DETAILED ACTION

Response to Amendment

A response was received on 17 May 2022.  By this response, Claims 1-3, 5, 7, 9-15, and 18-20 have been amended.  No claims have been added or canceled.  The amendments to the claims have been entered.
The amendments to the abstract and specification were not fully compliant with various formal requirements as detailed in the telephonic interview conducted 10 June 2022 (see the interview summary mailed 15 June 2022).  A supplemental reply correcting the issues of non-compliance was received on 15 June 2022 and has been entered as per 37 CFR 1.111(a)(2)(i).
Claims 1-20 are currently pending in the present application.

Response to Arguments

Applicant’s arguments with respect to the rejection of Claims 1-20 under 35 U.S.C. 102(a)(1) (see pages 27-29 of the 17 May 2022 response) have been considered but are moot in view of the new grounds of rejection set forth below.
Applicant's arguments filed 17 May 2022 have been fully considered but they are not persuasive.
Regarding the objection to Figure 1 as requiring a prior art label, Applicant argues that the computing device and memory storing applications and data that are configured to perform or facilitate functions not in the prior art (page 25 of the present response).  However, Applicant does not specify what functions are described or illustrated in Figure 1 that are not in the prior art, and it is noted that the description of Figure 1 in the specification, and particularly the description of the applications 115 and data 116, does not specify what those applications or data may encompass (see paragraph 0024).  Although the specification states that Figure 1 is an example of a computing environment in which embodiments of the invention “may be deployed” (paragraph 0023), there is nothing depicted in the figure or described in the corresponding paragraphs that is not described in the conventional manner (see paragraph 0024).  The description of the system of Figure 1 explicitly refers to a prior patent incorporated by reference (paragraph 0028), and therefore, appears to be limited to that which is old.
Regarding the rejection of Claims 1-20 under 35 U.S.C. 112(b) as indefinite, and with particular reference to independent Claims 1, 14, and 19, Applicant argues that the specification renders the phrase “threshold level” definite (see page 26 of the present response, citing paragraphs 0037, 0058, and 0076 of the present specification).  Applicant provides no explanation to support this assertion.  It is noted that the rejection was not due merely to the phrase “threshold level” but was made considering the more detailed limitations “determining… a difference in security capabilities of the first and second instances of the application” and providing application data “in response to the difference in security capabilities of the first and second instances of the application being at or above a threshold level”.  Paragraphs 0037 and 0058 discuss thresholds, but not in the context of a difference in security capabilities of instances of the application.  Instead, these paragraphs discuss thresholds for determining whether applications are to be considered instances of each other.  In contrast, paragraph 0076 does mention a difference of security capabilities between first and second instances of an application being at or above a threshold; however, this paragraph only uses language similar to that of the claims.  There is no detail provided of how the difference in security capabilities could be quantified such that it could be determined whether the difference is above or below a threshold level.  A capability is qualitative, and the specification has not clearly explained how to quantify a capability in order to calculate a difference that could be compared to a threshold value.  There is no description in paragraph 0076 or elsewhere in the specification of how to calculate a difference in security capabilities as a number that could be compared to a threshold.
Therefore, for the reasons detailed above, the Examiner maintains the rejections as set forth below.

Drawings

The objection to the drawings for failure to comply with 37 CFR 1.84(p)(5) is withdrawn in light of the amendments to the specification.  The objection to Figure 1 as requiring a prior art label is NOT withdrawn, for the reasons detailed above.
Figure 1 should be designated by a legend such as --Prior Art-- because only that which is old is illustrated.  See MPEP § 608.02(g).  Corrected drawings in compliance with 37 CFR 1.121(d) are required in reply to the Office action to avoid abandonment of the application. The replacement sheet(s) should be labeled “Replacement Sheet” in the page header (as per 37 CFR 1.84(c)) so as not to obstruct any portion of the drawing figures. If the changes are not accepted by the examiner, the applicant will be notified and informed of any required corrective action in the next Office action. The objection to the drawings will not be held in abeyance.

Specification

The objection to the abstract for informalities is withdrawn in light of the amendments thereto.  The objection to the disclosure for informalities is NOT withdrawn, because not all issues have been addressed and/or because the amendments have raised new issues, as detailed below.
The disclosure is objected to because of the following informalities:  
The specification includes minor grammatical and other errors.  For example, in paragraph 0005, lines 3-4 (see page 3 of the 15 June 2022 response), the phrase “during at least one of: at publishing time of the application or execution of the application” is grammatically unclear with respect to “during at publishing time”.  In paragraph 0012, the sentences from lines 1-3 and 4-8 beginning “The instructions that” are fragments.  In paragraph 0030, line 11 (see page 8 of the 15 June 2022 response), it appears that “but are not limited” should read “but are not limited to” or similar.  In paragraph 0032, lines 5-7 (see page 9 of the 15 June 2022 response), the phrase “interactions between” is not in parallel structure with the other list items of “accessing of, publishing of, downloading of, execution of”.  In paragraph 0037, lines 16-19 (see page 11 of the 15 June 2022 response), the sentence beginning “Thus, each instance 228 can correspond…” appears to be a run-on, noting the comma splice before “however”.  In paragraph 0041, line 8 (see page 12 of the 15 June 2022 response) it is not clear what the letter C in the abbreviation “CEB” for “embedded browser” is intended to stand for.  In paragraph 0043, line 10 (see page 14 of the 15 June 2022 response), the abbreviation “HDX” is used without being defined.  In paragraph 0054, line 17, and paragraph 0058, lines 8-9, in the phrase “can include, but not limited to”, it appears that “are” should be inserted before “not limited”.  In paragraph 0072, line 7, the phrase “For example, but not limited to” is grammatically unclear.
Appropriate correction is required.  Applicant’s cooperation is requested in correcting any errors of which applicant may become aware in the specification.
The specification is objected to as failing to provide proper antecedent basis for the claimed subject matter.  See 37 CFR 1.75(d)(1) and MPEP § 608.01(o).  Correction of the following is required:  Independent Claims 1, 14, and 19 have been amended to recite “wherein the second instance is validated and comprises a different version than the first instance”.  However, although the specification describes the first and second instances having different versions, there appears to be no mention in the specification of the second instance being validated.  Therefore, there is not clear antecedent basis for the claimed subject matter in the specification.  For further detail, see below with reference to the rejection under 35 U.S.C. 112(a) for failure to comply with the written description requirement.


Claim Rejections - 35 USC § 101

The rejection of Claims 14-18 under 35 U.S.C. 101 as directed to non-statutory subject matter is NOT withdrawn, because the amendments have raised new issues, as detailed below.
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

Claims 14-18 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter.
Claim 14 is directed to a system having a single element of a server comprising one or more processors.  A server can simply be a software process.  Further, a processor also does not require any particular hardware, as a processor could be implemented as a piece of software such as a virtual processor (as acknowledged in paragraph 0025 of the present specification).  Therefore, the claim encompasses software per se.  Computer software does not fall within any of the statutory classes of invention. See Gottschalk v. Benson, 409 U.S. 63, 72, 175 USPQ 673, 676-77 (1972).  Software does not constitute a statutory process, because the software itself is not a series of steps that are performed. Software is also not a machine, article, or composition of matter.  See MPEP § 2106.03(I).  When a claim encompasses both statutory and non-statutory subject matter, the claim as a whole is considered to be directed to non-statutory subject matter.  See MPEP § 2106(II).

Claim Rejections - 35 USC § 112

The rejection of Claims 1-20 under 35 U.S.C. 112(b) as indefinite is NOT withdrawn for the reasons detailed above, and because not all issues have been addressed and/or the amendments have raised new issues, as detailed below.
The following is a quotation of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.

The following is a quotation of the first paragraph of pre-AIA  35 U.S.C. 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention.

Claims 1-20 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement. The claims contain subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA  35 U.S.C. 112, the inventor(s), at the time the application was filed, had possession of the claimed invention.
Independent Claims 1, 14, and 19 have been amended to recite “wherein the second instance is validated and comprises a different version than the first instance”.  However, although the specification describes the first and second instances having different versions, there appears to be no mention in the specification of the second instance being validated.  Although Applicant cites paragraphs 0009, 0029-0031, 0033, 0036, 0037, and 0039 for support for the amended claims (see page 24 of the present response), there is no mention in these paragraphs of the second instance being validated.  Paragraph 0009 discloses a process of validating the first instance but not that the second instance was already validated.  Similarly, paragraph 0039 discloses validating the first instance but not that the second instance was already validated.  The other cited paragraphs do not discuss validation of instances.  Therefore, there is not clear written description of the claimed subject matter in the specification.
Claims not specifically referred to above are rejected due to their dependence on a rejected base claim.

The following is a quotation of 35 U.S.C. 112(b):

(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.

The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.

Claims 1-20 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
Claim 1 recites “determining… a difference in security capabilities of the first and second instances of the application” (in step c) and providing application data “in response to the difference in security capabilities of the first and second instances of the application being at or above a threshold level” (in step d).  It is not clear how the difference in security capabilities would be quantified such that it could be determined whether the difference is above or below a threshold level.  A capability is qualitative, and the specification has not clearly explained how to quantify a capability in order to calculate a difference that could be compared to a threshold value.  The above ambiguities render the claim indefinite.
Claim 5 recites “during a least one of: at publishing time of the application or execution of the application” in lines 3-4.  This is grammatically unclear with respect to “during at publishing time”.
Claim 10 recites “updating… a second application signature for the second instance of the application with the one or more different properties” in lines 7-8.  However, because the one or more different properties are of the third instance, it is not clear how a signature for the second instance would use these properties of the third instance.
Claim 11 recites “the API” in line 5.  It is not clear to which of the plural APIs recited in Claim 1 this limitation is intended to refer.
Claim 14 recites determining “a difference in security capabilities of the first and second instances of the application” in lines 10-11 and providing application data “in response to the difference in security capabilities of the first and second instances of the application being at or above a threshold level” in lines 14-15.  It is not clear how the difference in security capabilities would be quantified such that it could be determined whether the difference is above or below a threshold level.  A capability is qualitative, and the specification has not clearly explained how to quantify a capability in order to calculate a difference that could be compared to a threshold value.  The above ambiguities render the claim indefinite.
Claim 19 recites determining “a difference in security capabilities of the first and second instances of the application” in lines 10-11 and providing application data “in response to the difference in security capabilities of the first and second instances of the application being at or above a threshold level” in lines 14-15.  It is not clear how the difference in security capabilities would be quantified such that it could be determined whether the difference is above or below a threshold level.  A capability is qualitative, and the specification has not clearly explained how to quantify a capability in order to calculate a difference that could be compared to a threshold value.  The above ambiguities render the claim indefinite.
Claim 20 recites updating “the at least one known signature corresponding to the second instance of the application with the one or more different properties” in lines 9-10.  First, there is not clear antecedent basis for “the at least one known signature”.  Further, because the one or more different properties are of the third instance, it is not clear how a signature for the second instance would use the properties of the third instance. 
Claims not specifically referred to above are rejected due to their dependence on a rejected base claim.

Claim Rejections - 35 USC § 103

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over Oberheide et al, US Patent 9455988, in view of Callaghan et al, US Patent 10397230.
In reference to Claim 1, Oberheide discloses a method that includes a server receiving application data from a plurality of data sources, where the data corresponds to a first instance of an application executable on a mobile device (Figure 13, first instance; column 15, lines 2-5); identifying security capabilities of the first instance and a second instance of the application based on properties of the first and second instances and APIs corresponding to the first and second instances (column 17, lines 40-41; column 8, lines 1-8); determining a difference in security capabilities indicating a vulnerability and providing application data from the data sources to the application in response to the difference being at or above a threshold (see Figure 13, comparison match condition; see also column 15, line 47-column 18, line 49, describing steps S140-S160).  However, Oberheide does not explicitly disclose that the second instance is validated.
Callaghan discloses a method that includes receiving application data and identifying differences between first and second instances (versions) of an application, where the second instance is validated (see column 23, line 12-column 24, line 62, noting particularly column 23, lines 42-63, where one version of an application is compared to an authentic, i.e. validated, version of the application).  Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of Oberheide to include the validated version of the application as taught by Callaghan, in order to detect compromises and protect from executing corrupted software (see Callaghan, column 23, line 64-column 24, line 19; see also column 3, lines 32-46).
In reference to Claim 2, Oberheide and Callaghan further disclose identifying static application data corresponding to the first instance of the application from a package or file (see Oberheide, column12, lines 39-40).
In reference to Claim 3, Oberheide and Callaghan further disclose injecting a monitoring module and transmitting dynamic application data during execution (see Oberheide, column 15, lines 25-29).
In reference to Claims 4 and 5, Oberheide and Callaghan further disclose generating an application signature using the application data and comparing the first application signature to a second application signature (Oberheide, column 4, line 64-column 5, line 3; see also Callaghan, column 23, lines 42-63).
In reference to Claim 6, Oberheide and Callaghan further disclose comparing properties of the first and second instances (see Oberheide, Figure 13, comparison match condition; see also Callaghan, column 23, lines 42-63).
In reference to Claim 7, Oberheide and Callaghan further disclose assigning weight values to properties and using a signature and the weight values (see Oberheide, column 16, lines 6-24; column 7, lines 59-60).
In reference to Claim 8, Oberheide and Callaghan further disclose determining differences between the properties of the first and second instances and generating a validation report indicating the differences (see Oberheide, column 15, lines 47-54).
In reference to Claim 9, Oberheide and Callaghan further disclose identifying malicious logic and preventing access to the application (see Oberheide, Figure 13, comparison match condition).
In reference to Claim 10, Oberheide and Callaghan further disclose identifying an updated version of the first instance and updating the signatures (see Oberheide, column 10, lines 52-54).
In reference to Claims 11-13, Oberheide and Callaghan further disclose identifying APIs and generating profiles based on the APIs (Oberheide, column 8, lines 1-17).

Claims 14-18 are directed to systems having functionality corresponding to the methods of Claims 1, 3-6, and 9, and are rejected by a similar rationale, mutatis mutandis.
Claims 19 and 20 are directed to software implementations of the methods of Claims 1 and 10, and are rejected by a similar rationale.

Conclusion

The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Wendling, US Patent 8135825, discloses a method for verifying the version of an installed application.
Hague et al, US Patent 10032022, discloses a method for protecting code to detect malware.
El-Moussa et al, US Patent 10228929, discloses a system that verifies modified versions of target programs
Cabrera et al, US Patent Application Publication 2015/0381641, discloses a method that includes monitoring multiple instances of an application for security threats

Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to Zachary A Davis whose telephone number is (571)272-3870. The examiner can normally be reached Monday-Friday, 9:30am-6:00pm, Eastern Time.
Examiner interviews are available via telephone and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Saleh Najjar can be reached on (571) 272-4006. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/Zachary A. Davis/Primary Examiner, Art Unit 2492