DETAILED ACTION
This communication responsive to the application No. 16/467,184 filed on June 06,
2019. Claims 1-15 are pending and are directed towards USER TERMINAL APPARATUS AND CONTROL METHOD THEREOF. 

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 06/06/2019 was Acknowledge. The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Specification
The disclosure is objected to because of the following informalities: 
The use of the term “Zigbee”, “WiFi” and “Bluetooth” (para [0064] in the specification), which are trade name or a mark used in commerce, has been noted in this application. It should be capitalized wherever it appears and be accompanied by the generic terminology. Although the use of trade names and marks used in commerce (i.e., trademarks, service marks, certification marks, and collective marks) are permissible in patent applications, the proprietary nature of the 
Applicant is reminded of the proper language and format for an abstract of the disclosure.
The abstract should be in narrative form and generally limited to a single paragraph on a separate sheet within the range of 50 to 150 words in length. The abstract should describe the disclosure sufficiently to assist readers in deciding whether there is a need for consulting the full patent text for details.
The language should be clear and concise and should not repeat information given in the title. It should avoid using phrases which can be implied, such as, “The disclosure concerns,” “The disclosure defined by this invention,” “The disclosure describes,” etc.  In addition, the form and legal phraseology often used in patent claims, such as “means” and “said,” should be avoided. In particular, the phrase “…according to one embodiment of the present invention may comprise…” in the abstract line 2 should be avoided. Appropriate correction is required.
Appropriate correction is required.

Claim Interpretation
The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof. 

The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art.  The broadest reasonable interpretation of a claim element (also 
As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph:
(A)	the claim limitation uses the term “means” or “step” or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function; 
(B)	the term “means” or “step” or the generic placeholder is modified by functional language, typically, but not always linked by the transition word “for” (e.g., “means for”) or another linking word or phrase, such as “configured to” or “so that”; and 
(C)	the term “means” or “step” or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function. 
Use of the word “means” (or “step”) in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites sufficient structure, material, or acts to entirely perform the recited function. 
Absence of the word “means” (or “step”) in a claim creates a rebuttable presumption that the claim limitation is not to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is not interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim 
Claim limitations in this application that use the word “means” (or “step”) are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. Conversely, claim limitations in this application that do not use the word “means” (or “step”) are not being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action.
This application includes one or more claim limitations that do not use the word “means,” but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, because the claim limitation(s) uses a generic placeholder that is coupled with functional language without reciting sufficient structure to perform the recited function and the generic placeholder is not preceded by a structural modifier.  Such claim limitation(s) is/are: “a communication unit configured to…” in claim 1.
Because this/these claim limitation(s) is/are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, it/they is/are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof.
If applicant does not intend to have this/these limitation(s) interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, applicant may:  (1) amend the claim limitation(s) to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph (e.g., by reciting sufficient structure to perform the claimed function); or (2) present a sufficient showing that the claim limitation(s) recite(s) sufficient structure to perform 

Drawings
The drawings are objected to as failing to comply with 37 CFR 1.84(p)(4) because:
 Reference character “430” in FIG. 5 has been used to designate both “Critical Logic” and “Non-Critical Logic”. 
Corrected drawing sheets in compliance with 37 CFR 1.121(d) are required in reply to the Office action to avoid abandonment of the application. Any amended replacement drawing sheet should include all of the figures appearing on the immediate prior version of the sheet, even if only one figure is being amended. The figure or figure number of an amended drawing should not be labeled as “amended.” If a drawing figure is to be canceled, the appropriate figure must be removed from the replacement sheet, and where necessary, the remaining figures must be renumbered and appropriate changes made to the brief description of the several views of the drawings for consistency. Additional replacement sheets may be necessary to show the renumbering of the remaining figures. Each drawing sheet submitted after the filing date of an application must be labeled in the top margin as either “Replacement Sheet” or “New Sheet” pursuant to 37 CFR 1.121(d). If the changes are not accepted by the examiner, the applicant will be notified and informed of any required corrective action in the next Office action. The objection to the drawings will not be held in abeyance.
In addition to Replacement Sheets containing the corrected drawing figure(s), applicant is required to submit a marked-up copy of each Replacement Sheet including annotations indicating the changes made to the previous version.  The marked-up copy must be clearly 

Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.



Claim(s) 1, 3, 6, 8, 10, 11 and 13 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Aissi U.S. Patent Pub. No. 2013/0347064 A1 

As per claim 1, Aissi teaches a user terminal apparatus interlocked with a server (Mobile device 102 and server 904. Aissi, Fig. 9) comprising: 
a communication unit configured to communicate with the server (the mobile device 102 may allow the user to communicate with one or more entities, such as the entities described in FIG. 1. Aissi, para [0063] and Fig. 1); 
(The exemplary mobile device 102 may comprise a computer readable medium (CRM) 202 comprising code executable by the processor 204 for implementing methods using embodiments of the invention. The computer readable medium 202 may be in the form of a memory that stores data and could be internal to the device or hosted remotely (i.e., cloud) and accessed wirelessly by the device. Aissi, para [0061])( The mobile device 102 may also allow the user to download and install security sensitive applications on the mobile device 102. Aissi, para [0063]); and 
a processor (processor. Aissi, Fig. 2) configured to:
execute the application including a first logic which requires security processing (The application installation module 330 unwraps the security sensitive application 316 from the application module 314 and install the application in the trusted execution environment. In some implementations, depending on the trusted execution environment discovered the application installation module 330 may prepare the trusted execution environment before installing the security sensitive application 316 in the trusted execution environment. Aissi, para [0071]), 
perform mutual verification with the server (a secure communication channel between the first instance of the trusted execution environment 902 executing on the mobile device 102 and the second instance of the trusted execution environment 906 executing on the server computer 904 is established. The secure communication channel may be initiated by the server computer 904 residing in the cloud 908 or the mobile device 102. Aissi, para [0134]), 
control the communication unit to request the server such that the first logic is executed at the server (A synchronizing event may be generated for synchronizing a first state associated with the first instance of the trusted execution environment 902 on the mobile device and a second state associated with the second instance of the trusted execution environment 906 on the server computer 904. The synchronizing event may be generated either by the mobile device [request sent to the server] 102 or the server computer 9047 residing in the cloud. Aissi, para [0135]) (The state of a trusted execution environment may include, but is not limited to one or more of the executable code for the trusted execution environment, the data associated with execution of one or more applications in the trusted execution environment, executable code for the applications, and the state of the applications. Aissi, para [0136]), and 
based on an execution result being received from the server, proceed with execution of the application by using the received execution result (the server computer 904 may send a message over the secure communication channel to the device to deactivate the first instance of the trusted execution environment 902 upon detection that the mobile device 102 has been compromised. Aissi, para [0138]).

As per claim 3, Aissi teaches the user terminal apparatus interlocked with a server of claim 1, wherein the processor is configured to verify the server by using a certification, and control the communication unit to form a security channel between the verified server (A "payment processing network" may include data processing subsystems, networks, and operations used to support and deliver certificate authority services, authorization services, exception file services, and clearing and settlement services. Aissi, para [0050]) (The network stack authentication module 326 initiates authentication of the network stack 310, so that the mobile device 102 can securely communicate with a trusted entity by creating a secure communication channel. Aissi, para [0069]).

As per claim 6, Aissi teaches the user terminal apparatus interlocked with a server of claim 1, wherein the server is configured to execute the first logic by using a security chip (the server computer 904 residing in the cloud 908 may execute a second instance of the trusted execution environment 906. An instance of a trusted execution environment may refer to an image or copy of the executable code that can be executed on devices with varying hardware capabilities, while providing same or similar functionality. Aissi, para [0133]).

As per claim 8, Aissi teaches the user terminal apparatus interlocked with a server of claim 1, wherein the first logic is pre-installed on the server (installing the application may include creating a secure container within an authenticated operating environment, wherein the operating environment manages a plurality of hardware resources for the secure container and installing the application within the secure container. In one aspect, the secure container may be a virtual machine and the authenticated operating environment may be a virtual machine monitor. Aissi, para [0098])( a second instance of the trusted execution environment may be initiated on a server computer residing on the cloud. Aissi, para [0131]), and the processor is configured to control the communication unit to request execution of the pre-installed first logic if execution of the first logic is required while the application is executed (Verifying, at the server computer 904, the state of the trusted execution environment 902 executing at the mobile device 102 with the state the trusted execution environment 906 executing at the server computer 904 (that has a high confidence associated with it) allows for significantly more robust security, since not only is the application running in a trusted execution environment on the mobile device 102, but it is being periodically verified against a synchronized version in the cloud 908 on a secure server computer. Aissi, para [0139]).

As per claim 10, Aissi teaches the user terminal apparatus interlocked with a server of claim 1, further comprising: an input unit configured to receive an input of a user instruction (The mobile device 102 may further include input elements 208 to allow the user to input information into the device. Aissi, para [0062] and Fig. 2 element 208); and wherein the processor is configured to control the communication unit, based on receiving a request for a user instruction related to execution of the first logic from the server, to transmit the user instruction inputted through the input unit to the server (the application module 314 may invoke a user interface, as shown in FIG. 5, to request user input on whether the user would like to perform a secure installation or not. If the user does not select a secure installation, then at Step 606, the application may be installed outside the boundary of a trusted execution environment. However, if the user selects secure installation of the application, the mobile device 102 proceeds with secure installation of the application at Step 608 by performing a two way authentication. Aissi, para [0094])( The server computer 904 may be configured to establish a secure communication channel with the mobile device 102, communicate synchronization information with the mobile device 102 and send signaling information to the mobile device 102. The server computer 904 may comprise an input-output (IO) interface 1004, which may be configured to interface with the mobile device. Aissi, para [0142]).

As per claim 11, Aissi teaches a method for controlling a user terminal apparatus interlocked with a server (Mobile device 102 and server 904. Aissi, Fig. 9) comprising: 
executing an application including a first logic which requires security processing(The application installation module 330 unwraps the security sensitive application 316 from the application module 314 and install the application in the trusted execution environment. In some implementations, depending on the trusted execution environment discovered the application installation module 330 may prepare the trusted execution environment before installing the security sensitive application 316 in the trusted execution environment. Aissi, para [0071]), 
perform mutual verification with the server (a secure communication channel between the first instance of the trusted execution environment 902 executing on the mobile device 102 and the second instance of the trusted execution environment 906 executing on the server computer 904 is established. The secure communication channel may be initiated by the server computer 904 residing in the cloud 908 or the mobile device 102. Aissi, para [0134]), 
requesting the server such that the first logic is executed at the server (A synchronizing event may be generated for synchronizing a first state associated with the first instance of the trusted execution environment 902 on the mobile device and a second state associated with the second instance of the trusted execution environment 906 on the server computer 904. The synchronizing event may be generated either by the mobile device [request sent to the server] 102 or the server computer 9047 residing in the cloud. Aissi, para [0135]) (The state of a trusted execution environment may include, but is not limited to one or more of the executable code for the trusted execution environment, the data associated with execution of one or more applications in the trusted execution environment, executable code for the applications, and the state of the applications. Aissi, para [0136]), and 
based on an execution result being received from the server, proceeding with execution of the application by using the received execution result (the server computer 904 may send a message over the secure communication channel to the device to deactivate the first instance of the trusted execution environment 902 upon detection that the mobile device 102 has been compromised. Aissi, para [0138]).

As per claim 13, Aissi teaches the method for controlling a user terminal apparatus of claim 11, wherein the performing mutual verification comprises: verifying the server by using a certification (A "payment processing network" may include data processing subsystems, networks, and operations used to support and deliver certificate authority services, authorization services, exception file services, and clearing and settlement services. Aissi, para [0050]); and 
forming a security channel between the verified server (The network stack authentication module 326 initiates authentication of the network stack 310, so that the mobile device 102 can securely communicate with a trusted entity by creating a secure communication channel. Aissi, para [0069]).

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claims 2 and 12 are rejected under 35 U.S.C. 103 as being unpatentable over Aissi U.S. Patent Pub. No. 2013/0347064 A1 in view of Chan et al. U.S. Patent Pub. No. 2007/0136800 A1 (hereinafter “Chan”).

As per claim 2, Aissi teaches the user terminal apparatus interlocked with a server of claim 1. Aissi in general teaches (Authenticating the application may include performing a cryptographic measurement of the application module 314, and comparing the cryptographic measurement against a value retrieved from an at least one trusted entity using a secure communication channel. Aissi, para [0096]). But, does not explicitly teach wherein the first logic includes a hash value of a second logic which does not require security processing included in the application, the server is configured to compare the hash value of the second logic with a hash value measured at the user terminal apparatus and verify the user terminal apparatus, and the processor is configured to measure the hash value of the second logic, and control the communication unit to transmit the measured hash value to the server.
(A system for establishing a connection between a client and a target service comprising: means for incorporating data in a combined code for the client and the target service to perform mutual authentication. Chan, Claim 17) wherein the first logic includes a hash value of a second logic which does not require security processing included in the application (means for incorporating a first hash of a public key in the combined code. Chan, claim 18), the server is configured to compare the hash value of the second logic with a hash value measured at the user terminal apparatus and verify the user terminal apparatus (means for computing a second hash of the public key in the certificate; and means for authenticating the target service by comparing the first hash and the second hash. Chan, claim 18), and the processor is configured to measure the hash value of the second logic, and control the communication unit to transmit the measured hash value to the server (The combined code is provided out-of-band and includes data to perform two-way authentication for both the client and the target service. Chan, para [0003]).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention, to modify the teaching of Aissi so that the first logic includes a hash value of a second logic which does not require security processing included in the application, the server is configured to compare the hash value of the second logic with a hash value measured at the user terminal apparatus and verify the user terminal apparatus, and the processor is configured to measure the hash value of the second logic, and control the communication unit to transmit the measured hash value to the server. One would be motivated to do so, to enhance the security of the system and establish a secure communication channel between the terminal and the server. (Chan, para [0001]).


As per claim 12, Aissi teaches the method for controlling a user terminal apparatus of claim 11. Aissi in general teaches (Authenticating the application may include performing a cryptographic measurement of the application module 314, and comparing the cryptographic measurement against a value retrieved from an at least one trusted entity using a secure communication channel. Aissi, para [0096]). But, does not explicitly teach wherein the first logic includes a hash value of a second logic which does not require security processing included in the application, and the performing mutual verification comprises: measuring the hash value of the second logic; and transmitting the measured hash value to the server, wherein the server compares the hash value of the second logic included in the first logic with the measured hash value and verifies the user terminal apparatus.
	However, Chan teaches (A system for establishing a connection between a client and a target service comprising: means for incorporating data in a combined code for the client and the target service to perform mutual authentication. Chan, Claim 17) wherein the first logic includes a hash value of a second logic which does not require security processing included in the application (means for incorporating a first hash of a public key in the combined code. Chan, claim 18), and the performing mutual verification comprises: measuring the hash value of the (means for computing a second hash of the public key in the certificate. Chan, claim 18); and 
transmitting the measured hash value to the server, wherein the server compares the hash value of the second logic included in the first logic with the measured hash value and verifies the user terminal apparatus  (means for computing a second hash of the public key in the certificate; and means for authenticating the target service by comparing the first hash and the second hash. Chan, claim 18) (The combined code is provided out-of-band and includes data to perform two-way authentication for both the client and the target service. Chan, para [0003]).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention, to modify the teaching of Aissi so that the first logic includes a hash value of a second logic which does not require security processing included in the application, and the performing mutual verification comprises: measuring the hash value of the second logic; and transmitting the measured hash value to the server, wherein the server compares the hash value of the second logic included in the first logic with the measured hash value and verifies the user terminal apparatus. One would be motivated to do so, to enhance the security of the system and establish a secure communication channel between the terminal and the server. (Chan, para [0001]).

Claims 4 and 14 are rejected under 35 U.S.C. 103 as being unpatentable over Aissi U.S. Patent Pub. No. 2013/0347064 A1 in view of Berkobin et al. U.S. Patent Pub. No. 2016/0203649 A1 (hereinafter “Berkobin”).

As per claim 4, Aissi teaches the user terminal apparatus interlocked with a server of claim 1. Aissi does not explicitly teach wherein a second server forming a cloud network with the server is configured to transmit a first secret value which is a result of a hash operation of a first nonce when the server is verified, the server is configured to perform a hash operation of both the first secret value and a second nonce and generates a second secret value, and the processor is configured to control the communication unit to transmit the first nonce to the second server, and control the communication unit to transmit the second nonce to the server, and based on receiving the generated second secret value from the server, verify the server by using the first nonce and the second nonce.
However, Berkobin teaches wherein a second server forming a cloud network with the server is configured to transmit a first secret value which is a result of a hash operation of a first nonce when the server is verified (The vendor may request the vehicle's VIN to authenticate the vehicle. The vendor may provide the vehicle with the second code, and the vehicle may provide the vendor with the first code. The vehicle may create a hash of the combined first code and second code, and use this to authenticate the vendor (by comparing this hash with the hash received from the delivery server). The vendor may do the same. Berkobin, para [0010]), the server is configured to perform a hash operation of both the first secret value and a second nonce and generates a second secret value (The vehicle may create a hash of the combined first code and second code, and use this to authenticate the vendor (by comparing this hash with the hash received. Berkobin, para [0010]), and the processor is configured to control the communication unit to transmit the first nonce to the second server, and control the communication unit to transmit the second nonce to the server (The server may provide the first code to the user and the second code to the vendor. Berkobin, para [0009]), and based on receiving the generated second (The vehicle may create a hash of the combined first code and second code, and use this to authenticate the vendor (by comparing this hash with the hash received. Berkobin, para [0010]).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention, to modify the teaching of Aissi so that a second server forming a cloud network with the server is configured to transmit a first secret value which is a result of a hash operation of a first nonce when the server is verified, the server is configured to perform a hash operation of both the first secret value and a second nonce and generates a second secret value, and the processor is configured to control the communication unit to transmit the first nonce to the second server, and control the communication unit to transmit the second nonce to the server, and based on receiving the generated second secret value from the server, verify the server by using the first nonce and the second nonce. One would be motivated to do so, to enhance the security of the system.

As per claim 14, Aissi teaches the method for controlling a user terminal apparatus of claim 11. Aissi does not explicitly teach wherein the performing mutual verification comprises: transmitting a first nonce to a second server forming a cloud network with the server; transmitting a second nonce to the server; and based on receiving a second secret value from the server, verifying the server by using the first nonce and the second nonce, and wherein the second server transmits a first secret value which is a result of a hash operation of the first nonce to the server when the server is verified, and wherein the server performs a hash operation of both the first secret value and the second nonce and generates the second secret value.
(The vendor may request the vehicle's VIN to authenticate the vehicle. The vendor may provide the vehicle with the second code, and the vehicle may provide the vendor with the first code. The vehicle may create a hash of the combined first code and second code, and use this to authenticate the vendor (by comparing this hash with the hash received from the delivery server). The vendor may do the same. Berkobin, para [0010]); 
transmitting a second nonce to the server (The server may provide the first code to the user and the second code to the vendor. Berkobin, para [0009]); and 
based on receiving a second secret value from the server, verifying the server by using the first nonce and the second nonce, and wherein the second server transmits a first secret value which is a result of a hash operation of the first nonce to the server when the server is verified, and wherein the server performs a hash operation of both the first secret value and the second nonce and generates the second secret value(The vehicle may create a hash of the combined first code and second code, and use this to authenticate the vendor (by comparing this hash with the hash received. Berkobin, para [0010]).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention, to modify the teaching of Aissi so that the performing mutual verification comprises: transmitting a first nonce to a second server forming a cloud network with the server; transmitting a second nonce to the server; and based on receiving a second secret value from the server, verifying the server by using the first nonce and the second nonce, and wherein the second server transmits a first secret value which is a result of a hash operation of the first nonce to the server when the server is verified, and wherein the server .

Claims 5 and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Aissi U.S. Patent Pub. No. 2013/0347064 A1 in view of Watt et al. U.S. Patent Pub. No. 2004/0153672 A1 (hereinafter “Watt”).

As per claim 5, Aissi teaches the user terminal apparatus interlocked with a server of claim 1. Aissi does not explicitly teach wherein the application is generated by performing binary processing on source codes depending on whether security processing is required. 
However, Watt teaches wherein the application is generated by performing binary processing on source codes depending on whether security processing is required (Within the non-secure domain there is provided a non-secure operating system 74 and a plurality of non-secure application programs […] A plurality of secure applications 82, 84 are illustrated as executing in combination with the secure kernel. Watt, para [0123] and Fig.2). 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention, to modify the teaching of Aissi so that the application is generated by performing binary processing on source codes depending on whether security processing is required. One would be motivated to do so, to enhance the security and the efficiency of the system by identifying the part of the code that need to be executed in secure domain. (Watt, para [0008]).

As per claim 15, Aissi teaches the method for controlling a user terminal apparatus of claim 11. Aissi does not explicitly teach wherein the application is generated by performing binary processing on source codes depending on whether security processing is required.
However, Watt teaches wherein the application is generated by performing binary processing on source codes depending on whether security processing is required (Within the non-secure domain there is provided a non-secure operating system 74 and a plurality of non-secure application programs […] A plurality of secure applications 82, 84 are illustrated as executing in combination with the secure kernel. Watt, para [0123] and Fig.2). 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention, to modify the teaching of Aissi so that the application is generated by performing binary processing on source codes depending on whether security processing is required. One would be motivated to do so, to enhance the security and the efficiency of the system by identifying the part of the code that need to be executed in secure domain. (Watt, para [0008]).

Claims 7 and 9 are rejected under 35 U.S.C. 103 as being unpatentable over Aissi U.S. Patent Pub. No. 2013/0347064 A1 in view of Rindborg et al. U.S. Patent Pub. No. 2004/0243810 A1 (hereinafter “Rindborg”).

As per claim 7, Aissi teaches the user terminal apparatus interlocked with a server of claim 1. Aissi does not explicitly teach wherein the processor is configured to transmit the first logic to the server if execution of the first logic is required while the application is executed, and control the communication unit to request execution of the transmitted first logic.
(a non-critical code portion is executed on a computer. When an application on the computer detects a critical code portion to be executed, the application sends a request to a secure execution unit connected to the computer to execute the critical code portion. The secure execution unit executes the critical code portion in response to the request. Rindborg, para [0009]).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention, to modify the teaching of Aissi so that the processor is configured to transmit the first logic to the server if execution of the first logic is required while the application is executed, and control the communication unit to request execution of the transmitted first logic. One would be motivated to do so, to enhance the security and the efficiency of the system by executing code in secure fashion. (Rindborg, para [0001]).

As per claim 9, Aissi teaches the user terminal apparatus interlocked with a server of claim 1. Aissi does not explicitly teach wherein the application includes the first logic and a second logic which does not require security processing, and the processor is configured to execute the second logic in parallel while waiting for receipt of an execution result after requesting execution of the first logic to the server.
However, Rindborg teaches wherein the application includes the first logic and a second logic which does not require security processing (One way of recognising critical code portions is to divide the code in two separate parts; one part with non-critical code and one part with critical code. Rindborg, para [0021]), and the processor is configured to execute the second  (The idea of the present invention is that critical code is executed in the secure execution unit 4 while non-critical code is executed in the normal execution means of the computer. Rindborg, para [0021]).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention, to modify the teaching of Aissi so that the application includes the first logic and a second logic which does not require security processing, and the processor is configured to execute the second logic in parallel while waiting for receipt of an execution result after requesting execution of the first logic to the server. One would be motivated to do so, to enhance the security and the efficiency of the system by executing code in secure fashion. (Rindborg, para [0001]).

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to KHALID M ALMAGHAYREH whose telephone number is (571)272-0179.  The examiner can normally be reached on Monday - Thursday 8AM-5PM EST & Friday variable.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

Respectfully Submitted




/KHALID M ALMAGHAYREH/Examiner, Art Unit 2492                                                                                                                                                                                                        

/SALEH NAJJAR/Supervisory Patent Examiner, Art Unit 2492