Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Objection
	Claim1 is objected to as it recites:
 	“receiving, from a consumer device, information associated with the consumer device”. As recited  it is not clear who is receiving the information about the consumer device. 
“sending, to an authentication service, the information to verify the consumer device”. As recited it is not clear who is sending the information to the authentication service, is it the consumer device or user or anything else.
“receiving, from the authentication service, a signed unlock token associated with unlocking the consumer device”. As recited it is not clear who is receiving unsigned unlock token from the authenticating service.
“receiving a personal identification number (PIN); and storing the signed unlock token and the PIN in an unencrypted location of the consumer device while the consumer device is in a recovery mode. As recited it is not clear who is receiving and storing the signed unlock  token and the PIN .  
	Claims 11 & 20 are objected to as it recites:
“receive, from a consumer device, information associated with the consumer device”. As recited it is not clear who is receiving the information about the consumer device 


“receive, from the authentication service, a signed unlock token associated with unlocking the consumer device”. As recited it is not clear who is receiving unsigned unlock token from the authenticating service
receive a personal identification number (PIN); and store the signed unlock token and the PIN in an unencrypted location of the consumer device while the consumer device is in a recovery mode”. As recited it is not clear who is receiving and storing the signed unlock  token and the PIN .  
Claims 1, 11 & 20 are objected to as these claims though recite functions, they do not make clear the objective or the outcome of these functions.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


Claims 1-2, 11-12 & 20 are rejected under 35 USC 103 as being unpatentable over Hiroyuki (JP2013037708A Translation with Original is attached) in view of  Shim (US US20130325939)
Regarding claim 1, a method comprising: receiving, from a consumer device, information associated with the consumer device; [0065: First, in step S 21, a request for a terminal ID is transmitted to the SAM 10 via the connection unit 37, and the terminal ID is received from the SAM 10 (step S 21).
sending, to an authentication service, the information to verify the consumer device; [0065: First,…(step 22). In response to Step S 11, the terminal ID and the encrypted terminal ID are transmitted to the center server 40 via the
communication unit 36 (Step S 23).]
receiving, from the authentication service, a signed unlock token associated with unlocking the consumer device; ([0067] "an authentication token is received from SAM10 via the connection part 37. [0151] : a signature is the information which encrypted the hash value which put together payment data and an authentication token with the key.]
receiving a personal identification number (PIN);[ In steps …. terminal device 30. Then, password information such as a password (PIN) is input by the input unit 32. In the terminal device 30, the card information encrypted with the key R is transmitted to the SAM 10. The card information is decrypted by the SAM 10 with the key R and is transmitted to the terminal device 30. In step S 27, the decrypted card information and the password are transmitted to the SAM 10 and encrypted with the key T 1]
and storing the signed unlock token in an unencrypted location of the consumer device,[0067: In response to step S 38, the authentication token is received from the SAM 10 via the connection unit 37, and the authentication token is stored in the RAM 33 (step S 25).]
while the consumer device is in a recovery mode. [0007: It is an object of the present invention to eliminate the time and effort of authentication when recovering from a fault.]
Although Hiroyuki teaches operation in the recovery mode, he does not explicitly teach, however, Shim teaches storing the  PIN in an unencrypted location of the consumer device, [0028] In another aspect of the present invention, provided herein is a terminal management method including : storing a user ID and a password (user information) in a server; transmitting a device ID of a terminal and the user ID and password (PIN) input to the terminal to the server such that the terminal is authenticated and registered in the server; and after receiving a management service request from the terminal, providing the requested management service to the terminal by the server.]
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of  Hiroyuki with the disclosure of Shim. The motivation or suggestion would have been to implement a system that will provide efficient techniques for remotely managing a customer or terminal device.(para 0001-0006, Shim)
Regarding claims 2 & 12, Hiroyuki teaches wherein the information associated with the consumer device includes at least one of device identification information or original equipment manufacturer (OEM) information. [0065: First,…(step 22). In response to Step S 11, the terminal ID and the encrypted terminal ID are transmitted to the center server 40 via the communication unit 36 (Step S 23).]
Regarding claims 11 & 20, these claims are interpreted to be same as claim 1 and rejected for the same reasons as set forth for claim 1.

Claims 3-4 & 13-14 are rejected under 35 USC 103 as being unpatentable over Hiroyuki in view of  Shim and Hallum (US20130145174)
Regarding claims 3 & 13,  although Hiroyuki and Shim teaches signed unlock token as illustrated above in claim 1, they do not teach explicitly, however, Hallum teaches wherein the signed unlock token includes device identification information or original equipment manufacturer (OEM) information, and an unlock type. [0037] In the recovery store 205, a recovery key value may be part of a tuple that associates the recovery key value with other data. For example, the recovery store 205 may associate a recovery key value with a machine identifier, volume identifier, recovery key identifier, stakeholder data, a name of a computer /device that sent the above data, or other data described below. One or more portions of the data associated with the recovery key value may be used to obtain the recovery key value from the recovery store 205. The recovery key value may then be used to unlock the associated volume.]
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of  Hiroyuki and Shim with the disclosure of Hallum. The motivation or suggestion would have been to implement a system that will provide efficient techniques to protect locked data from unauthorized access..(abstract  & para 0001-0006, Hallum)
Regarding claims 4 & 14,  although Hiroyuki and Shim teaches signed unlock token as illustrated above in claim 1, they do not teach explicitly, however, Hallum teaches unlocking an encrypted location of the device with the unlock token.  [0037] In the recovery store 205, a recovery key value may be part of a tuple that associates the recovery key value with other data. For example, the recovery store 205 may associate a recovery key value with a machine identifier, volume identifier, recovery key identifier, stakeholder data, a name of a computer /device that sent the above data, or other data described below. One or more portions of the data associated with the recovery key value may be used to obtain the recovery key value from the recovery store 205. The recovery key value may then be used to unlock the associated volume.]
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of  Hiroyuki and Shim with the disclosure of Hallum. The motivation or suggestion would have been to implement a system that will provide efficient techniques to protect locked data from unauthorized access..(abstract  & para 0001-0006, Hallum)
Claims 5-6 & 15-16 are rejected under 35 USC 103 as being unpatentable over Hiroyuki in view of  Shim and Goel (US 20130160139)
Regarding claims 5 & 15, although, Hiroyuki and Shim teach operation in recovery mode they do not  teach explicitly, however, Goel teaches causing the consumer device to reboot.  [0082] If the security device 227 does not require taking ownership after initialization, the orchestrating agent 225 may facilitate taking ownership of the security device 227 as the next step (e.g., after rebooting) after initializing the security device 227. To do this, the security device 227 may obtain the passphrase and provide it to the security device 227 or call an interface of the security device 227 to cause the security device 227 to obtain the passphrase itself. In taking ownership, a passphrase, PIN, or other data may be provided. This provided data may be used as the root of trust on the device 210. For example, data derived from the provided data may be used to encrypt one or more volumes attached to the device 210 ]
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of  Hiroyuki and Shim with the disclosure of Goel The motivation or suggestion would have been to implement a system that will provide efficient techniques to protect volume data from unauthorized access and quick and easy access to it for legitimate users..(abstract  & para 0001-0003, Goel)
Regarding claims 6 & 16, although, Hiroyuki and Shim teach operation in recovery mode they do not  teach explicitly, however, Goel teaches accessing the unencrypted location of the consumer device; determining that the PIN corresponds to a valid PIN; [0055] In one embodiment, the recovery manager(s) 220 may authenticate the user 215. This may be done, for example, by asking one or more challenge questions to which the user responds, receiving a PIN, password, or other user-known data from the user, obtaining, with consent, biometric data (e.g., fingerprint, retina, DNA, or other biometric data), receiving a code from a portable item (e.g., a USB key, smart card, or the like), obtaining other credentials, a combination of two or more of the above, and the like. This information may authenticate that the user 215 is the stakeholder the user 215 represents the user 215 is.] 
unlocking a key stored in a Trusted Platform Module (TPM), the key configured for use in decrypting information stored on the consumer device.  [0018] The processing unit 120 may be connected to a hardware security device 122. The security device 122 may store and be able to generate cryptographic keys (e.g., via a cryptographic key generator) that may be used to secure various aspects of the computer 110. In one embodiment, the security device 122 may comprise a Trusted Platform Module ( TPM) chip, TPM Security Device, or the like. A TPM chip may have an embedded secret key embedded therein (e.g., burned into the chip) and may be able to authenticate hardware devices by creating a hash based on data regarding the hardware devices of the computer 110. ]
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of  Hiroyuki and Shim with the disclosure of Goel The motivation or suggestion would have been to implement a system that will provide efficient techniques to protect volume data from unauthorized access and quick and easy access to it for legitimate users..(abstract  & para 0001-0003, Goel)
Claims 7-9 & 17-19 are rejected under 35 USC 103 as being unpatentable over Hiroyuki in view of  Shim and Thom (US20130013928)
 Regarding claims 7 & 17,  although Hiroyuki and Shim teach password and recovery mode operation, they do not teach explicitly, however, Thom teaches presenting a user interface including a prompt for the PIN on a display associated with the consumer device; receiving the PIN via the user interface; and determining whether the received PIN corresponds to a valid PIN.  [0044] In an embodiment the computing device 100 employs anti-hammering logic 160. In an aspect of this embodiment the TrEE 120 of the computing device 100 manages the anti-hammering logic 160 for the computing device 100. In an embodiment anti-hammering logic 160 is one or more applications that, when executed, ensure progressively longer wait times for when an inputted user PIN 105 or PUK 115 will be processed for an attempt to unlock the computing device's credentials. In an embodiment the wait time is progressively increased upon input of an invalid user PIN 105 or an invalid PUK 115. In an aspect of this embodiment the anti-hammering logic 160 employs exponentially longer wait times between computing device credential access attempts. Thus, for example, after a third failed attempt by an entity to gain access to the computing device 100 and its credentials, the anti-hammering logic 160 may employ a wait time, also referred to herein as a delay time, or hammer delay time, of two (2) seconds before a fourth attempt will be processed; after a failed fourth attempt the anti-hammering logic 160 may employ a hammer delay time of four (4) seconds before a fifth attempt will be processed; after a failed fifth attempt the anti-hammering logic 160 may employ a hammer delay time of eight (8) seconds before a sixth attempt will be processed; etc.] 
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of  Hiroyuki and Shim with the disclosure of Thom The motivation or suggestion would have been to implement a system that will provide efficient techniques to implement functionality that can be utilized in conjunction with existing computing device credential recovery operations to enable legitimate access to computing device credentials without user credentials such as a user PIN and/or password...(abstract  & para 0001-0005, Thom)
Regarding claims 8 & 18, although Hiroyuki and Shim teach password and recovery mode operation, they do not teach explicitly, however, Thom teaches  determining that the PIN does not correspond to the valid PIN; [0044: In an embodiment….device credential. In an embodiment the wait time is progressively increased upon input of an invalid user PIN 105 or an invalid PUK 115. In an aspect of this embodiment the anti-hammering logic 160 employs exponentially longer wait times between computing device credential access attempts.]
incrementing a count of an input counter; determining whether the count has exceeded a threshold value; and   preventing, in response to determining that the count has exceeded a threshold value, the unlock module from receiving additional inputs for a set period of time.  [0044] In an embodiment the computing device 100 employs anti-hammering logic 160. In an aspect of this embodiment the TrEE 120 of the computing device 100 manages the anti-hammering logic 160 for the computing device 100. In an embodiment anti-hammering logic 160 is one or more applications that, when executed, ensure progressively longer wait times for when an inputted user PIN 105 or PUK 115 will be processed for an attempt to unlock the computing device's credentials. In an embodiment the wait time is progressively increased upon input of an invalid user PIN 105 or an invalid PUK 115. In an aspect of this embodiment the anti-hammering logic 160 employs exponentially longer wait times between computing device credential access attempts. Thus, for example, after a third failed attempt by an entity to gain access to the computing device 100 and its credentials, the anti-hammering logic 160 may employ a wait time, also referred to herein as a delay time, or hammer delay time, of two (2) seconds before a fourth attempt will be processed; after a failed fourth attempt the anti-hammering logic 160 may employ a hammer delay time of four (4) seconds before a fifth attempt will be processed; after a failed fifth attempt the anti-hammering logic 160 may employ a hammer delay time of eight (8) seconds before a sixth attempt will be processed; etc.] 
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of  Hiroyuki and Shim with the disclosure of Thom. The motivation or suggestion would have been to implement a system that will provide efficient techniques to implement functionality that can be utilized in conjunction with existing computing device credential recovery operations to enable legitimate access to computing device credentials without user credentials such as a user PIN and/or password.(abstract  & para 0001-0005, Thom)
Regarding claims 9 & 19, although Hiroyuki and Shim teach password and recovery mode operation, they do not teach explicitly, however, Thom teaches  determining that the period of time has ended; presenting the user interface including a prompt for a second PIN; and resetting the count of the input counter.  [0105] Referring to FIG. 2D, if at decision block 260 an entity has input a PUK and the computing device is being hammered, then in an embodiment at decision block 270 a determination is made as to whether the entity has issued a reset lockout command. If no, in an embodiment the computing device delays the current set hammering time 271. Thereafter, in an embodiment the computing device retrieves the unblock key from storage and attempts to use the inputted PUK to unlock the unblock key 261. In an aspect of this embodiment the TrEE of the computing device retrieves the locked unblock key from its meta data and attempts to unlock the unblock key with the inputted PUK 261. [0106] If at decision block 270 the entity has issued a reset lockout command then in an embodiment the computing device retrieves the locked unblock key from storage and attempts to use the newly inputted PUK to unlock the unblock key 272. In an aspect of this embodiment the TrEE of the computing device retrieves the locked unblock key from its meta data and attempts to unlock the unblock key with the inputted PUK 272.]
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of  Hiroyuki and Shim with the disclosure of Thom. The motivation or suggestion would have been to implement a system that will provide efficient techniques to implement functionality that can be utilized in conjunction with existing computing device credential recovery operations to enable legitimate access to computing device credentials without user credentials such as a user PIN and/or password.(abstract  & para 0001-0005, Thom)

Claim 10 is rejected under 35 USC 103 as being unpatentable over Hiroyuki in view of  Shim and Rothman (US 20050071621)
Regarding claim 10, although, Hiroyuki and Shim teach recovery mode they do not teach explicitly, however, Rothman teaches the unencrypted location comprising an Extensible Firmware Interface (EFI) System Partition. [[0031] In one example, the compatibility support module 208A may be stored in a secure or protected area to prevent intentional or accidental tampering and/or corruption. As shown in the example of FIG. 4, the compatibility support module 208A is stored on a secure area or host protected area (HPA) 124, of the hard disk drive 122. As will be readily apparent by those ordinarily skilled in the art, the HPA 124 is a secure storage area that is protected by the EFI 206 in a manner such that a user is prohibited from accidentally or intentionally accessing its contents. This security may be implemented by requiring the processor system 100 to be in a special operating mode and/or requiring the user to provide a password. In other words, storing the compatibility support module 208A on the HPA 124 provides a level of security that prohibits a user or software process from accessing it and/or corrupting it.]
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of  Hiroyuki and Shim with the disclosure of Rothman. The motivation or suggestion would have been to implement a system that will provide efficient n protective techniques for storing in clear sensitive information. (para 0001-0004, Rothman) 

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHER KHAN whose telephone number is (571)272-8574.  The examiner can normally be reached on Monday-Friday-8:00am - 5:00pm (EST).If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni Shiferaw can be reached on 571-272-3867.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/SHER A KHAN/Primary Examiner, Art Unit 2497