DETAILED ACTION

Currently pending claims are 1 – 20.

Claim Objection
Claim 1 is objected to because of the following informalities (and Examiner respectfully request to correct as follows): “at least one processor” should be replaced with “at least one hardware processor (or a processor device)” – Examiner notes this is because a computer processor could be a software processor (e.g. a Microsoft WORD processor).  Appropriate correction(s) is (are) required.  // “A computer processor” may include the “software processor” (e.g. a word processor) //


In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  


Claim Rejections - 35 USC § 102

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.


Claims 1 – 6, 8 – 16 & 18 – 20 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Surcouf et al. (U.S. Patent 2019/0020665). 



As per claim 1 & 11, Surcouf teaches an electronic device comprising: 
a communication module (Surcouf: Figure 4 & 3); 
a memory for storing instructions (Surcouf: Figure 4 & 3); and 
at least one processor operably connected to the communication module and the memory, wherein the at least one processor is, by executing the instructions (Surcouf: Figure 4 & 3), configured to:
receive a request for execution of an application programming interface (API) from an application while driving the application (Surcouf: see above & Para [0028] Line 4 – 13: (a) a security agent (i.e. an enforcement agent) receives an API call request during the communcations of application service(s) (or micro-services as one type of applications)) so as to analyze a compliance of associated security policies), 
identify a policy for the API based on data received from a decentralized network through the communication module (Surcouf: see above & Para [0031] Line 9 – 12, Para [0024] and Para [0047] / [0048]: the enforcement agent identifies and determines a security policy for the associated API call request based upon a receiving whitelist (i.e. a list of of allowed/permitted API calls requests), which can be obtained from a de-centralized (distributed) blockchain system (replacing as an alternative of a container orcheschtration engine)), and 
determine whether to execute the API, based on the identified policy for the API (Surcouf: see above & Para [0043] / [0046]: if API is not allowed, the API call is denied and as such, to permit or deny the API call request according to a security policy).  

As per claim 2 – 3 & 12 – 13, Surcouf teaches in case that a request for execution of the application is received, request the data indicating the policy for the API from the decentralized network, and receive the data indicating the policy for the API from the decentralized network (Surcouf: see above & Para [0041] / [0042] and Para [0047] / [0048]: as an alternative, requesting the data indicating the policy for the API from a block-chain network system (i.e. a decentralized network). 

As per claim 4 & 14, Surcouf teaches- 33 -0202-1749 (GM-201909-023-1-US0, SP20198-USIP) in case that a request for execution of the API is received from the application, identify whether the API is a predesignated API (Surcouf: see above & Para [0043] / [0041]: an API request is received from a container application, wherein an API call, that have certain characteristics are acceptable, constitutes a predesignated API for example, regarding its expirary status of the available / valid time period (i.e. whether expired or has not yet expired) – this is consistent with the disclosure of the instant specification (SPEC-PG.PUB: Para [0075]), and 
in response to the identifying of the API as the predesignated API, request the data indicating the policy for the API from the decentralized network (Surcouf: see above & Para [0043] / [0041] / [0042] and Para [0047] / [0048]: requesting the data indicating the policy for the API, from a block-chain network system (i.e. a decentralized network), wherein the data was stored at the local container policy storage).  

As per claim 5 & 15, Surcouf teaches- 33 -0202-1749 (GM-201909-023-1-US0, SP20198-USIP) in case that the API is not identified as the predesignated API, identify, based on data received from the decentralized network before the request for execution of the API, the policy for the execution-requested API (Surcouf: see above & Para [0043] / [0041] / [0042] and Para [0047] / [0048]: as an alternative, if API is not identified as the predesignated API, identify requesting the data indicating the policy for the API, from a block-chain network system (i.e. a decentralized network), wherein the data is subsequently stored at the local container policy storage for later use before the API available / valid time period expired).  

As per claim 6 & 16, Surcouf teaches- 33 -0202-1749 (GM-201909-023-1-US0, SP20198-USIP) data received from the decentralized network based on the request for execution of the application; data received from the decentralized network based on a previous request for execution of the API, received before the request for execution of the API; or a combination thereof (Surcouf: see above & Para [0043] / [0041] / [0042] and Para [0047] / [0048]: (a) based on a previous request since the API available / valid time period has not yet expired and the requesting the data indicating the policy for the API, from a block-chain network system (i.e. a decentralized network), wherein the data was already stored at the local container policy storage by the precious request).  

As per claim 8 & 18, Surcouf teaches- 33 -0202-1749 (GM-201909-023-1-US0, SP20198-USIP) wherein the data received from the decentralized network is based on a result of execution of a smart contract recorded in the decentralized network (Surcouf: see above & Para [0055] Last sentence, Para [0031] and Para [0054]: the enforcement agent can contact the block-chain of the (distributed) decentralized network to activate and execute a smart contract to obtain the data associated with the security policy).  

As per claim 9 & 19, Surcouf teaches- 33 -0202-1749 (GM-201909-023-1-US0, SP20198-USIP) based on the data received from the decentralized network, identify a policy for an address included in the execution-requested API, and determine whether to execute the execution-requested API, based on the identified policy for the address included in the API (Surcouf: see above & Para [0024] and Para [0042]: the authorized API call ID includes the associated IP address, name, or other identifiers).  

As per claim(s) 10 & 20, the claims contain(s) similar limitations to claim(s) 1 – 9 and thus is/are rejected with the same rationale.


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

Claims 7 & 17 are rejected under 35 U.S.C.103 as being unpatentable over Surcouf et al. (U.S. Patent 2019/0020665), in view of O’Doherty et al. (U.S. Patent 7,743,149).  

As per claim 7 & 17, Surcouf teaches- 33 -0202-1749 (GM-201909-023-1-US0, SP20198-USIP) based on the identified policy for the API, identify whether execution of the execution-requested API is allowed, in case that it is identified that execution of the execution-requested API is allowed, execute the execution-requested API, and in case that it is identified that execution of the execution-requested API is not allowed, output a notification indicating that the execution-requested API is not executed, through the display (Surcouf: see above & Para [0043] / [0046]: if API is not allowed, the API call is denied). 
However, Surcouf does not disclose expressly displaying a “disallowed” notification.
 O’Doherty teaches displaying a dis-allowed notification on the display (O’Doherty: Col. 10 Line 21 – 25: executing a security mechanism method If the result of the security mechanism method is "permitted" then continue – otherwise, displaying a security “disallowed” message on the display screen). 
It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention was made to propose the modification of displaying a dis-allowed notification on the display because O’Doherty teaches to alternatively, effectively and securely execute a security mechanism method If the result of the security mechanism method is "permitted" then continue – otherwise, displaying a security “disallowed” message on the display screen (see above) within the Surcouf’s system of using an enforcement agent to identify and determine a security policy for an associated API call request based upon a receiving whitelist (i.e. a list of of allowed/permitted API calls requests) and to permit or deny the 
API call request according to the security policy (see above). 



Any inquiry concerning this communication or earlier communications from the examiner should be directed to LONGBIT CHAI whose telephone number is (571)272-3788. The examiner can normally be reached Monday - Friday 9:00am-5:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn D. Feild can be reached on 571-272-2092. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.










Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



---------------------------------------------------
                  /Longbit Chai/
           Longbit Chai E.E. Ph.D.
    Primary Examiner, Art Unit 2431
                   No. #2339 – 2022
---------------------------------------------------