DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
1.	Claims 1-11 are pending.

Continued Examination Under 37 CFR 1.114
2.	A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 2/15/22 has been entered.
 
Allowable Subject Matter
3.	Claim 9 is objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
	Claims 1-8 and 10-11 would be in condition for allowance upon incorporating the features of claim 9. The current claimed invention as set forth in independent claims 1, 10 and 11 in combination with allowable features of claim 9, include a third processing application and an Operating System (OS), wherein the third processing application includes a command capturing module configured to capture execution of the command by the OS, and a log recording module configured to record, as the execution log, the execution captured by the command capturing module, the OS includes a command execution module configured to execute the command, an addition module configured to add the code to the execution log, and an access protection module configured to protect access to at least one among the command capturing module, the log recording module, and the addition module, and the second processing application further includes a record acquisition module configured to acquire the execution log from the log recording module, and a second communication module configured to, upon receiving the command execution request from the first communication module, transmit the execution log acquired by the record acquisition module to the first communication module.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
4.	Claims 1-8 and 10-11 is/are rejected under 35 U.S.C. 103 as being unpatentable over Titonis [US 20130097706] in view of Grunenberger [US 20150189000].
As per claim 1:	Titonis, et al. teach an information processing apparatus comprising: 
a memory on which a first processing application and a second processing application are stored [Titonis: para 0026, 0432], the first processing application being a secure application executed in a secure environment ensuring tamper resistance; and [Titonis: para 0024-0025; The present system provides an automated means of performing vulnerability testing throughout the application development lifecycle by offering a comprehensive and timesaving solution for application developers, build managers, quality assurance (QA) teams, penetration testers, and security auditors. Thus, Titonis discloses secure application executed in a secure environment. Titonis further discusses applications are “executed in a secure environment ensuring tamper resistance” by being able to detect and eliminate malware on their network before it spreads such that subscribers are secure by eliminating bandwidth-consuming malware from their network. Mobile carriers have comprehensive situational awareness and a corresponding archive of malware detected including point of origin and time-based distribution channel. As such, mobile security situational awareness for the enterprise is achieved and provides end-point security and enforce compliance with security policies by ensuring that only compliant devices with non-malicious applications can gain access. By implementing an application-level policy, threats can be identified and removed on employee mobile devices as soon as they appear before they reach the enterprise (see para 0030). More examples of secure execution and environments, para 0098, 0142, 0150]
a processor that is coupled to the memory and executes the first and second processing applications, [Titonis: para 0221]
wherein the first processing application includes an issuance module configured to issue a command to call a function of the second processing application [Titonis: para 0017-0018; call a function can be given the broadest reasonable interpretation (BRI) as application level library call or API call. Basic software functions include, but are not limited to, public final methods, base API calls, direct method invocations, string constants and interface API invocations for HTTP, SMS, URL, network, GPS and telephony. See also 0151, 0260; example of first and second processing application includes first stage application binary executed and second stage application binary installed and launched and list of applications. Additional examples of multiple applications executed where a (first) application execution in a secure environment ensuring tamper resistance and employ or call upon a second application per se (para 0106, 0310-0311)] and link the command to a verification rule, [Titonis: para 0148; per BRI, verification rule can also be rule to validate or a comparison process to match data per se. Other examples, para 0200, 0230, 0425-0426]
a first communication module configured to 
transmit, to the second processing application [Titonis: para 0102-0103; example of application-level firewall retrieve and checks on the App and applications’ metadata submitted to the Cloud Service. The App or applications may be referring to the first application that communicates with another (second) application such as the Cloud Server or Application-level Firewall. See also para 0151; first and second processing application includes first stage application binary executed and second stage application binary installed and launched], a command execution request including command identification information that identifies the command, and [Titonis: para 0226; command identification information can broadly be signatures or data related to commands per se]
receive, from the second processing application, an execution log including an execution result of the command identified by the command identification information, and [Titonis: para 0110; Execution logs are stored by the Dispatcher into the Database and retrieved by the Analysis Suite for post-mortem analysis. See also 0155; Dispatcher needs only the knowledge of said mapping (i.e. Unique Request Identifier to an available Sandbox), in order to retrieve all associated Sandbox Request data from the network-shared Database. After completion of a Sandbox Request, a Dispatcher needs only to store all execution logs extracted during the simulation of the Sandbox Request into the network-shared Database]
a log verification module configured to verify correctness of the execution log received by the first communication module in accordance with the verification rule, and [Titonis: para 0165; it stores the behavioral and static Log Files obtained from the execution of the Sandbox Request into the Logs Table in the Database. Additionally, it computes and stores a metric related to the quality or validity of these Log Files so as to assess the fitness of use associated with the execution of the Sandbox Request]
wherein the information processing apparatus performs information processing by employing the function by the first processing application and the function by the second processing application.
Titonis discusses the Sandbox API can allow the Cloud Service to interact with a highly instrumented entity that emulates a Mobile Device of the specified type and operating system such as arrays of software simulators, "rooted and/or jailbroken" hardware devices, or combination of such. Rooting is a privilege escalation technique and/or process allowing users of mobile devices running the Guest operating system to attain privileged control (known as "root access") within Android's subsystem allowing applications within the rooted device, resulting in the ability to alter or replace system applications and settings, run specialized application binaries that require administrator-level permissions, or perform other operations [Titonis: para 0136]. Accordingly, there includes multiple applications can be the first processing application and second processing application suggest performing information processing by employing the function. However, Titonis did not clearly “wherein the information processing apparatus performs information processing by employing the function by the first processing application and the function by the second processing application”.
Grunenberger teach the invention for distributed application execution where the system aims to automatically analyze and split application into application blocks. Each application can be analyzed in separated way and the results of the analysis might be shared with all the parties participating to the application execution optimization scheme. This way, the overhead during the execution is reduced and the resources are spread and shared [Grunenberger: Abstract]. Grunenberger further discloses according to the set of rules, a certain application block assigned to the first group includes a call to a function which belongs to another application block of the second group, when executing the certain application block, the second network-based processor intercept the function call and to send the function call to the mobile device through the communications link for execution, when according to the set of rules, the result of the execution of one of the application blocks of the first group is needed as an input for the execution of an application block of the second group. Further, according to the set of rules, a certain application block assigned to the second group includes a call to a function which belongs to another application block of the first group, when executing the certain application block in the mobile device, the mobile device processor intercepts function call and to send the function call to the communications network [Grunenberger: para 0034-0037]. As such Grunenberger’s invention of function to the application of first group and function to another application of a second group obviously suggest “performs information processing by employing the function by the first processing application and the function by the second processing application”, where motivation would reduce the overhead during the execution and the resources are spread and shared.
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine Grunenberger with Titonis to teach “wherein the information processing apparatus performs information processing by employing the function by the first processing application and the function by the second processing application” for the reason the overhead during the execution is reduced and the resources are spread and shared.Claim 2:  Titonis: para 0017, 0213; discussing the apparatus according to claim 1, wherein the execution log further includes a code generated from the execution log, and the first processing application further includes an integrity verification module configured to verify the code by using a key for detecting tampering.Claim 3:  Titonis: para 0110, 0155; discussing the apparatus according to claim 2, further comprising an Operating System (OS) that includes a command execution module configured to execute the command, a log recording module configured to record the execution log, and an addition module configured to add the code to the execution log, wherein the second processing application further includes a record acquisition module configured to acquire the execution log from the log recording module, and a second communication module configured to, upon receiving the command execution request from the first communication module, transmit the execution log acquired by the record acquisition module to the first communication module. [Titonis: para 0124, 0147]Claim 4:  Titonis: para 0139; discussing the apparatus according to claim 3, wherein the addition module adds the code to the execution log by using a secret key, and the integrity verification module verifies the code by using a public key corresponding to the secret key.Claim 5:  Titonis: para 0138-0139; discussing the apparatus according to claim 3, wherein the OS further includes a first exchange module configured to exchange a common key with an authentication destination after authentication by public-key cryptography, the first processing application further includes a second exchange module configured to exchange the common key with the first exchange module after authenticating the first exchange module by the public-key cryptography, the addition module adds the code to the execution log by using the common key, and the integrity verification module verifies the code by using the common key.Claim 6:  Titonis: para 0017-0018, 0155; discussing the apparatus according to claim 3, wherein the second processing application further includes a library module configured to break the command down to one or more system calls and execute each of the system calls on the command execution module; and a recording control module configured to control the log recording module to record an execution log from start to end of the execution of the one or more system calls.Claim 7:  Titonis: para 0138, 0155; discussing the apparatus according to claim 1, wherein the execution log includes at least one among a name of the command, a number of the command, an address of the command, and log identification information that identifies the execution log.Claim 8:  Titonis: para 0028, 0110; discussing the apparatus according to claim 7, wherein the execution log further includes information indicating a recording start time of the execution log and information indicating a recording end time of the execution log, and, when a difference between the recording stall time and a time of the issuance of the command is less than a first threshold and a difference between the recording end time and the current time is less than a second threshold, the log verification module judges that the execution log is correct.Claim 9:  Objected As per claim 10:	Titonis, et al. teach an information processing method implemented by a computer provided with a first processing application and a second processing application, the method comprising: 
issuing, by the first processing application, being a secure application executed in a secure environment ensuring tamper resistance [Titonis: para 0024-0025; The present system provides an automated means of performing vulnerability testing throughout the application development lifecycle by offering a comprehensive and timesaving solution for application developers, build managers, quality assurance (QA) teams, penetration testers, and security auditors. Thus, Titonis discloses secure application executed in a secure environment. Titonis further discusses applications are “executed in a secure environment ensuring tamper resistance” by being able to detect and eliminate malware on their network before it spreads such that subscribers are secure by eliminating bandwidth-consuming malware from their network. Mobile carriers have comprehensive situational awareness and a corresponding archive of malware detected including point of origin and time-based distribution channel. As such, mobile security situational awareness for the enterprise is achieved and provides end-point security and enforce compliance with security policies by ensuring that only compliant devices with non-malicious applications can gain access. By implementing an application-level policy, threats can be identified and removed on employee mobile devices as soon as they appear before they reach the enterprise (see para 0030). More examples of secure execution and environments, para 0098, 0142, 0150] a command to call a function of the second processing application; [Titonis: para 0017-0018; call a function can be given the broadest reasonable interpretation (BRI) as application level library call or API call. Basic software functions include, but are not limited to, public final methods, base API calls, direct method invocations, string constants and interface API invocations for HTTP, SMS, URL, network, GPS and telephony. See also 0151, 0260; example of first and second processing application includes first stage application binary executed and second stage application binary installed and launched and list of applications. Additional examples of multiple applications executed where a (first) application execution in a secure environment ensuring tamper resistance and employ or call upon a second application per se (para 0106, 0310-0311)]
linking, by the first processing application, the command to a verification rule; [Titonis: para 0148; per BRI, verification rule can also be rule to validate or a comparison process to match data per se. Other examples, para 0200, 0230, 0425-0426] 
transmitting, to the second processing application by the first processing application [Titonis: 0102-0103; example of application-level firewall retrieve and checks on the App and applications’ metadata submitted to the Cloud Service. The App or applications may be referring to the first application that communicates with another (second) application such as the Cloud Server or Application-level Firewall. See also para 0151; first and second processing application includes first stage application binary executed and second stage application binary installed and launched], a command execution request including command identification information that identifies the command; [Titonis: para 0226; command identification information can broadly be signatures or data related to commands per se.]
receiving, from the second processing application by the first processing application, an execution log including an execution result of the command identified by the command identification information; and [Titonis: para 0110; Execution logs are stored by the Dispatcher into the Database and retrieved by the Analysis Suite for post-mortem analysis. See also 0155; Dispatcher needs only the knowledge of said mapping (i.e. Unique Request Identifier to an available Sandbox), in order to retrieve all associated Sandbox Request data from the network-shared Database. After completion of a Sandbox Request, a Dispatcher needs only to store all execution logs extracted during the simulation of the Sandbox Request into the network-shared Database]
verifying, by the first processing application, correctness of the received execution log in accordance with the verification rule, wherein [Titonis: para 0165; it stores the behavioral and static Log Files obtained from the execution of the Sandbox Request into the Logs Table in the Database. Additionally, it computes and stores a metric related to the quality or validity of these Log Files so as to assess the fitness of use associated with the execution of the Sandbox Request] 
the method includes performing information processing by employing the function by the first processing application and the function by the second processing application.
Titonis discusses the Sandbox API can allow the Cloud Service to interact with a highly instrumented entity that emulates a Mobile Device of the specified type and operating system such as arrays of software simulators, "rooted and/or jailbroken" hardware devices, or combination of such. Rooting is a privilege escalation technique and/or process allowing users of mobile devices running the Guest operating system to attain privileged control (known as "root access") within Android's subsystem allowing applications within the rooted device, resulting in the ability to alter or replace system applications and settings, run specialized application binaries that require administrator-level permissions, or perform other operations [Titonis: para 0136]. Accordingly, there includes multiple applications can be the first processing application and second processing application suggest performing information processing by employing the function. However, Titonis did not clearly “performing information processing by employing the function by the first processing application and the function by the second processing application”.
Grunenberger teach the invention for distributed application execution where the system aims to automatically analyze and split application into application blocks. Each application can be analyzed in separated way and the results of the analysis might be shared with all the parties participating to the application execution optimization scheme. This way, the overhead during the execution is reduced and the resources are spread and shared [Grunenberger: Abstract]. Grunenberger further discloses according to the set of rules, a certain application block assigned to the first group includes a call to a function which belongs to another application block of the second group, when executing the certain application block, the second network-based processor intercept the function call and to send the function call to the mobile device through the communications link for execution, when according to the set of rules, the result of the execution of one of the application blocks of the first group is needed as an input for the execution of an application block of the second group. Further, according to the set of rules, a certain application block assigned to the second group includes a call to a function which belongs to another application block of the first group, when executing the certain application block in the mobile device, the mobile device processor intercepts function call and to send the function call to the communications network [Grunenberger: para 0034-0037]. As such Grunenberger’s invention of function to the application of first group and function to another application of a second group obviously suggest “performing information processing by employing the function by the first processing application and the function by the second processing application”, where motivation would reduce the overhead during the execution and the resources are spread and shared.
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine Grunenberger with Titonis to teach “performing information processing by employing the function by the first processing application and the function by the second processing application” for the reason the overhead during the execution is reduced and the resources are spread and shared.As per claim 11:	Titonis, et al. teach an computer program product comprising a non-transitory computer-readable recording medium, on which an executable program is recorded, the program instructing a computer provided with a first processing application to perform:
issuing, by the first processing application being a secure application executed in a secure environment ensuring tamper resistance [Titonis: para 0024-0025; The present system provides an automated means of performing vulnerability testing throughout the application development lifecycle by offering a comprehensive and timesaving solution for application developers, build managers, quality assurance (QA) teams, penetration testers, and security auditors. Thus, Titonis discloses secure application executed in a secure environment. Titonis further discusses applications are “executed in a secure environment ensuring tamper resistance” by being able to detect and eliminate malware on their network before it spreads such that subscribers are secure by eliminating bandwidth-consuming malware from their network. Mobile carriers have comprehensive situational awareness and a corresponding archive of malware detected including point of origin and time-based distribution channel. As such, mobile security situational awareness for the enterprise is achieved and provides end-point security and enforce compliance with security policies by ensuring that only compliant devices with non-malicious applications can gain access. By implementing an application-level policy, threats can be identified and removed on employee mobile devices as soon as they appear before they reach the enterprise (see para 0030). More examples of secure execution and environments, para 0098, 0142, 0150], a command to call a function by the second processing application;  [Titonis: para 0017-0018; call a function can be given the broadest reasonable interpretation (BRI) as application level library call or API call. Basic software functions include, but are not limited to, public final methods, base API calls, direct method invocations, string constants and interface API invocations for HTTP, SMS, URL, network, GPS and telephony. See also 0151, 0260; example of first and second processing application includes first stage application binary executed and second stage application binary installed and launched and list of applications. Additional examples of multiple applications executed where a (first) application execution in a secure environment ensuring tamper resistance and employ or call upon a second application per se (para 0106, 0310-0311)] 
linking, by the first processing application, the command to a verification rule; [Titonis: para 0148; per BRI, verification rule can also be rule to validate or a comparison process to match data per se. Other examples, para 0200, 0230, 0425-0426] 
transmitting, to the second processing application by the first processing application to the external processing application [Titonis: para 0102-0103; example of application-level firewall retrieve and checks on the App and applications’ metadata submitted to the Cloud Service. The App or applications may be referring to the first application that communicates with another (second) application such as the Cloud Server or Application-level Firewall. See also para 0151; first and second processing application includes first stage application binary executed and second stage application binary installed and launched], a command execution request including command identification information that identifies the command; [Titonis: para 0151, 0226; command identification information can broadly be signatures or data related to commands per se]
receiving, from the second processing application by the first processing application, an execution log including an execution result of the command identified by the command identification information; and  [Titonis: para 0110; Execution logs are stored by the Dispatcher into the Database and retrieved by the Analysis Suite for post-mortem analysis. See also para 0155; Dispatcher needs only the knowledge of said mapping (i.e. Unique Request Identifier to an available Sandbox), in order to retrieve all associated Sandbox Request data from the network-shared Database. After completion of a Sandbox Request, a Dispatcher needs only to store all execution logs extracted during the simulation of the Sandbox Request into the network-shared Database]
verifying, by the first processing, correctness of the received execution log in accordance with the verification rule, wherein [Titonis: para 0165; it stores the behavioral and static Log Files obtained from the execution of the Sandbox Request into the Logs Table in the Database. Additionally, it computes and stores a metric related to the quality or validity of these Log Files so as to assess the fitness of use associated with the execution of the Sandbox Request]
information processing is performed by employing the function by the first processing application and the function by the second processing application.
Titonis discusses the Sandbox API can allow the Cloud Service to interact with a highly instrumented entity that emulates a Mobile Device of the specified type and operating system such as arrays of software simulators, "rooted and/or jailbroken" hardware devices, or combination of such. Rooting is a privilege escalation technique and/or process allowing users of mobile devices running the Guest operating system to attain privileged control (known as "root access") within Android's subsystem allowing applications within the rooted device, resulting in the ability to alter or replace system applications and settings, run specialized application binaries that require administrator-level permissions, or perform other operations [Titonis: para 0136]. Accordingly, there includes multiple applications can be the first processing application and second processing application suggest performing information processing by employing the function. However, Titonis did not clearly “information processing is performed by employing the function by the first processing application and the function by the second processing application”.
Grunenberger teach the invention for distributed application execution where the system aims to automatically analyze and split application into application blocks. Each application can be analyzed in separated way and the results of the analysis might be shared with all the parties participating to the application execution optimization scheme. This way, the overhead during the execution is reduced and the resources are spread and shared [Grunenberger: Abstract]. Grunenberger further discloses according to the set of rules, a certain application block assigned to the first group includes a call to a function which belongs to another application block of the second group, when executing the certain application block, the second network-based processor intercept the function call and to send the function call to the mobile device through the communications link for execution, when according to the set of rules, the result of the execution of one of the application blocks of the first group is needed as an input for the execution of an application block of the second group. Further, according to the set of rules, a certain application block assigned to the second group includes a call to a function which belongs to another application block of the first group, when executing the certain application block in the mobile device, the mobile device processor intercepts function call and to send the function call to the communications network [Grunenberger: para 0034-0037]. As such Grunenberger’s invention of function to the application of first group and function to another application of a second group obviously suggest “information processing is performed by employing the function by the first processing application and the function by the second processing application”, where motivation would reduce the overhead during the execution and the resources are spread and shared.
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine Grunenberger with Titonis to teach “information processing is performed by employing the function by the first processing application and the function by the second processing application” for the reason the overhead during the execution is reduced and the resources are spread and shared.

Response to Arguments
5.	Applicant's arguments filed 2/15/22 have been fully considered but they are not persuasive.
	Claims 1-8 and 10-11 remains rejected under the Titonis and Grunenberger combination.
	In response to the argument related to the current amendment “a secure application executed in a secure environment ensuring tamper resistance”:
The present system provides an automated means of performing vulnerability testing throughout the application development lifecycle by offering a comprehensive and timesaving solution for application developers, build managers, quality assurance (QA) teams, penetration testers, and security auditors [Titonis: para 0024-0025]. Thus, Titonis discloses secure application executed in a secure environment. Titonis further discusses applications are “executed in a secure environment ensuring tamper resistance” by being able to detect and eliminate malware on their network before it spreads such that subscribers are secure by eliminating bandwidth-consuming malware from their network. Mobile carriers have comprehensive situational awareness and a corresponding archive of malware detected including point of origin and time-based distribution channel. As such, mobile security situational awareness for the enterprise is achieved and provides end-point security and enforce compliance with security policies by ensuring that only compliant devices with non-malicious applications can gain access. By implementing an application-level policy, threats can be identified and removed on employee mobile devices as soon as they appear before they reach the enterprise [Titonis: para 0030]. More examples of secure execution and environments, para 0098, 0142, 0150. Additional examples of multiple applications executed where a (first) application execution in a secure environment ensuring tamper resistance and employ or call upon a second application per se [Titonis: para 0106, 0310-0311]. According to the teaching of Titonis (discussed above), reads on the claim language of “a secure application executed in a secure environment ensuring tamper resistance” and also employ the function of the second application.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to LEYNNA TRUVAN whose telephone number is (571)272-3851. The examiner can normally be reached Monday-Friday 8:00AM-5:00PM, EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Joseph Hirl can be reached on 571-272-3685. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

LEYNNA TRUVAN
Examiner
Art Unit 2435



/L.TT/           Examiner, Art Unit 2435 

/JOSEPH P HIRL/           Supervisory Patent Examiner, Art Unit 2435