determining whether the one or more APIs to which the software application requires
`
`access includes a sensitive API;
`|
`determining whether the software application includes an authentic global signature; and
`determining whcther the software application includes an authentic digital signature and
`signature identification where the one or more APIs to whichthe software application requires
`access includes a sensitive API and the software application includes an authentic global
`
`signature; and
`
`the step of denying the software application access to the one or more APIs comprisesthe
`
`steps of:
`
`denying the software application access to the one or more APIs where the software
`
`application does not include an authentic global signature; and
`
`denying the software application access to the sensitive API where the one or more APIs
`
`to which the software application requires access includes a sensitive API, the software
`
`application includes an authentic global signature, and the software application does not include
`
`an authentic digital signature and signature identifier required to access the sensitive API.
`
`112.
`(New) A code signing system for controlling access to application programming
`interfaces (APIs) having signature identificaters by software applications, the code signing
`
`system comprising:
`
`a verification system for authenticating digital signatures provided bythe respective
`
`software applications to access ihe APIs where the signature identifications correspond with the
`signature identificaters of the respective APIs and wherea digital signature for a software
`
`application is generated with asignature identification corresponding to a signature identificater
`
`to access at least one API; and
`
`a control system for allowing access to at least one of the APIs wherethe digital signature
`provided by the software application is authenticated by the verification system.
`
`(New) The code signing system ofclaim 112, wherein a virtual machine comprises the
`113.
`verification system and the contro! system.
`
`CLI- 1513306v2
`
`12
`
`Page 1001 of 1415
`
`GOOGLE EXHIBIT 1004
`Part 3 of 3
`
`Page 1001 of 1415
`
`GOOGLE EXHIBIT 1004
`Part 3 of 3
`
`

`

`114.
`
`(New) The code signing system of claim 113, wherein the virtual machineis a Java
`
`virtual machine installed on a mobile device.
`
`115.
`
`(New) The code signing system of claim 112, wherein the control system requires one
`
`digital signature and one signature identification for each library of at least one of the APIs.
`
`(New) The code signing system of claim 112, whercin the code signing system is
`116.
`installed on a mobile device and the software application is a Java application for a mobile
`
`device.
`
`117.
`
`(New) The code signing system of claim 112, wherein the digital signature and the
`
`signature identification of the software application are generated by a code signing authority.
`
`118.
`
`(New) The code signing system of claim 112, wherein the APIs access at least one of a
`
`cryptographic module, which implements cryptographic algorithms, a data store, a proprietary
`
`data model, and a user interface (UT).
`
`119.
`
`(New) The code signing system of claim 112, wherein the digital signature is generated
`
`using a private signaturc key undera signature schemeassociated with the signature
`identification, and the verification system uses a public signature key to authenticate the digital
`signature.
`
`120,
`
`(New) The code signing system of claim 119, wherein:
`
`the digital signature is generated by applying the private signature key to a hashofthe
`
`software application underthe signature scheme; and
`
`the verification system authenticates the digital signature by generating a hash ofthe
`
`softwarc application to obtain a generated hash, applying the public signature key to the digital
`signature to obtain a recovered hash, and verifying that the generated hash with the recovered
`
`hashare the same.
`
`CLI- 1513306v2
`
`13
`
`Page 1002 of 1415
`
`Page 1002 of 1415
`
`

`

`121.
`
`(New) The code signing systemof claim 112, wherein at least one of the APIs further
`
`comprises:
`
`a description string that is displayed to a user when the software application attempts to
`
`aceess said at least one of the APIs.
`
`122.
`
`(New) The code signing system of claim 112, wherein the APIs provides accessto at
`
`least one of one or more core functions of a mobile device, an operating system, and hardware on
`
`a mobile device.
`
`123.
`
`(New) The code signing system of claim 112, wherein verification of a global digital
`
`signature provided by the software application is required for accessing any of the APIs.
`
`(New) A method of controlling access to application programming interfaces (APIs)
`124.
`having signature identifiers by software applications, the method comprising:
`authenticating digital signatures provided by the respective software applications to
`
`access the APIs where the signature identifications correspond with the signature identifiers of
`
`the respective APIs and where a digital signature for a software application is generated with a
`
`signature identification corresponding to a signature identifier to access at least one APT; and
`
`allowing accessto at least one of the APIs where the digital signature provided by the
`
`software application is authenticated.
`
`125.
`
`(New) The method of claim 124, wherein oncedigital signature and one signature
`
`identification are provided by the software application accessalibraryof at least one ofthe
`
`APIs.
`
`126.
`
`(New) The method of claim 124, wherein the digital signature and the signature
`
`identification of the software application are generated by a code signing authority.
`
`(New) The method of claim 124, wherein the APIs access at least one of a cryptographic
`127.
`module that implements cryptographic algorithms, a data store, a proprietary data model, and a
`
`user interface (UI).
`
`CLE 19133062
`
`14
`
`Page 1003 of 1415
`
`Page 1003 of 1415
`
`

`

`(New) The method of claim 124, wherein the digital signature is generated using a
`128.
`private signature key under a signature scheme associated with the signature identification, and a
`public signature key is used to authenticate the digital signature.
`
`129.
`
`(New) The method of claim 128, wherein:
`
`the digital signature is generated by applying the private signature key to a hash ofthe
`software application under the signature scheme; and
`
`the digital signature is authenticated by generating a hash of the software application to
`obtain a generated hash, applying the public signature key to the digital signature to obtain a
`
`recovered hash, and verifying that the generated hash with the recovered hash are the same.
`
`130.
`
`(New) The method of claim 124, wherein at least one of the APIs further comprises:
`
`a description string that is displayed to a user when the software application attempts to
`
`access said at least one of the APIs.
`
`(New) The method of claim 124, wherein the APIs provides accessto at least one of one
`131.
`or more core functions of a mobile device, an operating system, and hardware on a mobile
`
`device.
`
`(New) The method of claim 124, wherein verification of a global digital signature
`132.
`provided by the software application is required for accessing any of the APIs
`
`133.
`
`(New) A management system for controlling access by software applications to
`
`application programming interfaces (APIs) having at least one signature identifier on a subset of
`
`a plurality of mobile devices, the management system comprising:
`
`a code signing authority for providing digital signatures and signature identifications to
`software applications that require access to at least one of the APIs with a signature identifier on
`the subset of the plurality of mobile devices, where a digital signature for a software application
`is generated with a signature identification correspondingto a signature identifier, and the
`signature identifications provided to the software applications comprise those signature
`
`CLI- 1513306v2
`
`15
`
`Page 1004 of 1415
`
`Page 1004 of 1415
`
`

`

`identifications that correspond to the signature identifiers that are substantially only on the subset
`of the plurality of mobile devices; wherein each mobile device ofthe subset of the plurality of
`mobile devices comprises
`
`a verification system for authenticating digital signatures provided bythe respective
`software applications to access respective APIs where the digital identifications correspond to
`the digital identifiers of the respective APIs; and
`
`a control system for allowing the respective software applications to access at least one of
`the APIs where the digital signatures provided by the respective software applications are
`authenticated by the verification system.
`
`(New) The managementsystem of claim 133, wherein a virtual machine comprisesthe
`134.
`verification system and the control system.
`
`135.
`
`(New) The management system of claim 134, wherein the virtual machineis a Java
`
`virtual machine and the software applicationsare Java applications.
`
`(New) The managementsystem of claim 133, wherein the control system requires one
`136.
`digital signature and one signature identification for each library ofat least one of the APIs.
`
`137.
`
`(New) The managementsystem of claim 133, wherein the APIs accessat least one of a
`
`cryptographic module, which implements cryptographic algorithms,a data store, a proprietary
`data model, and a user interface (UI).
`
`(New) The managementsystem of claim 133, wherein the digital signature is generated
`138.
`using a private signature key under a signature scheme associated with the signature
`identification, and the verification system uses a public signature key to authenticate the digital
`signature,
`
`139,
`
`(New) The management systemof claim 138, wherein:
`
`the digital signature is generated by applyingtheprivate signature key to a hash of the
`software application underthe signature scheme; and
`
`CLI- 1513306v2
`
`16
`
`Page 1005 of 1415
`
`Page 1005 of 1415
`
`

`

`the verification system authenticates the digital signature by generating a hash of the
`software application to obtain a generated hash, applying the public signature keyto thedigital
`signature to obtain a recovered hash, and verifying that the generated hash with the recovered
`
`hash are the same.
`
`140.
`
`(New) The managementsystem of claim 133, wherein at least one of the APIs further
`
`comprises:
`
`a description string that is displayed to a user when the software application attempts to
`access said at least one of the AP's.
`
`(New) The management system of claim 133, wherein the subset of the plurality of
`141.
`mobile devices comprises mobile devices underthe control of at least one of a corporation and a
`carrier.
`
`(New) The managementsystem of claim 133, wherein a global digital signature provided
`142.
`by the software application has to be authenticated before the software application is allowed
`access to any of the APIs on a mobile device of the subset of the plurality of mobile devices.
`
`(New) A method ofcontrolling access by software applications to application
`143.
`programminginterfaces (APIs) having at least one signature identifier on a subset ofa plurality
`of mobile devices, the method comprising:
`
`generating digital signatures for software applications with signature identifications
`corresponding to respective signature identifiers of the APIs; and
`
`providing the digital signatures and the signature identifications to software applications
`that require access to at least one of the APIs on the subset ofthe plurality of mobile devices,
`wherethe signature identifications provided to the software applications comprise those
`signature identifications that correspond to the signature identifiers that are substantially only on
`the subset of the plurality of mobile devices: wherein each mobile device of the subset of the
`
`plurality of mobile devices comprises
`
`CLI- 1513306v2
`
`17
`
`Page 1006 of 1415
`
`Page 1006 of 1415
`
`

`

`a verification system for authenticating digital signatures provided bythe respective
`software applications to access respective APIs where the digital identifications correspond to
`the digital identifiers of the respective APIs; and
`
`a control system for allowing the software application to access at least one of the APIs
`where the digital signature provided by the software application is authenticated by the
`verification system.
`
`(New) The method of claim 143, wherein a virtual machine comprises the verification
`144.
`system and the control system.
`
`145.
`
`(New) The method of claim 144, wherein the virtual machine is a Java virtual machine
`
`and the software applications are Java applications.
`
`(New) The methodof claim 143, wherein the control system requires one digital
`146.
`signature and onesignature identification for each libraryofat least one of the APIs.
`
`(New) The method of claim 143, wherein the APIs accessat least one of a cryptographic
`147,
`module, which implements cryptographic algorithms, a data store, a proprietary data model, and
`a user interface (UI).
`
`(New) The method of claim 143, wherein at least one of the digital signaturesis
`148.
`generated using a private signature key under a signature scheme associated with a signature
`identification, and the verification system uses a public signature keys to authenticate said at
`least one ofthe digital signatures.
`
`149.
`
`(New) The method of claim 148, wherein:
`at least one of the digital signatures is generated by applying the private signature key to
`a hash of a software application under the signature scheme: and
`the verification system authenticates said at least one ofthe digital signatures by
`generating a hash of the software application to obtain a generated hash, applying the public
`
`CLE 1513306v2
`
`18
`
`Page 1007 of 1415
`
`Page 1007 of 1415
`
`

`

`signature key to said at least onc of the digital signatures to obtain a recovered hash, and
`
`verifying that the generated hash with the recovered hashare the same.
`
`150.
`
`(New) The method of claim 143, wherein at least onc of the APIs further comprises:
`a description string that is displayed to a user whenthe software application attempts to
`access said at least one of the APIs.
`
`151.
`
`(New) The method of claim 143, wherein the subset ofthe plurality of mobile devices
`
`comprises mobile devices under the contro! of at least one of a corporation anda carrier.
`
`(New) A mobile device for a subset of a plurality of mobile devices, the mobile device
`132.
`comprising:
`
`an application platform having application programming interfaces (APIs);
`
`a verification system for authenticating digital signatures and signature identifications
`
`provided by the respective software applications to access the APIs; and
`
`a control system for allowing a software application to access at least one of the APIs
`
`where a digital signature provided by the software application is authenticated by the verification
`
`system;
`
`wherein a code signing authority provides digital signatures and signature identifications
`to software applications that require access to at least one of the APIs such that the digital
`
`signature for the software applicationis generated according to a signature schemeofa signature
`identification, and wherein the signature identifications provided to the software applications
`comprise those signature identifications that are substantially only authorized to allow access on
`
`the subset of the plurality of mobile devices.
`
`(New) The mobile device of claim 152, wherein a virtual machine comprises the
`133.
`verification system and the control system.
`
`154.
`
`(New) The mobile device of claim 153, wherein the virtual machine is a Java virtual
`
`machine and the software applicationis a Java application.
`
`CLI- 1513306v2
`
`19
`
`Page 1008 of 1415
`
`Page 1008 of 1415
`
`

`

`(New) The mobile device of claim 152, wherein the control system requires one digital
`155.
`signature and one signature identification for each library of at least one of the APIs.
`
`(New) The mobile device of claim 152, wherein the APIs of the application platform
`156.
`access at least one of a cryptographic module, which implements cryptographic algorithms, a
`data store, a proprietary data model, and a userinterface (UI).
`
`(New) The mobile device of claim 152, wherein the digital signature is generated using a
`157.
`private signature key underthe signature scheme, andthe verification system uses a public
`signature key to authenticate the digital signature.
`
`138.
`
`(New) The mobile device of claim 157, wherein:
`
`the digital signature is generated by applying the private signature key to a hash ofthe
`
`software application under the signature scheme; and
`
`the verification system authenticates the digital signature by generating a hash ofthe
`
`software application to obtain a generated hash, applying the public signature key to the digital
`signature to obtain a recovered hash, and verifying that the generated hash with the recovered
`
`hash are the same,
`
`159.
`
`(New) The mobile device of claim 152, wherein at least one of the APIs further
`
`comprises:
`
`a description string that is displayed to a user when the software application attemptsto
`
`access said at least one of the APIs,
`
`160.
`
`(New) A method of controlling access to application programming interfaces (APIs) of
`
`an application platform of a mobile device for a subset of a plurality of mobile devices, the
`
`method comprising:
`
`receiving digital signatures and signature identifications from software applicationsthat
`
`require to access the APIs
`
`authenticating the digital signatures and the signature identifications; and
`
`CLE 1513306v2
`
`20
`
`Page 1009 of 1415
`
`Page 1009 of 1415
`
`

`

`allowing a software application to access at least one of the APIs wherea digital
`
`signature provided by the software application is authenticated;
`
`wherein a code signing authority provides the digital signatures and the signature
`
`identifications to the software applications that require accessto at Icast one of the APIs such
`
`that the digital signature for the software application is generated accordingto a signature
`
`scheme of a signature identification, and wherein the signature identifications provided to the
`software applications comprise those signature identifications that are substantially only
`authorized to allow access on the subset ofthe plurality of mobile devices.
`
`(New) The method of claim 160, wherein one digital signature and one signature
`161.
`identification is required for accessing each library of at least one of the APIs.
`
`162.
`
`(New) ‘he method of claim 160, wherein the APIs of the application platform access at
`
`least one of a cryptographic module, which implements cryptographic algorithms, a data store, a
`
`proprietary data model, and a user interface (UD.
`
`163.
`
`(New) The method of claim 160, wherein the digital signature is generated using a
`
`private signature key under the signature scheme, and a public signature key is used to
`
`authenticate the digital signature.
`
`164.
`
`(New) The method of claim 163, wherein:
`
`the digital signature is generated by applying the private signature keyto a hash of the
`
`software application underthe signature scheme; and
`
`the digital signature is authenticated by generating a hash ofthe software application to
`
`obtain a generated hash, applying the public signature key to the digital signature to obtain a
`
`recovered hash, and verifying that the generated hash with the recovered hash are the same.
`
`CLI- 1553306v2
`
`21
`
`Page 1010 of 1415
`
`Page 1010 of 1415
`
`

`

`165.
`
`(New) The method of claim 160, wherein at least one of the APIs further comprises:
`
`a description string that is displayed to a user when the software application attempts to
`
`access said al least one of the APIs.
`
`CLE. 1513306v2
`
`22
`
`Page 1011 of 1415
`
`Page 1011 of 1415
`
`

`

`REMARKS
`
`This paper respondsto the notice of non-compliant amendment mailed May 21, 2007.
`The examineris invited to contact the undersignedin case there are any questions or comments.
`
`Respectfully submitted,
` John V/Biernacki
`
`
`ReaXo 40,511
`
`Jones, Day
`North Point
`901 Lakeside Avenue
`Cleveland, OI] 44114-1190
`(216) 586-7747
`
`CLI- 1513306v2
`
`23
`
`Page 1012 of 1415
`
`Page 1012 of 1415
`
`

`

`
`
`Electronic Acknowledgement Receipt
`
`
`
`EFSID: 1811276
`
`Application Number:
`
`10381219
`
`Title of Invention:
`
`Software code signing system and method
`
`Correspondence Address:
`
`David B Cochran
`
`Jones Day
`North Point
`
`901 Lakeside Avenue
`Cleveland
`
`US
`
`44114-1190
`
`
`
`Filer Authorized By:
`
`Stephen D. Scanlon
`
`
`
`Attorney Docket Number: 555255012423
`
`Receipt Date:
`
`Filing Date:
`
`Time Stamp:
`
`25-MAY-2007
`
`20-MAR-2003
`
`11:27:25
`
`Application Type:
`
`U.S. National Stage under 35 USC 371
`
`Paymentinformation:
`
`
`Submitted with Payment
`
`no
`
`File Listing:
`
`Page 1013 of 1415
`
`Page 1013 of 1415
`
`

`

`
`
`Document
`Number
`
`DocumentDescription
`
`File Name
`
`File Size(Bytes)
`
`Part /.zip|
`
`(if appl.)
`
`DocumentDescription
`
`Preliminary Amendment
`
`
`
`Receiptwill establish the international filing date of the application.
`
`Applicant Arguments/Remarks Made in an Amendment
`
`Warnings:
`Information:
`
`Total Files Size (in bytes):
`
`731624
`
`This Acknowledgement Receipt evidences receipt on the noted date by the USPTOof the indicated documents,
`characterized by the applicant, and including page counts, where applicable.
`It serves as evidenceof receipt
`similar to a Post Card, as described in MPEP 503.
`
`New Applications Under 35 U.S.C. 111
`If a new application is being filed and the application includes the necessary componentsfora filing date (see
`37 CFR 1.53(b)-(d) and MPEP 506), a Filing Receipt (37 CFR 1.54) will be issued in due course and the date
`shownon this Acknowledgement Receipt will establish the filing date of the application.
`
`National Stage of an International Application under 35 U.S.C. 371
`If a timely submission to enter the national stage of an international application is compliant with the conditions
`of 35 U.S.C. 371 and other applicable requirements a Form PCT/DO/EO/903indicating acceptance of the
`application as a national stage submission under 35 U.S.C. 371 will be issued in addition to the Filing Receipt,
`in due course.
`
`New International Application Filed with the USPTO as a Receiving Office
`If a new international application is being filed and the international application includes the necessary
`componentsfor an international filing date (see PCT Article 11 and MPEP 1810), a Notification of the
`International Application Number andof the International Filing Date (Form PCT/RO/105) will be issued in due
`course, subject to prescriptions concerning national security, and the date shown on this Acknowledgement
`
`Page 1014 of 1415
`
`Page 1014 of 1415
`
`

`

`
`
`UNITED STATES PATENT AND TRADEMARK OFFICE
`UNITED STATES DEPARTMENT OF COMMERCE
`United States Patent and Trademark Office
`Address: COMMISSIONER FOR PATENTS
`P.O, Box 1450
`Alexandria, Virginia 22313-1450
`Www. uspto.gov
`
`APPLICATION NO.
`
`FILING DATE
`
`FIRST NAMED INVENTOR
`
`ATTORNEY DOCKET NO.
`
`CONFIRMATION NO.
`
`10/381,219
`
`03/20/2003
`
`David P Yach
`
`§55255012423
`
`9761
`
`
`David B Cochran [examenOd
`in meePEXAMINER
`
`.
`EXAMINER
`Jones Day
`‘
`AVERY,JEREMIAH L
`North Point
`901 Lakeside Avenue
`Cleveland, OH 44114-1190
`
`PAPER NUMBER
`
`2131
`
`Please find below and/or attached an Office communication concerning this application or proceeding.
`
`The time period for reply, if any, is set in the attached communication.
`
`MAIL DATE
`
`05/21/2007
`
`DELIVERY MODE
`
`PAPER
`
`PTOL-90A (Rev. 04/07)
`
`Page 1015 of 1415
`
`Page 1015 of 1415
`
`

`

`
`
`
`
`YACH ET AL.
`Art Unit
`
`
`
`10381219
`Examiner
`
`(1 2. Abstract:
`] A. Not presented on a separate sheet. 37 CFR 1.72.
`CO B. Other
`
`(C) 3. Amendmentsto the drawings:
`C) A. The drawings are not properly identified in the top margin as “Replacement Sheet,” “New Sheet,” or
`“Annotated Sheet” as required by 37 CFR 1.121(d).
`LJ 8. The practice of submitting proposed drawing correction has been eliminated. Replacement drawings
`showing amendedfigures, without markings, in compliance with 37 CFR 1.84 are required.
`[] C. Other
`
`E. Other:
`
`
`
`Notice of Non-Compliant
`Amendment (37 CFR 1.121)
`
`
`2131
`Jeremiah Ave
`
`
`- The MAILING DATEof this communication appears on the cover sheet with the correspondence address--
`The amendment documentfiled on 03 May 2007is considered non-compliant becauseit has failed to meet the
`requirements of 37 CFR 1.121 or 1.4. In orderfor the amendment documentto be compliant, correction of the following
`
`item(s) is required.
`
`THE FOLLOWING MARKED (X) ITEM(S) CAUSE THE AMENDMENT DOCUMENTTO BE NON-COMPLIANT:
`CL] 1. Amendmentsto the specification:
`
`(] A. Amended paragraph(s) do not include markings.
`
`[] B. New paragraph(s) should not be underlined.
`
`LC] C. Other
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`CL) 4. Amendmentsto the claims:
`L] A. A completelisting of all of the claims is not present.
`[-] B. Thelisting of claims does not include the text of all pending claims (including withdrawn claims)
`(-] C. Each claim has not been provided with the properstatus identifier, and as such, the individual status
`of each claim cannotbeidentified. Note:
`the status of every claim must be indicatedafter its claim
`numberby using one ofthe following status identifiers: (Original), (Currently amended), (Canceled),
`(Previously presented), (New), (Not entered), (Withdrawn) and (Withdrawn-currently amended).
`Hy D. The claims of this amendment paper have not been presented in ascending numerical order.
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`(] 5. Other (e.g., the amendmentis unsigned or not signed in accordance with 37 CFR 1.4):
`Claims section should start on a separate page from page1.
`
`
`
`
`
`TIME PERIODS FOR FILING A REPLY TO THIS NOTICE:
`
`For further explanation of the amendment format required by 37 CFR 1.121, see MPEP § 714.
`
`
`1. Applicant is given no new timeperiodif the non-compliant amendmentis an after-final amendment, an amendment
`filed after allowance, or a drawing submission (only).
`!f applicant wishes to resubmit the non-compliantafter-final
`amendmentwith corrections, the entire corrected amendment must be resubmitted.
`
`
`
`2. Applicantis given one month, orthirty (30) days, whicheveris longer, from the mail date of this notice to supply the
`correction, if the non-compliant amendmentis one of the following: a preliminary amendment, a non-final amendment
`(including a submission for a request for continued examination (RCE) under 37 CFR 1.114), a supplemental
`amendmentfiled within a suspension period under 37 CFR 1.103(a) or (c), and an amendmentfiled in response to a
`Quayle action. If any of above boxes1. to 4. are checked, the correction required is only the corrected section of the
`non-compliant amendmentin compliance with 37 CFR 1.121.
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`Failure to timely respond to this notice will result in:
`Abandonmentofthe application if the non-compliant amendmentis a non-final amendment or an amendment
`
`
`filed in response to a Quayle action; or
`Non-entry of the amendmentif the non-compliant amendmentis a preliminary amendmentor supplemental
`
`
`amendmert.
`
`
`
`
`Lega! Instruments Examiner (LIE),
`if applicable
`Telephone No.
`U.S. Patent and Trademark Office
`Part of Paper No.
`
`Extensions of time are available under 37 CFR 1.136(a) onlyif the non-compliant amendmentis a non-final
`amendmentor an amendmentfiled in response to a Quayle action.
`
`Page 1016 of 1415
`
`Page 1016 of 1415
`
`

`

`* Continuation Sheet (PTOL-324)
`PTOL-324 (04-06)
`
`Notice of Non-Compliant Amendment(37 CFR 1.121)
`
`Application No.
`
`Page 1017 of 1415
`
`Page 1017 of 1415
`
`

`

`* Continuation Sheet (PTOL-324)
`
`Application No.
`
`Page 1018 of 1415
`
`Page 1018 of 1415
`
`

`

`IN THE UNITED STATES PATENT AND TRADEMARK OFFICE
`
`In the application of:
`
`David P. Yach; Michael S. Brown: Herbert A. Little
`
`Internat'l. Appl'n. No. :
`
`PCT/CAO01/01344
`
`Internat'l. Filing Date ;
`
`09/20/2001
`
`PATENT
`
`10/381,219
`
`03/20/2003
`
`09/21/2000
`
`Softwarc Code Signing System And Method
`
`2131
`
`J. Avery
`
`355255012423
`
`USS. Serial No.
`
`US. Filing Date
`
`Priority Date Claimed:
`
`Title
`
`Art Unit
`
`Examiner
`
`Docket No.
`
`:
`
`:
`
`:
`
`:
`
`:
`
`:
`
`Commissioner for Patents
`Washington, D.C. 20231
`
`Preliminary Amendment
`
`This paper respondsto the notice of non-compliant amendment mailed April 3, 2007.
`Any fees due should be charged to Jones Day Deposit Account No. 501432, ref: 555255-012423,
`
`Prior to taking up this case for initial examination, please amend the application as
`follows.
`
`The Claims
`
`Please cancel original claims 1-56.
`
`Please add the following new claims 57-165.
`
`537.
`
`(New) A code signing system for operation in conjunction with a software application
`
`having a digital signature and a signature identification, where the digital signature is associated
`
`with the signature identification, comprising:
`
`CELS13306v1
`
`1
`
`Page 1019 of 1415
`
`Page 1019 of 1415
`
`

`

`an application platform;
`
`an application programming interface (API) having an associated signature identifier, the
`
`APTis configured to link the software application with the application platform; and
`
`a virtual machine that verifies the authenticity of the digital signature in orderto control
`
`access to the API by the software application where the signature identifier correspondsto the
`
`signature identification.
`
`58.
`
`(New) The code signing system of claim 57, wherein the virtual machine denies the
`
`software application access to the API if the digital signature is not authenticated.
`
`59.
`
`(New) The code signing system of claim 57, wherein the virtual machine purges the
`
`software application if the digital signature is not authenticated.
`
`60.
`
`(New) The code signing system of claim 57, wherein the code signing system is installed
`
`on a mobile device.
`
`61.
`
`(New) The code signing system of claim 57, wherein the digital signature is generated by
`
`a code signing authority.
`
`62.
`
`(New) A code signing system for operation in conjunction with a software application
`
`having a digital signature and a signature identification where the digital signature is associated
`
`with the signature identification, comprising:
`
`an application platform;
`
`a plurality of application programming interfaces (APIs) associated with a signature
`
`identifier, each configured to link the software application with a resource on the application
`
`platform; and
`
`a virtual machine that verifies the authenticity of the digital signature in order to control
`
`access to the APIs by the software application where the signature identification correspondsto
`
`the signature identifier,
`
`wherein the virtual machine verifies the authenticity of the digital signature in orderto
`
`control accesste the plurality of APIs by the software application.
`
`CLi-1513306v1
`
`2
`
`Page 1020 of 1415
`
`Page 1020 of 1415
`
`

`

`63.
`
`(New) Thecode signing system of claim 62, wherein the plurality of APIs are included
`
`in an APIlibrary.
`
`64,
`
`(New) The code signing system of claim 62, wherein one or moreof the plurality of
`
`APIsis classified as sensitive and having an associated signature identifier, and wherein the
`
`virtual machine uses the digital signature and the signature identification to control access to the
`
`sensitive APIs.
`
`65.
`
`(New) The code signing system of claim 64, wherein the code signing system operates
`
`in conjunction with a plurality of software applications, wherein one or more ofthe plurality of
`
`software applications has a digital signature and a signature identification, and wherein the
`
`virtual machine verifies the authenticity of the digital signature of each of the one or moreofthe
`
`plurality of software applications, where the signature identification correspondsto the signature
`
`identifier of the respective sensitive APIs, in order to control access to the sensitive APIs by each
`
`of the plurality of software applications.
`
`66.
`
`(New) The code signing system of claim 62, wherein the resource on the application
`
`platform comprises a wireless communication system.
`
`67.
`
`(New) The code signing system of claim 62, wherein the resource on the application
`
`platform comprises a cryptographic module which implements cryptographic algorithms.
`
`68.
`
`(New) The code signing system of claim 62, wherein the resource on the application
`
`platform comprises a data store.
`
`69.
`
`(New) The code signing system of claim 62, wherein the resource on the application
`
`platform comprises a user interface (UI).
`
`70.
`
`(New) The code signing system of claim 57, further comprising:
`
`CLE15133G6vi
`
`3
`
`Page 1021 of 1415
`
`Page 1021 of 1415
`
`

`

`a plurality of APIlibraries, each of the plurality of API libraries includes a plurality of
`
`APIs, wherein the virtual machine controls access to the plurality of API libraries by the software
`
`application.
`
`71.
`
`(New) The code signing system of claim 70, wherein at least one of the plurality of API
`
`libraries is classified as sensitive;
`
`wherein access to a sensitive APIlibrary requiresa digital signature associated with a
`
`signature identification whe