DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 10/21/2021 is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Claims 1-15 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-30 of U.S. Patent No. 11,210,391. Although the claims at issue are not identical, they are not patentably distinct from each other because the claims of the instant application are anticipated by the claims of the patent.
Independent claims 1, 14 & 15 of the instant application are mapped to claims 1, 14 & 27 of the patent. Claims 2-13 of the instant application are mapped to claims 2-13, 15-26 and 28-30 of the patent. 
Instant Application No. 17/507,574
US Patent No. 11,210,391
1. A system, comprising: a processor configured to:
1. A system, comprising: a processor configured to: 
receive, by an operating system executing on a device, a request to launch an 5application;
 receive, by an operating system executing on a device and in response to a user election, a request to launch an application;
determine that a stored copy of the application should be executed within an application-level sandbox provided by a third party host application; and
determine, based at least in part on the user election, that a stored copy of the application should be executed within an application-level sandbox provided by a third party host application; and
execute the stored copy of the application in the application-level sandbox provided by the third party host applicable, wherein the third party host application ioprovides a framework layer that provides hooking functionality for monitoring system calls made by the application; and a memory coupled to the processor and configured to provide the processor with instructions.
 execute the stored copy of the application in the application-level sandbox provided by the third party host application, wherein the third party host application provides a framework layer that provides hooking functionality for monitoring system calls made by the application, wherein the application-level sandbox is configured to provide artificial data to the application while the application is executing in the application-level sandbox, and wherein the artificial data provided to the application is configurable by the user; and a memory coupled to the processor and configured to provide the processor with instructions.



Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-6 and 13-15 are rejected under 35 U.S.C. 103 as being unpatentable over Hulten et al. (US Pub No. 2010/0005291) in view of Zonouz et al. (US Pub No. 2020/0293682).
Regarding independent claim 1, Hulten teaches a system, comprising: a processor configured to: Attorney Docket No. PALOP17953PATENTreceive, by an operating system executing on a device, a request to launch an application (Hulten, page 1, paragraph 0013 and page 2, paragraph 0027; attempt to install application); determine that a stored copy of the application should be executed within a sandbox (Hulten, page 2-3, paragraphs 0027-0028 and page 5, paragraph 0055; determine reputation of the application is unknown and executing in a sandbox); and execute the stored copy of the application in the sandbox (Hulten, page 5, paragraph 0055; executing in a sandbox); a memory coupled to the processor and configured to provide the processor with instructions (Hulten, page 6, paragraph 0068). 
	Hulten discloses the application may execute in a protected environment such as a sandbox (Hulten, page 5, paragraph 0055 and page 1, paragraph 0013), however, does not explicitly teach an application-level sandbox provided by the third party host application; application-level sandbox provided by the third party host application, wherein the third party host application provides a framework layer that provides hooking functionality for monitoring system calls made by the application.
	Zonouz teaches an application-level sandbox provided by the third party host application (Zonouz, page 9, paragraph 0097 and page 14, paragraph 0154; application sandboxing by target application); application-level sandbox provided by the third party host application, wherein the third party host application provides a framework layer that provides hooking functionality for monitoring system calls made by the application (Zonouz, page 8, paragraph 0094, page 9, paragraphs 0097-0098 & 0103 and page 14, paragraph 0154; application sandboxing with system call interceptions). 
	It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Hulten with the teachings of Zonouz to have application sandboxing to provide the advantage of monitoring installed application for data leaks and providing privacy protection and verification (Zonouz, page 1, paragraph 0004 and page 8, paragraph 0092). 
	Regarding claim 2, Hulten in view of Zonouz teaches the system wherein the request to launch the application is a first request to launch the application after installation of the application on the device (Hulten, page 2, paragraph 0027; attempt to install/execute; the application is pre-stored/downloaded in the memory), and wherein determining that the stored copy of the application should be executed within the application-level sandbox includes determining that a security verdict for the application has not yet been received at the 15device (Hulten, page 5, paragraph 0055; no indication/no establish reputation with the reputation service provider).
Regarding claim 3, Hulten in view of Zonouz teaches the system wherein determining that the security verdict has not been received includes determining that a security assessment by the device has not been performed (Hulten, page 5, paragraph 0055 and page 3, paragraph 0036; no indication/no establish reputation with the reputation service provider).
Regarding claim 4, Hulten in view of Zonouz teaches the system wherein determining that the security verdict has not been received includes determining that a security assessment by a remote server has not been received (Hulten, page 5, paragraph 0055 and page 3, paragraph 0036; no indication/no establish reputation with the reputation service provider (page 3, paragraph 0029; reputation service provider remote server)).
Regarding claim 5, Hulten in view of Zonouz teaches each and every claim limitation of claim 1, however, Zonouz teaches the system wherein the application-level sandbox is configured to monitor behavior of the application during execution of the application in the application-level sandbox (Zonouz, page 8, paragraph 0094, page 9, paragraphs 0097-0098 & 0103 and page 14, paragraph 0154; application tracking).
	It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Hulten with the teachings of Zonouz to have application sandboxing to provide the advantage of monitoring installed application for data leaks and providing privacy protection and verification (Zonouz, page 1, paragraph 0004 and page 8, paragraph 0092). 
Regarding claim 6, Hulten in view of Zonouz teaches each and every claim limitation of claim 1, however, Zonouz teaches the system wherein the application-level sandbox is configured to log data during execution of the application in the application-level sandbox (Zonouz, page 8, paragraph 0094 and page 9, paragraphs 0097-0098; stores values).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Hulten with the teachings of Zonouz to have application sandboxing to provide the advantage of monitoring installed application for data leaks and providing privacy protection and verification (Zonouz, page 1, paragraph 0004 and page 8, paragraph 0092). 
Regarding claim 13, Hulten in view of Zonouz teaches the system wherein the request to launch the application is a first request, and wherein, at a time subsequent to the first request, a second request to launch the application is received, and a determination is made that the stored copy of the application need not be executed in the application-level sandbox (Hulten, pages 1-2, paragraph 0013 and page 2, paragraph 0027; subsequent user access when the reputation is non-malicious is allowed to execute). 
Regarding independent claim 14, Hulten teaches a method, comprising: Attorney Docket No. PALOP17953PATENTreceiving, by an operating system executing on a device, a request to launch an application (Hulten, page 1, paragraph 0013 and page 2, paragraph 0027; attempt to install application); determining that a stored copy of the application should be executed within a sandbox (Hulten, page 2-3, paragraphs 0027-0028 and page 5, paragraph 0055; determine reputation of the application is unknown and executing in a sandbox); and executing the stored copy of the application in the sandbox (Hulten, page 5, paragraph 0055; executing in a sandbox). 
	Hulten discloses the application may execute in a protected environment such as a sandbox (Hulten, page 5, paragraph 0055 and page 1, paragraph 0013), however, does not explicitly teach an application-level sandbox provided by the third party host application; application-level sandbox provided by the third party host application, wherein the third party host application provides a framework layer that provides hooking functionality for monitoring system calls made by the application.
Zonouz teaches an application-level sandbox provided by the third party host application (Zonouz, page 9, paragraph 0097 and page 14, paragraph 0154; application sandboxing by target application); application-level sandbox provided by the third party host application, wherein the third party host application provides a framework layer that provides hooking functionality for monitoring system calls made by the application (Zonouz, page 8, paragraph 0094, page 9, paragraphs 0097-0098 & 0103 and page 14, paragraph 0154; application sandboxing with system call interceptions). 
	It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Hulten with the teachings of Zonouz to have application sandboxing to provide the advantage of monitoring installed application for data leaks and providing privacy protection and verification (Zonouz, page 1, paragraph 0004 and page 8, paragraph 0092). 
Regarding independent claim 15, Hulten teaches a computer program product embodied in a tangible, non-transitory computer readable storage medium and comprising computer instructions for: Attorney Docket No. PALOP17953PATENTreceiving, by an operating system executing on a device, a request to launch an application (Hulten, page 1, paragraph 0013 and page 2, paragraph 0027; attempt to install application); determining that a stored copy of the application should be executed within a sandbox (Hulten, page 2-3, paragraphs 0027-0028 and page 5, paragraph 0055; determine reputation of the application is unknown and executing in a sandbox); and executing the stored copy of the application in the sandbox (Hulten, page 5, paragraph 0055; executing in a sandbox). 
	Hulten discloses the application may execute in a protected environment such as a sandbox (Hulten, page 5, paragraph 0055 and page 1, paragraph 0013), however, does not explicitly teach an application-level sandbox provided by the third party host application; application-level sandbox provided by the third party host application, wherein the third party host application provides a framework layer that provides hooking functionality for monitoring system calls made by the application.
Zonouz teaches an application-level sandbox provided by the third party host application (Zonouz, page 9, paragraph 0097 and page 14, paragraph 0154; application sandboxing by target application); application-level sandbox provided by the third party host application, wherein the third party host application provides a framework layer that provides hooking functionality for monitoring system calls made by the application (Zonouz, page 8, paragraph 0094, page 9, paragraphs 0097-0098 & 0103 and page 14, paragraph 0154; application sandboxing with system call interceptions). 
	It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Hulten with the teachings of Zonouz to have application sandboxing to provide the advantage of monitoring installed application for data leaks and providing privacy protection and verification (Zonouz, page 1, paragraph 0004 and page 8, paragraph 0092). 

Claim 7 is rejected under 35 U.S.C. 103 as being unpatentable over Hulten et al. (US Pub No. 2010/0005291) in view of Zonouz et al. (US Pub No. 2020/0293682) as applied to claims 1-6 and 13-15  above, and further in view of Hariharakrishnan et al. (US Pub No. 2016/0098334).
Regarding claim 7, Hulten in view of Zonouz teaches each and every claim limitation of claim 6.
Hulten in view of Zonouz does not explicitly teach wherein the system is configured to transmit collected log data to a 25remote server for analysis
Hariharakrishnan teaches wherein the system is configured to transmit collected log data to a 25remote server for analysis (Hariharakrishnan, page 17, paragraph 0199; send stored performance-related data to server for analysis).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Hulten in view of Zonouz with the teachings of Hariharakrishnan to send performance related data from a sandbox to a server for analysis to provide the advantage of allowing users to benchmark/monitor their own applications executing on the mobile device and protecting devices from the plethora of application available for download and executing on the device (Hariharakrishnan, page 1, paragraph 0006). 

Claims 8-12 are rejected under 35 U.S.C. 103 as being unpatentable over Hulten et al. (US Pub No. 2010/0005291) in view of Zonouz et al. (US Pub No. 2020/0293682) as applied to claims 1-6 and 13-15  above, and further in view of Spertus (US Patent No. 8,001,606).
Regarding claim 8, Hulten in view of Zonouz teaches each and every claim limitation of claim 1. 
Hulten in view of Zonouz does not explicitly teach the system wherein the processor is further configured to detect malicious behavior during monitored execution of the application in the application-level sandbox. 
Spertus teaches wherein the processor is further configured to detect malicious behavior during monitored execution of the application in the application-level sandbox (Spertus, column 6, lines 21-40; monitor unknown application in sandbox for malware/suspicious behavior).  
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Hulten in view of Zonouz with the teachings of Spertus to monitor applications in a protected environment to detect malware to provide the advantage of detecting malware while allowing applications to execute while minimizing the risk of harm to the client (Spertus, column 6, lines 37-40).
Regarding claim 9, Hulten in view of Zonouz and in further view of Spertus teaches each and every claim limitation of claim 8, however, Spertus teaches the system wherein the processor is configured to detect malicious behavior at least in part by detecting attempted malicious network activity (Spertus, column 6, lines 21-40 and line 63-column 7, line 3; monitor unknown application in sandbox for malware/suspicious behavior and string signatures; the behavior signature can indicate the application using a function to write to another process or remote server).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Hulten in view of Zonouz with the teachings of Spertus to monitor applications in a protected environment to detect malware to provide the advantage of detecting malware while allowing applications to execute while minimizing the risk of harm to the client (Spertus, column 6, lines 37-40).
Regarding claim 10, Hulten in view of Zonouz and in further view of Spertus teaches each and every claim limitation of claim 9, however, Spertus teaches the system wherein the processor is further configured to block at least a portion of the attempted malicious network activity (Spertus, column 10, lines 60-67).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Hulten in view of Zonouz with the teachings of Spertus to monitor applications in a protected environment to detect malware to provide the advantage of detecting malware while allowing applications to execute while minimizing the risk of harm to the client (Spertus, column 6, lines 37-40).
Regarding claim 11, Hulten in view of Zonouz and in further view of Spertus teaches each and every claim limitation of claim 9, however, Spertus teaches the system wherein the attempted malicious network activity includes an unauthorized attempt to exfiltrate data from the device (Spertus, column 6, lines 21-40 and line 63-column 7, line 3; monitor unknown application in sandbox for malware/suspicious behavior and string signatures; the behavior signature can indicate the application using a function to write to another process or remote server).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Hulten in view of Zonouz with the teachings of Spertus to monitor applications in a protected environment to detect malware to provide the advantage of detecting malware while allowing applications to execute while minimizing the risk of harm to the client (Spertus, column 6, lines 37-40).
Regarding claim 12, Hulten in view of Zonouz and in further view of Spertus teaches each and every claim limitation of claim 9, however, Spertus teaches the system wherein the attempted malicious network activity includes an attempt to contact a known malicious domain (Spertus, column 6, lines 21-40 and line 63-column 7, line 3; monitor unknown application in sandbox for malware/suspicious behavior and string signatures; the behavior signature can indicate the application using a function to write to another process or remote server).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Hulten in view of Zonouz with the teachings of Spertus to monitor applications in a protected environment to detect malware to provide the advantage of detecting malware while allowing applications to execute while minimizing the risk of harm to the client (Spertus, column 6, lines 37-40).

Prior Art
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. ALTMAN et al. (US Pub No. 2014/0007263) and Krasin et al. (US Pub No.2015/0278513).

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHAQUEAL D WADE whose telephone number is (571)270-0357.  The examiner can normally be reached on M-F 8:00-5:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kristine Kincaid can be reached on 571-272-4063.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/SHAQUEAL D WADE-WRIGHT/Primary Examiner, Art Unit 2437