Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Status of claims
This office action is in response to claims filed on 02/21/2019
Claims 1-20 are pending and rejected; claims 1, 8 and 15 are independent claims.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 02/21/2019 is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over Kong et al. US Pub. No.: 2017/0032143 A1 (hereinafter Kong) in view of Sirianni et al. US Pub. No.: 2020/0233938 A1 (hereinafter Sirianni).

Kong teaches:
As to claim 1, a computer-implemented method comprising: 
identifying, by a processor, that an application is being downloaded to a computing device (see Kong ¶193, identify the instances of the application 204 downloaded); 
generating an authorization that regulates data that can be used by the application (see Kong ¶60, application set 224 can represent the applications owned, used, authorized, or a combination thereof for the user 110);
prompting a user to select a first set of addendums for the authorization, wherein the first set of addendums indicate specific data that can be used by the application (see Kong ¶344, enable the user 110 to select access permission for the application 204 separate from access permission for the application library 208 for each available access category) ; 
Kong does not explicitly teach but the related art Sirianni teaches
receiving a request from the application to access a first specific datum (see Sirianni ¶8, receiving a request to access a resource in the computer network); and 
determining whether the application is authorized to access the first specific datum (see Sirianni ¶8, executing a privilege operation to determine the request is one of permanently allowed and not-permanently allowed). 
Therefore, it would have been obvious to one with ordinary skill in the art before the effective filing date of the invention, to modify the computing system with privacy control mechanism and method of operation thereof disclosed by Kong to include permission request system and method, as thought by Sirianni, in order to determine whether the application is authorized to access the requested data/resource. It would have been obvious to one of ordinary skill in the art to include permission request execution to prevent unauthorized access to the requested data and enhance security.

As to claim 2, the combination of Kong and Sirianni teaches the method of claim 1, wherein determining whether the application is authorized to access the first specific datum comprises: analyzing the authorization with the first set of addendums (see Kong ¶229, the computing system 100 can include a mechanism for identifying and analyzing permissions sought by the application 204 from the user 110); 
identifying the indicated specific data that can be used by the application, wherein the indicated specific data includes the first specific datum (see Kong ¶271, a specific instance of the application 204, "dropbox" can be analyzed to access the permissions such as, `access_network_state`, `get_account`, `vibrate`, `access_wifi_state`, `camera`, `internet`, `read_contact`, other permissions, or a combination thereof); and 
allowing the application access to the first specific datum (see Kong ¶307, particular controls or permission settings for the application 204, for the periphery access set 210, or a combination thereof accessing the location information of the user 110, the user profile 306, the internet, or a combination thereof). 

As to claim 3, the combination of Kong and Sirianni teaches the method of claim 2, further comprising: 
recording an indication of the application access to the first specific datum on a shared archive, wherein the shared archive includes two or more networked devices, and wherein the shared archive includes a replication of the indication on each of the two or more networked devices (see Kong ¶307, a particular control on permission for critical resources for the user 110, such as location, contact, internet, or a combination thereof). 

As to claim 4, the combination of Kong and Sirianni teaches the method of claim 1, wherein determining whether the application is authorized to access the first specific datum comprises: analyzing the authorization with the first set of addendums (see Kong ¶307, particular controls or permission settings for the application 204, for the periphery access set 210, or a combination thereof accessing the location information of the user 110, the user profile 306, the internet, or a combination thereof); 
identifying the indicated specific data that can be used by the application, wherein the indicated specific data excludes the first specific datum (see Kong ¶328, the application 204 specific to the user 110 provides increased protection for user's information and prevent unintended leakage of information); and 
prohibiting the application from accessing the first specific datum (see Sirianni ¶6, determining a status of previous resource access requests corresponding to the received resource access request).
Same rational applied as above to combine the cited prior art references. 

As to claim 5, the combination of Kong and Sirianni teaches the method of claim 4, further comprising: receiving a second request from the application to access the first specific datum (see Sirianni ¶6, previous resource access requests from the application; receiving a resource access request from the application); identifying that that the application was previously prohibited from accessing the first specific datum; and deactivating the application (see Sirianni ¶6, determining a status of previous resource access requests corresponding to the received resource access request). 

As to claim 6, the combination of Kong and Sirianni teaches the method of claim 1, further comprising: identifying that a second application is being downloaded to the computing device (see Kong ¶193, identify the instances of the application 204 downloaded); 
generating a second authorization that regulates data that can be used by the second application (see Kong ¶60, application set 224 can represent the applications owned, used, authorized, or a combination thereof for the user 110); 
prompting the user to select a second set of addendums for the second authorization, wherein the second set of addendums indicate specific data that can be used by the second application (see Kong ¶344, enable the user 110 to select access permission for the application 204 separate from access permission for the application library 208 for each available access category); 
receiving a second request from the second application to access a second specific datum (see Sirianni ¶8, receiving a request to access a resource in the computer network); and 
determining whether the second application is authorized to access the second specific datum (see Sirianni ¶8, executing a privilege operation to determine the request is one of permanently allowed and not-permanently allowed). 
Same rational applied as above to combine the cited prior art references. 

As to claim 7, the combination of Kong and Sirianni teaches the method of claim 6, wherein generating the second authorization comprises: identifying that the application and the second application are type-related; and populating the second authorization with the first set of addendums (see Sirianni ¶33, If a requested system call matches a previously allowed system call, the permission system allows or denies the system call based on the user's past answer). 
As to independent claim 8, this claim directed to a system executing the method of claim 1; therefore it is rejected along similar rationale.
As to independent claim 15, this claim directed to a computer program product comprising a computer readable storage medium having program instructions embodied therewith executing the method of claim 1; therefore it is rejected along similar rationale.
As to dependent claims 9-14 and 16-20, these claims contain substantially similar subject matter as claims 2-7; therefore they are rejected along the same rationale.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to NEGA WOLDEMARIAM whose telephone number is (571)270-7478.  The examiner can normally be reached on Monday to Friday, 8am-5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey Pwu can be reached on 5712726798.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/NEGA WOLDEMARIAM/Examiner, Art Unit 2433                

/JEFFREY C PWU/Supervisory Patent Examiner, Art Unit 2433