DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This office action is in response to the amendments filed on 08/18/2021. 
Claims 1-20 are currently pending in this application. Claims 1 and 20 have been amended.
No new IDS has been filed.

Response to Arguments
Regarding the 112(b) rejections to claim 1, the applicant, in pages 5-7 of remarks, have argued that “… the examiner provides several terms (e.g., “… a closed operating system comprising instructions within the memory to sandbox user space applications; and a sandboxed user space application comprising … to provide a user interface and user application code from the user interface and user application code …” – see par. 7 of the previous rejections) that the examiner considers indefinite … actually well-known and well-understood in the art at the time of filing … Apple defines sandboxing thus … Notably, Apple operating system and Android are provided as examples of operating systems that sandbox applications … it is sufficient to show that the term has a specific and well-understood meaning in the art …”.
Examiner respectfully disagrees with this argument.
As applicant indicated (e.g., the applicant admitted prior art, AAPA), the claimed limitations (e.g., sandboxing userspace applications in the closed operating system) are well-known and well-understood in the art at the time of filing. However, as rejected in 
Note: the applicant is suggested to amend the claims to avoid a prior art rejection using the AAPA in the next office action.

The applicant, in page 7 of the remarks, further argued that “… minimal direct interaction, the concept of de minimis is well understood in the law …”.
The applicant’s this argument is not persuasive.
The rejected limitations, “the minimal direct interaction for the privacy services to the sandboxed userspace application from the user interface” is an ambiguous language because the term “minimal direct interaction” is based on a technology, condition or definition set by the user, for example, “one direct interaction” for a plurality of the privacy services can be defined as “the minimal direct interaction” by a first user, but “two direct interaction” for a plurality of the privacy services can be defined as “the minimal direct interaction” by a second user. Therefore, the rejection is maintained.

Regarding the 112(b) rejections to claim 2, the applicant, in page 7 of remarks, have argued that “… the single point of entry is also well-understood. See, e.g., [0026] and [0060] of the specification …”.
The applicant’s argument is not persuasive.
As rejected in the previous OA, the single point of entry comprising of the agentless security library is not clear to set a boundary of the claimed limitation. Please In re Van Geuns, 988 F.2d 1181, 26 USPQ2d 1057 (Fed. Cir. 1993). Therefore, the rejection is maintained.
Note: the applicant is suggested to amend the claims to avoid a prior art rejection using the AAPA in the next office action.

Regarding the 112(b) rejections to claim 3, the applicant, in page 7 of remarks, have argued that “… single procedure invocation is the single point of entry … wishes to invoke the security library has only to invoke a single procedure provided by an API to provide …”.
The examiner respectfully disagrees with this argument.
The applicant’s statement, “single procedure invocation is the single point of entry” is not clear as there can be multiple procedure invocation with the single point of entry. Therefore, the rejection is maintained.  

 Regarding the 112(b) rejections to claim 4, the applicant, in page 7 of remarks, have argued that “… including the header file is sufficient to invoke the security library …”.
The examiner respectfully disagrees with this argument.
As explained in the previous OA, how “the compile-time inclusion of the header file” or the time information file can be included in an action/process of the single point of entry (e.g., different types, information file and process, cannot be the same). Therefore, the rejection is maintained.

Regarding the 112(b) rejections to claim 10, the applicant, in page 7 of remarks, have argued that “… it is clear that communications are intercepted from within the sandboxed application … as described in the specification …”.
The applicant’s argument is not persuasive.
The applicant’s statement, the security library is compiled in as part of that sandboxed application, is not included in the claim. Although the claims are interpreted in light of the specification, limitations for the specification are not read into the claims. See In re Van Geuns, 988 F.2d 1181, 26 USPQ2d 1057 (Fed. Cir. 1993). Therefore, the rejection is maintained.

Regarding the 112(b) rejections to claim 12, the applicant, in page 7 of remarks, have argued that “… instructions can be compiled in with a sandboxed application, as described in the specification”.
The applicant’s this argument is not persuasive.
The applicant’s statement, “the instructions can be compiled in with a sandboxed application”, is not included in the claim. Although the claims are interpreted in light of the specification, limitations for the specification are not read into the claims. See In re Van Geuns, 988 F.2d 1181, 26 USPQ2d 1057 (Fed. Cir. 1993). Therefore, the rejection is maintained.

Regarding the 112(b) rejections to claim 16, the applicant, in page 7 of remarks, have argued that “… applicant refers examiner to [0081] of the specification … best practices is not an absolute superlative term , but rather those practices preferred by an organization …”.
The applicant’s this argument is not persuasive.
As the applicant noticed, the term, “best practices” is the term defined/preferred by an organization. In this case, it is not clear whether the best practices is preferred by “the McAfee, LLC” or any organization else (e.g., NIST). Moreover, although the claims are interpreted in light of the specification, limitations for the specification are not read into the claims. See In re Van Geuns, 988 F.2d 1181, 26 USPQ2d 1057 (Fed. Cir. 1993). Therefore, the rejection is maintained.

Regarding the 112(b) rejections to claim 19, the applicant, in page 7 of remarks, have argued that “… the concept of de minimis is well-understood in the law. The minimal direct interaction is a runtime interaction”.
The applicant’s this argument is not persuasive.
As responded above, the term “minimal direct interaction” is based on a technology, condition or definition set by the user, so that can be defined as an ambiguous language if it does not provide any definition or condition. Moreover, description of the runtime interaction as a minimal direct interaction cause the limitation unclear (e.g., how a runtime interaction can be a minimal direct interaction). Therefore, the rejection is maintained.

Regarding the 112(b) rejections to claim 20, the applicant, in page 8 of remarks, have argued that “… it is clear that the replacement services are included … the common communication procedures are shared common procedure … SDK overloads (i.e., replaces) those common (i.e., shared) communication procedures”.
The applicant’s these arguments are not persuasive.
As the applicant noted, the terms (e.g., replacing, overloading, overriding) have some different procedures/definition (e.g., overloading vs. overriding in Java). If the applicant as their own lexicographer, then the non-traditional terminology must be clearly defined in the originally filed disclosure. See the 112(b) rejection section for a modified rejection of the amended limitations.

Thus, the applicants’ arguments are not persuasive. Please see amended rejections below for the amended claims. This action is final.

Claim Rejections - 35 USC § 112
The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a)  IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.

Claims 1-11, 19 and 20 are rejected under 35 U.S.C. 112(a) as failing to comply with the written description requirements.

Claims 1 and 19 are amended to include subject matter, “… provide security or privacy services to the sandboxed userspace application with minimal direct runtime interaction from the user interface …” - for the claim 1, and “… the invocation comprises minimal direct runtime interaction between the agentless security SDK and the secured application” – for the claim 19, which were not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, at the time the application was filed, had possession of the claimed invention.
The specification describes that “… the assumption that agentless security SDK 416 provides the minimum legally necessary data protections …” – see par. 0067; “… services to the sandboxed userspace application with minimal direct interaction from the user interface …” – see par. 0179. However, the information disclosed in the specification does not describe the claimed/amended limitations, “… provide security or privacy services to the sandboxed userspace application with minimal direct runtime interaction from the user interface …” - for the claim 1, and “… the invocation comprises minimal direct runtime interaction between the agentless security SDK and the secured application” – for the claim 19.
Claims 2-11 and 20 depend from the claim 1 or 19, and are analyzed and rejected accordingly.

The following is a quotation of 35 U.S.C. 112(b):
(B)  CONCLUSION. — The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention. 

Claims 1-20 are rejected under 35 U.S.C. 112(b) as being indefinite for failing to particularly point out and distinctly claim the subject matter which applicant regards as the invention.

Claim 1 recites:
“… a closed operating system comprising instructions within the memory to sandbox userspace applications; and a sandboxed userspace application …”, however, it is not clear (1) what “… to sandbox userspace applications” means (e.g., sending instructions to sandboxed …); (2) “a sandboxed userspace application” has any relationship with “sandbox userspace applications” or not (e.g., one/part of the sandbox userspace applications, etc.), note – for examining purpose, they are assumed as NOT related;
“… to provide security or privacy services to the sandboxed userspace application with minimal direct runtime interaction from the user interface …”, however, how to measure/define whether “minimal” or not (e.g., it is a comparison term, or one, tens or hundreds, etc.).
Claims 2-11 depend from the claim 1, and are analyzed and rejected accordingly.

Claim 2 recites “… the agentless security library comprises a single point of entry for the sandboxed userspace application …”, however, it is not clear whether the agentless security library comprises only one point, where the execution begins”. 
Claim 3 recites “… the single point of entry comprises a single procedure invocation of the agentless security library”, however, it is not clear whether “the single procedure invocation” is “the single action” or not (e.g., the agentless security library processes only one action).
Claim 4 recites “… the single point of entry comprises a compile-time inclusion of a header file …”, however, it is not clear how the execution starting point (e.g., the point of entry) comprises a compile-time (e.g., they are different types of information).
Claim 10 recites “… library comprises instrumentation to intercept communication within the sandboxed userspace application …”, it is not clear whether these is communication inside the sandboxed userspace application or not.

Claim 12 recites:
“… media having stored … instructions to provide an agentless security SDK for inclusion with a sandboxed application …”, however, it is not clear whether the stored instructions are executed to move/send/develop the agentless security SDK to be with the sanded application or not (or omitting necessary steps/components which causes the limitation unclear);
“… the agentless security library comprising a single point of entry for the sandboxed application …”, however, it is not clear whether the agentless security library comprises only one point, where the execution begins”.
Claims 13-18 depend from the claim 12, and are analyzed and rejected accordingly.

Claim 16 recites “… the agentless security SDK comprises a best practices engine to enforce best security practices …”, however, it is not clear how to define it is “the best security practices” or not (e.g., 100% secure or preferred/defined by the applicant).  

Claim 19 recites:
“A method of developing a secured application … invoking, at build time, an agentless security software development kit (SDK) for inclusion with the secured application …”, however, it is not clear (1) whether “build time” is the time of building a secured application or the time of building an agentless security SDK; (2) whether “inclusion” means the agentless security SDK is included in the secured application or included in a memory along with the secured application (or omitting necessary steps/components which causes the limitation unclear); (3) it is not clear how to develop the secured application because there is not any step to develop, improve or change the secured application (or omitting necessary steps/components which cause the limitation unclear);
“…invoking … for inclusion with … the invocation comprises minimal direct runtime interaction between the agentless security SDK and the secured application”, however, it is not clear (1) whether the minimal direct runtime interaction is for inclusion or not (e.g., not related processes for an action/invoke); (2) how to measure to define whether “minimal” or not (e.g., one, tens or hundreds, etc.).
Claim 20 recites:
“… invoking (for inclusion with the secured application – see claim 19) the agentless security SDK comprises invoking a utility that overloads common communication procedures
“… overloads common communication procedures with communication procedures that are hooked by the agentless security SDK”, however, it is not clear how to define common communication procedures or uncommon communication procedures; (2) what kind of procedure is hooked by the agentless security SDK (or omitting necessary steps/components which causes the limitation unclear).

Examiner’s Note Regarding Prior-art Rejections
The applicant is suggested to amend the claims to avoid a prior art rejection using the AAPA, defined in pages 5-7 of the remarks, in the next office action.
As explained in the 112(b) rejections stated above, the current limitations are in a condition of lack of clarity and/or capability for a prior-art examination. However, a potential concept of the application can be found in:
US 2019/0138712 A1 by Margiolas (e.g., a portable core library within a sandboxed or isolated execution environment authenticates the request from the application via interaction filter and validate information from the updated version of the core library for the request, etc.); 
US 2014/0181896 A1 by Yablokov et al. (e.g., a library of handler functions, executed in a sandbox, that control access of applications to protected resources by the applications, etc.); 
US 2018/0181451 A1 by Saxena et al. (e.g., executing a user-level virtualization, which creates a sandbox, includes a set of rules and performing user-level hooking of events generated by the executing application according to the rules, etc.).

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MAUNG T LWIN whose telephone number is (571)270-7845.  The examiner can normally be reached on Monday - Friday 10:00 am - 6:00 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/MAUNG T LWIN/Primary Examiner, Art Unit 2495