DETAILED ACTION
Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claims 1-16 have been submitted for examination and are pending further prosecution by the United States Patent & Trademark Office.

Claim Objections
Claim 12 is objected for missing a colon after the word "comprising" in line 1.
Appropriate correction is required.

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention.

Claims 1-4, 6-15 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by US 20160203320 A1 - hereinafter "Valceanu" cited in the IDS filed on 12/16/20.

With respect to claim 1, Valceanu teaches,
A method for processing information, the method comprising:
detecting, by a target User Equipment (UE) terminal, a starting instruction directed at a target application (APP), wherein the starting instruction is adapted to start the target APP on the UE terminal; - "FIG. 3 illustrates an exemplary software stack executing on client system 12 according to some embodiments of the present invention. In some embodiments, system 12 executes an operating system (OS) 40 and/or a set of software applications 42a-c." [0060]; Fig. 3. "In some embodiments, a security application 44 executes on OS 40...." [0061]; Fig. 3. "FIG. 11-A shows an exemplary sequence of steps performed by security application 44 executing on client system 12 (e.g., FIG. 3), according to some embodiments of the present invention. In a step 242, application 44 detects a target application 42 installed on client system 12. To detect that an application is installed, security application 44 may use static and/or dynamic methods....In some embodiments, dynamic methods include identifying target application 42 according to a behavior or an output of the respective application. Another exemplary dynamic method comprises determining a set of processes launched by the respective application, and matching a list of applications against a list of processes to identify candidate applications." [0090]; Fig. 11-A
sending, by the UE terminal, APP information of the target APP to a server according to the starting instruction; - "In a step 242, application 44 detects a target application 42 installed on client system 12. To detect that an application is installed, security application 44 may use static and/or dynamic methods....In some embodiments, dynamic methods include identifying target application 42 according to a behavior or an output of the respective application. Another exemplary dynamic method comprises determining a set of processes launched by the respective application, and matching a list of applications against a list of processes to identify candidate applications." [0090]; Fig. 11-A. "In a step 244, security application 44 computes application indicator 46 (APP information) of target application 42 and transmits indicator 46 to security server 16." [0091]; Fig. 11-A
receiving, by the UE terminal, a transmission risk detection result returned by the server according to the APP information, - "In some embodiments, client system 12, for instance via security application 44, may send an application indicator 46 to security server 16. In response to receiving indicator 46, security server 16 may identify a target application according to indicator 46, and may selectively retrieve a risk indicator 50 indicative of a behavior performed by the respective target application from a behavior database 52. Security server 16 may further transmit risk indicator 50 to client system 12, thus concluding the risk-assessment transaction." [0062]; Fig. 4A. "In a step 246, security application 44 may receive risk indicator 50 from security server 16." [0091]; Fig. 11-A; wherein the transmission risk detection result indicates whether an operation that transmits data out of a secure region is performed while the target APP is running; and - "In some embodiments, the risk indicator comprises an indicator of a behavior of the target application, the behavior itself indicative of the respective security risk." [0093]. "In some embodiments, identifying risk-indicative behaviors of an application comprises determining whether the respective application performs a pre-determined set of risk-indicative behaviors. Said set of behaviors may be assembled, for instance by human operators, prior to server 16 performing risk assessment, and may include risk-indicative behaviors such as accessing a user's address book, sending sensitive items (e.g., a name, an address book entry, a username, a password, an indicator of a geographical position of the respective client system, a device identifier, etc.) to another party over network 18, and accessing a camera or a microphone of the respective client system, among others." [0031]
displaying, by the UE terminal, the transmission risk detection result on the UE terminal. - "Security application 44 may be further configured to display information about such risks and/or risk-indicative behaviors to a user of client system 12. For instance, application 44 may assemble a list of all applications 42a-c installed on client system 12, and for each such application, display a list of risk-indicative behaviors associated to the respective application." [0061] Next, in a step 248, security application 44 may display to the user an indicator of a behavior and/or an indicator of a risk associated with installation and/or execution of target application 42." [0091]; Fig. 11-A

With respect to claims 2 and 13, Valceanu teaches,
in response to receiving the starting instruction directed at the target APP for a first time after installation of the target APP, - "FIG. 11-A shows an exemplary sequence of steps performed by security application 44 executing on client system 12 (e.g., FIG. 3), according to some embodiments of the present invention. In a step 242, application 44 detects a target application 42 installed on client system 12. To detect that an application is installed, security application 44 may use static and/or dynamic methods....In some embodiments, dynamic methods include identifying target application 42 according to a behavior or an output of the respective application. Another exemplary dynamic method comprises determining a set of processes launched by the respective application, and matching a list of applications against a list of processes to identify candidate applications." [0090]; Fig. 11-A; sending the APP information of the target APP to the server; - "In a step 242, application 44 detects a target application 42 installed on client system 12. To detect that an application is installed, security application 44 may use static and/or dynamic methods....In some embodiments, dynamic methods include identifying target application 42 according to a behavior or an output of the respective application. Another exemplary dynamic method comprises determining a set of processes launched by the respective application, and matching a list of applications against a list of processes to identify candidate applications." [0090]; Fig. 11-A. "In a step 244, security application 44 computes application indicator 46 of target application 42 and transmits indicator 46 to security server 16." [0091]; Fig. 11-A

With respect to claims 3 and 14, Valceanu teaches,
in response to identifying that a privacy security managing circuit is in an activated state, - "FIG. 2-A shows an exemplary hardware configuration of a client system 12, such as systems 12a-b of FIG. 1. FIG. 2-A shows a mobile device for illustrative purposes; the hardware configuration of other devices, such as personal computers, may differ. In some embodiments, client system 12 comprises a processor 20, a memory unit 22, a set of input devices 24, a set of output devices 26, a set of storage devices 28, and a set of communication devices 30, all connected to a set of buses 39. Client system 12 may further include a camera 32, a geolocation device 34, a power management device 36, and a sensing device 38, connected to buses 39. In some embodiments, such as system-on-a-chip configurations, some of devices 20-39 may be integrated into a common hardware device, for instance, an integrated circuit." [0057]; Fig. 2-A. "In some embodiments, system 12 executes an operating system (OS) 40 and/or a set of software applications 42a-c." [0060]; Fig. 3. "In some embodiments, a security application 44 executes on OS 40...." [0061]; Fig. 3. Security application 44 executing on a SoC is interpreted as a privacy security managing circuit. Logically, security application 44/SoC would be activated in order to perform its functions; and in response to receiving the starting instruction directed at the target APP for the first time after installation or update of the target APP, - "FIG. 11-A shows an exemplary sequence of steps performed by security application 44 executing on client system 12 (e.g., FIG. 3), according to some embodiments of the present invention. In a step 242, application 44 detects a target application 42 installed on client system 12. To detect that an application is installed, security application 44 may use static and/or dynamic methods....In some embodiments, dynamic methods include identifying target application 42 according to a behavior or an output of the respective application. Another exemplary dynamic method comprises determining a set of processes launched by the respective application, and matching a list of applications against a list of processes to identify candidate applications." [0090]; Fig. 11-A; sending the APP information of the target APP to the server. - "In a step 242, application 44 detects a target application 42 installed on client system 12. To detect that an application is installed, security application 44 may use static and/or dynamic methods....In some embodiments, dynamic methods include identifying target application 42 according to a behavior or an output of the respective application. Another exemplary dynamic method comprises determining a set of processes launched by the respective application, and matching a list of applications against a list of processes to identify candidate applications." [0090]; Fig. 11-A. "In a step 244, security application 44 computes application indicator 46 of target application 42 and transmits indicator 46 to security server 16." [0091]; Fig. 11-A

With respect to claims 4 and 15, Valceanu teaches,
wherein the APP information comprises at least an APP identifier of the target APP, - "In a step 244, security application 44 computes application indicator 46 of target application 42 and transmits indicator 46 to security server 16." [0091]; Fig. 11-A; and wherein the APP identifier comprises at least one of...an APP name. - "Indicator 46 may further include an indicator of a Uniform Resource Identifier (URI) scheme used by target application 42. Examples of such URI schemes include http:, facebook:, facetime:, mailto:, skype:, and market:, among others." [0068]

With respect to claim 6, Valceanu teaches,
A method for processing information, the method comprising:
receiving, by a server, application (APP) information of a target APP sent by a target User Equipment (UE) terminal; - "FIG. 3 illustrates an exemplary software stack executing on client system 12 according to some embodiments of the present invention. In some embodiments, system 12 executes an operating system (OS) 40 and/or a set of software applications 42a-c." [0060]; Fig. 3. "In some embodiments, a security application 44 executes on OS 40...." [0061]; Fig. 3. "In a step 244, security application 44 computes application indicator 46 of target application 42 and transmits indicator 46 to security server 16." [0091]; Fig. 11-A
acquiring, by the server, a transmission risk detection result according to the APP information, - "In some embodiments, client system 12, for instance via security application 44, may send an application indicator 46 to security server 16. In response to receiving indicator 46, security server 16 may identify a target application according to indicator 46, and may selectively retrieve a risk indicator 50 indicative of a behavior performed by the respective target application from a behavior database 52. Security server 16 may further transmit risk indicator 50 to client system 12, thus concluding the risk-assessment transaction." [0062]; Fig. 4A; wherein the transmission risk detection result indicates whether there is a risk that data are transmitted out of a secure region while the target APP is running; and - "In some embodiments, the risk indicator comprises an indicator of a behavior of the target application, the behavior itself indicative of the respective security risk." [0093]. "In some embodiments, identifying risk-indicative behaviors of an application comprises determining whether the respective application performs a pre-determined set of risk-indicative behaviors. Said set of behaviors may be assembled, for instance by human operators, prior to server 16 performing risk assessment, and may include risk-indicative behaviors such as accessing a user's address book, sending sensitive items (e.g., a name, an address book entry, a username, a password, an indicator of a geographical position of the respective client system, a device identifier, etc.) to another party over network 18, and accessing a camera or a microphone of the respective client system, among others." [0031]
sending, by the server, the transmission risk detection result to the target UE terminal. - "In some embodiments, client system 12, for instance via security application 44, may send an application indicator 46 to security server 16. In response to receiving indicator 46, security server 16 may identify a target application according to indicator 46, and may selectively retrieve a risk indicator 50 indicative of a behavior performed by the respective target application from a behavior database 52. Security server 16 may further transmit risk indicator 50 to client system 12, thus concluding the risk-assessment transaction." [0062]; Fig. 4A. "In a step 246, security application 44 may receive risk indicator 50 from security server 16." [0091]; Fig. 11-A;

With respect to claim 7, Valceanu teaches,
acquiring a search result by searching a risk database according to the APP information; and in response to the search result indicating that the risk database contains the APP information, acquiring, according to the search result, - "In response to receiving indicator 46, security server 16 may identify a target application according to indicator 46 (APP information), and may selectively retrieve a risk indicator 50 indicative of a behavior performed by the respective target application from a behavior database 52."  [0062]
the transmission risk detection result indicating whether the data are transmitted out of the secure region while the target APP is running. - "In some embodiments, the risk indicator comprises an indicator of a behavior of the target application, the behavior itself indicative of the respective security risk." [0093]. "In some embodiments, identifying risk-indicative behaviors of an application comprises determining whether the respective application performs a pre-determined set of risk-indicative behaviors. Said set of behaviors may be assembled, for instance by human operators, prior to server 16 performing risk assessment, and may include risk-indicative behaviors such as accessing a user's address book, sending sensitive items (e.g., a name, an address book entry, a username, a password, an indicator of a geographical position of the respective client system, a device identifier, etc.) to another party over network 18, and accessing a camera or a microphone of the respective client system, among others." [0031]

With respect to claim 8, Valceanu teaches,
in response to the search result indicating that the risk database does not contain the APP information, running the target APP on a test UE terminal; and generating the transmission risk detection result according to a running result obtained by running the target APP on the test UE terminal, wherein the running result indicating whether the data are transmitted out of the secure region while the target APP is running. - The forgoing recites a contingent limitation. According to MPEP 2111.04(II), "The broadest reasonable interpretation of a method (or process) claim having contingent limitations requires only those steps that must be performed and does not include steps that are not required to be performed because the condition(s) precedent are not met." Given that parent claim 7 recites the contingency whereby the search result indicates the risk database contains the APP information, claim 8's recitation of the converse is not required to be performed.

With respect to claim 9, Valceanu teaches,
establishing a correspondence between the APP information and a transmission risk identifier in the risk database according to the transmission risk detection result generated. - The forgoing recites an additional step performed as a consequence of generating the transmission risk detection result recited by parent claim 8. Given that the contingent limitation recited by claim 8 is not required to be performed, it follows that a step stemming from the contingent limitation would also not be required.

With respect to claim 10, Valceanu teaches,
acquiring, according to log data indicating the running result, a first location of the server supporting running of the target APP; acquiring a determination result by determining whether the first location is outside of the secure region; and generating the transmission risk detection result according to the determination result. - The forgoing recites an additional steps performed as a consequence of generating the transmission risk detection result recited by parent claim 8. Given that the contingent limitation recited by claim 8 is not required to be performed, it follows that steps stemming from the contingent limitation would also not be required.

With respect to claim 11, Valceanu teaches,
acquiring a second location of the test UE terminal; and determining the secure region according to the second location. - The forgoing recites an additional steps performed as a consequence of generating the transmission risk detection result recited by parent claim 8. Given that the contingent limitation recited by claim 8 is not required to be performed, it follows that steps stemming from the contingent limitation would also not be required.

With respect to claim 12, Valceanu teaches,
A User Equipment (UE) terminal, comprising: one or more processors and a non-transitory computer-readable memory, wherein the non-transitory computer-readable memory is adapted to store an instruction executable by the one or more processors, and wherein the one or more processors are configured to: - Fig. 2-A
The remaining limitations are rejected for the same reasons given for analogous claim 1.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

Claims 5 and 16 are rejected under 35 U.S.C. 103 as being unpatentable over US 20160203320 A1 - hereinafter "Valceanu", in view of US 8135798 B2 - hereinafter "Wellingkar".

With respect to claims 5 and 16, Valceanu does not explicitly teach,
wherein the APP information further comprises information on a version of the target APP.
However, in analogous art, Wellingkar teaches:
"Further, during account creation/registration, the client device 102 may additionally send, for example, the following data to the account management server 106: mobile number; carrier; an International Mobile Equipment Identity (IMEI) and/or Electronic Serial Number (ESN); firmware version; software version; hardware version; synchronization identification number ("SyncID"); carrier DB; device serial number; and/or device model." (col. 9:40-47)
It would have been obvious for one of ordinary skill in the art before the effective filing date of the invention to implement Valceanu with Wellingkar's teachings because doing so would provide Valceanu's system with the ability to facilitate the creation/registration of and login to an account maintained for client devices, as suggested by Wellingkar (col. 6:18-21).

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to GEOFFREY R ST LEGER whose telephone number is (571)270-7720. The examiner can normally be reached M-F (IFP) ~9:00-5:00 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Hyung S Sough can be reached on 571-272-6799. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/GEOFFREY R ST LEGER/Primary Examiner, Art Unit 2192