PNG
    media_image1.png
    172
    172
    media_image1.png
    Greyscale
United States Patent and Trademark Office    
        
            
                                
            
        
    

Commissioner for Patents
United States Patent and Trademark Office
P.O. Box 1450
Alexandria, VA 22313-1450
www.uspto.gov











BEFORE THE PATENT TRIAL AND APPEAL BOARD


Application Number: 15/884,747
Filing Date: 31 Jan 2018
Appellant(s): Depew et al.



__________________
Fred G. Pruner, Jr.
Registration Number: 40,779
For Appellant


EXAMINER’S ANSWER





This is in response to the appeal brief filed 11/12/2020 appealing from the Office action mailed on 6/11/2020.
(1) Grounds of Rejection to be Reviewed on Appeal
Every ground of rejection set forth in the Office action dated 6/11/2020 from which the appeal is taken is being maintained by the examiner except for the grounds of rejection (if any) listed under the subheading “WITHDRAWN REJECTIONS.”  New grounds of rejection (if any) are provided under the subheading “NEW GROUNDS OF REJECTION.”

(2) Response to Argument
The appellant’s arguments on pages 14-15 regarding claim 1 state that: “Moreover, it follows that the hypothetical combination further fails to disclose or render obvious firmware to execute on boot of the computing device that, during a boot process, is to compare the claimed startup inventory to a stored inventory to determine whether the startup inventory and the stored inventory match… However, the Final Office Action errs in this factual finding…Jacobs references the “UEFI secure boot…” and the discussion of the authenticated variables… Here, Jacobs is referencing software image validation per the UEFI secure boot, not taking an inventory as part of the boot process.  (in page 15) However, the UEFI Specification… does not contemplate taking an inventory of the computer system during the secure boot.  The UEFI signature databases are not inventory databases… the UEFI signature databases do not store signatures or any other information for hardware components…”  
Examiner’s response: Examiner believes a background knowledge of a boot process is beneficial to understand the supporting grounds for this rejection. As seen in the rejection section, Examiner notes that the claimed language reciting the firmware engine to execute on boot of the computing device has been mapped to be the BIOS, 
Moreover, the claimed language recites that a comparison is made between the startup inventory and a stored inventory to determine whether they match.  With respect to a stored inventory, the Office Action relies on Jacobs, figure 3, step 302, and paragraph [0032], where it states that default lists are created and stored.  In addition, paragraph [0017] also states that the default lists are created during build time in a factory setting and then injected in the BIOS image.  Examiner believes that this default 

The appellant’s arguments on page 15 regarding claim 1 state that: “The Final Office Action further relies on Lange for the purported disclosure of taking a startup inventor during a boot process…Lange, fails to, however, disclose or render obvious taking the claimed startup inventory as part of a boot process.”  
Examiner’s response:  As pointed out on the previous point, the BIOS is a firmware with functions known to perform a hardware inventory of the system.  During POST, the hardware devices such as the CPU, RAM, motherboard, video card, keyboard, mouse, hard disk drive, optical disk drive, and other hardware, are identified.  This inherent function of the BIOS clearly teaches that a motherboard and a memory device are part of the hardware components identified during a boot process as a system inventory is performed.  However, in order to provide further support, Examiner relied on Lange’s invention, which explicitly lists some of the hardware devices required in the claim language, such as a memory device, as part of the subcomponent list being 


The appellant’s arguments on page 16 regarding claim 9 state that: “…paragraph numbers [0028] and [0036] of Jacobs.  However, neither these passages nor any other part of Jacobs discloses or renders obvious requesting a password as part of a security action to boot a computing device to an operating system.”  
Examiner’s response:  The rejection was built based on the fact that Jacobs requires authentication in order to access the BIOS image (in addition to paragraph [0028] cited, see also paragraphs [0016-0017], and [0026], which further explains that in order to access the default signature lists, such access requires authentication, such as using a platform key).  The claimed language broadly requires “requesting a password as part of the security action to boot the computing device to an operating system”.  Examiner notes that “security action” is not well-defined in the claim language recited, in as part of the security action”.  None of these limitations explicitly define what the security action involves, as in the case of claim 9, claim limitations state that [paraphrasing] as part of the security action, a password is requested to boot the computer device to an operating system.  Thus, per Examiner’s interpretation, the requesting of a password is but a component of the security action taken in order to be able to boot the computing device to an operating system.  With such interpretation, Jacobs teaches that in order to load and run an operating system (i.e. equated to claim language “boot the computing device to an operating system”), the BIOS authenticates the loaders and drivers (see paragraph [0026]).  Paragraph [0026] was referenced to further explain that in order to access the default lists, such access requires authentication, such as using a platform key (as also seen in paragraph [0017] in Jacobs).  This platform key is interpreted as the “password” that must be provided for the BIOS to determine if drivers and operating system are allowed to run (see also Figure 5, paragraphs [0035-0036]).  It is known in the art that passwords are involved in a process of authentication prior to allowing access.  The platform key in Jacobs is taught to facilitate authentication of the lists, i.e. BIOS authenticate the UEFI boot drivers and OS loaders in order to load and run the operating system and drivers (as seen in Figure 5, step 504/step 508; see also paragraphs [0016-0017] for further support).     


The appellant’s arguments on pages 16-17 regarding claim 9 state that: “Jacobs neither discloses or renders obvious, however, requesting a password to boot a computing device to an operating system nor would one of ordinary skill in the art expect such a consequence due to the failure to provide a private part of a key to modify a secure boot variable… (in page 17) Jacobs does not, however, disclose or render obvious preventing the boot of an operating system or requesting a password as part of a security action to boot a computing device to an operating system due to the driver not being contained in a white list or black list.”
Examiner’s response:  The arguments presented above are unclear as to what are the claim limitations that prior art of record fails to disclose.  Appellant seems to narrate what Jacobs discloses in regards to secure boot variables, however, Examiner notes that there is no claim language requiring (paraphrasing and emphasis added) to request a password to boot a computing device to an operating system …due to the failure to provide a part of a key to modify a secure boot variable.  In the same manner, as presented by Appellant in page 17, there is no claim language that requires (paraphrasing and emphasis added) requesting a password as part of a security action to boot a computing device to an operating system due to the driver not being contained in a white list or black list.  Even if Appellant argues that after a failure to provide a private key to modify the secure boot variables (i.e. failed authentication of the platform key in order to access BIOS image, as also seen in paragraphs [0016-0017]) or after determining that a driver is not contained in a white list or black list (as seen in Figure 5), Jacobs does not provide a password in consequence of such failed authentication or in consequence of a determination that a driver is not contained in a 

The appellant’s arguments on page 17-18 regarding claim 9 state that: “As the Final Office Action assumes that all of the elements that are introduced in claim 9 are present in Jacobs’ disclosure, no plausible reason has been advanced to explain why one of ordinary skill in the art would have otherwise derived these elements, absent impermissible hindsight gleaned solely from the present application.”
Examiner’s response:  The Appellant argues that the Examiner’s derivation of elements is based on improper hindsight, yet the Appellant has the burden to show why the combination does not work.  However, Examiner notes that “[a]ny judgement on obviousness is in a sense necessarily a reconstruction based on hindsight reasoning, but so long as it takes into account only knowledge which was within the level of ordinary skill in the art at the time the claimed invention was made and does not include knowledge gleaned only from applicant’s disclosure, such a reconstruction is proper”. [MPEP 2145]. 


The appellant’s arguments on page 23 regarding claim 11 state that: “…paragraph number [0017], this paragraph does not discuss a password of the alleged “key for authentication to access default lists.” …None of these keys, however may be considered a “password”, i.e. a password to which the device responds to place the device in a first mode of security, as set forth in claim 11: “place the device in a first mode of security for the device in response to receiving a password associated with the first mode”.”
Examiner’s response:  As it was presented above, in the Examiner’s response to Appellant’s arguments on page 16 regarding claim 9, the reason Examiner interprets the platform key as the password was discussed.  Furthermore, in Jacobs, paragraph [0017] teaches that in order to access the default signature lists in BIOS, the access needs to be authenticated (i.e. password provided) (see also paragraph [0016] for further support).  The default signature lists are capable of restoring the device to its default settings with its default structures (as seen in throughout Jacobs, paragraphs 42-43).  This default setting with its default structures is what the Examiner deemed as “first mode of security”.

The appellant’s arguments on page 23 regarding claim 11 state that: “…Even assuming, arguendo, that the “key exchange key” may be considered a “password”…, Jacobs fails to disclose or render obvious in the alleged first mode, taking an inventory of the device.”
Examiner’s response:  Appellant argues that taking an inventory of the device in a first mode is not taught.  The argument does not fully convey what the password has to do with any of it.  Examiner notes that the claim language as recited can be construed as taking an inventory after receiving the password.  By way of disclosure, a password is used  to check the default inventory, as presented in Jacobs paragraphs [0016]-[0017], as authentication is needed to access the default lists, which in turn places the device in its default settings, as it was discussed in the response above.


The appellant’s arguments on page 25 regarding claim 16 state that: “Jacobs fails to disclose or render obvious requesting a password, placing a restriction on the boot of an operating system or “requesting a password to boot the device to an operating system upon determining that the startup inventory and the stored inventory do not match”, as recited in claim 16.”
Examiner’s response:  In these arguments, Appellant seems to take a position to infer that requesting a password is similar to placing a restriction on the boot of an operating system.  As it has been explained before, in this exposition, the password, as it is known in the art, is used as part of an authentication process in order to allow access.  If the authentication fails, the access is not allowed, and by inference and using Appellant’s analogy, there remains a restriction in place.  But if the authentication is successful, the access is allowed, and by inference, the restriction is removed.  Therefore, a password, in this context, is not just a restriction, but more of a key, which also concedes with Examiner’s interpretation of the term and also with what is known in prior art.  Jacobs, as presented in paragraph [0016]-[0017], requires authentication to access default signature lists injected in BIOS image.  This authentication, as it has also been explained before in this exposition, is achieved when a platform key is provided.  Furthermore, Appellant argues that Jacobs do not teach “requesting a password…upon determining that a startup inventory and the stored inventory do not match”.  Examiner discusses, in Examiner’s response to Appellant’s arguments on page 14-15 regarding claim 1, how Jacobs teaches on the comparison between startup and stored inventory.  Parting from this premise, Examiner further notes that Jacobs always require always requires authentication to access BIOS image (Jacobs, paragraphs [0016]-[0017], see also paragraph [0030]) in order to determine if the driver is allowed to run (Jacobs, figure 5).  Therefore , Examiner believes that this authentication requirement in Jacobs teaches the claimed limitation argued. 


The appellant’s arguments on page 26 regarding claim 17 state that: “Moreover, the hypothetical combination of Jacobs and Lange fails to disclose or render obvious during a boot process, taking a startup inventory of the device, where this inventory includes a system board.”
Examiner’s response:  This argument has been addressed as it has been presented in the Examiner’s responses for 1) Appellant’s arguments on pages 14-15 regarding claim 1 and 2) Appellant’s arguments on page 15 regarding claim 1, above.



WITHDRAWN REJECTIONS
The following grounds of rejection are not presented for review on appeal because they have been withdrawn by the examiner.

The appellant’s arguments on page 20 for Claim 8 state that: “…the training data for the machine learning algorithm is not part of a list or required resources or part of the list of excluded resources…Moreover, one of ordinary skill in the art would not expect such information to be considered, as training data is not part of an inventory for the computer system or part of an inventory that may be used to detect tampering in connection with the SMM of the computer system.”

The appellant’s arguments on page 24 for Claim 15 state that: “For at least the reasons that are set forth above in the discussion of claim 8, the hypothetical combination of Jacobs, Lange, and Poornachandran fail to disclose or render obvious a stored inventory that includes hardware training data information…”

The appellant’s arguments on page 27 for claim 19 state that: “…the additional, independent reason that the hypothetical combination of Jacobs, Lange and Poornachandran fails to disclose or render obvious a stored inventory that includes hardware training information, for at least the same reasons that are set forth above in discussion of claim 8.”

Examiner’s response:  Appellant’s arguments are persuasive and claim 8, claim 15, and claim 19, which all recite similar subject matter, would be allowable if rewritten in independent form.  

For the above reasons, it is believed that the rejections should be sustained.


/LIZBETH TORRES-DIAZ/Examiner, Art Unit 2495                                                                                                                                                                                                        

Conferees:
/JEFFERY L WILLIAMS/Primary Examiner, Art Unit 2495       

/FARID HOMAYOUNMEHR/Supervisory Patent Examiner, Art Unit 2495                                                                                                                                                                                                                                                                                                                                                                                                         
                                                                                                                                                                                            



Requirement to pay appeal forwarding fee.  In order to avoid dismissal of the instant appeal in any application or ex parte reexamination proceeding, 37 CFR 41.45 requires payment of an appeal forwarding fee within the time permitted by 37 CFR 41.45(a), unless appellant had timely paid the fee for filing a brief required by 37 CFR 41.20(b) in effect on March 18, 2013.