Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION
Claims 1-20 are pending in this application. 

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 09/23/2021 is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Specification
The attempt to incorporate subject matter into this application by reference to Application No. [APP. NO.], titled “Fast and Accurate Identification of Message-Based API calls in Application Binaries” and filed on September 26, 2014 (Docket No: W037.01), which is incorporated by reference herein in it’s entirety is ineffective because it contains missing information (i.e. Application Number). 
The incorporation by reference will not be effective until correction is made to comply with 37 CFR 1.57(c), (d), or (e). If the incorporated material is relied upon to meet any outstanding objection, rejection, or other requirement imposed by the Office, the correction must be made within any time period set by the Office for responding to the objection, rejection, or other requirement for the incorporation to be effective. Compliance will not be held in abeyance with respect to responding to the objection, rejection, or other requirement for the incorporation to be effective. In no case may the correction be made later than the close of prosecution as defined in 37 CFR 1.114(b), or abandonment of the application, whichever occurs earlier.
Any correction inserting material by amendment that was previously incorporated by reference must be accompanied by a statement that the material being inserted is the material incorporated by reference and the amendment contains no new matter. 37 CFR 1.57(g).

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.


Claims 1, 7-11, 13 and 16-20 are rejected under 35 U.S.C. 101 as being directed to non-statutory subject matter as being directed to an abstract idea without being integrating into practical application or significantly more.
Regarding claims 1 and 13, claims 1 and 13 are/is rejected under 35 USC 101 because the claims are/is directed to an abstract idea without being integrated into a practical application nor being significantly more.
Regarding claims 1 and 12, the claim is directed to an abstract idea as reciting the limitations “determining, [] a first number of times that the first rule is violated by the plurality of operations,” “determining, [] a second number of times that the second rule is violated by the plurality of operations,” “determining that a total of the first number and the second number exceeds the predetermined threshold.”  The aforementioned steps are a mental process as broadly interpreted said steps could be performed in the human mind or by hand with a pen and paper. Accordingly, the claims recite an abstract idea
Said abstract idea and/or judicial exception is not integrated into a practical application as the claim does not recite any other active steps that utilize determination result into a practical application.  It’s noted that the claims recite the steps of “initiating a remedial action.”  However, as discussed in the specification, this operation is “merely generating a message to an administrator,” which is insufficiently to be considered as “being interpreted the abstract idea into a practical application.” The claims also recite the steps of “decompiling a copy of an application” and “obtaining a profile for the application.” Said steps are insignificant extra pre-solution activity (i.e. data gathering). Accordingly, this additional element does not integrate the abstract idea into a practical application because it does not impose any meaningful limits on practicing the abstract idea.  
The claims do not include additional elements that are sufficient to amount to significantly more than the judicial exception because the additional elements when considered both individually and as an ordered combination do not amount to significantly more than the abstract idea.  It’s also noted that the claims do not recite any additional elements (i.e., computing device, etc.,).  However, said additional elements are recited at a high-level of generality (i.e., as a generic computing device performing generic determining and comparing functions), such that it amounts no more than mere instructions to apply the exception or abstract idea using a generic computer component.  
As mentioned above, although the claims recite additional elements, said elements taken individually or as a combination, do not result in the claim amounting to significantly more than the abstract idea because as the additional elements perform generic functions (i.e., determining number of times that a rule is violated and determining if a number exceeds a predetermined threshold) routinely used in information technology field. See US Applications US 2013/0111592 by Zhu et al. (pars. [0013]-[0014], [0046], [0052]-[0056], also see [0058] & [0069]).  As discussed above, the additional elements recited at a high-level of generality such that they amount no more than mere instructions to apply the exception using a generic computer component.  
Therefore, the claim is directed to non-statutory subject matter as being directed to an abstract idea without being integrated into a practical application nor significantly more.
Regarding claims 7-11 and 16-20, claims 7-11 and 16-20 are also rejected under 35 U.S.C 101 as being directed to non-statutory subject matter for the same reasons addressed above as the claims are directed to abstract idea without being integrated into a practical application nor being significantly more.



Claim Rejections - 35 USC § 103
4.	In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.



5.	Claim(s) 1-2, 4, 7-8, 11, 13-14, 16-17 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Bettini et al (“Bettini,” US 20130227683) and further in view of Zhu et al (“Zhu,” US 20130111592). 

Regarding claim 1, Bettini discloses a method for managed device risk assessment, comprising:
decompiling a copy of an application installed on a client device to identify a plurality of operations to be performed during execution of the application; (Bettini, [0039], [0092], [0044], [0081] describe decompiling a copy of an application installed on a client device to identify a plurality of operations to be performed during execution of the application; also see [0024]-[0025]) 
obtaining a profile for the application, (Bettini, Figures 6-7 describe obtaining a profile for the application)
Bettini fails to explicitly disclose the profile comprising a first rule that specifies whether the plurality of operations are assigned a high level of risk, a second rule that specifies whether the plurality of operations are assigned a low level of risk, and a predetermined threshold; determining, with at least one computing device, a first number of times that the first rule is violated by the plurality of operations; determining, with the at least one computing device, a second number of times that the second rule is violated by the plurality of operations; determining that a total of the first number and the second number exceeds the predetermined threshold; and initiating a remedial action in response to determining that the total exceeds the predetermined threshold
However, in an analogous art, Zhu discloses the profile comprising a first rule that specifies whether the plurality of operations are assigned a high level of risk, a second rule that specifies whether the plurality of operations are assigned a low level of risk, and a predetermined threshold; (Zhu, [0013]-[0014], [0046], [0052]-[0056]; also see [0058] & [0069] describe the profile comprising a first rule that specifies whether the plurality of operations are assigned a high level of risk, a second rule that specifies whether the plurality of operations are assigned a low level of risk, and a predetermined threshold)
determining, with at least one computing device, a first number of times that the first rule is violated by the plurality of operations; (Zhu, [0013]-[0014], [0046], [0052]-[0056], also see [0058] & [0069] describe determining, with at least one computing device, a first number of times that the first rule is violated by the plurality of operations)
determining, with the at least one computing device, a second number of times that the second rule is violated by the plurality of operations; (Zhu, [0013]-[0014], [0046], [0052]-[0056]; also see  [0058] & [0069] describe determining, with the at least one computing device, a second number of times that the second rule is violated by the plurality of operations)
determining that a total of the first number and the second number exceeds the predetermined threshold; (Zhu, [0013]-[0014], [0046], [0052]-[0056] also see [0058] & [0069] describes determining that a total of the first number and the second number exceeds the predetermined threshold)
and initiating a remedial action in response to determining that the total exceeds the predetermined threshold, (Zhu, [0013]-[0014], [0055], describes and initiating a remedial action in response to determining that the total exceeds the predetermined threshold; also see Abstract)
Therefore, it would have been obvious to one of ordinary skill in the art  before the effective filing date of the claimed invention to combine the teachings of Zhu with Bettini to include the profile comprising a first rule that specifies whether the plurality of operations are assigned a high level of risk, a second rule that specifies whether the plurality of operations are assigned a low level of risk, and a predetermined threshold; determining, with at least one computing device, a first number of times that the first rule is violated by the plurality of operations; determining, with the at least one computing device, a second number of times that the second rule is violated by the plurality of operations; determining that a total of the first number and the second number exceeds the predetermined threshold, and initiating a remedial action in response to determining that the total exceeds the predetermined threshold. One would have been motivated to identify an unauthorized application that is not authorized to be stored on the device and to allow the user device to remove the unauthorized application from the user device and/or disable or otherwise render inoperable the unauthorized application (Zhu, [0014]).

Regarding claim 2, Bettini and Zhu disclose the method of claim 1. 
Zhu further discloses wherein initiating the remedial action comprises transmitting a command to uninstall the application from the client device, (Zhu, [0014] describes wherein initiating the remedial action comprises transmitting a command to uninstall the application from the client device)
Therefore, it would have been obvious to one of ordinary skill in the art  before the effective filing date of the claimed invention to combine the teachings of Zhu with Bettini to include wherein initiating the remedial action comprises transmitting a command to uninstall the application from the client device. One would have been motivated to identify an unauthorized application that is not authorized to be stored on the device and to allow the user device to remove the unauthorized application from the user device and/or disable or otherwise render inoperable the unauthorized application (Zhu, [0014]). 

Regarding claim 4, Bettini and Zhu disclose the method of claim 1. 
Zhu further discloses wherein initiating the remedial action comprises transmitting a command to uninstall the application from a plurality of client devices that are managed by a device management system, (Zhu, [0013]-[0014], describes wherein initiating the remedial action comprises transmitting a command to uninstall the application from a plurality of client devices that are managed by a device management system)
Therefore, it would have been obvious to one of ordinary skill in the art  before the effective filing date of the claimed invention to combine the teachings of Zhu with Bettini to include wherein initiating the remedial action comprises transmitting a command to uninstall the application from a plurality of client devices that are managed by a device management system. One would have been motivated to identify an unauthorized application that is not authorized to be stored on the device and to allow the user device to remove the unauthorized application from the user device and/or disable or otherwise render inoperable the unauthorized application (Zhu, [0014]).

Regarding claim 7, Bettini and Zhu disclose the method of claim 1. 
Bettini further discloses further comprising identifying a usage category for the application, wherein the profile is assigned to the usage category, (Bettini, [0034], [0120]; describes identifying a usage category for the application, wherein the profile is assigned to the usage category; also see [0022]-[0039]). 

Regarding claim 8, Bettini and Zhu disclose the method of claim 1. 
Bettini further discloses wherein decompiling the application comprises: decompiling a compiled version of the application to generate intermediate or assembly code of the application; (Bettini, [0081]-[0082] describes wherein decompiling the application comprises: decompiling a compiled version of the application to generate intermediate or assembly code of the application) 
and identifying the plurality of operations in the intermediate or assembly code, (Bettini, [0081]-[0082], [0045], [0034] describes and identifying the plurality of operations in the intermediate or assembly code;  also see [0113]-[0114]).

Regarding claim 11, Bettini and Zhu disclose the method of claim 1. 
Zhu further discloses further comprising obtaining the copy of the application in response to identifying that the application is installed on the client device, the client device being managed by a device management system, (Zhu, Figures 8-9 describe obtaining the copy of the application in response to identifying that the application is installed on the client device, the client device being managed by a device management system)
Therefore, it would have been obvious to one of ordinary skill in the art  before the effective filing date of the claimed invention to combine the teachings of Zhu with Bettini to include further comprising obtaining the copy of the application in response to identifying that the application is installed on the client device, the client device being managed by a device management system. One would have been motivated to identify an unauthorized application that is not authorized to be stored on the device and to allow the user device to remove the unauthorized application from the user device and/or disable or otherwise render inoperable the unauthorized application (Zhu, [0014]).

Regarding claim 13, claim 13 is directed to a non-transitory computer-readable medium. Claim 13 is similar in scope to claim 1 and is therefore rejected under the same rationale. 

Regarding claim 14, claim 14 is directed to the non-transitory computer-readable medium of claim 13. Claim 14 is similar in scope to claim 2 and is therefore rejected under the same rationale. 

Regarding claim 16, claim 16 is directed to the non-transitory computer-readable medium of claim 13. Claim 16 is similar in scope to claim 7 and is therefore rejected under the same rationale. 

Regarding claim 17, claim 17 is directed to the non-transitory computer-readable medium of claim 13. Claim 17 is similar in scope to claim 8 and is therefore rejected under the same rationale. 

Regarding claim 20, claim 20 is directed to the non-transitory computer-readable medium of claim 13. Claim 20 is similar in scope to claim 11 and is therefore rejected under the same rationale. 



6.	Claim(s) 3 and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Bettini et al (“Bettini,” US 20130227683) in view of Zhu et al (“Zhu,” US 20130111592) and further in view of Mowatt et al (“Mowatt,” US 20130326499).  

Regarding claim 3, Bettini and Zhu disclose the method of claim 1. 
Bettini and Zhu fail to explicitly disclose wherein initiating the remedial action comprises transmitting a command to replace the application on the client device with an alternate application that is compliant with the profile.
However, in an analogous art, Mowatt discloses wherein initiating the remedial action comprises transmitting a command to replace the application on the client device with an alternate application that is compliant with the profile (Mowatt, FIG 4 & 5B, [0050] describe wherein initiating the remedial action comprises transmitting a command to replace the application on the client device with an alternate application that is compliant with the profile)
Therefore, it would have been obvious to one of ordinary skill in the art  before the effective filing date of the claimed invention to combine the teachings of Mowatt with Bettini and Zhu to include wherein initiating the remedial action comprises transmitting a command to replace the application on the client device with an alternate application that is compliant with the profile. One would have been motivated to track the usage of a recommended application based upon user information stored in a user profile without human intervention (Mowatt, [0050]). 

Regarding claim 15, claim 15 is directed to the non-transitory computer-readable medium of claim 13. Claim 15 is similar in scope to claim 3 and is therefore rejected under the same rationale. 

7.	Claim 5 is rejected under 35 U.S.C. 103 as being unpatentable over Bettini et al (“Bettini,” US 20130227683) in view of Zhu et al (“Zhu,” US 20130111592) and further in view of Manring et al (“Manring,” US 20100205657). 

Regarding claim 5, Bettini and Zhu disclose the method of claim 1. 
Bettini and Zhu fail to explicitly disclose wherein initiating the remedial action comprises rejecting communications from the client device.
However, in an analogous art, Manring discloses wherein initiating the remedial action comprises rejecting communications from the client device (Manring, [0071], [0025], [0045] describes wherein initiating the remedial action comprises rejecting communications from the client device)
Therefore, it would have been obvious to one of ordinary skill in the art  before the effective filing date of the claimed invention to combine the teachings of Manring with Bettini and Zhu to include wherein initiating the remedial action comprises rejecting communications from the client device. One would have been motivated to provide a method and system for protected access control (Manring, [0002]). 

8.	Claim 6 is rejected under 35 U.S.C. 103 as being unpatentable over Bettini et al Bettini et al (“Bettini,” US 20130227683) in view of Zhu et al (“Zhu,” US 20130111592) and further in view of Mutler et al (“Multer,” US 20110269424). 

Regarding claim 6, Bettini and Zhu disclose the method of claim 1. 
Bettini and Zhu fail to explicitly disclose wherein initiating the remedial action comprises causing data associated with the application on the client device to be encrypted.
However, in an analogous art, Multer discloses wherein initiating the remedial action comprises causing data associated with the application on the client device to be encrypted (Multer, Table 28; [0426]-[0427] describes wherein initiating the remedial action comprises causing data associated with the application on the client device to be encrypted)
Therefore, it would have been obvious to one of ordinary skill in the art  before the effective filing date of the claimed invention to combine the teachings of Multer with Bettini and Zhu to include wherein initiating the remedial action comprises causing data associated with the application on the client device to be encrypted. One would have been motivated to communicate data between systems and devices (Multer, [0008]). 



10.	Claim(s) 9, 10, 18 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Bettini et al (“Bettini,” US 20130227683) in view of Zhu et al (“Zhu,” US 20130111592) and further in view of Yehuda et al (“Yehuda,” 7934248). 

Regarding claim 9, Bettini and Zhu disclose the method of claim 1.
Bettini and Zhu fail to explicitly disclose further comprising generating a report that presents the first number of times that the first rule is violated and the second number of times that the second rule is violated.
However, in an analogous art, Yehuda discloses further comprising generating a report that presents the first number of times that the first rule is violated and the second number of times that the second rule is violated, (Yehuda, Col. 6, Lines 21-23; Figures 8-13 describe generating a report that presents the first number of times that the first rule is violated and the second number of times that the second rule is violated). 
Therefore, it would have been obvious to one of ordinary skill in the art  before the effective filing date of the claimed invention to combine the teachings of Yehuda with Bettini and Zhu to include further comprising generating a report that presents the first number of times that the first rule is violated and the second number of times that the second rule is violated. One would have been motivated to access policies in force for the network and display an overall compliance rating indicating compliance or non-compliance with each particular policy (Yehuda, Col. 1, Lines 64-67; Col. 2, Lines 1-13). 



Regarding claim 10, Bettini, Zhu and Yehuda disclose the method of claim 9. 
Bettini further discloses further comprising transmitting a notification of the report to a developer of the application, the notification indicating that the application violates the profile, (Bettini, [0038], [0118], [0126], [0021] describes notifying the report to the application developer, notifying indicating that the application violates a policy that is stored in a risk profile)

Regarding claim 18, claim 18 is directed to the non-transitory computer-readable medium of claim 13. Claim 18 is similar in scope to claim 9 and is therefore rejected under the same rationale. 

Regarding claim 19, claim 19 is directed to the non-transitory computer-readable medium of claim 18. Claim 19 is similar in scope to claim 10 and is therefore rejected under the same rationale.

13.	Claim 12 is rejected under 35 U.S.C. 103 as being unpatentable over Bettini et al (“Bettini,” US 20130227683) in view of Zhu et al (“Zhu,” US 20130111592) and further in view of Dicorpo et al (“Dicorpo,” US 20120150773). 

Regarding claim 12, Bettini and Zhu disclose the method of claim 1. 
Bettini and Zhu fail to explicitly disclose further comprising transmitting data for the application to a machine learning system to train the machine learning system to identify at least one characteristic that indicates a violation of the profile.
However, in an analogous art, Dicorpo discloses further comprising transmitting data for the application to a machine learning system to train the machine learning system to identify at least one characteristic that indicates a violation of the profile, (DiCorpo, [0040], [0055], [0057] describes transmitting data for the application to a machine learning system to train the machine learning system to identify at least one characteristic that indicates a violation of the profile). 
Therefore, it would have been obvious to one of ordinary skill in the art  before the effective filing date of the claimed invention to combine the teachings of DiCorpo with Bettini and Zhu to include further comprising transmitting data for the application to a machine learning system to train the machine learning system to identify at least one characteristic that indicates a violation of the profile. One would have been motivated to determine if a profile violates a policy designating actions to response rules to fix the issue with the violation (DiCorpo, [0032]-[0033]). 


Conclusion
                                                                                                                                                                           
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JAMES J WILCOX whose telephone number is (571)270-3774. The examiner can normally be reached M-F: 8 A.M. to 5 P.M..
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu T. Pham can be reached at (571)270-5002. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/JAMES J WILCOX/Examiner, Art Unit 2439



/LUU T PHAM/Supervisory Patent Examiner, Art Unit 2439