determining whether the one or more APIs to which the software application requires
`
`access includes a sensitive API;
`
`determining whether the software application includes an authentic global signature; and
`
`determining whether the software application includes an authentic digital signature and
`
`access includes a sensitive API and the software application includes an authentic global
`
`signature; and
`
`the step of denying the software application access to the one or more APis comprises the
`
`steps of:
`
`denying the software application access to the one or more APIs where the software
`
`application does not include an authentic global signature; and
`
`denying the sofiware application access to the sensitive API where the one or more APES
`
`to which the software application requires access includes a sensitive API, the software
`
`application includes an authentic glohai signature, and the software application does not include
`
`an authentic digital signature and signature identifier required to access the sensitive APl.
`
`signature identification where the one or more APls to which the software application requires
`
`Cib 1513306V2
`
`£12.
`
`(New) A code signing system for controlling access to application programming
`
`interfaces (APIs) having signature identificaters by software applications, the code signing
`
`system comprising:
`
`a verification system for authenticating digital signatures provided by the respective
`
`software applications to access the APIs where the signature identifications correspond with the
`
`signature identificaters of the respective APIs and where a digital signature for a software
`
`application is generated with a. signature identification eerresponding to a signature identificater
`
`to access at least one API; and
`
`a controi system for allowing access to at least one of the APIs where the digital signature
`
`provided by the software application is authenticated by the verification system.
`
`113.
`
`(New) The code signing system of claim 112, wherein a virtual machine comprises the
`
`verification system and the control system.
`
`Page 1001 of 1415
`
`GOOGLE EXHIBIT 1004
`Part 3 of 3
`
`

`

`114.
`
`(New) The code signing system of claim 113, wherein the virtual machine is a Java
`
`virtual machine instailed on a mobile device.
`
`115.
`
`(New) The code signing system of claim 112, wherein the control system requires one
`
`digital signature and one signature identification for each library of at least one of the APis.
`
`116.
`
`(New) The code signing system of claim 1i2, wherein the code signing system is
`
`installed on a mobile device and the software application is a Java application for a mobile
`
`device.
`
`CLl— 1513306V2
`
`identification, and the verification system uses a public signature key to authenticate the digital
`
`117.
`
`(New) The code- signing system of claim 112, wherein the digital signature and the
`
`signature identification of the software appiication are generated by a code signing authority.
`
`liS.
`
`(New) The code signing system of claim 112, wherein the APIs access at ieast one of a
`
`cryptographic module, which implements cryptographic algorithms, a data store, a proprietary
`
`data model, and a user interface (U1).
`
`119.
`
`(New) The code signing system of clairn 112, wherein the digital signature is generated
`
`using a private signature key under a signature scheme associated with the signature
`
`signature.
`
`120.
`
`(New) The code signing system of ciaini 119, wherein:
`
`the digital signature is generated by applying the private signature key to a hash of the
`
`software application under the signature scheme; and
`
`the verification system authenticates the digital signature by generating a hash of the
`
`software application to obtain a generated hash, appiying the public signature key to the digital
`
`signature to obtain a recovered hash, and verifying that the generated hash with the recovered
`
`hash are the same.
`
`Page 1002 of 1415
`
`

`

`12 l.
`
`(New) The code signing system of claim 1 12, wherein at least one of the ANS further
`
`comprises:
`
`a description string that is displayed to a user when the software application attempts to
`
`access said at least one of the APIs,
`
`122.
`
`(New) The code signing system of claim 112, wherein the APis provides access to at
`
`a mobile device.
`
`least one of one or more core functions of a mobile device, an operating system, and hardware on
`
`CLE- 15 i3306v2
`
`123.
`
`(New) The code signing system of claim 1i2, wherein verification of a global digital
`
`signature provided by the software application is required for accessing any of the APls.
`
`124.
`
`(New) A method of controlling access to application programing interfaces (APIs)
`
`having signature identifiers by software applications, the method comprising:
`
`authenticating digital signatures provided by the respective software applications to
`
`access the APIs where the signature identifications correspond with the signature identifiers of
`
`the respective APEs and where a digital signature for a software application is generated with a
`
`signature identification corresponding to a signature identifier to access at least one API; and
`
`allowing access to at least one of the APis where the digital signature provided by the
`
`software application is authenticated.
`
`125.
`
`(New) The method of claim 124, wherein one digital signature and one signature
`
`identification are provided by the software application access a library of at least one of the
`
`APIs.
`
`l26.
`
`(New) The method of claim 1.24, wherein the digital signature and the signature
`
`identification of the software application are generated by a code signing authority.
`
`127'.
`
`(New) The method of claim 124, wherein the APIs access at least one of a cryptographic
`
`module that implements cryptographic algorithms, 3 data store, a proprietary data modei, and a
`
`user interface (U1).
`
`Page 1003 of 1415
`
`

`

`128.
`
`(New) The method of claim 124, wherein the digital signature is generated using a
`
`private signature key under a signature scheme associated with the signature identification, and a
`
`public signature key is used to authenticate the digital signature.
`
`129.
`
`(New) The method of claim 128, wherein:
`
`the digital signature is generated by applying the private signature key to a hash of the
`
`software application under the signature scheme; and
`
`the digital signature is authenticated by generating a hash of the software application to
`
`obtain a generated hash, applying the public signature key to the digitai signature to obtain a
`
`recovered hash, and verifying that the generated hash with the recovered hash are the same.
`
`130.
`
`(New) The method of claim 124, wherein at ieast one of the APIs thither comprises:
`
`a description string that is displayed to a user when the software application attempts to
`
`access said at least one of the APls.
`
`Ci J- 15133 GGVZ
`
`(New) The method of claim 124, wherein the APIs provides access to at least one of one
`
`131.
`
`or more core functions of a mobile device, an operating system, and hardware on a mobile
`
`device.
`
`132.
`
`(New) The method of ciaiin 124, wherein verification of a global digital signature
`
`provided by the software application is required for accessing any of the APIs
`
`133.
`
`(New) A management system for controlling access by software applications to
`
`application programming interfaces (APIs) having at least one signature identifier on a subset of
`
`a plurality of mobile devices, the management system comprising:
`
`a code signing authority for providing digital signatures and signature identifications to
`
`software applications that require access to at ieast one of the APIs with a signature identifier on
`
`the subset of the plurality of mobile devices, where a digital signature for a software application
`
`is generated with a signature identification corresponding to a signature identifier, and the
`
`signature identifications provided to the software applications comprise those signature
`
`Page 1004 of 1415
`
`

`

`identifications that correspond to the signature identifiers that are substantially only on the subset
`
`mobile devices comprises
`
`a verification system for authenticating digital signatures provided by the respective
`
`software applications to acoess respective APls where the digital identifications correspond to
`
`the digital identifiers of the respective APIs; and
`
`a control system for allowing the respective software applications to access at least one of
`
`the APIS where the digital signatures provided by the respective software applications are
`
`authenticated by the verification system.
`
`134.
`
`(New) The management system of claim 133, wherein a virtual machine comprises the
`
`verification system and the control system.
`
`135.
`
`(New) The management system of claim 134, wherein the virtual machine is a Java
`
`virtual machine and the software applications are Java applications.
`
`of the plurality of mobile devices; wherein each mobile device ofthe subset of the plurality of
`
`CLI- 1513306v2
`
`136.
`
`(New) The management system of claim 133, wherein the control system requires one
`
`digital signature and one signature identification for each library of at least one of the APls.
`
`137.
`
`(New) The management system of claim 133: wherein the APIs access at least one of a
`
`cryptographic module, which implements cryptographic algorithms, a data store, a proprietary
`
`data model, and a user interface (U1).
`
`138.
`
`(New) The management system of claim 133, wherein the digital signature is generated
`
`using a private signature key under a signature scheme associated with the signature
`
`identification, and the verification system uses a public signature key to authenticate the digitai
`
`signature.
`
`139.
`
`(New) The management system of claim 138, wherein:
`
`the digital signature is generated by applying the private signature key to a hash of the
`
`software application under the signature scheme; and
`
`Page 1005 of 1415
`
`

`

`the verification system authenticates the digital signature by generating a hash of the
`
`software application to obtain a generated hash, applying the public signature key to the digital
`
`signature to obtain a recovered hash, and verifying that the generated hash with the recovered
`
`hash are the same.
`
`140.
`
`(New) The management system of claim 133, wherein at least one of the APls further
`
`comprises:
`
`a description string that is displayed to a user when the software application attempts to
`
`access said at least one of the APls.
`
`mobile devices comprises mobile devices under the control of at least one of a corporation and a
`carrier.
`
`CLI- 1513306v2
`
`141.
`
`(New) The management system of claim 133, wherein the subset of the plurality of
`
`142.
`
`(New) The management system of claim 133, wherein a global digital signature provided
`
`by the software application has to be authenticated before the software application is allowed
`
`access to any of the ANS on a mobile device of the subset of the plurality of mobiie devices.
`
`143.
`
`(New) A method of controlling access by software applications to application
`
`programming interfaces (APIs) having at least one signature identifier on a subset of a plurality
`
`of mobile devices, the method comprising:
`
`generating digital signatures for software applications with signature identifications
`
`corresponding to respective signature identifiers of the APIs; and
`
`providing the digital signatures and the signature identifications to software applications
`
`that require access to at least one of the APIS on the subset ofthe piurality of mobile devices,
`
`where the signature identifications provided to the software applications comprise those
`
`signature identifications that correspond to the signature identifiers that are substantially only on
`
`the subset of the plurality of mobile devices; wherein each mobile device of the subset of the
`
`plurality of mobile devices comprises
`
`Page 1006 of 1415
`
`

`

`a verification system for authenticating digitai signatures provided by the reSpective
`
`the digital identifiers of the respective APIS; and
`
`a control system for allowing the software application to access at least one of the AFIS
`
`where the digital signature provided by the software application is authenticated by the
`
`verification system.
`
`144.
`
`(New) The method of claim 143, wherein a virtuai machine comprises the verification
`
`system and the control system.
`
`145.
`
`(New) The method of claim 144, wherein the virtual} machine is a Java virtual machine
`
`and the software applications are Java applications.
`
`146.
`
`(New) The method of claim 143, wherein the control system requires one digital
`
`signature and one signature identification for each library of at least one of the ANS.
`
`software applications to access respective APIs where the digital identifications correspond to
`
`CLl— 1513306v2
`
`147.
`
`(New) The method of claim 143, wherein the APIs access at ieast one of a cryptographic
`
`module, which implements cryptographic algorithms, a data store, a proprietary data model, and
`
`a user interface (UI).
`
`148.
`
`(New) The method of claim 143, wherein at ieast one of the digital signatures is
`
`generated using a private signature key under a signature scheme associated with a signature
`
`identification, and the verification system uses a public signature keys to authenticate said at
`
`least one of the digital signatures.
`
`149.
`
`(New) The method of claim 148, wherein:
`
`at least one of the digitai signatures is generated by applying the private signature key to
`
`a hash of a software appiication under the signature scheme; and
`
`the verification system authenticates said at least one of the digital signatures by
`
`generating a hash of the software appiication to obtain a generated hash, applying the public
`
`Page 1007 of 1415
`
`

`

`signature key to said at least one of the digitai signatures to obtain a recovered hash, and
`
`verifying that the generated hash with the recovered hash are the same.
`
`150.
`
`(New) The method of claim E43, wherein at least one of the APIs further comprises:
`
`a description string that is displayed to a user when the software application attempts to
`
`access said at least one of the APIs.
`
`CiJv 1513306v2
`
`where a digital signature provided by the software application is authenticated by the verification
`
`151.
`
`(New) The method of claim 143, wherein the subset of the plurality of mobile devices
`
`comprises mobile devices under the control of at least one of a corporation and a carrier.
`
`152.
`
`(New) A mobile device for a subset of a plurality of mobile devices, the mobiie device
`
`comprising:
`
`an application platform having appiication programming interfaces (APIS);
`
`a verification system for authenticating digital signatures and signature identifications
`
`provided by the respective software applications to access the APIs; and
`
`a controi system for allowing a software application to access at least one of the APIS
`
`system;
`
`wherein a code signing authority provides digitai signatures and signature identifications
`
`to software applications that require access to at ieast one of the APis such that the digital
`
`signature for the software application is generated according to a signature scheme of a signature
`
`identification, and wherein the signature identifications provided to the software applications
`
`comprise those signature identifications that are substantially only authorized to aiiow access on
`
`the subset of the pluraiity of mobile devices.
`
`153.
`
`(New) The mobile device of claim 152, wherein a virtual machine comprises the
`
`verification system and the control system
`
`154.
`
`(New) The mobile device of claim 153, wherein the virtual machine is a Java virtuai
`
`machine and the software application is a Java application.
`
`Page 1008 of 1415
`
`

`

`155.
`
`(New) The mobile device of claim 152, wherein the control system requires one digital
`
`signature and one signature identification for each library of at least one of the A913.
`
`156.
`
`(New) The mobile device of claim 152, wherein the APls of the application platform
`
`access at least one of a cryptographic module, which implements cryptographic algorithms, a
`
`data store, a proprietary data model, and a user interface (U1).
`
`157.
`
`(New) The mobile device of claim 152, wherein the digital signature is generated using a
`
`private signature key under the signature scheme, and the verification system uses a public
`
`signature key to authenticate the digital signature.
`
`software application to obtain a generated hash, applying the public signature key to the digital
`
`CLE- 15133G6v2
`
`158.
`
`(New) The mobile device of claim 157, wherein:
`
`the digital signature is generated by applying the private signature key to a hash ofthe
`
`software application under the signature scheme; and
`
`the verification system authenticates the digital signature by generating a hash of the
`
`signature to obtain a recovered hash, and verifying that the generated hash with the recovered
`
`hash are the same.
`
`l59.
`
`(New) The mobile device of claim 152, wherein at least one of the APIs further
`
`e omprises:
`
`a description string that is displayed to a user when the software application attempts to
`
`access said at least one of the APIs.
`
`160.
`
`(New) A method of controlling access to application programming interfaces (APls) of
`
`an application platform of a mobile device for a subset of a plurality of mobile devices, the
`
`method comprising:
`
`receiving digital signatures and signature identifications from software applications that
`
`require to access the APIs
`
`authenticating the digital signatures and the signature identifications; and
`
`Page 1009 of 1415
`
`

`

`allowing a software application to access at least one of the APIs where a digital
`
`signature provided by the software application is authenticated;
`
`wherein a code signing authority provides the digital signatures and the signature
`
`identifications to the software applications that require access to at least one of the APIs such
`
`that the digital signature for the software application is generated according to a signature
`
`scheme of a signature identification, and wherein the signature identifications provided to the
`
`software applications comprise those signature identifications that are snbstantiaily only
`
`authorized to ailow access on the subset of the pluraiity of mobile devices.
`
`161.
`
`(New) The method of claim 160, wherein one digital signature and one signature
`
`identification is required for accessing each library of at least one of the APis.
`
`i62,
`
`(New) The method of claim 160, wherein the APis ofthe application piatform access at
`
`proprietary data modei, and a user interface (Ui).
`
`least one of a cryptographic module, which implements cryptographic algorithms, 3 data store, a
`
`CLI- 15E3306v2
`
`163.
`
`(New) The method of ciaim 160, wherein the digital signature is generated using a
`
`private signature key under the signature scheme, and a public signature key is used to
`
`authenticate the digital signature.
`
`164.
`
`(New) The method of claim 163, wherein:
`
`the digital signature is generated by applying the private signature key to a hash of the
`
`software application. under the signature scheme; and
`
`the digital signature is authenticated by generating a hash of the software application to
`
`obtain a generated hash, applying the public signature key to the digital signature to obtain a
`
`recovered hash, and verifiing that the generated hash with the recovered hash are the same.
`
`Page 1010 of 1415
`
`

`

`165.
`
`(New) The method of claim I60, wherein at ieast one of the APIS further comprises:
`
`access said at least one of the AMS.
`
`a description string that is dispiayed to a user when the software application attempts to
`
`CLim 1513306V2
`
`Page 1011 of 1415
`
`

`

`REMARKS
`
`Respeetfilliy submit,
`
`Johm V; iernacki
`
`Regjo. 40,511
`
`Jon , Day
`North Point
`90} Lakeside Avenue
`
`Cleveland, OH 44114-1190
`(216) 586-7747
`
`This paper reSponds to the notice of n0n~e0mpliant amendment mailed May 21, 2007.
`The examiner is invited to contact the undersigned in case there are any questions or comments.
`
`C11- 15 E3306v2
`
`Page 1012 of 1415
`
`

`

`
`
`
`
`EFS ID: 1811276
`
`Application Number:
`
`10381219
`
`Title of Invention:
`
`Software code signing system and method
`
`Correspondence Address:
`
`David B Cochran
`
`Jones Day
`North Point
`
`901 Lakeside Avenue
`Cleveland
`
`US
`
`44114-1190
`
`Electronic Acknowledgement Receipt
`
`File Listing:
`
`Filer Authorized By:
`
`Stephen D. Scanlon
`
`
`
`Attorney Docket Number: 555255012423
`
`Receipt Date:
`
`25-MAY-2007
`
`Filing Date:
`
`20-MAR-2003
`
`Time Stamp:
`
`11:27:25
`
`Application Type:
`
`US. National Stage under 35 USC 371
`
`Payment information:
`
`Submitted with Payment
`
`Page 1013 of 1415
`
`

`

`
`
`Document
`
`Document Description
`
`File Name
`
`File Size(Bytes)
`
`Part/zip (if app”
`
`Document Description
`
`Preliminary Amendment
`
`Applicant Arguments/Remarks Made in an Amendment
`
`Warnings:
`Information:
`
`Total Files Size (in bytes):
`
`731624
`
`This Acknowledgement Receipt evidences receipt on the noted date by the USPTO of the indicated documents,
`characterized by the applicant, and including page counts, where applicable.
`It serves as evidence of receipt
`similar to a Post Card, as described in MPEP 503.
`
`New Applications Under 35 U.S.C. 111
`If a new application is being filed and the application includes the necessary components for a filing date (see
`37 CFR 1.53(b)-(d) and MPEP 506), a Filing Receipt (37 CFR 1.54) will be issued in due course and the date
`shown on this Acknowledgement Receipt will establish the filing date of the application.
`
`National Stage of an International Application under 35 U.S.C. 371
`If a timely submission to enter the national stage of an international application is compliant with the conditions
`of 35 U.S.C. 371 and other applicable requirements a Form PCT/D0/EO/903 indicating acceptance of the
`application as a national stage submission under 35 U.S.C. 371 will be issued in addition to the Filing Receipt,
`in due course.
`
`New International Application Filed with the USPTO as a Receiving Office
`If a new international application is being filed and the international application includes the necessary
`components for an international filing date (see PCT Article 11 and MPEP 1810), a Notification of the
`International Application Number and of the International Filing Date (Form PCT/RO/105) will be issued in due
`course, subiect to prescriptions concerning national security, and the date shown on this Acknowledgement
`
`
`
`Receipt will establish the international filing date of the application.
`
`Page 1014 of 1415
`
`

`

`7590
`_
`DaVId B Cochran
`
`05/2 I/2007
`
`Jones Day
`North Point
`90] Lakeside Avenue
`Cleveland, OH 44114-1190
`
`,
`
`'
`
`EXAMINER
`
`AVERY, JEREMIAH L
`ART UNIT
`PAPER NUMBER
`
`2m
`
`MAIL DATE
`
`05/21/2007
`
`DELIVERY MODE
`
`PAPER
`
`Please find below and/or attached an Office communication concerning this application or proceeding.
`
`The time period for reply, if any, is set in the attached communication.
`
`UNITED STATES PATENT AND TRADEMARK OFFICE
`
`APPLICATION NO.
`
`FILING DATE
`
`FIRST NAMED INVENTOR
`
`ATTORNEY DOCKET NO.
`
`CONFIRMATION N0.
`
`l0/381,2l9
`
`03/20/2003
`
`David P Yach
`
`555255012423
`
`976i
`
`UNITED STATES DEPARTMENT OF COMMERCE
`United States Patent and Trademark Office
`Address: COMMISSIONER FOR PATENTS
`PO. Box I450 ‘
`Alexandria. Virginia 22313- I450
`wwwiusplo.gov
`
`PTOL-90A (Rev. 04/07)
`
`Page 1015 of 1415
`
`

`

`' Notice of Non-Compliant
`
`10381219
`
`YACH ET AL.
`
`Jeremiah Ave
`
`2131
`
`E] 4. Amendments to the claims:
`[I A. A complete listing of all of the claims is not present.
`[:1 B. The listing of claims does not include the text of all pending claims (including withdrawn claims)
`[I C. Each claim has not been provided with the proper status identifier, and as such, the individual status
`of each claim cannot be identified. Note:
`the status of every claim must be indicated after its claim
`number by using one of the following status identifiers: (Original), (Currently amended), (Canceled),
`(Previously presented), (New), (Not entered), (Withdrawn) and (Withdrawn-currently amended).
`[:1 D. The claims of this amendment paper have not been presented in ascending numerical order.
`[:1 E. Other:
`
`Part of Paper No.
`
`— The MAILING DA TE of thls communication appears on the cover sheet with the correspondence address --
`
`The amendment document filed on 03 May 2007 is considered non-compliant because it has failed to meet the
`requirements of 37 CFR 1.121 or 1.4. In order for the amendment document to be compliant, correction of the following
`item(s) is required.
`
`THE FOLLOWING MARKED (X) ITEM(S) CAUSE THE AMENDMENT DOCUMENT TO BE NON-COMPLIANT:
`E] 1. Amendments to the specification:
`[:1 A. Amended paragraph(s) do not include markings.
`C] B. New paragraph(s) should not be underlined.
`[I C. Other
`
`[3 2. Abstract:
`[:1 A. Not presented on a separate sheet. 37 CFR 1.72.
`E] B. Other
`
`[I 3. Amendments to the drawings:
`1:! A. The drawings are 'not properly identified in the top margin as “Replacement Sheet," “New Sheet." or
`“Annotated Sheet" as required by 37 CFR 1.121(d).
`[:1 B. The practice of submitting proposed drawing correction has been eliminated. Replacement drawings
`showing amended figures, without markings, in compliance with 37 CFR 1.84 are required.
`[:1 C. Other___
`.
`
`8 5. Other (e.g., the amendment is unsigned or not signed in accordance with 37 CFR 1.4):
`Claims section should start on a seg’arate page from page 1.
`
`For further explanation of the amendment format required by 37 CFR 1.121, see MPEP § 714.
`
`TIME PERIODS FOR FILING A REPLY TO THIS NOTICE:
`
`1-. Applicant is given no new time period if the non-compliant amendment is an after-final amendment, an amendment
`filed after allowance, or a drawing submission (only).
`If applicant wishes to resubmit the non-compliant after-final
`amendment with corrections, the entire corrected amendment must be resubmitted.
`
`Applicant is given one month, or thirty (30) days, whichever is longer, from the mail date of this notice to supply the
`correction, if the non-compliant amendment is one of the following: a preliminary amendment, a non-final amendment
`(including a submission for a request for continued examination (RCE) under 37 CFR 1.114), a supplemental
`amendment filed within a suspension period under 37 CFR 1.103(a) or (c), and an amendment filed in response to a
`Quay/e action. If any of above boxes 1. to 4. are checked, the correction required is only the corrected section of the
`non-compliant amendment in compliance with 37 CFR 1.121.
`
`Extensions of time are available under 37 CFR 1.136(a) only if the non-compliant amendment is a non-final
`amendment or an amendment filed in response to a Quayle action.
`
`Failure to timely respond to this notice will result in:
`Abandonment of the application if the non-compliant amendment is a non-final amendment or an amendment
`filed in response to a Quay/e action; or
`Non-entry of the amendment if the non-compliant amendment is a preliminary amendment or supplemental
`amendment.
`
`Leal Instruments Examiner LIE if a licable
`U.S. Patent and Trademark Office
`
`Telehone No.
`
`Page 1016 of 1415
`
`

`

`Application No.
`
`»‘ Continuation Sheet (PTOL-324)
`PTOL-324 (04—06)
`
`Notice of Non-Compliant Amendment (37 CFR 1.121)
`
`Page 1017 of 1415
`
`

`

`v
`
`‘ Co'qtlnuanon Sheet (PTOL-324)
`
`Application No.
`
`Page 1018 of 1415
`
`

`

`PATENT
`
`IN THE UNITED STATES PATENT AND TRADEMARK OFFICE
`
`In the application of
`
`2
`
`David P. Yach; Michael S. Brown; Herbert A. Littie
`
`Internat'l. Appl'n‘ No. :
`
`PCT/CA01/01344
`
`Internat'l. Fiiing Date :
`
`09/20/2001
`
`US. Serial No.
`
`US. Filing Date
`
`10/381,219
`
`03/20f2003
`
`Priority Date Claimed:
`
`09/21f2000
`
`Gil—15 I 3306Vl
`
`This paper responds to the notice ofnonucornpliant amendment rnailed April 3, 2007.
`Any fees due should be charged to Jones Day Deposit Account No. 501432, ref: 555255-012423.
`
`:
`
`:
`
`:
`
`:
`
`:
`
`:
`
`Title
`
`Art Unit
`
`Examiner
`
`Docket No.
`
`Software Code Signing System And Method
`
`213 l
`
`J. Avery
`
`55525 5012423
`
`Commissioner for Patents
`
`Washington, DC. 20231
`
`Preiiminary Amendment
`
`Prior to taking up this case for initial examination, please amend the application as
`follows.
`
`The Claims
`
`Please oancei original oiaims 1—56.
`
`Please add the foliowing new claims 57—165.
`
`57,
`
`(New) A code signing system for operation in conjunction with a software application
`
`having a digital signature and a signature identification, where the digital signature is associated
`
`with the signature identification, comprising:
`
`Page 1019 of 1415
`
`

`

`an application platform;
`
`an application programing interface (API) having an associated signature identifier, the
`
`A131 is configured to link the software application with the application platform; and
`
`a virtual machine that verifies the authenticity of the digital signature in order to control
`
`access to the AH by the software application where the signature identifier corresponds to the
`
`signature identification.
`
`58.
`
`(New) The code signing system of claim 57, wherein the virtual machine denies the
`
`software application access to the API if the digital signature is not authenticated.
`
`59.
`
`(New) The code signing system of claim 57, wherein the virtual machine purges the
`
`software application if the digital signature is not authenticated.
`
`CLi-l513306v1
`
`identifier, each configured to link the software application with a resource on the application
`
`60.
`
`(New) The code signing system of ciairn 57, wherein the code signing system is installed
`
`on a mobile device.
`
`61.
`
`(New) The code signing system of claim 57, wherein the digital signature is generated by
`
`a code signing authority.
`
`62.
`
`(New) A code signing system for operation in conjunction with a software application
`
`having a digital signature and a signature identification where the digital signature is associated
`
`with the signature identification, comprising:
`
`an application platform;
`
`a plurality of application programming interfaces (APIs) associated with a signature
`
`platform; and
`
`a virtual machine that verifies the authenticity of the digital signature in order to control
`
`access to the APIs by the software application where the signature identification corresponds to
`
`the signature identifier,
`
`wherein the virtual machine verifies the authenticity of the digital signature in order to
`
`control access to the plurality of APIs by the software application.
`
`Page 1020 of 1415
`
`

`

`63.
`
`(New) The code signing system of claim 62, wherein the plurality of APIs are included
`
`in an AP! library.
`
`64.
`
`(New) The code signing system of claim 62, wherein one or more of the plurality of
`
`A1915 is classified as sensitive and having an associated signature identifier, and wherein the
`
`virtual machine uses the digital signature and the signature identification to control access to the
`
`sensitive APIs.
`
`65.
`
`(New) The code signing system of claim 64, wherein the code signing system operates
`
`in. conjunction with a plurality of software applications, wherein one or more of the plurality of
`
`software applications has a digital signature and a signature identification, and wherein the
`
`virtual machine verifies the authenticity of the digital signature of each of the one or more of the
`
`plurality of software applications, where the signature identification corresponds to the signature
`
`of the plurality of software applications.
`
`identifier of the respective sensitive APIs, in order to control access to the sensitive APIs by each
`
`CLE-lSifBGévi
`
`66.
`
`(New) The code signing system of claim 62, wherein the resource on the application
`
`platform comprises a wireless communication system.
`
`67.
`
`(New) The code signing system of claim 62, wherein the resource on the application
`
`platform comprises a cryptographic module which implements cryptographic algorithms.
`
`68.
`
`(New) The code signing system of claim 62, wherein the resource on the application
`
`platform comprises a data store.
`
`69.
`
`(New) The code signing system of claim 62, wherein the resource on the application
`
`platform comprises a user interface (U1).
`
`70.
`
`(New) The code signing system of claim 57, further comprising:
`
`Page 1021 of 1415
`
`

`

`a plurality of API libraries, each of the plurality of APE libraries includes a plurality of
`
`application.
`
`71.
`
`(New) The code signing system of claim 70, wherein at least one of the plurality of API
`
`libraries is classified as sensitive;
`
`wherein access to a sensitive API library requires a digital signature associated with a
`
`signature identification where the signature identification corresponds to a signature identifier
`
`associated with the sensitive APE library;
`
`wherein the software application includes at least one digital signature and at least one
`
`associated signature identification for accessing sensitive APi libraries; and
`
`wherein the virtual rnachine authenticates the software application for accessing the
`
`sensitive API library by verifying the one digital signature included in the software application
`
`that has a signature identification corresponding to the