DETAILED ACTION
1. 	This office action is response to application 16/198,819 filed on 11/22/2018. Claims 1-20 are submitted for examination. Claims 1, 8 and 15 are independent. 
Notice of Pre-AIA  or AIA  Status
2.	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Priority

	3.	This application, filed on 11/22/2018 doesn’t claim priority. Thus, the effective filing date for this application is November 22, 2018.
					Information Disclosure Statement
4.	The information disclosure statements (IDS) submitted on 11/25/2018 has been considered. The submission is in compliance with the provisions of 37 CFR 1.97. Form PTO-1449 is signed and attached hereto.
Drawings
5.	The drawings filed on November 22, 2018 are accepted. 
Specification
6.	The specification filed on November 22, 2018 is also accepted.

Double Patenting

In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); and In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
8.	A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on a nonstatutory double patenting ground provided the reference application or patent either is shown to be commonly owned with this application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).
9.	The USPTO internet Web site contains terminal disclaimer forms which may be used.  Please visit http://www.uspto.gov/forms/.  The filing date of the application will determine what form should be used.  A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission.  For more information about eTerminal Disclaimers, refer to http://www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
206 patent.)  Although the conflicting claims are not identical, they are not patentabley distinct from each other.

The following is referring to independent claims 1, 8 and 15


[Symbol font/0xB7]  Independent claim 1, 8 and 15 of the instant application and claims 1, 14 and 15, of the ‘206 patent recite similar limitation, except independent claims 1, 8 and 15 further recites a claim limitation, “data access” or/and “data access purpose”. However such limitation/s is not patentabley distinct from the limitation “allowed usage purpose” recited in the corresponding independent claims 1, 14 and 15.Therefore, the above claims, namely claims 1, 8 and 15 of the instant/present application would have been obvious over claims 1, 14 and 15 of the ‘206 patent because every element of the above claims 1, 8 and 15 of the present application is anticipated by the corresponding claims 1, 14 and 15 of the ‘206 patent respectively.

The following is referring to dependent claims 3, 10 and 17

[Symbol font/0xB7]  Dependent claims 3, 10 and 17 of the instant application and the combination of dependent claims 2, 4 and 6, of the ‘206 patent recite similar limitation. The above claims, namely claims 3, 10 and 17 of the instant/present application would have been obvious over the combination of claims 2, 4 and 6 of the ‘206 patent because every element of the above claims 3, 10 and 17 of the present application is anticipated by the combination of the corresponding claims 2, 4 and 6 of the ‘206 patent.
See the following table for further clarification:
Instant Application No. 16/198,819
US Patent No. 10/616,206 (‘206 Patent)
Independent claims 1,8 and 15:

A computer-implemented method for controlling application access to data implemented in a computer comprising a processor, memory accessible by the processor, and computer program instructions stored in the memory and executable by the processor, the method 

comprising: receiving an application comprising a plurality of application parts, each application part associated with a declared data access purpose; 




















and generating a cryptographic certificate for each application part to be certified by determining whether a declared data access purpose for each application part to be certified is correct and the only data access purpose for that part, wherein the declared purpose is included in purpose information associated with each application part to be certified.
Independent claims 1, 14 and 15

A method of improving a privacy protection in data usage by an application by creating an application purpose certificate, 





comprising: receiving from a software publisher an application code and declared privacy information; extracting from said declared privacy information, information specifying for each data type of a plurality of data types of data received or sent by said application, at least one use purpose allowed for said application to use said received or sent data of said each data type, wherein said allowed use purpose is predefined as an intended use consented as allowed for 

scanning and analyzing said application code to identify for each of said plurality of data types, a use purpose as used by said application; for each of said plurality of data types, comparing said identified use purpose with said declared privacy information, to determine when said usage is compliant with said at least one allowed usage purpose; in response and according to said determination of compliancy, 
creating an encrypted digital purpose certificate, said digital purpose certificate certifies that said application uses data of each of said data types for purposes that are in compliance with said at least one allowed usage purpose, said digital purpose certificate is unique for said application code; and sending said digital purpose certificate to said software publisher to be bundled with said application code and with a publisher authentication certificate; by a user client installing said application, to prevent un-allowed use of data associated with said declared privacy information by said application.
Dependent claims 3, 10 and 17
further comprising 
generating a hash of program application code of each application part to be certified; and signing the generated hash and signing data access purpose with a private cryptographic key to form the cryptographic certificate
Dependent claims 2, 4 and 6
wherein said digital purpose certificate includes a digital hash of said application code, said digital purpose certificate includes encrypted version of said at least one allowed usage purpose. and said digital hash of said application code and said declared privacy information are encrypted using the same private key.


Claim Rejections - 35 USC § 103
11.	In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
12.	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as 

13.	The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

	Examiner’s note: text in bold corresponds to the claimed limitations; text in italics underlined or not underlined correspond to the cited prior art reference (i.e., verbatim, and/or examiner’s clarification. Meaning, text after a limitation in brackets [ ] corresponds to examiner’s mapping (including further explanation and/or comments) and/or prior art reference citations. Furthermore text in brackets [ ] points out explanation how the claim limitation is taught or explicitly taught by the reference being cited for that particular limitation or part of the limitation]

14.	Claims 1-20 are rejected under AIA  35 U.S.C. 103 as being unpatentable over David P. Maher, ( Maher) US Publication No. 2010/0223672 A1) in view of in view of W. Olin Sibert (Siber) (US Publication No. 2007/0226798 A1) 


As per independent claim 1 Maher discloses a computer-implemented method for controlling application access to data implemented in a computer comprising a processor, memory accessible by the processor, and computer program instructions stored in the memory and executable by the processor [See Computer System shown on figure 9 and paragraph 0094, computer system 900 that can be used to practice embodiments of the present invention. Computer system 900 may comprise a general-purpose computing device such as a personal computer or network server, or a specialized computing device such as a cellular telephone, personal digital assistant, portable audio or video player, television set-top box, kiosk, or the like. Computing device 900 will typically include a processor 902, memory 904, a user interface 906, a port 907 for accepting removable memory 908, a network interface 910, and a bus 912 for connecting the aforementioned elements. The operation of computing device 900 will typically be controlled by processor 902 operating under the guidance of programs stored in memory 904]
, the method comprising: 
receiving an application [See figure 1 and paragraph 0024 where an application 107a is received from an application developer 106 by the credential authority shown on figure 1, 102 having a set of requirements defined by a credential authority 102.] and 
generating a cryptographic certificate for each application [See paragraph 0024, Certification service analyzes and tests application 107a to make sure that it meets the requirements 103 specified by credential authority 102. An application 107a that satisfies these requirements is given an appropriate credential or certificate 105. Upon obtaining credential 105, the application developer 106 may distribute the credentialed application 107 to an application user 108.See also paragraph 0026 how the presence of the corresponding/credential certificate 105 determines whether or not the application could proceed using the content 104.See paragraph 0028, credential 105 is formed by applying a strong cryptographic hash algorithm (e.g., SHA-1) 202 to the application 200 (or to selected portions thereof) to yield hash or message digest 204. Message digest 204 (and, in some embodiments, identification information 207) is encrypted (206) using the certification service's (or credential authority's) private key 208 to yield credential or signature 210.] and the only data access[See paragraph 0024, That indicates that only application that satisfies a declared the set of requirements are certified and provided a certification/credentials 105. Certification service analyzes and tests application 107a to make sure that it meets the requirements 103 specified by credential authority 102. An application 107a that satisfies these requirements is given an appropriate credential or certificate 105 and 0026, when user 108 attempts to use application 107 to process content 114, the user's system checks application 107 for the presence of the appropriate credential 105. If the credential 105 is present, the application 107 may proceed with using content 114. If credential 105 is not present, use of content 114 can be prohibited] 
Maher substantially discloses all the limitation recited in the claim, but does not explicitly disclose the following underlined claim limitation: a plurality of application parts, each application part associated purpose”; each application part to be certified by determining a declared purpose for each application part to be certified is correct; the only data access purpose for that part, wherein the declared purpose is included in purpose information with each application part to be certified”, however Siber discloses these underlined claim limitations:
 In particular Siber discloses:
 “an application comprising a plurality of application parts, [See paragraph 0154, provide a credential having multiple elements covering corresponding parts of the application—and preferably having a combined overall effect of covering all (or a substantial portion) of the application 600. For example, the credential can provide verification information for different byte ranges, virtual paths, and/or other portions of application 600] each application part [See paragraph 0078, FIG. 1 shows load module 54 as a complicated looking machine part for purposes of illustration only; the load module preferably comprises one or more computer instructions and/or data elements used to assist, allow, prohibit, direct, control or facilitate at least one task performed at least in part by an electronic appliance such as a computer. For example, load module 54 may comprise all or part of an executable computer program and/or associated data ("executable"), and may constitute a sequence of instructions or steps that bring about a certain result within a computer or other computation element] associated with a declared data access purpose” [See figure 4 where each module/application 54 having a list of  specifications shown on figure 4/110 describing the functions or purposes that each module/application 54 performs. See paragraph 0089, Provider 52 may provide, with each load module 54, associated specifications 110 identifying the load module and describing the functions the load module performs. In this example, these specifications 110 are illustrated as a manufacturing tag, but preferably comprise a data file associated with and/or attached to the load module 54] 
“generating a cryptographic certificate for each application part to be certified by determining whether a declared data access purpose for each application part to be certified is correct [See paragraph 0090, Verifying authority 100 uses an analyzing tool(s) 112 to analyze and test load module 54 and determine whether it performs as specified by its associated specifications 110--that is, whether the specifications are both accurate and complete…Such testing (in addition to ensuring that the load module 54 satisfies its specifications 110) can provide added degrees of assurance that the load module isn't harmful and will work as it is supposed to. See figure 2 and figure 17 and paragraph 0087, Verifying authority 100 carefully analyzes the load modules 54 (see 102), testing them to make sure they do what they are supposed to do and do not compromise or harm system 50. If a load module 54 passes the tests verifying authority 100 subjects it to, a verifying authority may affix a digital "seal of approval" (see 104) to the load module and paragraph 0092, FIG. 4-5 illustrates the digital sealing process as being performed by a stamp 114, but in a preferred embodiment the digital sealing process is actually performed by creating a digital signature using a well-known process]]; and the only data access purpose for that part, wherein the declared purpose is included in purpose information associated with each application part to be certified” [See figure 4, paragraph 0089, FIG. 4 shows the analysis and digital signing steps 102, 104 performed by verifying authority 100 in this example. Provider 52 may provide, with each load module 54, associated specifications 110 identifying the load module and describing the functions the load module performs. In this example, these specifications 110 are illustrated as a manufacturing tag, but preferably comprise a data file associated with and/or attached to the load module 54. Paragraph 0090, Verifying authority 100 uses an analyzing tool(s) 112 to analyze and test load module 54 and determine whether it performs as specified by its associated specifications 110--that is, whether the specifications are both accurate and complete and finally see paragraph 0092, Once verifying authority 100 is satisfied with load module 54, it affixes its digital seal of approval 106 to the load module. FIG. 4 illustrates the digital sealing process as being performed by a stamp 114, but in a preferred embodiment the digital sealing process is actually performed by creating a digital signature using a well-known process. See also the abstract, The verifying authority can provide an application intended for insecure environments with a credential having multiple elements covering different parts of the application. To verify the application, a trusted element can issue challenges based on different parts of the authenticated credential that the trusted element selects in an unpredictable (e.g., random) way, and deny service (or take other appropriate action) if the responses do not match the authenticated credential]


It would have been obvious to one having ordinary skill in the art, before the effective filing of the claimed invention, to implement in the system of Maher a mechanism to use the following underlined features such as “a plurality of application parts, each application part associated purpose”; each application part to be certified by determining a declared purpose for each application part to be certified is correct; the only data access purpose for that part, wherein the declared purpose is included in purpose information with each application part to be certified” as taught by Siber because this would enhance the security and the functionality of the system by analyzing and testing each portions or elements of the application and approving them based only if there purpose/the function that they perform as specified in the specifications are found to be accurate and complete. [See Sibert at least Paragraph 0090, Verifying authority 100 uses an analyzing tool(s) 112 to analyze and test load module 54 and determine whether it performs as specified by its associated specifications 110--that is, whether the specifications are both accurate and complete and finally see paragraph 0092, Once verifying authority 100 is satisfied with load module 54, it affixes its digital seal of approval 106 to the load module. FIG. 4 illustrates the digital sealing process as being performed by a stamp 114, but in a preferred embodiment the digital sealing process is actually performed by creating a digital signature using a well-known process]



As per independent claim 8, Independent claim 8, having similar scope as that of the independent claim 1, is rejected for the same reason as that of the above independent claim 1.


	As per independent claim 15, having similar scope as that of the independent claim 1, is rejected for the same reason as that of the above independent claim 1.


As per dependent claim 2 the combination of Maher and Siber discloses a method/system as applied to claims above. Furthermore Siber discloses the method/system, wherein the application parts comprise at least one of an area, module, section, portion, function, address, uniform resource locator (URL), or control flow of an application [See paragraph 0154, provide a credential having multiple elements covering corresponding parts of the application—and preferably having a combined overall effect of covering all (or a substantial portion) of the application 600. For example, the credential can provide verification information for different byte ranges, virtual paths, and/or other portions of application 600]. 

As per dependent claim 9, dependent claim 9, having similar scope as that of the dependent claim 2, is rejected for the same reason as that of the above dependent claim 2.

As per dependent claim 16, dependent claim 16, having similar scope as that of the dependent claim 2, is rejected for the same reason as that of the above dependent claim 2.

As per dependent claim 3 the combination of Maher and Siber discloses a method/system as applied to claims above. Furthermore Siber discloses the method/system, further comprising generating a hash of program application code of each application part to be certified [See figure 5, ref. 116. See also figure 17, ref. 704, generate hash block describing each calculated portion hash value] ; and signing the generated hash and signing data access purpose with a private cryptographic key to form the cryptographic certificate [See figure 5, ref. 122,  and figure 17, ref. 712, “digitally sign the hash”; at least these describes how both the module/software/applications 54 along with the specifications are digitally signed using a private cryptographic key after creating a message digest using a one way hash function] [See paragraph 0092, This digital signature, certificate, or seal creation process is illustrated in FIG. 5 and paragraph 0093, In the FIG. 5 process, load module 54 (along with specifications 110 if desired) is processed to yield a message digest 116 using one or more one-way hash functions selected to provide an appropriate resistance to algorithmic attack and paragraph 0094, Message digest 116 may then be encrypted using asymmetric key cryptography. FIG. 5 illustrates this encryption operation using the metaphor of a strong box 118. The message digest l 116 is placed into strong box 118, and the strongbox is locked with a lock 120 having two key slots opened by different ("asymmetrical") keys. A first key 122 (sometimes called the "private" key) is used to lock the lock and see paragraph 0035, A verifying authority analyzes, validates, verifies, inspects, and/or tests the load module or other executable, and compares its results with the specifications associated with the load module or other executable. A verifying authority may digitally sign or certify only those load modules or other executables having proper specifications--and may include the specifications as part of the material being signed or certified.]

As per dependent claim 10, dependent claim 10, having similar scope as that of the dependent claim 3, is rejected for the same reason as that of the above dependent claim 3.

As per dependent claim 17, dependent claim 17, having similar scope as that of the dependent claim 3, is rejected for the same reason as that of the above dependent claim 3.

As per dependent claim 4 the combination of Maher and Siber discloses a method/system as applied to claims above. Furthermore Siber discloses the method/system, further comprising receiving an application wherein each of a plurality of application parts has been certified with a data usage purpose [[See figure 5, ref. 122,  and figure 17, ref. 712, “digitally sign the hash”; at least these describes how both the module/software/applications 54 along with the specifications are digitally signed using a private cryptographic key after creating a message digest using a one way hash function] [See paragraph 0092, This digital signature, certificate, or seal creation process is illustrated in FIG. 5 and paragraph 0093, In the FIG. 5 process, load module 54 (along with specifications 110 if desired) is processed to yield a message digest 116 using one or more one-way hash functions selected to provide an appropriate resistance to algorithmic attack and paragraph 0094, Message digest 116 may then be encrypted using asymmetric key cryptography. FIG. 5 illustrates this encryption operation using the metaphor of a strong box 118. The message digest l 116 is placed into strong box 118, and the strongbox is locked with a lock 120 having two key slots opened by different ("asymmetrical") keys. A first key 122 (sometimes called the "private" key) is used to lock the lock and see paragraph 0035, A verifying authority analyzes, validates, verifies, inspects, and/or tests the load module or other executable, and compares its results with the specifications associated with the load module or other executable. A verifying authority may digitally sign or certify only those load modules or other executables having proper specifications--and may include the specifications as part of the material being signed or certified.]; executing the program application code; and when a certified application part requests access to data, determining whether to allow access to the requested data based on the certified data usage purpose and on the identity of the application part [ See paragraph 0039, In accordance with another aspect provided by the present invention, an execution environment protects itself by deciding--based on digital signatures, for example--which load modules or other executables it is willing to execute. A digital signature allows the execution environment to test both the authenticity and the integrity of the load module or other executables, as well permitting a user of such executables to determine their correctness with respect to their associated specifications or other descriptions of their behavior, if such descriptions are included in the verification process. And see paragraphs 0046-0047, In accordance with yet another aspect provided by the present invention(s), a tamper-resistant mechanism is provided for allowing a trusted element to validate certifications presented by applications intended to be run or otherwise used, at least in part, within an insecure environment. Such techniques can detect whether applications have been certified and/or modified (i.e., tampered with) in a way that makes them no longer trustworthy. Briefly, examples of these techniques provide a credential having multiple elements covering corresponding parts of the application--and preferably having a combined overall effect of covering all (or a substantial portion) of the application. For example, the credential can provide verification information for different byte ranges, virtual paths, and/or other portions of the application. Sufficient verification information may be provided to substantially cover the application, or at least those portions of the application deemed to be the most likely to be tampered]

As per dependent claim 11, dependent claim 11, having similar scope as that of the dependent claim 4, is rejected for the same reason as that of the above dependent claim 4.

As per dependent claim 18, dependent claim 18, having similar scope as that of the dependent claim 4, is rejected for the same reason as that of the above dependent claim 4.

As per dependent claim 5 the combination of Maher and Siber discloses a method/system as applied to claims above. Furthermore Siber discloses the method/system, wherein determining whether to allow access to the requested data comprises: 
sending a request for data from an application part and associated signed purpose information [See figure 1 and paragraph 0079, how the execution environments such as 108B  receives a request sent from the load modules/application such as 54a and 54b and on paragraph 0092, it has been disclosed that such application part is digitally signed by the verifying authority.” Protected processing environments 108 provide a secure execution environment in which appliances 58, 60, 62 may securely execute load modules 54 to perform useful tasks. See paragraph 0088, the protected processing environment 108 can distinguish between authorized and unauthorized load modules 54 by examining the load module to see whether it bears the seal of verifying authority 100. Protected processing environment 108 will execute the load module 54a with its processor 110 only if the load module bears a verifying authority's seal 106. Protected processing environment 108 discards and does not use any load module 54 that does not bear this seal 106’ See paragraph 0092, A verifying authority may digitally sign or certify only those load modules or other executables having proper specifications--and may include the specifications as part of the material being signed or certified” the specification defines the purpose]; receiving a response to the request for data [See paragraph 0080 and 0081, “Provider 52 might produce a load module 54a for use by the protected processing environment 108A within set top box or home media player 58. Load module 54a could, for example, enable the set top box/home media player 58 to play a movie, concert or other interesting program, charge users 56a a "pay per view" fee, and ensure that the fee is paid to the appropriate rights holder (for example, the film studio, concert promoter, or other organization that produced the program material). [0081] Provider 52 might produce another load module 54b for delivery to personal computer 60's protected processing environment 108B. The load module 54b might enable personal computer 60 to perform a financial transaction, such as, for example, home banking, a stock trade, or an income tax payment or reporting”] generated by: 
retrieving data responsive to the request for data [See paragraph 0100, Protected processing environment 108 then decrypts digital signature 106 using the second key 124--i.e., it opens strongbox 118 to retrieve the message digest 116 that a verifying authority 100 placed therein]; retrieving the requested purpose from the signed purpose information; determining whether the retrieved data is allowed for the requested purpose [See paragraph 0039, In accordance with another aspect provided by the present invention, an execution environment protects itself by deciding--based on digital signatures, for example--which load modules or other executables it is willing to execute. A digital signature allows the execution environment to test both the authenticity and the integrity of the load module or other executables, as well permitting a user of such executables to determine their correctness with respect to their associated specifications or other descriptions of their behavior, if such descriptions are included in the verification process. See also paragraph 0048]; and including the retrieved data responsive to the request in the response to the request when the retrieved data is allowed for the requested purpose [[See paragraph 0080 and 0081, “Provider 52 might produce a load module 54a for use by the protected processing environment 108A within set top box or home media player 58. Load module 54a could, for example, enable the set top box/home media player 58 to play a movie, concert or other interesting program, charge users 56a a "pay per view" fee, and ensure that the fee is paid to the appropriate rights holder (for example, the film studio, concert promoter, or other organization that produced the program material). [0081] Provider 52 might produce another load module 54b for delivery to personal computer 60's protected processing environment 108B. The load module 54b might enable personal computer 60 to perform a financial transaction, such as, for example, home banking, a stock trade, or an income tax payment or reporting” See also paragraph 0048]. 


As per dependent claim 12, dependent claim 12, having similar scope as that of the dependent claim 5, is rejected for the same reason as that of the above dependent claim 5.

As per dependent claim 19, dependent claim 19, having similar scope as that of the dependent claim 5, is rejected for the same reason as that of the above dependent claim 5.

As per dependent claim 6 the combination of Maher and Siber discloses a method/system as applied to claims above. Furthermore Siber discloses the method/system, further comprising: installing the received program application code by [See paragraph 0080 and 0081, how applications code such as a load module 54a is executed or installed in the processing environment 108 after the digital signatures are verified. “Provider 52 might produce a load module 54a for use by the protected processing environment 108A within set top box or home media player 58. Load module 54a could, for example, enable the set top box/home media player 58 to play a movie, concert or other interesting program, charge users 56a a "pay per view" fee, and ensure that the fee is paid to the appropriate rights holder (for example, the film studio, concert promoter, or other organization that produced the program material). [0081] Provider 52 might produce another load module 54b for delivery to personal computer 60's protected processing environment 108B. The load module 54b might enable personal computer 60 to perform a financial transaction, such as, for example, home banking, a stock trade, or an income tax payment or reporting”]: verifying a cryptographic certificate for each application part to be installed; [See paragraph 0039, In accordance with another aspect provided by the present invention, an execution environment protects itself by deciding--based on digital signatures, for example--which load modules or other executables it is willing to execute. A digital signature allows the execution environment to test both the authenticity and the integrity of the load module or other executables, as well permitting a user of such executables to determine their correctness with respect to their associated specifications or other descriptions of their behavior, if such descriptions are included in the verification process.] and installing the verified application parts.[See paragraphs such as 0080 and 0081, how applications code such as a load module 54a which comprises of applications parts  is executed or installed in the processing environment 108 after the digital signatures are verified. “Provider 52 might produce a load module 54a for use by the protected processing environment 108A within set top box or home media player 58. Load module 54a could, for example, enable the set top box/home media player 58 to play a movie, concert or other interesting program, charge users 56a a "pay per view" fee, and ensure that the fee is paid to the appropriate rights holder (for example, the film studio, concert promoter, or other organization that produced the program material). [0081] Provider 52 might produce another load module 54b for delivery to personal computer 60's protected processing environment 108B. The load module 54b might enable personal computer 60 to perform a financial transaction, such as, for example, home banking, a stock trade, or an income tax payment or reporting”]

As per dependent claim 13, dependent claim 13, having similar scope as that of the dependent claim 6, is rejected for the same reason as that of the above dependent claim 6.

As per dependent claim 20, dependent claim 20, having similar scope as that of the dependent claim 6, is rejected for the same reason as that of the above dependent claim 6.

As per dependent claim 7 the combination of Maher and Siber discloses a method/system as applied to claims above. Furthermore Siber discloses the method/system, wherein verifying the cryptographic certificate [See figure 6, “Authenticating a Digital Signature”] comprises: 
generating a hash of program application code of each application part to be installed [See paragraph 0099 and figure 6, 115, one way hash and 116’/message digest, Protected processing environment 108 applies the same one way hash transformation on load module 54 that a verifying authority 100 applied. Since protected processing environment 108 starts with the same load module 54 and uses the same one-way hash function 115, it should generate the same message digest 116'. See also paragraph 0093, In the FIG. 5 process, load module 54 (along with specifications 110 if desired) is processed to yield a message digest 116 using one or more one-way hash functions selected to provide an appropriate resistance to algorithmic attack]; opening the cryptographic certificate using a public key to obtain the corresponding hash of each application part to be installed [See paragraph 0100, Protected processing environment 108 then decrypts digital signature 106 using the second key/public key shown on figure 6 124--i.e., it opens strongbox 118 to retrieve the message digest 116 that a verifying authority 100 placed therein].; comparing the generated hash with the corresponding hash [See paragraph 0100 and figure 6, Protected processing environment 108 compares the version of message digest 116 it obtains from the digital signature 106 with the version of message digest 116' it calculates itself from load module 54 using the one way hash transformation 115]; and when the generated hash matches the corresponding hash, installing that application part along with signed purpose information associated with that application part [See paragraph 0100, The message digests 116, 116' should be identical. If they do not match, digital signature 106 is not authentic or load module 54 has been changed, and protected processing environment 108 rejects load module 54 and see paragraph. See also paragraph 0039, In accordance with another aspect provided by the present invention, an execution environment protects itself by deciding--based on digital signatures, for example--which load modules or other executables it is willing to execute. A digital signature allows the execution environment to test both the authenticity and the integrity of the load module or other executables, as well permitting a user of such executables to determine their correctness with respect to their associated specifications or other descriptions of their behavior, if such descriptions are included in the verification process. See also paragraphs 0080 and 0081, how applications code such as a load module 54a which comprises of applications parts is executed or installed in the processing environment 108 after the digital signatures are verified]


As per dependent claim 14, dependent claim 14, having similar scope as that of the dependent claim 7, is rejected for the same reason as that of the above dependent claim 7.

Conclusion

A.	US Patent No. 7,673,331 B2 to Kido discloses a server certificate issuing system confirms existence of a Web server for which a certificate is to be issued. The web server includes means for generating an entry screen to input application matters for an issuance of a server certificate, means for generating a key pair a public key and a private key, means for generating a certificate signing request file (CSR) containing the generated public key, and means for generating a verification page indicating intention of requesting the issuance of the certificate. A registration server retrieves the CSR from a received server certificate request and accesses the Web server to read the verification information, and compares the read verification information with the CSR. If the verification information read from the Web server is identical to the CSR, it is determined that the Web server for which the server certificate is to be issued exists.

B. 	US Publication No. 2015/0143456 A1 to Raleigh discloses end user device that secures an association of application to service police with an application certificate check.The policy specifies, for at least some of the applications, whether or not those applications are individually allowed to initiate access network communication activity using one or more wireless data modems, when those applications are running as a background application. One or more device agents, which may operate at different points within the device in different embodiments, enforce the policies based on a determination as to whether a running application is running as a background application.

D.	See the other cited prior arts.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SAMSON B LEMMA whose telephone number is 571-272-3806.  The examiner can normally be reached on M-F 8am-10pm.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor Yin-Chen Shaw can be reached on 571-272-8878.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).

/SAMSON B LEMMA/Primary Examiner, Art Unit 2498