Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

          DETAILED ACTION

1.	This action is responsive to:  an original application filed on 16 April 2020.	
2.	Claims 1-20 are currently pending and claims 1, 8 and 14 are independent claims. 

Information Disclosure Statement

3.	The information disclosure statement (IDS) submitted are in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.

       Priority

4.	No Priority claimed.

     Drawings

5.	The drawings filed on 16 April 2020 are accepted by the examiner. 

                                             Claim Rejections - 35 USC § 101	

6.	35 U.S.C. 101 reads as follows: 
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

Claim 9 and 11 recite “A computer-readable storage medium” interpreted as broadly as their terms reasonably allow. See In re Zletz, 893 F.2d 319 (Fed. Cir. 1989).  The broadest reasonable interpretation of a claim drawn to a computer readable medium (also called machine readable medium and other such variations) typically covers forms of non-transitory tangible media and transitory propagating signals per se in view of the ordinary and customary meaning of computer readable media, particularly when the specification is silent (See MPEP 2111.01).  When the broadest reasonable interpretation of a claim covers a signal per se, the claim must be rejected under 35 U.S.C. §101 as covering non-statutory subject matter.  See In re Nuijten, 500 F.3d 1346, 1356-57 (Fed. Cir. 2007) (transitory embodiments are not directed to statutory subject matter) and Interim Examination Instructions for Evaluating Subject Matter Eligibility Under 35 U.S.C. § 101, Aug. 24, 2009; p. 2.
A claim drawn to such a computer readable medium that covers both transitory and non-transitory embodiments may be amended to narrow the claim to cover only statutory embodiments to avoid a rejection under 35 U.S.C. § 101 by adding the limitation “non-transitory” or “device” to the claim.  Cf.  Animals – Patentability, 1077 Off. Gaz. Pat. Office 24 (April 21, 1987. 

                                              Claim Rejections - 35 USC § 102

7.	The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –	
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.


Claims 1-7, 9-11, 14-17 and 20 are rejected 35 U.S.C §102 (a)(2) as being anticipated by William Dane (US Publication No. 20110246778), hereinafter Dane.  

In regard to claim 1: 
a memory device with computer-readable program code stored thereon (Deane, ¶8).
a communication device; and a processing device operatively coupled to the memory device and the communication device (Deane, ¶12).
wherein the processing device is configured to execute the computer-readable program code to: import a set of executable code into a virtual environment instance (Deane, ¶16, 13).
execute, within the virtual environment instance, one or more processes on the set of executable code; based on executing the one or more processes, perform validation of the set of executable code (Deane, ¶13, claim 1).
process the set of executable code using a data transformation algorithm to generate a data transformation output (Deane, ¶1-2, 13).
and store the data transformation output in an authorization database (Deane, ¶24, claim 17).
In regard to claim 2:
wherein the computer-readable program code further causes the processing device to: receive a request from a user to execute a second set of executable code; process the second set of executable code using the data transformation algorithm to generate a second data transformation output; compare the second data transformation output to one or more entries in the authorization database; and validate the second data transformation output based on comparing the second data transformation output with the one or more entries in the authorization database. (Deane, ¶14).
In regard to claim 3: 
wherein the authorization database is an authorized hash database, wherein comparing the second data transformation output to one or more entries in the authorization database comprises: detecting a match between the second data transformation output and a cryptographic hash value within the one or more entries in the authorization database; and based on detecting the match, authorizing execution of the second set of executable code on a target computing system (Deane, ¶15).
In regard to claim 4: 
wherein the computer-readable program code further causes the processing device to display a positive indicator to a user via a user interface, wherein the positive indicator indicates that the second set of executable code is authorized to be executed on the target computing system (Deane, ¶25).
In regard to claim 7:
wherein the data transformation algorithm is a cryptographic hash algorithm, wherein the data transformation output is a cryptographic hash output (Epsten, ¶13).
In regard to claim 8:
importing a set of executable code into a virtual environment instance (Deane, ¶16, 13).
executing, within the virtual environment instance, one or more processes on the set of executable code; based on executing the one or more processes, performing validation of the set of executable code (Deane, ¶13, claim 1).
processing the set of executable code using a data transformation algorithm to generate a data transformation output (Deane, ¶1-2, 13).
and storing the data transformation output in an authorization database (Deane, ¶24, claim 17).
In regard to claim 9:
the computer-readable program code portions further comprising executable code portions for: receiving a request from a user to execute a second set of executable code; processing the second set of executable code using the data transformation algorithm to generate a second data transformation output; comparing the second data transformation output to one or more entries in the authorization database; and validating the second data transformation output based on comparing the second data transformation output with the one or more entries in the authorization database. (Deane, ¶14).
In regard to claim 10:
wherein the authorization database is an authorized hash database, wherein comparing the second data transformation output to one or more entries in the authorization database comprises: detecting a match between the second data transformation output and a cryptographic hash value within the one or more entries in the authorization database; and based on detecting the match, authorizing execution of the second set of executable code on a target computing system (Deane, ¶15).
In regard to claim 11:
the computer-readable program code portions further comprising an executable code portion for displaying a positive indicator to a user via a user interface, wherein the positive indicator indicates that the second set of executable code is authorized to be executed on the target computing system (Deane, ¶25).

In regard to claim 14:
importing a set of executable code into a virtual environment instance (Deane, ¶16, 13).
executing, within the virtual environment instance, one or more processes on the set of executable code; based on executing the one or more processes, performing validation of the set of executable code (Deane, ¶13, claim 1).
processing the set of executable code using a data transformation algorithm to generate a data transformation output (Deane, ¶1-2, 13).
and storing the data transformation output in an authorization database (Deane, ¶24, claim 17).
In regard to claim 15:
the method further comprising: receiving a request from a user to execute a second set of executable code; processing the second set of executable code using the data transformation algorithm to generate a second data transformation output; comparing the second data transformation output to one or more entries in the authorization database; and validating the second data transformation output based on comparing the second data transformation output with the one or more entries in the authorization database (Deane, ¶14).
In regard to claim 16:
wherein the authorization database is an authorized hash database, wherein comparing the second data transformation output to one or more entries in the authorization database comprises: detecting a match between the second data transformation output and a cryptographic hash value within the one or more entries in the authorization database; and based on detecting the match, authorizing execution of the second set of executable code on a target computing system (Deane, ¶15).
In regard to claim 17:
the method further comprising displaying a positive indicator to a user via a user interface, wherein the positive indicator indicates that the second set of executable code is authorized to be executed on the target computing system (Deane, ¶25).
In regard to claim 20:
wherein the data transformation algorithm is a cryptographic hash algorithm, wherein the data transformation output is a cryptographic hash output; however, in a same field of endeavor Epsten discloses this limitation (Epsten, ¶13).

Claim Rejections - 35 USC § 103
	
8.	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


Claims 5-6, 12-13 and 18-19 are rejected under 35 U.S.C §103 as being Dane and in view of Joe Epstein (US Publication No. 20130276056), hereinafter Epstein.

In regard to claim 5: 
Deane does not explicitly suggest, wherein the authorization database is an authorized hash database, wherein comparing the second data transformation output to one or more entries in the authorization database comprises: determining that the second data transformation output does not match any of the one or more entries in the authorization database; and automatically blocking execution of the second set of executable code on a target computing system; however, in a same field of endeavor Epstein discloses this limitation (Epstein, ¶73).
It would have been obvious to one of ordinary skill in the art at the time the invention was filed to include the method of secured code running on process of Dane with the method of halting process disclosed in Epstein prevent running unauthorized executable, stated by Epstein at para.65.

In regard to claim 6: 
Deane does not explicitly suggest, wherein the authorization database is an unauthorized hash database, wherein comparing the second data transformation output to one or more entries in the authorization database comprises: detecting a match between the second data transformation output and a cryptographic hash value within the one or more entries in the authorization database; and based on detecting the match, automatically blocking execution of the second set of executable code on a target computing system; however, in a same field of endeavor Epstein discloses this limitation (Epstein, ¶73).
Same motivation for combining the respective features of Dane and Epstein applies herein, as discussed in the rejection of claim 5.

In regard to claim 12: 
wherein the authorization database is an authorized hash database, wherein comparing the second data transformation output to one or more entries in the authorization database comprises: determining that the second data transformation output does not match any of the one or more entries in the authorization database; and automatically blocking execution of the second set of executable code on a target computing system; however, in a same field of endeavor Epstein discloses this limitation (Epstein, ¶73).
Same motivation for combining the respective features of Dane and Epstein applies herein, as discussed in the rejection of claim 5.

In regard to claim 13:
Deane does not explicitly suggest, wherein the authorization database is an unauthorized hash database, wherein comparing the second data transformation output to one or more entries in the authorization database comprises: detecting a match between the second data transformation output and a cryptographic hash value within the one or more entries in the authorization database; and based on detecting the match, automatically blocking execution of the second set of executable code on a target computing system; however, in a same field of endeavor Epstein discloses this limitation (Epstein, ¶73).
Same motivation for combining the respective features of Dane and Epstein applies herein, as discussed in the rejection of claim 5.

In regard to claim 18: 
wherein the authorization database is an authorized hash database, wherein comparing the second data transformation output to one or more entries in the authorization database comprises: determining that the second data transformation output does not match any of the one or more entries in the authorization database; and automatically blocking execution of the second set of executable code on a target computing system however, in a same field of endeavor Epstein discloses this limitation (Epstein, ¶73).
Same motivation for combining the respective features of Dane and Epstein applies herein, as discussed in the rejection of claim 5.

In regard to claim 19:
Deane does not explicitly suggest, wherein the authorization database is an unauthorized hash database, wherein comparing the second data transformation output to one or more entries in the authorization database comprises: detecting a match between the second data transformation output and a cryptographic hash value within the one or more entries in the authorization database; and based on detecting the match, automatically blocking execution of the second set of executable code on a target computing system; however, in a same field of endeavor Epstein discloses this limitation (Epstein, ¶73).
Same motivation for combining the respective features of Dane and Epstein applies herein, as discussed in the rejection of claim 5.

   Conclusion

9.	The prior art made of record and not relied upon is considered pertinent to applicant’s disclosure. Any inquiry concerning this communication or earlier communications from the examiner should be directed to Monjour Rahim whose telephone number is (571)270-3890. 
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Shewaye Gelagay can be reached on 571-272-4219.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
	Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (in USA or CANANDA) or 571-272-1000.

/Monjur Rahim/
Patent Examiner
United States Patent and Trademark Office
Art Unit: 2436; Phone: 571.270.3890
E-mail: monjur.rahim@uspto.gov
Fax: 571.270.4890