DETAILED ACTION

The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Amendment

A preliminary amendment was received on 10 February 2020 correcting formal issues in the listing of claims.  No claims have been amended, added, or canceled.  Claims 1-20 are currently pending in the present application.

Drawings

Figure 1 should be designated by a legend such as --Prior Art-- because only that which is old is illustrated.  See MPEP § 608.02(g).  Corrected drawings in compliance with 37 CFR 1.121(d) are required in reply to the Office action to avoid abandonment of the application. The replacement sheet(s) should be labeled “Replacement Sheet” in the page header (as per 37 CFR 1.84(c)) so as not to obstruct any portion of the drawing figures. If the changes are not accepted by the examiner, the applicant will be notified and informed of any required corrective action in the next Office action. The objection to the drawings will not be held in abeyance.
The drawings are objected to as failing to comply with 37 CFR 1.84(p)(5) because they do not include the following reference sign(s) mentioned in the 260 (see paragraph 0041), 22 (see paragraph 0076).  Corrected drawing sheets in compliance with 37 CFR 1.121(d) are required in reply to the Office action to avoid abandonment of the application. Any amended replacement drawing sheet should include all of the figures appearing on the immediate prior version of the sheet, even if only one figure is being amended. Each drawing sheet submitted after the filing date of an application must be labeled in the top margin as either “Replacement Sheet” or “New Sheet” pursuant to 37 CFR 1.121(d). If the changes are not accepted by the examiner, the applicant will be notified and informed of any required corrective action in the next Office action. The objection to the drawings will not be held in abeyance.

Specification

The abstract of the disclosure is objected to because it includes informalities.  In particular, the sentence at lines 7-8 reading “The difference in security capabilities indicating a security vulnerability of the first instance of the application” is a fragment.  Correction is required.  See MPEP § 608.01(b).
The disclosure is objected to because of the following informalities:  
The specification includes minor grammatical and other errors.  For example, in paragraph 0002, line 2, it is not grammatically clear what the phrase “to an application” is intended to modify.  In paragraph 0005, the phrase “during at least one of: at publishing time of the application or during execution of the application” is grammatically unclear with respect to “during at publishing time” or “during during execution”.  On page 3, lines 5-9 (in paragraph 0006), it appears that the list items should be separated by 
Appropriate correction is required.  The above is not intended as an exhaustive list of errors in the specification.  The lengthy specification has not been checked to the extent necessary to determine the presence of all possible minor errors.  Applicant’s cooperation is requested in correcting any errors of which applicant may become aware in the specification.
The use of the term Bluetooth, which is a trade name or a mark used in commerce, has been noted in this application. The term should be accompanied by the generic terminology; furthermore the term should be capitalized wherever it appears or, where appropriate, include a proper symbol indicating use in commerce such as ™, SM , or ® following the term.
Although the use of trade names and marks used in commerce (i.e., trademarks, service marks, certification marks, and collective marks) is permissible in patent applications, the proprietary nature of the marks should be respected and every effort made to prevent their use in any manner which might adversely affect their validity as commercial marks.

Claim Rejections - 35 USC § 101

35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

Claims 14-18 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter.
Claim 14 is directed to a system having a single element of a server.  A server can simply be a software process, and the claim does recite any other structural elements.  Therefore, the claim encompasses software per se.  Computer software does not fall within any of the statutory classes of invention. See Gottschalk v. Benson, 409 U.S. 63, 72, 175 USPQ 673, 676-77 (1972).  Software does not constitute a statutory process, because the software itself is not a series of steps that are performed. Software is also not a machine, article, or composition of matter.  See MPEP § 2106.03(I).  When a claim encompasses both statutory and non-statutory subject matter, the claim as a whole is considered to be directed to non-statutory subject matter.  See MPEP § 2106(II).

Claim Rejections - 35 USC § 112

The following is a quotation of 35 U.S.C. 112(b):

(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.

The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:



Claims 1-20 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
Claim 1 recites “and a plurality of application program interfaces” in line 7.  It is not clear what this is intended to be coordinated with or modify; that is, it is not clear if the APIs are identified, if the security capabilities are based on properties of the APIs, or simply based on the APIs more broadly.  The claim further recites “determining… a difference in security capabilities of the first and second instances of the application” (in step c) and providing application data “in response to the difference in security capabilities of the first and second instances of the application being at or above a threshold level” (in step d).  It is not clear how the difference in security capabilities would be quantified such that it could be determined whether the difference is above or below a threshold level.  A capability is qualitative, and the specification has not clearly explained how to quantify a capability in order to calculate a difference that could be compared to a threshold value.  The above ambiguities render the claim indefinite.
Claim 2 recites “from a mobile application package or an administrator file” in lines 2-3.  It is not grammatically clear what this phrase is intended to modify.
Claim 3 recites “the application” in lines 2 and 4.  It is not clear to which instance of the application this is intended to refer.
Claim 5 recites “a second application signature of the application” in lines 2-3.  It is not clear if this is also a signature of the first instance or if this is a signature of a 
Claim 7 recites that step b further comprises “identifying the second instance of the application” in line 4.  It is not clear whether this is in addition to identifying the security capabilities of the second instance or part of that identification.
Claim 9 recites “preventing, by the server, the mobile device from accessing the first instance of the application” in lines 4-5.  It is not clear how the server would prevent this access if the first instance is already present on the mobile device.
Claim 10 recites “different properties” in line 3.  It is not clear what these properties are different from.  The claim further recites “updating… a second application signature for the second instance of the application with the one or more different properties” in lines 6-7.  However, because the one or more different properties are of the updated first instance, it is not clear how a signature for the second instance would use the properties of the first instance.
Claim 11 recites “the plurality of APIs called by the application” in line 2.  There is insufficient antecedent basis for this limitation in the claims.  The claim further recites “the API” in line 5.  It is not clear to which of the plural APIs this limitation is intended to refer.
Claim 12 recites “the plurality of APIs corresponding to the application” in line 2.  Although the claims previously recited APIs corresponding to instances of the application, there is not clear antecedent basis for this distinct claim limitation.

Claim 14 recites “and a plurality of application program interfaces” in lines 6-7.  It is not clear what this is intended to be coordinated with or modify; that is, it is not clear if the APIs are identified, if the security capabilities are based on properties of the APIs, or simply based on the APIs more broadly.  The claim further recites determining “a difference in security capabilities of the first and second instances of the application” in lines 9-10 and providing application data “in response to the difference in security capabilities of the first and second instances of the application being at or above a threshold level” in lines 13-14.  It is not clear how the difference in security capabilities would be quantified such that it could be determined whether the difference is above or below a threshold level.  A capability is qualitative, and the specification has not clearly explained how to quantify a capability in order to calculate a difference that could be compared to a threshold value.  The above ambiguities render the claim indefinite.
Claim 15 recites “the application” in lines 2 and 4.  It is not clear to which instance of the application this is intended to refer.
Claim 18 recites that the server is configured to “prevent the device from accessing the first instance of the application” in line 3.  It is not clear how the server would prevent this access if the first instance is already present on the mobile device.
Claim 19 recites “and a plurality of application program interfaces” in lines 6-7.  It is not clear what this is intended to be coordinated with or modify; that is, it is not clear if the APIs are identified, if the security capabilities are based on properties of the APIs, or simply based on the APIs more broadly.  The claim further recites determining “a 
Claim 20 recites “different properties” in line 4.  It is not clear what these properties are different from.  The claim further recites updating “the at least one known signature corresponding to the second instance of the application with the one or more different properties” in lines 6-7.  First, there is not clear antecedent basis for “the at least one known signature”.  Further, because the one or more different properties are of the updated first instance, it is not clear how a signature for the second instance would use the properties of the first instance. 
Claims not specifically referred to above are rejected due to their dependence on a rejected base claim.

Claim Rejections - 35 USC § 102

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of 
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.

Claims 1-20 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Oberheide et al, US Patent 9455988.
In reference to Claim 1, Oberheide discloses a method that includes a server receiving application data from a plurality of data sources, where the data corresponds to a first instance of an application executable on a mobile device (Figure 13, first instance; column 15, lines 2-5); identifying security capabilities of the first instance and a second instance of the application based on properties of the first and second instances and APIs corresponding to the first and second instances (column 17, lines 40-41; column 8, lines 1-8); determining a difference in security capabilities indicating a vulnerability and providing application data from the data sources to the application in response to the difference being at or above a threshold (see Figure 13, comparison match condition; see also column 15, line 47-column 18, line 49, describing steps S140-S160).
In reference to Claim 2, Oberheide further discloses identifying static application data corresponding to the first instance of the application from a package or file (see column12, lines 39-40).

In reference to Claims 4 and 5, Oberheide further discloses generating an application signature using the application data and comparing the first application signature to a second application signature (column 4, line 64-column 5, line 3).
In reference to Claim 6, Oberheide further discloses comparing properties of the first and second instances (see Figure 13, comparison match condition).
In reference to Claim 7, Oberheide further discloses assigning weight values to properties and using a signature and the weight values (see column 16, lines 6-24; column 7, lines 59-60).
In reference to Claim 8, Oberheide further discloses determining differences between the properties of the first and second instances and generating a validation report indicating the differences (see column 15, lines 47-54).
In reference to Claim 9, Oberheide further discloses identifying malicious logic and preventing access to the application (see Figure 13, comparison match condition).
In reference to Claim 10, Oberheide further discloses identifying an updated version of the first instance and updating the signatures (see column 10, lines 52-54).
In reference to Claims 11-13, Oberheide further discloses identifying APIs and generating profiles based on the APIs (column 8, lines 1-17).

mutatis mutandis.
Claims 19 and 20 are directed to software implementations of the methods of Claims 1 and 10, and are rejected by a similar rationale. 

Conclusion

Any inquiry concerning this communication or earlier communications from the examiner should be directed to Zachary A Davis whose telephone number is (571)272-3870. The examiner can normally be reached Monday-Friday, 9:30am-6:00pm, Eastern Time.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Saleh Najjar can be reached on (571) 272-4006. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-

/Zachary A. Davis/Primary Examiner, Art Unit 2492