DETAILED ACTION
This action is responsive to the following communications: Applicants’ Response filed on June 21, 2022. All references to this application refer to the U.S. Patent Application Publication No. 2022/0014382 A1. 

The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

THIS ACTION IS MADE FINAL.

Claims 1-20 are pending in this case.1 Claims 1, 8, and 15 are amended. Claims 1, 8, and 15 are the independent claims. Claims 1-20 are rejected.

Specification




The objections to the disclosure, including those directed to improper trademark usage, are withdrawn in view of the amendments.

Examiner’s Note
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
This application currently names joint inventors. In considering patentability of the claims the Examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary. Applicants are advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the Examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.

Claims 1-6, 8-13, and 15-20 are rejected under 35 U.S.C. 103 as being unpatentable over U.S. Patent Application Publication No. 2006/0179009 A1, filed by Tagg on February 8, 2005, and published on August 10, 2006 (hereinafter Tagg), in view of U.S. Patent Application Publication No. 2019/0158275 A1, filed by Beck on November 21, 2018, and published on May 23, 2019 (hereinafter Beck).

With respect to independent claim 1, Tagg discloses a method for creating an assured record of a user interaction, comprising: 
Receiving, at an application, an agreement requiring assurance, the agreement having instructions for generating a confirmation file of a user interaction with the agreement; Tagg discloses managing conditions for an agreement over a network, where the managing tool generates the agreement and all terms and conditions associated with the agreement prior to its transmission to an end user (see Tagg, paragraphs 0045 [system generates an agreement comprising terms and conditions], 0046 [providers present the offer to potential customers of digital assets, such as software or a service], and 0048 [actions are associated with the agreement which are performed on the terms and conditions, actions which include the recipient’s acceptance or rejection, which are managed by the provider; the package is delivered to the recipient who performs some action on the agreement, and a response is generated and returned with information about the action, which is stored in the provider system and managed by a tracking tool]).
Providing the agreement to a module of the application, Tagg discloses providing the agreement to the application (see Tagg, paragraphs 0046 and 0048, described supra).
The module performing stages comprising: 
Presenting the agreement in a user interface; Tagg discloses presenting the agreement to the user in a manner that requires a type of interaction specified by the instructions (see Tagg, paragraphs 0046 and 0048, described supra).
Receiving the user interaction, the user interaction indicating acceptance of the agreement according to the instructions; Tagg discloses receiving input accepting or declining the agreement (see Tagg, paragraph 0048, described supra).
Tagg fails to expressly disclose retrieving information indicating whether the user device is compliant based on a set of compliance rules.
	However, Beck teaches that devices are checked for compliance by requiring that both parties use a Digital Attestation Container (DAC) trusted client application that uses keys cleared by an encrypted secure digital attestation content holdings (DACH) verified by a DAC Clearing Service prior to consummating the transaction, and then used throughout the transaction (see Beck, paragraphs 0030 [introducing the DAC, DACH, and DAC Clearing Service], 0080 [describing a high level clearing process, in which a DAC trusted client presents information about itself and a recipient (e.g., both parties) to the DAC Clearing Service, demonstrating that the DAC trusted client has not been tampered with (e.g., still in compliance) and can be used to process a transaction; once verified, a session key is negotiated and encrypted along with application context information for credential verification, and the transaction proceeds], and 0087 [DAC trusted client can be restricted based on MAC address or other device identifying information]). 
	Accordingly, it would have been obvious to one of ordinary skill in the art, having the teachings of Tagg and Beck before him before the effective filing date of the claimed invention, to modify the method of Tagg to incorporate retrieving information indicating whether the user device is compliant based on a set of compliance rules as taught by Beck. One would have been motivated to make such a combination because this protects the system from attacks, as taught by Beck (see Beck, paragraph 0018 [“Given the increasing significance of Oracles, attacks directed at the availability of the Oracles (e.g., denial of service and/or other attacks against the Oracles) at the time a smart contract can require their services can pose great risk. Poor availability of these services, for example, as a result of malicious attacks or poor reliability of the core Oracle service, can pose a problem for smart contracts in that without availability, the smart contracts entered, cannot be executed. Moreover, an Oracle recognizing its interest or desire to block the execution of a specific transaction can deny required attestation that has been contemplated to either extort greater value from the smart contract parties or otherwise deny access to data altogether.”])
	Tagg, as modified by Beck, further teaches the method comprising:
Generating the confirmation file based on the instructions, the confirmation file including the user interaction, an indication of whether the user device is compliant, and a digital signature from the module; Tagg further teaches generating the confirmation file based on the instructions (see Tagg, paragraph 0048, described supra). Additionally, Beck further teaches the inclusion of DAC Trusted Client information about the transaction, including digital signatures, that can be included in the confirmation file (see Beck, paragraphs 0025 [the smart contract execution state and information about the state of the contract (e.g., completed) can be recorded as artifacts which can be written to ledgers, including blockchain, for storage or processing], 0032 [digital signatures assure that the agreement and the user interactions are genuine], 0042 [digital signatures are incorporated into the data exchange, and include further trusted information], 0069 [code signing techniques are used to prevent bad actors from manipulating the system], 0097-0101 [notarized receipts of the transaction including transaction details can be stored or transmitted to parties]; see also, Beck, paragraphs 0030, 0080, and 0087, described supra).
Wherein the user interaction is authorized by the application based on the confirmation filed indicating that the user device is compliant and that the user interaction indicates an acceptance of the agreement; Tagg further teaches confirming the agreement to the user in a manner that requires a type of interaction specified by the instructions (see Tagg, paragraphs 0046 and 0048, described supra). Additionally, Beck further teaches that the contract can only be executed upon confirmation that the parties are in compliance with the DC Trusted Client and its associated rule set (see Beck, paragraphs 0025, 0030, 0032, 0042, 0069, 0080, 0087, and 0097-0101, described supra).

With respect to dependent claim 2, Tagg, as modified by Beck, teaches the method of claim 1, as described above.
	Tagg further teaches the method wherein the agreement is received from a server in response to a request from the application.
	Tagg further teaches the agreement is received in response to a request from the user device (see Tagg, paragraphs 0046 and 0048, described supra, claim 1).

With respect to dependent claim 3, Tagg, as modified by Beck, teaches the method of claim 2, as described above.
	Tagg further teaches the method, the stages further comprising sending, by the application, the confirmation file to the server, wherein the server verifies and records the confirmation file.
	Tagg further teaches that the application sends the response back to the server, wherein the server verifies and records the response (see Tagg, paragraph 0048, described supra, claim 1).

With respect to dependent claim 4, Tagg, as modified by Beck, teaches the method of claim 2, as described above.
	Beck further teaches the method 
Wherein the agreement further includes a signature from the server, Beck further teaches that the digital asset includes a signature indicating its origins (see Beck, paragraphs 0032, 0042, and 0069, described supra, claim 1).
The stages performed by the module further comprise verifying that that the agreement came from the server using the signature; Beck further teaches confirming the trustworthiness of the package based on the digital signature (see Beck, paragraphs 0032, 0042, and 0069, described supra, claim 1).

With respect to dependent claim 5, Tagg, as modified by Beck, teaches the method of claim 1, as described above.
	Tagg and Beck further teach the method wherein the instructions include a command to execute a script as part of generating the confirmation file, the script being securely stored within the module.
	Tagg further teaches that the package includes instructions to be executed as part of generating the response package (see Tagg, paragraphs 0046 and 0048, described supra, claim 1).
	Beck further teaches the script being securely stored in the module (see Beck, paragraphs 0032, 0042, and 0069, described supra, claim 1).

With respect to dependent claim 6, Tagg, as modified by Beck, teaches the method of claim 1, as described above.
	Beck further teaches the method wherein the generated confirmation file includes a code signature from the module.
	Beck further teaches that the response also includes a digital signature (see Beck, paragraphs 0032, 0042, and 0069, described supra, claim 1).

Independent claim 8, and its respective dependent claims 9-13, recite a non-transitory, computer-readable medium containing instructions that, when executed by a hardware-based processor, performs stages for creating an assured record of a user interaction, the stages comprising the method of independent claim 1, and its respective dependent claims 2-6. Accordingly, independent claim 8, and its respective dependent claims 9-13, are rejected under the same rationales used to reject independent claim 1, and its respective dependent claims 2-6, which are incorporated herein.

Independent claim 15, and its respective dependent claims 16-20, recite a system for creating an assured record of a user interaction, comprising: a memory storage including a non-transitory, computer-readable medium comprising instructions; and a computing device including a hardware-based processor that executes the instructions to carry out stages comprising the method of independent claim 1, and its respective dependent claims 2-6. Accordingly, independent claim 15, and its respective dependent claims 16-20, are rejected under the same rationales used to reject independent claim 1, and its respective dependent claims 2-6, which are incorporated herein.

Claims 7 and 14 are rejected under 35 U.S.C. 103 as being unpatentable over Tagg, in view of Beck, further in view of Non-Patent Literature publication “Mobile Trusted Computing,” by Asokan et al., published in August 2014 (hereinafter Asokan).

With respect to dependent claim 7, Tagg, as modified by Beck, teaches the method of claim 1, as described above.
	Tagg further teaches the method wherein the application is not a trusted application.
	Tagg further teaches that the application is a ‘normal’ application (see Tagg, paragraphs 0045, 0046, and 0048, described supra, claim 1).
Tagg and Beck fail to further teach the method wherein the module has a restricted configuration that prohibits the application from performing any actions not specified in the instructions.
	However, Asokan teaches trusted mobile computing techniques in which a trusted execution environment (TEE) isolates secure applications and files from unsecure applications and files (see Asokan, Figs. 1-2; see also, Asokan, page 1189 [TEE is a secure integrity-protected processing environment isolated from the normal processing environment, for improving security and ensuring that sensitive information and operations are restricted to the TEE], 1191-1192 [describing the isolated execution environment and protections of the TEE in which only trusted applications are allowed to operate in the TEE], and 1192 [describing the attestation and provisioning operations of the TEE using encrypted (cryptographic) security keys]).
	Accordingly, it would have been obvious to one of ordinary skill in the art, having the teachings of Tagg, Beck, and Asokan before him before the effective filing date of the claimed invention, to modify the method of Tagg, as modified by Beck, to incorporate TEEs as taught by Asokan. One would have been motivated to make such a combination because this isolates and protects sensitive operations and data, as taught by Asokan (see Asokan, page 1191, described supra).

Dependent claim 14 recites a non-transitory, computer-readable medium containing instructions that, when executed by a hardware-based processor, performs stages for creating an assured record of a user interaction, the stages comprising the method of dependent claim 7. Accordingly, dependent claim 14 is rejected under the same rationales used to reject dependent claim 7, which are incorporated herein.

Response to Arguments
Applicants’ arguments filed June 21, 2022, have been fully considered but they are not persuasive.

	Applicants aregue that neither Tagg, Beck, nor Asokan, teaches the amended language of the independent claims (see Response, pages 10-11). The Examiner respectfully disagrees.

	As indicated above, the rejections have been augmented and slightly restructured to address the inserted language of the independent claims, primarily with respect to additional citations to Beck. 
	Applicants argue that Beck does not appear to contemplate including an indication of device compliance in a confirmation file or that the interaction is accepted based on the confirmation file indicating that the device is compliant and the agreement is accepted. However, while the language is not identical, Beck clearly teaches using Trusted Clients and recording information about the transaction, the parties, the confirmation of the device compliance, and other data and metadata about the transaction in a ledger that can be stored or processed. These teachings appear to clearly read on the amended claim language, and therefore, the claims are rejected as recited above.

Conclusion
It is noted that any citation to specific pages, columns, figures, or lines in the prior art references any interpretation of the references should not be considered to be limiting in any way. A reference is relevant for all it contains and may be relied upon for all that it would have reasonably suggested to one having ordinary skill in the art. In re Heck, 699 F.2d 1331-33, 216 USPQ 1038-39 (Fed. Cir. 1983) (quoting In re Lemelson, 397 F.2d 1006, 1009, 158 USPQ 275, 277 (CCPA 1968)).

THIS ACTION IS MADE FINAL. Applicants are reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the Examiner should be directed to ERIC J. BYCER whose telephone number is (571) 270-3741. The Examiner can normally be reached Monday - Thursday 9am-6pm, and alternate Fridays 9am-5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, Applicants are encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

If attempts to reach the Examiner by telephone are unsuccessful, the Examiner’s supervisor, KIEU D. VU can be reached on (571) 272-4057. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.

Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/ERIC J. BYCER/
Primary Examiner
Art Unit 2173




    
        
            
        
            
    

    
        1 Claim 12 is missing a caption. Claim 12 should be captioned as (Original).