DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
EXAMINER’S AMENDMENT
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner’s amendment was given in an interview with Juan Rossi on 12/13/2021.
The application has been amended as follows: Claims 1-19 are amended.
1.	(Currently Amended) A computer-implemented method, comprising:
sending, via a server and using a cryptographic security protocol, a message associated with establishing an encrypted network session;
receiving one or more responses from a set of client devices the one or more responses comprising random numbers, each response containing one or more random numbers from a perspective of the server, wherein the one or more random numbers form a set of random numbers, wherein the set of random numbers is algorithmically combined into a single nonce, wherein the single nonce is passed through a crypto-processor to generate a signature which at least includes the single nonce and information from the crypto-processor which allows a determination of a level of trust of the set of client devices, wherein the information from the crypto-processor set of client devices set of client devices set of client devices 
each of the set of client devices one or more responses 
determining whether to perform a next step in the cryptographic security protocol based on the level of trust, wherein the cryptographic security protocol comprises at least one of a Secure Shell (SSH) protocol, a Transport Layer Security (TLS) protocol, a Secure Sockets Layer (SSL) protocol, and an Internet Protocol Security (IPsec) protocol.
2.	(Currently Amended) The computer-implemented method of claim 1, wherein the integrity data in the one or more responses comprises metadata about a proof of integrity of the set of client devices one or more [[a]] trusted platform module crypto-processors based on an evaluation of the one or more responses set of client devices 
3.	(Currently Amended) The computer-implemented method of claim 2, wherein the one or more responses are evaluated based on logs maintained in a trusted storage of one or more of the set of client devices set of client devices set of client devices 
4.	(Currently Amended) The computer-implemented method of claim 1, wherein at least one of the integrity data and the one or more responses comprise one or more responses were sent.
5.	(Currently Amended) The computer-implemented method of claim 4, wherein the message comprises a challenge to a freshness of any response, the challenge comprising a nonce that is passed through a trusted platform module crypto-processor associated with one or more of the set of client devices one or more signatures based on the nonce
6.	(Currently Amended) The computer-implemented method of claim 1, wherein at least one of the integrity data and the one or more responses comprise set of client devices 
one or more [[a]] trusted platform module crypto-processors associated with the set of client devices 
8.	(Currently Amended) The computer-implemented method of claim 1, wherein at least part of the integrity data is continuously provided by the server while the encrypted network session is periodically alive, persistently alive, alive on demand, or alive on event
9.	(Currently Amended) The computer-implemented method of claim 8, wherein the encrypted network session is terminated when the server fails to provide the integrity data or the level of trust fails to indicate trustworthiness. 

 10.	(Currently Amended) The computer-implemented method of claim 1 [[9]], wherein the set of random numbers is combined algorithmically into [[a]] the single nonce using a Bloom filter.
11.	(Currently Amended) A non-transitory computer-readable storage medium storing instructions that, when executed by one or more processors, cause the one or more processors to:
send, via a server and using a cryptographic security protocol, a message associated with establishing an encrypted network session;
receive one or more responses from a set of client devices the one or more responses comprising random numbers, each response containing one or more random numbers from a perspective of the server, wherein the one or more random numbers form a set of random numbers, wherein the set of random numbers is algorithmically combined into a single nonce, wherein the single nonce is passed through a crypto-processor to generate a signature which at least includes the single nonce and information from the crypto-processor which allows a determination of a level of trust of the set of client devices, wherein the information from the crypto-processor set of client devicesset of client devices set of client devices 
identify [[a]] level of trust of each of the set of client devices one or more responses 
determine whether to perform a next step in the cryptographic security protocol based on the level of trust.
12.	(Currently Amended) The non-transitory computer-readable storage medium of claim 11, wherein at least one of the integrity data and the one or more responses comprises metadata about a proof of integrity of the set of client devices one or more [[a]] trusted platform module crypto-processors based on an evaluation of the one or more responses set of client devices 
13.	(Currently Amended) The non-transitory computer-readable storage medium of claim 12, wherein the one or more responses are evaluated based on logs maintained in a trusted storage of one or more of the set of client devices set of client devices set of client devices 
14.	(Currently Amended) The non-transitory computer-readable storage medium of claim 11, wherein at least one of the integrity data and the one or more responses comprises a proof of freshness based on signed data generated within a threshold period of time including a current time when the one or more responses were sent.
15.	(Currently Amended) The non-transitory computer-readable storage medium of claim 14, wherein the message comprises a challenge to a freshness of any response, the one or more of the set of client devices one or more signatures based on the nonce
16.	(Original) The non-transitory computer-readable storage medium of claim 11, wherein the cryptographic security protocol is selected from a group consisting of Transport Layer Security (TLS), Secure Sockets Layer (SSL), Secure Shell (SSH), and Internet Protocol Security (IPsec).
17.	(Currently Amended) A system, comprising:
one or more processors; and
memory including instructions that, when executed by the one or more processors, cause the one or more processors to:
send, via a server and using a cryptographic security protocol, a message associated with establishing an encrypted network session;
receive one or more responses from a set of client devices the one or more responses comprising random numbers, each response containing one or more random numbers from a perspective of the server, wherein the one or more random numbers form a set of random numbers, wherein the set of random numbers is algorithmically combined into a single nonce, wherein the single nonce is passed through a crypto-processor to generate a signature which at least includes the single nonce and information from the crypto-processor which allows a determination of a level of trust of the set of client devices, wherein the information from the crypto-processor set of client devices set of client devices set of client devices 
identify [[a]] level of trust of each of the set of client devices one or more responses 
determine whether to perform a next step in the cryptographic security protocol based on the level of trust, wherein the cryptographic security protocol comprises at least 
18.	(Currently Amended) The system of claim 17, wherein at least one of the integrity data and the one or more responses comprises at least one of a proof of freshness based on a token and an identity of hardware and software components of the set of client devices 
19.	(Currently Amended) The system of claim 18, wherein the server validates the token with respect to the proof of freshness based on a state of internal counters within one or more [[a]] trusted platform module crypto-processors associated with the set of client devices .
Allowable Subject Matter
Claims 1-20 are allowed.
The following is an examiner’s statement of reasons for allowance: 
The primary reason for allowance of the claims are the limitations of receiving one or more responses comprising random numbers, each response containing one or more random numbers from a perspective of the server, wherein the one or more random numbers form a set of random numbers, wherein the set of random numbers is algorithmically combined into a single nonce, wherein the single nonce is passed through a crypto-processor to generate a signature which at least includes the single nonce and information from the crypto-processor which allows a determination of a level of trust of the set of client devices, wherein the information from the crypto-processor comprises integrity data associated with the set of client devices.
The prior art disclosed by Abdullah teaches three main components, wherein a first stage establishes the security and integrity of a server platform.  After the establishment 
	The prior art fails to teach the unique limitation shown above and recited in the claims of the instant invention.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to IZUNNA OKEKE whose telephone number is (571)270-3854. The examiner can normally be reached Mon - Fri 8 - 4 EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, ELENI SHIFERAW can be reached on (571) 272-3867. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



/IZUNNA OKEKE/Primary Examiner, Art Unit 2497