DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  
Citation of References
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. The following references are cited but not been replied upon for this office action:
Chevallier-Mames et al (US20140165208A1). Discloses method and apparatus that provide rewriting code to dynamically mask program data statically embedded in a first code. Optimal code locations in a program (or code) may be determined at compile time to update the program to allow dynamic masking of statically masked program data of the program at runtime.
Status of Claims
The amendment filed 10/27/2020 has been entered. Claims 1, 3-4, 6, 8-9, 11, 15 are currently amended claims. Claims 2, 7 are previously cancelled claims. Claims 1, 3-6, 8-18 are pending in the application.
The objection of claims 3-4, 8-9 due to informalities has been withdrawn in light of applicant’s amendment to the claims. However new issues are found. See Claim Objections below.
The rejection of claims 1, 5-6, and 10-18 under 35 USC 102 has been withdrawn in light of applicant’s argument being persuasive.
Response to Arguments
The Applicant's arguments filed on 10/27/2020 with respect to Claims 1, 3-6, 8-18 have been fully considered. 
Applicant’s argument regarding prior art rejections, see pg. 6-7 of the Remarks filed 10/27/2020, regarding specifically to independent claims 1, 6, 11 and 15, rejected under the 35 USC 102 has been fully considered. Examiner acknowledges applicant has amended with underline the independent claims 1, 6, 11, and 15 to further specify “when at least one of encoding, decoding and or re-encoding a data flow of the program, selection at runtime made from a pool of obfuscation algorithms injected into the program at build-time, where the obfuscation algorithms each comprise at least one function for encoding, decoding and/or re-encoding the data-flows”, as amended claim 1 (similarly for claims 6, 11, and 15).  Applicant specifically argued Chen’s teachings of inserting selected ones of different obfuscation functions into a program to replace function variables is done at build time and not at run time (See page 6 of the Remarks). Examiner acknowledges applicant’s argument is persuasive. However upon further search, a new reference Goodes (US20130014275A1) has been found to specifically teach that the dynamic selections of software modules by run-time loader/Linker with run-time source of entropy (i.e. randomly at run-time) for software protection from 
Applicant is further suggested to incorporate innovative features into independent claims to further advance the case.
Claim Objections
Claims 1, 6, 11, 15 are objected to because of the following informalities:  
Claim 1 lines 3-6, similarly claim 6 lines 4-7, recites “randomly selecting an obfuscation algorithm at runtime during execution of a program by a processor when at least one of encoding, decoding and or re-encoding a data flow of the program, selection at runtime made from a pool of obfuscation algorithms injected into the program at build-time, …”. The underlined cannot be construed as a complete sentence. It appears to say “randomly selecting an obfuscation algorithm at runtime during execution of a program by a processor… from a pool of obfuscation algorithms injected into the program at build-time, …”. Applicant is suggested to clarify the claim language.
Claim 1 line 4, similarly for claims 6, 11, claim 15, recites “…, decoding and or re-encoding …” may read as “…, decoding and/or re-encoding …”. 
Appropriate correction is required.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:


Claims 6, 15 recites the limitation "the program" in line 3.  There is insufficient antecedent basis for this limitation in the claim.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.

Claims 1, 5-6, 10-18 are rejected under 35 U.S.C. 103 as being unpatentable over Chen et al (US20040003278A1-IDS provided by Applicant, hereinafter, "Chen"), in view of Goodes et al (US20130014275A1, hereinafter, “Goodes”).
Regarding claim 1, Chen teaches:
A method (Chen, [Abstract] discloses a method, … for providing secure and opaque type libraries to automatically provide secure variables within a programming module) comprising: 
randomly selecting an obfuscation algorithm [at runtime] during execution of the program (Chen, [0016] The OTL selection module randomly selects or generates one of the possible variable obfuscation functions for each declared secure variable. And [0049] For example, Secure_Int.sub.--1 may add a random offset to the run-time value of the variable ... For both of these instances, a separate random value parameter may also be selected for each variable to further obfuscate the data contained therein) by a processor when at least one of encoding, decoding and or re-encoding a data flow of the program, selection [at runtime] made from a pool of obfuscation algorithms (Chen, [0016] The OTL type library database (i.e. pool of obfuscation algorithms) receives queries from the OTL selection module a database to identify possible variable obfuscation functions) injected into the program at build-time (Chen, [0053] … separate insertions of the in-line code for this obfuscation function are needed. See also Fig. 7, and [0055] the substitution module uses an OTL selection module 722 and an OTL parameter module 723 that both utilize a type library database 721 (i.e. injected into the program at build-time)), where the obfuscation algorithms each comprise at least one function for encoding, decoding and/or re-encoding the data-flows (Chen, see below for encoding, decoding etc. And [0035] An important application of Time-Varying OTL is authenticated function call.  In this model, a function can be annotated as call-by-authentication; parameters passed to this function, as well as the return value, are protected using Time-Varying OTL, which varies from machine to machine and from time to time.  A virus that is injected into a remote client machine will have no easy way to figure out the encoding scheme used at the time…); (See Goodes below for limitations in bracket)
 wherein the obfuscation algorithm is associated with at least one tagged data element in the program for encoding, decoding or re-encoding data stored in the tagged data element (Chen, [0016] The OTL selection module randomly selects or generates one of the possible variable obfuscation functions for each declared secure variable (i.e. tagged data element). The OTL substitution module substitutes the separate instance of the selected variable obfuscation function for every reference to the declared secure variable (i.e. encoding, re-encoding). The OTL type library database receives queries from the OTL selection module a database to identify possible variable obfuscation functions applicable for the variable type corresponding to the declared secure variables); 
and wherein: unencoded data is encoded by the obfuscation algorithm when the unencoded data is copied to the tagged data element (Chen, [0047] The main procedure module 303 provides the set of instructions that are performed when the programming module is run. Also [0048] The OTL processing of this program module 300 will create a separate instance of a function that will obfuscate the contents of these secure variables. And [0049] In this example, each of the two secure integers will cause a separate instance of a function to be created). Examiner notes: See Fig. 4 section 441 where variable Seccure_int_ 1 is assigned (i.e. copied) to Function; 
encoded data is re-encoded by the obfuscation algorithm when the encoded data is copied from a differently tagged data element to the tagged data element (Chen, [0052] Rather than utilizing the secure functions of FIG. 4, another embodiment of the present invention will substitute the code for the secure function directly into the in-line code (i.e. replaced or copied from a differently tagged data element) of the main procedure section 303. For example, Secure_Int.sub.--1 522 is referenced within Instruction 1 531 and within Instruction m 561); 
or encoded data is decoded by the obfuscation algorithm when the encoded data is copied from the tagged data element to an untagged data element (Chen, [0047] The main procedure module 303 provides the set of instructions that are performed when the programming module is run. And [0051] these variables may utilize references to secure functions 441-443 to process the secure variables from a secure state to a plain text state (i.e. decode to untagged data element) for use in the main procedure section 303).
While Chen teaches secure data protection by randomly selection of obfuscation functions from opaque type library but does not explicitly teach that the selecting an obfuscation algorithm at runtime during execution of the program, however in the same field of endeavor Goodes teaches:
(Goodes, referring to Fig. 5, and [0047] multiple, diverse instances of software modules (Mod A1, Mod A2, Mod A3, Mod A4 .  . . ; Mod B1, Mod B2, Mod B3, Mod B4 .  . . ; and Mod C1, Mod C2, Mod C3, Mod C4 .  . . ) can again be separately provisioned in dynamic libraries, such as Dynamic Library A, Dynamic Library B and Dynamic Library C, and the run-time loader 500 again includes a run-time source of entropy 502 and a pseudo-random number generator (PRNG), which controls a diverse module selector 504 to make pseudo-random decisions). 
		Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Goodes in the method of providing secure variables within a programing module of Chen by selecting the software modules from different libraries randomly and at runtime. This would have been obvious because the person having ordinary skill in the art would have been motivated to insert other secure protection techniques into a software program at runtime to enhance security transformation against differential attacks and enable renewability efforts through orchestrated updates (Goodes, [Abstract], [0006]).

Regarding claim 6, Chen-Goodes combination discloses:
An apparatus for encoding a data flow of a program (Chen, [Abstract] A system for providing secure and opaque type libraries to automatically provide secure variables within a programming module), comprising: a processor for executing the program (Chen, [0041] With reference to FIG. 2, an exemplary computing system for embodiments of the invention includes a general purpose computing device in the form of a conventional computer system 200, including a processor unit 202); with the rest of limitation substantially similar to claim 1 therefore rejected with the same reason set forth as rejection of claim 1 above.

Regarding claim 11, Chen teaches:
A method (Chen, [Abstract] A method, apparatus, and article of manufacture for providing secure and opaque type libraries to automatically provide secure variables within a programming module) comprising: 
tagging at least one data element when editing source code of the program (Chen, [0017] The method identifies secure variable declaration statements (i.e. at least one data element) within a source code module, queries a database for identification of possible variable obfuscation functions applicable for the variable type corresponding to the secure variable declaration statement) using a processor (Chen, Fig. 2, [0041] including a processor unit 202), when at least one of encoding, decoding and or re-encoding a data flow of the program (Chen, see below for encoding, decoding etc. And [0035] An important application of Time-Varying OTL is authenticated function call.  In this model, a function can be annotated as call-by-authentication; parameters passed to this function, as well as the return value, are protected using Time-Varying OTL, which varies from machine to machine and from time to time.  A virus that is injected into a remote client machine will have no easy way to figure out the encoding scheme used at the time…); 
wherein the tagged data element is associated with an obfuscation algorithm randomly selected [at runtime] during execution of the program (Chen, [0016] The OTL selection module randomly selects or generates one of the possible variable obfuscation functions for each declared secure variable. And [0049] For example, Secure_Int.sub.--1 may add a random offset to the run-time value of the variable ... For both of these instances, a separate random value parameter may also be selected for each variable to further obfuscate the data contained therein) from a pool of obfuscation (Chen, [0016] The OTL type library database (i.e. pool of obfuscation algorithms) receives queries from the OTL selection module a database to identify possible variable obfuscation functions) algorithms injected into the program at build-time (Chen, [0053] … separate insertions of the in-line code for this obfuscation function are needed. See also Fig. 7, and [0055] the substitution module uses an OTL selection module 722 and an OTL parameter module 723 that both utilize a type library database 721 (i.e. injected into the program at build-time)), where the obfuscation algorithms each comprise at least one function for encoding, decoding or re-encoding data stored in the tagged data element (Chen, [0016] The OTL selection module randomly selects or generates one of the possible variable obfuscation functions for each declared secure variable (i.e. tagged data element). The OTL substitution module substitutes the separate instance of the selected variable obfuscation function for every reference to the declared secure variable (i.e. encoding, re-encoding). The OTL type library database receives queries from the OTL selection module a database to identify possible variable obfuscation functions applicable for the variable type corresponding to the declared secure variables); 
and wherein: unencoded data is encoded by the obfuscation algorithm when the unencoded data is copied to the tagged data element (Chen, [0047] The main procedure module 303 provides the set of instructions that are performed when the programming module is run. Also [0048] The OTL processing of this program module 300 will create a separate instance of a function that will obfuscate the contents of these secure variables. And [0049] In this example, each of the two secure integers will cause a separate instance of a function to be created). Examiner notes: See Fig. 4 section 441 where variable Seccure_int_ 1 is assigned (i.e. copied) to Function; 
-15-ARRO1291encoded data is re-encoded by the obfuscation algorithm when the encoded data is copied from a differently tagged data element to the tagged data element (Chen, [0052] Rather than utilizing the secure functions of FIG. 4, another embodiment of the present invention will substitute the code for the secure function directly into the in-line code (i.e. replaced or copied from a differently tagged data element or re-encoded) of the main procedure section 303. For example, Secure_Int.sub.--1 522 is referenced within Instruction 1 531 and within Instruction m 561); 
or encoded data is decoded by the obfuscation algorithm when the encoded data is copied from the tagged data element to an untagged data element (Chen, [0047] The main procedure module 303 provides the set of instructions that are performed when the programming module is run. And [0051] these variables may utilize references to secure functions 441-443 to process the secure variables from a secure state to a plain text state (i.e. decode to untagged data element) for use in the main procedure section 303).
While Chen teaches secure data protection by randomly selection of obfuscation functions from opaque type library but does not explicitly teach that the selecting an obfuscation algorithm at runtime during execution of the program, however in the same field of endeavor Goodes teaches:
(Goodes, referring to Fig. 5, and [0047] multiple, diverse instances of software modules (Mod A1, Mod A2, Mod A3, Mod A4 .  . . ; Mod B1, Mod B2, Mod B3, Mod B4 .  . . ; and Mod C1, Mod C2, Mod C3, Mod C4 .  . . ) can again be separately provisioned in dynamic libraries, such as Dynamic Library A, Dynamic Library B and Dynamic Library C, and the run-time loader 500 again includes a run-time source of entropy 502 and a pseudo-random number generator (PRNG), which controls a diverse module selector 504 to make pseudo-random decisions). 
		Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Goodes in the method of providing secure variables within a programing module of Chen by selecting the software modules from different libraries randomly and at runtime. This would have been obvious because the person having ordinary skill in the art would have been motivated to insert other secure protection techniques into a software program at runtime to enhance security transformation against differential attacks and enable renewability efforts through orchestrated updates (Goodes, [Abstract], [0006]).

As per claim 15, Chen-Goodes combination discloses:
An apparatus (Chen, [Abstract] A system for providing secure and opaque type libraries to automatically provide secure variables within a programming module) comprising: a processor for editing source code of the program and tagging at least one data element (Chen, [0017] The method identifies secure variable declaration statements (i.e. at least one data element) within a source code module, queries a database for identification of possible variable obfuscation functions applicable for the variable type corresponding to the secure variable declaration statement. And Fig. 2, [0041] including a processor unit 202); with the rest of limitation substantially similar to claim 11 therefore rejected with the same reason set forth as rejection of claim 11 above.

Regarding claim 5, similarly claim 10, Chen-Goodes combination further teaches:
The method of claim 1, the apparatus of claim 6,
wherein the differently tagged data element is associated with a different obfuscation algorithm (Chen, [0033] Thus supporting a full set of operations needs care and switching between different types of homomorphisms in a hidden manner.  Therefore, some sophistication is required to generate obfuscated and individualized operators that are tailored to each protected variable. And [0049] in this example, each of the two secure integers will cause a separate instance of a function to be created.  These functions may be entirely different operations to obfuscate an integer).

Regarding claim 12, similarly claim 16, Chen-Goodes combination further teaches:
The method of claim 11, the apparatus of claim 15, 
wherein the data element is tagged in the source code of the program (Chen, [0017] The method identifies secure variable declaration statements (i.e. at least one data element) within a source code module, queries a database for identification of possible variable obfuscation functions applicable for the variable type corresponding to the secure variable declaration statement).  

Regarding claim 13, similarly claim 17, Chen-Goodes combination further teaches:
The method of claim 11, the apparatus of claim 15, 
wherein instructions for invoking the obfuscation algorithm associated with the tagged variable are generated when a compiler encounters the tagged data element in the source code (Chen, [0017] The method identifies secure variable declaration statements within a source code module, queries a database for identification of possible variable obfuscation functions applicable for the variable type corresponding to the secure variable declaration statement, randomly selects or generates one of the possible variable obfuscation functions returned in response to the database query, creates a separate instance of the selected variable obfuscation function corresponding to the secure variable declaration. And [0030] Each data type directs the compiler to generate an individualized implementation for each protected data object).  

Regarding claim 14, similarly claim 18, Chen-Goodes combination further teaches:
The method of claim 11, the apparatus of claim 15,
wherein the data element is tagged with an encoding identifier (Chen, [0048] In this particular example, a set of three secure variables are declared in addition to any other declared variables.  These secure variables include two secure integers, Secure_Int_1 422 and Secure_Int_2 423 (i.e. encoding identifier), and a secure Boolean variable, Secure_Boolean 424.  The OTL processing of this program module 300 will create a separate instance of a function that will obfuscate the contents of these secure variables).

Claims 3-4, 8-9 are rejected under 35 U.S.C. 103 as being unpatentable over Chen-Goodes combination as applied above, further in view of Chang et al (US20140237622A1, hereinafter, “Chang”).
Regarding claim 3, similarly claim 8, Chen-Goodes combination teaches:
The method of claim 1, the apparatus of claim 6,
While Chen-Goodes teaches randomly selecting obfuscation algorithms into the program at runtime but does not explicitly teach randomly selected locations, however in the same field of endeavor Chang teaches: 
wherein the obfuscation algorithms in the pool are injected into the program at randomly selected locations (Chang, [0155] The invocation code of each guard will be injected in a locations selected randomly in the specified ranges. And [0158] By default, the guard processing engine places the guard code in a randomly selected portion of the unused space within a host software program image). 
		Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Chang in the method of providing secure variables within a programing module of Chen-Goodes by injecting invocation code in randomly selected locations. This would have been obvious because the person having ordinary skill in the art would have been motivated to insert security mechanism 

Regarding claim 4, similarly claim 9, Chen-Goodes-Chang further teaches:
The method of claim 1, the apparatus of claim 6,
wherein the obfuscation algorithms in the pool are randomly selected from a library of obfuscation algorithms (Chen, [0016] The OTL type library database receives queries from the OTL selection module a database to identify possible variable obfuscation functions applicable for the variable type corresponding to the declared secure variables. And [0053] For each variable type, a particular instance of an obfuscation function is randomly selected or generated, as are any parameters utilized by the selected function).  

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MICHAEL M LEE whose telephone number is (571)272-1975.  The examiner can normally be reached on M-F: 8:30AM - 5:30PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/MICHAEL M LEE/Examiner, Art Unit 2436  

/SHEWAYE GELAGAY/Supervisory Patent Examiner, Art Unit 2436