DETAILED ACTION
 The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

2.
Information Disclosure Statement
The Information Disclosure Statement (IDS) submitted on 04/01/2021 are in compliance with the provisions of 37 CFR 1.97, 1.98, and MPEP § 609. they have been placed in the application file, and the information referred to therein has been considered as to the merits.

3.
Terminal Disclaimer
The terminal disclaimer, filed on 08/12/2022 for later Application No. 17/220,773 has been approved

4.
Examiner’s Amendments







1. 	(Currently amended) A computer-implemented method for managing [[the]] loading of sensitive modules, comprising: 
based on an application action, scanning a module to obtain module attributes; generating a sensitivity level of the module based on the module attributes; 
analyzing a computing environment of the application to generate trust attributes and, based on the trust attributes, generating a trust level; and 
determining whether to prevent access by the application to the module based on the sensitivity level and the trust level; 
when the determination is to prevent access, blocking access to the module; and 
when the determination is to not prevent access, determining whether to query a user to prevent access by the application to the module;
 when the determination is to query the user; querying the user by presenting to the user at least one of:
 the sensitivity level and the trust level, when receiving a response from the user to prevent access, blocking access to the module, when receiving a response from the user is to not prevent access, accessing the module by the application, when the determination is to not query the user, accessing the module by the application.  

2. 	(Original) The computer-implemented method of claim 1, wherein the application action comprises attempting to execute the module, load the module, or access the module.  

3. 	(Currently amended) The computer-implemented method of claim 1, wherein scanning the module comprises identifying one or more files associated with the module, the one or more files comprising an executable file, an object code file, or dynamic link libraries.  

4. 	(Original) The computer-implemented method of claim 1, wherein generating a sensitivity level of the module based on the module attributes comprises categorizing the module attributes into one of a group of predefined sensitivity levels.  

5.	(Currently amended)  The computer-implemented method of claim 1, wherein the sensitivity level comprises a range of sensitivity level values from a low sensitivity level to a high sensitivity level and the trust level comprises a range of trust level values from a low trust level to a high trust level and determining whether to prevent access by the application to the module based on the sensitivity level and the trust level comprises: cross-correlating [[the]]a sensitivity level value of the range of the sensitivity level values to [[the]]a trust level value of the range of the trust level values to arrive at a combined sensitivity and trust level combination and basing whether to prevent access to the module by the application on the sensitivity and the trust level combination.  

6. 	(Original) The computer-implemented method of claim 1, further comprising: 
upon accessing the module, determining whether to monitor the application, when the determination is to monitor the application, analyzing activity of the application; 
terminating the application; and 
sending security information to a security server; 
when the determination is to not monitor the application, sending security information to the security server.  

7.	(Original) The computer-implemented method of claim 6, wherein analyzing activity of the application comprises analyzing a plurality of application function calls and, sending security information to the security server comprises: 
sending environmental attributes, security attributes, security levels, trust attributes, application activity, or module activity to the security server, the security server determining whether to update the security information.  

8. 	(Currently amended) A system for managing [[the]] loading of sensitive modules, comprising: 
a processor; a computer storage device in electronic communication with the processor, the computer storage device storing instructions that, when executed by the processor, perform a method of: 
based on an application action, scanning a module to obtain module attributes; 
generating a sensitivity level of the module based on the module attributes; 
analyzing a computing environment of the application to generate trust attributes and, based on the trust attributes, generating a trust level; and 23Attorney Docket No.Patent Application OPEN8100-2Customer No. 109422 
determining whether to prevent access by the application to the module based on the sensitivity level and the trust level; 
when the determination is to prevent access, blocking access to the module; and when the determination is to not prevent access, determining whether to query a user to prevent access by the application to the module; 
when the determination is to query the user; querying the user by presenting to the user at least one of: 
the sensitivity level and the trust level, when receiving a response from the user to prevent access, blocking access to the module, when receiving a response from the user is to not prevent access, accessing the module by the application, when the determination is to not query the user, accessing the module by the application.  

9. 	(Original) The system of claim 8, wherein the application action comprises attempting to execute the module, load the module, or access the module.  

10. 	(Currently amended) The system of claim 8, wherein scanning the module comprises identifying one or more files associated with the module, the one or more files comprising an executable file, an object code file, or dynamic link libraries.  

11. 	(Original) The system of claim 8, wherein generating a sensitivity level of the module based on the module attributes comprises categorizing the module attributes into one of a group of predefined sensitivity levels.  

12. 	(Currently amended) The system of claim 8, wherein the sensitivity level comprises a range of sensitivity level values from a low sensitivity level to a high sensitivity level and the trust level comprises a range of trust level values from a low trust level to a high trust level and determining whether to prevent access by the application to the module based on the sensitivity level and the trust level comprises: cross-correlating [[the]] a sensitivity level value of the range of sensitivity level values to [[the]] a trust level value of the range of trust level values to arrive at a combined sensitivity and trust level combination and basing whether to prevent access to the module by the application on the sensitivity and the trust level combination.  

13. 	(Original) The system of claim 8, further comprising: 
upon accessing the module, determining whether to monitor the application, when the determination is to monitor the application, analyzing activity of the application; 
terminating the application; and 
sending security information to a security server; 
when the determination is to not monitor the application, sending security information to the security server.  

14. 	(Original) The system of claim 13, wherein analyzing activity of the application comprises analyzing a plurality of application function calls and, sending security information to the security server comprises: 
sending environmental attributes, security attributes, security levels, trust attributes, application activity, or module activity to the security server, the security server determining whether to update the security information.  

15. 	(Currently amended) A computer storage device storing instructions that, when executed, are capable of performing a method for managing [[the]] loading of sensitive modules, the method comprising: 
based on an application action, scanning a module to obtain module attributes; 
generating a sensitivity level of the module based on the module attributes; 
analyzing a computing environment of the application to generate trust attributes and, based on the trust attributes, generating a trust level; and 
determining whether to prevent access by the application to the module based on the sensitivity level and the trust level; 
when the determination is to prevent access, blocking access to the module; and 
when the determination is to not prevent access, determining whether to query a user to prevent access by the application to the module; 
when the determination is to query the user; querying the user by presenting to the user at least one of: 
the sensitivity level and the trust level, when receiving a response from the user to prevent access, blocking access to the module,25Attorney Docket No.Patent ApplicationOPEN8100-2Customer No. 109422 when receiving a response from the user is to not prevent access, accessing the module by the application, when the determination is to not query the user, accessing the module by the application.  

16. 	(Original) The computer storage device of claim 15, wherein the application action comprises attempting to execute the module, load the module, or access the module. 
 
17.	(Currently amended)  The computer storage device of claim 15, wherein scanning the module comprises identifying one or more files associated with the module, the one or more files comprising an executable file, an object code file, or dynamic link libraries.  

18. 	(Currently amended) The computer storage device of claim 15, wherein the sensitivity level comprises a range of sensitivity level values from a low sensitivity level to a high sensitivity level and the trust level comprises a range of trust level values from a low trust level to a high trust level and determining whether to prevent access by the application to the module based on the sensitivity level and the trust level comprises: 
cross-correlating [[the]] a sensitivity level value of the range of the sensitivity level values to [[the]] a trust level value of the range of the trust level values to arrive at a combined sensitivity and trust level combination and basing whether to prevent access to the module by the application on the sensitivity and the trust level combination.  

19. 	(Original) The computer storage device of claim 15, further comprising: 
upon accessing the module, determining whether to monitor the application, when the determination is to monitor the application, analyzing activity of the application; 
terminating the application; and sending security information to a security server; 
when the determination is to not monitor the application, sending security information to the security server.  

20. 	(Original) The computer storage device of claim 19, wherein analyzing activity of the application comprises analyzing a plurality of application function calls and, sending security information to the security server comprises: 26Attorney Docket No.Patent Application OPEN8100-2Customer No. 109422 
sending environmental attributes, security attributes, security levels, trust attributes, application activity, or module activity to the security server, the security server determining whether to update the security information.




5.
Allowable Subject Matter
Claims 1, 3, 5, 8, 10, 12, 15, and 17-18 are amended, and claims 1-20 are allowed. No reason for allowance is needed as the record is clear in light of the above examiner’s amendments.



According to MPEP 1302.14 (I): “In most cases, the examiner’s actions and the applicant’s replies make evident the reasons for allowance, satisfying the “record as a whole” proviso of the rule. This is particularly true when applicant fully complies with 37 CFR 1.111 (b) and (c) and 37 CFR 1.133(b). Thus, where the examiner’s actions clearly point out the reasons for rejection and the applicant’s reply explicitly presents reasons why claims are patentable over the reference, the reasons for allowance are in all probability evident from the record and no statement should be necessary.”
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”


Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to AYOUB ALATA whose telephone number is (313)446-6541.  The examiner can normally be reached on Monday - Friday 7:30 - 5:00 Est.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jung (Jay) Kim can be reached on (571)272-3804.  The fax phone number for the organization where this application or proceeding is assigned is (571)273-8300. 
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/AYOUB ALATA/Primary Examiner, Art Unit 2494