DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant’s submission filed on 5/27/2022 has been entered.

Claims 1-15 are presented for examination. Claims 1, 4, 7 and 9-15 have been amended.
Applicant’s amendments to the claims have overcome 112(b) rejections previously set forth in the Final Office Action mailed 12/27/2021.

Examiner Notes
Examiner cites particular columns, paragraphs, figures and line numbers in the references as applied to the claims below for the convenience of the applicant. Although the specified citations are representative of the teachings in the art and are applied to the specific limitations within the individual claim, other passages and figures may apply as well. It is respectfully requested that, in preparing responses, the applicant fully consider the references in entirely as potentially teaching all or part of the claimed invention, as well as the context of the passage as taught by the prior art or disclosed by the examiner.

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.


Claims 1-8 and 14-15 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter.  

Regarding to Claim 1, Claim 1 is a method claim and recite steps/actions to be performed mentally (like evaluation, judgement, opinion) or with a pen or paper; those steps/actions are “identifying, based on the bit string and … a list of capabilities of the process, wherein each capability … on the kernel object”, “determining whether the process has permission to perform … identified by the second bit string” and “in response to determining the process has permission to perform the operation, allowing the operation on the kernel object to be performed”. Steps/actions performed mentally or with a pen or paper have been found by the courts to be abstract (note: the last limitation “in response to determining the process has permission to perform the operation, allowing the operation on the kernel object to be performed” is written in conditional language, and thus “the broadest reasonable interpretation of a method (or process) claim having contingent limitations requires only those steps that must be performed and does not include steps that are not required to be performed because the condition(s) precedent are not met”, i.e., this last limitation is not necessary to be interpreted within the BRI of the claimed invention. Examiner rejected this limitation for the purpose of compact prospection). 
The additional limitations like “a kernel of an operating system”, “a computing system” are merely using a computer or computing components to perform the abstract ideas. The additional limitation “receiving a system call from a process requesting to perform an operation on a kernel object” based on lines 4-6 of Claim 1, i.e., “wherein the system call comprises an object handle to the kernel object, the object handle comprising an object type of the kernel object and specifying a bit string, wherein the object type is represented by a second bit string”, is cited at a high level of generality, i.e., as a general means of gathering command data for use in the identify and determining steps and amounts to mere data gathering, which is a form of insignificant extra-solution activity. Such two types of additional limitations are not indicative of integration of the abstract into a practical application for the claim as a whole. In this way, the claim is directed to abstract idea at step 2A analysis of 2019 PEG.
For step 2B analysis of 2019 PEG, as explained above, the additional limitations like “a kernel of an operating system”, “a computing system” are merely using a computer or computing components to perform the abstract ideas and the receiving step is merely data gathering. In addition, the receiving step is simply appending well-understood, routine, conventional activity previously known to the industry, specified at a high level of generality, to the judicial exception. The following publications can be used as evidences for such well-understood, routine, conventional activity. [0033] and [0041] from Yuan et al. (US 20060288261 A1). [0043]-[0045] from Jung et al. (US 20110145918 A1). Lines 18-31 of col. 6 from Backensto et al. (US 8281317 B1). [0048], [0052], [0138], [0169] and [0173] from Durham et al. (US 20200125501 A1), [0009] and [0013] from Ylonen (US 20090327377 A1-a prior art reference cited previously). [0013] from Barraclough et al. (US 20130205286 A1-a prior art reference cited previously). [0024] from Pizlo et al. (US 20190272159 A1-a prior art reference cited previously). Lines 10-26 of col. 17 from Munroe et al. (US 6493816 B1). 
In this way, the two types of additional limitations mentioned above are not indicative of an inventive concept for the claim as a whole.
Thereby, Claim 1 is rejected under 35 U.S.C. 101 because the claimed invention is directed to a judicial exception (i.e., a law of nature, a natural phenomenon, or an abstract idea) without significantly more.

Claims 2-8 are rejected for failing to cure the deficiency from their respective parent claim by dependency.
In addition, for Claims 2-3 and 6-8, the limitations from each of the claims are only further specifying some content of the abstract idea, such limitation does not change the nature of the abstract idea. Thereby, each of Claims 2-3 and 6-8 is rejected under 35 U.S.C. 101 because the claimed invention is directed to a judicial exception (i.e., a law of nature, a natural phenomenon, or an abstract idea) without significantly more.

In addition, similar to Claim 1, limitations “identifying based on the second object type … determining whether the process … in response … to be performed” from Claim 4 are steps/actions to be considered as abstract idea; the additional limitations are neither indicative of integration of the abstract into a practical application for the claim as a whole nor indicative of an inventive concept for the claim as a whole. Thereby, Claim 4 is rejected under 35 U.S.C. 101 because the claimed invention is directed to a judicial exception (i.e., a law of nature, a natural phenomenon, or an abstract idea) without significantly more.
In addition, the limitation from Claim 5 is only further specifying some content of the abstract idea, such limitation does not change the nature of the abstract idea. Thereby, Claim 5 is rejected under 35 U.S.C. 101 because the claimed invention is directed to a judicial exception (i.e., a law of nature, a natural phenomenon, or an abstract idea) without significantly more.

Regarding to Claim 14, Claim 14 is a product claim recites similar steps/actions performed by the method Claim 1, and thus Claim 14 also recites abstract ideas of steps/actions to be performed mentally (like evaluation, judgement, opinion) or with a pen or paper (i.e., limitations of “identify, based on … on the kernel object”, “determine whether …. By the second bit string” and “in response to … to be performed”).
The additional limitations like “computer-readable non-transitory storage media” is merely using computing components to perform the abstract ideas. The additional limitation “receive a system call from a process requesting to perform an operation on a kernel object” based on lines 4-6 of Claim 14, i.e., “wherein the system call comprises an object handle to the kernel object, the object handle comprising an object type of the kernel object and specifying a bit string, wherein the object type is represented by a second bit string”, is cited at a high level of generality, i.e., as a general means of gathering command data for use in the identify and determining steps and amounts to mere data gathering, which is a form of insignificant extra-solution activity. As same as explained at the rejection of Claim 1 above, such two types of additional limitations are not indicative of integration of the abstract into a practical application for the claim as a whole. In this way, the claim is directed to abstract idea at step 2A analysis of 2019 PEG.
Thereby, Claim 14 is rejected under 35 U.S.C. 101 because the claimed invention is directed to a judicial exception (i.e., a law of nature, a natural phenomenon, or an abstract idea) without significantly more.

Regarding to Claim 15, Claim 15 is a system claim recites similar steps/actions performed by the method Claim 1, and thus Claim 15 also recites abstract ideas of steps/actions to be performed mentally (like evaluation, judgement, opinion) or with a pen or paper (i.e., limitations of “identify, based on … on the kernel object”, “determine whether …. By the second bit string” and “in response to … to be performed”).
The additional limitations like “one or more processors”, “a non-transitory memory” are  merely using computing components to perform the abstract ideas. The additional limitation “receive a system call from a process requesting to perform an operation on a kernel object” based on lines 5-7 of Claim 15, i.e., “wherein the system call comprises an object handle to the kernel object, the object handle comprising an object type of the kernel object and specifying a bit string, wherein the object type is represented by a second bit string”, is cited at a high level of generality, i.e., as a general means of gathering command data for use in the identify and determining steps and amounts to mere data gathering, which is a form of insignificant extra-solution activity. As same as explained at the rejection of Claim 1 above, such two types of additional limitations are not indicative of integration of the abstract into a practical application for the claim as a whole. In this way, the claim is directed to abstract idea at step 2A analysis of 2019 PEG.
Thereby, Claim 15 is rejected under 35 U.S.C. 101 because the claimed invention is directed to a judicial exception (i.e., a law of nature, a natural phenomenon, or an abstract idea) without significantly more.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

Claims 1-2, 4-5, 8 and 14-15 are rejected under 35 U.S.C. 103 as being unpatentable over Anderson et al. (US PGPUB 20180121665 A1, hereafter Anderson) in view of Buchanan et al. (US PGPUB 20120011153 A1, hereafter Buchanan), Ylonen (US PGPUB 20090327377 A1) and Pizlo (US PGPUB 20190272159 A1).
Anderson, Buchanan, Ylonen and Pizlo were cited on the previous office action.

Regarding to Claim 1, Anderson discloses: A method comprising, by a kernel of an operating system executing on a computing system (see Figs. 3, 7 and [0031]):
receiving a system call from a process requesting to perform an operation on a kernel object (see Fig. 3 and [0029]; “The user application 304, executing in the context of a first user, may call into a system library 306, such as an application programming interface (API) or C library requesting access to one or more files. The system library 306 may then make a system call to a system call interface 312. The user application 304 may also directly make system calls to the system call interface 312. The system call interface 312, executing in kernel space 310, processes the system call”), 
identifying, based on the bit string and the object type, a list of capabilities of the process, wherein each capability in the list indicates whether the process has permission to perform a predetermined operation on the kernel object (see [0033] and [0035]; “The file permissions check module 320 obtains the application's real or elevated authority and accesses file permissions information to perform functions necessary to verify that the application 304 has sufficient permissions to access the file”, “For example, Unix style file permissions may be stored as 9 bits of information along with the file indicating which three actions (read, write, and execute) may be performed by which three groups (user, group, other)” and “In checking the permissions on a file, the file permissions check module 320 obtains file permissions information”, emphasis added. Also see column 406 of Fig. 4, there are at least two different types of system objects, file and call, and thus the particular file name/indication like FILEA or FILEB as shown by column 406 also indicates the type of system object);
determining whether the process has permission to perform the operation on the kernel object by comparing the operation to the list of capabilities corresponding to the object type of the kernel object (see [0033]-[0035]; “to perform functions necessary to verify that the application 304 has sufficient permissions to access the file” and “permissions for a file are checked whenever there is an action performed on the file. For example, if a file is opened for reading, the file permission check module 320 performs a check to verify the user has read permissions on the file”); and
in response to determining the process has permission to perform the operation, allowing the operation on the kernel object to be performed (see [0032]-[0034]; “determines whether to allow the application to perform file operations on the file based on the authority of the application, such as the user, group, or other authority, and the permissions on the file, and this determination may be made by the file permission check module 320 of the kernel 314”).

Anderson does not disclose: wherein the system call comprises an object handle to the kernel object, the object handle comprising an object type of the kernel object and specifying a bit string, wherein the object type is represented by a second bit string (and thus the identifying step is based on the bit string and the second bit string indicative of the object type, a list of capabilities of the process corresponding to the object type of the kernel object identified by the second bit string and the determining step is performed by comparing the operation to the list of capabilities corresponding to the object type of the kernel object identified by the second bit string).
However, Buchanan discloses: it is well-known that a system call comprises an object handle to the kernel object (see [0198]; “NtCreateFile system call accepts 11 parameters, which include a file handle, object attribute, share access, and so on”. Also see [0196]; “each system call is classified according to a category which provides a core service … The following service categories are available: … THREAD (for the manipulation of thread objects); PROCESS (for the manipulation of process objects) … FILE (Provides for the creation and manipulation of file objects)”). 
It would have been obvious to one with ordinary skill, in the art before the effective filing date of the claim invention, to modify the system call request from Anderson by including the system call request having object handle from Buchanan, since it would provide a resource/object handle is a well-known and understood data having identification information to the requested resource/object and then including such resource/object handle for a request to the corresponding resource/object would help the system to identify/reference the requested resource/object.

In addition, Ylonen discloses: it is well-known that an object handle or pointer comprising an object type information of an object that the object handle or pointer refer to, wherein the object type is represented by a second bit string (see [0013]; “In this disclosure, the term "pointer" (or "reference") is intended to mean any kind of reference between objects, without restricting it to an actual memory address. The pointer could also comprise tag bits to indicate the type of the pointed object”, emphasis added. Note: it is well-known and understood to one with ordinary skill in the art that the claimed object handle is also an object pointer, see [0002] from Applicant’s specification as technical support).
It would have been obvious to one with ordinary skill, in the art before the effective filing date of the claim invention, to modify the object handle from the combination of Anderson and Buchanan by including an object handle or pointer includes bit information that indicates the type of the pointed object from Ylonen, since it is well-known and understood to integrate the object type information to object handle or pointer to enhance the context of the object handle or pointer (see [0013] from Ylonen).

Furthermore, Pizlo discloses: it is well-known that an object handle or pointer specifying a bit string information for an object that the object handle or pointer refer to (see [0024]-[0025]; “256-bit capability pointer is that compiled object files using such pointers” and “The geometric 64-bit capability pointer can also include a set of bits that define permissions, which can be used to restrict the type of memory accesses that can be performed using the 64-bit capability pointe”).
It would have been obvious to one with ordinary skill, in the art before the effective filing date of the claim invention, to modify the object handle from the combination of Anderson, Buchanan and Ylonen by including an object handle or pointer includes bit information that define permissions for the pointed object from Pizlo, and thus the combination of Anderson, Buchanan, Ylonen and Pizlo would discloses the missing limitations from Anderson, since it is well-known and understood to integrate the access/process permission information to object handle or pointer to enhance the context of the object handle or pointer without an increase in the footprint of objects (see [0025] from Pizlo).

Regarding to Claim 2, the rejection of Claim 1 is incorporated and further the combination of Anderson, Buchanan, Ylonen and Pizlo discloses: wherein the kernel object is one of a thread, a process, or an interrupt (see [0196] from Buchanan; “each system call is classified according to a category which provides a core service … The following service categories are available: … THREAD (for the manipulation of thread objects); PROCESS (for the manipulation of process objects) … FILE (Provides for the creation and manipulation of file objects)”. At the combination system, the kernel object can be requested/called would further include thread object and process object).

Regarding to Claim 4, the rejection of Claim 1 is incorporated and further the combination of Anderson, Buchanan, Ylonen and Pizlo discloses:
receiving a second system call from the process requesting to perform a second operation on a second kernel object, wherein the second system call comprises a second object handle to a second kernel object (see Fig. 3, [0029] from Anderson, [0198] from Buchanan. Also see Fig. 4 from Anderson and [0196] from Buchanan. Fig. 4 from Anderson shows there are different system call from same process/application requesting to perform operation on a second kernel object, such as the group of requesting object FILEA by PROGRAM1 and request CALL process by PROGRAM 1, the group of requesting object FILEX by PROGRAM 6, requesting object FILE3 by PROGRAM6 and requesting FILE4 by PROGRAM6. [0196] from Buchanan shows there are multiple different types of core services can be requested by different system calls, and thus it is reasonable for a same user process/application made different system calls to requests different objects from different core services), the second object handle comprising a second object type and specifying a third bit string (see [0013] from Ylonen and [0025] from Pizlo. Based on the explanation above, since the second requested object/resource/service for this second system call can be different from the first requested object/resource/service, then similar to the first object handle for the first system call to perform first operation on the first kernel object, such second object handle should also include the object type information indicating the type information and specifying a bit string related to capability or permission information for the second kernel object);
identifying, based on the second object type and the third bit string, a second list of capabilities of the process; determining whether the process has permission to perform a second operation on the second kernel object by comparing the second operation to the second list of capabilities; and in response to determining the process has permission to perform the second operation, allowing the second operation on the second kernel object to be performed (see [0032]-[0035] from Anderson, rejection of Claim 1 and the analysis of the previous limitation. The combination system would perform similar steps as performing the permission check on the first requested object for the second requested object/resource/service).

Regarding to Claim 5, the rejection of Claim 5 is incorporated and further the combination of Anderson, Buchanan, Ylonen and Pizlo discloses: wherein the object type is different from the second object type, and wherein the list of capabilities for the object type is different from the second list of capabilities for the second object type (see Fig. 4 from Anderson and [0196] from Buchanan. Fig. 4 from Anderson shows object type for requesting object FILEA by PROGRAM1 is different from the object type for requesting CALL process by PROGRAM 1. In addition [0196] from Buchanan also shows there are at least thread type object, process type object and file type object can be requested by system calls. In addition, since the first requested object and the second requested object are different types of objects, then the first list of capabilities for the first requested object type is different from the second list of capabilities for the second requested object type. Note: even the values of two bit strings for the first object type and the second object type are identical, the meaning or representation of the list of capabilities is the permission of accessing to the corresponding object, and thus they are different).

Regarding to Claim 8, the rejection of Claim 1 is incorporated and further the combination of Anderson, Buchanan, Ylonen and Pizlo discloses: wherein the operation comprises one of a suspend operation, a resume operation, a query operation, or a terminate operation (see Fig. 21 and [0196] from Buchanan; “OBJECT (Object system services perform operations on general system objects. For example, querying and setting object attributes, such as handle or name information)”, emphasis added. Fig. 21 at least shows there is at least some system calls are performing a query operation related to the file type object).

Regarding to Claim 14, Claim 14 is a product claim corresponds to method Claim 1 and is rejected for the same reason set forth in the rejection of Claim 1 above.

Regarding to Claim 15, Claim 15 is a system claim corresponds to method Claim 1 and is rejected for the same reason set forth in the rejection of Claim 1 above.

Claims 3 and 9-13 are rejected under 35 U.S.C. 103 as being unpatentable over Anderson et al. (US PGPUB 20180121665 A1, hereafter Anderson) in view of Buchanan et al. (US PGPUB 20120011153 A1, hereafter Buchanan), Ylonen (US PGPUB 20090327377 A1) and Pizlo (US PGPUB 20190272159 A1) and further in view of Havens et al. (US Patent 7665143 B2, hereafter Havens).
Anderson, Buchanan, Ylonen, Pizlo and Havens were cited on the previous office action.

Regarding to Claim 3, the rejection of Claim 1 is incorporated, the combination of Anderson, Buchanan, Ylonen and Pizlo does not disclose: wherein the object handle is generated by the kernel for the process when the kernel object is generated.
However, Havens discloses: wherein the object handle is generated by the kernel for the process when the kernel object is generated (see lines 64-67 of col. 5 and lines 13-15 of col. 16; “the kernel can construct a complete executable process and simply return handles to the new process and associated thread”, “whether the parent process' standard handles should ever be duplicated the child and if so the conditions under which the duplication should be performed”).
It would have been obvious to one with ordinary skill, in the art before the effective filing date of the claim invention, to modify the resource/object handle for the system call request from the combination of Anderson, Buchanan, Ylonen and Pizlo by including generating a handle for an new object that was just created from Havens, since it would provide a corresponding handle for each existing object with sharing handle with other objects. 

Regarding to Claim 9, the rejection of Claim 1 is incorporated, the combination of Anderson, Buchanan, Ylonen and Pizlo does not disclose:
duplicating the object handle to generate a second object handle to pass to a second process;
allocating a second memory space to the kernel for a second data associated with the second object handle; and
sending, to the second process, the second object handle.

However, Havens discloses: duplicating the object handle to generate a second object handle to pass to a second process (see lines 65-2 of cols 1-2, lines 19-22 of col. 2, liens 64-67 of col. 5, lines 13-15 of col. 16; “a process can invoke the operating system to create a new process; the latter is often called a child process and the initiating process is sometimes referred to as its parent. A child process may be a replica of the parent process”, “Handles to system resources may optionally be propagated to a child process”, “the kernel can construct a complete executable process and simply return handles to the new process and associated thread” and  “whether the parent process’ standard handles should ever be duplicated the child”, emphasis added);
allocating a second memory space to the kernel for a second data associated with the second object handle (see steps 406 and 410 of Fig. 4, Fig. 5; lines 2-33 of col. 17; “Creating the process object typically comprises a number of tasks, including creating the process's primary access token”, “Other process creation tasks include: initializing the process handle table, creating the initial process address space … mapping the image into the address space and setting up the process environment block”, “allocates a thread stack (in kernel mode) for the new process”); and
sending, to the second process, the second object handle (see lines 30-33 of col. 17; “The kernel returns handles to the newly created process and thread objects with access as defined by the access table above 516”).
It would have been obvious to one with ordinary skill, in the art before the effective filing date of the claim invention, to modify the resource/object handle for the system call request from the combination of Anderson, Buchanan, Ylonen and Pizlo by including generating a handle for an new object that was just created from Havens, and furthermore the combination of Anderson, Buchanan, Ylonen, Pizlo and Havens would disclose: wherein the second data identifies the object type of the kernel object and specifies a third bit string (see [0033] from Anderson, at the combination system, the access token or the access permission information at the combination system would include object type and permission right bit string, and thus the allocating memory space to create the second process would include allocating memory space and creating the access token information including the object type and permission right bit string of the second process),  since it would provide a corresponding handle for each existing object with sharing handle with other objects. 

Regarding to Claim 10, the rejection of Claim 9 is incorporated and further the combination of Anderson, Buchanan, Ylonen, Pizlo and Havens discloses: modifying the third bit string associated with the second object handle, wherein the third bit string corresponds to a second list of capabilities of the second process (see step 516 of Fig. 5 and lines 31-36 of col. 17 from Havens; “the actual access granted is the reduced set if the creator is a non secure process and the new process is a secure one, else the creator is granted full access”. Also see [0033] from Anderson, at the combination system, the access permission information at the combination system is represent via bit string format, and thus the actual access granted in a reduced access rights or full access rights would require modify the bit string associated with the new process).

Regarding to Claim 11, the rejection of Claim 10 is incorporated and further the combination of Anderson, Buchanan, Ylonen, Pizlo and Havens discloses: wherein modifying the third bit string associated with the second object handle comprises reducing the amount of permissions to perform operations on the kernel object (see the rejection of Claim 10 and lines 31-36 of col. 17 from Havens; ““the actual access granted is the reduced set if the creator is a non secure process”. Granting a reduced or partial access right is reducing the amount of permissions to perform operations).

Regarding to Claim 12, the rejection of Claim 10 is incorporated and further the combination of Anderson, Buchanan, Ylonen, Pizlo and Havens discloses: wherein modifying the third bit string associated with the second object handle comprises increasing the amount of permissions to perform operations on the kernel object (see the rejection of Claim 10 and lines 31-36 of col. 17 from Havens; “the new process is a secure one, else the creator is granted full access”. Granting full access right is increasing the amount of permissions to perform operations).

Regarding to Claim 13, the rejection of Claim 10 is incorporated and further the combination of Anderson, Buchanan, Ylonen, Pizlo and Havens discloses: wherein modifying the third bit string associated with the second object handle is based on identifying one or more operations the second process requires to function (see rejection of Claim 10, steps 404-408 and steps 404-412 of Fig. 4, lines 31-36 of col. 17 from Havens; “the actual access granted is the reduced set if the creator is a non secure process and the new process is a secure one, else the creator is granted full access”. Based on creating the second process as secure process or not to modify the third bit string in order to grant full access rights or partial access rights).

Claim 6 is rejected under 35 U.S.C. 103 as being unpatentable over Anderson et al. (US PGPUB 20180121665 A1, hereafter Anderson) in view of Buchanan et al. (US PGPUB 20120011153 A1, hereafter Buchanan), Ylonen (US PGPUB 20090327377 A1) and Pizlo (US PGPUB 20190272159 A1) and further in view of Falkenhainer et al. (US Patent 5930801, hereafter Falkenhainer) and Majee et al. (US Patent 9020912 B1, hereafter Majee).
Anderson, Buchanan, Ylonen, Pizlo, Falkenhainer and Majee were cited on the previous office action.

Regarding to Claim 6, the rejection of Claim 1 is incorporated, the combination of Anderson, Buchanan, Ylonen and Pizlo does not disclose: wherein the object handle comprises one or more of a magic, a generation, and an offset, wherein the magic is a randomly generated number, and wherein the generation is a predetermined number to detect the offset.
However, Falkenhainer discloses: an object handle comprises one or more of a magic, wherein the magic is a randomly generated number (see lines 34-40 of col. 5; “random four-digit numbers are used to illustrate different handles, and the random numbers themselves have no meaning beyond identifying a particular object and file”). 
It would have been obvious to one with ordinary skill, in the art before the effective filing date of the claim invention, to modify the content of the resource/object handle for the system call request from the combination of Anderson, Buchanan, Ylonen and Pizlo by including using randomly generated number to illustrate different object handles from Falkenhainer, since it would provide a more security mechanism to generate identification information for multiple handles via randomly generated numbers without knowing the pattern of the identification information for the handles.

Furthermore, Majee discloses: an object handle comprises a generation, and an offset, and wherein the generation is a predetermined number to detect the offset (see lines 17-21 and 24-25 of col. 6; “the unique identifier for each compressed block includes a file handle or other identifier shared by a plurality of compressed blocks storing compressed data for the same object as well as a start offset and a length value that together uniquely identify each compressed block” and “the start offsets will all be intervals determined by the length value”, emphasis added. The start offset is considered as claimed offset and the length value is considered as generation, the start offset is determined/detected by the length value).
It would have been obvious to one with ordinary skill, in the art before the effective filing date of the claim invention, to modify the content of the resource/object handle for the system call request from the combination of Anderson, Buchanan, Ylonen, Pizlo and Falkenhainer by including a start offset and a length value to the request handle from Majee, since it would provide a well-known mechanism in the computing fields, i.e., offset information and length information of the offset, to locating a piece of data at the memory.

Claim 7 is rejected under 35 U.S.C. 103 as being unpatentable over Anderson et al. (US PGPUB 20180121665 A1, hereafter Anderson) in view of Buchanan et al. (US PGPUB 20120011153 A1, hereafter Buchanan), Ylonen (US PGPUB 20090327377 A1) and Pizlo (US PGPUB 20190272159 A1) and further in view of Zheng et al. (US PGPUB 20200252789 A1, hereafter Zheng).
Anderson, Buchanan, Ylonen, Pizlo and Zheng were cited on the previous office action.

Regarding to Claim 7, the rejection of Claim 1 is incorporated, the combination of Anderson, Buchanan, Ylonen and Pizlo does not disclose: wherein identifying the object type is based on a comparison of the second bit string to a table of bit strings corresponding to a plurality of object types.
However, Zheng discloses: type information of different object/service types can be represented by a [second] bit string, and wherein identifying a particular object/service type is based on a comparison of a bit string of the particular object/service type to a table of bit strings corresponding to a plurality object/service types (see [0085]-[0086]; “The remaining reserved bits may indicate a service type selection” and “detect the information provided in the reserved fields and/or the new field (i.e., one byte) by referring to a look-up table stored in a memory device that includes bit combinations and corresponding meanings”).
It would have been obvious to one with ordinary skill, in the art before the effective filing date of the claim invention, to modify the permission check bits for the system call request from the combination of Anderson, Buchanan, Ylonen and Pizlo by including process of using a look-up table including different bit combinations and corresponding meanings, i.e., bit strings corresponding to a plurality of object type, to determine the representation of a particular bit string from Zheng, since it is well-known and understood that to use a look-up table for the determining the meaning of the bit strings data/information.

Response to Arguments
Applicant’s arguments, filled 5/27/2022, with respect to rejections of Claims 1-15 under 35 U.S.C. 103 have been full considered but they are not persuasive.

Applicant’s arguments at pages 7-8 are summarized as the following:
For independent Claims 1, 14 and 15, “Applicant has made clarifying amendments to Claims 1 and 14-15 to further clarify the distinction between the claims and the cited art. Applicant believes that these amendments obviate the Examiner’s rejections and respectfully requests the Examiner to reconsider” (see 1st paragraph of page 7 from the Remarks).
For dependent Claims 2-13, each of the claims depends on Claim 1, and thus each of Claims 2-13 should be overcame the prior art references based on the same reason as specified by the arguments for Claim 1 (see pages 7-8 from the Remarks).

The examiner respectively disagrees.
First of all, Applicant did not make a specific argument or explanation for how or why the combination of the prior art references, i.e., the combination of Anderson, Buchanan, Ylonen and Pizlo, would not disclose the amended limitations; Applicant only made a conclusion statement saying the amendments would clarify the distinction between the claims and the cited art. Applicant’s such statement is incorrect since the combination of the references do teach the amended limitations. The amended limitations focus on feature of the claimed object type (information) from/of the claimed object handle is represented by a second bit string. The same descriptions from the reference that Examiner used to teach feature of the claimed object type information is also part of the claimed object handle, i.e., reference Ylonen, also disclose such object type information is represented by tag bits, i.e., a bit string, of the object handle. The primary reference Anderson already discloses features of identifying the list of capabilities of the process corresponding to the object type of the kernel object based on the bit string information related to the capabilities and object type information. Thereby, when adding feature of the object handle comprises a second bit string to indicate the object type information into Anderson, the combination would also disclose limitation of “identifying, based on the bit string and the second bit string indicative of the object type, a list of capabilities of the process corresponding to the object type of the kernel object identified by the second bit string”. In this way, the combination of Anderson, Buchanan, Ylonen and Pizlo does discloses the amended limitations from the Claims 1 and 14-15.
The responses to Applicant’s arguments to Claims 2-13 are same set forth for Claim 1 above. Claims 2-13 are also rejected by the same reason as set forth on the corresponding 103 rejection sections above.
Therefore, Claims 1-15 are rejected. 

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Risan (US 7720768 B1) discloses: a particular bit data at a data structure for a copy right holder indicate number of copies allowed (see lines 1-25 of col. 5).
Ohyama (US 20120191984 A1) discloses: by generating the initial value IV by the exclusive OR of the pre-initial value Pre-IV and the offset value offset, dead copy of data can be prevented by changing the offset value for each data encryption device, and strength of security can be increased (see [0050]).
Levy et al. (US 20040091111 A1) discloses: recognizing the content as protected content by reference to the copy protection indicator (see Claim 24).
Campbell et al. (US 20120197795 A1) discloses: an ownership table comprises an offset field that stores an offset value  which is an increment value assigned to the BLOB and is useful for preventing duplicate downloading of the same BLOB (see [0164]).

Any inquiry concerning this communication or earlier communications from the examiner should be directed to ZHI CHEN whose telephone number is (571)272-0805.  The examiner can normally be reached on Monday-Friday 9:30AM-5PM.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Emerson Puente can be reached on (571)272-3652.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


/Zhi Chen/
Patent Examiner, AU2196

/EMERSON C PUENTE/Supervisory Patent Examiner, Art Unit 2196