DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .


Claim Objections
Claim 18 is objected to because of the following informalities:
In Claim 18, Lines 2-3, “the dynamic code signing tool evaluation comprises the DCSR determining that the DCSR is not authentic, invalid…” should read “the dynamic code signing tool evaluation comprises . 

Appropriate correction is required.



Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claims 1-2, 8, 10-11 and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Naik (U.S. Patent 9,219,611), in view of Kane-Parry et al. (U.S. Patent 9,465,942), hereinafter Parry. 

	Regarding claim 1, Naik teaches A method of dynamically verifying an executable (Naik, Column 3, Lines 37 – 38, see “…systems and methods for automating cloud-based code-signing services”) (Naik, Column 6, Lines 26 – 35, see “…an automatically generated request to sign a file may include a request to digitally sign a file, and more specifically, with reference to the instant disclosure, a request to digitally sign executables, scripts, code files, data files…and/or any other type or form of file that can be signed by a cloud-based code-signing service…an automatically generated request to sign a file may include a request to sign files in such a way that the signature can be used to verify the authenticity (i.e., author) and/or integrity of the file”, where “verify the authenticity and/or integrity of the file” is being read as dynamically verifying an executable), comprising:
	receiving from a first developer, in a build registration tool within a secure cloud computing environment (Naik, Column 12, Lines 31 – 38, see “…by receiving files from a remote client, performing appropriate security measures (e.g., verifying security credentials), signing the files and then sending them back to the remote client, the systems and methods presented herein may provide developers with a cloud-based code-signing service that is hands-free, secure, and capable of being implemented within a variety of automated build environments”, where “may provide developers with a cloud-based code-signing service that is hands-free, secure…” is being read as a build registration tool being comprised within a secure cloud computing environment), encrypted build data and developer permissions (Naik, FIG. 4, see “420”, which depicts an automated build tool that receives from a first developer, encrypted build data (Code File 406) and developer permissions (Tied with the Username and Password) (Naik, Column 2, Lines 22 – 25, see “…The system may further include a verification module, stored in memory, that verifies a security credential that authorizes the remote client to access the cloud-based code-signing service”, where “a security credential that authorizes the remote client to access the cloud-based code-signing service” is being read as comprising developer permissions, due to the system authorizing whether the developer has sufficient permissions based on their security credentials) (Naik, Column 8, Lines 62 – 67, see “…verification module 106 may help establish, facilitate, and/or maintain secure communications between signing automation agent 210 and code-signing service 212…verification module 106 may encrypt and/or decrypt code files shared between code-signing server 206 and remote client 202”, where the ability for the verification module to encrypt and/or decrypt the code files (build data) sent by the developer supports the fact that the code file sent by the developer is encoded/encrypted in some fashion), 
	authenticating, in the build registration tool, the developer credentials based on developer permissions (Naik, FIG. 4, see “418”, “420”, where the authentication of the developer credentials based on developer permissions is done within the build registration tool (420)) (Naik, Column 8, Lines 24 – 29, see “As illustrated in FIG. 3, at step 304 one or more of the systems described herein may verify a security credential that authorizes the remote client to access the cloud-based code-signing service. For example, verification module 106 may, as part of code-signing service 212, verify security credential 216”) (Naik, Column 8, Lines 30 – 34, see “…the phrase “security credential” generally refers to any type or form of data and/or digital information that can be used to verify whether a software module and/or user is permitted access to a service, system, and/or file on a computing device….”, where “security credential…can be used to verify whether a software module and/or user is permitted access to a file” is being read as authenticating the developer credentials based on developer permissions);
	decrypting, in a dynamic code signing tool within the secure cloud computing environment, the encrypted build data (Naik, Column 8, Lines 62 – 67, see “…verification module 106 may help establish, facilitate, and/or maintain secure communications between signing automation agent 210 and code-signing service 212…verification module 106 may encrypt and/or decrypt code files shared between code-signing server 206 and remote client 202”, where the ability for the verification module to encrypt and/or decrypt the code files (build data) sent by the developer supports the fact that the code file sent by the developer is encoded/encrypted in some fashion and is subsequently decrypted to retrieve the build data); and
	activating, in the dynamic code signing tool, the executable by dynamically signing the executable to obtain a dynamic code signature (SEC) based on information specified in the build data (Naik, Column 11, Lines 3 – 12, see “In FIG. 4, automated build tool 420 may build code file 406 via one or more code-building steps (e.g., via a code-building and compiling process that links function libraries with code files and compiles them into a binary file). Automated build tool 420 may, as the last step of an automated build process, attempt to access code signing tool 404 via network 412 by way of a drop-in tool that has been configured to receive code-signing API calls…from the automated build tool…”, where “Automated build tool 420 may, as the last step of an automated build process, attempt to access code signing tool 404 via network…” is being read as the step of activating the executable (binary file) by signing the executable) (Naik, Column 11, Lines 43 – 48, see “…code signing tool 404 may sign code file 406, thus creating a signed code file 408 that has been signed with a production certificate 410. Code signing tool 404 may then send signed code file 408 back to automated build tool 420, completing the signing step of the automated build process”, where “production certificate 410” is being read as a dynamic code signature (SEC), which in turn, activates the code file and indicates that it is ready to be tested, sold, and/or distributed”); and
	delivering the SEC for runtime deployment (Naik, Column 11, Lines 46 – 51, see “…Code signing tool 404 may then send signed code file 408 back to automated build tool 420, completing the signing step of the automated build process. In this way, a developer may obtain, via an automated build and signing process, a CA-signed code file that is ready to be distributed, tested, and/or sold”, where “a developer may obtain, a CA-signed code file that is ready to be distributed, tested, and/or sold” is being read as delivering the SEC for runtime deployment). 
	Naik does not teach the following limitation(s) as taught by Parry: wherein the encrypted build data comprises (Parry, Column 23, Lines 34 – 38, see “…an object code file 112 may be obfuscated or encrypted following its generation via compilation of one or more source code files 110. In such cases, the document 108 may be de-obfuscated or decrypted at 1304 prior to scanning the document 108 for data elements”, where “object code file 112” and/or “source code file 110” is analogous to comprising the encrypted build data) a build identification (ID) (Parry, Column 19, Lines 8 – 11, see “…the notifications 118 may include information regarding the names and versions of the source code files 110 or other documents 108 that include the high entropy portion(s)…”, where “notifications 108 may include information regarding the names and versions of the source code files 110” is analogous to the build data comprising a build identification (ID), where “names and versions of the source code files 110” is analogous to a build ID), a dynamic code signing certificate (CER) (Parry, Column 3, Lines 33 – 39, see “…Sensitive information may also include dynamic code that is incorporated as string data in source code…Implementations may operate to detect the presence of such dynamic code in source code files”) (Parry, Column 12, Lines 58 – 62, see “…In such cases, a developer may hard-code a certificate into source code to confirm that a certificate received from the granting authority is legitimate and that the authority has not been compromised”, where “a developer may hard-code a certificate into source code…” is analogous to the encrypted build data (i.e., source code) comprising a dynamic code signing certificate (CER), due to Parry disclosing above that the sensitive information may include dynamic code that is incorporated as string data in source code, where “sensitive information” is analogous to comprising the certificate) , and developer credentials (Parry, Column 2, Lines 37 – 39, see “…software developers may hard-code security credentials or other sensitive information into the source code of a computer program…”, where “security credentials” is analogous to comprising developer credentials) (Parry, Column 3, Lines 1 – 5, see “…security information may include security credentials employed to access a system, such as a username, a password, a token, a certificate, a passkey, answers to challenge questions, and so forth”). 
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for automated cloud-based code-signing services, disclosed of Naik, by implementing techniques for dictionary generation for identifying coded credentials, comprising of developer build data comprising a build ID, a dynamic code signing certificate and developer credentials, disclosed of Parry. 
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for cloud-based dynamic executable verification, comprising of the developer build data comprising a build ID, a dynamic code signing certificate and developer credentials. This allows for better security management and a more efficient method for authenticating build data by hard-coding the build ID, a certificate and developer credentials into the build data for subsequent authentication of the build data. That way, the signing server has the sufficient data necessary within the build data to authenticate and sign the build data for deployment and does not need to communicate back and forth with the developer to acquire the information necessary to sign the build data. Parry is deemed as analogous art due to the art disclosing techniques for developer build data comprising a build ID, a dynamic code signing certificate and developer credentials (Parry, Column 3, Lines 33 – 39). 
	
	Regarding claim 2, Naik as modified by Parry teaches The method of claim 1, wherein the activating further comprises:
	the secure cloud computing environment running the executable in a virtual machine (VM) to obtain the SEC (Naik, Column 17, Lines 21 – 25, see “According to various embodiments, all or a portion of exemplary system 100 in FIG. 1 may be implemented within a virtual environment…the modules and/or data described herein may reside and/or execute within a virtual machine”, where “the modules and/or data described herein may reside and/or execute within a virtual machine” is being read as the process of obtaining the SEC being performed within a virtual machine).   

	Regarding claim 8, Naik as modified by Parry teaches The method of claim 1, further comprising:
	receiving, in the dynamic code signing tool, a dynamic code signing request (DCSR) from a customer secure runtime environment (Naik, FIG. 3, see “302”, which shows a cloud-based code-signing service (i.e., dynamic code signing tool) identifying an automatically generated request from a signing automation agent on a remote client to sign at least one file, where “automatically generated request from a signing automation agent on a remote client” is being read as a dynamic code signing request from a customer secure runtime environment), wherein the customer secure runtime environment runs the executable to generate the DCSR (Naik, Column 7, Lines 37 – 46, see “…a signing automation agent may include a software module that automatically sends a request to sign files to a remote code-signing server as part of an automated build process…the signing automation agent may be part of the automated build process, and may include a drop-in tool provided by a code-signing vendor that modularly replaces other code-signing tools by receiving the same input and/or API calls as those tools”, where “a signing automation agent may include a software module that automatically sends a request to sign files to a remote code-signing server as part of an automated build process” is being read as running the code file (or executable) to generate the request, due to the request being automatically generated by a software module in the code file, as one of the last steps in the automated build process); and
	evaluating, in the dynamic code signing tool, the DCSR, wherein based on the evaluating, the SEC is returned for runtime deployment (Naik, FIG. 3, see “304”, “306”, “308”, “310”, where “304-306” shows the steps of the dynamic code signing tool evaluating the DCSR, and at “308” the dynamic code signing tool signs the file and at “310” sends the signed file to the remote client, which includes the SEC, for runtime deployment) (Naik, Column 11, Lines 46 – 51, see “…Code signing tool 404 may then send signed code file 408 back to automated build tool 420, completing the signing step of the automated build process. In this way, a developer may obtain, via an automated build and signing process, a CA-signed code file that is ready to be distributed, tested, and/or sold”, where “a developer may obtain, a CA-signed code file that is ready to be distributed, tested, and/or sold” is being read as delivering the SEC for runtime deployment).

	Regarding claim 10, Naik teaches A system for dynamically verifying an executable (Naik, Column 3, Lines 37 – 38, see “…systems and methods for automating cloud-based code-signing services”) (Naik, Column 6, Lines 26 – 35, see “…an automatically generated request to sign a file may include a request to digitally sign a file, and more specifically, with reference to the instant disclosure, a request to digitally sign executables, scripts, code files, data files…and/or any other type or form of file that can be signed by a cloud-based code-signing service…an automatically generated request to sign a file may include a request to sign files in such a way that the signature can be used to verify the authenticity (i.e., author) and/or integrity of the file”, where “verify the authenticity and/or integrity of the file” is being read as dynamically verifying an executable), comprising:
(a)	a secure cloud computing environment having one or more computers (Naik, Column 5, Lines 25 – 33, see “…an exemplary computer-implemented method 300 for automating cloud-based code-signing services…the steps shown in FIG. 3 may be performed by one or more of the components of system 100 in FIG. 1, system 200 in FIG. 2, system 400 in FIG. 4, system 500 in FIG. 5, computing system 610 in FIG. 6, and/or portions of exemplary network architecture 700 in FIG. 7”);
(b)	the one or more computers, wherein each of the one or more computers has a memory and a processor that executes (Naik, Column 12, Lines 56 – 64, see “Computing system 610 broadly represents any single or multi-processor computing device or system capable of executing computer-readable instructions…computing system 610 may include at least one processor 614 and a system memory 616”),
(c)	a build registration tool executing on one or more of the processors via a first set of instructions stored in one or more of the memories (Naik, Column 4, Lines 16 – 26, see “…one or more of modules 102 in FIG. 1 may represent one or more software applications or programs that, when executed by a computing device, may cause the computing device to perform one or more tasks…one or more of modules 102 may represent software modules stored and configured to run on one or more computing devices, such as the…coding computer 418 in FIG. 4”, where “coding computer 418” is the computer executing the build registration tool (i.e., automated build tool 420)), wherein the build registration tool performs operations comprising:
	(i)	receiving from a first developer (Naik, Column 12, Lines 31 – 38, see “…by receiving files from a remote client, performing appropriate security measures (e.g., verifying security credentials), signing the files and then sending them back to the remote client, the systems and methods presented herein may provide developers with a cloud-based code-signing service that is hands-free, secure, and capable of being implemented within a variety of automated build environments”) encrypted build data and developer permissions (Naik, FIG. 4, see “420”, which depicts an automated build tool that receives from a first developer, encrypted build data (Code File 406) and developer permissions (Tied with the Username and Password) (Naik, Column 2, Lines 22 – 25, see “…The system may further include a verification module, stored in memory, that verifies a security credential that authorizes the remote client to access the cloud-based code-signing service”, where “a security credential that authorizes the remote client to access the cloud-based code-signing service” is being read as comprising developer permissions, due to the system authorizing whether the developer has sufficient permissions based on their security credentials) (Naik, Column 8, Lines 62 – 67, see “…verification module 106 may help establish, facilitate, and/or maintain secure communications between signing automation agent 210 and code-signing service 212…verification module 106 may encrypt and/or decrypt code files shared between code-signing server 206 and remote client 202”, where the ability for the verification module to encrypt and/or decrypt the code files (build data) sent by the developer supports the fact that the code file sent by the developer is encoded/encrypted in some fashion), 
	(ii)	authenticating the developer credentials based on developer permissions (Naik, FIG. 4, see “418”, “420”, where the authentication of the developer credentials based on developer permissions is done within the build registration tool (420)) (Naik, Column 8, Lines 24 – 29, see “As illustrated in FIG. 3, at step 304 one or more of the systems described herein may verify a security credential that authorizes the remote client to access the cloud-based code-signing service. For example, verification module 106 may, as part of code-signing service 212, verify security credential 216”) (Naik, Column 8, Lines 30 – 34, see “…the phrase “security credential” generally refers to any type or form of data and/or digital information that can be used to verify whether a software module and/or user is permitted access to a service, system, and/or file on a computing device….”, where “security credential…can be used to verify whether a software module and/or user is permitted access to a file” is being read as authenticating the developer credentials based on developer permissions); and
(d)	a dynamic code signing tool executing on one or more of the processors via a second set of instructions stored in one or more of the memories (Naik, Column 4, Lines 16 – 24, see “…one or more of modules 102 in FIG. 1 may represent one or more software applications or programs that, when executed by a computing device, may cause the computer device to perform one or more tasks…one or more of modules 102 may represent software modules stored and configured to run on one or more computing devices, such as the devices illustrated in FIG. 2 (e.g., remote client 202 and/or code-signing server 206)”), wherein the dynamic code signing tool performs operations comprising:
	(i) decrypting the encrypted build data (Naik, Column 8, Lines 62 – 67, see “…verification module 106 may help establish, facilitate, and/or maintain secure communications between signing automation agent 210 and code-signing service 212…verification module 106 may encrypt and/or decrypt code files shared between code-signing server 206 and remote client 202”, where the ability for the verification module to encrypt and/or decrypt the code files (build data) sent by the developer supports the fact that the code file sent by the developer is encoded/encrypted in some fashion and is subsequently decrypted to retrieve the build data);
	(ii) activating the executable by dynamically signing the executable to obtain a dynamic code signature (SEC) based on information specified in the build data (Naik, Column 11, Lines 3 – 12, see “In FIG. 4, automated build tool 420 may build code file 406 via one or more code-building steps (e.g., via a code-building and compiling process that links function libraries with code files and compiles them into a binary file). Automated build tool 420 may, as the last step of an automated build process, attempt to access code signing tool 404 via network 412 by way of a drop-in tool that has been configured to receive code-signing API calls…from the automated build tool…”, where “Automated build tool 420 may, as the last step of an automated build process, attempt to access code signing tool 404 via network…” is being read as the step of activating the executable (binary file) by signing the executable) (Naik, Column 11, Lines 43 – 48, see “…code signing tool 404 may sign code file 406, thus creating a signed code file 408 that has been signed with a production certificate 410. Code signing tool 404 may then send signed code file 408 back to automated build tool 420, completing the signing step of the automated build process”, where “production certificate 410” is being read as a dynamic code signature (SEC), which in turn, activates the code file and indicates that it is ready to be tested, sold, and/or distributed”); and
	(iii) delivering the SEC for runtime deployment (Naik, Column 11, Lines 46 – 51, see “…Code signing tool 404 may then send signed code file 408 back to automated build tool 420, completing the signing step of the automated build process. In this way, a developer may obtain, via an automated build and signing process, a CA-signed code file that is ready to be distributed, tested, and/or sold”, where “a developer may obtain, a CA-signed code file that is ready to be distributed, tested, and/or sold” is being read as delivering the SEC for runtime deployment).
	Naik does not teach the following limitation(s) as taught by Parry: wherein the encrypted build data comprises (Parry, Column 23, Lines 34 – 38, see “…an object code file 112 may be obfuscated or encrypted following its generation via compilation of one or more source code files 110. In such cases, the document 108 may be de-obfuscated or decrypted at 1304 prior to scanning the document 108 for data elements”, where “object code file 112” and/or “source code file 110” is analogous to comprising the encrypted build data) a build identification (ID) (Parry, Column 19, Lines 8 – 11, see “…the notifications 118 may include information regarding the names and versions of the source code files 110 or other documents 108 that include the high entropy portion(s)…”, where “notifications 108 may include information regarding the names and versions of the source code files 110” is analogous to the build data comprising a build identification (ID), where “names and versions of the source code files 110” is analogous to a build ID), a dynamic code signing certificate (CER) (Parry, Column 3, Lines 33 – 39, see “…Sensitive information may also include dynamic code that is incorporated as string data in source code…Implementations may operate to detect the presence of such dynamic code in source code files”) (Parry, Column 12, Lines 58 – 62, see “…In such cases, a developer may hard-code a certificate into source code to confirm that a certificate received from the granting authority is legitimate and that the authority has not been compromised”, where “a developer may hard-code a certificate into source code…” is analogous to the encrypted build data (i.e., source code) comprising a dynamic code signing certificate (CER), due to Parry disclosing above that the sensitive information may include dynamic code that is incorporated as string data in source code, where “sensitive information” is analogous to comprising the certificate), and developer credentials (Parry, Column 2, Lines 37 – 39, see “…software developers may hard-code security credentials or other sensitive information into the source code of a computer program…”, where “security credentials” is analogous to comprising developer credentials) (Parry, Column 3, Lines 1 – 5, see “…security information may include security credentials employed to access a system, such as a username, a password, a token, a certificate, a passkey, answers to challenge questions, and so forth”). 
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for automated cloud-based code-signing services, disclosed of Naik, by implementing techniques for dictionary generation for identifying coded credentials, comprising of developer build data comprising a build ID, a dynamic code signing certificate and developer credentials, disclosed of Parry. 
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for cloud-based dynamic executable verification, comprising of developer build data comprising a build ID, a dynamic code signing certificate and developer credentials. This allows for better security management and a more efficient method for authenticating build data by hard-coding the build ID, a certificate and developer credentials into the build data for subsequent authentication of the build data. That way, the signing server has the sufficient data necessary within the build data to authenticate and sign the build data for deployment and does not need to communicate back and forth with the developer to acquire the information necessary to sign the build data. Parry is deemed as analogous art due to the art disclosing techniques for developer build data comprising a build ID, a dynamic code signing certificate and developer credentials (Parry, Column 3, Lines 33 – 39). 

	Regarding claim 11, Naik as modified by Parry teaches The system of claim 10, wherein the build registration tool and the dynamic code signing tool execute in a virtual machine (VM) (Naik, Column 17, Lines 21 – 25, see “According to various embodiments, all or a portion of exemplary system 100 in FIG. 1 may be implemented within a virtual environment…the modules and/or data described herein may reside and/or execute within a virtual machine”, where “the modules and/or data described herein may reside and/or execute within a virtual machine” is being read as the build registration tool and the dynamic code signing tool executing in a virtual machine).

	Regarding claim 17, Naik as modified by Parry teaches The system of claim 10, wherein the dynamic code signing tool further:
	receives a dynamic code signing request (DCSR) from a customer secure runtime environment (Naik, FIG. 3, see “302”, which shows a cloud-based code-signing service (i.e., dynamic code signing tool) identifying an automatically generated request from a signing automation agent on a remote client to sign at least one file, where “automatically generated request from a signing automation agent on a remote client” is being read as a dynamic code signing request from a customer secure runtime environment), wherein the customer secure runtime environment runs the executable to generate the DCSR (Naik, Column 7, Lines 37 – 46, see “…a signing automation agent may include a software module that automatically sends a request to sign files to a remote code-signing server as part of an automated build process…the signing automation agent may be part of the automated build process, and may include a drop-in tool provided by a code-signing vendor that modularly replaces other code-signing tools by receiving the same input and/or API calls as those tools”, where “a signing automation agent may include a software module that automatically sends a request to sign files to a remote code-signing server as part of an automated build process” is being read as running the code file (or executable) to generate the request, due to the request being automatically generated by a software module in the code file, as one of the last steps in the automated build process);
	evaluates the DCSR, wherein based on the evaluating, the SEC is returned for runtime deployment (Naik, FIG. 3, see “304”, “306”, “308”, “310”, where “304-306” shows the steps of the dynamic code signing tool evaluating the DCSR, and at “308” the dynamic code signing tool signs the file and at “310” sends the signed file to the remote client, which includes the SEC, for runtime deployment) (Naik, Column 11, Lines 46 – 51, see “…Code signing tool 404 may then send signed code file 408 back to automated build tool 420, completing the signing step of the automated build process. In this way, a developer may obtain, via an automated build and signing process, a CA-signed code file that is ready to be distributed, tested, and/or sold”, where “a developer may obtain, a CA-signed code file that is ready to be distributed, tested, and/or sold” is being read as delivering the SEC for runtime deployment).

	   
Claims 3-4, 7, 12-13 and 16 are rejected under 35 U.S.C. 103 as being unpatentable over Naik, in view of Parry, in further view of Anderson (U.S. PGPub. 2017/0323120). 

	Regarding claim 3, Naik as modified by Parry teaches The method of claim 1, further comprising:
	the build registration tool determining that developer credentials from a second developer are not authorized for dynamic code signing (Naik, Column 9, Lines 24 – 32, see “…verification module 106 may send a request for second factor authentication to a code-signing administrator on a remote computing device…verification module 106 may send an email alert to a project manager’s terminal requesting that an email be returned that contains the project manager’s username and password…verification module 106 may, after performing second factor authentication, authorize remote client 202 to access code-signing service 212…”, where “verification module 106 may, after performing second factor authentication, authorize remote client 202 to access code-signing service 212” is being read as the build registration tool determining whether or not developer credentials (i.e., project manager’s username and password) from a second developer (project manager) are authorized for dynamic code signing); 
	
	Naik does not teach the following limitation(s) as taught by Anderson: sending a failure response to a cloud dynamic tamper protection tool, wherein the failure response aborts the tamper protection tool with an error condition (Anderson, Paragraph [0072], see “If tampering of the runtime executable 103R or the hash table data 1106 is detected, a failure mode results. By default, a failure initiates a system crash, preferably delayed by a period of time or a number of instructions so that it is difficult for a attacker to track back to the code that causes the failure…”, where “By default, a failure initiates a system crash…” is analogous to sending a failure response to a cloud dynamic tamper protection tool, wherein the failure response aborts the tamper protection tool with an error condition, where “system crash” is analogous to aborting the tampering protection tool with an error condition). 
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for automated cloud-based code-signing services, disclosed of Naik, and techniques disclosed of Parry, by implementing techniques for dynamic executable verification, comprising of sending a failure response to a cloud dynamic tamper protection tool, wherein the failure response aborts the tamper protection tool with an error condition, disclosed of Anderson.  
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for cloud-based dynamic executable verification, comprising of sending a failure response to a cloud dynamic tamper protection tool, wherein the failure response aborts the tamper protection tool with an error condition. This allows for better security management by sending a failure response to a dynamic protection tool when it is determined that developer credentials are not authorized for code signing. The protection tool aborts with an error condition subsequent to the determination in order for the system to protect itself in cases where an attacker is involved. Anderson is deemed as analogous art due to the art disclosing techniques for sending a failure response to a protection tool, wherein the failure response aborts the protection tool with an error condition (Anderson, Paragraph [0072]). 

	Regarding claim 4, Naik as modified by Parry do not teach the following limitation(s) as taught by Anderson: The method of claim 1, further comprising:
	the dynamic code signing tool determining that the executable is invalid (Anderson, Paragraph [0040], see “At runtime, the injected integrity protection elements use the .sec data to verify the integrity of the binary during execution, as shown in step (5) and further described in the “Runtime Verification” section below. Tampering with the executable or the .sec data prior to or during execution at runtime will result in a runtime failure mode as described in the “Runtime Failure Mode” section below”, where “…the injected integrity protection elements use the .sec data to verify the integrity of the binary during execution” is analogous to determining whether or not the executable is valid, where “Tampering with the executable or the .sec data prior to or during execution at runtime will result in a runtime failure” is analogous to determining that the executable is invalid); and
	the dynamic code signing tool aborting the activating with an error condition (Anderson, Paragraph [0040], see “…Tampering with the executable or the .sec data prior to or during execution at runtime will result in a runtime failure mode as described in the “Runtime Failure Mode” section below”, where “runtime failure mode” is analogous to the code signing tool aborting the activating (i.e., where the activating involves signing the file) with an error condition, the error condition being the initiation of the runtime failure mode) (Anderson, Paragraph [0072], see “If tampering of the runtime executable 103R or the hash table data 1106 is detected, a failure mode results. By default, a failure initiates a system crash…”). 
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for automated cloud-based code-signing services, disclosed of Naik, and techniques disclosed of Parry, by implementing techniques for dynamic executable verification, comprising of the code signing tool determining that the executable is invalid and aborting the activating with an error condition, disclosed of Anderson.   
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for cloud-based dynamic executable verification, comprising of the code signing tool determining that the executable is invalid and aborting the activating with an error condition. This allows for better security management by determining during runtime whether or not the executable has been tampered with (i.e., invalid). If a determination is made by the signing tool that the executable has been tampered with, the signing tool does not sign the code (i.e., aborts the activating) with an error condition to protect the system from further tampering and/or unauthorized entities gaining access. Anderson is deemed as analogous art due to the art disclosing techniques for the code signing tool determining that the executable is invalid and aborting the activating with an error condition (Anderson, Paragraph [0040]). 

	Regarding claim 7, Naik as modified by Parry do not teach the following limitation(s) as taught by Anderson: The method of claim 1, further comprising:
	launching a protected executable in a non-secure runtime (Anderson, Paragraph [0040], see “At runtime, the injected integrity protection elements use the .sec data to verify the integrity of the binary during execution, as shown in step (5) and further described in the “Runtime Verification” section below”, where “runtime” is analogous to in a non-secure runtime, due to Anderson utilizing the runtime verification to ensure that the software cannot be tampered with either statically or dynamically and where “binary” is analogous to the executable that is being launched in the non-secure runtime);
	the protected executable locating the SEC (Anderson, Paragraph [0035], see “…Instead, secure (.sec) “hash table” data is produced during activation, which is used to enforce integrity protection at runtime. Unauthorized changes to the executable or to the .sec. data will result in a runtime failure mode”, where the “.sec data” is produced during activation and is located during runtime to enforce integrity protection, where “.sec data” is analogous to comprising the SEC);
	failing a validation of the SEC or of one or more code segment hashes covered by the SEC (Anderson, Paragraph [0035], see “…secure (.sec) “hash table” data is produced during activation, which is used to enforce integrity protection at runtime. Unauthorized changes to the executable or to the .sec data will result in a runtime failure mode”, where “Unauthorized changes” is analogous to failing a validation of the SEC or of one or more code segment hashes covered by the SEC, due to the system operating in a runtime failure mode when unauthorized changes (i.e., the SEC not being able to be validated) occurs);
	based on the failing, determining that the SEC has been tampered with (Anderson, Paragraph [0035], see “…The protection elements are generated at build time, then activated post-linking, when a valid X.509 certificate (.cer) is passed to the protected executable. No modifications are made to the executable. Instead, secure (.sec) “hash table” data is produced during activation, which is used to enforce integrity protection at runtime. Unauthorized changes to the executable or to the .sec data will result in a runtime failure mode”, where “.sec data” is analogous to comprising the SEC, and where “Unauthorized changes to the executable or to the .sec data will result in a runtime failure mode” is analogous to based on failing a validation of the SEC (i.e., .sec data), determine that the SEC has been tampered with, and as a result, initiate a runtime failure mode); and
	triggering a failure mode based on upon the determining (Anderson, Paragraph [0035], see “…secure (.sec) “hash table” data is produced during activation, which is used to enforce integrity protection at runtime. Unauthorized changes to the executable or to the .sec data will result in a runtime failure mode”, where “runtime failure mode” is analogous to a failure mode that is triggered based on determining that the SEC (i.e., .sec data) has been tampered with). 
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for automated cloud-based code-signing services, disclosed of Naik, and techniques disclosed of Parry, by implementing techniques for dynamic executable verification, comprising of launching a protected executable in a non-secure runtime in order to validate the SEC, and based on not being able to validate the SEC, determining that the SEC has been tampered with, and as a result, triggering a failure mode, disclosed of Anderson.    
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for cloud-based dynamic executable verification, comprising of launching a protected executable in a non-secure runtime in order to validate the SEC, and based on not being able to validate the SEC, determining that the SEC has been tampered with, and as a result, triggering a failure mode. This allows for better security management for dynamic executable verification by launching the executable in a non-secure runtime to locate and verify the SEC (i.e., signature) that was issued during activation. This ensures that the software cannot be tampered with either statically or dynamically without detection. Anderson is deemed as analogous art due to the art disclosing techniques for launching a protected executable in a non-secure runtime in order to validate the SEC, and based on not being able to validate the SEC, determining that the SEC has been tampered with, and as a result, triggering a failure mode (Anderson, Abstract). 

Regarding claim 12, Naik as modified by Parry teaches The system of claim 10, wherein the build registration tool further:
determines that developer credentials from a second developer are not authorized for dynamic code signing (Naik, Column 9, Lines 24 – 32, see “…verification module 106 may send a request for second factor authentication to a code-signing administrator on a remote computing device…verification module 106 may send an email alert to a project manager’s terminal requesting that an email be returned that contains the project manager’s username and password…verification module 106 may, after performing second factor authentication, authorize remote client 202 to access code-signing service 212…”, where “verification module 106 may, after performing second factor authentication, authorize remote client 202 to access code-signing service 212” is being read as the build registration tool determining whether or not developer credentials (i.e., project manager’s username and password) from a second developer (project manager) are authorized for dynamic code signing); 

	Naik as modified by Parry do not teach the following limitation(s) as taught by Anderson: sends a failure response to a cloud dynamic tamper protection tool, wherein the failure response aborts the tamper protection tool with an error condition (Anderson, Paragraph [0072], see “If tampering of the runtime executable 103R or the hash table data 1106 is detected, a failure mode results. By default, a failure initiates a system crash, preferably delayed by a period of time or a number of instructions so that it is difficult for a attacker to track back to the code that causes the failure…”, where “By default, a failure initiates a system crash…” is analogous to sending a failure response to a cloud dynamic tamper protection tool, wherein the failure response aborts the tamper protection tool with an error condition, where “system crash” is analogous to aborting the tampering protection tool with an error condition). 
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for automated cloud-based code-signing services, disclosed of Naik, and techniques disclosed of Parry, by implementing techniques for dynamic executable verification, comprising of sending a failure response to a cloud dynamic tamper protection tool, wherein the failure response aborts the tamper protection tool with an error condition, disclosed of Anderson.  
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for cloud-based dynamic executable verification, comprising of sending a failure response to a cloud dynamic tamper protection tool, wherein the failure response aborts the tamper protection tool with an error condition. This allows for better security management by sending a failure response to a dynamic protection tool when it is determined that developer credentials are not authorized for code signing. The protection tool aborts with an error condition subsequent to the determination in order for the system to protect itself in cases where an attacker is involved. Anderson is deemed as analogous art due to the art disclosing techniques for sending a failure response to a protection tool, wherein the failure response aborts the protection tool with an error condition (Anderson, Paragraph [0072]). 

Regarding claim 13, Naik as modified by Parry do not teach the following limitation(s) as taught by Anderson: The system of claim 10, wherein the dynamic code signing tool further:
determines that the executable is invalid (Anderson, Paragraph [0040], see “At runtime, the injected integrity protection elements use the .sec data to verify the integrity of the binary during execution, as shown in step (5) and further described in the “Runtime Verification” section below. Tampering with the executable or the .sec data prior to or during execution at runtime will result in a runtime failure mode as described in the “Runtime Failure Mode” section below”, where “…the injected integrity protection elements use the .sec data to verify the integrity of the binary during execution” is analogous to determining whether or not the executable is valid, where “Tampering with the executable or the .sec data prior to or during execution at runtime will result in a runtime failure” is analogous to determining that the executable is invalid); and
	aborts the activating with an error condition (Anderson, Paragraph [0040], see “…Tampering with the executable or the .sec data prior to or during execution at runtime will result in a runtime failure mode as described in the “Runtime Failure Mode” section below”, where “runtime failure mode” is analogous to the code signing tool aborting the activating (i.e., where the activating involves signing the file) with an error condition, the error condition being the initiation of the runtime failure mode) (Anderson, Paragraph [0072], see “If tampering of the runtime executable 103R or the hash table data 1106 is detected, a failure mode results. By default, a failure initiates a system crash…”). 
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for automated cloud-based code-signing services, disclosed of Naik, and techniques disclosed of Parry, by implementing techniques for dynamic executable verification, comprising of the code signing tool determining that the executable is invalid and aborting the activating with an error condition, disclosed of Anderson.   
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for cloud-based dynamic executable verification, comprising of the code signing tool determining that the executable is invalid and aborting the activating with an error condition. This allows for better security management by determining during runtime whether or not the executable has been tampered with (i.e., invalid). If a determination is made by the signing tool that the executable has been tampered with, the signing tool does not sign the code (i.e., aborts the activating) with an error condition to protect the system from further tampering and/or unauthorized entities gaining access. Anderson is deemed as analogous art due to the art disclosing techniques for the code signing tool determining that the executable is invalid and aborting the activating with an error condition (Anderson, Paragraph [0040]). 

Regarding claim 16, Naik as modified by Parry do not teach the following limitation(s) as taught by Anderson: The system of claim 10, further comprising a runtime environment, wherein the runtime environment:
launches a protected executable (Anderson, Paragraph [0040], see “At runtime, the injected integrity protection elements use the .sec data to verify the integrity of the binary during execution, as shown in step (5) and further described in the “Runtime Verification” section below”, where “runtime” is analogous to in a non-secure runtime, due to Anderson utilizing the runtime verification to ensure that the software cannot be tampered with either statically or dynamically and where “binary” is analogous to the executable that is being launched in the non-secure runtime); and
receives the SEC (Anderson, Paragraph [0035], see “…Instead, secure (.sec) “hash table” data is produced during activation, which is used to enforce integrity protection at runtime. Unauthorized changes to the executable or to the .sec. data will result in a runtime failure mode”, where the “.sec data” is produced during activation and is located during runtime to enforce integrity protection, where “.sec data” is analogous to comprising the SEC);
determines that the SEC has been tampered with (Anderson, Paragraph [0035], see “…The protection elements are generated at build time, then activated post-linking, when a valid X.509 certificate (.cer) is passed to the protected executable. No modifications are made to the executable. Instead, secure (.sec) “hash table” data is produced during activation, which is used to enforce integrity protection at runtime. Unauthorized changes to the executable or to the .sec data will result in a runtime failure mode”, where “.sec data” is analogous to comprising the SEC, and where “Unauthorized changes to the executable or to the .sec data will result in a runtime failure mode” is analogous to based on failing a validation of the SEC (i.e., .sec data), determine that the SEC has been tampered with, and as a result, initiate a runtime failure mode); and
	triggers a failure mode based on upon the determining (Anderson, Paragraph [0035], see “…secure (.sec) “hash table” data is produced during activation, which is used to enforce integrity protection at runtime. Unauthorized changes to the executable or to the .sec data will result in a runtime failure mode”, where “runtime failure mode” is analogous to a failure mode that is triggered based on determining that the SEC (i.e., .sec data) has been tampered with). 
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for automated cloud-based code-signing services, disclosed of Naik, and techniques disclosed of Parry, by implementing techniques for dynamic executable verification, comprising of launching a protected executable in a non-secure runtime in order to validate the SEC, and based on not being able to validate the SEC, determining that the SEC has been tampered with, and as a result, triggering a failure mode, disclosed of Anderson.    
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for cloud-based dynamic executable verification, comprising of launching a protected executable in a non-secure runtime in order to validate the SEC, and based on not being able to validate the SEC, determining that the SEC has been tampered with, and as a result, triggering a failure mode. This allows for better security management for dynamic executable verification by launching the executable in a non-secure runtime to locate and verify the SEC (i.e., signature) that was issued during activation. This ensures that the software cannot be tampered with either statically or dynamically without detection. Anderson is deemed as analogous art due to the art disclosing techniques for launching a protected executable in a non-secure runtime in order to validate the SEC, and based on not being able to validate the SEC, determining that the SEC has been tampered with, and as a result, triggering a failure mode (Anderson, Abstract). 


Claims 5-6, 9, 14-15 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Naik, in view of Parry, in further view of Adams et al. (U.S. PGPub. 2007/0074031), hereinafter Adams.

	Regarding claim 5, Naik as modified by Parry teaches The method of claim 1, further comprising:
	the dynamic code signing tool failing to dynamically sign the executable (Naik, Column 9, Lines 39 – 44, see “…verification module 106 may, when requesting second factor authentication, define and/or identitf a window of time within which second factor authentication must occur before denying remote client 202 access to code-signing service 212”, where “denying remote client 202 access to code-signing service 212” is being read as the dynamic code signing tool failing to dynamically sign the executable, due to a lack of credentials from the two factor authentication); 
	
	Naik as modified by Parry do not teach the following limitation(s) as taught by Adams: the dynamic code signing tool aborting the activating with an error condition (Adams, Paragraph [0057], see “…if code signing authority 306 refuses to sign software application 304, an appropriate response (not shown) may be returned to software application developer 302”, which is analogous to the code signing tool aborting the activating (where the activating involves signing the application) with an error condition (i.e., an appropriate response may be returned to the developer)). 
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for automated cloud-based code-signing services, disclosed of Naik, and techniques disclosed of Parry, by implementing techniques for providing code signing services, comprising of the dynamic code signing tool aborting the activating with an error condition, disclosed of Adams. 
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for cloud-based dynamic executable verification, comprising of the dynamic code signing tool aborting the activating with an error condition. This allows for better security management in cases where the executable code file is deemed tampered with or the code signing tool fails to sign the executable for whatever reason. The system can subsequently abort the activating (i.e., not signing the code file) with an error condition after determining that the signing tool failed to sign the executable. This helps protect the system and executable from further breach from an unauthorized entity or system failure. Adams is deemed as analogous art due to the art disclosing techniques for the dynamic code signing tool aborting the activating with an error condition (Adams, Paragraph [0057]). 

	Regarding claim 6, Naik as modified by Parry do not teach the following limitation(s) as taught by Adams: The method of claim 1, further comprising:
	the dynamic code signing tool determining which developer permissions in the developer permissions are associated with the build ID (Adams, Paragraph [0082], see “…any given software application developer is initially an untrusted client. Until a trust relationship is established between the software application developer and the code signing authority, the code signing authority will usually refuse to sign software applications received from the software application developer that may access sensitive APIs. Only after establishing trust relationships with software application developers might a code signing authority be willing to sign software applications, as the code signing authority can then track which APIs it has granted access to, and to which software application developers such access has been granted”, where “as the code signing authority can then track which APIs it has granted access to, and to which software application developers such access has been granted” is analogous to the signing tool (i.e., code signing authority) determining which developer permissions are associated with the build ID (i.e., through tracking which APIs it has granted access to)) (Adams, Paragraph [0113], see “…The registration request includes information that may be used by the code signing authority to validate the identity of the software application developer”);
	the dynamic code signing tool determining whether the developer permissions associated with the build ID are sufficient (Adams, Paragraph [0056], see “…Before code signing authority 306 signs software application 304, code signing authority 306 may consider the identity of application developer 302 in determining whether or not software application 304 should be signed”, where “code signing authority 306 may consider the identity of application developer 302 in determining whether or not software application 304 should be signed” is analogous to the dynamic code signing tool (i.e., code signing authority) determining whether the developer permissions (i.e., based on the identity of application developer 302) associated with the build ID (i.e., comprised within software application 304) are sufficient); and
	the dynamic code signing tool aborting the activating with an error condition when insufficient (Adams, Paragraph [0057], see “…if code signing authority 306 refuses to sign software application 304, an appropriate response (not shown) may be returned to software application developer 302”, which is analogous to the code signing tool aborting the activating (where the activating involves signing the application) with an error condition (i.e., an appropriate response may be returned to the developer) when permissions are insufficient). 
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for automated cloud-based code-signing services, disclosed of Naik, and techniques disclosed of Parry, by implementing techniques for providing code signing services, comprising of the signing tool determining which developer permissions are associated with the build ID, determining whether the developer permissions are sufficient and aborting the activating with an error condition when insufficient, disclosed of Adams.  
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for cloud-based dynamic executable verification, comprising of the signing tool determining which developer permissions are associated with the build ID, determining whether the developer permissions are sufficient and aborting the activating with an error condition when insufficient. This allows for better security management in cases where the developer permissions associated with the build ID (i.e., code file, application, etc.) are deemed insufficient. The system can subsequently abort the activating with an error condition when the permissions are deemed insufficient in order to protect itself from a possible unauthorized entity trying to gain access to the code signing tool. Adams is deemed as analogous art due to the art disclosing techniques for the signing tool determining which developer permissions are associated with the build ID, determining whether the developer permissions are sufficient and aborting the activating with an error condition when insufficient (Adams, Paragraphs [0056 – 0057]). 

	Regarding claim 9, Naik as modified by Parry do not teach the following limitation(s) as taught by Adams: The method of claim 8, wherein:
	the evaluating determines that the DCSR is not authentic, invalid, or developer permissions are insufficient (Adams, Paragraph [0132], see “…the code signing authority application verifies that the code signing request received at step 430 is a valid request made from a registered software application developer”, where “verifies that the code signing request received at step 430 is a valid request made from a registered software application developer” is analogous to determining whether or not the DCSR is authentic and/or valid); and
	the dynamic code signing tool aborts with an error condition (Adams, Paragraph [0137], see “If it is determined at step 440 that a valid request has not been made, then an error message is returned at step 480…”, where “an error message is returned” is analogous to the dynamic code signing tool (i.e., the code signing authority application) aborts with an error condition). 
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for automated cloud-based code-signing services, disclosed of Naik, and techniques disclosed of Parry, by implementing techniques for providing code signing services, comprising of determining that the request is not authentic, invalid or developer permissions are insufficient, and aborting with an error condition as a result, disclosed of Adams. 
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for cloud-based dynamic executable verification, comprising of determining that the request is not authentic, invalid or developer permissions are insufficient, and aborting with an error condition as a result. This allows for better security management by aborting the signing tool with an error condition when the request made by the developer for code signing services is deemed invalid for multiple reasons. This helps maximize the protection of the code signing services by disabling the services when there is a possibility that the system has been compromised by an unauthorized entity. Adams is deemed as analogous art due to the art disclosing techniques for determining that the request is not authentic, invalid or developer permissions are insufficient, and aborting with an error condition as a result (Adams, Paragraph [0132]). 

	Regarding claim 14, Naik as modified by Parry teaches The system of claim 10, wherein the dynamic code signing tool further:
	fails to dynamically sign the executable (Naik, Column 9, Lines 39 – 44, see “…verification module 106 may, when requesting second factor authentication, define and/or identify a window of time within which second factor authentication must occur before denying remote client 202 access to code-signing service 212”, where “denying remote client 202 access to code-signing service 212” is being read as the dynamic code signing tool failing to dynamically sign the executable, due to a lack of credentials from the two factor authentication); 
	
	Naik as modified by Parry do not teach the following limitation(s) as taught by Adams: aborts the activating with an error condition (Adams, Paragraph [0057], see “…if code signing authority 306 refuses to sign software application 304, an appropriate response (not shown) may be returned to software application developer 302”, which is analogous to the code signing tool aborting the activating (where the activating involves signing the application) with an error condition (i.e., an appropriate response may be returned to the developer)). 
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for automated cloud-based code-signing services, disclosed of Naik, and techniques disclosed of Parry, by implementing techniques for providing code signing services, comprising of the dynamic code signing tool aborting the activating with an error condition, disclosed of Adams. 
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for cloud-based dynamic executable verification, comprising of the dynamic code signing tool aborting the activating with an error condition. This allows for better security management in cases where the executable code file is deemed tampered with or the code signing tool fails to sign the executable for whatever reason. The system can subsequently abort the activating (i.e., not signing the code file) with an error condition after determining that the signing tool failed to sign the executable. This helps protect the system and executable from further breach from an unauthorized entity or system failure. Adams is deemed as analogous art due to the art disclosing techniques for the dynamic code signing tool aborting the activating with an error condition (Adams, Paragraph [0057]). 

	Regarding claim 15, Naik as modified by Parry do not teach the following limitation(s) as taught by Adams: The system of claim 10, wherein the dynamic code signing tool further:
	determines which developer permissions in the developer permissions are associated with the build ID (Adams, Paragraph [0082], see “…any given software application developer is initially an untrusted client. Until a trust relationship is established between the software application developer and the code signing authority, the code signing authority will usually refuse to sign software applications received from the software application developer that may access sensitive APIs. Only after establishing trust relationships with software application developers might a code signing authority be willing to sign software applications, as the code signing authority can then track which APIs it has granted access to, and to which software application developers such access has been granted”, where “as the code signing authority can then track which APIs it has granted access to, and to which software application developers such access has been granted” is analogous to the signing tool (i.e., code signing authority) determining which developer permissions are associated with the build ID (i.e., through tracking which APIs it has granted access to)) (Adams, Paragraph [0113], see “…The registration request includes information that may be used by the code signing authority to validate the identity of the software application developer”);
	determines whether the developer permissions associated with the build ID are sufficient (Adams, Paragraph [0056], see “…Before code signing authority 306 signs software application 304, code signing authority 306 may consider the identity of application developer 302 in determining whether or not software application 304 should be signed”, where “code signing authority 306 may consider the identity of application developer 302 in determining whether or not software application 304 should be signed” is analogous to the dynamic code signing tool (i.e., code signing authority) determining whether the developer permissions (i.e., based on the identity of application developer 302) associated with the build ID (i.e., comprised within software application 304) are sufficient); and
	aborts the activating with an error condition when insufficient (Adams, Paragraph [0057], see “…if code signing authority 306 refuses to sign software application 304, an appropriate response (not shown) may be returned to software application developer 302”, which is analogous to the code signing tool aborting the activating (where the activating involves signing the application) with an error condition (i.e., an appropriate response may be returned to the developer) when permissions are insufficient). 
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for automated cloud-based code-signing services, disclosed of Naik, and techniques disclosed of Parry, by implementing techniques for providing code signing services, comprising of the signing tool determining which developer permissions are associated with the build ID, determining whether the developer permissions are sufficient and aborting the activating with an error condition when insufficient, disclosed of Adams.  
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for cloud-based dynamic executable verification, comprising of the signing tool determining which developer permissions are associated with the build ID, determining whether the developer permissions are sufficient and aborting the activating with an error condition when insufficient. This allows for better security management in cases where the developer permissions associated with the build ID (i.e., code file, application, etc.) are deemed insufficient. The system can subsequently abort the activating with an error condition when the permissions are deemed insufficient in order to protect itself from a possible unauthorized entity trying to gain access to the code signing tool. Adams is deemed as analogous art due to the art disclosing techniques for the signing tool determining which developer permissions are associated with the build ID, determining whether the developer permissions are sufficient and aborting the activating with an error condition when insufficient (Adams, Paragraphs [0056 – 0057]). 

Regarding claim 18, Naik as modified by Parry do not teach the following limitation(s) as taught by Adams: The system of claim 17, wherein:
the dynamic code signing tool evaluation comprises the DCSR determining that the DCSR is not authentic, invalid, or developer permissions are insufficient (Adams, Paragraph [0132], see “…the code signing authority application verifies that the code signing request received at step 430 is a valid request made from a registered software application developer”, where “verifies that the code signing request received at step 430 is a valid request made from a registered software application developer” is analogous to determining whether or not the DCSR is authentic and/or valid); and
	the dynamic code signing tool aborts with an error condition (Adams, Paragraph [0137], see “If it is determined at step 440 that a valid request has not been made, then an error message is returned at step 480…”, where “an error message is returned” is analogous to the dynamic code signing tool (i.e., the code signing authority application) aborts with an error condition). 
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for automated cloud-based code-signing services, disclosed of Naik, and techniques disclosed of Parry, by implementing techniques for providing code signing services, comprising of determining that the request is not authentic, invalid or developer permissions are insufficient, and aborting with an error condition as a result, disclosed of Adams. 
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for cloud-based dynamic executable verification, comprising of determining that the request is not authentic, invalid or developer permissions are insufficient, and aborting with an error condition as a result. This allows for better security management by aborting the signing tool with an error condition when the request made by the developer for code signing services is deemed invalid for multiple reasons. This helps maximize the protection of the code signing services by disabling the services when there is a possibility that the system has been compromised by an unauthorized entity. Adams is deemed as analogous art due to the art disclosing techniques for determining that the request is not authentic, invalid or developer permissions are insufficient, and aborting with an error condition as a result (Adams, Paragraph [0132]). 


Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to RODMAN ALEXANDER MAHMOUDI whose telephone number is (571)272-8747.  The examiner can normally be reached on M-F 11:00am – 7:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Philip Chea can be reached on (571) 272-3951.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/RODMAN ALEXANDER MAHMOUDI/Examiner, Art Unit 2499