DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This office action is in response to communication filed on 12/03/2021.
Status of claims in the instant application:
Claims 1-5 and 7-20 are pending.
Claim 6 has been canceled.
Claims 1-5, 7-9, 11, 13, 16-17 and 20 have been amended.
No new claim has been added.
Priority
This application claims benefit of 62/858670 filed on 06/07/2019.
Response to Arguments
Applicant’s arguments, see page [9-10] of the remarks filed on 12/03/2021 with respect to “Rejection of Claims under 35 USC 101 – as an abstract idea”, have been fully considered in view of the amended claims, and they are persuasive. Therefore, the “Claim Rejections” have been withdrawn.
Applicant’s arguments, see page [10] of the remarks filed on 12/03/2021 with respect to “Rejection of Claims under 35 USC 112(b)”, have been fully considered in view of the amended claims, and they are persuasive. Therefore, the “Claim Rejections” have been withdrawn.
Note that Applicant’s arguments noted the 112 rejections as 112(a) rejection. But the rejections in the previous office action was for indefiniteness (i.e. 112(b)
Applicant’s arguments, see page [10-14] of the remarks filed on 12/03/2021 with respect to “Rejection of Claims under 35 USC 103”, have been fully considered in view of the amended claims, and they are persuasive. Therefore, the “Claim Rejections” have been withdrawn.
Allowable Subject Matter
Claims 1-5 and 7-20 are allowed, but they renumbered as claims 1-19.
The following are examiner's statement of reasons for allowance: The following prior arts were yielded during the examination of applicant’s amended claim set filed on 12/03/2021 in response to office action mailed on 09/03/2021. They do not explicitly teach the applicant’s claimed invention, in view of the amended claims, but are in general realm of applicant’s field of endeavor:
US-PGPUB 20190098007 A1, Coleman et al.: Coleman discloses m Methods and systems are disclosed for endpoint protection and authentication schemes for a host computer system having an internet isolation system. A first host computer system may include a first memory space and a second memory space. The first memory space may be configured to enable storage and operation of a workspace configured to execute a first set of one or more applications and processes running on an operating system of the first host computer system. The second memory space may be configured to enable storage and operation of a second set of one or more applications and processes associated with an isolated computing environment (e.g., a sandboxed computing environment) configured to run on the operating system. When the first host computer system is connected to a network that is known or associated with a 
US-PGPUB 20120159156 A1, Barham et al.: Barham discloses a secure location system that leverages location-based services and hardware to make access decisions. Many mobile computers have location devices, such as GPS. They also have a trusted platform module (TPM) or other security device. Currently GPS location data is made directly accessible to untrusted application code using a simple protocol. The secure location system provides a secure mechanism whereby the GPS location of a computer at a specific time can be certified by the operating system kernel and TPM. The secure location system logs user activity with a label indicating the geographic location of the computing device at the time of the activity. The secure location system can provide a difficult to forge, time-stamped location through a combination of kernel-mode GPS access and TPM security hardware. Thus, the secure location system incorporates secure location information into authorization and other operating system decisions.
US-PGPUB 20190132739 A1, Raleigh et al.: Raleigh discloses a system for secure DDRs includes a processor of a wireless communication device for wireless communication with a wireless network, in which the processor is configured with a secure execution environment, and in which the secure execution environment is configured to: monitor service usage of the wireless communication device with the wireless network; and generate a plurality of device data records of the monitored service usage of the wireless communication device with the wireless network, in which each device data record is associated with a unique sequence order identifier; and a 
US-PGPUB 20060265761 A1, Rochette et al.: Rochette discloses a method and system for protecting a computer platform from malware. The protection is achieved by encapsulating an application that can serve as a malware conduit within a protected capsule environment, so as to prevent the conduit application or any processes originated therefrom from accessing and making changes to objects associated with an operating system (OS) of the computer platform or with other applications running on the computer platform outside of the capsule environment, thereby preventing the malware provided via the conduit application from contaminating the computer platform outside of said secure protected environment, or capsule. Capsule runtime software manages the dynamic state of the encapsulated application, and re-directs system service requests generated by the application and associated processes from OS-provided system objects to corresponding object libraries provided within the capsule object set, so that any malware induced changes remain local to the capsule. Protection of the operating system and most applications running on the computer platform is thus provided by the isolation of the conduit applications within a secure capsule environment, which can be safely removed from the computer platform, together with any changes introduced by the malware to the computer platform, without affecting the computer operation.

US-PGPUB 20170277570 A1, LaMantia et al.: LaMantia discloses a system and method for coordinating security components, including: determining, by an application executing on a client device, a need to perform a sharable functional task; identifying a first security component and a second security component installed on the client device and capable of performing variations of the sharable functional task, where variations of the sharable functional task are functionally overlapping and not identical; identifying a set of characteristics characterizing the first security component and the second security component; selecting the second security component as a primary security component for performing a variation of the sharable functional task based on the set of characteristics; delegating, by one or more processors, performance of the sharable functional task to the primary security component; and instructing the processors to cause functionality associated with the first security component to be at least partially suspended.
US-PAT 8099596 B1, Rusakov et al.: Rusakov discloses systems, methods and computer program products for protecting applications deployed on a host computer from malware using virtualization. An exemplary malware protection system may include a kernel-level driver configured to intercept system calls addressed to an object of a protected application. The system also includes an analysis engine configured to determine if there are security rules associated with one or more of the intercepted system call, the object of the protected application, and the actions allowed on the object of the protected application. The security rules indicate whether the 
However, none of the prior arts of record, alone or in combination, discloses all the limitations of the amended independent claims 1, 16 and 20; specifically they do not disclose “receiving, by the secure execution context, first data representing  information about a state of the device, the state of the device  including the physical environment of the device, the first data being a first reading from the one or more sensors obtained within the secure execution context; requesting from the operating system second data representing the state of the device, the second data being a second reading from the one or more sensors obtained by the operating system; comparing, in the secure execution context, the first data and the second data to obtain a comparison result; and  based on the comparison result, returning a determination whether to  perform an action representing a response to a mismatch between the first data and the second data”.
Therefore, the independent claim are allowable over the prior arts. The dependent claims being definite, further limiting, and fully enabled by the specification are also allowed by virtue of their dependence on the independent claims.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably 
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MAHABUB S AHMED whose telephone number is (571)272-0364.  The examiner can normally be reached on 9AM-5PM EST M-F.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kambiz Zand can be reached on (571)272-3811.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




/KAMBIZ ZAND/Supervisory Patent Examiner, Art Unit 2434