DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
Claims 1-20 are rejected in the Instant Application.


Priority
Examiner acknowledges Applicant’s claim to priority benefits of continuation of US Patent Application 17/093,164 filed 11/09/2020 which is a continuation of PCT application PCT/EP2019/058330 filed 04/02/2019.


Information Disclosure Statement
The information disclosure statement(s) (IDS) submitted on 09/20/2021 is/are in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement(s) is/are being considered if signed and initialed by the Examiner.


Double Patenting
A rejection based on double patenting of the “same invention” type finds its support in the language of 35 U.S.C. 101 which states that “whoever invents or discovers any new and useful process... may obtain a patent therefor...” (Emphasis added). Thus, the term “same invention,” in this context, means an invention drawn to identical subject matter. See Miller v. Eagle Mfg. Co., 151 U.S. 186 (1894); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); and In re Ockert, 245 F.2d 467, 114 USPQ 330 (CCPA 1957).

A statutory type (35 U.S.C. 101) double patenting rejection can be overcome by canceling or amending the claims that are directed to the same invention so they are no longer coextensive in scope. The filing of a terminal disclaimer cannot overcome a double patenting rejection based upon 35 U.S.C. 101.

The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees.  A nonstatutory double patenting rejection is appropriate where the claims at issue are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); and In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).

A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on a nonstatutory double patenting ground provided the reference application or patent either is shown to be commonly owned with this application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).

The USPTO internet Web site contains terminal disclaimer forms which may be used.  Please visit http://www.uspto.gov/forms/.  The filing date of the application will determine what form should be used.  A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission.  For more information about eTerminal Disclaimers, refer to http://www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.  


Claims 1-14, 16 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-15 of U.S. Patent No. 11159575. Although the claims at issue are not identical, they are not patentably distinct from each other because the claims point to the same subject matter at hand and further utilize almost identical limitations which would read on one another. Examiner suggests filing a terminal disclaimer. 


Instant Application
U.S. Patent No. 11159575
1. A user device comprising a transceiver, a processor, and a memory, wherein the memory holds:
A) a device management application arranged to control functionality of the user device in accordance with an operative device policy state of the user device; and
B) a local device policy schedule comprising a queue of device policy states 
C) wherein the local device policy schedule corresponds to a remote device policy schedule at a remote system and responsive to receiving, from the remote system via the transceiver, synchronisation data indicating a first device policy state in the queue of device policy states, the device management application is arranged to update the operative device policy state of the user device to the first device policy state in the event that the operative device policy state is not the first device policy state.
9. The user device of claim 1, D) wherein upon determining that a predetermined interval of time has elapsed since a most recent receipt of synchronisation data from the remote system, the device management application is arranged to update the operative device policy state of the user 
10. The user device of claim 9, E) wherein the terminal device policy state is more restrictive of the functionality of the user device than the operative device policy state of the user device before being updated to the terminal device policy state.


A) a device management application arranged to control functionality of the user device in accordance with an operative device policy state of the user device; and
B) a local device policy schedule comprising a queue of device policy states each comprising a respective set of policy data,

D) wherein upon determining that a predetermined interval of time has elapsed since a most recent receipt of synchronisation data from the remote system, the device management application is arranged to update the operative device policy state of the user device to a terminal device policy state in the queue of device policy states; and
E) wherein the terminal device policy state is more restrictive of the functionality of the user device than the operative device 

11. The user device of claim 9, wherein the device management application is arranged to update the operative device policy state of the user device progressively through two or more policy states of the device policy schedule at respective elapsed times since the most recent synchronising of the device policy schedule.

2. The user device of claim 1, wherein the device management application is arranged to update the operative device policy state of the user device progressively through two or more police states of the device policy schedule at respective elapsed times since the most recent receipt of synchronisation data from the remote system.

12. The user device of claim 1, wherein the receiving of the first synchronisation data comprises receiving a 



2. The user device of claim 1, wherein upon updating the operative device policy state to the first device policy state, the device management application is configured to control the functionality of the user device by selectively disabling software applications installed on the user device.
 
4. The user device of claim 1, wherein the device management application is arranged to control the functionality of the user device by disabling of one or more software applications installed on the user device.

5. The user device of claim 2, wherein the selective disabling comprises selectively disabling one or more categories of software applications.

5. The user device of claim 4, wherein the disabling of the one or more software applications comprises disabling one or more categories of software applications.

6. The user device of claim 1, wherein the device management application is arranged to control the functionality of the 



7. The user device of claim 1, wherein the device management application is arranged to control the functionality of the user device by disabling the ability of a software application to access a function of the user device in accordance with a policy state.

8. The user device of claim 1, wherein the device management application is arranged to disable the ability of a software application to access a function of the user device in accordance with a policy state.

8. The user device of claim 1, wherein responsive to receiving second synchronisation data from the remote system via the transceiver, the device management application is arranged to update the operative device policy state of the user device from the first device policy state to a second device policy state in the queue of device policy states.

9. The user device of claim 1, wherein responsive to receiving, from the remote system via the transceiver, synchronisation data indicating a second device policy state in the queue of device policy states, the device management application is arranged to update the operative device policy state of the user device from the first device policy state to the second device policy state.

10. The user device of claim 9,  wherein the terminal device policy state is more restrictive of the functionality of the user device than the operative device policy state of the user device before being updated to the terminal device policy state.

10. The user device of claim 9, wherein the second device policy state is more restrictive than the first device policy state.

13. The user device of claim 1, wherein the user device is a smartphone.

11. The user device of claim 1, wherein the user device is a smartphone.

20. A non-transient storage medium comprising machine readable instructions which, when executed by a processor of a user device, cause the user device to, 
A) responsive to receiving from a remote system via a transceiver of the user device, synchronisation data indicating a first device policy state in a queue of device policy states of a local device policy schedule stored at the user device and corresponding 
B) update an operative device policy state of the user device to the first device policy state in the event that the operative device policy state of the user device is not the first device policy state; and
C) control functionality of the user device in accordance with the updated operative device policy state.


A) responsive to receiving, from a remote system via a transceiver of the user device, synchronisation data indicating a first device policy state in a queue of device policy states of a local device policy schedule stored at the user device and corresponding to a remote device policy schedule at a remote system:

C) control functionality of the user device in accordance with the updated operative device policy state; and
D) upon determining that a predetermined interval of time has elapsed since a most recent receipt of synchronisation data from the remote system, update the operative device policy state of the user device to a terminal device policy state in the queue of device policy states,
E) wherein the terminal device policy state is more restrictive of the functionality of the user device than the operative device policy state of the user device before being updated to the terminal device policy state.


A) provisioning the user device with a device management application configured to control functionality of the user device in accordance with an operative device policy state of the user device;
B) provisioning the user device with a local device policy schedule comprising a queue of device policy states each comprising a respective set of policy data;
C) storing a remote device policy schedule at a remote system, wherein the remote device policy schedule corresponds to the local device policy schedule;
D) setting, at the remote system, the operative device policy state for the user device to a first device policy state in the queue of device policy states; and



A) provisioning the user device with a device management application configured to control functionality of the user device in accordance with an operative device policy state of the user device;
B) provisioning the user device with a local device policy schedule comprising a queue of device policy states each comprising a respective set of policy data;
C) storing a remote device policy schedule at a remote system, wherein the remote device policy schedule corresponds to the local device policy schedule;
D) setting, at the remote system, the operative device policy state for the user device to a first device policy state in the queue of device policy states; and
E) transmitting, from the remote system to a transceiver of the user device, synchronisation data indicating the first device policy state;

G) wherein the terminal device policy state is more restrictive of the functionality of the user device than the operative device policy state of the user device before being updated to the terminal device policy state.


A) receiving usage data from the user device indicative of usage of the software applications installed on the user device over a period of time; and
B) determining one or more of the software applications installed on the 
 wherein the first device policy state includes disabling the determined one or more software applications installed on the user device.


A) receiving, by the remote system from the device management application, usage data for software applications installed on the user device; and
B) determining the one or more software applications to be disabled on the basis of the received usage data.



	


Claim Rejections - 35 USC § 103
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

Claim 1-17, 20 are rejected under 35 U.S.C. 103 as being unpatentable over Wade et al. (US20130091543A1) hereinafter Wade in view of Tran et al. (US20090182802A1) hereinafter Tran.
1. Wade teaches a user device comprising a transceiver, a processor, and a memory (Fig 1 see computing device), wherein the memory holds:
secure management application may be responsible for managing the receipt of policies and updated configurations related to those policies already received at the computing device 100.)c; and
wherein the local device policy schedule corresponds to a remote device policy schedule at a remote system and responsive to receiving, from the remote system via the transceiver (¶0128 see policies may be defined and managed via a network-based management portal by any suitable party, such as the enterprise that has generated the secure partition and the delivery of the secure applications (or that has caused such steps to be taken). In addition, the policies may be dynamic in nature, as at least some of them may be reconfigured at any suitable time. It must also be noted that policies may apply to individual secure applications or groups of them, irrespective of whether the secure applications are related to one another or are permitted to exchange communications with one another. In fact, some policies may apply to all secure applications in the secure partition or the secure partition specifically), 
a local device policy schedule comprising policy states each comprising a respective set of policy data (¶0027 see  different policies may exist for the same secure application and ¶0130 see These policies may be delivered to the computing device 100 such that they are stored locally. Even so, they may be stored remotely to be retrieved during loadtime or runtime of a secure application ¶0153 These profiles, certificates and policies may be delivered to the computing device on an individual basis, or some of them may be packaged together for delivery to the device in the form of a bundle),

Tran however in the same field of networking teaches synchronisation data indicating a first device policy state in the queue of device policy states, the device management application is arranged to update the operative device policy state of the user device to the first device policy state in the event that the operative device policy state is not the first device policy state and a queue of device policy states (¶0002 see Each schedule item may include a predefined event and an associated action. The client scheduler module may be configured to monitor the device management schedule, detect the predefined event defined in a schedule item, and perform the associated action that is associated with the event ¶0010 see schedule 24 may include one or more schedule items 26, each schedule item 26 including one or more predefined events 28 and one or more associated actions 30, such as an associated software configuration action ¶0020 the device management schedule 24 may be stored in a data structure 200 [The schedule items are interpreted as a queue ie data structure of policy states] ¶0017 see  the device management client 14 may contact the device management server 18, for example, to send a confirmation reporting successful detection of the event furthermore see ¶0023 see schedule item 26 is triggered at an absolute or relative start time indicated by the StartAndEndTimes node 230, and repeats according to value in the IntervalDuration node 236 (which may be expressed in minutes between schedule events, for example) and the value in the MaximumRepeatCount node 238 [Here Tran teaches events can be timed events and post event the server is contacted for sync/update of the policy]); and update the operative device policy state of the user device to the terminal device policy state (see Fig 2 element 117 ‘update schedule’)
Accordingly, it would have been obvious to one of ordinary skill in the art of computer networking at the effective filing date of the claimed invention given the usage events and policies by Wade and the teachings of Tran for utilizing time based policies to update policies and events to combine the teachings such that Wade utilizes the data structures and schedules as taught by Tran. One of ordinary skill in the art would recognize that the results of the combination are predictable because each element in the combination is merely performing the same function it would perform separately. One would be motivated to combine these teachings because doing so will allow for configuration updates and policy groupings to managed at a device and recorded at a server.
2. The already combined references teach the user device of claim 1, wherein upon updating the operative device policy state to the first device policy state, the device management application is configured to control the functionality of the user device by selectively disabling software applications installed on the user device (Wade ¶0136 see a policy can be implemented that locks or deletes a secure application).
3. The already combined references teach the user device of claim 2, wherein:
the device management application is configured to monitor usage of the software applications installed on the user device; and the selective disabling is performed in dependence on the usage, over a period of time, of the software applications installed on the user device a policy may be set that restricts the hours that a secure application may operate. If the secure application attempts to launch during a restricted temporal period, the impositions that result from the securitization process may override the normal system APIs, and the secure application may be prevented from doing so [Wade makes it clear that usage data hours/geographical location/network data is captured and then utilized to make determinations of policy]).
4. The already combined references teach the user device of claim 3, wherein the selective disabling comprises disabling a most used one or more software applications installed on the user devices over said period of time (Wade ¶0155-56 see (3) a secure application's usage statistics can be tracked and recorded; and Moreover, any data associated with the secure e-mail application, such as a particular e-mail message, can be deleted remotely, and the usage statistics of the secure e-mail application can be monitored, such as under the direction of a remote command. )
5. The already combined references teach the user device of claim 2, wherein the selective disabling comprises selectively disabling one or more categories of software applications (Wade ¶0136 see  policy can be implemented that locks or deletes a secure application if the computing device on which the secure application is installed has been offline or disconnected from a certain network for more than a predetermined amount of time [the one or more categories here is interpreted as ‘secure’ application).
6. The already combined references teach the user device of claim 1, wherein the device management application is arranged to control the functionality of the user device by disabling at least one function of the user device (Wade ¶0017 see enabling or disabling the ability of the secure application to write data to or retrieve data from external storage [see the entire list as it pertains to functionality]).
7. The already combined references teach the user device of claim 1, wherein the device management application is arranged to control the functionality of the user device by disabling the ability of a software application to access a function of the user device in accordance with a policy state (Wade ¶0017 see enabling or disabling the ability of the secure application to write data to or retrieve data from external storage [see the entire list as it pertains to functionality]).
8. The combined references teach the user device of claim 1, 
Wade does not explicitly teach wherein responsive to receiving second synchronisation data from the remote system via the transceiver, the device management application is arranged to update the operative device policy state of the user device from the first device policy state to a second device policy state in the queue of device policy states
Tran however in the same field of networking teaches wherein responsive to receiving second synchronisation data from the remote system via the transceiver, the device management application is arranged to update the operative device policy state of the user device from the first device policy state to a second device policy state in the queue of device policy states (Tran Fig 2 see 116 and 117 furthermore ¶0018 see device management server 18 may be further configured to download an updated device management schedule 24 including one or more updated schedule items 26 to the client scheduler module 16 executed on the mobile computing device 12. The updated device schedule may be generated by the device management server 18 based on server side policies, and also based on information received from the client scheduler module 16, at 116)
Accordingly, it would have been obvious to one of ordinary skill in the art of computer networking at the effective filing date of the claimed invention given the usage events and policies by Wade and the teachings of Tran for secondary synchronization for events and policies to combine the teachings such that Wade utilizes the data structures and schedules as taught by Tran. One of ordinary skill in the art would recognize that the results of the combination are predictable because each element in the combination is merely performing the same function it would perform separately. One would be motivated to combine these teachings because doing so will allow for configuration updates and policy groupings to managed at a device and recorded at a server.

9. The already combined references teach the user device of claim 1 user device of claim 1, 
Wade however does not explicitly teach wherein upon determining that a predetermined interval of time has elapsed since a most recent receipt of synchronisation data from the remote system, the device management application is arranged to update the operative device policy state of the user device to a terminal device policy state in the queue of device policy states
Tran however in the same field of computer networking teaches wherein upon determining that a predetermined interval of time has elapsed since a most recent receipt of synchronisation data from the remote system, the device management application is arranged to the device management client 14 may contact the device management server 18, for example, to send a confirmation reporting successful detection of the event furthermore see ¶0023 see schedule item 26 is triggered at an absolute or relative start time indicated by the StartAndEndTimes node 230, and repeats according to value in the IntervalDuration node 236 (which may be expressed in minutes between schedule events, for example) and the value in the MaximumRepeatCount node 238 [Here Tran teaches events can be timed events and post event the server is contacted for sync/update of the policy]); and update the operative device policy state of the user device to the terminal device policy state (see Fig 2 element 117 ‘update schedule’)
Accordingly, it would have been obvious to one of ordinary skill in the art of computer networking at the effective filing date of the claimed invention given the usage events and policies by Wade and the teachings of Tran for utilizing time based policies to update policies and events to combine the teachings such that Wade utilizes the data structures and schedules as taught by Tran. One of ordinary skill in the art would recognize that the results of the combination are predictable because each element in the combination is merely performing the same function it would perform separately. One would be motivated to combine these teachings because doing so will allow for configuration updates and policy groupings to managed at a device and recorded at a server.



	The already combined references teach user device of claim 9, wherein the terminal device policy state is more restrictive of the functionality of the user device than the operative device policy state of the user device before being updated to the terminal device policy state (Tran ¶0018 see the device management server 18 may be further configured to download an updated device management schedule 24 including one or more updated schedule items 26 to the client scheduler module 16 executed on the mobile computing device 12. The updated device schedule may be generated by the device management server 18 based on server side policies, and also based on information received from the client scheduler module 16, at 116. [The term ‘more restrictive’ is a subjective term and examiner interprets it to be an ‘update’ based on information from the module]).

11. 	The already combined references teach user device of claim 9, wherein the device management application is arranged to update the operative device policy state of the user device progressively through two or more policy states of the device policy schedule at respective elapsed times since the most recent synchronising of the device policy schedule (Tran ¶0032 see multiple events may be utilized in a schedule item [Here Tran allows for multiple events to occur prior to updating schedule with the server]).
12. The already combined references teach the user device of claim 1, wherein the receiving of the first synchronisation data comprises receiving a push notification or a short message service (SMS) message indicating the first device policy state (Wade ¶0073 see The device 100 may also receive push notifications from any suitable service as part of a communications process).
Wade ¶0003 see smartphones have evolved over the years, consumers have become increasingly reliant on these devices, particularly when it comes to managing their personal affairs. Many enterprises, however, have resisted putting corporate data on the personal devices).
14. Wade teaches a method of remotely managing a user device, comprising:
provisioning the user device with a device management application configured to control functionality of the user device in accordance with an operative device policy state of the user device (¶0130 see The secure management application may be responsible for managing the receipt of policies and updated configurations related to those policies already received at the computing device 100);
setting, at the remote system, the operative device policy state for the user device to a first device policy state in the device policy states (¶0128 see policies may be defined and managed via a network-based management portal by any suitable party, such as the enterprise that has generated the secure partition and the delivery of the secure applications (or that has caused such steps to be taken). In addition, the policies may be dynamic in nature, as at least some of them may be reconfigured at any suitable time. It must also be noted that policies may apply to individual secure applications or groups of them, irrespective of whether the secure applications are related to one another or are permitted to exchange communications with one another. In fact, some policies may apply to all secure applications in the secure partition or the secure partition specifically); and
the processing unit is configured to selectively permit the secure application to engage in the first application behavior by selectively permitting the secure application to engage in the first application behavior if predetermined criteria associated with the operation of the secure application are met. ... wherein the predetermined criteria are based on a policy).
Wade teaches provisioning the user device with a local device policy schedule comprising a policy data comprising a respective set of policy data (claims 70/71 see the processing unit is configured to selectively permit the secure application to engage in the first application behavior by selectively permitting the secure application to engage in the first application behavior if predetermined criteria) Wade however does not explicitly teach a queue of device policy states, storing a remote device policy schedule at a remote system, wherein the remote device policy schedule corresponds to the local device policy schedule
Tran however in the same field of computer networking teaches a queue of device policy states (¶0002 see Each schedule item may include a predefined event and an associated action. The client scheduler module may be configured to monitor the device management schedule, detect the predefined event defined in a schedule item, and perform the associated action that is associated with the event ¶0010 see schedule 24 may include one or more schedule items 26, each schedule item 26 including one or more predefined events 28 and one or more associated actions 30, such as an associated software configuration action ¶0020 the device management schedule 24 may be stored in a data structure 200 [The schedule items are interpreted as a queue ie data structure of policy states]) storing a remote device policy schedule at a remote Each schedule item may include a predefined event and an associated action. The client scheduler module may be configured to monitor the device management schedule, detect the predefined event defined in a schedule item, and perform the associated action that is associated with the event ¶0010 see schedule 24 may include one or more schedule items 26, each schedule item 26 including one or more predefined events 28 and one or more associated actions 30, such as an associated software configuration action ¶0020 the device management schedule 24 may be stored in a data structure 200 [The schedule items are interpreted as a queue ie data structure of policy states])
Accordingly, it would have been obvious to one of ordinary skill in the art of computer networking at the effective filing date of the claimed invention given the usage of an Android system by Wade and the teachings of GPC for utilizing and creating a Device Policy Controller to combine the teachings such that Wade utilizes the Policy Controller as highlighted by GPC. One of ordinary skill in the art would recognize that the results of the combination are predictable because each element in the combination is merely performing the same function it would perform separately. One would be motivated to combine these teachings because doing so will allow for controlling of local device policies and applications further supporting dedicated device solution sets utilizing APIs.

15. The already combined references teach the method of claim 14, wherein the device management application is arranged to control the functionality of the user device by selectively disabling software applications installed on the user device (Wade ¶0136 see  policy can be implemented that locks or deletes a secure application if the computing device on which the secure application is installed has been offline or disconnected from a certain network for more than a predetermined amount of time [the one or more categories here is interpreted as ‘secure’ application).
16. The already combined references teach the method of claim 15, further comprising:
receiving usage data from the user device indicative of usage of the software applications installed on the user device over a period of time; and determining one or more of the software applications installed on the user device to disable in dependence on the usage data (Wade ¶0132 see a policy may be set that restricts the hours that a secure application may operate. If the secure application attempts to launch during a restricted temporal period, the impositions that result from the securitization process may override the normal system APIs, and the secure application may be prevented from doing so [Wade makes it clear that usage data hours/geographical location/network data is captured and then utilized to make determinations of policy]), wherein the first device policy state includes disabling the determined one or more software applications installed on the user device (Wade ¶0136 see a policy can be implemented that locks or deletes a secure application).
17. The method of claim 16, wherein the determined one or more software applications include a one or more most used software applications over said period of time (Wade ¶0155-56 see (3) a secure application's usage statistics can be tracked and recorded; and Moreover, any data associated with the secure e-mail application, such as a particular e-mail message, can be deleted remotely, and the usage statistics of the secure e-mail application can be monitored, such as under the direction of a remote command. )

responsive to receiving from a remote system via a transceiver of the user device ((¶0100 see several secure applications 920 may be downloaded on the device 100 and one or more settings and configurations may be implemented on the device 100):), 
update an operative device policy state of the user device to the first device policy state in the event that the operative device policy state of the user device is not the first device policy state (claims 70/71 see the processing unit is configured to selectively permit the secure application to engage in the first application behavior by selectively permitting the secure application to engage in the first application behavior if predetermined criteria associated with the operation of the secure application are met. ... wherein the predetermined criteria are based on a policy);; and
control functionality of the user device in accordance with the updated operative device policy state (Wade ¶0136 see a policy can be implemented that locks or deletes a secure application).
Wade teaches synchronisation data indicating a first device policy state (¶0125)
Wade does not explicitly teach policy state in a queue of device policy states of a local device policy schedule stored at the user device and corresponding to a remote device policy schedule at a remote system
Each schedule item may include a predefined event and an associated action. The client scheduler module may be configured to monitor the device management schedule, detect the predefined event defined in a schedule item, and perform the associated action that is associated with the event ¶0010 see schedule 24 may include one or more schedule items 26, each schedule item 26 including one or more predefined events 28 and one or more associated actions 30, such as an associated software configuration action ¶0020 the device management schedule 24 may be stored in a data structure 200 [The schedule items are interpreted as a queue ie data structure of policy states]) and corresponding to a remote device policy schedule at a remote system (¶0017 see  the device management client 14 may contact the device management server 18, for example, to send a confirmation reporting successful detection of the event furthermore see ¶0023 see schedule item 26 is triggered at an absolute or relative start time indicated by the StartAndEndTimes node 230, and repeats according to value in the IntervalDuration node 236 (which may be expressed in minutes between schedule events, for example) and the value in the MaximumRepeatCount node 238 [Here Tran teaches events can be timed events and post event the server is contacted for sync/update of the policy]); and update the operative device policy state of the user device to the terminal device policy state (see Fig 2 element 117 ‘update schedule’)
Accordingly, it would have been obvious to one of ordinary skill in the art of computer networking at the effective filing date of the claimed invention given the usage events and policies by Wade and the teachings of Tran for utilizing time based policies to update policies and events to combine the teachings such that Wade utilizes the data structures and schedules as .


Claims 18, 19 is rejected under 35 U.S.C. 103 as being unpatentable over Wade-Tran further in view of Permeh et al. (US20150227741A1) hereinafter Permeh.
18. Wade-Tran teach the method of claim 16, wherein:
said user device is a first user device (Wade ¶0033 see The computing device can include an input device that may be configured to receive a request to activate a secure application that is installed on the computing device); said usage data is first user data (¶0155 see secure application's usage statistics can be tracked and recorded);
Wade Tran however does not explicitly teach the method comprises receiving further usage data from further user devices indicative of usage of software applications installed on the further user devices and the determining of the one or more software applications is further dependent on the further usage data
Permeh however in the same field of computer networking teaches the method comprises receiving further usage data from further user devices indicative of usage of software applications installed on the further user devices (¶0012 see least one feature can include at least one external feature from a source external to a system to execute the program. The external feature or features can be obtained, for example, from at least one remote database or other data source. ¶0036 see external features can include a determination by a trusted third party as to a program's authenticity, a program's prevalence among a larger population of computers, and/or the reputations of other computers contacted by a program.); and the determining of the one or more software applications is further dependent on the further usage data (¶0036 see Frequently, these features entail knowledge that is impractical to host on an individual computer due to size, complexity, or frequency of updates. Due to the latency of a network lookup, these features can generally be collected in response to a particular request from the discernment engine 120, at a particular point in time ).
Accordingly, it would have been obvious to one of ordinary skill in the art of computer networking at the effective filing date of the claimed invention given usage of  a device in Wade and the teachings of Permeh for utilizing external usage data to combine the teachings such that Wade utilizes the external data in determining application management of Permeh. One of ordinary skill in the art would recognize that the results of the combination are predictable because each element in the combination is merely performing the same function it would perform separately. One would be motivated to combine these teachings because doing so will allow for a safer user device as data from other devices will be utilized in removing blocking applications.

19. The already combined references teach the method of claim 18, 

Permeh however in the same field of computer networking teaches wherein the determining of the one or more software applications includes processing the first user data and the further user data using a machine learning algorithm (¶0014 see An output of two or more machine learning models can be combined and used to determine whether or not to allow the program to execute or continue to execute. ¶0029 see The selection of a model can be predicated on features provided by the feature collector 110, a user configuration, the current availability or scarcity of computing resources, and/or other state information)
Accordingly, it would have been obvious to one of ordinary skill in the art of computer networking at the effective filing date of the claimed invention given usage of  a device in Wade and the teachings of Permeh for utilizing maching learning to capture usage statistics to combine the teachings such that Wade utilizes machine learning models in determining application management. One of ordinary skill in the art would recognize that the results of the combination are predictable because each element in the combination is merely performing the same function it would perform separately. One would be motivated to combine these teachings because doing so will allow for a safer user device as data from other devices will be utilized in removing blocking applications.



Conclusion
References are cited not only for their quoted language but for all that they teach.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Atta Khan whose telephone number is 571-270-7364.  The examiner can normally be reached on M-F 09:00-6:00.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Vivek Srivastava can be reached on (571) 272-7304.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/ATTA KHAN/
Examiner, Art Unit 2449