DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

This office action is a response to an application filed 06/19/2020 wherein claims 1 – 9 are pending and ready for examination.  

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 09/21/2020 is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.
Claim Objections
Claim 6 is objected to because of the following informalities:  Claim 6 appears to include an incomplete limitation and does not end with a period.  Appropriate correction is required.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claim 7 recites the limitation "signal security signal" in The computing system of claim 6, wherein the signal security signal indicates an attempted code injection attack directed toward to the computing system.  There is insufficient antecedent basis for this limitation in the claim.



Claim Rejections - 35 USC § 103
The following is a quotation of pre-AIA  35 U.S.C. 103(a) which forms the basis for all obviousness rejections set forth in this Office action:



Claims 1-6 and 8-9 are rejected under pre-AIA  35 U.S.C. 103(a) as being unpatentable over Levin; Samuel et al, US 20190121997 A1, hereafter referred to as Levin in view of OH; Sungbo US 20190377480 A1, hereafter referred to as OH.

           As to claim 1, Levin teaches a computing system - Levin [0010] FIG. 1 depicts a block diagram of an embodiment of a resource access-facilitating interaction system.  Here, the claimed ‘computing system’ is taught by Levin as ‘resource access-facilitating interaction system’), comprising:
           a processor configured to process machine code instructions specified according to at least two machine code instruction formats, the processor including configuration management circuitry configured to control a machine code configuration of the processor; and a memory coupled to the processor – Levin [0038] … access management system 185 communicates with one or more intermediate systems 150, each of which may be controlled by a different entity as compared to an entity controlling access management system 185 access management system 185 may assign access rights to intermediate systems 150 (e.g., upon acceptance of terms). Intermediate system 150 can then collect data pertaining to the assigned access rights and/or a corresponding event, can format and/or edit the data, generate a notification of availability of the access rights that includes the formatted and/or edited data and facilitate presentation of the notification at a mobile device 110.  Here, the claimed ‘processor’ and ‘configuration management circuity’ is taught by Levin as ‘access management system 185’.  The claimed ‘machine code instruction formats’ is taught by Levin as ‘assigned access rights’ since the machine code represents access rights having different memory coupled’ is taught by Levin as ‘intermediate system 150’ because system 150 collects data is coupled to access management system 185 as depicted in Figure 1);
        wherein the configuration management circuitry is configured to cause the processor to: 
                  accept, at a first time, instructions specified according to a first machine code instruction format and reject instructions specified according to a second machine code instruction format;
                   accept, at a second time, instructions specified according to the second machine code instruction format and reject instructions specified according to the first machine code instruction format - Levin [0129]  The analysis can include, for example, determining whether all or part of the access-enabling code matches one stored in access-enabling code data store 430 or part thereof, whether the access-enabling code has previously been applied, whether all or part of the access-enabling code is consistent with itself or other information (e.g., one or more particular resource specifications, a current time and/or a detected location) as determined based on a consistency analysis and/or whether all or part of the access-enabling code has an acceptable format. Here, the claimed ‘first time and second time’ is taught by Levin as ‘current time’ because each instance represents a query/request denoted by time.  The claimed ‘machine code instruction format’ is taught by Levin as ‘access-enabling code’ which represent access rights to the resource.  The claimed ‘reject instructions’ is taught by Levin as ‘consistent with…specifications’ because if the code must be in an acceptable format); and wherein the computing system is configured to:    
            receive first machine code specifying first program code according to the first machine code instruction format – Levin [0185] At block 1005, the access management system may receive a first communication from a first user device associated with a first user. In some embodiments, the first communication can be a message transmitted from the first user device to the access management system. For example, the message may include data representing a request to retrieve access data associated with the first user. The access data may correspond to one or more access rights.  Here, the claimed ‘first time and second time’ is taught by Levin as ‘current time’ because each instance represents a query/request denoted by time.  The claimed ‘first machine code’ is taught by Levin as ‘access data’ as per Levin 0129 and 0200 teaches the access data can be machine code);
            generate second machine code specifying the first program code according to the second machine code instruction format and store the second machine code in the memory – Levin [0199] At block 1055, the access management system can transform the first access code corresponding to the access right into a second access code….transforming the first access code into the second access code facilitates completion of the transfer of the access right from the first user device to the second user device);
            determine, in response to a first request to execute the first machine code, that the first machine code corresponds to a set of processor operations equivalent to the second machine code – Levin [0199] … After transformation of the first access code into the second access code, the access right may correspond to the second access code and not the first access code); and execute the first machine code – Levin [0199] … after transformation of the first access code into the second access code, the access right can facilitate entry to the spatial area for the second user, and not for the first user.  Here, the claimed ‘equivalent’ is taught by Levin as ‘transformation’. LEVIN SUGGESTS determine, in response to a first request to execute the first machine code, that the first machine code corresponds to a set of processor operations equivalent to the second machine code, HOWEVER IN AN ART WITH THE SAME PARTICULAR PROBLEM TO BE SOLVED OH TEACHES determine, in response to a first request to execute the first machine code, that the first machine code corresponds to a set of processor operations equivalent to the second machine code  - OH [0038] execute a second OS configured to perform second operations, the second OS configured to provide higher security than the first OS; only read the first code from the first storage at a first time and store the read first code in the secured area of the second storage as second code during the execution of the second OS; read the first code from the first storage at a second time; compare the first code read at the second time with the second code retrieved from the secured area of the second storage; and stop operation of the electronic device based on a determination that the first code read at the second time does not match the second code. Thus, it would have been recognized by one of ordinary skill in the art before the effective filing date of the claimed invention that applying the known technique taught by OH to the Access Management System of Levine would have yielded predicable results and resulted in an improved access management system, namely, an access system that would positively  benefit from pattern matching technique provided by OH).
 
             As to claim 2, the combination of Levin and OH teaches the computing system of claim 1, wherein the computing system is further configured to: determine, in response to a second request to execute the first machine code, that the first machine code does not correspond to a set of processor operations equivalent to the second machine code; and prevent execution of the first machine code – Levin [0202] ….  access management system can compare the device identifier of the third user device with the portion of the second access code that represents the device identifier of the second user device to determine whether a match exists. If no match exits, entry to the spatial area for a third user operating the third user device can be prevented).

            As to claim 3, the combination of Levin and OH teaches the computing system of claim 2, wherein the configuration circuitry is further configured to: receive a signal indicating that the first machine code does not specify a set of processor operations equivalent to the second machine code – Levin [0029]  unauthorized transfer of the second access code (e.g., to an unauthorized third electronic device) can be prevented and security of data transfers can be enhanced by comparing the device identifier included in the second access code with a device identifier of the device being used to display the second access code to determine whether a match exists. If a match does exist, the access management system can facilitate access to resources associated with one or more access rights); and
         reconfigure the processor, in response to receiving that signal, to reject instructions specified according to the first machine code instruction format and accept instructions specified according to the second machine code instruction format - Levin [0076] The database engine can include a digital asset management (DAM) engine to receive, transform (e.g., annotate, reformat, introduce a schema, etc.) status-update communications, and identify other data (e.g., an identifier of an assigning system and/or a time at which a communication was received) to associate with a status update (e.g., an assignment).  Here, the claimed ‘reconfigure’ is taught by Levin as ‘transform’ whereas the claimed ‘reject/accept’ is taught by Levin as ‘reformat’ because reformatting or changing protocols allows the second machine code to be read).

            As to claim 4, the combination of Levin and OH teaches the computing system of claim 2 wherein the computing system is further configured to: identify a foreign instruction in the first machine code having no equivalent instructions in the second machine code - Levin [0035] …  mobile device 110 may locally retrieve or request (e.g., from an external source) … matches one in an access-enabling code data store and/or has not been previously redeemed. A result of the evaluation can be locally displayed at an evaluating device, can control a device component (e.g., a physical access control module), and/or can be transmitted to another device, such as mobile device 110.  Here, the claimed ‘foreign instruction’ is taught cease execution of the first machine code at a first location before execution of the foreign instruction; and begin execution of the second machine code at a location in the second machine code equivalent to the first location - Levin [0039] A resource can include one managed or provided by a client, such as a performing entity or an entity operating a venue. A mobile device 110 can transmit data corresponding to the access right (e.g., an access-enabling code) to a client device upon, for example, detecting the client device, detecting that a location of the mobile device 110 is within a prescribed geographical region, or detecting particular input. The receiving client device may include, for example, a client agent device 170 operated at an entrance of a defined geographical location or a client register 160 that includes or is attached to a locking turnstile).

              As to claim 5, the combination of Levin and OH teaches the computing system of claim 3, wherein the configuration circuitry is further configured to: generate third machine code specifying first program code according to the first machine code instruction format by translating the second machine code according to the first machine code instruction format - Levin [0076] The database engine can include a digital asset management (DAM) engine to receive, transform (e.g., annotate, reformat, introduce a schema, etc.) status-update communications, and identify other data). Here, claimed ‘translating’ is taught by Levin as ‘transform/reformat’), and storing the third machine code in the memory in place of the first machine code - Levin [0076] … Therefore, the DAM engine can be configured to prepare storage-update tasks so as to cause a maintained data store to reflect a recent data change. Here, the claimed ‘storing’ is taught by Levin as ‘maintained data store’ whereas the claimed ‘reject/accept’ is taught by Levin as ‘reformat’ because reformatting or changing protocols allows the second machine code to be read).


             As to claim 6, the combination of Levin and OH teaches the computing system of claim 1, wherein: when the processor is configured to accept instructions specified according to the first machine code instruction format – Levin [0038] access management system 185 may assign access rights to intermediate systems 150 (e.g., upon acceptance of terms). Intermediate system 150 can then collect data pertaining to the assigned access rights and/or a corresponding event, can format and/or edit the data, generate a notification of availability of the access rights that includes the formatted and/or edited data and facilitate presentation of the notification at a mobile device 110), the configuration circuitry is configured to:
        reconfigure the processor, in response to receiving a security signal, to reject instructions specified according to the first machine code instruction format and accept instructions specified according to the second machine code instruction format; and when the processor is configured to accept instructions specified according to the second machine code instruction format - Levin [0076] The database engine can include a digital asset management (DAM) engine to receive, transform (e.g., annotate, reformat, introduce a schema, etc.) status-update communications, and identify other data (e.g., an identifier of an assigning system and/or a time at which a communication was received) to associate with a status update (e.g., an assignment).  Here, the claimed ‘security signal’ is taught by Levin as ‘status-update communications’.  The claimed ‘reconfigure’ is taught by Levin as ‘transform’ whereas the claimed ‘reject/accept’ is taught by Levin as ‘reformat’ because reformatting or changing protocols allows the second machine code to be read), the configuration circuitry is configured to:
          reconfigure the processor, in response to receiving the security signal, to reject instructions specified according to the second machine code instruction format and accept instructions specified according to the first machine code instruction format - Levin [0076] The database engine can include a digital asset management (DAM) engine to receive, transform (e.g., annotate, reformat, introduce a schema, etc.) status-update communications, and identify other data (e.g., an identifier of an assigning system and/or a time at which a communication was received) to associate with a status update (e.g., an assignment); and

            As to claim 8, the combination of Levin and OH teaches the computing system of claim 6, wherein system is configured to repeatedly generate the security signal at either of a random interval and a predetermined interval – Levin [0122] … request management engine 512 can itself select from amongst matching access rights based on a defined criterion (e.g., best summed or averaged access-right ranking, pseudo-random selection, or a selection technique identified based on user input).

             As to claim 9, the combination of Levin and OH teaches the computing system of claim 1 wherein the computing system is further configured to: generate the second machine code while executing the first machine code. determine, in response to a first request to execute the first machine code, that the first machine code specifies an identical set of processor operations as the second machine code – Levin [0081] A data duplicator can be configured to read stored data and generate one or more write commands so as to store the data at a different data store. A controller can manage transmitting write commands appropriately so as to facilitate storing replicated data at identified data stores. Further, a controller can manage data stores, such as a distributed memory or distributed shared memory, to ensure that a currently active set of data stores includes a target number of replications of data.; and execute the first machine code).

Claim 7 is rejected under pre-AIA  35 U.S.C. 103(a) as being unpatentable over Levin and OH, in view of Gupta; Lokesh M., US 20190318091 A1, hereafter referred to as Gupta.

                 As to claim 7, the combination of Levin and OH teaches the computing system of claim 6.  THE COMBINATION OF LEVIN AND OH DO NOT TEACH wherein the signal security signal indicates an attempted code injection attack directed toward to the computing system HOWEVER IN AN ART DIRECTED TO THE SAME PARTICULAR PROBLEM GUPTA TEACHES wherein the signal security signal indicates an attempted code injection attack directed toward to the computing system – Gupta  [0042] The memory 104 includes trap code 124 that is injected into the path of speculative execution of the application code 112. The trap code 124 is intended to allocate trap addresses or trap data 128 that would not be accessed by the application program 114, and would likely be accessed by a malicious program seeking to access data to steal, such as in a side-channel attack, or accessed as a result of a bug in a legitimate program.  To provide the access management system of  Levin an ability to protect against side channel attacks would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention, in view of the teachings of Gupta, since all the claimed elements were known in the prior art and one skilled in the art could have combined the elements as claimed by known methods (cache to trap data) with no change in their respective functions, and the combination would have yielded nothing more than predictable results to one of ordinary skill in the art before the effective filing date of the claimed invention, i.e., one skilled in the art would have recognized that the trap data cache used in Gupta would allow the access management system of Levin the benefit of trapping fault injections such as side channel attacks provided by Gupta).  

Claims 10-20 (Withdrawn)
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to WILLIAM B. JONES whose telephone number is (571) 272-9637.  The examiner can normally 
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/WILLIAM B JONES/Examiner, Art Unit 2491                                                                                                                                                                                                        03/22/2022

 /ALEXANDER LAGOR/ Primary Examiner, Art Unit 2491