DETAILED ACTION
This is a final Office action in response to amendments received on 1/07/2021.  Claims 1, 11, and 18 were amended.  Claims 8-10, 16-17 and 20 were previously cancelled.  No new claims were added or cancelled.  Claims 1-7, 11-15 and 18-19 are pending and are examined.  The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 

Response to Arguments
Applicant’s amendments, filed 1/07/2021, to claims 1, 11 and 18 are sufficient to overcome the objection to the aforementioned claims by explaining the relationship between the communication association and the plurality of communication associations in the associations table.  Accordingly, the objection to claims 1, 11 and 18 is withdrawn.
Applicant’s arguments regarding the rejection of the claims under 103 have been considered but found unpersuasive.
Applicant argues on pages 9-10 of the Remarks that Das does not teach communication associations between specific applications, however the Examiner respectfully disagrees.  In response to applicant's arguments against the references individually, one cannot show nonobviousness by attacking references individually where the rejections are based on combinations of references.  See In re Keller, 642 F.2d 413, 208 USPQ 871 (CCPA 1981); In re Merck & Co., 800 F.2d 1091, 231 USPQ 375 (Fed. Cir. 1986).  Applicant’s arguments are directed only against Das, but 
Applicant further argues on page 10 of the Remarks that each entry in the whitelist of Das contains only one identifier identifying each individual action which is allowed to perform the relevant action, therefore Das does not teach that each association of the plurality of associations comprises both a first identifier for a first application and a second identifier for a second application, however the Examiner respectfully disagrees.  Applicant appears to be arguing that a “communication association” is equivalent to a database record/entry and that the application identifiers would be fields of those records, however the claims do not specify records or fields of records.  All the independent claims really disclose that an associations table holds communication associations, where each communication association identifies a first and second application.  This is somewhat obvious as the Examiner finds it hard to understand how a first and second application would be identified as being in a communication association without some sort of means of identifying the first and second application.  Furthermore, the claims do not disclose what a communication association indicates and do not currently require two applications that are part of an association (i.e. that are associated with one another) to be identified together in one database record or field.  Das teaches “maintaining, in an associations table, a plurality of associations, wherein each association of the plurality of associations comprises comprising both a first identifier for a first application and a second identifier for a 
Applicant further argues that Ylonen does not teach communication association between the first application and the second application because Ylonen teaches installing a trust relationship between managed hosts and defines hosts are general-purpose computers, however the Examiner respectfully disagrees.  Just because Ylonen teaches establishing trust relationships between computers does not mean it ONLY teaches establishing trust relationships between computers themselves.  Instead, Ylonen teaches establishing a trusted relationship between the source and destination applications of source and destination computers (paras. [0766]-[0767]).  Ylonen explicitly states “key approvals (or trust relationship approvals) are associated with applications” (para. [0770]).  For example, paragraphs [0174] and [0229] of Ylonen teaches establishing a key approval or trusted relationship between a first account application on a first host and a second account application on a second host, which information can be imported and stored in a database/repository (para. [0411], [0607]).  Consequently, Ylonen teaches the limitations for which it is cited.  Therefore Ylonen teaches establishing trusted relationships between applications on a different hosts and 
The remaining arguments fail to comply with 37 C.F.R. 1.111(b) because they amount to a general allegation that the claims define a patentable invention without specifically pointing out how the language of the claims patentably distinguishes them from the references.
Consequently, the rejection of the claims under 35 U.S.C. 103 is sustained.
In addition, Applicant’s remaining arguments filed 1/07/2021, with respect to the rejection of claims 1-7, 11-15 and 18-19 under 35 USC § 103(a) have been fully considered but are moot because newly added claim limitations requiring “maintaining, in an communication associations table, a plurality of associations, wherein each communication association of the plurality of communication associations comprises comprising both a first identifier for a first application and a second identifier for a second application" require new grounds of rejection necessitated by amendments.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


	The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1.	Determining the scope and contents of the prior art.
2.	Ascertaining the differences between the prior art and the claims at issue.
3.	Resolving the level of ordinary skill in the pertinent art.
4.	Considering objective evidence present in the application indicating obviousness or nonobviousness.


This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
Claims 1-2, 11 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Das (US 2013/0097660) in view of Ylonen (US 2019/0075134) and Momchilov (US 2016/0191499).
Regarding claim 1, Das discloses the limitations substantially as follows:
A method of providing an execution environment in a mobile computing device, 5 comprising: 
loading a plurality of trusted applications into a memory of an execution environment, the execution environment having memory, a processor, a file system and a network interface (paras. [0012], [0014], [0016], [0020], [0027], [0041], [0048], [0053]: installing/loading whitelisted/trusted applications into memory of a mobile network environment (i.e. execution environment of mobile device) comprising memory, a processor, files and network communication interfaces);
executing each of the plurality of trusted applications by the processors (paras. [0018], [0027], [0035]: executing the multiple trusted/whitelisted applications by processors of the mobile device);
maintaining, in an associations table, a plurality of associations, wherein [[a]] each association of the plurality of associations comprises (paras. [0013]-[0014], [0036], [0040], [0051]: maintaining in a cache or storage a whitelist of applications (i.e. an associations table), comprising a plurality of applications that are associated with one another by being whitelisted/trusted, wherein a pair of applications (i.e. first and second applications) that are associated with one another by being whitelisted (i.e. each association) is identified in the whitelist by a stored checksum (i.e. first identifier and second identifier) or hashed application identification number));
the recipient application being selected from the plurality of trusted applications (para. [0040]: selecting particular applications (i.e. recipient applications) from the whitelist of trusted applications).
Das fails to explicitly disclose the remaining limitations of claim 1:
maintaining, in a keystore application, an application key for each of the plurality of trusted applications;
maintaining, in an associations table, a plurality of communication associations, wherein [[a]] each communication association of the plurality of communications associations comprises  a first application and a second application 
detecting an attempt to communicate with a recipient application by an originating application, the recipient application and the originating application being selected from the plurality of trusted applications;
determining that the associations table comprises an association between the recipient application and the originating application;
providing, by the keystore application, a file key to the recipient application, wherein the file key is derived from an application key for the originating application;
wherein the file key allows the recipient application to decrypt communications from the originating application.
However, in the same field of endeavor Ylonen discloses the remaining limitations of claim 1 as follows:
maintaining, in a keystore application, an application key for each of the plurality of trusted applications (paras. [0119], [0203], [0523], [0766], [0770], [0773], [0975]: maintaining, in a database or store (i.e. keystore application), a key for each application associated with a trust relationship (i.e. trusted applications))
maintaining, in an associations table, a plurality of communication associations, wherein [[a]] each communication association of the plurality of communications associations comprises both a first identifier for a first application and a second identifier for a second application  (paras. [0174]-[0175], [0229], [0245]-[0246], [0248], [0408]-[0411], [0607], [0608], [0770], [0765]-[0773]: maintaining, in the database, a plurality of trust relationships (i.e. communication associations), each of the trust relationship for the applications in the trust relationships indicating that there is a trusted relationship authorizing communication between applications of a first source account on a first host (i.e. first/originating application) and applications of a second destination account on a second host (i.e. second/recipient application), where an application of the source account of the source computer and an application of the second account of the destination computer (i.e. first and second applications in the trust relationships) are identified by applications identifiers, identity keys and authorized keys);
detecting an attempt to communicate with a recipient application by an originating application, the recipient application and the originating application being selected from the plurality of trusted applications (paras. [0337], [0409], [0174]-[0175], [0229], [0245]-[0246], [0248], [0329], [0608], [0770], [0772]-[0773], [0852]: detecting/receiving a request/connection for authorized connections/communications between applications of a first source account on a first host (i.e. originating application) and applications of a second destination account on a second host (i.e. recipient application), the applications of the first and second source and destination accounts being part of a trust relationship (i.e. trusted applications));
determining that the associations table comprises an association between the recipient application and the originating application (paras. [0608], [0729], [0770], [0772]-[0773]: determining that the database comprises a trust relationship record comprising a trust relationship (i.e. association) between the applications of the source and destination hosts);
providing, by the keystore application, a file key to the recipient application, (paras. [0123], [0224], [0233]-[0237], [0240], [0248], [0253], [0608]: providing, via the database, the public key file and deriving the public key/authorized key or fingerprint (i.e. file keys) to applications of the source host/client (i.e. the originating application) and to applications of the destination host/management system (i.e. to the recipient application) so that applications in a trusted relationship obtain each other’s public/private keys); 
wherein the file key allows the recipient application to decrypt communications from the originating application (paras. [0234], [0265], [0464], [0482], [0479]: wherein the public key/authorized keys/fingerprints are used to provide access and decrypt the private key file and data communicated through the authorized connections (i.e. communications) between the source and destination host (i.e. between recipient and originating application on their host devices).
Das and Ylonen are combinable because both are from the same field of identifying trusted applications.  It would have been obvious to one of ordinary skill before the effective filing date of the claimed invention to integrate Ylonen’s method of storing associations together with keys in a database with the system of Das so that “management back-ends and proxy agents can be restarted at any time without disrupting the operation of the management system or allowing requests to go unprocessed” (Ylonen, para. [0117]).
Neither Das or Ylonen disclose the remaining limitations of claim 1 as follows:
wherein the file key is derived from an application key for the originating application (paras. [0123],
However, in the same field of endeavor Momchilov discloses the remaining limitations of claim 1 as follows:
providing, by the keystore application, a file key to the recipient application, wherein the file key is derived from an application key for the originating application (paras. [0063], [0066], [0088], [0091]-[0092], [0106], [0110], [0141], [0158]-[0159]: providing, by a shared vault/pasteboard service (i.e. keystore application) an encrypted vault key record/passcode for accessing files in the vault (i.e. file key) to a second managed application (i.e. recipient application), wherein the encrypted vault key record/passcode for the managed application is derived from a vault key/passcode (i.e. application key) for other managed applications that share the key vault (i.e. for originating applications)) 
Momchilov, Das and Ylonen are combinable because all three are from the same field of identifying trusted applications.  It would have been obvious to one of ordinary skill before the effective filing date of the claimed invention to integrate Momchilov’s method of generating/deriving encrypted vaults keys/passcode from vault keys shared with other applications with the system of Das and Ylonen in order to enable the managed applications to securely exchange common secrets and data in the vault.

Regarding claims 2 and 12, Das, Ylonen and Momchilov disclose the limitations of the method of claim 1 and the device of claim 11.
Das discloses the limitations of claims 2 and 12 as follows:
further comprising loading at least one other application into the execution environment, the one other application being untrusted prevented from communicating with any of the trusted applications (paras. [0016], [0037], [0039], [0076]: downloading/installing/loading additional mobile applications onto the mobile device that perform actions that are not approved/trusted, where the additional mobile device is blocked from performing any unapproved/blacklisted action on the mobile device (i.e. prevented from communicating with whitelisted/trusted applications). 

	Regarding claim 11, Das discloses the limitations substantially as follows: 
A computing device for providing an execution environment, comprising: 
	a system comprising memory operable to receive a plurality of trusted applications defining an execution environment, the execution environment also having a processor, a file system and a network interface (paras. [0012], [0014], [0016], [0020], [0027], [0041], [0048], [0053]: installing/loading whitelisted/trusted applications into memory of a mobile network environment (i.e. execution environment of mobile device) comprising memory, a processor, files and network communication interfaces); 
	the processor operable to execute each of the plurality of trusted applications (paras. [0018], [0027], [0035]: executing the multiple trusted/whitelisted applications by processors of the mobile device);
application is configured to maintain a plurality of associations in an associations table, wherein each of the plurality of associations comprises both a first identifier for a first application and a second identifier for a second application (paras. [0013]-[0014], [0036], [0040], [0051]: maintaining in a cache or storage a whitelist of applications (i.e. an associations table), comprising a plurality of applications that are associated with one another by being whitelisted/trusted, wherein a pair of applications (i.e. first and second applications) that are associated with one another by being whitelisted (i.e. each association) is identified in the whitelist by a stored checksum (i.e. first identifier and second identifier) or hashed application identification number));
	
Das does not disclose the remaining limitations of claim 11 as follows:
	the processor operable to detect an attempt to communicate between a an originating application and a recipient application of the trusted applications, 
	wherein a keystore application is configured to maintain a plurality of communication associations in an associations table, wherein each communication of the plurality of communication associations comprises both a first identifier for a first application and a second identifier for a second application 
	wherein the processor determines that the associations table comprises an association between the recipient application and the originating application and
provides a file key to the recipient application, wherein the file key is derived from an application key for the originating application;
	wherein the file key allows the recipient application to decrypt communications from the originating application.
However, in the same field of endeavor Ylonen discloses the remaining limitations of claim 11 as follows:
	the processor operable to detect an attempt to communicate between an originating application and a recipient application of the trusted applications (paras. [0337], [0409], [0174]-[0175], [0229], [0245]-[0246], [0248], [0329], [0608], [0770], [0772]-[0773], [0852]: detecting/receiving a request/connection for communication between applications of a first source account on a first host (i.e. originating application) and applications of a second destination account on a second host (i.e. recipient application), the applications of the first and second source and destination accounts being part of a trust relationship (i.e. trusted applications)), 
	wherein a keystore application is configured to maintain a plurality of communication associations in an associations table, wherein each communication of the plurality of communication associations comprises both a first identifier for a first application and a second identifier for a second application (paras. [0409], [0174]-[0175], [0229], [0245]-[0246], [0248], [0329], [0608], [0608], [0770], [0772]-[0773]: maintaining, in the database, a plurality of trust relationships (i.e. communication associations), each of the trust relationship for the applications in the trust relationships indicating that there is a trusted relationship authorizing communication between applications of a first source account on a first host (i.e. first/originating application) and applications of a second destination account on a second host (i.e. second/recipient application), where an application of the source account of the source computer and an application of the second account of the destination computer (i.e. first and second applications in the trust relationships) are identified by applications identifiers, identity keys and authorized keys),
the keystore application being further configured to maintain an application key for each of the plurality of trusted applications (paras. [0119], [0203], [0523], [0766], [0770], [0773], [0975]: maintaining, in a database or store (i.e. keystore application), a key for each application associated with a trust relationship (i.e. trusted applications));
	
	and provides a file key to the recipient application (paras. [0123], [0224], [0233]-[0237], [0240], [0248], [0253], [0608]: providing, via the database, the public key file and deriving the public key/authorized key or fingerprint (i.e. file keys) from the private key and file for transmission to applications of the source host/client (i.e. for the originating application) and to applications of the destination host/management system (i.e. to the recipient application) so that applications in a trusted relationship obtain each other’s public/private keys);
	wherein the file key allows the recipient application to decrypt communications from the originating application (paras. [0234], [0265], [0464], [0482], [0479]: wherein the public key/authorized keys/fingerprints are used to provide access and decrypt the private key file and data communicated through the authorized connections (i.e. communications) between the source and destination host (i.e. between recipient and originating application on their host devices).
Das and Ylonen are combinable because both are from the same field of identifying trusted applications.  It would have been obvious to one of ordinary skill before the effective filing date of the claimed invention to integrate Ylonen’s method of storing associations and keys in a database with the system of Das so that “management back-ends and proxy agents can be restarted at any time without disrupting the operation of the management system or allowing requests to go unprocessed” (Ylonen, para. [0117]).
Neither Das or Ylonen disclose the remaining limitations of claim 11 as follows:
wherein the file key is derived from an application key for the originating application (paras. [0123],
However, in the same field of endeavor Momchilov discloses the remaining limitations of claim 11 as follows:
providing, by the keystore application, a file key to the recipient application, wherein the file key is derived from an application key for the originating application (paras. [0063], [0066], [0088], [0091]-[0092], [0106], [0110], [0141], [0158]-[0159]: providing, by a shared vault/pasteboard service (i.e. keystore application) an encrypted vault key record/passcode for accessing files in the vault (i.e. file key) to a second managed application (i.e. recipient application), wherein the encrypted vault key record/passcode for the managed application is derived from a vault key/passcode (i.e. application key) for other managed applications that share the key vault (i.e. for originating applications)) 
Momchilov, Barton and Ylonen are combinable because all three are from the same field of identifying trusted applications.  It would have been obvious to one of ordinary skill before the effective filing date of the claimed invention to integrate Momchilov’s method of generating/deriving encrypted vaults keys/passcode from vault keys shared with other applications with the system of Das and Ylonen in order to enable the managed applications to securely exchange common secrets and data in the vault.

	Regarding claim 18, Das discloses the limitations substantially as follows:
A computer program product having instructions stored on a non-transitory computer readable storage medium for performing, in an enterprise environment, a method of providing an execution environment in a mobile computing device, the method comprising: 
loading a plurality of trusted applications into a memory of an execution environment, the execution environment having memory, a processor, a file system and a network interface (paras. [0012], [0014], [0016], [0020], [0027], [0041], [0048], [0053]: installing/loading whitelisted/trusted applications into memory of a mobile network environment (i.e. execution environment of mobile device) comprising memory, a processor, files and network communication interfaces); 
executing each of the plurality of trusted applications by the processors (paras. [0018], [0027], [0035]: executing the multiple trusted/whitelisted applications by processors of the mobile device);
maintaining, in an associations table, a plurality of associations, wherein [[an]] each association of the plurality of communication associations comprises (paras. [0013]-[0014], [0036], [0040], [0051]: maintaining in a cache or storage a whitelist of applications (i.e. an associations table), comprising a plurality of applications that are associated with one another by being whitelisted/trusted, wherein a pair of applications (i.e. first and second applications) that are associated with one another by being whitelisted (i.e. each association) is identified in the whitelist by a stored checksum (i.e. first identifier and second identifier) or hashed application identification number);
the recipient application being selected from the plurality of trusted applications (para. [0040]: selecting particular applications (i.e. recipient applications) from the whitelist of trusted applications);
Das fails to explicitly disclose the remaining limitations of claim 18:
maintaining, in a keystore application, an application key for each of the plurality of trusted applications;
maintaining, in an associations table, a plurality of communication associations, wherein [[a]] each communication association of the plurality of communication associations comprises both a first identifier for a first application and a second identifier for a second application 
detecting an attempt to communicate with a recipient application by an originating application, the recipient application and the originating application being selected from the plurality of trusted applications;
determining that the associations table comprises an association between the recipient application and the originating application;
providing, by the keystore application, a file key to the recipient application, wherein the file key is derived from an application key for the originating application;
wherein the file key allows the recipient application to decrypt communications from the originating application.
However, in the same field of endeavor Ylonen discloses the remaining limitations of claim 18 as follows:
maintaining, in a keystore application, an application key for each of the plurality of trusted applications (paras. [0119], [0203], [0523], [0766], [0770], [0773], [0975]: maintaining, in a database or store (i.e. keystore application), a key for each application associated with a trust relationship (i.e. trusted applications))
maintaining, in an associations table, a plurality of communication associations, wherein [[a]] each communication association of the plurality of communication associations comprises both a first identifier for a first application and a second identifier for a second application (paras. [0174]-[0175], [0229], [0245]-[0246], [0248], [0408]-[0411], [0607], [0608], [0770], [0765]-[0773]: maintaining, in the database, a plurality of trust relationships (i.e. communication associations), each of the trust relationship for the applications in the trust relationships indicating that there is a trusted relationship authorizing communication between applications of a first source account on a first host (i.e. first/originating application) and applications of a second destination account on a second host (i.e. second/recipient application), where an application of the source account of the source computer and an application of the second account of the destination computer (i.e. first and second applications in the trust relationships) are identified by applications identifiers, identity keys and authorized keys));
detecting an attempt to communicate with a recipient application by an originating application, the recipient application and the originating application being selected from the plurality of trusted applications (paras. [0337], [0409], [0174]-[0175], [0229], [0245]-[0246], [0248], [0329], [0608], [0770], [0772]-[0773], [0852]: detecting/receiving a request/connection for communication between applications of a first source account on a first host (i.e. originating application) and applications of a second destination account on a second host (i.e. recipient application), the applications of the first and second source and destination accounts being part of a trust relationship (i.e. trusted applications));
determining that the associations table comprises an association between the recipient application and the originating application (paras. [0608], [0729], [0770], [0772]-[0773]: determining that the database comprises a trust relationship record comprising a trust relationship (i.e. association) between the applications of the source and destination hosts);
providing, by the keystore application, a file key to the recipient application (paras. [0123], [0224], [0233]-[0237], [0240], [0248], [0253], [0608]: providing, via the database, the public key file and deriving the public key/authorized key or fingerprint (i.e. file keys) from the private key and file for transmission to applications of the source host/client (i.e. for the originating application) and to applications of the destination host/management system (i.e. to the recipient application) so that applications in a trusted relationship obtain each other’s public/private keys);
wherein the file key allows the recipient application to decrypt communications from the originating application (paras. [0234], [0265], [0464], [0482], [0479]: wherein the public key/authorized keys/fingerprints are used to provide access and decrypt the private key file and data communicated through the authorized connections (i.e. communications) between the source and destination host (i.e. between recipient and originating application on their host devices).
Das and Ylonen are combinable because both are from the same field of identifying trusted applications.  It would have been obvious to one of ordinary skill before the effective filing date of the claimed invention to integrate Ylonen’s method of storing associations and keys in a database with the system of Das so that “management back-ends and proxy agents can be restarted at any time without disrupting the operation of the management system or allowing requests to go unprocessed” (Ylonen, para. [0117]).
Neither Das or Ylonen disclose the remaining limitations of claim 18 as follows:
wherein the file key is derived from an application key for the originating application (paras. [0123],
However, in the same field of endeavor Momchilov discloses the remaining limitations of claim 18 as follows:
providing, by the keystore application, a file key to the recipient application, wherein the file key is derived from an application key for the originating application (paras. [0063], [0066], [0088], [0091]-[0092], [0106], [0110], [0141], [0158]-[0159]: providing, by a shared vault/pasteboard service (i.e. keystore application) an encrypted vault key record/passcode for accessing files in the vault (i.e. file key) to a second managed application (i.e. recipient application), wherein the encrypted vault key record/passcode for the managed application is derived from a vault key/passcode (i.e. application key) for other managed applications that share the key vault (i.e. for originating applications)) 
Das, Momchilov and Ylonen are combinable because all three are from the same field of identifying trusted applications.  It would have been obvious to one of ordinary skill before the effective filing date of the claimed invention to integrate Momchilov’s method of generating/deriving encrypted vaults keys/passcode from vault keys shared with other applications with the system of Das and Ylonen in order to enable the managed applications to securely exchange common secrets and data in the vault.

Claims 3-5 and 13-14 are rejected under 35 U.S.C. 103 as being unpatentable over Das (US 2013/0097660) and Ylonen (US 2019/0075134) and Momchilov (US 2016/0191499), as applied to claims 1 and 11, further in view of Sobel (US 2014/0068273)
	Regarding claim 3, Barton and Ylonen and Momchilov disclose the limitations of the method of claim 1.
Ylonen disclose the limitations of claim 3:
The method of claim 1 further comprising: 
generating the file key at the recipient application (paras. [0018], [0175]-[0177], [0230]: generating the public key/authorized key and identity key for use with files at the first or second host (i.e. at applications of the originator and recipient devices)
It would have been obvious to one of ordinary skill before the effective filing date of the claimed invention to integrate Ylonen’s method of generating file keys by 
Das, Ylonen and Momchilov do not explicitly disclose the remaining limitations of claim 3 as follows:
transmitting, using the file key, the identified message to the recipient; and 
generating the file key at the recipient application for decrypting the identified message
However, in the same field of endeavor, Sobel discloses the remaining limitations as follows:
identifying a message for transmission between the originating application and the recipient application (Sobel, paras. [0007], [0048]: identifying messages to be transmitted between applications on a mobile device)
transmitting, using the file key, the identified message to the recipient application (Sobel, paras. [0007], [0030], [0048]: transmitting the file/data encrypted object/identified message, encrypted with a private key from the generated asymmetric key pair (i.e. using the file key) to the second ecosystem/receiving application (i.e. recipient application)); and 
generating the file key at the recipient application for decrypting the identified message (Sobel, paras. [0007], [0030], [0034], [0048]: generating the public and private key pair at each application, such as the second ecosystem/recipient application, for encrypting and decrypting data file data/messages).
Das, Ylonen, Sobel and Momchilov are combinable because all four are from the same field of identifying trusted applications and strengthening secure authorized communications.  It would have been obvious to one of ordinary skill before the effective filing date of the claimed invention to integrate Sobel’s method of generating a key and transmitting messages using the generated key with Das, Ylonen and Momchilov in order to “allow authorized access by certain ones or all of the ecosystem apps, while preventing access from outside of the ecosystem” (Sobel, para. [0034]). 

	Regarding claim 4, Das, Ylonen, Momchilov and Sobel disclose the limitations of the method of claims 1 and 3.
Ylonen and Sobel disclose the limitations of claim 4 as follows:
The method of claim 3 wherein transmitting further comprises: 
writing the identified message to a file, the contents of the file encrypted using the file key (Ylonen, paras. [0018], [0230], [0482]: Fig. 24: writing contents of data of file and encrypting file using encrypted file key);
reading the file and decrypting the message, by the recipient application, using the file key (Ylonen, paras. [0018], [0230], [0482]: reading the file and decrypting the encrypted private file key by applications at the destination host using the authorized/public key/passphrase (i.e. file key)) (See also Sobel, paras. [0007], [0030], [0034], [0048]: receiving application decrypts and reads files using the key transmitted from the first ecosystem application).
The same motivation to combine utilized in claim 3 is equally applicable in the instant claim.

	Regarding claim 5, Das, Ylonen, Momchilov and Sobel disclose the limitations of the method of claims 1 and 3.
Sobel discloses the limitations of claim 5 as follows:
The method of claim 3 wherein transmitting further comprises: 
designating an IPC (Interprocess Communication) channel between the first application and the recipient application (Sobel, paras. [0041]: generating secure inter-process communications (IPC communication channels) between sending and receiving applications (i.e. transmitting and recipient applications));
encrypting the identified message using the file key (Sobel, paras. [0007], [0030], [0034], [0048]: encrypting data object file/message with private key from generated asymmetric key pair (i.e. generated key)); and
transmitting the encrypted message to the recipient application from the originating application (Sobel, paras. [0007], [0048]: transmitting the data message to the second ecosystem/receiving application from the first ecosystem/sending application).


	Regarding claim 13, Das, Ylonen and Momchilov disclose the limitations of the method of claim 11.
Barton and Ylonen do not explicitly disclose the remaining limitations of claim 13 as follows:
The device of claim 11 wherein the keystore application is operable to: 
identify a message for transmission between the originating application and the recipient application;
generate the file key at the recipient application for decrypting the identified message
However, in the same field of endeavor Sobel discloses the remaining limitations of claim 13 as follows:
The device of claim 11 wherein the keystore application is operable to: 
identify a message for transmission between the originating application and the recipient application (Sobel, paras. [0007], [0030], [0034], [0048]: identifying messages to be transmitted between applications on a mobile device); and
 generate the file key at the recipient application for decrypting the identified message (Sobel, paras. [0007], [0030], [0034], [0048]: generating the public and private key pair for encrypting and decrypting files at each application, such as the second ecosystem/recipient application, for encrypting and decrypting file data objects/messages).
Das, Ylonen, Momchilov and Sobel are combinable because all four are from the same field of identifying trusted applications and preventing unauthorized communications.  It would have been obvious to one of ordinary skill before the effective filing date of the claimed invention to integrate Sobel’s method of generating a key and transmitting messages using the generated key with Das, Ylonen and Momchilov in order to “allow authorized access by certain ones or all of the ecosystem apps, while preventing access from outside of the ecosystem” (Sobel, para. [0034]). 

	Regarding claim 14, Das, Ylonen, Momchilov and Sobel disclose the limitations of the method of claims 11 and 13.
Sobel discloses the limitations of claim 14 as follows:
The device of claim 13 wherein transmitting further comprises: 
a file for receiving and storing the identified message encrypted using the file key (see also Sobel, paras. [0007], [0030], [0034], [0048]: file for receiving and storing data encrypted using private key (i.e. file key)).
The same motivation to combine utilized in claim 13 is equally applicable in the instant claim.

Claims 6-7 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Das (US 2013/0097660) and Ylonen (US 2019/0075134) and Momchilov (US .
	Regarding claim 6, Das, Ylonen and Momchilov disclose the limitations of the method of claim 1.
Neither Das, Ylonen or Momchilov discloses the limitations of claim 6 as follows:
The method of claim 1, wherein detecting the attempt to communicate identifies file accesses, IPC accesses and network accesses for each of the trusted applications,  the trusted applications defining a set of trusted applications operable for communication only with other applications in the set of trusted applications exclusive of other applications in the memory outside the set of trusted applications
However, in the same field of endeavor Barton discloses the limitations of claim 6 as follows:
The method of claim 1, the trusted applications defining a set of trusted applications operable for communication only with other applications in the set of trusted applications exclusive of other applications in the memory outside the set of trusted applications (Barton, paras. [0170]-[0173], [0175], [0181], Fig. 49: receiving access attempts to communicate comprises receiving/identifying communication attempts to access files, communication data/messages between the applications, and the network of the secure/managed (i.e. trusted) applications, the secure/managed applications comprises a set of secure/managed applications that are only permitted to exchange communications with other secure/managed applications and blocked from communicating with unmanaged applications outside of the memory).
Das, Ylonen, Momchilov and Barton are combinable because all four are from the same field of identifying trusted applications and preventing unauthorized communications.  It would have been obvious to one of ordinary skill before the effective filing date of the claimed invention to integrate Barton’s method of restricting communications by trusted applications to other trusted applications with the system of Das, Ylonen and Momchilov in order to ensure that communications between applications on the mobile device are only carried out between authorized whitelisted applications thereby reducing the risk of unauthorized communication.
Neither Das, Ylonen, Momchilov or Barton explicitly discloses the remaining limitations of claim 6 as follows:
wherein detecting the attempt to communicate identifies file accesses, IPC accesses and network accesses for each of the trusted applications
However, in the same field of endeavor Sobel discloses the remaining limitations as follows:
wherein detecting the attempt to communicate identifies file accesses, IPC accesses and network accesses for each of the trusted applications (Sobel, paras. [0037], [0041], [0048], [0049]: identifying a request to communicate from another member application in addition to identifying the class/type of media in the communication being attempted such as file, inter-process communications or network communications)


	Regarding claim 7, Das, Barton, Sobel, Ylonen and Momchilov disclose the limitations of the method of claim 1.
Barton discloses the limitations of claim 7 as follows:
The method of claim 6, wherein detecting an attempt to communicate further comprises:
wrapping applications in the set of trusted applications, the wrapped applications operable in the execution environment responsive to an unmodified operating system (paras. [0076], [0168], [0178], [0336]: wrapping applications from the managed/trusted applications and not wrapping the applications that are not managed/trusted, the wrapped applications operating in the secure execution environment that does not require additional modifications).
The motivation to combine utilized in claim 6 is equally applicable in the instant claim.


Neither Das, Ylonen, Momchilov and Sobel disclose the limitations of claim 19 as follows:
The method of claim 3 wherein the method further comprises: 
selecting a communication mode between the application, the communications mode being either one of a permissive mode or a restrictive mode; 
retaining, when the permissive mode is selected, the generated key for subsequent communications between the associated processes; and 
generating when the restrictive mode is selected, a separate key for each subsequent communication between the associated processes.
However, in the same field of endeavor, Barton discloses the limitations of claim 19 as follows:
The method of claim 3 wherein the method further comprises: 
selecting a communication mode between the application, the communications mode being either one of a permissive mode or a restrictive mode (paras. [0396], [0424], [0427]-[0429], Figs. 30, 56: communication between managed applications can be carried out using single-sign on (permissive mode) or not permitting single-sign on (i.e. restrictive mode)); 
retaining, when the permissive mode is selected, the generated key for subsequent communications between the associated processes (paras. [0396], [0424], [0427]-[0429], Figs. 30, 56: retaining the key for subsequent communications between managed applications when single-sign on is permitted (i.e. permissive mode)); and 
generating when the restrictive mode is selected, a separate key for each subsequent communication between the associated processes (paras. [0396], [0424], [0427]-[0429], Figs. 30, 56: requiring a separate key to be generated for each subsequent communication between managed applications when single-sign in is not permitted).
Das, Barton, Sobel, Ylonen, and Momchilov are combinable because all five are from the same field of identifying trusted applications and preventing unauthorized communications.  It would have been obvious to one of ordinary skill before the effective filing date of the claimed invention to integrate Barton’s method of enabling multiple communication modes with the system of Das, Ylonen, Sobel and Momchilov in order to reduce the burden upon the user by enabling the user to sign into applications without having to repeat authentication procedures when in a permissive single-sign on mode.

Claim 15 are rejected under 35 U.S.C. 103 as being unpatentable over Das (US 2013/0097660) and Ylonen (US 2019/0075134) and Momchilov (US 2016/0191499), as applied to claim 11, further in view of Barton (US 2014/0032691).
	Regarding claim 15, Das, Ylonen and Momchilov disclose the limitations of the device of claim 11.
Neither Das, Ylonen or Momchilov disclose the limitations of claim 15 as follows:
The device of claim 11, wherein detecting an attempt to communicate further comprises: 
wrapping applications in the set of trusted applications, the wrapped applications operable in the execution environment responsive to an unmodified operating system.
However, in the same field of endeavor, Barton discloses the limitations of claims 7 and 15 as follows:
wherein detecting an attempt to communicate further comprises:
wrapping applications in the set of trusted applications, the wrapped applications operable in the execution environment responsive to an unmodified operating system (paras. [0076], [0168], [0178], [0336]: wrapping applications from the managed/trusted applications and not wrapping the applications that are not managed/trusted, the wrapped applications operating in the secure execution environment that does not require additional modifications).
Das, Barton, Ylonen, and Momchilov are combinable because all four are from the same field of identifying trusted applications and preventing unauthorized communications.  It would have been obvious to one of ordinary skill before the effective filing date of the claimed invention to integrate Barton’s method of restricting communications by trusted applications to wrapped trusted applications with the system of Das, Ylonen and Momchilov in order to ensure that communications between applications on the mobile device are only carried out between authorized whitelisted applications thereby reducing the risk of unauthorized communication.

Conclusion
For the above-stated reasons, claims 1-7, 11-15 and 18-19 are rejected.
Prior art relied upon but not cited includes: 
1) Desai (US 2014/0095874): storing information in a whitelist (i.e. communication associations) establishing a secure inter-application communication between two applications (i.e. a communication association between two applications) that comprises a first port ID of a source mobile application and second end point of a second port ID of a target application by storing bundle ID's identifying each mobile application as secured/trusted in a whitelist (i.e. identifying that the applications can securely communicate with one another) (paras. [0021], [0054], [0068], and [0070]).
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Taghi T Arani can be reached on 571-272-3787.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/SHARON S LYNCH/Primary Examiner, Art Unit 2438