DETAILED ACTION

Currently pending claims are 1 – 20.

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  


Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.


Claims 1 – 6, 8 – 12, 14 & 16 – 19 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Wu et al. (U.S. Patent 10,873,466). 

As per claims 1 & 10, Wu teaches an apparatus, comprising: 
one or more functional circuits (Wu: Figure 6); 
a debug circuit configured to implement one or more debug features for the one or more functional circuits (Wu: see above & Figure 2 / E-204: a debug device); and 
a validation circuit (Wu: see above & Col. 7 Line 49 – 67: validation of a debug application package software (debug APK) intalled at the degug device) configured to: 
receive a request to access debug features (Wu: see above & and Col. 5 Line 13 – 16, Col. 7 Line 43 – 47 / Line 57 – 58, Col. 3 Line 5 – 7, Col. 8 Line 12 – 16, Col. 1 Line 42 – 45 / Line 55 – 58 and Col. 3 Line 29 – 35: (a) during an application package (APK) installation, a request to access debug features is issued because a permission certificate is required ((e.g.) managed by a server (Col. 3 Line 5 – 7)) for its associated debug APK (installed at a debug device (Col. 7 Line 57 – 58)) to assure a successful installation since debugging (testing) is a part of application installation process (see below), wherein (b) one o more users such as developers / respective application entities (construed as a user entity) are associated with different installation / debug permissions such as normal, dangeous, high risk and etc. (Col. 1 Line 42 – 45 / Line 55 – 58) for particular applications such as protected API and (c) granting the permission request according to the permission certificate (Col. 3 Line 29 – 35)); 
send an identification value corresponding to the apparatus (Wu: see above & Col. 7 Line 56 – 58 / Line 63 – 66 and Col. 12 Line 54 – 60: the debug device first sends its device identity to an auditing server for assuring the safety of the debug device containing the debug APK for preventing malicious or unwanted behavior – and only after the requirements are satisfied (e.g. on the white list of permitted devices), a permission certificate can be released to the debug device to proceed the debug functions during the application installation process); 
receive a certificate generated by a server computer system, the certificate including encoded debug permissions (Wu: see above & Col. 3 Line 5 – 7, Col. 8 Line 17 – 23 and Col. 6 Line 61 – 64: (a) the (released) permission certificate (see above) can be downloaded from the secure server (Col. 3 Line 5 – 7), wherein (b) the permission certificate contains, at least, the debug permissions that can debug the permissions as requested by the associated application (Col. 8 Line 17 – 23) and (c) the downloaded data can be encrypted during the download process and thus the debug permissions can be encrypted (encoded) as well (Col. 6 Line 61 – 64)); 
decode the encoded debug permissions using the identification value (see above); and 
using the decoded debug permissions, enable one or more of the debug features (see above).  
As per claim 16, the claim limitations are met as the same reasons as that set forth in the paragraph above regarding to claim 1 with the exception of the feature(s) of:
one or more policies that indicate debug permissions for one or more users to access debug features of one or more devices (Wu: see above & Col. 7 Line 40 – 67, Col. 5 Line 59 – 62, Col. 1 Line 42 – 45 / Line 55 – 58 and Col. 2 Line 56 – 61: (a) during an application package (APK) installation, a request to access debug features is issued because a permission certificate is required ((e.g.) managed by a server (Col. 3 Line 5 – 7)) for its associated debug APK (installed at a debug device (Col. 7 Line 57 – 58)) to assure a successful installation since debugging (testing) is a part of application installation process (see above), (b) one or more users such as developers / respective application entities (construed as a user entity) can be associated with different installation / debug permissions such as normal, dangeous, high risk and etc. (Col. 1 Line 42 – 45 / Line 55 – 58), for example, particular applications with protected API requires high risk permissions);
receiving, by the server computer system from a debug system, a request to access debug features of a particular device, the request including an identification value associated with the particular device (Wu: see above & Col. 7 Line 56 – 58 / Line 63 – 66 and Col. 12 Line 54 – 60: the debug device first sends its device identity to an auditing server for assuring the safety of the debug device containing the debug APK for preventing malicious or unwanted behavior – and only after the requirements are satisfied (e.g. on the white list of permitted devices), a permission certificate can be released to the debug device to proceed the debug functions during the application installation process).

As per claim 2 and 11, Wu teaches in response to receiving the request, generate a liveness token, wherein the liveness token includes a one-time use value; and send the generated liveness token with the identification value (Wu: see above & Col. 8 Line 18 – 21: a validity period associated with a granted permission certificate with a limited one-time use value as per a debug session granted to the debug APK installed at the debug device (w.r.t debug device identity (see above)) and need to be re-certified after the time expirary during a same debug session and requested again at a new (another) debug session).  


As per claim 3, Wu teaches compare a received liveness token extracted from the certificate to the generated liveness token; and based on the comparison, selectively permit the debug circuit to be accessed (Wu: see above & Col. 8 Line 18 – 23: determining whether to grant the access permission to the debug circuit (device) for performing the debug function during the application installation process based on comparing the time value from the extracted certificate and the originally generated validity period). 

As per claim 4, Wu teaches wherein the validation circuit is further configured to send information indicative of available features of the debug circuit and currently enabled features of the debug circuit (Wu: see above & Col. 8 Line 37 – 42: (e.g.) the available features are also the currently enabled features of the debug device during the protected API installation such as high risk permission installation (debug) features as indicated in an associated permission certificate).  

As per claim 5, Wu teaches in response to receiving the certificate, to determine if the reception of the certificate is expected (Wu: see above & Col. 7 Line 48 – 58).  

As per claim 6, Wu teaches to end an active debug session in response to a determination that a particular amount of time has elapsed since receiving the certificate, wherein the particular amount of time is indicated in the certificate (Wu: see above & Col. 8 Line 18 – 23: a validity period).  

As per claim 8, Wu teaches to wherein the validation circuit receives the request from a first computing device, and wherein the validation circuit is further configured to end an active debug session in response to a determination that a second computing device has been connected to the apparatus (Wu: see above & Col. 8 Line 18 – 23: the 2nd computing device, connected to the apparatus, is construed as the computing device with the debug device having a debug session already exceeding a validity period).  

As per claim 9, Wu teaches to authenticate a digital signature that is included in the received certificate (Wu: see above & Col. 7 Line 49 – 52 and Col. 8 Line 21 – 23: validate the received certificate that includes a digital signature).  

As per claim 12 and 17, Wu teaches including authentication credentials for a user of the computer system in the certificate request (Wu: see above & Col. 2 Line 57 – 61: (e.g.) at least to authenticate a developer / respective application entity (as a user entity) during a high risk permission for a specific application (with protected API) installation to prevent not being misused).  

As per claim 14, Wu teaches sending, to the device, a command to end a current debug session (Wu: see above & Col. 8 Line 18 – 23: (e.g.) the debug session has exceeded a validity period (i.e. expired)).  

As per claim 18, Wu teaches wherein the validating, using the identification value, includes determining if the particular policy is valid for the particular device or for a class of devices that includes the particular device (Wu: see above & Col. 7 Line 56 – 58 / Line 63 – 66 and Col. 12 Line 54 – 60: the debug device first sends its device identity to an auditing server for assuring the safety of the debug device containing the debug APK for preventing malicious or unwanted behavior – and only after the requirements are satisfied (e.g. on the white list of permitted devices), a permission certificate can be released to the debug device to proceed the debug functions during the application installation process).  

As per claim 19, Wu teaches receiving, from the request, a first value indicating one or more debug features to be accessed; (Wu: see above & Col. 7 Line 40 – 67, Col. 5 Line 59 – 62, Col. 1 Line 42 – 45 / Line 55 – 58 and Col. 2 Line 56 – 61: one or more debug features associated with different installation / debug permissions such as normal, dangeous, high risk and etc. (Col. 1 Line 42 – 45 / Line 55 – 58) for particular applications such as protected API) and generating, using the particular policy, a second value indicating at least one of the one or more debug features for which access is granted (Wu: see above & Col. 1 Line 41 – 45, Col. 2 Line 1 – 9 / Line 55 – 61 and Col. 3 Line 29 – 35: granting the permission request).  

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:

A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


Claims 7 and 15 are rejected under 35 U.S.C.103 as being unpatentable over Wu et al. (U.S. Patent 10,873,466), in view of Moyer et al. (U.S. Patent 5446266).  

As per claim 7 and 15, Moyer (& Wu) teaches to end an active debug session in response to a determination that a number of allowed device resets, as indicated by the certificate, have occurred (Moyer: Col. 11 Line 5 – 7: an active debug session would not be allowed after the device resetting exceeding a predetermined number of reset events by blocking the reset control of a debug device (e.g. using debug control register)) || (Wu: see above: the permission certificate indicates the debug permissions during an application installation).  
It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention was made to propose the modification of ending an active debug session in response to a determination that a number of allowed device resets, as indicated by the certificate, have occurred because Moyer teaches that an active debug session would not be allowed after the device resetting exceeding a predetermined number of reset events by blocking the reset control of a debug device (e.g. using debug control register) (see above) within the Wu’s system of providing a permission certificate (managed by a server) for installation of an application package (APK) and its associated debug APK (installed at a debug device) (see above). 

Claim 20 is rejected under 35 U.S.C.103 as being unpatentable over Wu et al. (U.S. Patent 10,873,466), in view of Relan et al. (U.S. Patent 2015/0134851).  

As per claim 20, Relan (& Wu) teaches wherein validating the request comprises determining a geographic location of the debug system (Relan: Figure 2 & Abstract,  Para [0029] Line 4 – 16: for debugging purpose, when a second computing device has been connected to an active debug device, the debugging capability of the debug device (i.e. network component) should be associated with its geolocation because the active debug device (network component) can only connect (e.g. perform pathing / routing) to other network components based on a relative or absolute proximity w.r.t. a geolocation between them according to the message forwarding decision (rule)). 
It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention was made to propose the modification of determining a geographic location of the debug system because Relan teaches, for debugging purpose, when a second computing device has been connected to an active debug device, the debugging capability of the debug device (i.e. network component) should be associated with its geolocation because the active debug device (network component) can only connect (e.g. perform pathing / routing) to other network components based on a relative or absolute proximity w.r.t. a geolocation between them according to the message forwarding decision (rule) (see above) within the Wu’s system of evaluating the permission associated with a debug application of a debug component (device) during an application installation process (see above). 


Allowable Subject Matter
Claim 13 is objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.


Any inquiry concerning this communication or earlier communications from the examiner should be directed to LONGBIT CHAI whose telephone number is (571)272-3788.  The examiner can normally be reached on Monday - Friday 9:00am-5:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn D. Feild can be reached on 571-272-2092.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





---------------------------------------------------
                  /Longbit Chai/
           Longbit Chai E.E. Ph.D.
    Primary Examiner, Art Unit 2431
                   No. #2320 – 2021
---------------------------------------------------