DETAILED ACTION
This is a response to Applicant reply filed on 01/13/2022, in which claims 1-20 are presented for examination.  Claims 1 and 11 are of independent form. 

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .


Allowable Subject Matter
Claims 1-20 are allowed.  
The following is an examiner’s statement of reasons for allowance: 
This communication warrants no examiner's reason for allowance, as applicant's reply makes evident the reason for allowance, satisfying the record as whole as required by rule 37 CFR 1.104 (e). In this case, the substance of applicant's remarks in the Amendment/Remarks filed on 01/13/2022 in light of the interview discussion on 01/13/2022 point out the reason claims are patentable and non-obvious over the prior art of record. Thus, the reason for allowance is in all probability evident from the record and no statement for examiner's reason for allowance is necessary (see MPEP 1302.14).
Further to clarify the Reasons for Allowance, the Examiner additionally notes that the prior art of record fails to particularly disclose, fairly disclose, or render obvious the following limitations of independent claims 1 and 11: “combining the set of call graphs to generate a merged call graph; identifying one or more portions of the merged call graph that will not be called or executed at runtime: pruning the one or more portions of the merged call graph to generate a pruned call graph; … based on the annotation data, identifying a set of reachable dependencies; based on the set of reachable dependencies, generating a set of one or more security policies for the software application, wherein each security policy in the set of one or more security policies identifies a set of one or more dependencies or actions that the software application is allowed to make or call.” (Emphasis added).  In other words, the generated one or more security policies only allow the software application to access or call [subroutines] with reachable dependencies based on the pruned call graph.  As such, the software application is only given the least privilege for execution by the generated policies. Accordingly, independent claims 1 and 11 are allowed. Dependent claims 2-10 and 12-20 are allowed by virtue of their dependencies on their respective independent claims 1 and 11 as they each further limit the scope of the claimed invention.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DON ZHAO whose telephone number is (571)272-9953.  The examiner can normally be reached on Monday ~ Friday, 7:30 A.M ~ 5:00 P.M EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Carl G Colin can be reached on (571) 272-3862.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.



/Don G Zhao/Primary Examiner, Art Unit 2493                                                                                                                                                                                                        01/19/2022