DETAILED ACTION
I.	Claims 1-15 have been examined.
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
Priority
The current application is a national stage entry of PCT/US2019/045276, International Filing Date: 08/06/2019 which claims foreign priority to 18290094.4, filed 08/24/2018. 
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 10/12/2020 has been considered by the examiner.
Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


Claims 1-15 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by United States Patent Application Publication No. US 20130125199 A1 to Novak et al., hereinafter Novak.
Regarding claim 1, Novak teaches a method, comprising: 
actively testing the access control policy of a software target using a probing logic (paragraphs 1, 38 and 41), 
and determining whether an intrusion in the software target has occurred based on monitored side effects (paragraphs 3 and 12), 
wherein the probing logic is to execute at least one operation that is forbidden by the access control policy, and to create at least one predetermined observable side effect based on the successful execution of the operation (paragraphs 3, 12, 21 and 22). 
Regarding claim 2, Novak teaches wherein the software target is one of a main logic and an execution environment of the main logic (Figure 4 and paragraphs 40 and 41). 
Regarding claim 3, Novak teaches wherein the execution environment is one of a virtual machine, a container and a process (paragraphs 40 and 41). 
Regarding claim 4, Novak teaches wherein the probing logic is to create a number of predetermined side effects comprising at least one of
Regarding claim 5, Novak teaches wherein a monitoring policy specifies the at least one observable side effect (paragraphs 3, 19, 34 and 38). 
Regarding claim 6, Novak teaches wherein the monitoring policy further specifies at least one responsive action to take when it is determined that an intrusion has occurred (paragraphs 3, 15, 19, 34 and 38). 
Regarding claim 7, Novak teaches wherein a probing policy specifies the at least one operation that is to be executed by the probing logic (paragraphs 3 and 15). 
Regarding claim 8, Novak discloses a system, comprising: 
a software target having an access control policy, a monitor having a monitoring policy (paragraphs 1, 38 and 41), 
and a probing logic to actively test the access control policy (paragraphs 3, 15, 19, and 38), 
wherein the probing logic is to execute at least one operation that is forbidden by the access control policy, and to create at least one predetermined observable side effect based on the successful execution of the operation (paragraphs 3, 12, 21 and 22), 
and wherein the system is to determine whether an intrusion in the software target has occurred based on monitored side effects (paragraphs 3, 12, 21 and 22). 
Regarding claim 9, Novak discloses wherein the software target is one of a main logic and an execution environment of the main logic (Figure 4 and paragraphs 40 and 41). 
Regarding claim 10, Novak discloses wherein the execution environment is one of
Regarding claim 11, Novak discloses wherein the probing logic is to create a number of predetermined side effects comprising at least one of accessing a file or directory, creating a file, deleting a specific piece of data or code in the software target or in another execution environment, creating network traffic, executing a system call, or blocking one of an IP address, a protocol or a port (paragraphs 3, 15, 19, 34 and 38). 
Regarding claim 12, Novak discloses wherein the monitoring policy specifies the at least one observable side effect (paragraphs 3, 19, 34 and 38). 
Regarding claim 13, Novak discloses wherein the monitoring policy further specifies at least one responsive action to take when it is determined that an intrusion has occurred (paragraphs 3, 15, 19, 34 and 38). 
Regarding claim 14, Novak discloses a probing policy which specifies the at least one operation that is to be executed by the probing logic (paragraphs 3 and 15). 
Regarding claim 15, Novak discloses a non-transitory program product having computer readable code stored thereon that, when executed by a computing device (paragraph 4), causes the computing device to: 
determine whether an access control policy of a software target has been compromised using a probing logic (paragraphs 1, 38 and 41), 
wherein the probing logic is to execute at least one operation that is forbidden by the access control policy, and to create at least one predetermined observable side effect based on the successful execution of the operation (paragraphs 3, 12, 21 and 22), 
and wherein the computing device determines whether the access control policy has been compromised based on monitored side effects (paragraphs 3, 12, 21 and 22).

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. The references cited on form PTO-892 are cited to further show the state of the art with respect to evaluating access control policies.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JEREMIAH L AVERY whose telephone number is (571)272-8627. The examiner can normally be reached M-F 8:30am -5:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn Feild can be reached on 571-272-2092. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 



/JEREMIAH L AVERY/Primary Examiner, Art Unit 2431