Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Priority
This application is a continuation of parent patent application # 15/850,215 and claims the priority to its filing data of 12/21/2017. 
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 08/09/2021 has been entered.
 
DETAILED ACTION
This office action is in response to a Request for Continued Examination (RCE) application received on 08/09/2021. In the RCE, applicant has amended claim 1 and added claim 11 as new claim. Claims 3, 5-7 and 10 remain cancelled. 
For this office action, claims 1-2, 4, 8-9 and 11 have been received for consideration and have been examined. 



Response to Arguments
Claim Rejection under 35 U.S.C. § 112
	Applicant’s amendments and remarks have been reviewed by the examiner, however, examiner does not find them persuasive. After careful review, examiner finds that claims still contain 112(b) indefiniteness issues. Examiner notes that applicant has cancelled some language from couple of “wherein” clauses from third limitation, however, there are multiple other “wherein” clauses which remain the basis of maintaining the 112(b) rejection in the office action. Therefore, examiner has maintained the 112(b) rejection in this office action. 
Claim Rejection under 35 U.S.C. § 101
	Applicant has mentioned that applicant will consider filing a Terminal Disclaimer should Examiner reject the amended claims and should this rejection remain the only barrier to allowance. Examiner does not find these remarks to overcome the current 101 rejection since applicant has not filed the Terminal Disclaimer and therefore claim rejection under 35 U.S.C. § 101 have been maintained in this office action. 
Claim Rejection under 35 U.S.C. § 103
	Applicant’s remarks with respect to rejection of claims under 35 U.S.C. § 103 have been reviewed by the examiner, however, examiner do not find them to be persuasive. After reviewing, applicant’s remarks have been summarized as follows:
Beresford does not teach the “target application” or “mock interface” of the pending claims because Beresford arguably discloses a lone application with altered functionality due to a security policy issue of the device upon which the lone application is installed (See Page # 6
Brutschy does not teach a “target application” or “mock interface” in the context of the pending claims (See Page # 7).
Hoffner does not teach a “target application” or “mock interface” in the context of the pending claims (See Page # ).
Examiner’s Response
	Regarding remark # 1, that Beresford does not teach the “target application” or “mock interface” of the pending claims because Beresford arguably discloses a lone application with altered functionality due to a security policy issue of the device upon which the lone application is installed, examiner respectfully disagrees. 
Examiner would like to mention that Beresford does disclose a target application and also disclose a mock interface of that target application when the user try to access the target application but gets the mock interface due to insufficient permissions. Examiner has mapped the claim limitations with the evaluation/execution portion of the Beresford’s invention and not the installation portion as examiner is aware that claims are written from the execution point of view of creating a Mock interface of an application (See Beresford: Pages 51-52). 
Regarding remark # 2, Brutschy does not teach a “target application” or “mock interface” in the context of the pending claims, examiner respectfully disagrees. As Brutschy title describes, it provides fine-grained user control over usages of sensitive system resources having private data with applications in privacy enforcement. Brutschy discloses a system and method in which when a user access an application which user does not have full permission to access, it replace a source object in the application, at the selected program point, that accesses the private data with another statement object that allocates a mock object or value See Brutschy: [0023] a new and novel form of (e.g., dynamic) analysis is used to characterize how an application is utilizing sensitive system resources. The analysis in an exemplary embodiment disables permission-requiring aspects of an app selectively by “mocking” objects and their values, which retains app functionality but limits infringement of the user's privacy). Therefore, Brutschy extensively discloses accessing a target application and creating a mock interface for that application based on insufficient permissions. 
Regarding remark # 3, Hoffner does not teach a “target application” or “mock interface” in the context of the pending claims, examiner respectfully disagrees. Hoffner explicitly discloses “a mock server” which is solely employs to intercepted client requests, and determine a mock response to be returned to the client application request instead of a response that would be generated by the backend server  (See Hoffner: Abstract; The mock server may intercept OData requests sent from an application toward a backend server. For at least some of the intercepted requests, the mock server may determine a mock response to be returned to the application instead of a response that would be generated by the backend server. In some examples, the mock server may employ various mock server extension components to generate the mock response. The mock response may include an error message, warning message, and/or other content, and may be provided to enable negative testing of the application. In some instances, the application employs a user interface (UI) model to provide UI elements). 
	Based on above explanation regarding each cited reference, examiner believe that combination of cited references would render similar result as being claimed in the instant application. Therefore examiner is compelled to maintain the rejection. 
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


Claims 1-2, 4 and 8-9 are rejected under 35 U.S.C. 112(b), as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, regards as the invention.
Claim 1 is rejected as failing to define the invention in the manner required by 35 U.S.C. § 112(b).
The claims are narrative in form and replete with indefinite language. The structure which goes to make up the device must be clearly and positively specified. For machine claims, the structure must be organized and correlated in such a manner as to present a complete operative device. For claims predicated on methods, the structure must be organized into steps.  The claims must be in one sentence form only. Note the format of the claims in the patents cited.
According to MPEP 2173.02(II) "If the language of the claim is such that a person of ordinary skill in the art could not interpret the metes and bounds of the claim so as to understand how to avoid infringement, a rejection of the claim under 35 U.S.C. 112(b), is appropriate."
The following clauses are the basis for an indefiniteness rejection due to the reasoning set forth above (unclear to a potential infringer how to avoid infringement) because (i) it's unclear if these clauses are required for infringement or not, and (ii) it’s unclear how they affect the scope of the claimed method for claim 1-2, 4 and 8-9.
1, this is “a computer-implemented method” claim and written from the point of “one or more processors” performing the subsequently articulated method steps.
However, claim 1 recites the following clauses:
A first wherein clause recited in the first limitation
“wherein the target application accesses a first server”,
A third wherein clause recited in the third limitation
“wherein a visual appearance of the second graphical user interface simulates a visual appearance of the first graphical user interface”,
A fourth wherein clause recited in the third limitation
“wherein the second graphical user interface displays predefined data from a second server executing the mock interface and the first graphical user interface displays dynamic data, from one or more data sources”,
A fifth clause recited in the third limitation
“wherein access to view data from the one or more data sources is authorized in the target application, in similar graphical formats”,
A seventh clause recited in the third limitation
                “wherein the predefined data is a static set of data that does not include the dynamic data from the one or more data sources that the user is not authorized to view”,
	A eighth clause (and onward) recited in the third limitation
“wherein the second graphical user interface further comprises a list of permissions of the user to the target applications and options to select one or more additional permissions in the mock interface, via the second graphical user interface”;
	wherein the list comprises permissions assigned to the user to utilize the target application; and
 wherein the options comprise permissions not assigned to the user to utilize the target application; and
wherein the sufficient permissions comprise viewing the selected options in the target application.”
                All of the above mentioned steps are performed by entities such as “a computing node” (or a second graphical user interface displayed on the “computing node”), “a first server”, and “a second server”, which are all outside the scope of the claimed method and its instructions for execution of various articulated steps, which are performed by “one or more 
processors”. 
It would be unclear to a potential infringer as to how the above clauses limit the structure or the method of the claimed product.  In particular, it’s unclear how the wall of wherein clauses affects the scope of instructions for “generating a mock interface” by the one or more processors.  The Examiner would like to remind applicant that during prosecution applicant has ample opportunity to amend the claims and preferably positively indicate which device is doing what steps to write claim with positive language. 
	Furthermore, the following clauses are contradictory:  “wherein based on the user selecting one or more of the options in the second graphical user interface, the mock interface displays a portion of the static set of data […] in the second graphical user interface”.  Wouldn’t the second graphical user interface be the entity displaying, and not the mock interface? As per the previous wherein clauses from the wherein ‘wall of text’: “the mock interface is an API to the target application”, and “the mock interface is executed by a second server”, and “the mock interface is accessible via a second graphical user interface”.  The mock interface is clearly a software API on a server and not displaying anything to anyone. Instead the mock interface is (presumably) configured to receive function calls from and respond to the “second graphical user interface”, which is on another computing node other than the second server.
	Furthermore, claim 1 recites “based on the user selecting one or more of the options […], [doing stuff]”. As per IPXL Holdings v Amazon, this is indefinite because it recites use of the product in combination with the product and therefore the lines of infringement are obscured.
	Furthermore, a significant portion of the claim language in claim 1 is directed to actions being performed after the generating of the mock interface, yet are drafted as wherein clauses inside the step of generating the mock interface.  It’s unclear how any of these clauses affect the scope of the particular step of “generating a mock interface”.  
	Claim 1 further recites:  “automatically obtaining […]”, “wherein the request comprises a request for permissions to the target application represented by the selected one or more options in the mock interface”.  This contradicts the previous wherein clauses which state the options are presented and selected in the second graphical user interface, not the mock interface.
	Claim 1 further recites “automatically generating […]”, “wherein based on applying the customized security policy, repeating the access request by the user results in the user obtaining authorized access to the target application …”.  As per IPXL Holdings v Amazon this is, on its face, indefinite.  Perhaps applicant is intending to claim if the user were to submit a subsequent access request.  Regardless, the entire limitation is convoluted nonsense and can be almost entirely replaced by “[the customized security policy] grants the user the permissions represented by selected options”.
	Claim 4 recites “authorizing, by the one or more processors, access by the user to the mock interface based on obtaining the temporary credentials from the user via an entry by the user in the second graphical user interface”.  See concerns regarding claim 1 with respect to it being unclear how interactions with a second graphical user interface affect the scope of the step of “generating a mock interface”.  Furthermore, this is indefinite at least per IPXL Holdings v Amazon for reciting user use with the product “based on obtaining the temporary credentials from the user via entry by the user …”.
	Claim 8 recites “The computer-implemented method of claim 1, wherein the request to change the permissions of the user to the target application further comprises identifying credentials of the user”.  A received request cannot comprise an action, such as identifying.  Ergo, this limitation makes no sense and its metes and bounds would not be determinable by a potential infringer.
	Remaining dependent claims inherit the deficiencies of their parent claim and have not resolved the deficiencies. Therefore, dependent claims are also rejected based on the same rationale as applied to their parent claims above.
Claim Interpretations 
wherein clauses will not be given patentable weight because they do not limit the scope of the claimed “computer-implemented method steps performed by the one or more processor” in claim 1. 
	Therefore, for the purpose of the examination, claim 1 will be interpreted and treated as follows:
	A computer-implemented method, comprising:
	“obtaining, by the one or more processors, an authorization request from a computing node to a target application;
	generating, by the one or more processors, an authorization failure from the target application, wherein the authorization failure indicates that an access request to the target application was denied based on insufficient permissions of a user associated with the request;
	generating, by the one or more processors, a mock interface, wherein the mock interface is an application programming interface to the target application;
automatically obtaining, by the one or more processors, via the mock interface, based on the user selecting one or more of the options, a request to change the permissions of the user to the target application;
automatically generating, by the one or more processors, a customized security policy, comprising the selected one or more options, wherein based on applying the customized security policy, repeating the access request by the user results in the user obtaining authorized access to the target application based on the user having attained, via the customized security policy, permissions to the target application represented by the selected one or more options; and
applying, by the one or more processors, the customized security policy to a control system of the target application to update the permissions of the user to the target application.”

Double Patenting
The non-statutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A non-statutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on non-statutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159.  See MPEP §§ 706.02(l)(1) - 706.02(l)(3) for applications not subject to examination under the 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
	Claims  1-2, 4 and 8-9 are provisionally rejected on the ground of non-statutory Double Patenting as being unpatentable over claims 11-12 and 18-19 of co-pending patent application # 15/850,215. The claims in co-pending application also discloses 
	“obtaining, by the one or more processors, an authorization request from a computing node to a target application;
	generating, by the one or more processors, an authorization failure from the target application, wherein the authorization failure indicates that an access request to the target application was denied based on insufficient permissions of a user associated with the request;
	generating, by the one or more processors, a mock interface, wherein the mock interface is an application programming interface to the target application;
automatically obtaining, by the one or more processors, via the mock interface, based on the user selecting one or more of the options, a request to change the permissions of the user to the target application;
automatically generating, by the one or more processors, a customized security policy, comprising the selected one or more options, wherein based on applying the customized security policy, repeating the access request by the user results in the user obtaining authorized access to the target application based on the user having attained, via the customized security policy, permissions to the target application represented by the selected one or more options; and
applying, by the one or more processors, the customized security policy to a control system of the target application to update the permissions of the user to the target application.”
	Although the claims at issue are not identical, they are not patentably distinct from each other because if allowed, would improperly extend the "right to exclude" already granted in the patent. 
With respect to the claims 1-2, 4 and 8-9 of the instant application, please refer to the following table, which illustrates the obvious and anticipatory relationship of the claim limitations at issue:
Instant Application Claim limitations in light 
of  112(b) Claim interpretations
Co-pending US Application # 15/850,215
1. A computer-implemented method, comprising:





obtaining, by the one or more processors, an authorization request from a computing node to a target application;

generating, by one or more processors, an authorization failure from a target application, wherein the authorization failure indicates that an access request to the target application was denied based on insufficient permissions of a user associated with the request;

generating, by the one or more processors, a mock interface, wherein the mock interface is an application programming interface to the target application;

automatically obtaining, by the one or more processors, via the mock interface, based on the user selecting one or more of the 


automatically generating, by the one or more processors, a customized security policy, comprising the selected one or more options, wherein based on applying the customized security policy, repeating the access request by the user results in the user obtaining authorized access to the target application based on the user having attained, via the customized security policy, permissions to the target application represented by the selected one or more options; and


applying, by the one or more processors, the customized security policy to a control system of the target application to update the permissions of the user to the target application.

transmitting, by the one or more processors, an authorization request from a computing node to a target application;

obtaining, by the one or more processors, an authorization failure from a target application, wherein the authorization failure indicates that an access request to the target application was denied based on insufficient permissions of a user associated with the request;

generating, by the one or more processors, a mock interface, wherein the mock interface is an application programming interface to the target application;

automatically obtaining, by the one or more processors, via the mock interface, based on the user selecting one or more of the options, a request to change the permissions of the user to the target application;

automatically generating, by the one or more processors, a customized security policy, comprising the selected one or more options, wherein based on applying the customized security policy, repeating the access request by the user results in the user obtaining authorized access to the target application based on the user having attained, via the customized security policy, permissions to the target application represented by the selected one or more options; and

applying, by the one or more processors, the customized security policy to a control system of the target application to update the permissions of the user to the target application.


notifying, by the one or more processors, the user of the update.
12. (Currently Amended) The computer-implemented method of claim 11, further comprising: 
notifying, by the one or more processors, the user of the update.
4. The computer-implemented method of claim 1, wherein instituting the mock interface further comprises: 

generating, by the one or more processors, temporary credentials for use by the user in accessing the mock interface; 

transmitting, by the one or more processors, the temporary credentials to the user; and 

authorizing, by the one or more processors, access by the user to the mock interface based on obtaining the temporary credentials from the user via an entry by the user in the second user interface.
14. (Currently Amended) The computer program product of claim 11, wherein generating the mock interface further comprises: 
generating, by the one or more processors, temporary credentials for use by the user in accessing the mock interface;

CN820160926US01- 3 -transmitting, by the one or more processors, the temporary credentials to the user; and 

authorizing, by the one or more processors, access by the user to the mock interface based on obtaining the temporary credentials from the user via an entry by the user in the second user interface.

18. (Original) The computer program product of claim 11, wherein the request to change the permissions of the user to the target application further comprises identifying credentials of the user.
9. The computer-implemented method of claim 1, wherein instituting the mock interface, further comprises: 

intercepting, by the one or more processors, a denial of access from the target application; and replacing, by the one or more processors, the denial of access with a display in the second graphical user interface of the permissions of the user to the target application.
19. (Currently Amended) The computer program product of claim 11, wherein generating the mock interface, further comprises: 
intercepting, by the one or more processors, a denial of access from the target application; and replacing, by the one or more processors, the denial of access with a display in the second graphical user interface of the permissions of the user to the target application.


This is a provisional non-statutory double patenting rejection because the patentably indistinct claims have not in fact been patented.



Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-2, 9 and 11 are rejected under 35 U.S.C. 103 as being unpatentable over NPL Document of Beresford et al., Dated March 2011 “MockDroid: trading privacy for application functionality on smartphones” (https://doi.org/10.1145/2184489.2184500) in view of Hoffner et al., (US20170300402A1) and further in view of Brutschy et al., (US20160246992A1).
Regarding claim 1, Beresford discloses:
	A computer-implemented method, comprising:
obtaining, by the one or more processors, an authorization request (See FIG. 1 on page # 4 i.e. set of permissions) from a computing node (See FIG. 1 mobile phone depicting in Figure 1 on page # 4) to a target application (See FIG. 1 on page # 4 i.e. Paper Toss), wherein the authorization request is submitted through a first graphical user interface (See FIG.1; when Alice operates ‘Paper Toss’ application with all permissions mocked) displayed on the Page # 4, Col. 2, Para [0002] Alice finds the game runs acceptably with all permissions mocked. After some time Alice wishes to submit her high score to the on-line high score table and application requests permission to access internet; Examiner interprets this step as “obtaining an authorization request to a target application” which is running in the foreground of the graphical user interface);
generating, by the one or more processors, an authorization failure (See Page # 4, Col. 2, Para [0002]; i.e. when user (Alice) unable to submit game score) from a target application (See Page # 4, Col. 2, Para [0002]; i.e. internet permission is currently mocked), wherein the authorization failure indicates that an access request to the target application was denied based on insufficient permissions of a user associated with the request (Page # 4, Col. 2, Para [0002]; Alice wishes to submit her high score to the on-line high score table. Unfortunately this does not work, as the Internet permission is currently mocked. Examiner construes this action equivalent to ‘generating an authorization failure from a target application);
automatically generating (i.e. clicking of Alice on the notification and enabling the internet permission), by the one or more processors, a customized security policy (see Page # 4; i.e. enabling internet permissions), comprising the selected one or more options, wherein based on applying the customized security policy, repeating the access request by the user results in the user obtaining authorized access to the target application based on the user having attained, via the customized security policy, permissions to the target application represented by the selected one or more options (Page # 4, Col. 2, Para [0002]; Alice can click on this notification and enable the Internet permission as shown in Figure 1(c). After her score has been submitted, Alice can then return to the Mocker application and disable access to the Internet if desired); and
applying, by the one or more processors, the customized security policy to a control system (See page # 4, i.e. Mocker application) of the target application to update the permissions of the user to the target application (Page # 3, Col. 2, Para 10 – Page # 4, Col. 1, Para 1; We have also added an additional system permission to the Android OS. Any application which is granted this permission is placed in the mock group and can therefore read and write the mocked permissions which are stored on the file system. We have written an additional application, called Mocker, which has this system permission enabled. This application allows the user to configure and change mocked permissions whilst programs are running).
Beresford fails to disclose:
	generating, by the one or more processors, a mock interface, wherein the mock interface is an application programming interface to the target application; automatically obtaining, by the one or more processors, via the mock interface, based on the user selecting one or more of the options, a request to change the permissions of the user to the target application.
However, Hoffner discloses:
generating, by the one or more processors, a mock interface (See FIG.2; i.e. a mock server 116 or mock server extension 120 generating various mock responses such as 236 and 238), wherein the mock interface is an application programming interface (i.e. Mock Server Extension Interface API 108; see FIG. 1) to the target application (See FIG. 1; i.e. Mocked API) See FIG. 2; for an example process for using a mock server 116 to test an application 104; see [0040] steps 202 & 204; see [0044] for first scenario 236; see [0045] for second scenario 238).
It would have been obvious to one of the ordinary person skilled in the art before the effective filing date of the claimed invention to modify the Beresford reference and include a Mock server for testing applications, as disclosed by Hoffner. 
The motivation to include the Mock server is to test application in a test environment in order to see how application respond when a real user interacts with the application in the test environment. 
The combination of Beresford and Hoffner fails to disclose:
automatically obtaining, by the one or more processors, via the mock interface, based on the user selecting one or more of the options, a request to change the permissions of the user to the target application.
However, Brutschy discloses:
	automatically obtaining, by the one or more processors, via the mock interface, based on the user selecting one or more of the options, a request to change the permissions of the user to the target application ([0111] the computing system 100 performs the operation of accessing a permission that is to be revoked for an application. The permission involves access to private data of a user via an application programming interface of an operating system ... That is, calls to the objects 140 (or the methods of the objects) that use a permission to access private data of the user may be replaced with mocked calls or corresponding values that return data that do not expose the private data of the user); 

	The motivation to include mock permissions when accessing applications is have fine-grained access control over those applications which contain sensitive information to prevent them from unauthorized access to sensitive information. 
Regarding claim 2, the combination of Beresford, Hoffner and Brutschy discloses:
The computer-implemented method of claim 1, further comprising:
notifying, by the one or more processors, the user of the update (Beresford: Page #4, Col. 2, Para [0002] Alice finds the game runs acceptably with all permissions mocked. After some time, Alice wishes to submit her high score to the on-line high score table. Unfortunately this does not work, as the Internet permission is currently mocked. The Mocker application informs Alice that the application wishes to use the Internet permission by placing a notification in the Android notification bar as shown in Figure 1(b). Alice can click on this notification and enable the Internet permission as shown in Figure 1(c)).
Regarding claim 9, the combination of Beresford, Hoffner and Brutschy discloses:
The computer-implemented method of claim 1, wherein instituting the mock interface, further comprises:
intercepting, by the one or more processors, a denial of access from the target application (Beresford: Page#2, Col. 1, Para [0004] For example, consider an application which requests IP connectivity, access to location data from the GPS sensor, and read-write access to the calendar database. On MockDroid, the user may choose to provide `mock' GPS data, such as always reporting a specific latitude and longitude, or reporting/no location available" regardless of the actual status of the GPS device. Similarly, IP connectivity may always/time out" for specific network addresses, or even all requests for communication);
replacing, by the one or more processors, the denial of access with a display of the permissions of the user to the target application by the mock interface (Beresford: Page # 4, Col. 2, Para [0002] Alice finds the game runs acceptably with all permissions mocked. After some time, Alice wishes to submit her high score to the on-line high score table. Unfortunately this does not work, as the Internet permission is currently mocked. The Mocker application informs Alice that the application wishes to use the Internet permission by placing a notification in the Android notification bar as shown in Figure 1(b). Alice can click on this notification and enable the Internet permission as shown in Figure 1(c)).
Regarding claim 11, the combination of Beresford, Hoffner and Brutschy discloses:
The computer-implemented method of claim 1, further comprising: 
obtaining, by the one or more processors, another authorization request from the computing node to the target application, wherein the other authorization request is submitted through the first graphical user interface (Beresford: Page #4, Col. 2, Para [0002] Alice finds the game runs acceptably with all permissions mocked. After some time, Alice wishes to submit her high score to the on-line high score table. Unfortunately this does not work, as the Internet permission is currently mocked. The Mocker application informs Alice that the application wishes to use the Internet permission by placing a notification in the Android notification bar as shown in Figure 1(b). Alice can click on this notification and enable the Internet permission as shown in Figure 1(c)); and 
providing, by the one or more processors, the computing node with access to the target application via the first graphical user interface, based on the updated permissions in the control system of the target application (Beresford: Page # 4, Col. 2, Para [0002] Alice finds the game runs acceptably with all permissions mocked. After some time, Alice wishes to submit her high score to the on-line high score table. Unfortunately this does not work, as the Internet permission is currently mocked. The Mocker application informs Alice that the application wishes to use the Internet permission by placing a notification in the Android notification bar as shown in Figure 1(b). Alice can click on this notification and enable the Internet permission as shown in Figure 1(c)).

Claims 4 and 8 are rejected under 35 U.S.C. 103 as being unpatentable over NPL Document of Beresford et al., Dated March 2011 “MockDroid: trading privacy for application functionality on smartphones” (https://doi.org/10.1145/2184489.2184500) in view of Hoffner et al., (US20170300402A1) in view of Brutschy et al., (US20160246992A1) and further in view of Li et al., (US20180309748A1).
Regarding claim 4, the combination of Beresford, Hoffner and Brutschy fails to disclose:
The computer-implemented method of claim 1, wherein instituting the mock interface further comprises:

However, Li discloses:
	generating, by the one or more processors, temporary credentials for use by the user in accessing the mock interface ([0025] The central access control server may also generate temporary credentials for the user (at 1.8) once the session token has been validated. Additionally, the central access control server may associate the temporary credentials with a user profile of the user and store a local copy of the temporary credentials);
	transmitting, by the one or more processors, the temporary credentials to the user ([0025] Additionally, the central access control server may associate the temporary credentials with a user profile of the user and store a local copy of the temporary credentials); and
	authorizing, by the one or more processors, access by the user to the mock interface based on obtaining the temporary credentials from the user via an entry by the user in the second graphical user interface ([0026] In some embodiments, with the saved application profile and the application login request detail, central access control server may simulate user login request with the temporary credentials. In some embodiments, the application server may implement an Application Programming Interface ("API")).

	The motivation to create and utilize temporary credentials is to allow user limited access to the resource based on policy.
Regarding claim 8, the combination of Beresford, Hoffner and Brutschy fails to disclose:
The computer-implemented method of claim 1, wherein the request to change the permissions of the user to the target application further comprises identifying credentials of the user.
However, Li discloses:
wherein the request to change the permissions of the user to the target application further comprises identifying credentials of the user ([0025] The request may specify the particular application that the user would like to access and may include the session token provided to the user device by the central access control server. The central access control server may validate the token (at 1.7), which may include verifying that the user has been authenticated and/or that the communication session between the user device and the central access control server has not expired. The central access control server may also generate temporary credentials for the user (at 1.8) once the session token has been validated).
It would have been obvious to one of the ordinary person skilled in the art before the effective filing date of the claimed invention to modify the references of Beresford, Hoffner and Brutschy and include feature of generating temporary credentials, as disclosed by Li.


Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SYED M AHSAN whose telephone number is (571)272-5018.  The examiner can normally be reached on 8:30 AM - 6:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffery L. Nickerson can be reached on 469-295-9235.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/S.M.A./Patent Examiner, Art Unit 2432                                                                                                                                                                                                        
/SYED A ZAIDI/Primary Examiner, Art Unit 2432