Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION
1. This is in response to the arguments filed on 05/17/2022.
2. Claims 1-20 are pending in the application.
3. Claims 1-20 have been rejected.
Response to Arguments
4.	Applicant's arguments with respect to claims 1-20 have been considered but are moot in view of the new ground(s) of rejection. 
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

5.	Claims 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over D’Errico et al hereafter D’Errico (US pat. App. Pub. 20180218148) and in view of Phillip Starek et al hereinafter Starek (Intl. Pub. WO 00/03320) and in further view of Joshi et al hereafter Joshi (US pat. app. Pub. 20180217996).   
6.	As per claims 1, 8, and 15, D’Errico discloses a method, a device, and non-comprising: determining, by an application container encapsulating an application, an operation state of the application (paragraphs: 12; wherein it emphasizes that  encapsulating an application by a container to determine an operation state); determining, by the application container, based on the operation state of the application, one or more allowable system calls for the application (paragraphs: 15, 32; wherein it elaborates determine by the container allowable system calls for the application based on operation state); and restricting, by the application container, one or more system calls (paragraphs: 13-14, and 49; wherein it describes non-allowing some system call by the container). Although, D’Errico discloses non-allowing some system call by the container which is easily understandable by any ordinary skill in the art that those non-allowable system calls are different from allowable system call. He does not specifically mention restricting one or more system calls distinct from the one or more allowable system calls. However, in the same field of endeavor, Starek discloses restricting one or more system calls distinct from the one or more allowable system calls (pages: 3, and 6-7).
Accordingly, it would been obvious to one of ordinary skill in the network security art before the effective filing date of the claimed invention to have incorporated Starek’s teachings of restricting one or more system calls distinct from the one or more allowable system calls with the teachings of D’Errico, for the purpose of effectively protecting system call from unauthorized intruders.  
D’Errico does not specifically mention one filter identifies the one or more allowable system calls. However, in the same field of endeavor, Joshi discloses at least one filter associated with the operation state, wherein the at least one filter identifies the one or more allowable system calls; and restricting, by the application container, based on the at least one filter, one or more other system calls distinct from the one or more allowable system calls (paragraphs: 6-8, 21-25, and 28-29). 
Accordingly, it would been obvious to one of ordinary skill in the network security art before the effective filing date of the claimed invention to have incorporated Joshi’s teachings of one filter associated with the operation state, wherein the at least one filter identifies the allowable system calls; and restricting by the application container based on the at least one filter other system calls distinct from the allowable system calls with the teachings of D’Errico, for the purpose of effectively blocking the illegitimate system call from accessing the system resources.  
5.	As per claim 2, D’Errico discloses the method, wherein the at least one filter comprises a plurality of system calls required for the operation state (paragraphs: 15, 36).
6.	As per claim 3, D’Errico discloses the method, wherein the plurality of system calls is associated with one or more previous executions of the application (paragraphs: 19, 41).
7.	As per claim 4, D’Errico discloses the method comprising: identifying, based on a source code of the application, the plurality of system calls, wherein the plurality of system calls comprises the one or more allowable system calls for the application; and generating, based on the plurality of system calls, the at least one filter (paragraphs: 14, 51).
8.	As per claim 5, D’Errico discloses the method, wherein the operation state is one of a plurality of operation states, each operation state of the plurality of operation states corresponding to a respective one or more allowable system calls, and wherein determining the one or more allowable system calls comprises determining, as the one or more allowable system calls, the respective one or more allowable system calls corresponding to the operation state of the application (paragraphs: 23, 44, 48).
9.	As per claim 6, D’Errico discloses the method, wherein the operation state comprises a first operation state wherein the one or more allowable system calls comprise a first one or more allowable system calls for the application, and the method further comprises: determining, by the application container, a second operation state of the application; determining, by the application container, based on the second operation state of the application, a second one or more allowable system calls for the application; and restricting, by the application container, one or more system calls distinct from the second one or more allowable system calls (paragraphs: 20, 35, 52).
10.	As per claim 7, D’Errico discloses the method, wherein the operation state comprises a boot-up operation state, an execution operation state, or a shut-down operation state (paragraphs: 24, 34).
11.	 Claims 9-14 and 16-20 are listed all the same elements of claims 2-7. Therefore, the supporting rationales of the rejection to claims 2-7 apply equally as well to claims 9-14 and 16-20. 
Citation of References
12. The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. The following references are cited but not been replied upon for this office action: 
Moore et al (US pat. app. Pub. 20150040216): discusses initializing, by a process spawned by a kernel of an operating system running on a computer system, a system call filter inhibiting at least one type of application binary interface (ABI) calls; receiving a system call issued by a user space program executed by the computer system; intercepting the system call by the system call filter; determining that the system call is disabled by the system call filter; and performing a pre-determined action with respect to the system call.  
Karp et al (US pat. 7596694): elaborates that accessing an application, the application making a system call to a library of a computer system for a resource, establishing a requesting thread. The method further includes the library sending a request message to a local security filter; the local security filter validating the requesting thread and returning a digital signature, that uniquely identifies the requesting thread, to the application. The application making a system call to a kernel of the computer system wherein the kernel uses the digital signature from the security filter to validate the requesting thread before allowing access to the requested resource.   
Conclusion

14.	Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Mohammad W. Reza whose telephone number is 571-272-6590.  The examiner can normally be reached on M-F (9:00-5:00).
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Shewaye Gelagay can be reached on 571-272-4219.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).
/MOHAMMAD W REZA/Primary Examiner, Art Unit 2436