Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

This action is in response to the claims filed 10/12/2021.  Claims 21-40 are pending and new.  Claims 21 (a method), 29 (a machine), and 37 (a machine) are independent.  Claims 21, 29, and 37 are amended.

Response to Arguments
Applicant's arguments filed 4/19/2022 have been fully considered but they are not persuasive. 
On pages 12 and 13 of the remarks, Applicant argues that Poirier, the NPL discussing troubleshooting webcam use in Skype, : “Poirier does not monitor a running state of a program, switch a terminal device from a first mode to a second mode when the program exits running, and allow Skype to access the webcam when the terminal device is switched to the second mode.  Instead, Poirier only states that Skype accesses the webcam when a user closes a program (e.g., permits an application program to access a system function).”  This argument is not persuasive.
If Skype cannot access a webcam while other programs are running and can access the webcam after the other programs have ceased running then: (1) the ‘system’ must know of the other programs exiting and (2) the mode of operation – availability of the webcam – must change. 
Applicant’s claimed system does not specify how monitoring is accomplished and does not specify how the first/second mode are switched. 
Applicant’s claims 21 and 29 are disclosed by the inherent functionality described in the Poirier reference.

On page 13 of the remarks, Applicant further states “as recited in independent claims 21 and 29, a second application could invoke a system function not only after a first application exits running, but could also invoke the system function before the first application begins running.”  This is not persuasive.  The key inquiry is what the claims require and whether the art discloses said requirements.  The possibility for unclaimed use cases that differ from the art is not relevant to patentability of the pending claims. 

On page 14 of the remarks, Applicant asserts that Wang in view of Faaborg does not (1) monitor a running state of the first application, and (2) switch from a first mode to a second mode when the first application exits.  This argument is not persuasive. 
(1) Wang discloses monitoring a running state of (Process A).  Illustratively, Process A allows other processes to execute (see transition in Fig. 6 between S606 and S607) but inhibits any use of an API for which Process A has been granted exclusive use (See Fig. 6, S609 and Wang ¶ 203: “process B is incapable of obtaining the mutex and becomes congested since the process A is under the resource exclusive mode, and so the system process scheduling returns to the process A.”).
Process B is only able to access the API after Process A surrenders exclusivity and exits (See Fig. 6, S612-614).  The system is notified of the termination of Process A due to the system call “atexit” (See Wang Fig. 6, S614, and Fig. 4 describing atexit.) 
(2) the switch from the first mode (Process A’s exclusivity of access to the API) to the second mode (Process B is able to access the API) is accomplished by Fig. 6 steps S612-614 which include cleanup and termination of Process A. 

On page 17, Applicant asserts “Wang’s API is protected under a mutually exclusive access mechanism of an operating system to ensure mutually exclusive access to a hardware device …. A program termination function drv_atexit …. The mutex is released…. Accordingly, Wang does not state that the API monitors a running state of a program, switches a terminal device from a first mode to a second mode, and accesses the hardware device when the terminal device is switched to the second mode.   Instead, Wang allows the API to access the hardware device when a mutex counter is smaller than 1.”

First, the running state of the program is monitored via the “termination function atexit, Wang Figure 6, S614). See Applicant’s specification Figure 6B, steps 613 and 614 showing analogous steps including a message from the first application program comprising: “614 Notify the system that the first application program is exited running”.  Thus, Applicant’s “monitoring a running state of a program” is anticipated by the “termination function atexit” of Wang. 

Second, the mutex of Wang is a mode of a system.  Additionally, Wang discloses the mode of a system is altered by an exclusive mode and the termination of a process (see Fig. 6 steps S612-S614).  Each of these elements, individually and collectively alter a mode(s) of the system.  Specifically, as seen in Wang Figure 6, Process B is only granted access to an API after steps S612-S614. 
Lastly, Wang discloses allowing access to Process B after Process A is terminated in Figure 6, steps S614-S623. (“After the process A completes all the operations and the driver API4 releases the mutex, the driver API1 of the process B requesting for access to the hardware device obtains the mutex.” Wang ¶ 210.)

While Wang discloses a plurality of steps (e.g. S612-S614, including a process termination command “atexit”) that sets the mode of the system, the claims do not prevent a plurality of steps, including a program exit, from anticipating or rendering obvious the claimed “monitoring a running state of the first application program to detect when the first application program exits running; switching the terminal device from a first mode to a second mode when the first application program exits running ….”
Applicant’s claims and specification do not limit the particular mechanism by which the monitoring and switching are performed and such is reasonably disclosed by Wang.

Applicant’s further arguments are dependent on those addressed and are not persuasive for the reasons discussed above.

Claim interpretation:
“Permitting, by the system, the second application program to invoke the system function when the first application program exits running.”

In the context of operating system (the system) mediated access to resources, a permission is an access control mechanism by which access to resources is permitted or denied to a program that is granted permissions, irrespective of other programs permissions.
When use of a resource by one program is conditioned by use of a resource by another program it is termed a mutex, for mutual exclusion. 

Several references where one application controls the permissions of another are included in the record, e.g. Fong-Jones, US 8,6565,465.  However, as the claims and remarks place emphasis on conditioning access on an application exiting, the claims are directed to a mutex.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 21, 22, 27, 29, 30, 35 is/are rejected under 35 U.S.C. 103 as being unpatentable over Poirier et al., “I Am Trying to Skype and My Computer Is Blocking My Webcam” in view of Official Notice.

As to claims 21 and 29, Poirier discloses the method/machine comprising:
… 
running the first application program; (“Skype may not be able to access your webcam because other programs are using it.” Poirier)
acquiring configuration information, wherein the configuration information corresponds to a system function and the first application program; (“Skype may not be able to access your webcam because other programs are using it.” Poirier)
forbidding a second application program from invoking the system function when the first application program is running according to the configuration information, …; and (“Skype may not be able to access your webcam because other programs are using it.” Poirier)
monitoring a running state of the first application program to detect when the first application program exits running; (“Your webcam can only work with one program at a time. To address this problem, close all other programs that could be trying to access the webcam.” Poirier. All other programs exit, no other program is using the webcam)
switching the terminal device from a first mode to a second mode when the first application program exits running, wherein the first mode comprises forbidding the second application program from invoking the system function, and wherein the second mode comprises allowing the second application program to invoke the system function; and (the system function is the use of the webcam, the first mode is when another program is using the webcam, the second mode is when no other program is using the webcam.)
permitting the second application program to invoke the system function when the terminal device is switched to the second mode. (The second mode is when no conflicting application programs are running and Skype can access the webcam. “Some programs such as browsers, instant messengers and video editing software may be accessing your webcam even if you are not actively using it through them, so close them even if you don't think they are the cause of the problem.” Poirier).

Poirier does not disclose:
obtaining an installation package of a first application program; 
installing the first application program; 
wherein the second application program is installed in the terminal device

It was known in the art before the effective filing date of the claimed invention to install programs such as Skype, web browsers, instant messengers, and video editing software, Official Notice is taken thereof.

A person of ordinary skill in the art before the effective filing date of the claimed invention would have obtained installation packages and installed programs such as Skype, web browsers, instant messengers and video editing software to communicate, retrieve information, and otherwise utilize their computer to perform desired tasks.  

As to claims 22 and 30, Poirier discloses: 
Wherein the second application program is an application program of a plurality of application programs in the terminal device other than the first application program.
(“Skype may not be able to access your webcam because other programs are using it.” Poirier)

As to claims 27 and 35, Poirier discloses: 
When the first application program is in a running state, the terminal device to be in a first mode. (“Some programs such as browsers, instant messengers and video editing software may be accessing your webcam even if you are not actively using it through them, so close them even if you don't think they are the cause of the problem.” Poirier).


Claim 21, 22, 25-30, and 33-40 is/are rejected under 35 U.S.C. 103 as being unpatentable over Wang et al., US 2013/0305259 (filed 2013-04) in view of Faaborg et al., US 8,595,489 (filed 2012-11).
As to claims 21 and 29, Wang discloses a method/machine comprising:
(regarding the processor and memory of claim 29, see Wang ¶ 7 discussing a CPU and memory)
…
running the first application program; (“During an initialization procedure of each process, the system designates a corresponding identification to the process for marking the process. A process is a program having independent functionality and is associated with a single operation of a particular data set, and is regarded as an independent unit for system resource allocation and scheduling.” Wang ¶ 56)
acquiring configuration information, wherein the configuration information corresponds to a system function and the first application program; (“In step S302, the entry program drv_entry of the driver API determines whether the current process requiring access to the hardware device has obtained the mutex.” Wang ¶ 122. The system function being the driver API and the configuration information being the mutex. The program obtaining the “mutex” in step s305 in ¶ 125)
forbidding a second application program from invoking the system function when the first application program is running according to the configuration information, …; and (“process B is incapable of obtaining the mutex and becomes congested since the process A is under the resource exclusive mode, and so the system process scheduling returns to the process A.” Wang ¶ 203 “In step S303, it is determined whether a current TID and a TID having obtained the mutex are the same.” Wang ¶ 123. “In step S304, delay occurs until the current TID has obtained the mutex” Wang ¶ 124)
(“FIG. 6 depicts the same application example as that in FIG. 5, with however the process A utilizing the resource exclusive mode of the driver and being prioritized in acquiring the permission to the hardware device.” Wang ¶ 190. “In step S613, the process A exits the resource exclusive mode. The end driver API_EndDraw is activated, and the exit program drv_return releases the mutex.” Wang ¶ 207, Process A blocks access using exclusive mode until process termination.)
monitoring a running state of the first application program to detect when the first application program exits running; (“In step S614, the process A is terminated, and the process termination function atexit is activated.” Wang ¶ 209. “In step S401, the program process termination function Drv_atexit is activated.” Wang ¶ 147)
switching the terminal device from a first mode to a second mode when the first application program exits running, (“When the value of the mutex counter is greater than 0, the value of the mutex counter is directly cleared to 0 and all mutexes occupied by the process are released to exit the program process termination function.” Wang ¶ 146. “In step S405, the mutex is released to reset the value of the mutex counter to 0.” Wang ¶ 151. See also Wang ¶¶ 146 and 152, process of program process termination.) wherein the first mode (mutex > 0) comprises forbidding the second application program from invoking the system function, (“Although the process B at this point requests for access to the hardware device, the process B is incapable of obtaining the mutex and becomes congested since the process A is under the resource exclusive mode” Wang ¶ 203. “In step S304, delay occurs until the current TID has obtained the mutex” Wang ¶ 124) and wherein the second mode (mutex = 0) comprises allowing the second application program to invoke the system function. (“After the process A completes all the operations and the driver API4 releases the mutex, the driver API1 of the process B requesting for access to the hardware device obtains the mutex.” Wang ¶ 210. “the TID having obtained the mutex is recorded as the current TID, and the value of the mutex counter is added by 1.” Wang ¶ 124)
permitting the second application program to invoke the system function when the first application program exits running. (“After the process A completes all the operations and the driver API4 releases the mutex, the driver API1 of the process B requesting for access to the hardware device obtains the mutex.” Wang ¶ 210. “In step S401, the program process termination function Drv_atexit is activated. … In step S405, the mutex is released to reset the value of the mutex counter to 0. In step S406, driver information of the process is cleared to exit the program process termination function Drv_atexit.” Wang ¶¶ 147-152.  The mutex being released when set to 0 and allowing another program to obtain the mutex and therefore the API.  See Figure 6 along with associated disclosure.)

Wang does not disclose:
obtaining an installation package of a first application program; 
installing the first application program; 
wherein the second application program is installed in the terminal device

Faaborg discloses: 
obtaining an installation package of a first application program; (“an Android application package file (APK) is the file format used to distribute and install application software and middleware onto Google's Android operating system.” Faaborg col. 3, ln. 11.
“An APK file may contain individual files such as: 1) an AndroidManifest.xml file, which is a Manifest file that describes the name, version, access rights, and referenced library files for the application” Faaborg col. 3, ln. 24.
“The Manifest file identifies any user permissions the application requires, such as Internet access or read-access to the user's contacts. The Manifest file may also declare the minimum API level required by the application” Faaborg col. 3, ln. 39.)
installing the first application program; (Faaborg col. 3, ln. 11.)
wherein the second application program is installed in the terminal device 
 (“It is important that users comprehend what permissions they are granting to an application during installation….. Consent to permissions may be granted at install time” Faaborg col. 2, ll. 46-65.)

A person of ordinary skill in the art before the effective filing date of the claimed invention would have combined Wang with Faaborg by utilizing the install package and permission declaration install mechanisms of Faaborg to install software in the system of Wang.  It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention would have combined Wang with Faaborg in order to allow users to install new software and to comprehend the permissions granted to said software (Faaborg col. 2, ln. 46).

As to claim 37, Wang discloses a machine comprising:
obtaining an installation package of a first application program; 
installing the first application program;
running the first application program; (“During an initialization procedure of each process, the system designates a corresponding identification to the process for marking the process. A process is a program having independent functionality and is associated with a single operation of a particular data set, and is regarded as an independent unit for system resource allocation and scheduling.” Wang ¶ 56)
…
 and wherein the first permission includes disabling information; (“In step S302, the entry program drv_entry of the driver API determines whether the current process requiring access to the hardware device has obtained the mutex.” Wang ¶ 122. The system function being the driver API and the configuration information being the mutex. The program obtaining the “mutex” in step s305 in ¶ 125)
controlling, by the system and according to the configuration information, access to the system function while the first application program is running by: 
… and 
forbidding according to the disabling information of the first permission and independent of … and a second application program, the second application program from invoking the system function while the first application program is running, (“In step S303, it is determined whether a current TID and a TID having obtained the mutex are the same.” Wang ¶ 123. “In step S304, delay occurs until the current TID has obtained the mutex” Wang ¶ 124) …
exiting running the first application program; and  (“In step S406, driver information of the process is cleared to exit the program process termination function Drv_atexit.” )
monitoring a running state of the first application program to detect when the first application program exits running; (“In step S614, the process A is terminated, and the process termination function atexit is activated.” Wang ¶ 209. “In step S401, the program process termination function Drv_atexit is activated.” Wang ¶ 147)
switching the terminal device from a first mode to a second mode when the first application program exits running, (“When the value of the mutex counter is greater than 0, the value of the mutex counter is directly cleared to 0 and all mutexes occupied by the process are released to exit the program process termination function.” Wang ¶ 146. “In step S405, the mutex is released to reset the value of the mutex counter to 0.” Wang ¶ 151. See also Wang ¶¶ 146 and 152, process of program process termination.) wherein the first mode (mutex > 0) comprises forbidding the second application program from invoking the system function, (“Although the process B at this point requests for access to the hardware device, the process B is incapable of obtaining the mutex and becomes congested since the process A is under the resource exclusive mode” Wang ¶ 203. “In step S304, delay occurs until the current TID has obtained the mutex” Wang ¶ 124) and wherein the second mode (mutex = 0) comprises allowing the second application program to invoke the system function. (“After the process A completes all the operations and the driver API4 releases the mutex, the driver API1 of the process B requesting for access to the hardware device obtains the mutex.” Wang ¶ 210. “the TID having obtained the mutex is recorded as the current TID, and the value of the mutex counter is added by 1.” Wang ¶ 124)

permitting according to the second permission, the second application program to invoke the system function when the first application program exits running. (“In step S401, the program process termination function Drv_atexit is activated. … In step S405, the mutex is released to reset the value of the mutex counter to 0. In step S406, driver information of the process is cleared to exit the program process termination function Drv_atexit.” Wang ¶¶ 147-152.  The mutex being released when set to 0 and allowing another program to obtain the mutex and therefore the API.  See Figure 6 along with associated disclosure.)

Wang does not disclose:
obtaining an installation package of a first application program; 
installing the first application program;
acquiring configuration information corresponding to a first permission, wherein the configuration information corresponds to a system function and the first application program,
permitting according to the first permission, the first application program to access the system function;
a second permission corresponding to the system function 
wherein the second application program is installed in the terminal device;

Faaborg discloses:
obtaining an installation package of a first application program; 
 (“an Android application package file (APK) is the file format used to distribute and install application software and middleware onto Google's Android operating system.” Faaborg col. 3, ln. 11.
“An APK file may contain individual files such as: 1) an AndroidManifest.xml file, which is a Manifest file that describes the name, version, access rights, and referenced library files for the application” Faaborg col. 3, ln. 24.
“The Manifest file identifies any user permissions the application requires, such as Internet access or read-access to the user's contacts. The Manifest file may also declare the minimum API level required by the application” Faaborg col. 3, ln. 39.)
installing the first application program; (Faaborg col. 3, ln. 11.)
acquiring configuration information corresponding to a first permission, wherein the configuration information corresponds to a system function and the first application program, (“The Manifest file identifies any user permissions the application requires, such as Internet access or read-access to the user's contacts. The Manifest file may also declare the minimum API level required by the application” Faaborg col. 3, ln. 39.)
permitting, by the system and according to the first permission, the first application program to access the system function; (“The Manifest file may declare hardware and software features used or required by the application, such as a camera, Bluetooth services, or a multi-touch screen.”  Faaborg col. 3, ln. 43. “each application, by default, has access only to the components that it requires to do its work and no more.” Faaborg col. 4, ln. 5).
a second permission corresponding to the system function (“The Manifest file may declare hardware and software features used or required by the application, such as a camera, Bluetooth services, or a multi-touch screen.”  Faaborg col. 3, ln. 43. The permission to use the API given at install of the second application)
wherein the second application program is installed in the terminal device; (“It is important that users comprehend what permissions they are granting to an application during installation….. Consent to permissions may be granted at install time” Faaborg col. 2, ll. 46-65.)

A person of ordinary skill in the art before the effective filing date of the claimed invention would have combined Wang with Faaborg by utilizing the install package installation and the permissions of Faaborg to install and manage software access to the system of Wang.  It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention would have combined Wang with Faaborg in order to allow users to install and provide limited system access to new software in a manner that allows the user to comprehend the permissions granted to said software (Faaborg col. 2, ln. 46).


	As to claims 22, 30, and 38, Wang in view of Faaborg discloses the method/machine/machine of claims 21, 29, and 37 and further discloses:
wherein the second application program is an application program of a plurality of application programs in the terminal device other than the first application program. (see Wang figure 6)

As to claims 25, 33, and 39, Wang in view of Faaborg discloses method/machine/machine of claims 21, 29, and 37 and further discloses:
wherein acquiring the configuration information comprises: receiving a user grant; and acquiring the configuration information in response to receiving the user grant. (“It is important that users comprehend what permissions they are granting to an application during installation….. Consent to permissions may be granted at install time” Faaborg col. 2, ll. 46-65.)

As to claims 26, 34, and 40, Wang in view of Faaborg discloses the method/machine/machine of claims 21, 29, and 37 and further discloses:
wherein forbidding the second application program from invoking the system function comprises 
forbidding invoking an application programming interface (API) corresponding to the system function (“The first process utilizes the hardware device via at least one application programming interface (API).” Wang ¶ 23) in response to running the first application program. (See Fig. 6, S609, “process B is incapable of obtaining the mutex and becomes congested since the process A is under the resource exclusive mode, and so the system process scheduling returns to the process A.” Wang ¶ 203. “In step S302, the entry program drv_entry of the driver API determines whether the current process requiring access to the hardware device has obtained the mutex.” Wang ¶ 122. The system function being the driver API and the configuration information being the mutex. The program obtaining the “mutex” in step s305 in ¶ 125)

As to claims 27 and 35, Wang in view of Faaborg discloses the method/machine of claims 21 and 29 and further discloses:
further comprising enabling, when the first application program is in a running state, the terminal device to be in a first mode. (“In step S603, the process A transmits a request for the resource exclusive mode.” Wang ¶ 195. “In step S305, the TID having obtained the mutex is recorded as the current TID, and the value of the mutex counter is added by 1.” Wang ¶ 125.  The mutex counter is the mode of operation that prevents the second program from obtaining the resource.)

As to claims 28 and 36, Wang in view of Faaborg discloses the method/machine of claims 21 and 29 and further discloses:
wherein after acquiring the configuration information (“It is important that users comprehend what permissions they are granting to an application during installation….. Consent to permissions may be granted at install time” Faaborg col. 2, ll. 46-65.), … corresponding to forbidding the second application program from invoking the system function in response to running the first application program (“The first process utilizes the hardware device via at least one application programming interface (API).” Wang ¶ 23), and wherein the first permission is less than a highest level permission. (“The Manifest file identifies any user permissions the application requires, such as Internet access or read-access to the user's contacts. The Manifest file may also declare the minimum API level required by the application” Faaborg col. 3, ln. 39. Access to contacts and the other permissions explicitly described in Faaborg are not a highest level permission in Android.)

Wang in view of Faaborg, as combined in claim 21 does not disclose: 
the system function invoking method further comprises obtaining a first permission 

Faaborg further discloses:
the system function invoking method further comprises obtaining a first permission (“The Manifest file may declare hardware and software features used or required by the application, such as a camera, Bluetooth services, or a multi-touch screen.”  Faaborg col. 3, ln. 43. “each application, by default, has access only to the components that it requires to do its work and no more.” Faaborg col. 4, ln. 5).

A person of ordinary skill in the art before the effective filing date of the claimed invention would have further combined Wang in view of Faaborg by allowing permissioned API access to functions based on the permissions granted in the manifest of Faaborg.  It would have been obvious to a person of ordinary skill in the art to further combine Wang in view of Faaborg with Faaborg by allowing applications access to API functions for which the permissions have been granted at install. 



Claim 23, 24, 31, and 32 is/are rejected under 35 U.S.C. 103 as being unpatentable over Wang et al., US 2013/0305259 (filed 2013-04) in view of Faaborg et al., US 8,595,489 (filed 2012-11), and Roesner et al., US 2013/0205385 (filed 2012-02).

	As to claims 23 and 31, Wang in view of Faaborg discloses the method/machine of claims 21 and 29 and further discloses:
wherein forbidding the second application program from invoking the system function comprises: 
…
forbidding subsequent invocation of the system function by the second application program when the second application program has not invoked the system function (“process B is incapable of obtaining the mutex and becomes congested since the process A is under the resource exclusive mode, and so the system process scheduling returns to the process A.” Wang ¶ 203. “In step S303, it is determined whether a current TID and a TID having obtained the mutex are the same.” Wang ¶ 123. “In step S304, delay occurs until the current TID has obtained the mutex” Wang ¶ 124) or when the second application program has invoked the system function and the system function is currently not in the invoked state. 

Wang in view of Faaborg does not disclose:
ending an invocation of the system function by the second application program when the second application program has invoked the system function and the system function is currently in an invoked state of being invoked by the second application program; and 

Roesner discloses:
(“associated resource monitor may represent system-level functionality which mediates access to at least one system-level resource, such as a camera, a printer, a location device, message-sending functionality” Roesner ¶ 10) 
ending an invocation of the system function by the second application program when the second application program has invoked the system function and the system function is currently in an invoked state of being invoked by the second application program; and (“the access system 100 can also permit a user to expressly revoke any type of extended permission granted to the application 202, regardless of whether the application 202 is running at the time of revocation.” Roesner ¶ 83.  See also ¶¶ 111 and 155 and Figure 21).

A person of ordinary skill in the art before the effective filing date of the claimed invention would have combined Wang in view of Faaborg with Roesner by providing the functionality to revoke permissions granted to an application even if those permissions were in use during application runtime.  It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine the permission revocation of Roesner in the system of Wang in view of Faaborg in order to allow applications to access resources using permissions that are narrowly tailored (Roesner ¶ 13) and revocable, thereby not granting permissions indefinitely (Roesner ¶¶ 83 and 155) after the user’s intended use has been accomplished.


As to claims 24 and 32, Wang in view of Faaborg discloses the method/machine of claims 21 and 29 and further discloses:
wherein forbidding the second application program from invoking the system function comprises: 
…
forbidding subsequent invocation of the system function by the second application program when the second application program has not invoked the system function (“process B is incapable of obtaining the mutex and becomes congested since the process A is under the resource exclusive mode, and so the system process scheduling returns to the process A.” Wang ¶ 203. “In step S303, it is determined whether a current TID and a TID having obtained the mutex are the same.” Wang ¶ 123. “In step S304, delay occurs until the current TID has obtained the mutex” Wang ¶ 124) or when the second application program has invoked the system function and the system function is currently not in the invoked state.

Wang in view of Faaborg does not disclose;
suspending an invocation of the system function by the second application program when the second application program has invoked the system function and the system function is currently in an invoked state of being invoked by the second application program; and 

Roesner discloses:
(“associated resource monitor may represent system-level functionality which mediates access to at least one system-level resource, such as a camera, a printer, a location device, message-sending functionality” Roesner ¶ 10) 
suspending an invocation of the system function by the second application program when the second application program has invoked the system function and the system function is currently in an invoked state of being invoked by the second application program; and (“the access system 100 can also permit a user to expressly revoke any type of extended permission granted to the application 202, regardless of whether the application 202 is running at the time of revocation.” Roesner ¶ 83.  See also ¶¶ 111 and 155 and Figure 21).

A person of ordinary skill in the art before the effective filing date of the claimed invention would have combined Wang in view of Faaborg with Roesner by providing the functionality to revoke permissions granted to an application even if those permissions were in use during application runtime.  It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine the permission revocation of Roesner in the system of Wang in view of Faaborg in order to allow applications to access resources using permissions that are narrowly tailored (Roesner ¶ 13) and revocable, thereby not granting permissions indefinitely (Roesner ¶¶ 83 and 155) after the user’s intended use has been accomplished.


Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. See PTO-892, particularly:
Thangaraju, “Fail Safe Port Allocation for Linux Device Drivers” describes checking and requesting for exclusive access to hardware devices. 
                                                                                                                                                            
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to MICHAEL W CHAO whose telephone number is (571)272-5165. The examiner can normally be reached M, W-F 8-5.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Saleh Najjar can be reached on (571) 272-4006. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/MICHAEL W CHAO/Examiner, Art Unit 2492