Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

	This action is in response to the claims filed 10/01/2019.  Claims 1-20 are pending with claims 1 (a method), 8 (a machine), and 15 (a method).

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.

Claims 1, 3, 7, 8, 11, 14, 15, 17, and 20 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 11 of U.S. Patent No. 10,452,867. Although the claims at issue are not identical, they are not patentably distinct from each other because presently presented claims 1, 8, and 15 are anticipated by claims 1 of ‘867.

Presently presented claims 1, 8, and 15
Claim 11 of ‘867

A system function invoking method comprising:
acquiring configuration information of a first permission from an installation package of a first application program installed in the terminal device,
acquiring an installation package of a first application program; acquiring configuration information of a first permission from the installation package,

wherein the first permission is less than a highest level permission and is configured to forbid a second application program from invoking a system function in response to running the first application program;
wherein the first permission is not the highest level permission and forbids a second application program from invoking a system function in response to the first application program running;
granting the first permission to the first application program according to the configuration information;
granting the first permission of a system to the first application program according to the configuration information;
forbidding, according to the configuration information, the second application program from invoking the system function in response to running the first application program.
forbidding, according to the first permission, a second application program from invoking the system function in response to the first application program running.

running the first application program
(claim 15) configuring the system such that the system is in the first mode in response to running the first application program;
configuring the system such that the system is in the first mode in response to the first application program running;


As to dependent claims, see the following correspondence:
Presently presented claims 3, 11, and 17, see ‘867 claim 12.
Presently presented claims 7, 14, and 20, see ‘867 claim 16.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-3, 5, 7-12, 14-18, and 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Fong-Jones, US 8,656,465 (filed 2012-05), in view of Faaborg et al., US 8,595,489 (2012-11).
	As to claims 1, 8, and 15, Fong-Jones discloses a method/machine/method comprising: 

acquiring configuration information of a first permission … of a first application program installed in the terminal device (“sending, by a first security module executing on the computing device, a request for a first group of permissions to a second security module that is included in an operating system executing on the computing device…. receiving, from the second security module and by the first security module, the first group of permissions (92)” Fong-Jones col. 15, ln. 42), wherein the first permission is less than a highest level permission (“the dynamic linker may not require superuser or “root level” access to load the one or more libraries. In this way, the APIs in the of security client 21 may override the system calls of the API provided by the operating system” Fong-Jones col. 6, ln. 63) and is configured to forbid a second application program from invoking a system function (“a second group of permissions granted to the software application, wherein the second group of permissions is a subset of the first group of permissions (96).” Fong-Jones col. 15, ln. 55) in response to running the first application program; (“applying, by the security module, the second group of permissions to control access to the resource (98).” Fong-Jones col. 15, ln. 60. The security module program is running as it is applying the group of permissions)
granting the first permission to the first application program according to the configuration information; and (“receiving, from the second security module and by the first security module, the first group of permissions (92).” Fong-Jones col. 15, ln. 50. Where the second security module is the OS granting permissions: “a second security 
forbidding (“Security client 21 may apply the generated set of permissions to application 17 thereby allowing or denying access to the requested resource.” Fong-Jones col. 7, ln. 37), according to the configuration information, (“wherein the second group of permissions is a subset of the first group of permissions (96).” Fong-Jones col. 15, ln. 55) the second application program from invoking the system function in response to running the first application program. (“receiving, by the first security module, an input value that indicates the software application is not permitted to access the resource, wherein the second group of permissions generated by the security module deny the software application access to the resource.” Fong-Jones col. 16, ln. 46)

Fong-Jones does not disclose: 
from an installation package

	Faaborg discloses: 
from an installation package
(“It is important that users comprehend what permissions they are granting to an application during installation….. Consent to permissions may be granted at install time” Faaborg col. 2, ll. 46-65.

“An APK file may contain individual files such as: 1) an AndroidManifest.xml file, which is a Manifest file that describes the name, version, access rights, and referenced library files for the application” Faaborg col. 3, ln. 24.
“The Manifest file identifies any user permissions the application requires, such as Internet access or read-access to the user's contacts. The Manifest file may also declare the minimum API level required by the application” Faaborg col. 3, ln. 39.)

A person of ordinary skill in the art before the effective filing date of the claimed invention would have combined Fong-Jones with Faaborg by utilizing the APK install package permissions inspection and user prompt to install the security client 21 of Fong-Jones on the computing device 10 of Fong-Jones.  It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention would have combined Fong-Jones with Faaborg in order to allow users to comprehend the permissions granted to applications and consent thereto (Faaborg col. 2, ln. 46) and also to prevent installation of applications whose required permissions would not or could not be granted (Faaborg col. 3, ln. 60).

As to claims 2, 9, and 16, Fong-Jones in view of Faaborg discloses the method/machine/method of claims 1, 8, and 15 and further disclose:
wherein acquiring the configuration information comprises: 
during installation….. Consent to permissions may be granted at install time” Faaborg col. 2, ll. 46-65.)
reading the configuration information from the installation package while installing the first application program in the terminal device. (“The Manifest file identifies any user permissions the application requires, such as Internet access or read-access to the user's contacts. The Manifest file may also declare the minimum API level required by the application” Faaborg col. 3, ln. 39. The permissions granted during installation.)

As to claims 3, 10, 11, and 17, Fong-Jones in view of Faaborg discloses the method/machine/method of claims 1, 8, and 15 and further disclose:
wherein the second application program is an application program of a plurality of application programs in the terminal device other than the first application. (“Manager module 19, in some examples, manages Access Control Lists (ACLs) and allows user 16 to revoke/modify permissions of applications that attempt to access resources.” Fong-Jones col. 5, ln. 52. Plural applications.)

As to claims 5, 12, and 18, Fong-Jones in view of Faaborg discloses the method/machine/method of claims 1, 8, and 15 and further disclose:
wherein granting the first permission to the first application program comprises: receiving a user grant; and (“It is important that users comprehend what permissions Consent to permissions may be granted at install time” Faaborg col. 2, ll. 46-65.
granting the first permission to the first application program according to the configuration information in response to receiving the user grant. (“sending, by a first security module executing on the computing device, a request for a first group of permissions to a second security module that is included in an operating system executing on the computing device…. receiving, from the second security module and by the first security module, the first group of permissions (92)” Fong-Jones col. 15, ln. 42)

As to claims 7, 14, and 20, Fong-Jones in view of Faaborg discloses the method/machine/method of claims 1, 8, and 15 and further disclose:
wherein forbidding the second application program from invoking the system function comprises forbidding (“Security client 21 generates a permissions response message based on the permissions information and sends the permissions response message to the requesting application in order to control (e.g., grant or deny) access to the resource by the application (82).” Fong-Jones col. 15, ln. 31) invoking an application programming interface (API) corresponding to the system function in response to running the first application program. (“security client 21 may include an API. The API may be similar to or is the same as the operating system and therefore may include one or more system calls provided by the operating system.” Fong-Jones col. 6, ln. 47. The security client is running to receive the API calls.)

Claims 4, 6, 13, and 19 is/are rejected under 35 U.S.C. 103 as being unpatentable over Fong-Jones, US 8,656,465 (filed 2012-05), in view of Faaborg et al., US 8,595,489 (2012-11), and Roesner et al., US 2013/0205385 (filed 2012-02).
As to claims 4, Fong-Jones in view of Faaborg discloses the method/machine/method of claims 1, 8, and 15 and further disclose:

wherein forbidding the second application program from invoking the system function comprises: 
… when the second application program has invoked the system function and the system function is currently in an invoked state of being invoked by the second application program; and (“upon intercepting the request, may invoke the system call of the operating system on behalf of application 17 if application 17 has permission to access the resource.” Fong-Jones col. 6, ln. 54. Also: “determining, by the first security module and based upon the first group of permissions, that the software application is allowed to access the resource.” Fong-Jones col. 15, ln. 62)
forbidding subsequent invocation of the system function by the second application program when the second application program has not invoked the system function (“Security client 21 generates a permissions response message based on the permissions information and sends the permissions response message to the requesting application in order to control (e.g., grant or deny) access to the resource by the application (82).” Fong-Jones col. 15, ln. 32) or when the second application program has invoked the system function and the system function is currently not in the invoked state.

Fong-Jones in view of Faaborg does not disclose: 
ending an invocation of the system function by the second application program 

Roesner discloses:
(“associated resource monitor may represent system-level functionality which mediates access to at least one system-level resource, such as a camera, a printer, a location device, message-sending functionality” Roesner ¶ 10) ending an invocation of the system function by the second application program (“the access system 100 can also permit a user to expressly revoke any type of extended permission granted to the application 202, regardless of whether the application 202 is running at the time of revocation.” Roesner ¶ 83.  See also ¶¶ 111 and 155 and Figure 21).

A person of ordinary skill in the art before the effective filing date of the claimed invention would have combined Fong-Jones in view of Faaborg with Roesner by providing the functionality to revoke permissions granted to an application even if those permissions were in use during application runtime.  It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine the permission revocation of Roesner in the system of Fong-Jones in view of Faaborg in order to allow applications to access resources using permissions that are narrowly tailored (Roesner ¶ 13) and revocable, thereby not granting permissions indefinitely (Roesner ¶¶ 83 and 155) after the user’s intended use has been accomplished.


As to claims 6, 13, and 19, Fong-Jones in view of Faaborg discloses the method/machine/method of claims 1, 8, and 15 and further disclose:
wherein forbidding the second application program from invoking the system function comprises: 
… when the second application program has invoked the system function and the system function is currently in an invoked state of being invoked by the second application program; and (“upon intercepting the request, may invoke the system call of the operating system on behalf of application 17 if application 17 has permission to access the resource.” Fong-Jones col. 6, ln. 54. Also: “determining, by the first security module and based upon the first group of permissions, that the software application is allowed to access the resource.” Fong-Jones col. 15, ln. 62)
forbidding subsequent invocation of the system function by the second application program when the second application program has not invoked the system function (“Security client 21 generates a permissions response message based on the permissions information and sends the permissions response message to the requesting application in order to control (e.g., grant or deny) access to the resource by the application (82).” Fong-Jones col. 15, ln. 32) or when the second application program has invoked the system function and the system function is currently not in the invoked state.

Fong-Jones in view of Faaborg does not disclose: 


Roesner discloses:
(“associated resource monitor may represent system-level functionality which mediates access to at least one system-level resource, such as a camera, a printer, a location device, message-sending functionality” Roesner ¶ 10) suspending an invocation of the system function by the second application program (“the access system 100 can also permit a user to expressly revoke any type of extended permission granted to the application 202, regardless of whether the application 202 is running at the time of revocation.” Roesner ¶ 83.  See also ¶¶ 111 and 155 and Figure 21).

A person of ordinary skill in the art before the effective filing date of the claimed invention would have combined Fong-Jones in view of Faaborg with Roesner by providing the functionality to revoke permissions granted to an application even if those permissions were in use during application runtime.  It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine the permission revocation of Roesner in the system of Fong-Jones in view of Faaborg in order to allow applications to access resources using permissions that are narrowly tailored (Roesner ¶ 13) and revocable, thereby not granting permissions indefinitely (Roesner ¶¶ 83 and 155) after the user’s intended use has been accomplished.


Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.  See PTO-892, particularly:
Zheng et al., US 2014/0075546, discloses a mentoring module checking the permissions granted to an application when invoking an API call.
Majaniemi, US 2016/0248810, discloses checking required application permissions during application install and monitoring the use of permissions at runtime.
Kreiner et al., US 8,826,436, discloses locking down a calling application until a proxy can authorize the applications permission to execute the call. 
Reeves et al., US 8,265,595, discloses a permission manager module that is remote to the executing device for authorizing permission use.


Any inquiry concerning this communication or earlier communications from the examiner should be directed to MICHAEL W CHAO whose telephone number is (571)272-5165.  The examiner can normally be reached on M, W-F 8-5.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/MICHAEL W CHAO/           Examiner, Art Unit 2492