DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

1. The following is a non-Final Office Action in response to applicant’s arguments/filing filed on June 30, 2020
Claims 1-20 are pending 

Examiner’s Note: Paragraph 0022 of the specification defines the term, “processor”, used in the claim language to be a hardware platform


Information Disclosure Statement
The information disclosure statement (IDS) submitted on 6/30/2020 was filed prior to the mailing date of the first office action on 1/3/2022.  The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Drawings
Acknowledgment is made of applicant’s drawings submitted on 6/30/2020.

Oath/Declaration
Acknowledgment is made of applicant’s oath submitted on 6/30/2020

Application Data Sheet
Acknowledgment is made of applicant’s application data sheet submitted on 6/30/2020.




Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


1.) Claims 1-3, 9-11, 16, and 17 are rejected under 35 U.S.C. 103 as being unpatentable over US 20100281273, Lee in view of US 20190028466, Falk


receiving, at an attestation machine, a request from the host machine for attestation of a software executing on the host machine, the request comprising at least one security-related configuration of the software at launch time and a corresponding runtime behavior of the software when the security-related configuration changes(see US 20100281273, Lee, para. 0139, 0140 and fig. 12, where a P2PCall server requests attestation[step 1] from a SRM, wherein the attestation allows the platform to attest to the SRM and crypto module[i.e. software] requested by the server and provides an attestation report identifying the hash computed at launch time over the state of the modules[i.e. software] and confirms with a signature that the module states have not been corrupted during a runtime execution; and in the event a module has been corrupted[i.e. change in hash], the module is excluded from report); 
generating a claim based on evaluating a value associated with the at least one security- related configuration and the corresponding runtime behavior of the software when the value changes(see US 20100281273, Lee, para. 0140, if a corruption has been detected as determined by evaluating the signature identities[i.e. value] and determining a change has occurred, the module(s) is/are excluded from the generated attestation report[i.e. claim] to indicate corruption);  	Lee does not teach generating an attestation token after a successful attestation of the software, the attestation token including the generated claim; and 
 	However, Falk teaches generating an attestation token after a successful attestation of the software, the attestation token including the generated claim(see US 20190028466, Falk, para. 0005, 0064 and 0065, where a certificate[i.e. token] is issued if the verification[i.e. attestation] of the device software is successful, wherein the certificate reports the identifier of the security classification); and 
transmitting the attestation token to the host machine(see US 20190028466, Falk, para. 0005, where the certificate is sent to a second device[i.e. host] from a first device).  	It would have been obvious to one of ordinary skill in the art prior to the effective filing date of the claimed invention to modify the teaching of Lee with the teaching of Falk because a user would have been motivated to enhance the security of a system, taught by Lee, by verifying the trustworthiness of a device for loading software onto the system, taught by Lee, in order to minimize the likelihood of loading malicious code(see Falk, para. 0003) 

 	In regards to claim 2, the combination of Lee and Falk teach the method of claim 1, wherein the request from the host machine comprises an event log associated with an execution of the software at the launch time, the event log comprising a plurality of entries at least one of which is associated with the at least one security-related configuration and the corresponding runtime behavior of the software(see US 20100281273, Lee, para. 0140, where an attestation report[i.e. event log] is generated that includes hash information [i.e. security related configuration] computed at the launch time and excludes runtime attestation information that indicates a module has been corrupted).  

In regards to claim 3, the combination of Lee and Falk teach the method of claim 2, wherein the event log further comprises metadata associated with the software, the metadata comprising a plurality of hashes associated with a plurality of components of the software executed at the launch time, wherein the successful attestation of the software comprises a successful matching of at least one of the plurality of hashes against a corresponding hash stored at the attestation machine(see US 20100281273, Lee, para. 0017, 0119 and 0140, where the attestation report includes metadata and hashes, wherein the metadata identifies several components).  

In regards to claim 9, Lee teaches a non-transitory computer readable medium comprising instructions that, when executed by one or more processors of a computing system, cause the computing system to perform a method of attestation of a host machine based on runtime configuration of the host machine, the method comprising: 
receiving, at an attestation machine, a request from the host machine for attestation of a software executing on the host machine, the request comprising at least one security-related configuration of the software at launch time and a corresponding runtime behavior of the software when the security-related configuration changes(see US 20100281273, Lee, para. 0139, 0140 and fig. 12, where a P2PCall server requests attestation[step 1] from a SRM, wherein the attestation allows the platform to attest to the SRM and crypto module[i.e. software] requested by the server and provides an attestation report identifying the hash computed at launch time over the state of the modules[i.e. software] and confirms with a signature that the module states have not been corrupted during a runtime execution; and in the event a module has been corrupted[i.e. change in hash], the module is excluded from report); 
generating a claim based on evaluating a value associated with the at least one security- related configuration and the corresponding runtime behavior of the software when the value changes(see US 20100281273, Lee, para. 0140, if a corruption has been detected as determined by evaluating the signature identities[i.e. value] and determining a change has occurred, the module(s) is/are excluded from the generated attestation report[i.e. claim] to indicate corruption); 	Lee does not teach generating an attestation token after a successful attestation of the software, the attestation token including the generated claim; and transmitting the attestation token to the host machine 	However, Falk teaches generating an attestation token after a successful attestation of the software, the attestation token including the generated claim(see US 20190028466, Falk, para. 0005, 0064 and 0065, where a certificate[i.e. token] is issued if the verification[i.e. attestation] of the device software is successful, wherein the certificate reports the identifier of the security classification); and transmitting the attestation token to the host machine(see US 20190028466, Falk, para. 0005, where the certificate is sent to a second device[i.e. host] from a first device).  	It would have been obvious to one of ordinary skill in the art prior to the effective (see Falk, para. 0003)  

 	In regards to claim 10, the combination of Lee and Falk teach the non-transitory computer readable medium of claim 9, wherein the request from the host machine comprises an event log associated with an execution of the software at the launch time, the event log comprising a plurality of entries at least one of which is associated with the at least one security-related configuration and the corresponding runtime behavior of the software(see US 20100281273, Lee, para. 0140, where an attestation report[i.e. event log] is generated that includes hash information [i.e. security related configuration] computed at the launch time and excludes runtime attestation information that indicates a module has been corrupted).  

 	In regards to claim 11, the combination of Lee and Falk teach the non-transitory computer readable medium of claim 10, wherein the event log further comprises metadata associated with the software, the metadata comprising a plurality of hashes associated with a plurality of components of the software executed at the launch time, wherein the successful attestation of the software comprises a successful matching of at least one of the plurality of hashes against a corresponding hash stored at the attestation machine(see US 20100281273, Lee, para. 0017, 0119 and 0140, where the attestation report includes metadata and hashes, wherein the metadata identifies several components).  

In regards to claim 16, Lee teaches a computer system, comprising: G58318a memory(see US 20100281273, Lee, fig. 1, item 22, main memory); and a processor coupled to the memory(see US 20100281273, Lee, fig. 1, item 18, processor), the processor being configured to: receive, at an attestation machine, a request from the host machine for attestation of a software executing on the host machine, the request comprising at least one security- related configuration of the software at launch time and a corresponding runtime behavior of the software when the security-related configuration changes(see US 20100281273, Lee, para. 0139, 0140 and fig. 12, where a P2PCall server requests attestation[step 1] from a SRM, wherein the attestation allows the platform to attest to the SRM and crypto module[i.e. software] requested by the server and provides an attestation report identifying the hash computed at launch time over the state of the modules[i.e. software] and confirms with a signature that the module states have not been corrupted during a runtime execution; and in the event a module has been corrupted[i.e. change in hash], the module is excluded from report); generate a claim based on evaluating a value associated with the at least one security-related configuration and the corresponding runtime behavior of the software when the value changes(see US 20100281273, Lee, para. 0140, if a corruption has been detected as determined by evaluating the signature identities[i.e. value] and determining a change has occurred, the module(s) is/are excluded from the generated attestation report[i.e. claim] to indicate corruption); 
Lee does not teach generate an attestation token after a successful attestation of the software, the attestation token including the generated claim; and transmit the attestation token to the host machine 	However, Falk teaches generate an attestation token after a successful attestation of the software, the attestation token including the generated claim(see US 20190028466, Falk, para. 0005, 0064 and 0065, where a certificate[i.e. token] is issued if the verification[i.e. attestation] of the device software is successful, wherein the certificate reports the identifier of the security classification); and transmit the attestation token to the host machine(see US 20190028466, Falk, para. 0005, where the certificate is sent to a second device[i.e. host] from a first device). 	It would have been obvious to one of ordinary skill in the art prior to the effective filing date of the claimed invention to modify the teaching of Lee with the teaching of Falk because a user would have been motivated to enhance the security of a system, taught by Lee, by verifying the trustworthiness of a device for loading software onto the system, taught by Lee, in order to minimize the likelihood of loading malicious code(see Falk, para. 0003)   

 	In regards to claim 17, the combination of Lee and Falk teach the computer system of claim 16, wherein the request from the host machine comprises an event log associated with an execution of the software at the launch time, the event log (see US 20100281273, Lee, para. 0140, where an attestation report[i.e. event log] is generated that includes hash information [i.e. security related configuration] computed at the launch time and excludes runtime attestation information that indicates a module has been corrupted).  


2.) Claims 4-6, 12-14, and 18 are rejected under 35 U.S.C. 103 as being unpatentable over US 20100281273, Lee in view of US 20190028466, Falk and further in view of US 10742421, Wentz

In regards to claim 4, the combination of Lee and Falk teach the method of claim 1. The combination of Lee and Falk do not teach wherein the at least one security-related configuration comprises remote or local console access configuration of the host machine, and the corresponding runtime behavior of the software when the security-related configuration changes comprises discarding the attestation token
However, Wentz teaches wherein the at least one security-related configuration comprises remote or local console access configuration of the host machine, and the corresponding runtime behavior of the software when the security-related configuration changes comprises discarding the attestation token (see US 10742421, Wentz, col. 37, lines 30-53, where a remote device may revoke credential/signatures that prevents software from being executed on a remote device).  (Wentz, col. 36, line 65-col. 37, line 8)

In regards to claim 5, the combination of Lee, Falk, and Wentz teach the method of claim 4, wherein generating the claim comprises generating the claim when evaluating the value associated with the at least one security-related configuration at the launch time indicates that the local or remote console access is disabled(see US 20100281273, Lee, para. 0017, where a first hash value is compared to a second hash value. If a match is not determined, then access to a storage is disabled).  

In regards to claim 6, the combination of Lee, Falk, and Wentz teach the method of claim 5, wherein if, at runtime, the local or remote console access is enabled, the host machine discards the attestation token(see US 10742421, Wentz, col. 37, lines 30-53, where a remote device may revoke credential/signatures that prevents software from being executed on a remote device).  

In regards to claim 12, the combination of Lee and Falk teach the non-transitory computer readable medium of claim 9. The combination of Lee and Falk do not teach wherein the at least one security-related configuration comprises remote or local  (see US 10742421, Wentz, col. 37, lines 30-53, where a remote device may revoke credential/signatures that prevents software from being executed on a remote device).   	It would have been obvious to one of ordinary skill in the art prior to the effective filing date of the claimed invention to modify the teaching of the combination of Lee and Falk with the teaching of Wentz because a user would have been motivated to enhance the security of the system, taught by Lee and Falk, by revoking a software monitoring key, taught by Wentz, in order to prevent unauthorized attempts to execute programs on remote devices(Wentz, col. 36, line 65-col. 37, line 8)

In regards to claim 13, the combination of Lee, Falk, and Wentz teach the non-transitory computer readable medium of claim 12, wherein generating the claim comprises generating the claim when evaluating the value associated with the at least one security-related configuration at the launch time indicates that the local or remote console access is disabled(see US 20100281273, Lee, para. 0017, where a first hash value is compared to a second hash value. If a match is not determined, then access to a storage is disabled).  

 	In regards to claim 14, the combination of Lee, Falk, and Wentz teach the non-transitory computer readable medium of claim 13, wherein if, at runtime, the local or remote console access is enabled, the host machine discards the attestation token(see US 10742421, Wentz, col. 37, lines 30-53, where a remote device may revoke credential/signatures that prevents software from being executed on a remote device).  

In regards to claim 18, the combination of Lee and Falk teach the computer system of claim 16. The combination of Lee and Falk do not teach wherein the at least one security-related configuration comprises remote or local console access configuration of the host machine, and the corresponding runtime behavior of the software when the security-related configuration changes comprises discarding the attestation token 	However, Wentz teaches wherein the at least one security-related configuration comprises remote or local console access configuration of the host machine, and the corresponding runtime behavior of the software when the security-related configuration changes comprises discarding the attestation token (see US 10742421, Wentz, col. 37, lines 30-53, where a remote device may revoke credential/signatures that prevents software from being executed on a remote device).  	It would have been obvious to one of ordinary skill in the art prior to the effective filing date of the claimed invention to modify the teaching of the combination of Lee and Falk with the teaching of Wentz because a user would have been motivated to enhance (Wentz, col. 36, line 65-col. 37, line 8)


3.) Claims 7, 15, and 19 are rejected under 35 U.S.C. 103 as being unpatentable over US 20100281273, Lee in view of US 20190028466, Falk and further in view of US 20160125180, Smith

In regards to claim 7, the combination of Lee and Falk teach the method of claim 1. The combination of Lee and Falk do not teach wherein the at least one security-related configuration comprises an attestation status configuration of the software, and the corresponding runtime behavior of the software when the security-related configuration changes comprises removing one or more encryption keys the host machine received based on the attestation token 	However, Smith teaches wherein the at least one security-related configuration comprises an attestation status configuration of the software, and the corresponding runtime behavior of the software when the security-related configuration changes comprises removing one or more encryption keys the host machine received based on the attestation token (see US 20160125180, Smith, para. 0052, where a status manager detect that a user is no longer present. In response, a private key is removed resulting in the blocking of access to the remote computing device).   	It would have been obvious to one of ordinary skill in the art prior to the effective (see Smith, para. 0002)

In regards to claim 15, the combination of Lee and Falk teach the non-transitory computer readable medium of claim 9. The combination of Lee and Falk do not teach wherein the at least one security-related configuration comprises an attestation status configuration of the software, and the corresponding runtime behavior of the software when the security-related configuration changes comprises removing one or more encryption keys the host machine received based on the attestation token 	However, Smith teaches wherein the at least one security-related configuration comprises an attestation status configuration of the software, and the corresponding runtime behavior of the software when the security-related configuration changes comprises removing one or more encryption keys the host machine received based on the attestation token(see US 20160125180, Smith, para. 0052, where a status manager detect that a user is no longer present. In response, a private key is removed resulting in the blocking of access to the remote computing device).  	It would have been obvious to one of ordinary skill in the art prior to the effective filing date of the claimed invention to modify the teaching of the combination of Lee and Falk with the teaching of Smith because a user would have been motivated to improve the user identification for the system taught by the combination of Lee and falk by (see Smith, para. 0002) 

In regards to claim 19, the combination of Lee and Falk teach the computer system of claim 16. The combination of Lee and Falk do not teach wherein the at least one security-related configuration comprises an attestation status configuration of the software, and the corresponding runtime behavior of the software when the security-related configuration changes comprises removing one or more encryption keys the host machine received based on the attestation token 	However, Smith teaches wherein the at least one security-related configuration comprises an attestation status configuration of the software, and the corresponding runtime behavior of the software when the security-related configuration changes comprises removing one or more encryption keys the host machine received based on the attestation token(see US 20160125180, Smith, para. 0052, where a status manager detect that a user is no longer present. In response, a private key is removed resulting in the blocking of access to the remote computing device).   	It would have been obvious to one of ordinary skill in the art prior to the effective filing date of the claimed invention to modify the teaching of the combination of Lee and Falk with the teaching of Smith because a user would have been motivated to improve the user identification for the system taught by the combination of Lee and falk by reducing the need for user passwords, taught by Smith, in order improve the system’s security and user privacy(see Smith, para. 0002)


4.) Claims 8 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over US 20100281273, Lee in view of US 20190028466, Falk and further in view of US 20200366754, Wang

In regards to claim 8, the combination of Lee and Falk teach the method of claim 1. The combination of Lee and Falk do not teach wherein the attestation token comprises a JSON web token (JWT) and the generated claim is part of a payload of the JWT 	However, Wang teaches wherein the attestation token comprises a JSON web token (JWT) and the generated claim is part of a payload of the JWT(see US 20200366754, Wang, para. 0051 and 0075, where the attestation token is in JSON format, wherein the payload may include a message that sends a “wipe-out” request/notification).  	It would have been obvious to one of ordinary skill in the art prior to the effective filing date of the claimed invention to modify the teaching of the combination of Lee and Falk with the teaching of Wang because a user would have been motivated to insure message integrity for the system taught by Lee and Falk by verifying a digital signature of the combination of public key, attestation token time stamp, and the message payload, taught by Wang, in order to verify the association of a payload with a device(see Wang, para. 0003)

(see US 20200366754, Wang, para. 0051 and 0075, where the attestation token is in JSON format, wherein the payload may include a message that sends a “wipe-out” request/notification).	It would have been obvious to one of ordinary skill in the art prior to the effective filing date of the claimed invention to modify the teaching of the combination of Lee and Falk with the teaching of Wang because a user would have been motivated to insure message integrity for the system taught by Lee and Falk by verifying a digital signature of the combination of public key, attestation token time stamp, and the message payload, taught by Wang, in order to verify the association of a payload with a device(see Wang, para. 0003)

CONCLUSION
Any inquiry concerning this communication or earlier communications from the examiner should be directed to GREGORY LANE whose telephone number is (571)270-7469.  The examiner can normally be reached on 571 270 7469 from 8:00 AM to 6:00 PM.
Taghi Arani, can be reached on 571 272 3787.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).
/GREGORY A LANE/Examiner, Art Unit 2438                                                                                                                                                                                                        



/TAGHI T ARANI/Supervisory Patent Examiner, Art Unit 2438