DETAILED ACTION

1.	This Office Action is in response to an application filed on May 08, 2020. The original filing includes claims 1-20. Therefore, Claims 1-20 are presented for examination. Now claims 1-20 are pending.

Notice of Pre-AIA  or AIA  Status
2.	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.

Drawings
3.	The drawings filed on May 08, 2020 are accepted.

Priority
4.	Acknowledgment is made of domestic priority data as claimed by applicant application is a 371 of PCT/CN2018/110296 has been filed 10/15/2018. Acknowledgment is made of applicant’s claim for priority under 35 U.S.C. 119 (a)-(d). The certified copy of European Application CN201711124979.3 filed on Nov. 14, 2017 has been received on 05/28/2020.
 
Oath/Declaration
5.	For the record, the Examiner acknowledges that the Oath/Declaration submitted on Dec. 02, 2020 has been accepted.

Information Disclosure Statement
6.	The information disclosure statements (IDSs) submitted on 07/06/2020, 09/29/2020, 01/20/2021, and 01/03/2022 have been considered. The submissions are in compliance with the provisions of 37 CFR 1.97. Forms PTO-1449 are signed and attached hereto. 

Claim Objections
7.	Claim 13 is objected for reciting of limitation on line 9 “the TEE, the TEE configured to determine, according to a control policy”. Examiner suggest the limitation “the TEE configured to determine, according to a control policy” as replacement limitation.

Claim Rejections - 35 USC § 101
8.	35 U.S.C. 101 reads as follows: 
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

9.	Claims 1-3, 13-15, and 20 are not patent eligible for directed to an abstract idea.

10.	Claim 1 rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. The claim recites receiving an access request initiated 
Similarly, the limitation of determined based on an access behavior model, as drafted, is a process that, under its broadest reasonable interpretation, covers performance of the limitation in the mind but for the recitation of generic computer components. For example, but for the “terminal device, interface, receiving or transferring” language, “determined based on an access behavior model” in the context of this claim encompasses content index of a plurality of content items maintained in a repository such as a trusted execution environment (TEE) and a rich execution environment (REE). If a claim limitation, under its broadest reasonable interpretation, covers performance of the limitation in the mind but for the recitation of generic computer components, then it falls within the “Mental Processes” grouping of abstract ideas. Accordingly, the claim recites an abstract idea.

The claim does not include additional elements that are sufficient to amount to significantly more than the judicial exception because. As discussed above with respect to integration of the abstract idea into a practical application, the additional element of using terminal device, interface, receiving or transferring to perform the determining, access request and returning results steps amounts to no more than mere instructions to apply the exception using a generic computer component. Mere instructions to apply an exception using a generic computer component cannot provide an inventive concept. The claim is not patent eligible.
Claim 2 and 3 further recites details of access request and recording the access request, does not integrate the abstract idea into a practical application because it does not impose any meaningful limits on practicing the abstract idea and does not add significantly more limitation. This limitation merely further the abstract idea. 
11.	Claims 13-15 and 20 are device claims recite substantially the same limitations as claims 1-3 and the device claim 20 further recites details of access request similar to method claims 2-3 and does not integrate the abstract idea into a practical application because it does not impose any meaningful limits on practicing the abstract idea. Hence, claims 13-15 and 20 do 

Claim Rejections - 35 USC § 103
12.	In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
13.	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


14.	The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
15.	This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later .

16.	Claims 1-3, 13-15, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Kim et al. U.S. 2017/0317990 hereinafter “Kim” Filed May 1, 2017 (according to applicant’s IDS filed on 07/06/2020, Cite # 4) in view of Avidan et al. US 2017/0054738 hereinafter “Avidan” Published Feb. 23, 2017. 

Regarding claim 1, Kim teaches: A method for defending against denial of service (DoS) attacks in a terminal device, wherein the terminal device comprises a trusted execution environment (TEE) and a rich execution environment (REE) (Kim, first see abstract, “The electronic device includes at least one processor that is configured to execute a first application in an REE, to execute a second application in a TEE, and to execute an agent that performs data transmission between the first application and the second application, a communication circuit configured to communicate with a server, and a secure memory area that is accessible by the TEE”; then see ¶ [0138], “prevent leakage of significant authentication information, such as IMSI or Ki, by a replay attack of a malicious user”), wherein a client application (CA) runs in the REE (Kim, see ¶ [0007], “the REE may include at least one processor configured to execute a first application in the REE”), and wherein the method comprising:
receiving an access request initiated by the CA to a service or an interface, wherein the
service or the interface is provided by the REE or the TEE (Kim, see ¶ [0007], “the REE may include at least one processor configured to execute a first application in the REE”; and continues in ¶ [0042], “In the case where the electronic device 101 executes any function or service automatically or in response to a request”), and wherein the CA accesses the service or the interface to request a service or a resource (Kim, first see ¶ [0007], “the REE may include at least one processor configured to execute a first application in the REE”; then see ¶ [0025], “according to the situation, the expression "configured to" used in this disclosure … or a generic-purpose processor (e.g., a central processing unit ;
	transferring the access request to the TEE (Kim, see ¶ [0049], “The TEE provides a high level security … when a payment application executed in the REE intends to pay, the payment application may make a request to the TEE”);  and 
determining, by the TEE according to a control policy, whether to grant the access request (Kim, see ¶ [0184], then see ¶¶ [0049], “The TEE provides a high-level security and blocks or restrictedly permits an access of an application that is not executed. For example, when a payment application executed in the REE intends to pay, the payment application may make a request to the TEE for authentication, and an authentication application executed in the TEE may obtain authentication information”),
wherein the access behavior dataset comprises an access behavior log, collected in the TEE, of accessing the service or the interface by the at least one CA (Kim, first see ¶ [0069], “The SIM profile may be defined by the SIM order message received in operation 303 … which enables data communication for one week in Hong Kong, in an execution screen of the roaming application 211, the SIM profile may correspond to a SIM profile of a network operator that is usable in Hong Kong. That is, the SIM profile may include IMSI information corresponding to a country, a network operator, and user identification information. Additionally, the SIM profile may further include information about a validity period (e.g., an active-possible time and an expiration time) of a corresponding (soft) SIM”; then see ¶ [0073], “the electronic device 200 may store the obtained SIM profile. The SIM profile may be stored in a secure memory area of the electronic device 200 … store the SIM profile in an area, which only the TEE accesses, of the memory 230 or the eSE 250. Also, when the electronic device 200 stores the SIM profile 
	Kim does not explicitly disclose: wherein the control policy is determined based on an access behavior model, wherein the access behavior model is trained with an access behavior dataset by using a statistical method or a machine learning algorithm, wherein the access behavior model is used to represent a behavioral feature of accessing the service or the interface by at least one CA 
	However Avidan teaches: wherein the control policy is determined based on an access behavior model, wherein the access behavior model is trained with an access behavior dataset by using a statistical method or a machine learning algorithm, wherein the access behavior model is used to represent a behavioral feature of accessing the service or the interface by at least one CA (Avidan, first see ¶ [0022], “enterprise ontology model 108 within TEE local storage. Endpoint 103 extracts events raised by detection engine 109 using endpoint rules 110 and the endpoint profile 107. Those events are extracted into events repository 111. Events repository 111 is contained within endpoint 103, preferably in protected storage of the TEE 106 … suspicious behavioral patterns by running advanced correlation engine 112 over the events repository 111 and the locally stored ontology models 108. Events generated by advanced correlation engine 112 are sent to the SIEM server 101 and BDA server 102 for further machine learning and further correlation analysis. Data extraction agent 113 facilitates the extraction of events. Data extraction agent 113 and events repository 111”; then see ¶ [0028], “the actual processes and ontology (i.e., the aggregate tasks performed by the processes) of an endpoint 103 are not directly observable. Only the output events and process behaviors, such as emitted system calls are observable. Thus, the advanced correlation engine 112 determines and models the endpoint ontology based on those observable events (termed herein "actual events"). This condition is referred to as a hidden Markov model (HMM). The advanced correlation engine 112 applies a categorical sequence-labeling algorithm based on the endpoint ontology to identify a targeted attack pattern in the actual event sequences. The sequence-labeling algorithm is probabilistic, relying on statistical inference to  
Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Kim with the teaching of Avidan because the use of Avidan’s idea (Avidan, see ¶ [0001]) could provide Kim (Kim, abstract) the ability to perform machine learning algorithm to generate access behavior model to implement a control policy, “The sequence-labeling algorithm is probabilistic, relying on statistical inference to find the best-fit sequence that describes the targeted attack. Each state has a probability distribution over possible output sequences” (Avidan, ¶ [0028]).

Regarding claim 2, The combination of Kim and Avidan teach all the limitations of claim 1. Avidan further teaches: transferring the access request to an access behavior data collector deployed in the TEE when identity authentication of the CA succeeds; and recording, by the access behavior data collector, an access behavior log corresponding to the access request (Avidan, see ¶ [0019], “The profiles, models, and ontology analysis are provided to the endpoints. Accordingly, each endpoint has contextual information concerning other enterprise-level ontology. Endpoint analytics use the output from the analytics servers to detect deviations from the endpoint's behavioral profile. According to some embodiments, the endpoints execute local analytics inside a trusted execution environment (TEE) to avoid malware interference”).
Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Kim with the teaching of Avidan because the use of Avidan’s idea (Avidan, see ¶ [0001]) could provide Kim (Kim, abstract) the ability to perform machine learning algorithm to generate access behavior model to implement a control policy, “The sequence-labeling algorithm is probabilistic, relying on statistical inference to find the best-fit sequence that describes the targeted attack. Each state has a probability distribution over possible output sequences” (Avidan, ¶ [0028]). 

Regarding claim 3, The combination of Kim and Avidan teach all the limitations of claim 2. Avidan further teaches: recording, by the access behavior data collector, a plurality of access behavior logs corresponding to a plurality of access requests initiated by the at least one CA to the service or the interface; and constructing, by the access behavior data collector, the access behavior dataset based on the plurality of access behavior logs, wherein the access behavior dataset is used to train the access behavior model (Avidan, see ¶ [0019], “Heavy duty Big Data Analytics (BDA) servers process data collected from the enterprise event sources and endpoints and produce behavioral profile models for each endpoint ( or group of similar endpoints), in addition to server-based anomaly detection. These profiles may include set-up parameters, configurations, behaviors, etc. The analytics servers also generate an enterprise-level endpoint ontology, which may represent the form of identities, relationship graphs, activities, etc… Endpoint analytics use the output from the analytics servers to detect deviations from the endpoint's behavioral profile. According to some embodiments, the endpoints execute local analytics inside a trusted execution environment (TEE) to avoid malware interference”; then see ¶¶ [0040 and 0049 ], “a machine-readable medium, on which are stored instructions, comprising instructions that when executed cause a machine to: create an endpoint behavioral profile and an endpoint ontology model for a plurality of endpoints; transmit the endpoint behavioral profile and endpoint ontology model to an endpoint of the plurality of endpoints; receive security event data from the endpoint; and update the endpoint ontology model based on the received security event data”; “on which are stored instructions, comprising instructions that when executed cause an endpoint to: receive and store an endpoint behavioral profile and an endpoint ontology model from a server; generate security events based on deviation of the endpoint from the behavioral profile; and store the security events in an event repository”).
Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Kim with the teaching of Avidan because the use of Avidan’s idea (Avidan, see ¶ [0001]) could provide Kim (Kim,  

Regarding claim 13, this claim defines a device claim that corresponds to method claim 1 and does not define beyond limitations of claim 1. Therefore, claim 13 is rejected with the same rational as in the rejection of claim 1. 

Regarding claim 14, this claim defines a device claim that corresponds to method claim 2 and does not define beyond limitations of claim 2. Therefore, claim 14 is rejected with the same rational as in the rejection of claim 2. 

Regarding claim 15, this claim defines a device claim that corresponds to method claim 3 and does not define beyond limitations of claim 3. Therefore, claim 15 is rejected with the same rational as in the rejection of claim 3. 

Regarding claim 20, The combination of Kim and Avidan teach all the limitations of claim 13. Kim further teaches: wherein a trusted application (TA) runs in the TEE, wherein the access request is used to request to open, in the TA, a session with the CA, and wherein the at least one control parameter comprises at least one of the following: a time interval between two consecutive accesses by one CA to the service or the interface, a quantity of sessions held by one CA between the CA and the TA, or a time of the sessions held by one CA between the CA and the TA (Kim, see ¶¶ [0055 and 69], “If authentication information is received from the TEE, the soft .

Allowable subject matter
17.	Claims 4-12 and 16-19 are objected to as being dependent upon a rejected base claim, but would be allowable (in view of other limitations of the independent claims) if rewritten in independent form including all of the limitations of the base claim and any intervening claims, and further overcoming other rejections or objections that might have been rendered above. The detail reason for allowance will be furnished upon allowance of the application.
 
Examiner note:
18.	In the case of amending the Claimed invention, Applicant is respectfully requested to indicate the portion(s) of the specification which dictate(s) the structure relied on for proper interpretation and also to verify and ascertain the metes and bounds of the claimed invention. This will assist in expediting compact prosecution.  MPEP 714.02 recites: “Applicant should also specifically point out the support for any amendments made to the disclosure. See MPEP § 2163.06. An amendment which does not comply with the provisions of 37 CFR 1.121(b), (c), (d), and (h) may be held not fully responsive. See MPEP § 714.”  Amendments not pointing to specific support in the disclosure may be deemed as not complying with provisions of 37 C.F.R.  1.131(b), (c), (d), and (h) and therefore held not fully responsive. Generic 

Conclusion
19.	The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Tamrakar et al. 2015 IEEE Trustcom/BigDataSE/ISPA, “On Rehoming the Electronic Id to TEEs” disclose a practical design for EId deployment on mobile phone TEEs and provide real-world implementations and test results for ESP enrolment and use in on-the market handsets.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to KHALIL NAGHDALI whose telephone number is (571) 272-9884. The examiner can normally be reached on M-F 8AM-5PM.
If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, KRISTINE L KINCAID can be reached on (571) 272-4063. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272- 1000.
/KHALIL NAGHDALI/Primary Examiner, Art Unit 2437