DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 9/27/18 and 8/14/19 is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.
Claim Objections
It is unclear whether returning selection failure to the client application and performing an interrupt handling will be performing followed by the application request sending step and an application acquiring step.  That is, it is unclear as whether the last two steps recited in claim 1 are performed when the condition is “yes”.
Claim 3 is objected to under 37 CFR 1.75(c) as being in improper form because it has multiple dependent claims.  See MPEP § 608.01(n).  
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.


Claims 7-11 are rejected under 35 U.S.C. 101 as being directed to no more than software per se.  The claims 7-11 do not fall within at least one of the four categories of patent eligible subject matter because the claimed invention does not direct to any concrete thing consisting of parts or devices.  Claims 7-11 recite “an interaction module”, “a control access 
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
Claims 1-5 are rejected under 35 U.S.C. 103 as being unpatentable over Prakash (US 20140075496) in view of Friedrich (US 20160098560) in view of Vetillard (US 20140317686).
As per claim 1, Prakash discloses a method for access control of a multimedia system to a secure system, comprising: 
a secure service request step for initiating an application access request for selecting a trusted application from a client application of a multimedia system to a secure operating system (Prakash, Para. 0027, Secure transactions (e.g., requests and responses from applications 104 b) may be processed through TEE middleware module 206 which provides an additional interface level between sensor access framework API 202 and the TEE access drivers 210); 
Prakash does not disclose; however, Friedrich discloses an access right decision step for making a decision as to whether the client application that initiates an invocation is a malicious application, and if not, proceeding to an application request sending step, and if yes, returning Selection Failure to the client application and performing an interrupt handling (Friedrich, Para. 0040, If an application is conclusively determined to be malicious (i.e., it corresponds to malware), then it is assigned a malign or bad disposition. In this case the application is either deleted outright from the system, though typically it is put in a special quarantine location so that it can be restored should there have been an error in calling it malicious. Also, Para. 0043-0044, If an application is conclusively determined to be non-malicious by anti-malware software, then it is assigned a disposition of clean or good. In this case, the application is typically allowed to continue its execution on the system. If the anti-malware software is unable to conclusively determine whether an application is good or bad, then a disposition of unknown is assigned. The extent to which a determination must be conclusive depends on the particular situation.); 
Therefore it is obvious to one ordinary skilled in the art before the effective filing
date of the claimed invention to incorporate the teaching of Friedrich with the system and method of Prakash given the benefit of detecting malicious software (malware) on a general purpose computing device.
Prakash and Friedrich do not disclose; however, Vetillard discloses the application request sending step for sending the application access request from the (Vetillard, Para. 0027, a client application that is executed within rich operating system environment 210 can establish a connection with TEE proxy 245, and can send one or more requests to execute an operation to TEE proxy); and 
an application acquiring step for acquiring a trusted application and returning the trusted application to the multimedia system based on the application access request at the secure operating system (Vetillard, Para. 0027, TEE proxy 245 can receive the one or more requests, and establish a connection with TEE 280. TEE proxy 245 can further send one or more requests to execute an operation to a trusted application that is executed within TEE 280. TEE proxy 245 can further receive one or more responses from the trusted application that is executed within TEE 280).
Therefore it is obvious to one ordinary skilled in the art before the effective filing
date of the claimed invention to incorporate the teaching of Vetillard with the system and method of Prakash and Friedrich given the benefit of providing a trusted execution environment that is executed on a tamper-resistant secure element, and a trusted execution environment proxy that is executed on the device.
As per claim 2, Prakash discloses the method for access control of a multimedia system to a secure system according to claim 1, wherein the access right decision step comprises the sub-steps of: 
acquiring an application identification of the client application that initiates the invocation (Prakash, Para. 0028, The TEE firmware sensor drivers 212 may check the requests for sensor context data made by applications 104 b to verify that the applications are authorized to receive such data and/or process it securely. The verification may be accomplished through the use of private/public key encryption, digital signatures, passwords, credentials or any other suitable security technique.); 
Prakash and Vetillard does not disclose; however, Friedrichs discloses deciding whether the client application is a malicious application based on the application identification (Friedrich, Para. 0040, If an application is conclusively determined to be malicious (i.e., it corresponds to malware), then it is assigned a malign or bad disposition. In this case the application is either deleted outright from the system, though typically it is put in a special quarantine location so that it can be restored should there have been an error in calling it malicious. Also, Para. 0043, If an application is conclusively determined to be non-malicious by anti-malware software, then it is assigned a disposition of clean or good. In this case, the application is typically allowed to continue its execution on the system.); and
 if not, proceeding to the application request sending step, and if yes, returning Selection Failure to the client application and performing the interrupt handling (Friedrich, Para. 0040, If an application is conclusively determined to be malicious (i.e., it corresponds to malware), then it is assigned a malign or bad disposition. In this case the application is either deleted outright from the system, though typically it is put in a special quarantine location so that it can be restored should there have been an error in calling it malicious. Also, Para. 0043-0044, If an application is conclusively determined to be non-malicious by anti-malware software, then it is assigned a disposition of clean or good. In this case, the application is typically allowed to continue its execution on the system. If the anti-malware software is unable to conclusively determine whether an application is good or bad, then a disposition of unknown is assigned. The extent to which a determination must be conclusive depends on the particular situation.);
Therefore it is obvious to one ordinary skilled in the art before the effective filing
date of the claimed invention to incorporate the teaching of Friedrich with the system and method of Prakash and Vetillard given the benefit of detecting malicious software (malware) on a general purpose computing device.
As per claim 3, Prakash and Vetillard does not disclose; however, Friedrichs discloses the method for access control of a multimedia system to a secure system according to claim 1 or claim 2, wherein in the step of deciding whether the client application is a malicious application based on the application identification (Para. 0056, identifier), querying a malicious application registry stored in the multimedia system (Para. 0056, log), and deciding whether the client application is a malicious application based on the application identification, wherein the malicious application registry stores at least application identifications of the malicious applications (Friedrich, Para. 0040, If an application is conclusively determined to be malicious (i.e., it corresponds to malware), then it is assigned a malign or bad disposition. In this case the application is either deleted outright from the system, though typically it is put in a special quarantine location so that it can be restored should there have been an error in calling it malicious. Also, Para. 0043-0044, If an application is conclusively determined to be non-malicious by anti-malware software, then it is assigned a disposition of clean or good. In this case, the application is typically allowed to continue its execution on the system. If the anti-malware software is unable to conclusively determine whether an application is good or bad, then a disposition of unknown is assigned. The extent to which a determination must be conclusive depends on the particular situation.); 
Therefore it is obvious to one ordinary skilled in the art before the effective filing
date of the claimed invention to incorporate the teaching of Friedrich with the system and method of Prakash and Vetillard given the benefit of detecting malicious software (malware) on a general purpose computing device.
As per claim 4,   Prakash discloses the method for access control of a multimedia system to a secure system according to claim 3, wherein the application acquiring step comprises the sub-steps of: 
acquiring a username and a password from the application access request, and making a decision as to the validity of the username and the password (Prakash, Para. 0028-0029, The TEE firmware sensor drivers 212 may check the requests for sensor context data made by applications 104 b to verify that the applications are authorized to receive such data and/or process it securely. The verification may be accomplished through the use of private/public key encryption, digital signatures, passwords, credentials or any other suitable security technique. )
Prakash and Friedrich do not disclose; however, Vetillard discloses selecting a respective trusted application based on a trusted application identification in the application access request at a secure operating system, and sending the application access request to the respective trusted application (Vetillard, Para. 0027, TEE proxy 245 can receive the one or more requests, and establish a connection with TEE 280. TEE proxy 245 can further send one or more requests to execute an operation to a trusted application that is executed within TEE 280. TEE proxy 245 can further receive one or more responses from the trusted application that is executed within TEE 280); and 
returning the result of validity decision as the trusted application selection result to the multimedia system from the secure operating system (Vetillard, Para. 0027, TEE proxy 245 can receive the one or more requests, and establish a connection with TEE 280. TEE proxy 245 can further send one or more requests to execute an operation to a trusted application that is executed within TEE 280. TEE proxy 245 can further receive one or more responses from the trusted application that is executed within TEE 280).
Therefore it is obvious to one ordinary skilled in the art before the effective filing
date of the claimed invention to incorporate the teaching of Vetillard with the system and method of Prakash and Friedrich given the benefit of providing a trusted execution environment that is executed on a tamper-resistant secure element, and a trusted execution environment proxy that is executed on the device.
As per claim 5, Prakash and Vetillard do not disclose; however, Friedrichs discloses the method for access control of a multimedia system to a secure system according to claim 4, wherein in the step of application acquiring step, the multimedia system acquires the trusted application selection result, deciding whether the client application is a malicious application based on a rule condition prestored therein, and if yes, the client application is registered into the malicious application registry (Friedrich, Para. 0040, If an application is conclusively determined to be malicious (i.e., it corresponds to malware), then it is assigned a malign or bad disposition. In this case the application is either deleted outright from the system, though typically it is put in a special quarantine location so that it can be restored should there have been an error in calling it malicious. Also, Para. 0043, If an application is conclusively determined to be non-malicious by anti-malware software, then it is assigned a disposition of clean or good. In this case, the application is typically allowed to continue its execution on the system.; Also, Para.0059, logging data ); 
Therefore it is obvious to one ordinary skilled in the art before the effective filing
date of the claimed invention to incorporate the teaching of Friedrich with the system and method of Prakash and Vetillard given the benefit of detecting malicious software (malware) on a general purpose computing device.
Claim 6 is rejected under 35 U.S.C. 103 as being unpatentable over Prakash (US 20140075496) in view of Friedrich (US 20160098560) in view of Vetillard (US 20140317686) in view of Baumhof (US 20130007838).
As per claim 6, Prakash, Friedrichs and Vetillard do not disclose; however, Baumhof discloses the method for access control of a multimedia system to a secure system according to claim 5, wherein the rule condition is set as: 
the times that the client application fails to acquire the trusted applications exceeds a prescribed number (Baumhof, Para. 0086, The evaluation of how and whether the client computer 20 complies with a particular security policy may be in the form of binary yes/no attributes, but are not limited in this manner and could also involve a percentage threshold). 
Therefore it is obvious to one ordinary skilled in the art before the effective filing
date of the claimed invention to incorporate the teaching of Baumhof with the system and method of Prakash, Friedrichs and Vetillard given the benefit of establishing and maintaining secure connections over a network such as the Internet.
Claims 7-11 are rejected under 35 U.S.C. 103 as being unpatentable over Prakash (US 20140075496) in view of Friedrich (US 20160098560).
As per claim 7,   Prakash discloses a mobile terminal for implementing access control of a multimedia system to a secure operating system, the mobile terminal comprising a multimedia system and a secure operating system, wherein the multimedia system comprises: 
a client application for initiating an application access request for selecting a trusted application to a secure operating system (Prakash, Para. 0027, Secure transactions (e.g., requests and responses from applications 104 b) may be processed through TEE middleware module 206 which provides an additional interface level between sensor access framework API 202 and the TEE access drivers 210); 
an interaction module for providing the client application with an application access interface for accessing the secure operating system (Prakash, Para. 0027, Secure transactions (e.g., requests and responses from applications 104 b) may be processed through TEE middleware module 206 which provides an additional interface level between sensor access framework API 202 and the TEE access drivers 210); 
a command distributing module for distributing an application access request from a multimedia operating system to a respective trusted application (Prakash, Para. 0027, Secure transactions (e.g., requests and responses from applications 104 b) may be processed through TEE middleware module 206 which provides an additional interface level between sensor access framework API 202 and the TEE access drivers 210); 
a first communication module for implementing data transmission between the multimedia system and the secure operating system, the secure operating system Prakash, Para. 0027, Secure transactions (e.g., requests and responses from applications 104 b) may be processed through TEE middleware module 206 which provides an additional interface level between sensor access framework API 202 and the TEE access drivers 210); 
a second communication module for implementing data transmission between the secure operating system and the multimedia system (Prakash, Para. 0027, Secure transactions (e.g., requests and responses from applications 104 b) may be processed through TEE middleware module 206 which provides an additional interface level between sensor access framework API 202 and the TEE access drivers 210)
Prakash does not disclose; however, Friedrich discloses the a control access module for making a decision as to whether the client application that is currently accessing is a malicious application, and listening for a processing result of selecting the trusted application by the client application, and making a decision as to whether the access initiated by the client application is a malicious access based on prescribed rules (Friedrich, Para. 0040, If an application is conclusively determined to be malicious (i.e., it corresponds to malware), then it is assigned a malign or bad disposition. In this case the application is either deleted outright from the system, though typically it is put in a special quarantine location so that it can be restored should there have been an error in calling it malicious. Also, Para. 0043, If an application is conclusively determined to be non-malicious by anti-malware software, then it is assigned a disposition of clean or good. In this case, the application is typically allowed to continue its execution on the system; Also, Para. 0056, any Anti-Virus fingerprints associated with the application (including, but not limited to traditional fingerprints and generic fingerprints), attributes of the software application in question (including, but not limited to a machine learning feature vector of the attributes of the application of interest), contextual data about the application of interest that may aid in determining its disposition, the response of the server component (including, but not limited to the final assigned disposition of the application, a sub-disposition that provides additional description about the application such as that the application was previous unseen or is common in the field, the recommendation the server makes to the client about that application, and the dispositions assigned by different sub-technologies that were used in the process of coming up with a final disposition, and a caching time or time-to-live for the response that indicates how long the response might be valid for.);
 a user access right management module, invoked by the trusted application, for making a decision as to the validity of the application access request  (Friedrich, Para. Para. 0056, any Anti-Virus fingerprints associated with the application (including, but not limited to traditional fingerprints and generic fingerprints), attributes of the software application in question (including, but not limited to a machine learning feature vector of the attributes of the application of interest), contextual data about the application of interest that may aid in determining its disposition, the response of the server component (including, but not limited to the final assigned disposition of the application, a sub-disposition that provides additional description about the application such as that the application was previous unseen or is common in the field, the recommendation the server makes to the client about that application, and the dispositions assigned by different sub-technologies that were used in the process of coming up with a final disposition, and a caching time or time-to-live for the response that indicates how long the response might be valid for.). 
Therefore it is obvious to one ordinary skilled in the art before the effective filing
date of the claimed invention to incorporate the teaching of Friedrich with the system and method of Prakash given the benefit of detecting malicious software (malware) on a general purpose computing device.
As per claim 8, Prakash does not disclose; however, Friedrich discloses the mobile terminal according to claim 7, wherein the interaction module acquires an application identification of the client application from the application access request sent by the client application, and provides the application identification to the control access module (Friedrich, Para. Para. 0056, any Anti-Virus fingerprints associated with the application (including, but not limited to traditional fingerprints and generic fingerprints), attributes of the software application in question (including, but not limited to a machine learning feature vector of the attributes of the application of interest), contextual data about the application of interest that may aid in determining its disposition, the response of the server component (including, but not limited to the final assigned disposition of the application, a sub-disposition that provides additional description about the application such as that the application was previous unseen or is common in the field, the recommendation the server makes to the client about that application, and the dispositions assigned by different sub-technologies that were used in the process of coming up with a final disposition, and a caching time or time-to-live for the response that indicates how long the response might be valid for.)
Therefore it is obvious to one ordinary skilled in the art before the effective filing
 
As per claim 9, Prakash does not disclose; however, Friedrich discloses the mobile terminal capable according to claim 8, wherein the control access module includes:
 a malicious application registry for storing at least application identifications of malicious applications (Friedrichs, Para. 0056, A log is a record of transactions and actions made on a given system.);
 a rule file for storing at least prescribed rules for making a decision as to whether the client application is a malicious application (Friedrichs, Para. 0006-0009, A signature can also include a set of strings that are contained in the file in question.  Publishing this signature so that it is accessible to end-users operating a general purpose computing device. [0008] d. Having the device cross reference the files it contains against the published signatures to determine if there is a match. [0009] e. Applying a set of steps or a given policy if the fingerprints match (e.g., blocking the installation of the application, removing it from the system if it is already installed, etc.); and 
a control processing module for making a decision as to whether the client application that is currently accessing, as provided from the interaction module, is a malicious application based on application identifications of the malicious applications stored in the malicious application registry, and listening for the processing result of selecting the trusted application by the client application, and making a decision as to whether the access initiated by the client application is a malicious access based on the Friedrich, Para. Para. 0056, any Anti-Virus fingerprints associated with the application (including, but not limited to traditional fingerprints and generic fingerprints), attributes of the software application in question (including, but not limited to a machine learning feature vector of the attributes of the application of interest), contextual data about the application of interest that may aid in determining its disposition, the response of the server component (including, but not limited to the final assigned disposition of the application, a sub-disposition that provides additional description about the application such as that the application was previous unseen or is common in the field, the recommendation the server makes to the client about that application, and the dispositions assigned by different sub-technologies that were used in the process of coming up with a final disposition, and a caching time or time-to-live for the response that indicates how long the response might be valid for.)
Therefore it is obvious to one ordinary skilled in the art before the effective filing
date of the claimed invention to incorporate the teaching of Friedrich with the system and method of Prakash given the benefit of detecting malicious software (malware) on a general purpose computing device. 
As per claim 10,   Prakash does not disclose; however, Friedrich discloses the mobile terminal according to claim 9, wherein the control processing module obtains the processing result of selecting a trusted application by the client application from the first communication module (Friedrichs, Para. 0060, The server will cross reference these files against the latest intelligence it has or use more heavy-duty scanning technologies against these files. If a discrepancy is found (i.e., a file that had been called malicious, but that is actually benign or a file that was previously called benign, but that is now believed to be malicious), the server will update its database of know malicious applications and can inform the client (either directly or indirectly). The client, in turn can take an appropriate action based on this information.).
Therefore it is obvious to one ordinary skilled in the art before the effective filing
date of the claimed invention to incorporate the teaching of Friedrich with the system and method of Prakash given the benefit of detecting malicious software (malware) on a general purpose computing device. 
As per claim 11,   Prakash discloses the mobile terminal according to claim 10, wherein the user access right management module makes a decision as to whether the username and the password contained in the application access request are correct based on the invocation of the trusted application (Prakash, Para. 0028, The TEE firmware sensor drivers 212 may check the requests for sensor context data made by applications 104 b to verify that the applications are authorized to receive such data and/or process it securely. The verification may be accomplished through the use of private/public key encryption, digital signatures, passwords, credentials or any other suitable security technique. ).
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
Zimmer (US 20160070932): A system on a chip includes: a single core to execute a legacy instruction set, the single core configured to enter a system management mode (SMM) to provide a trusted execution environment to perform at least one secure operation; and a memory controller coupled to the single core, the memory controller to 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ANGELA R HOLMES whose telephone number is (571)270-3357.  The examiner can normally be reached on Monday-Friday 8:00AM-4:00PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Yin-Chen Shaw can be reached on 571-272-8878.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/ANGELA R HOLMES/Examiner, Art Unit 2498

/THANHNGA B TRUONG/Primary Examiner, Art Unit 2498