DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 
Claims 2-21 have been presented for examination and are rejected.

The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees.  A nonstatutory double patenting rejection is appropriate where the claims at issue are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); and In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on a nonstatutory double patenting ground provided the reference application or patent either is shown to be commonly owned with this application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).
The USPTO internet Web site contains terminal disclaimer forms which may be used.  Please visit http://www.uspto.gov/forms/.  The filing date of the application will determine what form should be used.  A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission.  For more information about eTerminal Disclaimers, refer to http://www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.

Claims 2-21 are rejected on the ground of nonstatutory double patenting as
being unpatentable over claims 1-20 of U.S. Patent No. 11082491 hereinafter ‘491. Although
the claims at issue are not identical, they are not patentably distinct from each other because each
element of the claims of the instant application claim 2 is anticipated claim 1 of patent ‘491. 
Please see the table below that provides a mapping between the limitations of the present application and the patent applications above.

The instant application- 17/379,106
U.S. Patent No. 11082491
Claim  2. (New) A method performed by a computer program that is executing on a computing device to install an application thereon, the method comprising: 

obtaining origin information from a process token of the executing computer program, wherein the origin information is information included in the process token by a policy enforcement module that is concurrently executing on the computing device; 

writing a file associated with the application to a storage device of the computing device; and 

storing a copy of the origin information as metadata associated with the file.
Claim 3. (New) The method of claim 2, wherein the origin information indicates at least one of:
 a deployment source for the application, or a source of trust for the application.

Claim 1.  A method performed by an application package that is executed on a computing device to install an application thereon, the method comprising: 

obtaining origin information from a process token of the executing application package, the process token having received the origin information from a policy enforcement module that is concurrently executing on the computing device, the origin information indicating one of: a deployment source for the application package, or a source of trust for the application package; 
writing a file associated with the application to a storage device of the computing device; and 

storing a copy of the origin information as metadata associated with the file.
Claim 4. (New) The method of claim 3, wherein the computing device is part of an enterprise and the origin information indicates that the deployment source for the application comprises a managed installer for the enterprise.
Claim 2.    The method as recited in claim 1, the computing device being part of an enterprise and the origin information indicating that the deployment source for the application package comprises a managed installer for the enterprise
Claim 5.    (New) The method of claim 3, wherein the origin information indicates that the source of trust for the application comprises a reputation checking service that verified the application as being trustworthy.
Claim 3.  The method as recited in claim 1, the origin information indicating that the source of trust for the application package comprises a reputation checking service that verified the application package as being trustworthy.
 
Claim 6. (New) The method of claim 2, wherein the metadata associated with the file is stored in at least one or more of:
 alternate data stream extended attributes; 
a second file separate from the file; or a database.
Claim 4. The method as recited in claim 1, wherein the metadata associated with the file is stored in at least one of: 
alternate data stream extended attributes, 
a second file separate from the file or a database.
Claim 8.  (New) A computing device comprising: 
one or more processors; and 
a computer-readable storage medium having stored thereon a computer program that is executable by the one or more processors to install an application on the computing device by: 
responsive to execution of the computer program, obtaining origin information from a process token of the executing computer program, wherein the origin information is information included in the process token by a policy enforcement module that is concurrently executing on the computing device; 
writing a file associated with the application to a storage device of the computing device; and 
storing a copy of the origin information as metadata associated with the file.
Claim 9. (New) The computing device of claim 8, wherein the origin information indicates at least one of: 
a deployment source for the application, or a source of trust for the application.
.


Claim 10. (New) The computing device of claim 9, wherein the computing device is part of an enterprise and the origin information indicates that the deployment source for the application comprises a managed installer for the enterprise

Claim 11. (New) The computing device of claim 9, wherein the origin information indicates that the source of trust for the application comprises a reputation checking service that verified the application as being trustworthy.
.
Claim 12.  (New) The computing device of claim 8, wherein the policy enforcement module is configured to: receive a request to perform an action with regard to the file; 

determine whether, based on a policy applied to the computing device, the origin information associated with the file corresponds to a trusted origin for the computing device; 

in response to determining that the origin information associated with the file corresponds to a trusted origin for the computing device, allow the action to be performed on the computing device; and

 in response to determining that the origin information associated with the file does not correspond to a trusted origin for the computing device, prevent the action from being performed on the computing device unless the policy otherwise indicates that the action can be performed on the computing device.
Claim 11. A method implemented in a computing device, the method comprising: 
receiving a request to perform an action with regard to a file for an application installed on the computing device; 
accessing a policy applied to the computing device; 
determining whether, based on the policy, an origin of the application is trusted for the computing device, the origin being based at least in part on an origin claim of a process token of an executing application package used to install the application, the process token having received the origin claim from a policy enforcement module that is concurrently executing on the computing device;

 in response to determining that the origin of the application is trusted for the computing device, allowing the action to be performed; and 

in response to determining that the origin of the application is not trusted for the computing device, preventing the action from being performed on the computing device unless the policy otherwise indicates that the application can be performed on the computing device.
Claim 13. (New) The computing device of claim 12, wherein the computing device is part of an enterprise and the policy is received from an enterprise management service for the enterprise

Claim 14. (New) The computing device of claim 12, wherein the file includes an executable file for the application, and the action comprises running the application.   
Claim 12. The method as recited in claim 11, the file including an executable file for the application, and the action comprising running the application.
Claim  15. (New) The computing device of claim 12, wherein the action comprises accessing a resource of the computing device or a resource on a network coupled to the computing device.
 Claim 13. The method as recited in claim 11, the action comprising the application accessing a resource of the computing device or a resource on a network coupled to the computing device.
Claim  17. (New) A computer-readable storage medium having stored thereon a computer program that is executable by one or more processors to perform a method for installing an application on a computing device, the method comprising: 

responsive to execution of the computer program, obtaining origin information from a process token of the executing computer program, the origin information is information included in the process token by a policy enforcement module that is concurrently executing on the computing device;

writing a file associated with the application to a storage device of the computing device; and 
storing a copy of the origin information as meta associated data with the file. 

Claim 18. (New) The computer-readable storage medium of claim 17, wherein the origin information indicates at least one of: 
a deployment source for the application, or a source of trust for the application.
Claim 20. A computing device comprising: 
one or more processors; and
 a computer-readable storage medium having stored thereon multiple instructions that, responsive to execution of an application package by the one or more processors to install an application on the computing device, cause the one or more processors to: 
obtain origin information from a process token of the executing application package, the process token having received the origin information from a policy enforcement module that is concurrently executing on the computing device, 
the origin information indicating one of: 
a deployment source for the application package, or a source of trust for the application package; 
write a file associated with the application to a storage device of the computing device; and 
store a copy of the origin information as metadata associated with the file.
Claim 19. (New) The computer-readable storage medium of claim 18, wherein the computing device is part of an enterprise and the origin information indicates that the deployment source for the application comprises a managed installer for the enterprise.
Claim 18.  The method as recited in claim 11, the computing device being part of an enterprise and the determining comprising determining that the origin of the application is trusted where the origin of the application comprises a managed installer for the enterprise
Claim 20. (New) The computer-readable storage medium of claim 18, wherein the origin information indicates that the source of trust for the application comprises a reputation checking service that verified the application as being trustworthy.
Claim 19. The method as recited in claim 11, the determining comprising determining that the origin of the application is trusted where the origin of the application indicates that a reputation service verified the application package as trustworthy, the reputation service being identified as a trusted origin in the policy.


Conclusion

Any inquiry concerning this communication or earlier communications from the examiner should be directed to ELIZABETH KASSA whose telephone number is (571)270-0567.  The examiner can normally be reached on Monday -Friday 9 AM -6 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ario Etienne can be reached on 517-272-4001.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

07/16/2022



/ELIZABETH KASSA/
Examiner, Art Unit 2457

/ARIO ETIENNE/Supervisory Patent Examiner, Art Unit 2457