Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . This is in reply to papers filed on 03/27/20. Claims 1-20 are pending. Claims 1, 10, and 15-16 is/are independent.

Information Disclosure Statement
The information disclosure statement(s) (IDS) submitted on 07/10/2019 and 03/04/2020 is/are in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement(s) is/are being considered by the examiner.

Allowable Subject Matter
	Claims 12-13 is/are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.

The following is a statement of reasons for the indication of allowable subject matter:  

The prior art of record (in particular, Semenzato et al. U.S. Patent No. 8745612 (hereinafter “Semenzato”) in view of Asokan et al. U.S. Publication 20080195868 (hereinafter “Asokan”), Earl et al. U.S. Publication 20030233648 (hereinafter “Earl”), and Le Rudulier et al. U.S. Publication 20170228558 (hereinafter “Le Rudulier”)) does not expressly disclose all the limitations recited in independent claims and the combination of their features thereon. With respect to dependent claim 12 the closest prior art does not disclose at least the following limitations in the recited context:

receive a delegate ARB exception associated with the software from another software provisioning server, wherein the delegate ARB exception comprises a signature of the delegate 
check the validity of the signature of the delegate ARB exception, and 
determine the ARB exception associated with the software based on the delegate policy for the ARB exception and the revision number of the software when the signature of the delegate ARB exception is valid.  


Rather, Semenzato discloses preventing installation of superseded software programs unless there is a manual override [Semenzato para. 3:23-25, 7:51-56, 10:4-8, 11:49-50, 13:27-29]. 
However, Semenzato does not disclose at least the features of claim 12 quoted above.  
To this, Asokan adds validating a signature of a software package and executing the validated software [Asokan, figure 3, P307, P315, para. 28, 31]. Earl adds a server installing software on another server, and then the other server installing the software on various nodes [Earl, para. 31]. Le Rudulier adds generating a delegation policy [Le Rudulier, para. 28].
However, the combination of Semenzato, Asokan, Earl, and Le Rudulier does not teach at least the features of claim 12 quoted above.  
None of the prior art of record, either taken by itself or in any combination, would have anticipated or made obvious the invention of the present application at or before the time it was filed.
For the reasons described above, the prior art of record does not disclose, with respect to dependent claim 12, features corresponding to those of dependent claim 12 in their respective contexts. Therefore, the dependent claim 12 is/are allowable as indicated above.
Dependent claim 13 is allowable in view of its respective dependence from dependent claim 12.

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.


Claims 10-11, 14, 16, 17 and 20 is/are rejected under 35 U.S.C. 101 because the claimed inventions is/are directed to an abstract idea without significantly more. 
Claim 10
Claim 10 recites a server which is one of the four statutory categories (e.g. machine).  The server comprises a processor configured to determine an ARB exception and a transceiver configured to provide the ARB exception to an electronic device. Determining an ARB exception can be performed in the mind and is a mental process. One of ordinary skill in the art can review a table of ARB EXCEPTIONS and in their mind determine from such data an ARB exception from the table of ARB exceptions. The claim recites a signature, however, claim 10 only recites that the signature is part of the ARB exception without reciting performing encryption operations to generate the signature. Thus, the recited signature itself is mere data included in the ARB exception and the claim under its broadest reasonable interpretation recites a mental process. 
There is no recitation of additional elements in claim 10 which integrates the judicial exception into a practical application. Providing an ARB exception to an electronic device is insignificant post-solution activity. See MPEP 2106.04(d). 
The recited implementation on a computer (e.g., server), including the processor and transceiver, are additional elements that amount to merely generally linking the use of a judicial exception to a particular technological environment or field of use. See MPEP 2106.05(h). See, e.g., Bilski v. Kappos, 561 U.S. 593, 612, 95 USPQ2d 1001, 1010 (2010) ("Flook established that limiting an abstract idea to one field of use or adding token postsolution components did not Parker v. Flook, 437 U.S. 584, 198 USPQ 193 (1978)). Limitations that amount to merely indicating a field of use or technological environment in which to apply a judicial exception cannot integrate a judicial exception into a practical application. The claim merely implements the abstract idea on a generic computer. 
Claim 10 does not recite an additional element or a combination of additional elements in the claim to apply, rely on, or use the judicial exception in a manner that imposes a meaningful limit on the judicial exception, such that it is more than a drafting effort designed to monopolize the exception. Claim 10 does not recite any additional elements that may limit the use of the ARB exception determination to a practical application. Thus, the claim is directed to the recited abstract idea (judicial exception). 
The claim does not include additional elements that are sufficient to amount to significantly more than the judicial exception.  The claim does not recite any additional elements that provides an inventive concept. Claim 10 recites a server but other additional elements of claim 10 combining with the server do not result in significantly more. The claim recites providing the ARB exception but this is insignificant post-solution activity 
The recited determining and providing performed by the processor and transceiver, respectively, of claim 10 are well-known, routine, and conventional. See MPEP 2106.05(d).II.i (“Receiving or transmitting data over a network, e.g., using the Internet to gather data, Symantec, 838 F.3d at 1321, 120 USPQ2d at 1362 (utilizing an intermediary computer to forward information); TLI Communications LLC v. AV Auto. LLC, 823 F.3d 607, 610, 118 USPQ2d 1744, 1745 (Fed. Cir. 2016) (using a telephone for image transmission); OIP Techs., Inc., v. Amazon.com, Inc., 788 F.3d 1359, 1363, 115 USPQ2d 1090, 1093 (Fed. Cir. 2015) (sending messages over a network); buySAFE, Inc. v. Google, Inc., 765 F.3d 1350, 1355, 112 USPQ2d 1093, 1096 (Fed. Cir. 2014) (computer receives and sends information over a network); but see DDR Holdings, LLC v. Hotels.com, L.P., 773 F.3d 1245, 1258, 113 USPQ2d 1097, 1106 (Fed. Cir. 2014) ("Unlike the claims in Ultramercial, the claims at issue here specify ‐‐a result that overrides the routine and conventional sequence of events ordinarily triggered by the click of a hyperlink." (emphasis added));”) 
The claim does not recite any additional elements which individually or in combination amount to significantly more. Furthermore, as argued above with respect to step 2A, employing generic computer functions to execute an abstract idea, even when limiting the use of the idea to one particular environment, does not add significantly more, The claim is not patent eligible.
Examiner suggests that Applicant review the 2019 Revised Patent Subject Matter Eligibility Guidance (“2019 PEG”) at https://www.uspto.gov/patent/laws-and-regulations/examination-policy/subject-matter-eligibility, which explains how the combination of additional elements in exemplary claims integrate an exception into a practical application. 
The dependent claims 11 and 14 depending from claim 10 do not recite any additional limitations that individually or in combination with the inherited limitations of claim 10 amount to significantly more. 
Claim 11 recites additional limitations including a processor configured to determine a delegate ARB exception and a transceiver configured to cooperate with the processor to transmit the delegate ARB exception but these limitations of claim 11 only add to the mental process described in the limitations inherited from claim 10 that can be performed in the mind. For example claim 11 can read on selecting a delegate ARB exception from a table of delegate ARB exceptions. The recited signature is merely data and there is no recitation of generating a signature involving encryption steps. The transmitting is insignificant post-solution activity.
Claim 14 recites additional limitations including the receiver configured to cooperate with the processor to receive an ARB exception request and transmit the ARB exception in response to the request but these limitations of claim 14 merely recite insignificant extra-solution activity. 
Independent claim 16 recites a method with features analogous to the features of claim 10 and does not integrate a judicial exception into a practical application and does not recite 
Claim 17 depends from claim 16 and recites a non-transitory computer-readable  medium storing instructions which when executed by a processor of a computer cause the computer to perform the method according to claim 16. Claim 17 inherits the features of claim 16 and does not integrate a judicial exception into a practical application and does not recite significantly more for the same reasons as claim 16 and claim 10. The recitation of computer-readable medium, processor-executable instructions, processor, and computer are merely generic computer elements. The generically recited computer elements do not add a meaningful limitation to the abstract idea because they amount to simply implementing the abstract idea on a computer-readable medium storing instructions executed by a processor of a computer system.
Claim 20 recites additional steps of determining a delegate ARB exception and transmitting the delegate ARB exception but these steps of claim 20 only add to the mental process described in the limitations inherited from claim 16 that can be performed in the mind. For example, claim 20 can read on selecting an ARB exception from a table of ARB exceptions. The recited signature is merely data and there is no recitation of generating a signature involving encryption steps. The transmitting is insignificant post-solution activity.




Claim Rejections - 35 USC § 103
	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

	The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
	
	This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.

	
Claims 1-9, 15, and 18-19 is/are rejected under 35 U.S.C. 103 as being unpatentable over Semenzato et al. U.S. Patent No. 8745612 (hereinafter “Semenzato”) in view of Asokan et al. U.S. Publication 20080195868 (hereinafter “Asokan”).
s per claim 1, Semenzato discloses 
An electronic device comprising: 
a processor, and a memory coupled to the processor and having processor-executable instructions stored thereon, which when executed cause the processor to implement operations including: 
(See Semenzato figure 7 processor 706, main memory 708 control logic 726 computer usable medium 720 secondary storage devices 710 
Semenzato 13:49-51 implemented using ……computer 702[electronic device ] shown in FIG. 7. 
13:64-65 Computer 702 includes one or more processors (also called central processing units, or CPUs), such as a processor 706. 
Semenzato 14:37-45… a computer useable or readable medium [memory ]having control logic (software[processor-executable instructions]) stored therein ….. includes, ….., main memory 708, ….Such computer program products, having control logic stored therein that, when executed by one or more data processing devices, cause such data processing devices to operate [cause the processor to implement operations ]as described herein……
)

obeying an Anti-Roll Back (ARB) enforcement policy, 
(See Semenzato 
7:51-56 Updating locked version number 108 in locked version number storage 106 may successfully restrict [obeying ]the installation and execution of superseded software programs, thus preventing rollback attacks.[ an Anti-Roll Back (ARB) enforcement policy]
Semenzato 10:29-32 By storing pre-installation locked version numbers, superseded versions of software programs with known security flaws may be foreclosed from ever installing onto the system.
preventing the installation of superseded software programs [an Anti-Roll Back (ARB) enforcement policy ]is an important measure for thwarting malicious attacks.
[ measures taken to thwart malicious attacks are implemented with the policy of preventing installation of superseded software programs ]
See also 9:11-20 [updating with at least as recent update package but may otherwise restrict older update package]
)

obtaining an ARB exception associated with a software, wherein the ARB exception comprises a revision number of the software, 
(See Semenzato
[an ARB exception = update package that is obtained, installed and executed with manual override]
Semenzato 10:4-8….. update the software program with an update package found on removable storage[obtaining an ARB exception associated with a software]……… automatically download available updates [obtaining an ARB exception associated with a software ]for one or more software programs. 
Semenzato 4:4-5 Update package 102 may include a version identifier [revision number of the software ] such as package number 104. 
Semenzato 11:49-50 allow a manual request to ‘downgrade’ to an earlier version[an ARB exception] to proceed
Semenzato 13:27-29 If there is a manual override to the restricted execution of a superseded software program[an ARB exception], then the software program may be executed at stage 514.
)


executing the software having the revision number so as to overrun the ARB enforcement policy.   
(See 
Semenzato 13:27-29 If there is a manual override [overrun the ARB enforcement policy ]to the restricted execution of a superseded software program, then the software program may be executed at stage 514.
Semenzato 4:4-5 Update package 102 may include a version identifier [having the revision number] such as package number 104. 
Semenzato 11:49-50 allow a manual request to ‘downgrade’ to an earlier version to proceed[overrun the ARB enforcement policy ]
)
	
However, Semenzato does not expressly disclose 
obtaining an ARB exception associated with a software, wherein the ARB exception comprises a signature of the ARB exception and a revision number of the software, 
checking validity of the signature of the ARB exception, and 
executing the software having the revision number so as to overrun the ARB enforcement policy when the signature of the ARB exception is valid.  

Asokan discloses a software package has a signature of the software package
(See Asokan Para. [0028]
FIG. 3 …… validate a received software package D300, … splits the software package into two separately analyzable parts—the software itself, and the code signature.
[0026]
signs hashed software D205, and outputs signed hashed software D209.
)

checking validity of the signature of the software package, and 
(See Asokan figure 3, 
P307 verify code signature 
P315 compare hashes
Para. [0031]
MT 100, in hash process P311, independently re-hashes the executable software D305 ….compares verification hash D309 with independent hash D313, and outputs result D317. When the two hashes match, result D317 indicates that the received software package D300 is successfully validated
).

executing the software when the signature of the software package is valid.  
(See Asokan Para. [0031]
MT 100 will only execute software D305 upon successful validation as identified by result D317.
).

It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified Semenzato with the technique for validating a signature of a software package to be installed and executed of Asokan to include 
obtaining an ARB exception associated with a software, wherein the ARB exception comprises a signature of the ARB exception and a revision number of the software, 
checking validity of the signature of the ARB exception, and 
executing the software having the revision number so as to overrun the ARB enforcement policy when the signature of the ARB exception is valid.  
One of ordinary skill in the art would have made this modification to improve the ability of the system to validate software that is to be installed and executed. The system (e.g., system 100) of the primary reference can be modified to validate obtained software before the software is installed and executed. This helps to avoid software that may have been modified by malicious 3rd parties to cause damage to the system.


As per claim 2, the rejection of claim 1 is incorporated herein. 
Semenzato in view of Asokan discloses 
wherein the ARB exception further comprises an identity of the software, and wherein the processor is configured to identify the software having the revision number to be executed based on the identity of the software.  
(See Semenzato 
3:67-4:3 Update package 102 may be a revision or patch of a software program, and may include one or more files, for example and without limitation, executable files, configuration files, drivers, and/or other files. [the update package has software and the identity of the software is included in the update package, otherwise the user doesn’t know what he’s downloading. The execution of software by the processor will be based on the identity of the downloaded software]
Semenzato 13:27-29 If there is a manual override [overrun the ARB enforcement policy ]to the restricted execution of a superseded software program[an identity of the software must identify the software having the revision number to be executed based on the identity of the software ]at stage 514.
Semenzato 4:4-5 Update package 102 may include a version identifier[revision number] such as package number 104. In one embodiment, package number 104 may represent the version number of the update package.
)

As per claim 3, the rejection of claim 1 is incorporated herein. 
Semenzato discloses wherein the revision number is a minimum revision number, and wherein the processor is configured to execute the software having the minimum revision number or a higher revision number.  
 (See Semenzato 
13:27-29 If there is a manual override to the restricted execution of a superseded [the version being installed with manual override is a minimum revision number because the version being installed is a lower version number than the current installed version which has higher revision number]  software program, then the software program may be executed at stage 514.
Semenzato 4:4-5 Update package 102 may include a version identifier[revision number] such as package number 104. In one embodiment, package number 104 may represent the version number of the update package.
)
However, Semenzato does not expressly disclose 
wherein the processor is configured to execute the software having the minimum revision number or a higher revision number when the signature of the ARB exception is valid.  
wherein the processor is configured to execute the software when the signature of the ARB exception is valid.  
(See Asokan Para. [0031]
MT 100 will only execute software D305 upon successful validation as identified by result D317.
).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified Semenzato with the technique for executing software after validating the software signature of Asokan to include 
wherein the processor is configured to execute the software having the minimum revision number or a higher revision number when the signature of the ARB exception is valid.  
One of ordinary skill in the art would have made this modification to improve the ability of the system to validate software that is to be installed and executed. The system (e.g. system 100) of the primary reference can be modified to validate software before the software is installed and executed. This helps to avoid software that may have been modified by malicious 3rd parties to cause damage to the system.


As per claim 4, the rejection of claim 1 is incorporated herein. 
However, Semenzato does not expressly disclose 
wherein the processor is further configured to: 
obtain a first key associated with the signature of the ARB exception, check the validity of the signature of the ARB exception using the first key.   
Asokan discloses  obtain a first key associated with the signature of the software package, 
check the validity of the signature of the software package using the first key.   

(See Asokan Para. [0029]
In verification process P307, MT 100 verifies received code signature D303 by decrypting code signature D303 using a public key[check the validity of the signature of the software package using the first key.] of the expected signing entity. That is, MT 100 has an expectation regarding the identity of the signing entity, and MT 100 uses that expected signing entity's public key[obtain a first key] to verify the code signature. 
).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified Semenzato with the technique for obtaining a key and verifying a signature using the key of Asokan to include 
wherein the processor is further configured to: obtain a first key associated with the signature of the ARB exception, check the validity of the signature of the ARB exception using the first key.   
One of ordinary skill in the art would have made this modification to improve the ability of the system to confirm the signature. The system (e.g. system 100 at 3:59) of the primary reference can be modified to obtain a key and verify signature using the key as taught in the Asokan reference. 

As per claim 5, the rejection of claim 1 is incorporated herein. 
Semenzato discloses execute the software having the revision number so as to overrun the ARB enforcement policy
(See Semenzato 11:49-50 allow a manual request to ‘downgrade’ to an earlier version[overrun the ARB enforcement policy] to proceed
manual override to the restricted execution of a superseded software program[overrun the ARB enforcement policy], then the software program may be executed [execute the software ]at stage 514.
Semenzato 4:4-5 Update package 102 may include a version identifier [having the revision number] such as package number 104. 
) 
However, Semenzato does not expressly disclose wherein the ARB exception further comprises a second key associated with the software, and wherein the processor is configured to: 
check the validity of the signature of the software using the second key, 
execute the software having the revision number so as to overrun the ARB enforcement policy when the signature of the ARB exception is valid and the signature of the software is valid.  
Asokan discloses wherein the software package further comprises a second key associated with the software, and wherein the processor is configured to check the validity of the signature of the software using the second key, execute the software having the revision number when the signature of the  software package is valid and the signature of the software is valid.  
(See Asokan Para.  [0026] Signature process P207 signs the software………P207 may "sign" the hash D205 by encrypting hash D205 using the signing entity's private key [the private key is the 1st key and the public key is the 2nd key ] of a public key/private key pair…
Asokan Para. [0029]
In verification process P307, MT 100 verifies received code signature D303 by decrypting code signature D303 using a public key[the second key.] of the expected signing entity. That is, MT 100 has an expectation regarding the identity of the signing entity, and MT 100 uses that expected signing entity's public key[check the validity of the signature of the software using the second key] to verify the code signature. 
Asokan Para. [0031]
MT 100 will only execute software D305 upon successful validation as identified by result D317.[ execute the software … when the signature of the  software package is valid and the signature of the software is valid]
Asokan [0035] Each device that receives a version i [the software having the revision number]of a software package signed in the herein-described manner contains further instructions (e.g., via software, hardware, or firmware) to only execute the software upon successful validation
)
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified Semenzato with the technique for using a public key to verify a signature and executing the software package when the signature is valid of Asokan to include 
wherein the ARB exception further comprises a second key associated with the software, and wherein the processor is configured to: 
check the validity of the signature of the software using the second key, 
execute the software having the revision number so as to overrun the ARB enforcement policy when the signature of the ARB exception is valid and the signature of the software is valid.  
One of ordinary skill in the art would have made this modification to improve the ability of the system to confirm the integrity of the software before executing the software. The system (e.g., system 100) of the primary reference can be modified to obtain a public key of a signing entity and verify the signature of the package obtained from the signing entity before executing the software  included in the software package. 

As per claim 6, the rejection of claim 1 is incorporated herein. 
Semenzato in view of Asokan discloses 
wherein the revision number is a lower revision number than a current revision number of the software already installed in the electronic device.  
(See Semenzato 4:4-5 Update package 102 may include a version identifier [revision number] such as package number 104. 
11:49-50 allow a manual request to ‘downgrade’[revision number is a lower revision number than a current revision number of the software already installed] to an earlier version to proceed
)

As per claim 7, the rejection of claim 1 is incorporated herein. 
Semenzato in view of Asokan discloses 
wherein the processor is further configured to install or run the software so as to execute the software having the revision number.  
(See Semenzato 13:27-29 If there is a manual override to the restricted execution of a superseded software program, then the software program may be executed at stage 514.
4:4-5 Update package 102 may include a version identifier [revision number] such as package number 104. 
Semenzato 11:49-50 allow a manual request to ‘downgrade’[to install] to an earlier version to proceed
)

As per claim 8, the rejection of claim 1 is incorporated herein. 
Semenzato in view of Asokan discloses 
further comprising a transceiver configured to cooperate with the processor to:  
(See Semenzato figure 7 processor 706
Semenzato 13:49-51 implemented using ……computer 702 shown in FIG. 7. 
13:64-65 Computer 702 includes one or more processors (also called central processing units, or CPUs), such as a processor 706. 
14:25-33 Computer 702 further includes a communication or network interface 718. …... Network interface 718[transceiver] may interface with remote sites or networks via wired or wireless connections.
)
transmit an ARB exception request associated with the software to a software provisioning server, 
receive the ARB exception from the software provisioning server in response to the transmission of the ARB exception request to the software provisioning server.  
 (See Semenzato
Semenzato 11:49-50 allow a manual request to ‘downgrade’ to an earlier version[an ARB exception] to proceed
Semenzato 13:27-29 If there is a manual override to the restricted execution of a superseded software program[an ARB exception], then the software program may be executed at stage 514.
[ARB exception is disclosed by an update package that is downloaded, installed and executed with manual override]
[the Semenzato checking for and downloading available updates discloses transmit an ARB exception request and receive the ARB exception because in the scenario where the update package includes a software update with earlier version than a currently installed software and that earlier version is installed with manual override, then that installation of the earlier version of the software is an exception to the anti-rollback policy of the user’s device]
check for and automatically download available updates for one or more software programs. 
Semenzato 14:47-51 Any software, hardware, and operating system implementations suitable for performing the functions described herein can be used. Embodiments may be applicable to both a client and to a server [software provisioning server]or a combination of both.
)

As per claim 9, the rejection of claim 1 is incorporated herein. 
Semenzato in view of Asokan discloses further comprising a transceiver configured to cooperate with the processor to:
(See Semenzato figure 7 processor 706
Semenzato 13:49-51 implemented using ……computer 702 shown in FIG. 7. 
13:64-65 Computer 702 includes one or more processors (also called central processing units, or CPUs), such as a processor 706. 
Semenzato 14:25-33 Computer 702 further includes a communication or network interface 718. …... Network interface 718 [transceiver ]may interface with remote sites or networks via wired or wireless connections.
)

receive the ARB exception in a software bundle comprising the software.  
(See Semenzato
Semenzato 11:49-50 allow a manual request to ‘downgrade’ to an earlier version[an ARB exception] to proceed
manual override to the restricted execution of a superseded software program[an ARB exception], then the software program may be executed at stage 514.
[ARB exception is disclosed by an update package that is downloaded, installed and executed with manual override]
[the Semenzato checking for and downloading available updates discloses receive the ARB exception because in the scenario where the update package includes a software update with earlier version than a currently installed software and that earlier version is installed with manual override, then that installation of the earlier version of the software is an exception to the anti-rollback policy of the user’s device]
Semenzato 10:7-10 software program updater 110 may routinely check for and automatically download available updates[receive the ARB exception] for one or more software programs. 
)

As per claim 15, the claim(s) is/are directed to a method with limitations which correspond to limitations of claim 1, and is/are rejected for the reasons detailed with respect to claim 1.  

As per claim 18, the claim(s) is/are directed to a method with limitations which correspond to limitations of claim 2, and is/are rejected for the reasons detailed with respect to claim 2.  

As per claim 19, the claim(s) is/are directed to a method with limitations which correspond to limitations of claim 3, and is/are rejected for the reasons detailed with respect to claim 3.  
Claims 10, 14, and 16-17 is/are rejected under 35 U.S.C. 103 as being unpatentable over Asokan in view of Semenzato.
As per claim 10, Asokan discloses
A software provisioning server comprising: 
a processor, configured to Page 5 of 9Application No. 16/415,939Preliminary Amendment determine a software package associated with a software, wherein the software package comprises a signature of the software package and a revision number of the software
 
provide the software package to the electronic device. 
(See Asokan 
[for overrunning a ARB enforcement policy in an electronic device is intended use and given no patentable weight]
[transceiver is interpreted to be hardware only since para. 115 of the instant specification describes a processor 102 coupled to a memory 104 and a transceiver 106, and instant specification at para. 116 describes wireless communication capability is provided with an antenna 110 coupled to the transceiver 106, while the wired communication capability is provided with a wired communication interface 112 coupled to the transceiver 106.
]
Para. [0024] Initially, a signing entity [the computer used by this entity for signing discloses  A software provisioning server ] creates executable software D201. The signing entity may be a software developer or other organization or entity producing software D201. 
Asokan [0039]
The code signing …… may be performed by ……. a data processing device, [software provisioning server ]…….. data structures, etc. that perform particular tasks [a processor, configured to determinePage 5 of 9Application No. 16/415,939Preliminary Amendment ]or implement particular abstract data types when executed by a processor in a computer or other device..

Signature process P207 signs the software[discloses determine a software package and a signature of the software package]. That is, process P207 receives the hashed software D205 as input, signs hashed software D205, and outputs signed hashed software D209.
Asokan [0027]
Packaging Process P211 then packages the software and signature. [discloses determine a software package] That is, process P211 receives code signature D209 and software D201 as input, and outputs software package D213 which includes both the original software D201 and signature D209. 
Asokan Para. [0028]
FIG. 3 …… validate a received software package D300, … splits the software package[a software package associated with a software] into two separately analyzable parts—the software itself, and the code signature.[ software package comprises a signature of the software package]
Asokan [0035] Each device [electronic device ]that receives [provide the software package] a version i [revision number of the software ]of a software package signed in the herein-described manner contains further instructions (e.g., via software, hardware, or firmware) to only execute the software upon successful validation signing techniques may alternatively be used.
Asokan [0027]
Package D213 may subsequently be distributed [provide the software package] to devices as desired.  
).

However, Asokan does not expressly disclose 
configured to  determine an ARB exception associated with a software for overrunning a ARB enforcement policy in an electronic device, wherein the ARB exception comprises a signature of the ARB exception and a revision number of the software, and 
a transceiver, configured to cooperate with the processor to provide the ARB exception to the electronic device.  
[Asokan Para. 39 describes a processor in a computer and Asokan Para. 22 describes the aspects of the invention may be usable on a server, but does not explicitly describe a transceiver, configured to cooperate with the processor]


Semenzato discloses 
configured to  determine an ARB exception associated with a software for overrunning a ARB enforcement policy in an electronic device, wherein the ARB exception comprises a revision number of the software, and 
 (See Semenzato 
[an ARB exception = update package that is downloaded, installed and executed with manual override] 
Semenzato 10:4-8….. update the software program with an update package found on removable storage[determine an ARB exception associated with a software for overrunning a ARB enforcement policy in an electronic device; when Semenzato update package has a version lower than the version currently installed on the user’s receiving device, then the update package is an ARB exception if the update package is installed on the user’s receiving device with manual override]……… automatically download available updates [this shows that the Semenzato server is making the update package available for download, such an update package can be installed and executed via manual override on the client when the downloaded determine an ARB exception associated with a software for overrunning a ARB enforcement policy in an electronic device] for one or more software programs. 
Semenzato 4:4-5 Update package 102 may include a version identifier [revision number of the software ] such as package number 104. 
Semenzato 11:49-50 allow a manual request to ‘downgrade’ to an earlier version[ an ARB exception associated with a software for overrunning a ARB enforcement policy] to proceed
Semenzato 13:27-29 If there is a manual override [ an ARB exception associated with a software for overrunning a ARB enforcement policy]to the restricted execution of a superseded software program[an ARB exception], then the software program may be executed at stage 514.
13:49-51 implemented using ……computer 702[electronic device ] shown in FIG. 7. ).

a transceiver, configured to cooperate with the processor to provide the ARB exception to the electronic device.  
(See Semenzato 
Semenzato 13:49-51 implemented using ……computer 702 shown in FIG. 7. [electronic device]
Semenzato 13:64-65 Computer 702 includes one or more processors (also called central processing units, or CPUs), such as a processor 706. 
Semenzato 14:25-33 Computer 702 further includes a communication or network interface 718. …... Network interface 718[transceiver; computer 702 is representative of either client electronic device or server] may interface with remote sites or networks via wired or wireless connections.
allow a manual request to ‘downgrade’ to an earlier version[ an ARB exception] to proceed
Semenzato 13:27-29 If there is a manual override to the restricted execution of a superseded software program[an ARB exception], then the software program may be executed at stage 514.
Semenzato 10:4-8….. automatically download available updates[provide the ARB exception to the electronic device.  ]
)

It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified Asokan with the technique for transferring an update package for downgrading a software version at a receiving device of Semenzato to include 
a processor, configured to Page 5 of 9Application No. 16/415,939Preliminary Amendment determine an ARB exception associated with a software for overrunning a ARB enforcement policy in an electronic device, wherein the ARB exception comprises a signature of the ARB exception and a revision number of the software, and 
a transceiver, configured to cooperate with the processor to provide the ARB exception to the electronic device.  
One of ordinary skill in the art would have made this modification to improve the ability of the system to allow for downgrading a software from a higher version to a lower version, such as in cases where there may be security vulnerabilities in the current installed version and the version on the user’s receiving device needs to be rolled back to an earlier version. The system (e.g., a server of the signing entity and the mobile terminal 100) of the Asokan primary reference can be modified to allow a user to download from a server the update packages with earlier 

As per claim 14, the rejection of claim 10 is incorporated herein. 
However, Asokan does not expressly disclose 
wherein the transceiver is further configured to cooperate with the processor to: 
receive an ARB exception request associated with the software from the electronic device, 
transmit the ARB exception to the electronic device in response to the reception of the ARB exception request from the electronic device.  
Semenzato discloses wherein the transceiver is further configured to cooperate with the processor to: 
(See Semenzato 
Semenzato figure 7 processor 706
Semenzato 13:49-51 implemented using ……computer 702 shown in FIG. 7. 
13:64-65 Computer 702 includes one or more processors (also called central processing units, or CPUs), such as a processor 706. 
14:25-33 Computer 702 further includes a communication or network interface 718. …... Network interface 718 [transceiver ]may interface with remote sites or networks via wired or wireless connections.
).

receive an ARB exception request associated with the software from the electronic device, 
transmit the ARB exception to the electronic device in response to the reception of the ARB exception request from the electronic device.  

[ARB exception is disclosed by an update package that is downloaded, installed and executed with manual override on the user’s client device]
[the Semenzato user’s client device checking for and downloading available updates discloses receive an ARB exception request and transmit the ARB exception because the server is receiving the request for the update and transmitting the update in response. In the scenario where the update package includes a software update with earlier version than a currently installed software and that earlier version is downloaded and installed with manual override on the user’s device, then that installation of the earlier version of the software is an exception to the anti-rollback policy of the user’s device]
Semenzato 10:7-10 software program updater 110 may routinely check for [receive an ARB exception request at the server]and automatically download [transmit the ARB exception as performed by the server]available updates for one or more software programs. 
Semenzato 14:47-51 Any software, hardware, and operating system implementations suitable for performing the functions described herein can be used. Embodiments may be applicable to both a client [the electronic device ]and to a server or a combination of both.
Semenzato 13:27-29 If there is a manual override [ARB exception] to the restricted execution of a superseded software program, then the software program may be executed at stage 514.
Semenzato 11:49-50 allow a manual request to ‘downgrade’ [ARB exception] to an earlier version to proceed
). 
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified Asokan with the technique for a server allowing a client device to check for and automatically download available updates of Semenzato to include receive an ARB exception request associated with the software from the electronic device, transmit the ARB exception to the electronic device in response to the reception of the ARB exception request from the electronic device.  
One of ordinary skill in the art would have made this modification to improve the ability of the system to provide software versions from the server to a client, where the updates may be an earlier version than the version installed on the client device. The system (e.g., a server) of the primary reference can be modified to so that a server may receive a request for an earlier version of a software and transmit such software version to the client. 

As per claim 16, the claim(s) is/are directed to a method with limitations which correspond to limitations of claim 10, and is/are rejected for the reasons detailed with respect to claim 10.  
As per claim 17, the claim(s) is/are directed to a computer-readable medium with limitations which depends from claim 16, and is rejected for the reasons detailed with respect to claim 16.  In addition, claim 17 recites, and Asokan discloses, 
 A non-transitory computer-readable medium, having processor-executable instructions stored thereon, which when executed by a processor of a computer cause the computer to perform the method
(See Asokan 
 [0039]
The code signing …..may be performed by any appropriate means, including a data processing device, ….. computer-executable instructions, such as in one or more program modules, executed by one or more computers or other devices, such as MT 100. Generally, program modules include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types when executed by a processor in a computer or other device. The computer executable instructions may be stored on a computer readable medium such as a hard disk, optical disk, …….
.

Claims 11 and 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Asokan in view of Semenzato, further in view of Earl et al. U.S. Publication 20030233648 (hereinafter “Earl”), further in view of Le Rudulier et al. U.S. Publication 20170228558 (hereinafter “Le Rudulier”).
As per claim 11, the rejection of claim 10 is incorporated herein. 
Asokan discloses 
wherein the processor is further configured to determine a software package associated with the software, wherein the software package comprises a signature of the software package, and a revision number of the software
(See Asokan Para. 
[0039]
The code signing …… may be performed by ……. a data processing device, .. perform particular tasks….. executed by a processor in a computer or other device.
Asokan [0027] Packaging Process P211 then packages the software and signature[determine a software package associated with the software]. That is, process P211 receives code signature D209 and software D201 as input, and outputs software package D213 which includes both the original software D201 and signature D209. Package D213 may subsequently be distributed to devices as desired. 
Asokan Para. [0028]
FIG. 3 …… validate a received software package D300, e.…… splits the software package into two separately analyzable parts—the software itself, and the code signature.[ wherein the software package comprises a signature of the software package]
version i [revision number of the software ]of a software package signed in the herein-described manner contains further instructions (e.g., via software, hardware, or firmware) to only execute the software upon successful validation
) 

	However, Asokan does not expressly disclose 
wherein the processor is further configured to determine a delegate ARB exception associated with the software, wherein the delegate ARB exception comprises a signature of the delegate ARB exception, a delegate policy for the ARB exception, and a revision number of the software, and 
the transceiver is configured to cooperate with the processor to transmit the delegate ARB exception to another software provisioning server.  

Semenzato discloses ARB exception
(See Semenzato
[an ARB exception = update package that is installed and executed with manual override]
11:49-50 allow a manual request to ‘downgrade’ to an earlier version[an ARB exception] to proceed
13:27-29 If there is a manual override to the restricted execution of a superseded software program[an ARB exception], then the software program may be executed at stage 514.
)

the transceiver is configured to cooperate with the processor
(See 
processors (also called central processing units, or CPUs), such as a processor 706. 
Semenzato 14:25-33 Computer 702 further includes a communication or network interface 718. …... Network interface 718[transceiver; computer 702 is representative of either client electronic device or server] may interface with remote sites or networks via wired or wireless connections.
)
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified Asokan with the technique for allowing manual override to install a previous version of software of Semenzato to include 
wherein the processor is further configured to determine a ARB exception associated with the software, wherein the ARB exception comprises a signature of the ARB exception, and a revision number of the software
the transceiver is configured to cooperate with the processor
One of ordinary skill in the art would have made this modification to improve the ability of the system to allow a user to manually override a system policy of not allowing rollbacks. The system (e.g., a server of the signing entity and the mobile terminal 100) of the primary reference can be modified to allow a user to specifically choose to manually install an earlier version of software.

However, the combination of Asokan and Semenzato does not expressly disclose 
wherein the processor is further configured to determine a delegate ARB exception associated with the software, wherein the delegate ARB exception comprises a signature of the delegate ARB exception, a delegate policy for the ARB exception, and a revision number of the software, and 
the transceiver is configured to cooperate with the processor to transmit the delegate ARB exception to another software provisioning server.  
Earl discloses 
transmit the delegation to install software to another software provisioning server.   
(See Earl Para. [0031] Referring now to FIG. 2, there is shown a block diagram illustrating the general operation of a system 200 for managing software upgrades in a distributed computing system, such as system 100 of FIG. 1. As shown in FIG. 2, a new software release 210 may be received by one of the SMS/boot servers 116, which will install the software on the remaining SMS/boot servers 116. The SMS/boot servers 116 will then determine whether the installed software is compatible with software presently running on all of the nodes of the system (e.g., nodes 220-1 through 220-N, which may represent nodes 130a-130n of system 100). If the software is compatible, the SMS/boot servers 116 may perform a rolling upgrade of the software by sequentially loading the new software on each node [this is a delegated installation ]in the system (e.g., on nodes 220-1 through 220-N), 
).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Asokan and Semenzato with the technique for transmitting a software package for installation by another server of Earl to include 
wherein the processor is further configured to determine a delegate ARB exception associated with the software, wherein the delegate ARB exception comprises a signature of the delegate ARB exception, and a revision number of the software, and 
the transceiver is configured to cooperate with the processor to transmit the delegate ARB exception to another software provisioning server. 
One of ordinary skill in the art would have made this modification to improve the ability of the system to delegate the ability to downgrade software to another system. The system of the 

However, the combination of Asokan, Semenzato, and Earl does not expressly disclose 
wherein the processor is further configured to determine a delegate ARB exception associated with the software, wherein the delegate ARB exception comprises a signature of the delegate ARB exception, a delegate policy for the ARB exception, and a revision number of the software

Le Rudulier discloses 
generating a delegate policy 
(See Le Rudulier Para. [0028] In some cases, the delegation engine 126 may generate delegation policy or rules based at least in part on the delegation risk scores 104 received from the delegation risk analysis system 102. For example, the delegation engine 126 may create delegation policies that allow an individual to access some of the content associated with a task while preventing the same individual from accessing other content associated with the same task. In other cases, the delegation policy may include rules, such as whom can be assigned what task, minimum or maximum delegation risk scores 104 for assignment, how many tasks each individual can be assigned, among others.
).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Asokan, Semenzato, and Earl with the technique for generating delegation policy of Le Rudulier to include 
wherein the processor is further configured to determine a delegate ARB exception associated with the software, wherein the delegate ARB exception comprises a signature of the delegate ARB exception, a delegate policy for the ARB exception, and a revision number of the software, and the transceiver is configured to cooperate with the processor to transmit the delegate ARB exception to another software provisioning server.  
One of ordinary skill in the art would have made this modification to improve the ability of the system to include a delegation policy. The system (e.g., a server of the signing entity) of the primary reference can be modified to include a delegation policy in the software package, since one of ordinary skill in the art would want to indicate, to a party receiving the software package for installation, who or what devices can perform a delegated task (as described in Le Rudulier para. 28) with respect to the upgrade/downgrade of the software. 

As per claim 20, the claim(s) is/are directed to a method with limitations which correspond to limitations of claim 11, and is/are rejected for the reasons detailed with respect to claim 11.  

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to HOWARD H LOUIE whose telephone number is 571-272-0036.  The examiner can normally be reached on Monday-Friday 9 AM-5 PM EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jung W. Kim can be reached on 571-272-3804.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/HOWARD H. LOUIE/Examiner, Art Unit 2494                                                                                                                                                                                                        

/THEODORE C PARSONS/Primary Examiner, Art Unit 2494