Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION
An effective filing date of 11/02/2020 is acknowledged. 
Claims 1 – 12 and 14 – 17 are pending as per preliminary amendment dated 11/02/2020.

Drawings
Figures 1 – 3 should be designated by a legend such as --Prior Art-- because only that which is old is illustrated.  
See MPEP § 608.02(g).  Corrected drawings in compliance with 37 CFR 1.121(d) are required in reply to the Office action to avoid abandonment of the application. The replacement sheet(s) should be labeled “Replacement Sheet” in the page header (as per 37 CFR 1.84(c)) so as not to obstruct any portion of the drawing figures. If the changes are not accepted by the examiner, the applicant will be notified and informed of any required corrective action in the next Office action. The objection to the drawings will not be held in abeyance.

Specification
The abstract is objected to because it contains the form and legal phraseology often used in patent claims, such as “said”.


Claim Objections
Claims 1 – 12 and 14 – 17 are objected to because of the following informalities:  
Claim 1
	Line 5; insert --said-- before “application store” and “terminal” respectively.  
	Line 7; change “an application” to --said application--.
Claim 6
	Claim 6 should be canceled because its limitation is already recited in claim 5.
Claims 2 – 5
	These claims are dependent claims of objected claim1 either directly or indirectly; therefore, they inherit the deficiency of claim 1.
Claim 7
	Line 5; insert --said-- before “application store” and “terminal” respectively.  
	Line 6; change “an application” to --said application--. And, change “app store” to --application store--.
	Line 10; insert --said-- before “application”.
Claim 8
	Last line; change “a” to --said--.
Claim 10
	Line 1; insert --class-- after “first”.
	Line 2; change “a first class” to --the first class--.
Claims 9, 11, and 12
	The claims are dependent claims of objected claims; therefore, they inherit the deficiencies of objected claims.
Claim 14
	Line 2; change “an application” to --said application--. 
	Line 3; change “a terminal” to --said terminal--.
Claims 15 – 17 
	The claims are dependent claims of objected claim 14; therefore, they inherit the deficiencies of objected claim 14.
Appropriate correction is required.

Claim Rejections - 35 USC § 102
	The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


Claims 1 and 14 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Kasahara (Pub. No. US 2006/0075397 A1; hereinafter Kasahara.)

Claim 1
Kasahara teaches a system to install and run an application for a terminal, said system comprising: 
an application store (Kasahara; Figs. 11 & 12, [0130 – 0131] …The third party server 602 (application store) may distribute the encrypted program and/or the encrypted modules to the client terminal apparatus 604 by way of an electronic download over the network 605…); and 
a terminal management server (TMS) (Kasahara; Figs. 11 & 13, [0132] … In order to execute the source encrypted computer program or to modify an existing program, however, the client terminal apparatus 604 must register the source encrypted computer program or the source encrypted modules, preferably with the administrative server 601 (TMS) over the network 605); 
wherein said TMS, application store and terminal are coupled to each other via a network (Kasahara; Fig. 11, [0122] The system 610 preferably includes an administrative server 601, a third party server 602, an encryption server 603, and a plurality of client terminal apparatus 604, such as the processing arrangements 118, all coupled to a network 605…); 
wherein a vendor uploads an application to said application store (Kasahara; Figs. 11 & 12, [0130] … In this example, the third party server 602 is associated with a software developer (vendor) that either itself or in conjunction with another entity obtains programs and/or obtains software and/or data modules…), and said terminal downloads said application via said network (Kasahara; Figs. 11 & 14, [0133] …At step S20, the client terminal apparatus 604 receives the source encrypted computer program or the source encrypted modules…; [0131] … The third party server 602 may distribute the encrypted program and/or the encrypted modules to ; and 
wherein after said downloading by said terminal, said TMS authorizes said terminal to install and run said downloaded application (Kasahara; Figs. 11, 14, 15, 18, 20, & 22, [0133 – 0149] …With reference to FIGS. 17 and 18, the administrative server 601 is preferably operable to produce an encrypted decryption key and an encrypted virtual ID, where the decryption key is operable for use in decrypting the source encrypted computer program or the source encrypted modules at the client terminal apparatus 604…The network interface of the administrative server 601 is preferably further operable to facilitate the transmission of the encrypted decryption key and the encrypted virtual ID to the client terminal apparatus 604 over the network 605 (step S44)… Next, the source encrypted computer program or the source encrypted modules are decrypted using the decryption key (step S60)… At step S78, the decryption device of the client terminal apparatus 604 decrypts the client encrypted computer program or the client encrypted program and data modules using the virtual ID obtained at step S76. At this point, the client terminal apparatus 604 may execute or modify the computer program…)

Claim 14
This is a method version of the rejected system version in claim 1; therefore, it is rejected for the same reasons.

Claim Rejections - 35 USC § 103
	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


Claims 2 – 6 and 15 – 17 are rejected under 35 U.S.C. 103 as being unpatentable over Kasahara in view of Rose (Patent No. 5,708,709.)

Claim 2
Kasahara does not explicitly teach after said application is downloaded by said terminal, said TMS authenticates said application.
However, Rose teaches after said application is downloaded by said terminal, said TMS authenticates said application (Rose; Fig. 1, col. 6: 64 – 66, The Application Program is initially stored as a Server Format version 180 of the Application Program on server 104 (TMS); col. 7: 3 – 5, Application Builder 112 may act as an agent for the server by initiating communication with the server in response to a request by client computer 102 (application builder shows activities of server 104). 
Fig. 9B, col. 9: 54 – 60, The client computer receives the encrypted Transmission Format version of the trial Application Program and stores it locally on the computer associated with the user (Step 420)…; col. 9: 61 – col. 10: 29, … The Application Builder then verifies (authenticates) that the particular client computer has a valid The application builder acts as agent for server 104 and shows activities of server 104.  Therefore, when the application builder verifies client and application, it is considered as the server performs the verifications.
Kasahara and Rose are in the same analogous art as they are in the same field of endeavor, authorizing client and application.  Therefore, it would have been obvious to one with ordinary skill, in the art before the effective filing date of the claimed invention, to incorporate Rose teachings into Kasahara invention to allow server to verify (authenticate) application by its agent as suggested by Rose (col. 6: 32 – 39.)

Claim 3
Kasahara teaches 
prior to said upload, said vendor encrypts one or more portions of said application (Kasahara; [0130 – 0131] … In this example, the third party server 602 is associated with a software developer (vendor) that either itself or in conjunction with another entity obtains programs and/or obtains software and/or data modules… The encryption server 603 preferably encrypts the software program or the software 
 Rose teaches wherein said terminal obtains a decryption key from said TMS to decrypt said encrypted one or more portions after said authentication and authorization (Rose; Fig. 1, col. 6: 64 – 66, The Application Program is initially stored as a Server Format version 180 of the Application Program on server 104 (TMS); col. 7: 3 – 5, Application Builder 112 may act as an agent for the server by initiating communication with the server in response to a request by client computer 102 (application builder shows activities of server 104). 
Fig. 9B, col. 9: 54 – 60, The client computer receives the encrypted Transmission Format version of the trial Application Program and stores it locally on the computer associated with the user (Step 420)…; col. 9: 61 – col. 10: 29, … The Application Builder then verifies (authenticates) that the particular client computer has a valid license for that particular program and that the license to the trial Application Program has not expired …When the Application Builder has completed verification of the license, it decrypts the trial Application Program (Step 434) using the Application Builder's Private Key so that the program may be loaded for execution in the client computer CPU. As explained above, the stored, doubly encrypted control information is decrypted using the Application Builder's private key 113 and the server's public key 187(decryption key)  and then the decrypted control information is used to verify that user's rights to execute the trial application program.)  The application builder shows activities of server 104.  Therefore, when the application builder verifies client and application, it is considered as the server performs the verifications. Motivation for incorporating Rose into Kasahara is the same as motivation in claim 2.

Claim 4
Kasahara also teaches said encryption is operative to prevent exposure of said one or more portions of said application outside a trusted environment (Kasahara; [0129] Thus, the end-user may receive the computer program and/or the program and/or data modules in a form (i.e., source encrypted) in which it cannot be used to execute or modify the program on the client terminal apparatus 604 (environment, platform) without first obtaining a decryption key and decrypting the source encrypted program and/or the source encrypted modules…) user having decryption key can decrypt the encrypted program for execution on the client terminal [Wingdings font/0xE0] the client terminal == trusted environment/platform.  A client terminal without decryption key == untrusted environment/platform because it cannot decrypt the encrypted program.

Claim 5
Kasahara also teaches said encryption is operative to prevent the application from performing critical or sensitive operations in unauthorized platforms (Kasahara; [0129] Thus, the end-user may receive the computer program and/or the program and/or data modules in a form (i.e., source encrypted) in which it cannot be used to execute or modify the program on the client terminal apparatus 604 (environment, platform) without first obtaining a decryption key and decrypting the user having decryption key can decrypt the encrypted program for execution on the client terminal [Wingdings font/0xE0] the client terminal == trusted environment/platform.  A client terminal without decryption key == untrusted environment/platform because it cannot decrypt the encrypted program; therefore, the program cannot perform critical or sensitive operations.

Claim 6
Kasahara also teaches said encryption is operative to prevent the application from performing critical or sensitive operations in unauthorized platforms (Kasahara; [0129] Thus, the end-user may receive the computer program and/or the program and/or data modules in a form (i.e., source encrypted) in which it cannot be used to execute or modify the program on the client terminal apparatus 604 (environment, platform) without first obtaining a decryption key and decrypting the source encrypted program and/or the source encrypted modules…) user having decryption key can decrypt the encrypted program for execution on the client terminal [Wingdings font/0xE0] the client terminal == trusted environment/platform.  A client terminal without decryption key == untrusted environment/platform because it cannot decrypt the encrypted program; therefore, the program cannot perform critical or sensitive operations.

Claim 15
This limitation is already discussed in claim 2; therefore, it is rejected for the same reasons.

Claim 16
This limitation is already discussed in claim 3; therefore, it is rejected for the same reasons.

Claim 17
This limitation is already discussed in claim 4; therefore, it is rejected for the same reasons.

Claims 7 – 9 and 12 are rejected under 35 U.S.C. 103 as being unpatentable over Kasahara in view of EL-MOUSSA (Pub. No. US 2019/0347414 A1; hereinafter Moussa.)

Claim 7
Kasahara teaches a system to install and run an application for a terminal, said system comprising: 
an application store (Kasahara; Figs. 11 & 12, [0130 – 0131] …The third party server 602 (application store) may distribute the encrypted program and/or the encrypted modules to the client terminal apparatus 604 by way of an electronic download over the network 605…); and 
a terminal management server (TMS) (Kasahara; Figs. 11 & 13, [0132] … In order to execute the source encrypted computer program or to modify an existing program, however, the client terminal apparatus 604 must register the source encrypted (TMS) over the network 605); 
wherein said TMS, application store and terminal are coupled to each other via a network (Kasahara; Fig. 11, [0122] The system 610 preferably includes an administrative server 601, a third party server 602, an encryption server 603, and a plurality of client terminal apparatus 604, such as the processing arrangements 118, all coupled to a network 605…); 
wherein a vendor uploads an application to said application store (Kasahara; Figs. 11 & 12, [0130] … In this example, the third party server 602 is associated with a software developer (vendor) that either itself or in conjunction with another entity obtains programs and/or obtains software and/or data modules…), and said terminal downloads said application via said network (Kasahara; Figs. 11 & 14, [0133] …At step S20, the client terminal apparatus 604 receives the source encrypted computer program or the source encrypted modules…; [0131] … The third party server 602 may distribute the encrypted program and/or the encrypted modules to the client terminal apparatus 604 by way of an electronic download over the network 605…)
But, Kasahara does not explicitly teach said downloaded application is classified into one of a plurality of classes, each of said plurality of classes corresponding to an app class sandbox; and said classification performed based on level of authorization and type of application.
However, Moussa teaches said downloaded application is classified into one of a plurality of classes, each of said plurality of classes corresponding to an app class sandbox (Moussa; Fig. 7, [0045] …The JRE 754 includes a logical sandbox 756 for the execution of a java applet 766 received and/or referred to by the web page 752... The JRE 754 includes a security manager 758 for providing security facilities for the JRE 754. For example, the security manager 758 performs a permission check for actions requested by the applet 766 to determine if the actions are permitted (authorization) by a security policy 760 applicable for the applet 766 in the sandbox 756…In the exemplary arrangement of FIG. 7 the applet 766 includes malicious code (type of application) for elevating (classification) the security privileges (privilege levels, class of sandbox) of the applet in the sandbox 766 by calling a setSecurityManager method of the JRE 754 with a null argument…; [0031] … Accordingly, in some embodiments of the present disclosure the runtime environment 210 operates a mode of execution for the application 212 that restricts the application 212 from access to one or more resources, services, interfaces, facilities, subroutines, functions, classes, methods and/or the like in accordance with, for example, a security policy such as by executing the application 212 in a sandbox environment.  Different security policy has different resource restriction); and said classification performed based on level of authorization and type of application (Moussa; Fig. 7, [0045] …The JRE 754 includes a logical sandbox 756 for the execution of a java applet 766 received and/or referred to by the web page 752... The JRE 754 includes a security manager 758 for providing security facilities for the JRE 754. For example, the security manager 758 performs a permission check for actions requested by the applet 766 to determine if the actions are permitted (authorization) by a security policy 760 applicable for the applet 766 in the sandbox 756…In the exemplary arrangement of FIG. 7 the applet 766 (type of application) for elevating (classification) the security privileges (privilege levels, class of sandbox) of the applet in the sandbox 766 by calling a setSecurityManager method of the JRE 754 with a null argument…)
Kasahara and Moussa are in the same analogous art as they are in the same field of endeavor, managing applications.  Therefore, it would have been obvious to one with ordinary skill, in the art before the effective filing date of the claimed invention, to incorporate Moussa teachings into Kasahara invention to assign privilege level to application executing in sandbox based on security policy as suggested by Moussa ([0024].)

Claim 8
Moussa teaches classification is based on at least one of: 
an attribute field within said application; 

(attribute) to change the security manager to a new security manager identified by a NULL argument…) Motivation for incorporating Moussa into Kasahara is the same as motivation in claim 7.

Claim 9
Kasahara also teaches at least one of said plurality of classes contains applications which are not related to payments (Kasahara; [0191] … Preferably, the program content is a video game computer program. With reference to FIG. 38, the computer software running on the client terminal apparatus 604,705 preferably permits the user to indicate that he or she wishes to rent a computer program…)

Claim 12
Moussa teaches said classification is performed after said downloading (Moussa; Fig. 7, [0045] …The JRE 754 includes a logical sandbox 756 for the execution of a java applet 766 received and/or referred to by the web page 752... The JRE 754 includes a security manager 758 for providing security facilities for the JRE 754. For example, the security manager 758 performs a permission check for actions requested by the applet 766 to determine if the actions are permitted (authorization) by a security policy 760 applicable for the applet 766 in the sandbox 756…In the exemplary arrangement of FIG. 7 the applet 766 includes malicious code (type of application) for elevating (classification) the security privileges (privilege levels, class of sandbox) of the applet in the sandbox 766 by calling a setSecurityManager method of the JRE 754 with a null argument…) Motivation for incorporating Moussa into Kasahara is the same as motivation in claim 7.

Claim 10 is rejected under 35 U.S.C. 103 as being unpatentable over Kasahara and Moussa, as applied to claim 7 above, and further in view of YAO et al. (Pub. No. US 2017/0076099 A1; hereinafter Yao.)

Claim 10
Kasahara teaches a first of said plurality of classes contains applications which are unauthorized and are not related to payments (Kasahara; [0121] FIG. 11 shows an example of a system 610 that is operable to permit the processing arrangement 118 to download program content, such as the software programs and/or the software program and/or data modules described above, in a secure manner, e.g., such that unauthorized copies are either prevented or rendered useless…; [0118] In accordance with an alternative example of further aspects of the invention, some or all of the distributed system 500 (FIG. 6) may be used to execute a game title (software application)…), [.
Kasahara and Moussa do not explicitly teach a first class is associated with an app class sandbox having restrictions on a user entering one or more pieces of sensitive information.
However, Yao teaches a first class is associated with an app class sandbox having restrictions on a user entering one or more pieces of sensitive information (Yao; [0057] … Any operation of an application program, for example, deleting & modifying a file, installing & testing various application programs (including rogue application programs, virus application programs), is wrapped by the isolation sandbox, 
Kasahara, Moussa, and Yao are in the same analogous art as they are in the same field of endeavor, managing applications.  Therefore, it would have been obvious to one with ordinary skill, in the art before the effective filing date of the claimed invention, to incorporate Yao teachings into Kasahara/Moussa invention to allow sandbox to restrict application user privacy information as suggested by Yao ([0057].)

Claim 11 is rejected under 35 U.S.C. 103 as being unpatentable over Kasahara, Moussa, and Yao, as applied to claim 10 above, and further in view of MENET et al. (Pub. No. US 2016/0048706 A1; hereinafter Menet.)

Claim 11
Kasahara, Moussa, and Yao do not explicitly teach one or more warning techniques are associated with said first class; wherein said one or more warning techniques operating independently of said applications contained within said first class; and wherein said one or more warning techniques are used to warn the user not to enter said one or more pieces of sensitive information.
However, Menet teaches 
one or more warning techniques are associated with said first class (Menet; [0019] Besides, the display of the indicator, also called a visual warning, is always controlled by a secured processor which determines whether the mode of operation is ; 
wherein said one or more warning techniques operating independently of said applications contained within said first class (Menet; [0019] Besides, the display of the indicator, also called a visual warning, is always controlled by a secured processor which determines whether the mode of operation is secured or open. In this way, the display of the indicator as well as the modifications of the display cannot be corrupted or prevented by a malicious application. [0025] In addition, the display of the indicator can be modified gradually. For example, when the terminal is in open mode and when the user makes a first entry on the keyboard, a first modification of the indicator display can be made to warn the user about the risk of entering sensitive data in open mode. Then, if the user makes a second entry, then a second modification of the indicator display can be made to make the indicator even more visible and so on and so forth…); and 
wherein said one or more warning techniques are used to warn the user not to enter said one or more pieces of sensitive information (Menet; [0019] Besides, the display of the indicator, also called a visual warning, is always controlled 
Kasahara, Moussa, Yao, and Menet are in the same analogous art as they are in the same field of endeavor, managing applications.  Therefore, it would have been obvious to one with ordinary skill, in the art before the effective filing date of the claimed invention, to incorporate Menet teachings into Kasahara/Moussa/Yao invention to display warning to warn user about risk of entering sensitive data as suggested by Menet ([0025].)

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to CUONG V LUU whose telephone number is (571)270-1733. The examiner can normally be reached 7:00 AM - 4:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an 
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Hyung S. Sough can be reached on (571) 272-6799. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/CUONG V LUU/Examiner, Art Unit 2192                                                                                                                                                                                                      
/S. SOUGH/
Supervisory Patent Examiner, Art Unit 2192