DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 8/24/2021 has been entered.

Response to Amendment / Arguments
Regarding claims rejected under 35 USC 103:
Applicant’s arguments, in view of the amended claim language, have been fully considered and are persuasive.  Therefore, the rejection has been withdrawn.  However, upon further consideration, a new ground(s) of rejection is made in view of Zhu (US 9,852,294 B1).

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Claims 1-11 rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1, 14, and 22 of U.S. Patent No. US 10,445,505 B2 in view of Zhu (US 9,852,294 B1). Although the claims at issue are not identical, they are not patentably distinct from each other because the claims of the patent anticipate those of the instant application (i.e., the server-side of the claimed operations) as below, except for “wherein the action the .

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-11 is/are rejected under 35 U.S.C. 103 as being unpatentable over Chen (US 2016/0092190 A1) in view of Zhu (US 9,852,294 B1).

Regarding claim 1, Chen discloses: A server apparatus, comprising: 
a hardware platform comprising a processor and a memory; 
a network interface; and 
Refer to at least FIG. 1 and [0034] of Chen with respect to exemplary hardware and networking.
a vulnerability assessment server engine comprising instructions encoded within the memory to instruct the processor to: 
receive via the network interface an endpoint payload comprising a platform identification string, comprising an identifier for an application and an identifier for an action that the application intends to take; 
Refer to at least S406-S408 in FIG. 4, [0008], and [0062]-[0063] of Chen with respect to interrupting and analyzing an application installation event for which application information is obtained. The application information is provided to a cloud server.
query a vulnerability database and platform identification string database to procure an application-specific [information] for the action; and 
Refer to at least [0026]-[0029], S414 in FIG. 4, and [0066]-[0067] of Chen with respect to an SID database and procuring application-specific information from the cloud server.  
send via the network interface the application-specific [information] for the action.
Refer to at least [0067] of Chen with respect to the cloud server returning information obtained from the SID database.
Chen does not specify: to procure an application-specific grayware reputation for the action, wherein the grayware reputation represents a likelihood that the application is grayware; based at least in part on the grayware reputation, send via the network interface an indication of whether the action is permissible for the application; wherein the action the application intends to take is a subset comprising less then all actions that the application is capable of taking. However, Chen in view of Zhu discloses: to procure an application-specific grayware reputation for the action, wherein the grayware reputation represents a likelihood that the application is grayware; based at least in part on the grayware reputation, send via the network interface an indication of whether the action is permissible for the application;
Refer to at least Col. 11, Ll. 50-Col. 13, Ll. 52 of Zhu with respect to identifying an application, its reputation, whether the reputation is that of grayware or otherwise suspicious, and identifying its potentially malicious actions. A database may be queried.
wherein the action the application intends to take is a subset comprising less then all actions that the application is capable of taking.
Refer to at least Col. 7, Ll. 1-54, Col. 9, Ll. 9-51, and Col. 12, Ll. 4-22 of Zhu with respect to potential actions which may be taken by the application. 
The teachings of Chen and Zhu concern malware analysis and remediation and are considered to be within the same field of endeavor and combinable as such.
Therefore it would have been obvious to one of ordinary skill in the art before the filing date of Applicant’s invention to modify the teachings of Chen to further include suspicious application reputations associated with potential application actions for at least the reasons discussed in Col. 3, Ll. 60-Col. 4, Ll. 10 of Zhu (i.e., improved security by more efficiently and effectively identifying grayware applications).

Regarding claim 2, Chen-Zhu discloses: The server apparatus of claim 1, wherein the vulnerability assessment server engine further comprises instructions to: determine that the application has an available patch to repair a vulnerability of the application related to the action; and push the patch to the endpoint via the network interface.
Refer to at least [0007], [0047], and [0074] of Chen with respect to downloading and reinstalling the application via the cloud server. 



Regarding claim 4, it is rejected for at least the same reasons as claim 2 above (i.e., the citations). It is noted, however, that the Wootton reference also discusses recommending a second application (e.g., [0238]-[0243] of Wotton).

Regarding claim 5, Chen-Zhu discloses: The server apparatus of claim 1, wherein pushing the patch comprises creating a work item, and assigning the work item to an update agent of the endpoint.
Refer to at least FIG. 3, [0051], and [0054] of Chen with respect to a client installed on the mobile device, the client configured for downloading and reinstalling applications. 

Regarding claim 6, it is rejected for substantially the same reasons as claims 1-2 and 5 above (i.e., the citations and obviousness rationale).

Regarding claim 7, Chen-Zhu discloses: The server apparatus of claim 6, wherein the vulnerability assessment server engine is further to instruct a shim agent of the endpoint to monitor the updated or patched application.
Refer to at least FIG. 3, [0049], and [0052] of Chen with respect to the client and its monitoring module. 

Regarding claim 8, Chen-Zhu discloses: The server apparatus of claim 1, wherein the vulnerability assessment server engine further comprises instructions to interface with a research service to identify new vulnerabilities in applications.
Refer to at least database 120 in FIG. 2 of Zhu.


Regarding claim 9, it is rejected for substantially the same reasons as claim 1 above (i.e., the citations concerning application information; [0066] of the instant specification).

Regarding independent claim 10, it is substantially similar to independent claim 1 and claims 2 and 4, and is therefore likewise rejected for substantially the same reasons (i.e., the citations and obviousness rationales). 

Regarding claim 11, it is rejected for substantially the same reasons as claim 1 (e.g., [0026]-[0029] of Chen).

Claims 12-13, and 18-20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Clancy (US 2014/0157355 A1) in view of Zhu (US 9,852,294 B1).

Regarding claim 12, Clancy discloses: A computing apparatus, comprising: 
a processor and a memory; and 
Refer to at least FIG. 1-2 and [0074] of Clancy with respect to exemplary computing devices.
a process-reputation store comprising a plurality of process identifiers, and one or more allowed actions on a per-process basis; 
Refer to at least [0055], [0080], and [0124] of Clancy with respect to whitelists / blacklists as part of policy.
instructions encoded within the memory to instruct the processor to provide a shim application to: 
identify a process for inspection; 
hook an attempted action of the process; 
determine that the attempted action is not a pre-load action for the process and is not a whitelisted action for the process; 
Refer to at least [0009], [0048], and/or FIG. 3-4 of Clancy with respect to an application making a system call, or generally requesting data. The call / request is evaluated before being allowed. 
compute a reputation for the action in context of the process; and 
Refer to at least [0050]-[0052], [0062], and [0143] of Clancy with respect to the call / request’s context.
Refer to at least [0080], [0055], [0124] of Clancy with respect to the policy server serving policy requests. 
according to the computed reputation, determine whether to allow, block, or warn on the action in context of the [process].
Refer to at least [0042] of Clancy with respect to exemplary enforcement actions, including changing one or more rules. 
Clancy does not disclose: compute a grayware reputation; wherein the grayware reputation represents a likelihood that the process is grayware; in context of the grayware reputation; wherein the one or more allowed actions comprise a subset being fewer than all actions available to a process. However, Clancy in view of Zhu discloses: grayware reputation; wherein the grayware reputation represents a likelihood that the process is grayware; in context of the grayware reputation;
Refer to at least Col. 11, Ll. 50-Col. 13, Ll. 52 of Zhu with respect to identifying an application, its reputation, whether the reputation is that of grayware or otherwise suspicious, and identifying its potentially malicious actions. A database may be queried.
wherein the one or more allowed actions comprise a subset being fewer than all actions available to a process.
Refer to at least Col. 7, Ll. 1-54, Col. 9, Ll. 9-51, and Col. 12, Ll. 4-22 of Zhu with respect to potential actions which may be taken by the application. 
The teachings of Clancy and Zhu concern malware analysis and remediation and are considered to be within the same field of endeavor and combinable as such.
Therefore it would have been obvious to one of ordinary skill in the art before the filing date of Applicant’s invention to modify the teachings of Clancy to further include suspicious application reputations associated with potential application actions for at least the reasons discussed in Col. 3, Ll. 60-Col. 4, Ll. 10 of Zhu (i.e., improved security by more efficiently and effectively identifying grayware applications).


Regarding claim 13, it is rejected for substantially the same reasons as claim 12 above (i.e., the citations and obviousness rationale; see at least FIG. 4 of Kumar with respect to the rules database).

Regarding claim 18, it is rejected for substantially the same reasons as claim 12 above (i.e., the citations).

Regarding claims 19-20, they are rejected for substantially the same reasons as claim 12 above (i.e., the citations; [0066] of the instant specification).

Claims 14-17 is/are rejected under 35 U.S.C. 103 as being unpatentable over Clancy-Zhu as applied to claims 12-13, and 18-20 above, and further in view of Wootton (US 2012/0110174 A1).

wherein the instructions are further to cache the reputation in the process-reputation store. However, Clancy-Kumar in view of Wootton discloses: wherein the instructions are further to cache the reputation in the process-reputation store.
Refer to at least [0126] of Wootton with respect to caching assessment results.  
The teachings of Clancy-Zhu and Wootton relate to securing mobile applications and are considered to be within the same field of endeavor and combinable as such.
Therefore it would have been obvious to one of ordinary skill in the art before the filing date of Applicant’s invention to modify the teachings of Clancy-Zhu to further include caching for at least the purpose of quickly providing the results to additional requesters.   

Regarding claim 15, Clancy-Zhu discloses: The computing apparatus of claim 14, wherein the instructions are to solicit feedback before executing a warn action.
Refer to at least Col. 13, Ll. 40-52 of Zhu with respect to notifying a user. 
This claim would have been obvious for substantially the same reasons as claim 12 above.

Regarding claim 16, it is rejected for substantially the same reasons as claim 14 above.

Regarding claim 17, it is rejected for substantially the same reasons as claim 15 above.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to VADIM SAVENKOV whose telephone number is (571)270-5751.  The examiner can normally be reached on 12PM-8PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is 
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey L Nickerson can be reached on (469) 295-9235.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/Jeffrey Nickerson/Supervisory Patent Examiner, Art Unit 2432                                                                                                                                                                                                        




/V.S/Examiner, Art Unit 2432