DETAILED ACTION


The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. 

Status of the application

This Office Action is in response to Applicant's amendments filed on 01/26/2021. Claims 1-27 are pending for this examination.


Claim Interpretation

Claims use the term “ephemeral”. The term has not been defined in the specification. The word’s customary meaning is “short-lived” or “transitory”. Schneider in “Schneider on Security” (article attached) recites on page 1 paragraph 1, “Ephemeral messaging apps such as Snapchat, Wickr and Frankly, all of which advertise that your photo, message or update will only be accessible for a short period, are on the rise. Snapchat and Frankly, for example, claim they permanently delete messages, photos and videos after 10 seconds. After that, there’s no record.” Accordingly, for this examination the examiner considers any code which executes for a short period of time and ends at a predetermined time [e.g., 10 secs] is considered “an ephemeral application”. 

Claim 1 recites “a network-interfacing security application”. This term is not defined or described in the original disclosure. Examiner tries to interpret this term in light of the closest terms described in the specification. Specification recites in [0074] “…computational systems can be operatively linked to build and deploy short lived, ephemeral, white-box protected application instances (e.g. security applications, such as virtualized security modules, cryptographic engines, virtual private network applications, virtualized secure (TLS, SSL) server applications, or the like) to remote digital processing environments, where each instance is serially replaced with subsequent instances….”. This describes “security applications”, e.g., security modules, cryptographic engines, VPN application, server applications, etc. any software stack which provides security by reducing security vulnerability. Specification recites in [0086] “Figures 3 to 5 schematically illustrate the different steps executed to produce a final unique ephemeral instance in the context of a security application to be deployed to a network-interfacing runtime environment.” Please note that this does not describe a networking-interface security application. This mentions a security application to be deployed to a network-interfacing application. As such the examiner considers the term “network-interfacing security application” simply means a security application, e.g., virtualized security modules, VPN, secure server application or any software stack which provides security or reduce unauthorized access. 

Please note that claim 1 mentioned “to implement a network-interfacing security application” and claim 16 mentions “for deploying a network-interfacing security application.” These show an intended use. Here the intended use of a software application would not make any difference in the compilation, cryptography or obfuscation of the software application as described in the instant application. The compilation, cryptography or obfuscation of a software application will be equally applicable irrespective of the purpose the application. As such, the examiner considers the intended use in this case does not have any patentable weight. 

Objection to Drawings

The specification recites in [0078] “With reference to Figure 1, and in accordance with one embodiment, a secure machine executable code deployment system 10 and method will now be described.” However, Figure 1 shows the system to be labeled as 1. Apparently the label of the drawing should be 10. 

Acknowledgement

In light of submission of a terminal disclaimer, the double patenting rejection of the application has been withdrawn. However, after further examination of the claim limitations and interpretations of the claim terms in light of the specification, new ground of rejection has been used. Accordingly, this action has been made non-final. 

Claims 1-16, 19, 26 and 27 have been amended.



Response to Arguments

Applicant’s arguments/amendments have been fully considered and addressed. However, the application has been rejected on new grounds of rejection. 

In light of applicant’s objection to the invention summary, the examiner has removed the invention summary from the office action. The examiner has also removed the “Analogous Art” section from the office action.  

Applicant argues on page 8 in under the heading “Claim interpretation” that applicant does not acquiesce to the interpretation used by the examiner.

Examiner's Response: Although the applicant mentions that the applicant does not acquiesce to the interpretation but has not provided any alternative interpretation. The term has not been defined in the specification. 
Claim Rejections - 35 USC § 112

The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.


Claim 1-27 are rejected under 35 U.S.C. 112(a) as failing to comply with the written description requirement. The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor at the time the application was filed, had possession of the claimed invention. 

Claims 1 and 16 use the term “network-interfacing security application”. This term has not been used in the original disclosure and also not known in the art. The specification has described a “security application”, “executable security application”, “obfuscated security application”, “network security application”, and “encrypted security application”. Specification [0086] line 10 recites, “Figures 3 to 5 schematically illustrate the different steps executed to produce a final unique ephemeral instance in the context of a security application to be deployed to a network-interfacing runtime environment.” This teaches that a security application executes in a network-interfacing runtime environment. Here the runtime environment is network-interfacing but not the application. This does not teach the meaning of the term “network-interfacing security application”. Accordingly claims 1 and 16 are rejected for adding new matter. If the intent of the term is a security application executing in a network-interfacing runtime environment, then that should be clearly stated in the claim. 

Claims 2-15 and 16-27 are rejected for being dependent on a rejected base claim.

For this examination, the examiner interprets the term as explained in the “claim interpretation” section above. 

Claim Rejections - 35 USC § 103

The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


Claims 1, 2, 3, 7, and 10-15 are rejected under AIA  35 U.S.C. 103 as being unpatentable over Giuffrida et al. (hereinafter Giuffrida, Publication Title “Enhanced Operating System Security Through Efficient and Fine-grained Address Space Randomization”, USENIX Security Symposium, 2012) in view of Diep et al. (hereinafter Diep, Pub. No.: US 2016/0142413).

As per claim 1, (currently amended) Giuffrida teaches, 

A security application (Please note that a security application is being described as any software stack which provides security by reducing vulnerability) deployment method comprising: 

compiling source code in a secure internal digital processing environment to produce a plurality of unique ephemeral machine executable code instances representative thereof and executable to implement a network-interfacing security application; (Please note that “to implement a network-interfacing security application” is an intended use. Giuffrida recites on page 4, column 2, and paragraph 2 “In our design, all the OS processes (and the microkernel) are randomized using a link-time transformation implemented with the LLVM compiler framework. The transformation operates on prelinked LLVM bitcode to avoid any lengthy recompilation process at runtime. Our link-time strategy avoids the need for fine-grained load-time ASR [address space randomization], eliminating delays in the boot process and the run-time overhead introduced by the indirection mechanisms adopted.” This shows creating unique executable code. This code is randomized at runtime and runs for a short time. As such, it is an ephemeral code. Please see the “Claims and prior arts Interpretation” section above which shows that operating system code includes network interfacing code. As such, Giuffrida teaches ephemeral code includes networking interfacing code. Giuffrida recites on page 1, column 2, and bottom paragraph “In this paper, we explore the benefits of address space randomization (ASR) inside the operating system and present the first comprehensive design to defend against classic and emerging OS-level attacks.” This shows this is a software stack to defend against hostile attacks. As such, in light of the specification, this is a security application.) 
 
wherein causing execution comprises causing implementation of said network-interfacing security application therefrom, and further 15causing automatic termination of said execution after said predetermined runtime window; and (Please note that the term network-interfacing security application has not been defined. Examiner considers this to be any application which provides security to a system. Giuffrida recites on page 5, column 1, paragraph 2, “To avoid slowing down the first boot process, an option is to perform the rerandomization lazily, for example replacing one OS process at the time at regular time intervals. After the first round, we continuously perform live rerandomization of individual OS components in the background.” Giuffrida recites on page 4, column 2, paragraph 2, “Figure 1 shows the OS architecture implementing our ASR design. At the heart lies the microkernel, providing only IPC functionalities and low-level resource management. All the other core subsystems are confined into isolated OS processes, including drivers, memory management, process management, scheduling, storage and network stack.” This shows that application is running during a runtime window. It shows that the OS processes include network stack which provides networking security and can be considered as a networking security application.) 

Giuffrida teaches creation of secure ephemeral software application. Giuffrida does not explicitly mention, “externally deploying a given unique ephemeral machine executable code instance over a communication network to a distinct external digital runtime environment thereby causing execution thereof on said distinct external digital runtime environment for a predetermined runtime window,”. However, in analogous art of software application development and deployment, Diep teaches, 
10externally deploying a given unique ephemeral machine executable code instance over a communication network to a distinct external digital runtime environment thereby causing execution thereof on said distinct external digital runtime environment for a predetermined runtime window, (This limitation simply means compilation is performed in an external machine and then the executable is transferred to a target machine. Diep recites in [0004] “Accordingly, in the below description example embodiments disclose techniques for providing ephemeral applications that may have characteristics of packaged applications, in that code for ephemeral application is downloaded to a client computing device and installed for execution.” This shows that ephemeral code is compiled and built in a server and then externally deployed to a client device. Diep recites in [0004] starting at line 5, “Ephemeral applications require no review and granting of permissions by the user because the ephemeral application is launched instantly, without review and explicit granting of permissions by a user,…”. This shows that the ephemeral application starts execution instantly and runs until it ends execution or replaced by another instance of the application. This is the predefined runtime window.) 
Therefore, it would have been obvious to a person of the ordinary skill in the art before the effective filling date of the invention to modify the above teaching of Giuffrida of software application development by incorporating the teaching “externally deploying a given unique ephemeral machine executable code instance over a communication network to a distinct external digital runtime environment thereby causing execution thereof on said distinct external digital runtime environment for a predetermined runtime window,” of Diep. The modification would have been obvious because one of the ordinary skills of the art would have implemented the function of Diep to use network and distributed resource as it is the current trend. In this case the application may be compiled in one environment [e.g., a server] and distribute it to client systems [i.e., external systems].)

Giuffrida and Diep jointly teach, 
repeating said externally deploying for distinct given unique ephemeral machine executable code instances representative of said source code to a same said distinct external digital runtime environment thereby causing execution thereof on said distinct 20external digital runtime environment for their respective predetermined runtime windows. (Giuffrida recites on page 5, column 1, paragraph 2, “To avoid slowing down the first boot process, an option is to perform the rerandomization lazily, for example replacing one OS process at the time at regular time intervals. After the first round, we continuously perform live rerandomization of individual OS components in the background.” This shows repeating the process and reloading unique code at a regular time window [an ephemeral application]. Giuffrida does not explicitly mention that deployment is performed to an external system. However, Diep teaches that compilation is performed in one environment [e.g., server] and deployed to an external environment [e.g., client system] as shown above.)   
 

As per claim 2, (currently amended) Giuffrida teaches,
further comprising digitally authenticating said distinct external digital runtime environment and authorizing execution of said given unique machine executable code instance solely upon successful 25authentication of said distinct external digital runtime environment; (This means that executable code will be executed on the runtime environment after authentication of the runtime environment. Here digital processing environment is equivalent to an operating system or VM. Giuffrida teaches creating the OS using randomness. Giuffrida recites on page 7, column 1, paragraph 3, “To overcome these limitations, our approach is completely static, resulting in good performance and code which is statically verified by LLVM.” This shows authentication is once performed statically for the digital processing environment. Giuffrida recites on page 14, column 1, paragraph 2, “SecVisor [65] is a hypervisor-based solution which uses memory virtualization to enforce W0X protection and prevent code injection attacks. Similarly, NICKLE [60] is a VMM-based solution which stores authenticated kernel code in guest-isolated shadow memory regions and transparently redirects execution to these regions at runtime.” This shows authenticated kernel code, which means authenticated execution environment. Due to random creation of application instances the machine code will be unique.)

wherein said digitally authenticating comprises accessing and authenticating external hardware or external network characteristics associated with said distinct external digital runtime environment. (As shown above Giuffrida shows authenticating kernel code is used by the network layer. As such by authenticating kernel code, network characteristics are also authenticated. An OS runs on hardware component. Authenticating an OS includes authenticating the underlying hardware.) 

As per claim 3, (currently amended) Diep teaches,
the method further 30comprising, after said deploying, establishing a designated activation time window and authorizing execution of said given unique machine executable code instance in said 29 11O1P-HS3-USP2distinct external digital runtime environment solely upon receiving an activation request therefrom within said designated activation time window. (Diep recites in [0004] “Accordingly, in the below description example embodiments disclose techniques for providing ephemeral applications that may have characteristics of packaged applications, in that code for ephemeral application is downloaded to a client computing device and installed for execution. Ephemeral applications require no review and granting of permissions by the user because the ephemeral application is launched instantly, without review and explicit granting of permissions by a user,..”. This shows that activation is instantly after installation. Here the activation window starts at installation and ends with the end of a preset time. Since this is an ephemeral application [or short-lived] it will end within a certain period of time. Please see the claim interpretation section above.)

As per claim  207, (currently amended) Giuffrida teaches,
wherein said repeating comprises serially deploying said given distinct unique ephemeral machine executable code instances, wherein a secure network-interfacing process established by said security application is serially transferred from one of said instances to a subsequent one of said instances in providing an operatively seamless implementation of said 25process. (Giuffrida recites on page 5, column 1, paragraph 2, “To avoid slowing down the first boot process, an option is to perform the rerandomization lazily, for example replacing one OS process at the time at regular time intervals. After the first round, we continuously perform live rerandomization of individual OS components in the background.” This shows that OS processes are deployed one after another, in other words they are serial. Giuffrida recites on page 5, column 1, bottom paragraph “Our live rerandomization strategy for an OS process, in turn, is based on run-time state migration, with the entire execution state transparently transferred to the new randomized process variant.” This shows that processes are transferred from one to the next serially and seamlessly.) 
As per claim  1010, (currently amended) Diep teaches, 
 the method further comprising, after said deploying, securely activating said given unique machine executable code instance for execution on said distinct external digital runtime environment, (Diep recites in [0004]  “Accordingly, in the below description example embodiments disclose techniques for providing ephemeral applications that may have characteristics of packaged applications, in that code for ephemeral application is downloaded to a client computing device and installed for execution. Ephemeral applications require no review and granting of permissions by the user because the ephemeral application is launched instantly, without review and explicit granting of permissions by a user,..”. This shows installation and activation of ephemeral code on client devices.) 
and providing the given machine executable code instance operative access to at least one required runtime operational parameters solely upon successful activation. (Diep continues in [0004] “….but ephemeral application can utilize local resources of the client computing device that are accessible only when a permission is granted.” This shows after activation and after getting user permission, parameters can be accessed.) 
  
As per claim  2012 (currently amended) Diep teaches,

further comprising, after said deploying, securely activating said given unique machine executable code instance for execution on said distinct external digital runtime environment, 
(Diep recites in [0004] “Accordingly, in the below description example embodiments disclose techniques for providing ephemeral applications that may have characteristics of packaged applications, in that code for ephemeral application is downloaded to a client computing device and installed for execution. Ephemeral applications require no review and granting of permissions by the user because the ephemeral application is launched instantly, without review and explicit granting of permissions by a user, but ephemeral application can utilize local resources of the client computing device that are accessible only when a permission is granted.” )
wherein said securely activating is securely implemented using a cryptographic key embedded within said given unique machine executable code instance. (Diep recites in [0053] starting at line 4, “Synced data may be encrypted when it travels between computing devices to keep information secure. Further, passwords may be encrypted on computing devices using a cryptographic key.” Activating applications will require syncing between the server and client. This shows that all data transferred between the server and the client to sync-up includes cryptographic key.) 

As per claim 13 (currently amended) Diep teaches,
wherein said network-interfacing security application comprises a short-lived cryptographic application to execute a cryptographic process. (Giuffrida recites on page 5, column 1, paragraph 2, “When the OS boots up for the first time, a full rerandomization round is performed to relinquish any unrandomized code and data present in the original binary. To avoid slowing down the first boot process, an option is to perform the rerandomization lazily, for example replacing one OS process at the time at regular time intervals.” This shows applications are short-lived. Giuffrida recites on page 7, column 1, paragraph 3, “In addition, this strategy makes it realistic to use cryptographically random number generators (e.g., /dev/random) instead of pseudo-random generators to generate the padding.” This shows use of cryptographic process.) 

 As per claim  3014, (currently amended) Giuffrida teaches,
wherein said compiling is implemented to produce a stockpile of said given unique ephemeral machine 31 11O1P-HS3-USP2executable code instances, and wherein said deploying comprises deploying each given unique ephemeral machine executable code instance on demand from said stockpile. (Giuffrida recites on page 5, column 1, middle of paragraph 2, “The bitcode files are stored in a protected disk partition inaccessible to regular user programs, where a background process periodically creates new randomized variants of the OS components using our link-time ASR transformation (and any valid LLVM backend to generate the final binary). The generated variants are consumed by the randomization manager (RM), a special component that periodically rerandomizes every OS process (including itself).” This teaches bitcodes are stockpiled in a disk partition and deployed on demand.)

As per claim 15 (currently amended) Giuffrida teaches,
wherein said 5compiling is serially implemented on demand to produce said distinct given unique ephemeral machine executable code instances. (Giuffrida recites on page 5, column 1, middle of paragraph 2, “The bitcode files are stored in a protected disk partition inaccessible to regular user programs, where a background process periodically creates new randomized variants of the OS components using our link-time ASR transformation (and any valid LLVM backend to generate the final binary). The generated variants are consumed by the randomization manager (RM), a special component that periodically rerandomizes every OS process (including itself).” This teaches bitcodes are created one after another serially.)

Claim 4 is rejected under AIA  35 U.S.C. 103 as being unpatentable over Giuffrida and Diep as applied in claim 3 in view of Suarez et al. (hereinafter Suarez, WO 2017/106726 A1). 

As per claim 4, (currently amended) Giuffrida and Diep teach creation of secure ephemeral software application. They not explicitly mention, “wherein said 5activation request is securely channelled using a cryptographic key embedded within said given unique machine executable code instance.” However, in analogous art of software application development and deployment, Suarez teaches, 

wherein said 5activation request is securely channelled using a cryptographic key embedded within said given unique machine executable code instance. (Suarez recites in [0090] starting at line 3, “A container registry proxy 962 intercepts the requests and the security token 974, decrypts the security token 974 as needed using a cryptographic key it maintains as a secret, and verifies that the security token 974 is valid. Verification/authentication of the security token 974 includes verifying that the credentials or proof of credentials 978 extracted from the security token 974 match valid credentials of the software developer 966,…”. This shows any request from the developer to activate is checked for cryptographic key.)
Therefore, it would have been obvious to a person of the ordinary skill in the art before the effective filling date of the invention to modify the above teaching of Giuffrida and Diep of software application development by incorporating the teaching “wherein said 5activation request is securely channelled using a cryptographic key embedded within said given unique machine executable code instance” of Suarez. The modification would have been obvious because one of the ordinary skills of the art would have implemented the function of Suarez to use cryptographic keys embedded in the software to further protect the software from tampering. 

Claim 5 is rejected under AIA  35 U.S.C. 103 as being unpatentable over Giuffrida and Diep as applied in claim 3 in view of Mitchell et al. (hereinafter Mitchell, Pub. No.: US 2016/0132317). 

As per claim 5, (currently amended) Giuffrida and Diep teach creation of secure ephemeral software application. They not explicitly mention, “wherein said compiling comprises embedding cryptographic data within said given unique machine 10executable code instance in a white box encryption process.” However, in analogous art of software application development and deployment, Mitchell teaches, 
wherein said compiling comprises embedding cryptographic data within said given unique machine 10executable code instance in a white box encryption process. (Mitchell recites in [0024] starting at line 4, “For example, diversity may be introduced during coding of an application, at various stages of compilation of the application, and/or during a provisioning and/or personalization process.” Mitchell continues in [0025] starting at line 3, “As an example, the application instance generation engine 112 may embed different cryptographic keys across various application instances configured to encrypt information stored on an executing device or that excerpts other keys imported into the application…….Data values introduced as part of data diversification methods consistent with the disclosed embodiments may further include, without limitation, keys, nonces, salt, white-box cryptography ("WBC") data structures, homomorphic encryption including fully homomorphic encryption ("FHE") data structures, and/or other randomly generated cryptographic information.”)
Therefore, it would have been obvious to a person of the ordinary skill in the art before the effective filling date of the invention to modify the above teaching of Giuffrida and Diep of software application development by incorporating the teaching “wherein said compiling comprises embedding cryptographic data within said given unique machine 10executable code instance in a white box encryption process” of Mitchell. The modification would have been obvious because one of the ordinary skills of the art would have implemented the function of Mitchell to use cryptographic data in the software to further protect the software from data tampering. 
  


 
Claims 16, 17, 19, and 27 are rejected under AIA  35 U.S.C. 103 as being unpatentable over Giuffrida et al. (hereinafter Giuffrida, Publication Title “Enhanced Operating System Security Through Efficient and Fine-grained Address Space Randomization”, USENIX Security Symposium, 2012) in view of Diep et al. (hereinafter Diep, Pub. No.: US 2016/0142413).

As per claim 16 (currently amended) Giuffrida teaches,
A system for deploying a network-interfacing security application (Giuffrida recites on page 4, column 2, and paragraph 2 “In our design, all the OS processes (and the microkernel) are randomized using a link-time transformation implemented with the LLVM compiler framework. The transformation operates on prelinked LLVM bitcode to avoid any lengthy recompilation process at runtime. Our link-time strategy avoids the need for fine-grained load-time ASR, eliminating delays in the boot process and the run-time overhead introduced by the indirection mechanisms adopted.” This shows creating unique executable code. This code is randomized at runtime and runs for a short time. As such, it is an ephemeral code.)
to implement a secure network-interfacing process 10therefrom, (intended use. Giuffrida recites on page 4, column 2, bottom paragraph, “All the other core subsystems are confined into isolated OS processes, including drivers, memory management, process management, scheduling, storage and network stack.” Here network stack implements a secure networking-interface.) 
a secure internal digital processing environment comprising: 
a digital hardware processor;  15a computer-readable memory having a source code securely stored thereon; (Giuffrida recites in section 7.1, starting on line 7, “We performed repeated experiments on a workstation equipped with a 12-core 1.9Ghz AMD Opteron “Magny-Cours” processor and 4GB of RAM, and averaged the results. All the OS code and our benchmarks were compiled using Clang/LLVM 2.8 with -O2 optimization level.”) 

a compiler operable by said digital hardware processor in said secure internal digital processing environment to compile (Giuffrida recites in section 7.1, starting on line 7, “We performed repeated experiments on a workstation equipped with a 12-core 1.9Ghz AMD Opteron “Magny-Cours” processor and 4GB of RAM, and averaged the results. All the OS code and our benchmarks were compiled using Clang/LLVM 2.8 with -O2 optimization level.”)

a plurality of given unique ephemeral machine executable code instances, each uniquely representative of 20said source code and executable as the network-interfacing security application to implement the secure network-interfacing process; and (Giuffrida recites on page 4, column 2, and paragraph 2 “In our design, all the OS processes (and the microkernel) are randomized using a link-time transformation implemented with the LLVM compiler framework. The transformation operates on prelinked LLVM bitcode to avoid any lengthy recompilation process at runtime. Our link-time strategy avoids the need for fine-grained load-time ASR, eliminating delays in the boot process and the run-time overhead introduced by the indirection mechanisms adopted.” This shows creating unique executable code. This code is randomized at runtime and runs for a short time. As such, it is an ephemeral code. Giuffrida recites on page 4, column 2, paragraph 2, “Figure 1 shows the OS architecture implementing our ASR design. At the heart lies the microkernel, providing only IPC functionalities and low-level resource management. All the other core subsystems are confined into isolated OS processes, including drivers, memory management, process management, scheduling, storage and network stack.” It shows that the OS processes include network stack which provides networking security and can be considered as a networking security application.) 
[execution thereof….] for a predetermined runtime window, (Giuffrida recites on page 5, column 1, paragraph 2, starting at line 3, “To avoid slowing down the first boot process, an option is to perform the rerandomization lazily, for example replacing one OS process at the time at regular time intervals.”)
wherein causing execution comprises causing implementation of the secure network-interfacing process therefrom, (Giuffrida page 10, column 2, under section 7, starting at line 8, “The resulting operating system comprises a total of 20 OS processes (7 drivers and 13 servers), including process management, memory management, storage and network stack.” The network stack in the OS implements a secure networking interface process. Execution of the OS causes execution of 20 OS processes including network process.)
and further causing automatic termination of said execution after said predetermined runtime window. (Giuffrida recites on page 5, column 1, paragraph 2, starting at line 3, “To avoid slowing down the first boot process, an option is to perform the rerandomization lazily, for example replacing one OS process at the time at regular time intervals.” Replacing one process means termination the process at the end of the runtime window.)


Giuffrida teaches creation of secure ephemeral software application. Giuffrida does not explicitly mention, “[deploying….] to a distinct external digital runtime environment; the system comprising: a secure network interface to establish a secure network connection to the distinct external digital runtime environment; and a deployment engine operable to deploy each of said given unique ephemeral machine executable code instances over a communication network via said secure network interface to the distinct external digital runtime environment 25thereby causing execution thereof on said distinct external digital runtime environment;”. However, in analogous art of software application development and deployment, Diep teaches, 
[deploying….] to a distinct external digital runtime environment  (Diep recites in [0004] “Accordingly, in the below description example embodiments disclose techniques for providing ephemeral applications that may have characteristics of packaged applications, in that code for ephemeral application is downloaded to a client computing device and installed for execution.” This shows that ephemeral code is compiled and built in a server and then externally deployed to a client device.) 
the system comprising: 
a secure network interface to establish a secure network connection to the distinct external digital runtime environment; and (Diep recites in [0004] “Accordingly, in the below description example embodiments disclose techniques for providing ephemeral applications that may have characteristics of packaged applications, in that code for ephemeral application is downloaded to a client computing device and installed for execution.” This shows that ephemeral code is compiled and built in a server and then externally deployed to a client device. Diep paragraph [0047] starting at lines 8-16 shows that the network connection is secured.)


 a deployment engine operable to deploy each of said given unique ephemeral machine executable code instances over a communication network via said secure network interface to the distinct external digital runtime environment 25thereby causing execution thereof on said distinct external digital runtime environment; (Diep recites in [0004] “Accordingly, in the below description example embodiments disclose techniques for providing ephemeral applications that may have characteristics of packaged applications, in that code for ephemeral application is downloaded to a client computing device and installed for execution.” This shows that ephemeral code is compiled and built in a server and then externally deployed to a client device. Diep paragraph [0047] starting at lines 8-16 shows that the network connection is secured. )

Therefore, it would have been obvious to a person of the ordinary skill in the art before the effective filling date of the invention to modify the above teaching of Giuffrida of software application development by incorporating the teaching ““[deploying….] to a distinct external digital runtime environment; the system comprising: a secure network interface to establish a secure network connection to the distinct external digital runtime environment; and a deployment engine operable to deploy each of said given unique ephemeral machine executable code instances over a communication network via said secure network interface to the distinct external digital runtime environment 25thereby causing execution thereof on said distinct external digital runtime environment;” of Diep. The modification would have been obvious because one of the ordinary skills of the art would have implemented the function of Diep to use network and distributed resource as it is the current trend. In this case the application may be compiled in one environment [e.g., a server] and distribute it to client systems [i.e., external systems] and there is a need of secure communication between the server and the client.

As per claim 17, (original) Diep teaches, 
wherein the system establishes a secure deployment session via said secure network interface with the distinct external digital runtime environment to activate each of said given unique machine executable code instances. (Diep recites in [0004] “Accordingly, in the below description example embodiments disclose techniques for providing ephemeral applications that may have characteristics of packaged applications, in that code for ephemeral application is downloaded to a client computing device and installed for execution. Ephemeral applications require no review and granting of permissions by the user because the ephemeral application is launched instantly, without review and explicit granting of permissions by a user..” This shows external runtime environment and activation of each code instance.)   

As per claim  1019, (currently amended) Diep teaches, 
wherein said secure deployment session is defined by a designated activation time window in which to complete a machine executable code instance activation process between the system and the distinct external digital runtime environment if execution of each of said given unique machine executable code instances is to be authorized. (Diep recites in [0004] “Accordingly, in the below description example embodiments disclose techniques for providing ephemeral applications that may have characteristics of packaged applications, in that code for ephemeral application is downloaded to a client computing device and installed for execution. Ephemeral applications require no review and granting of permissions by the user because the ephemeral application is launched instantly, without review and explicit granting of permissions by a user,..”. This shows that activation is instantly after installation. Here the activation window starts at installation and ends with the end of a preset time. Since this is an ephemeral application [or short-lived] it will end within a certain period of time. Please see the claim interpretation section above. Please note that in this case authorization is already provided at the end of installation.)

As per claim 27, (currently amended) The system of claim 16, further comprising a secure stockpile of said given unique ephemeral machine executable code instances, and wherein said deployment engine is operable to deploy each said given unique ephemeral machine executable code instance therefrom on demand. (Giuffrida recites on page 5, column 1, middle of paragraph 2, “The bitcode files are stored in a protected disk partition inaccessible to regular user programs, where a background process periodically creates new randomized variants of the OS components using our link-time ASR transformation (and any valid LLVM backend to generate the final binary). The generated variants are consumed by the randomization manager (RM), a special component that periodically rerandomizes every OS process (including itself).” This teaches bitcodes are stockpiled in a disk partition and deployed on demand. The created variants are created by periodically rerandomizing. As such the variants will be unique.)

Claim 20 is rejected under AIA  35 U.S.C. 103 as being unpatentable over Giuffrida and Diep as applied to claim 16 in view of Graunke (hereinafter Graunke, Pub. No.: US 2005/0050355).

As per claim 20, (original) Giuffrida and Diep teach creation of secure ephemeral software application. They do not explicitly mention, “wherein each of said given unique machine executable code instances is uniquely obfuscated.” However, in analogous art of software application development and deployment, Graunke teaches, 

wherein each of said given unique machine executable code instances is uniquely obfuscated. (Graunke recites [0024] “Next, the compiler-generated code and other original source code may be mixed at block 128, enhancing code obfuscation between the original source code 35 and the encrypting compiler-generated code.” This shows obfuscation. Graunke recites in [0020] “Based on the existing program operations or operators 40 and/or transformer-generated operations or operators 50 and 55, code transformer 70 may form a particular custom cipher for a single use in encryption/decryption. When used for encryption, the custom cipher based on either the transformer-generated operators 50 and 55 and/or the existing program operator 40, may result in compiler-modified code 60 that offers tamper resistance upon compilation by a compiler (not shown).” Single use of a custom cipher in encryption makes the code unique.)
Therefore, it would have been obvious to a person of the ordinary skill in the art before the effective filling date of the invention to modify the above teaching of Giuffrida and Diep of software application development by incorporating the teaching “wherein each of said given unique machine executable code instances is uniquely obfuscated” of Graunke. The modification would have been obvious because one of the ordinary skills of the art would have implemented the function of Graunke to obfuscate the secure ephemeral software application for additional security against tempering by bad actors. 

Conclusion

Examiner has cited particular columns, line numbers, references, or figures in the references applied to the claims above for the convenience of the applicant. Although the specified citations are representative of the teachings of the art and are applied to specific limitations within the individual claim, other passages and figures may apply as well. It is respectfully requested from the applicant in preparing responses to fully consider the reference in entirety, as potentially teaching all or part of the claimed invention. See MPEP §§ 2141.02 and 2123.

Contact Information


Any inquiry concerning this communication or earlier communications from the examiner should be directed to HOSSAIN MORSHED whose telephone number is (571)272-3335.  The examiner can normally be reached on Monday - Friday 8AM - 5PM. The fax number and the email address for the examiner is (571)273-3335 and hossain.morshed@uspto.gov. Please note that an applicant can send email messages to the examiner but the examiner cannot send email messages to the applicant without written authorization from the applicant. An applicant can authorize the examiner for email communication by mentioning the following in an email, “According to MPEP 502.03, recognizing that Internet communications are not secure, I hereby authorize the examiner to communicate with me concerning any subject matter of this application by electronic mail. I understand that a copy of these communications will be made of record in the application file.”

Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.  

If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Wei Zhen can be reached on (571)272-3708.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/HOSSAIN M MORSHED/Primary Examiner, Art Unit 2191                                                                                                                                                                                                        April 3, 2021