DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
1.The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Arguments
2. Applicant’s arguments, filed on 07/18/2022  with respect to the rejection(s) of independent claim(s) have been fully considered and are persuasive.  Therefore, the rejection has been withdrawn, and a new non-Final rejection is made (see, the rejection below). 

Claim Objections
3. Claims 2-9 are objected to because of the following informalities: 

4. Claim 3 recites: “the computer, wherein before the receiving the first protected application data, the operating system performs authentication and authorization with the server”

5. Examiner believes that this is a typo error, the claim should be: the computer, wherein before receiving the first protected application data, the operating system performs authentication and authorization with the server. (For examining purposes, it will be treated this way). If this is not the case it is asked of the applicant to clarify this and correct any 35 USC 112 problems that may arise.

Appropriate correction is required.

6. For claims 2-9, the claims recite: “a computer according of claim 1". Claims 2-9 depends on independent claim 1. So, the claims should recite: “the computer” instead of “ a computer”.
 Examiner believes that this is a typo error, (For examining purposes it will be treated this way). If this is not the case it is asked of the applicant to clarify this and correct any 35 USC 112 problems that may arise.

Appropriate correction is required.
                                                             Double Patenting
7. The non-statutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A non-statutory obviousness-type double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed.Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Long 759 F.2d 887,

225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438,164 USPQ 619 (CCPA 1970); and In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).

A timely filed terminal disclaimer in compliance with 37 CFR 1.321 (c) or 1.321 (d) may be used to overcome an actual or provisional rejection based on a non-statutory double patenting ground provided the conflicting application or patent either is shown to be commonly owned with his application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. Effective January 1, 1994, a registered attorney or agent of record may sign a terminal disclaimer. A terminal disclaimer signed by the assignee must fully comply with 37 CFR 3.73(b).

8.    Claims 1-10 of this instant application are rejected on the ground of non-statutory double patenting as being unpatentable over claims 1-8 and 10 of the US patent no. 9,881,142. Although the claims at issue are not identical, they are not patentably distinct from each other because the claims of the current application encompass the same subject matter as of the patent application claims [such as prevention of software piracy and investigation of the source of piracy by providing a mechanism to spawn an application on a computer without use of a file on the file system of the computer], but with obvious wording variations. Therefore, this is a non-statutory double patenting.

Claim Rejections - 35 USC § 103
9.The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

10.Claim(s) 1-2 and 4-8 are rejected under 35 U.S.C. 103 as being unpatentable over Jothimani (US Pub.No.2010/0011447) in view of Bshara (US Pat. No.10,901,627).

11 .Regarding claim 1 Jothimani teaches a computer comprising: one or more processors;  random access memory (RAM) interfaced to the one or more processors; one or more processors;  random access memory (RAM) interfaced to the one or more processors;
one or more non-volatile storages, the one or more non-volatile storages comprising a file system, the file system comprising one or more files, the one or more files including data and instructions loadable into the RAM and executable by the one or more processors to implement an operating system and one or more user applications, upon a user command to access a first protected application data, the operating system is configured to: interface one or more servers, receive the first protected application data from the one or more servers, store the first protected application data in an unused portion of the RAM  (Fig.4 and Para:0064-0065 teaches the system 410 include a server 312 to establish a secure network communications link (e.g., via networks 418) with the untrusted client process 328. Para:0066 teaches the server 312 may be used to store a sandbox access library 348, and to download the sandbox access library 348 to the untrusted client process 328 responsive to a request REQ for secure file.
Para:0015 teaches sandbox is a directory or other designated area where file content can be stored and processed, and which is not directly accessible by the applications processing the files associated with the content. Para:0058 teaches memory 310 to store an untrusted client process 328, as well as a processor 304 to receive a request REQ to securely process files FIL_1 . . . FIL_N on the untrusted client process 328. The processor 304 may operate to transparently redirect one or more file management operations 330 associated with applications APP_1, APP_2, . . . , APP_N running on the untrusted client process 328 to file content (e.g., CONT_FIL_1 for FIL_1 and CONT_FIL_N for FILE N) associated with the files FIL_1 . . . FIL_N. The file content CONT_FIL_1 . . . CONT_FIL_N is located in an untrusted client sandbox 332 inaccessible to the applications APP_1, APP_2, . . . , APP_N);

Jothimani teaches all the above claimed limitations but does not expressly teach the computer comprises a memory management unit (MMU) configured to translate virtual addresses of one or more virtual address spaces to addresses of the RAM; and map the unused portion of the RAM containing the first protected application data to the new virtual address space through the MMU.

Bshara teaches the computer comprises a memory management unit (MMU) configured to translate virtual addresses of one or more virtual address spaces to addresses of the RAM (Col.5, lines.61-67 and Col.6, lines.19-22); wherein: the one or more virtual address spaces correspond to the one or more user applications; store the first protected application data in an unused portion of the RAM, the unused portion being unmapped by the MMU and operating system to the virtual address spaces, create a new virtual address space corresponding to the first protected application data (Col.5, lines. Col.15, lines.35-66 teaches unmapped by the MMU); 
map the unused portion of the RAM containing the first protected application data to the new virtual address space through the MMU, and execute instructions in the first protected application data as a new user application, and execute instructions in the first protected application data as a new user application (Col.15, lines. 35-67; Col.16, lines.1-23 teaches mapping the unused portion of the RAM into a new virtual address space).

  It would have been obvious to one of the ordinary skills in the art before the invention was filed to modify Jothimani to include the computer comprises a memory management unit (MMU) configured to translate virtual addresses of one or more virtual address spaces to addresses of the RAM; and map the unused portion of the RAM containing the first protected application data to the new virtual address space through the MMU as taught by Bshara such a setup would give a predictable result of effective virtual memory management.

12. Regarding claim 2 Jothimani teaches a computer, wherein the operating system prevents access by the one or more user applications to the first protected application data (Para:0015 teaches sandbox is a directory or other designated area where file content can be stored and processed, and which is not directly accessible by the applications processing the files associated with the content. Para:0058 teaches memory 310 to store an untrusted client process 328, as well as a processor 304 to receive a request REQ to securely process files FIL_1 . . . FIL_N on the untrusted client process 328. The processor 304 may operate to transparently redirect one or more file management operations 330 associated with applications APP_1, APP_2, . . . , APP_N running on the untrusted client process 328 to file content (e.g., CONT_FIL_1 for FIL_1 and CONT_FIL_N for FILE N) associated with the files FIL_1 . . . FIL_N. The file content CONT_FIL_1 . . . CONT_FIL_N is located in an untrusted client sandbox 332 inaccessible to the applications APP_1, APP_2, . . . , APP_N).

13. Regarding claim 5 Jothimani teaches a computer wherein: the first protected application data is encrypted when received from the server, and the first protected application is decrypted before the executing the instructions in the first protected application data (Para:011 teaches storing the file content in the sandbox on a VPN client. The file content is encrypted prior to storage in the sandbox. Para:0046 teaches decrypting the file content in the sandbox).

14. Regarding claim 6 Jothimani teaches a computer, wherein, wherein the one or more servers comprises an external server interfaced to the computer through a network (Para:0064-0065 teaches and external server interfaced to the computer through a network)

15. Regarding claim 7 Jothimani teaches a computer, wherein the one or more servers further comprises a local server, the local server storing an encrypted copy of the first protected application data (Para:011 teaches storing the file content in the sandbox on a VPN client. The file content is encrypted prior to storage in the sandbox).

16. Regarding claim 8 Jothimani teaches a computer, wherein: the local server comprises a virtual server implemented inside the operating system, the first protected application data is encrypted when received from the external server upon a first user request to access the first protected application data, the operating system stores the encrypted first protected application data on the one or more non-volatile storages outside the file system; the virtual server retrieves the first protected application data from the one or more non-volatile storages upon a second or subsequent user request to access the first protected application data.  (Para:00065-0066 teaches the user request to access the file content.  Para:011 teaches storing the file content in the sandbox on a VPN client. The file content is encrypted prior to storage in the sandbox

17.Claim 3 is rejected under 35 U.S.C. 103 as being unpatentable over Jothimani (US Pub.No.2010/0011447) in view of Bshara (US Pat. No.10,901,627) as applied to claim 1 above and further in view of Morgan (US Pub.No.2013/0086643).

18. Regarding claim 3 Jothimani in view of Bshara  teaches all the above claimed limitions but does not expressly teach the computer, wherein before the receiving the first protected application data, the operating system performs authentication and authorization with the server.

 Morgan teaches the computer, wherein before receiving the first protected application data, the operating system performs authentication and authorization with the server (Para:0036-0045 teaches performing authentication and verification/ authorization  with the server).

It would have been obvious to one of the ordinary skills in the art before the invention was filed to modify Jothimani in view of Bshara to include before receiving the first protected application data, the operating system performs authentication and authorization with the server as taught by Morgan such a setup would give a predictable result of secure communication.

19. Claim 9 is rejected under 35 U.S.C. 103 as being unpatentable over Jothimani (US Pub.No.2010/0011447) in view of Bshara (US Pat. No.10,901,627)  as applied to claim 1 above and further in view Arnon (US Pat.No.8, 966,211).

20.    Regarding claim 9 Jothimani in view of Bshara  teaches all the above claimed limitations, but does not expressly teach computer, wherein: the first protected application data corresponds to the computer, the first protected application data is generated from a source code and a first identifier, the first identifier corresponding to the computer, the first protected application data is different from a second application data generated using the source code and a second identifier corresponding to another computer, the difference including an order of one or a combination of functions, data, and call parameters of one or more of the functions.

Arnon teaches the first protected application data corresponds to the computer, the first protected application data is generated from a source code and a first identifier, the first identifier corresponding to the computer, the first protected application data is different from a second application data generated using the source code and a second identifier corresponding to another computer, the difference including an order of one or a combination of functions, data, and call parameters of one or more of the functions  (Col. 2, lines 8-14, and lines 17 – 26 teaches a first device identifier is assigned to an application on a host, where the application's data is stored on a data storage system. The first device identifier can be attached to a first data storage system that contains a first data set for use with operations with the application. The first device identifier can be re -assigned to a second storage device that contains a second data set for use with operation with the application.  Col. 2, lines 26 – 31 teaches the first identifier can include a label to that tells the location of the data storage device to which the first identifier is attached).

It would have been obvious to one of the ordinary skill in the art before the invention was filed to modify Jothimani in view of Bshara  to include the first protected application data is generated from a source code and a first identifier, the first identifier corresponding to the computer, the first protected application data is different from a second application data generated using the source code and a second identifier corresponding to another computer as taught by Arnon such a setup would allow for the database server to experience little to no interruption to its internal configuration when dynamically binding user’s identifiers.

21. Claims 10 is rejected under 35 U.S.C. 103 as being unpatentable over Jothimani (US Pub.No.2010/0011447) in view of Bshara (US Pat. No.10,901,627)  and in view of Morgan (US Pub.No.2013/0086643) and further in view of Arnon (US Pat.No.8, 966,211).

22.    Regarding claim 10 Jothimani teaches a system comprising: a computer; and one or more servers interfaced to the computer, wherein: the computer comprises: one or more processors, random access memory (RAM) interfaced to the one or more processors, one or more non-volatile storages, the one or more non-volatile storages comprising a file system, the file system comprising one or more files, the one or more files including data and instructions loadable into the RAM and executable by the one or more processors to implement an operating system and one or more user applications, upon a user command to access a first protected application data, the operating system is configured to: interface one or more servers, receive the first protected application data from the one or more servers, store the first protected application data in an unused portion of the RAM  (Fig.4 and Para:0064-0065 teaches the system 410 include a server 312 to establish a secure network communications link (e.g., via networks 418) with the untrusted client process 328. Para:0066 teaches the server 312 may be used to store a sandbox access library 348, and to download the sandbox access library 348 to the untrusted client process 328 responsive to a request REQ for secure file.
Para:0015 teaches sandbox is a directory or other designated area where file content can be stored and processed, and which is not directly accessible by the applications processing the files associated with the content. Para:0058 teaches memory 310 to store an untrusted client process 328, as well as a processor 304 to receive a request REQ to securely process files FIL_1 . . . FIL_N on the untrusted client process 328. The processor 304 may operate to transparently redirect one or more file management operations 330 associated with applications APP_1, APP_2, . . . , APP_N running on the untrusted client process 328 to file content (e.g., CONT_FIL_1 for FIL_1 and CONT_FIL_N for FILE N) associated with the files FIL_1 . . . FIL_N. The file content CONT_FIL_1 . . . CONT_FIL_N is located in an untrusted client sandbox 332 inaccessible to the applications APP_1, APP_2, . . . , APP_N);

Jothimani teaches all the above claimed limitations but does not expressly teach the computer comprises a memory management unit (MMU) configured to translate virtual addresses of one or more virtual address spaces to addresses of the RAM; and map the unused portion of the RAM containing the first protected application data to the new virtual address space through the MMU.

Bshara teaches the computer comprises a memory management unit (MMU) configured to translate virtual addresses of one or more virtual address spaces to addresses of the RAM (Col.5, lines.61-67 and Col.6, lines.19-22); wherein: the one or more virtual address spaces correspond to the one or more user applications; store the first protected application data in an unused portion of the RAM, the unused portion being unmapped by the MMU and operating system to the virtual address spaces, create a new virtual address space corresponding to the first protected application data (Col.5, lines. Col.15, lines.35-66 teaches unmapped by the MMU); 
map the unused portion of the RAM containing the first protected application data to the new virtual address space through the MMU, and execute instructions in the first protected application data as a new user application, and execute instructions in the first protected application data as a new user application (Col.15, lines. 35-67; Col.16, lines.1-23 teaches mapping the unused portion of the RAM into a new virtual address space).

It would have been obvious to one of the ordinary skills in the art before the invention was filed to modify Jothimani to include the computer comprises a memory management unit (MMU) configured to translate virtual addresses of one or more virtual address spaces to addresses of the RAM; and map the unused portion of the RAM containing the first protected application data to the new virtual address space through the MMU as taught by Bshara such a setup would give a predictable result of effective virtual memory management.

Jothimani in view of Bshara  teaches all the above claimed limitations, but does not expressly teaches the server transmits the protected application data to the computer upon verifying authentication of the computer and authorization of the computer.

Morgan teaches receiving the protected application from the server (Figs.1-2, Para: 0045 and Para: 0047-0049 teaches receiving protected application from the server); and the server transmits the protected application data to the computer upon verifying authentication of the computer and authorization of the computer (Fig.1, para: 0017 and Para: 0019-0020 teaches performing authentication and verification/authorization with the server).

It would have been obvious to one of the ordinary skills in the art before the invention was filed to modify Jothimani in view of Bshara to include the server transmits the protected application data to the computer upon verifying authentication of the computer and authorization of the computeras taught by Morgan such a setup would give a predictable result of secure communication.

Jothimani in view of Bshara and in view of Morgan teaches all the above claimed limitations but does not expressly tech the server generates the first protected application data corresponding to the computer using a source code and a first identifier, the first identifier corresponding to the computer, the first protected application data is different from a second application data generated using the source code and a second identifier corresponding to another computer, the difference including an order of one or a combination of functions, data, and call parameters of one or more of the functions.

Arnon teaches the server generates the first protected application data corresponding to the computer using a source code and a first identifier, the first identifier corresponding to the computer, the first protected application data is different from a second application data generated using the source code and a second identifier corresponding to another computer, the difference including an order of one or a combination of functions, data, and call parameters of one or more of the functions (Col. 2, lines 8-14, and lines 17 – 26 teaches a first device identifier is assigned to an application on a host, where the application's data is stored on a data storage system. The first device identifier can be attached to a first data storage system that contains a first data set for use with operations with the application. The first device identifier can be re -assigned to a second storage device that contains a second data set for use with operation with the application.  Col. 2, lines 26 – 31 teaches the first identifier can include a label to that tells the location of the data storage device to which the identifier is attached).

It would have been obvious to one of the ordinary skill in the art before the invention was filed to modify Jothimani in view of Bshara and in view of Morgan to include the first protected application data is generated from a source code and a first identifier, the first identifier corresponding to the computer, the first protected application data is different from a second application data generated using the source code and a second identifier corresponding to another computer as taught by Arnon such a setup would allow for the database server to experience little to no interruption to its internal configuration when dynamically binding user’s identifiers.

                                     Allowable Subject Matter
23.    Claim 4 is  objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.

The following is a statement of reasons for the indication of allowable subject matter:

Bshara et al. (US Pat.No.10,901,627) discloses a technique for balancing and reducing the number of write operations performed to each physical memory page of a storage-class memory. In one embodiment, a method includes tracking a count of write operations performed to each physical memory page or subpage of the storage-class memory using a memory management unit, a memory controller, a hypervisor, or an operating system, and selectively allocating physical memory pages of the storage-class memory with the least counts of write operations to a virtual machine or an operating system process using a ranking of the physical memory pages of the storage-class memory determined based at least partially on the count of write operations performed to each physical memory page or subpage of the storage-class memory.

Chen et al. (US Pub.No.2016/0179564) discloses virtualization software establishes multiple execution environments within a virtual machine, wherein software modules executing in one environment cannot access private memory of another environment. A separate set of shadow memory address mappings is maintained for each execution environment. For example, a separate shadow page table may be maintained for each execution environment. The virtualization software ensures that the shadow address mappings for one execution environment do not map to the physical memory pages that contain the private code or data of another execution environment. When execution switches from one execution environment to another, the virtualization software activates the shadow address mappings for the new execution environment. A similar approach, using separate mappings, may also be used to prevent software modules in one execution environment from accessing the private disk space or other secondary storage of another execution environment. 

Morgan et al. (US Pub.No.2013/0086643) discloses a system and method for protecting client software running on a client computer from tampering using a secure server. Prior to or independent of executing the client software, the system integrates self-protection into the client software; removes functions from the client software for execution on the server; develops client software self-protection updates; and periodically distributes the updates. During execution of the client software, the system receives an initial request from the client computer for execution of the removed function; verifies the initial request; and cooperates with the client computer in execution of the client software if verification is successful. If verification is unsuccessful, the system can attempt to update the client software on the client computer; and require a new initial request. Client software can be updated on occurrence of a triggering event. Communications can be encrypted, and the encryption updated. Authenticating checksums can be used for verification. 

Krishnan et al. (US Pub.No.2019/0138433) discloses a method for evaluating a test suite for a software library includes generating a mutated software library by adding a fault to the software library, while the software library is used by a testing tool to evaluate a test suite. The method further includes loading the mutated software library, then executing a test in the test suite on the mutated software library to obtain a test result. The method further includes analyzing the test result.

         Fertig et al. (US Pat. No. 8,166,239) discloses a translation lookaside buffer and a related method for operating the TLB is provided. The method comprises the steps of: a) when adding an entry for a virtual address to said TLB testing whether the attribute data of said virtual address is already stored in said CAM and if the attribute data is not stored already in said CAM, generating tag data for said virtual address such that said tag data is different from the tag data generated for the other virtual addresses currently stored in said RAM and associated to the new entry in said CAM for the attribute data, adding the generated tag data to said RAM and to the associated entry in said CAM, and setting a validity flag in said CAM for said associated entry; else if the attribute data is stored already in said CAM, adding the stored attribute data to the entry in said RAM for said virtual address; and when performing a TLB lookup operation: reading the validity flag and the tag data from the entry in said CAM, which is associated to the entry in said RAM for said virtual address, and simultaneously reading the absolute address and the tag data from the entry in said RAM for said virtual address, and generating a TLB hit only if the tag data read from said CAM is valid and matches the tag data read from said RAM.

        Khosravi et al. (US Pub.No.2008/0077767) discloses a method and apparatus for secure page swapping in a virtual memory system. An integrity check value mechanism is used to protect software programs from run-time attacks against memory pages while those pages are swapped to secondary memory. A hash value is computed for an agent page as it is swapped from primary memory to secondary memory. When the page is swapped back into primary memory from secondary memory, that hash value is recomputed to verify that the page was not modified while stored in secondary memory. Alternatively, the hash value is pre-computed and placed in an integrity manifest wherein it is retrieved and verified when the page is loaded back into primary memory from secondary memory.

However, none of the prior art of record as mentioned above alone or in combination, teaches or suggest the steps of: “the operating system self mutates in a deterministic manner such that a first image including executable instructions of the operating system stored in a file on the file system corresponding to the operating system differs from a second image including executable instructions in RAM after the operating system performs an initialization operation, and the authentication and authorization involves providing to the server evidence that the second image is executing as the operating system, to thereby prevent unauthorized access to the first protected application data by a malicious program,” as recited in claim 4.

                                                 Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DEREENA T CATTUNGAL whose telephone number is (571)270-0506.  The examiner can normally be reached on Mon-Fri: 7:30 AM-5 PM EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn Feild can be reached on 571-272-2092.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




/DEREENA T CATTUNGAL/Examiner, Art Unit 2431