation, upon detection of an alteration of the white list by the first alteration detection, the white list by confirming whether the information processing apparatus is normal.
   Moussa teaches a trusted platform module in at least para. 0034-0036, and 0048 configured to perform at least at runtime detection of programs alteration, further comprises a white list generation unit based on matched programs integrity in at least para. 0048 configured to, upon detection of a normal alteration of the white list by the first alteration detection unit, regenerate the white list by confirming 

     Regarding claim 13, DRA teaches a non-transitory storage medium storing a program causing a computer to execute an information processing method (at least para. 0002-0005 of DRA teaches a control program system storing normal whitelist and to execute alteration detection at runtime of requested execution modules by at least a known CPU comprising said storage medium and a processor indicative of said computer), 
the method comprising: 
receiving, as request reception, a request for executing the execution module (para. 0004, request reception); 
detecting, as first alteration detection, an alteration of the white list upon reception of the execution request (para. 0004, based on calculated and compared hash 
detecting, as second alteration detection, an alteration of an execution module which has issued the execution request, by using a white list determined to have no alteration by the first alteration detection (para. 0004 further teaches using a white list of known normal modules determined to have no alteration by said first alteration detection unit, further configured to detect at an activation mode an alteration of said execution module which has issued the execution request, by using a white list determined to have no alteration by the first alteration detection unit); and 
selecting and controlling, as error control, upon detection of an alteration by the second alteration detection, whether to deactivate a system of the information processing apparatus or to inhibit only execution of the execution module which has issued the execution request (para. 0004-0005 of DRA further teaches said activation modes, and said error control unit further configured to upon detection of said alteration detection by the second alteration detection unit, select and control to deactivate the system of the information processing apparatus, using the execution module which has issued the execution request).
   However, DRA does not specifically cite said selecting and controlling, as error control, upon detection of an alteration by the second alteration detection, whether 
regenerating, as white list generation, upon detection of an alteration of the white list by the first alteration detection, the white list by confirming whether the information processing apparatus is normal.
        David teaches a case in at least para. 0030 and 0060 a normal mode of operation and further in para. 0013 and 0077 a safe mode of operation further configured with at least a software security validation system comprising an error control unit configured to, select and control whether to deactivate the altered or compromised programs in the system, or the system based on a current safe activation mode or that of a normal activation mode, in the case of a normal mode of at least para. 0030 and 0060, control whether to deactivate the altered or compromised programs in the system and to inhibit only execution of the execution module which has issued the execution request, and said error control unit further configured to, when detecting the compromised requests, in the safe mode of para. 0013 and 0077 select and control whether to deactivate the system of the information processing apparatus, and/or inhibit only the detected altered 
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of DRA in view of David to include said selecting and controlling, as error control, upon detection of an alteration by the second alteration detection, whether to deactivate a system of the information processing apparatus or to inhibit only execution of the execution module which has issued the execution request, depending on a current activation mode of the information processing apparatus and an activation mode using the execution module which has issued the execution request;, as indicated above, as DRA in view of David are in the same field of endeavor of receiving an execution request for an execution module, to certify and validate the integrity of the request pertaining to whitelist and Blacklist functions depending of the activation mode of the device, based on the prior art of David to select and control based on an error control mechanism and the operating modes whether to deactivate the system of the information processing apparatus or to inhibit only execution of the execution module which has issued the execution request in the safe mode of para. 0013 and 0077 and further in para. 0030 and 0060 in a normal mode determines whether to only inhibit only execution of the execution module which has issued the execution request depending further on said current activation mode of the information 
   However, DRA in view of David are silent regarding wherein regenerating, as white list generation, upon detection of an alteration of the white list by the first alteration detection, the white list by confirming whether the information processing apparatus is normal.
   Moussa teaches a trusted platform module in at least para. 0034-0036, and 0048 configured to perform at least at runtime detection of programs alteration, further comprises a white list generation unit based on matched programs integrity in at .

Claims 1-8, and 10-13 further rejected under 35 U.S.C. 103 as being unpatentable over The Description of the Related Art (DRA), in view of Jayanthi et al. (US 2013/0097708, A1). 

     Regarding claim 1, DRA teaches an information processing apparatus for performing run-time alteration detection for an execution module during operation based on a white list (at least para. 0004 of the DRA’s disclosure teaches the reception of the module execution request for performing at least a run-time 
the information processing apparatus comprising: 
a request reception unit configured to receive a request for executing the execution module (para. 0004, request reception); 
a first alteration detection unit configured to detect an alteration of the white list upon reception of the execution request (para. 0004, based on calculated and compared hash values stores, detecting an abnormally from the hash values and thereby detecting said  alteration of the white list upon reception of the execution request);
a second alteration detection unit configured to detect an alteration of an execution module which has issued the execution request, by using a white list determined to have no alteration by the first alteration detection unit (para. 0004 further teaches using a white list of known normal modules determined to have no alteration by said first alteration detection unit, further configured to detect at an activation mode an alteration of said execution module which has issued the execution request, by using a white list determined to have no alteration by the first alteration detection unit); and 
an error control unit configured to, upon detection of an alteration by the second alteration detection unit, select and control whether to deactivate a system of the 
   However, DRA does not specifically cite said error control unit configured to, select and control whether to deactivate the system of the information processing apparatus or to inhibit only execution of the execution module which has issued the execution request, depending on a current activation mode of the information processing apparatus and an activation mode using the execution module which has issued the execution request.
    Jayanthi teaches a case in at least para. 0028 a platform module configured to store trusted modules in the form whitelists modules and the storage of also Blacklisted modules, further configured in at least para. 0015, and 0025 to comprise at least a software security validation system comprising an error control unit configured to, select and control whether to deactivate the altered or compromised programs in the system, or the system based on a current safe activation mode or that of a normal activation mode, in the case of a normal mode 


    Jayanthi further teaches a case of para. 0015-0016 where the system may be operated in the normal mode or that of a whitelist mode or safe mode, if in a case said error control unit determines the activation mode using the execution module in the whitelist mode which has issued the execution request through a storage area of said execution module, where the determined activation mode using the execution module which has issued the execution request is identical to the current activation mode, said error control unit deactivates and quarantine the system of the information processing apparatus, and wherein, in a case where the determined activation mode using the execution module which has issued the execution request is different from the current activation mode, said error control unit as 

      Regarding claim 3 (according to claim 1), DRA further teaches  wherein, in a case where the white list is determined to have an alteration by the first alteration detection unit, the error control unit further selects and controls whether to deactivate the system of the information processing apparatus or to inhibit only 

     Regarding claim 4, DRA teaches an information processing apparatus for performing run-time alteration detection for an execution module during operation based on a white list (at least para. 0004 of the DRA’s disclosure teaches the reception of the module execution request for performing at least a run-time alteration detection for said execution module during operation based on a white list), 
the information processing apparatus comprising: 
a request reception unit configured to receive a request for executing the execution module (para. 0004, request reception); 
a first alteration detection unit configured to detect an alteration of the white list upon reception of the execution request (para. 0004, based on calculated and compared hash values stores, detecting an abnormally from the hash values and 
a second alteration detection unit configured to detect an alteration of an execution module which has issued the execution request, by using a white list determined to have no alteration by the first alteration detection unit (para. 0004 further teaches using a white list of known normal modules determined to have no alteration by said first alteration detection unit, further configured to detect at an activation mode an alteration of said execution module which has issued the execution request, by using a white list determined to have no alteration by the first alteration detection unit); and 
an error control unit configured to, upon detection of an alteration by the second alteration detection unit, select and control whether to deactivate a system of the information processing apparatus, using the execution module which has issued the execution request (para. 0004-0005 of DRA further teaches said activation modes, and said error control unit further configured to upon detection of said alteration detection by the second alteration detection unit, select and control to deactivate the system of the information processing apparatus, using the execution module which has issued the execution request).
   However, DRA does not specifically cite said error control unit configured to, select and control whether to deactivate the system of the information processing 
    Jayanthi teaches a case in at least para. 0028 a platform module configured to store trusted modules in the form whitelists modules and the storage of also Blacklisted modules, further configured in at least para. 0015, and 0025 to comprise at least a software security validation system comprising an error control unit configured to, select and control whether to deactivate the altered or compromised programs in the system, or the system based on a current safe activation mode or that of a normal activation mode, in the case of a normal mode control whether to deactivate the altered or compromised programs in the system or to inhibit only execution of the execution module which has issued the execution request, and said error control unit further configured to, in the safe mode of para. 0015-0016 when detecting the compromised requests, select and control whether to deactivate, quarantine the system of the information processing apparatus, or inhibit only the function requested using the execution module which 

    Regarding claim 5 (according to claim 4), DRA is silent regarding wherein, in a case where the information processing apparatus is determined to be normal, the white list generation unit regenerates a white list, and wherein, in a case where the information processing apparatus is determined to be abnormal, the white list generation unit deactivates the system of the information processing apparatus or inhibits only execution of the execution module which has issued the execution request.
   It is understood in the art at least in para. 0030 of Jayanthi in a case where the information processing apparatus is determined to be normal, said the white list generation unit updates or regenerates the white list, and wherein, in a case where the information processing apparatus is determined to be abnormal, said white list generation unit obviously 0015-0016 deactivates the system of the information processing apparatus or inhibits only execution of the execution module which has issued the execution request.
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of DRA in view of Jayanthi to include said wherein, in a case where the information processing 


    Jayanthi teaches in at least para. 0015 and 0013 server system comprising the detecting alteration detection of the programs, configured as implied in at least para. 0015 to maintain a log of whitelists and Blacklisted programs execution further adapted as understood to confirm in para. 0015 and 0028 whether the information processing apparatus is normal by confirming a log file recording an alteration detected by the first alteration detection unit or the second alteration detection unit. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of DRA in view of Jayanthi to include said wherein, further comprising a log confirmation unit configured to confirm whether the information processing apparatus is normal by confirming a log file recording an alteration detected by the first alteration detection unit or the second alteration detection unit, as indicated above, as DRA in view of Jayanthi are in the same field of endeavor of receiving an execution request for an execution module, to certify and validate the integrity of the request pertaining to whitelist and Blacklist functions depending of the activation mode of 

    Regarding claim 7 (according to claim 4), DRA further teaches wherein further comprising an activation-time verification unit configured to confirm whether the information processing apparatus is normal by detecting an alteration of modules sequentially activated during activation of the information processing apparatus (para. 0003-0005).


    Jayanthi further teaches in at least para. 0030 and 0013, a server system which may include the storage of trusted whitelist modules indicative of said Trusted Platform Module (TPM) understood in the art as said tamper-resistant security chip; and comprising said device certification unit configured to confirm whether the information processing apparatus is normal by verifying further in para. 0029 hash values of modules sequentially activated during activation of the information processing apparatus, by using an external server, the hash values being stored in the TPM. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of DRA in view of Jayanthi to include said Trusted Platform Module (TPM) as a tamper-resistant security chip; and said device certification unit configured to confirm whether the information processing apparatus is normal by verifying hash values of modules sequentially activated during activation of the information processing apparatus, by using an external server, the hash values being stored in the TPM, as 


the information processing method comprising: 
receiving. as request reception, a request for executing the execution module (para. 0004, request reception); 
detecting. as first alteration detection, an alteration of the white list upon reception of the execution request (para. 0004, based on calculated and compared hash values stores, detecting an abnormally from the hash values and thereby detecting said  alteration of the white list upon reception of the execution request);
detecting. as second alteration detection. an alteration of an execution module which has issued the execution request. by using a white list determined to have no alteration by the first alteration detection (para. 0004 further teaches using a white list of known normal modules determined to have no alteration by said first alteration detection unit, further configured to detect at an activation mode an alteration of said execution module which has issued the execution request, by 
selecting and controlling, as error control, upon detection of an alteration by the second alteration detection, whether to deactivate a system of the information processing apparatus or to inhibit only execution of the execution module which has issued the execution request, using the execution module which has issued the execution request (para. 0004-0005 of DRA further teaches said activation modes, and said error control unit further configured to upon detection of said alteration detection by the second alteration detection unit, select and control to deactivate the system of the information processing apparatus, using the execution module which has issued the execution request).
   However, DRA does not specifically cite said selecting and controlling, as error control, upon detection of an alteration by the second alteration detection, whether to deactivate a system of the information processing apparatus or to inhibit only execution of the execution module which has issued the execution request, depending on a current activation mode of the information processing apparatus and an activation mode using the execution module which has issued the execution request.
    Jayanthi teaches a case in at least para. 0028 a platform module configured to store trusted modules in the form whitelists modules and the storage of also 

        Regarding claim 11, DRA teaches an information processing method provided with an information processing apparatus for performing run-time alteration detection for an execution module during operation based on a white list (at least para. 0004 of the DRA’s disclosure teaches the reception of the module execution request for performing at least a run-time alteration detection for said execution module during operation based on a white list), 
the information processing method comprising: 
receiving. as request reception, a request for executing the execution module (para. 0004, request reception); 
detecting. as first alteration detection, an alteration of the white list upon reception of the execution request (para. 0004, based on calculated and compared hash values stores, detecting an abnormally from the hash values and thereby detecting said  alteration of the white list upon reception of the execution request);

selecting and controlling, as error control, upon detection of an alteration by the second alteration detection, whether to deactivate a system of the information processing apparatus or to inhibit only execution of the execution module which has issued the execution request, using the execution module which has issued the execution request (para. 0004-0005 of DRA further teaches said activation modes, and said error control unit further configured to upon detection of said alteration detection by the second alteration detection unit, select and control to deactivate the system of the information processing apparatus, using the execution module which has issued the execution request).
   However, DRA does not specifically cite said selecting and controlling, as error control, upon detection of an alteration by the second alteration detection, whether to deactivate a system of the information processing apparatus or to inhibit only 
Jayanthi teaches a case in at least para. 0028 a platform module configured to store trusted modules in the form whitelists modules and the storage of also Blacklisted modules, further configured in at least para. 0015, and 0025 to comprise at least a software security validation system comprising an error control unit configured to, select and control whether to deactivate the altered or compromised programs in the system, or the system based on a current safe activation mode or that of a normal activation mode, in the case of a normal mode control whether to deactivate the altered or compromised programs in the system or to inhibit only execution of the execution module which has issued the execution request, and said error control unit further configured to, in the safe mode of para. 0015-0016 when detecting the compromised requests, select and control whether to deactivate, quarantine the system of the information processing apparatus, or inhibit only the function requested using the execution module which has issued the execution request, thereby preventing the operation rate from decreasing when detecting an 
wherein the decision to inhibiting or deactivating in a case does not prevent the system from operating functions not affected which may result as understood in the art a decreased operation rate, said operating mode decisions further as would be appreciated further allow or directed to preventing the operation rate from decreasing when detecting an alteration in the execution module verification using said white list storage modules, according to known methods to yield predictable results since known work in one field of endeavor may prompt variations of it for use in either the same field or a different one based on design incentives or other market forces if the variations are predictable to one of ordinary skill in the art, and thus the adaptation of an old idea or invention using newer technology that is either 

     Regarding claim 12, DRA teaches an non-transitory storage medium storing a program causing a computer to execute an information processing method (at least para. 0002-0005 of DRA teaches a control program system storing normal whitelist and to execute alteration detection at runtime of requested execution modules by at least a known CPU comprising said storage medium and a processor indicative of said computer), 
the method comprising: 
receiving. as request reception, a request for executing the execution module (para. 0004, request reception); 
detecting as first alteration detection, an alteration of the white list upon reception of the execution request (para. 0004, based on calculated and compared hash values stores, detecting an abnormally from the hash values and thereby detecting said  alteration of the white list upon reception of the execution request);
detecting as second alteration detection. an alteration of an execution module which has issued the execution request. by using a white list determined to have no alteration by the first alteration detection (para. 0004 further teaches using a white list of known normal modules determined to have no alteration by said first 
selecting and controlling, as error control, upon detection of an alteration by the second alteration detection, whether to deactivate a system of the information processing apparatus or to inhibit only execution of the execution module which has issued the execution request, using the execution module which has issued the execution request (para. 0004-0005 of DRA further teaches said activation modes, and said error control unit further configured to upon detection of said alteration detection by the second alteration detection unit, select and control to deactivate the system of the information processing apparatus, using the execution module which has issued the execution request).
   However, DRA does not specifically cite said selecting and controlling, as error control, upon detection of an alteration by the second alteration detection, whether to deactivate a system of the information processing apparatus or to inhibit only execution of the execution module which has issued the execution request, depending on a current activation mode of the information processing apparatus and an activation mode using the execution module which has issued the execution request.

It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of DRA in view of Jayanthi to include said selecting and controlling, as error control, upon detection of an alteration by the second alteration detection, whether to deactivate a system 

     Regarding claim 13, DRA teaches an non-transitory storage medium storing a program causing a computer to execute an information processing method (at least para. 0002-0005 of DRA teaches a control program system storing normal whitelist and to execute alteration detection at runtime of requested execution modules by at least a known CPU comprising said storage medium and a processor indicative of said computer), 
the method comprising: 
receiving. as request reception, a request for executing the execution module (para. 0004, request reception); 
detecting as first alteration detection, an alteration of the white list upon reception of the execution request (para. 0004, based on calculated and compared hash 
detecting as second alteration detection an alteration of an execution module which has issued the execution request by using a white list determined to have no alteration by the first alteration detection (para. 0004 further teaches using a white list of known normal modules determined to have no alteration by said first alteration detection unit, further configured to detect at an activation mode an alteration of said execution module which has issued the execution request, by using a white list determined to have no alteration by the first alteration detection unit); and 
selecting and controlling, as error control, upon detection of an alteration by the second alteration detection, whether to deactivate a system of the information processing apparatus or to inhibit only execution of the execution module which has issued the execution request, using the execution module which has issued the execution request (para. 0004-0005 of DRA further teaches said activation modes, and said error control unit further configured to upon detection of said alteration detection by the second alteration detection unit, select and control to deactivate the system of the information processing apparatus, using the execution module which has issued the execution request).

    Jayanthi teaches a case in at least para. 0028 a platform module configured to store trusted modules in the form whitelists modules and the storage of also Blacklisted modules, further configured in at least para. 0015, and 0025 to comprise at least a software security validation system comprising an error control unit configured to, select and control whether to deactivate the altered or compromised programs in the system, or the system based on a current safe activation mode or that of a normal activation mode, in the case of a normal mode control whether to deactivate the altered or compromised programs in the system or to inhibit only execution of the execution module which has issued the execution request, and said error control unit further configured to, in the safe mode of para. 0015-0016 when detecting the compromised requests, select and 

Claim Standings
Claim 9 objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
     The prior arts do not appear to teach as cited claim 9 (according to claim 4), wherein, the white list generation unit selects a usable method out of a log confirmation unit, an activation- time verification unit, and a device certification unit, and uses the selected method to confirm whether the information processing apparatus is normal.

Conclusion
       Any inquiry concerning this communication or earlier communications from the examiner should be directed to MARCELLUS AUGUSTIN whose telephone number is (571)270-3384.  The examiner can normally be reached on 9 AM- 5 PM.

If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, BENNY TIEU can be reached on 571-272-7490.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.