Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
2.	EXAMINER’S NOTE: The claims have been reviewed and considered under the new guidance pursuant to the 2019 Revised Patent Subject Matter Eligibility Guidance (PEG 2019) issued January 7, 2019.
3.	This communication is in response to Applicant’s amendment filed on 08 February 2021. The Examiner performed compact prosecution and proposed suggestions to the Applicant by incorporating the subject matter recited in dependent claims 2 and 3 into all independent claims to overcome the prior art of record. The proposal was accepted and authorization was given for an Examiner’s Amendment on 23 March 2021. 
4.	Claims 9 and 18 were previously canceled.  Claims 1, 4, 10, 13, and 19 have been amended. After the Examiner’s amendment was performed, Claims 2-3 and 11-12 have been canceled. Claims 1, 4-8, 10, 13-17 and 19 remain pending. 

Response to Arguments
5.	In response to Applicant’s arguments, as disclosed in the remarks, filed
on 08 February 2021, with respect to the prior art not expressly disclosing setting a grace period within a response is expected, when the grace period expires before the response is received, and taking the enforcement action against the application when the response is not received within the grace period have been fully considered and are persuasive in view of applicant's arguments, see for example pages 6-7. Therefore, the 

EXAMINER’S AMENDMENT
6.	An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner’s amendment was given in an interview with Agent Jerome Bastien, Reg. No. 75, 548 on 23 March 2021.
The application has been amended as follows: 
Please amend the following claims:
Claim 1. (Currently Amended) A method at a network element for attestation of applications, the method comprising:
	sending a challenge to an application at an electronic device, the challenge including a nonce;
	setting a grace period for receiving a response;
	when the grace period expires before the response is received, taking an enforcement action against the application;
	receiving the response from the electronic device, the response including a hash of the nonce with a plurality of identifiers stored at the electronic device;
	 obtaining the plurality of identifiers from a trusted network server to recompute the hash;
comparing the hash in the response with the recomputed hash; and
	upon determining that the response is invalid based on the  comparing, taking the enforcement action against the application.


Claim 4. (Currently Amended) The method of  claim 1, wherein the plurality of identifiers includes a team identifier stored in an operating system of the electronic device and obtainable from the network server.

Claim 5. (Original) The method of claim 4, wherein the processing further comprises:
	receiving, in the response, a device check token;
	adding authentication information to the device check token; 
	sending the device check token with the added authentication information to a device check server; and
	receiving a response from the device check server to indicate whether the device check token is valid.

Claim 6. (Original) The method of claim 1, wherein the enforcement action comprises at least one of: reporting the failure; blocking the application from accessing network resources; instructing the electronic device to wipe the application; instructing the electronic device to prompt a user to perform an action on the application; and instruct the electronic device to block running of the application.

Claim 7. (Original) The method of claim 1, wherein the sending the challenge is performed on activation of the application.

Claim 8. (Original) The method of claim 1, wherein the sending the challenge is performed at a configurable challenge frequency.

Claim 9. (Canceled)	

Claim 10. (Currently Amended) A network element configured for attestation of applications, the network element comprising:

	a communications subsystem,
wherein the network element is configured to:
	send a challenge to an application at an electronic device, the challenge including a nonce;
	set a grace period for receiving a response;
	when the grace period expires before the response is received, take an enforcement action against the application;
	receive the response from the electronic device, the response including a hash of the nonce with a plurality of identifiers stored at the electronic device;
	 obtain the plurality of identifiers from a trusted network server to recompute the hash;
compare the hash in the response with the recomputed hash; and
	upon determining that the response is invalid based on the  comparing, take the enforcement action against the application.

Claims 11. – 12. (Canceled)

Claim 13. (Currently Amended) The network element of  claim 10, wherein the plurality of identifiers includes a team identifier stored in an operating system of the electronic device and obtainable from the network server.

Claim 14. (Original) The network element of claim 13, wherein the network element is further configured to process by:
	receiving, in the response, a device check token;
	adding authentication information to the device check token; 
	sending the device check token with the added authentication information to a device check server; and
	receiving a response from the device check server to indicate whether the device check token is valid.



Claim 16. (Original) The network element of claim 10, wherein the network element is configured to send the challenge on activation of the application.

Claim 17. (Original) The network element of claim 10, wherein the network element if configured to send the challenge at a configurable challenge frequency.

Claim 18. (Canceled)

Claim 19. (Currently Amended) A non-transitory computer readable medium for storing instruction code, which, when executed by a processor of a network element configured for attestation of applications cause the network element to:
	send a challenge to an application at an electronic device, the challenge including a nonce;
set a grace period for receiving a response;
	when the grace period expires before the response is received, take an enforcement action against the application;
	receive the response from the electronic device, the response including a hash of the nonce with a plurality of identifiers stored at the electronic device;
	 obtain the plurality of identifiers from a trusted network server to recompute the hash;
compare the hash in the response with the recomputed hash; and
	upon determining that the response is invalid based on the  comparing, take the enforcement action against the application.


Allowable Subject Matter
7.	Claims 1, 4-8, 10, 13-17, and 19 are allowed.
8.	The following is an examiner’s statement of reasons for allowance: The present invention is directed towards a method and system for detecting and acting on applications which are spoofing or impersonating legitimate applications for application authenticity attestation. Claims 1, 10, and 19 identifies the uniquely distinct features “setting a grace period for receiving a response; when the grace period expires before the response is received, taking an enforcement action against the application; receiving the response from the electronic device, the response including a hash of the nonce with a plurality of identifiers stored at the electronic device; obtaining the plurality of identifiers from a trusted network server to recompute the hash; comparing the hash in the response with the recomputed hash; and upon determining that the response is invalid based on the comparing, taking the enforcement action against the application”.
The closest prior art, Barton et al. (Pub No. 2014/0298420) discloses a method of managing access to enterprise resources is provided. An access manager may operate at a mobile device to validate a mobile application installed at that mobile device. If the access manager does not successfully validate the mobile application, the access manager may prevent the mobile application from accessing computing resource. If the access manager does successfully validate the mobile application, then the access manager may identify the mobile application as a trusted mobile application. The access manager may thus permit the trusted mobile application to access the computing resource. 

The closest prior art, Walker et al. (Pub No. 2017/0180314) discloses an attestation device custody transfer protocol. A custody transfer of a device can include sending a start of transfer request to an attestation device over a short range wireless communication channel, a nonce is received from the attestation device in association with the start of transfer request, and the nonce is signed at the particular gateway device. The signed nonce is sent to the attestation device, a transfer confirmation message is received from the attestation device, and a transfer message is sent to a management system to report a transfer in custody of the attestation device involving the particular gateway device and another gateway device.
	However, either singularly or in combination, Walker et al. fail to anticipate or render obvious the claimed limitations of setting a grace period for receiving a response; when the grace period expires before the response is received, taking an enforcement action against the application; receiving the response from the electronic device, the response including a hash of the nonce with a plurality of identifiers stored at 
10.	Therefore, claims 1, 10, and 19 and the respective dependent claims 4-8 and 13-17 are in condition for allowance.

Conclusion
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”
Any inquiry concerning this communication or earlier communications from the examiner should be directed to COURTNEY D FIELDS whose telephone number is (571)272-3871.  The examiner can normally be reached on IFP M-F 8am-4:30pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, SHEWAYE GELAGAY can be reached on (571)272-4219.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.





/MOHAMMAD W REZA/Primary Examiner, Art Unit 2436                                                                                                                                                                                                        

/COURTNEY D FIELDS/Examiner, Art Unit 2436                                                                                                                                                                                                        March 23, 2021