PNG
    media_image1.png
    340
    340
    media_image1.png
    Greyscale
United States Patent and Trademark Office    
        
            
                                
            
        
    

Commissioner for Patents
United States Patent and Trademark Office
P.O. Box 1450
Alexandria, VA 22313-1450
www.uspto.gov











BEFORE THE PATENT TRIAL AND APPEAL BOARD


Application Number: 15/388,813
Filing Date: 22 Dec 2016
Appellant(s): Pan, Shilin



__________________
Gayatry Nair Reg # 70,812
For Appellant


EXAMINER’S ANSWER






This is in response to the appeal brief filed November 20, 2020 .


(1) Grounds of Rejection to be Reviewed on Appeal

Every ground of rejection set forth in the Office action dated September 21, 2020  from which the appeal is taken is being maintained by the examiner except for the grounds of rejection (if any) listed under the subheading “WITHDRAWN REJECTIONS.”  New grounds of rejection (if any) are provided under the subheading “NEW GROUNDS OF REJECTION.”

 (2) Response to Argument

A. The Appellant states that combination of Pirzadeh and Isozaki does not disclose all the claimed limitations to render obvious claims 1 and 5-29.
The Examiner responds that claims 1 and 5-29 stand rejected under 35 U.S.C. § 103 as being unpatentable over U.S. Patent Application Publication 2011/0078081 {Pirzadeh) in view of U.S Patent Application Publication 2014/0298026 {Isozaki). Claims 5-28 depend from independent claim 1. Therefore, claims 1 and 5-29 are rejected over the combination of Pirzadeh and Isozaki as set forth in the Final Office action dated September 21, 2020.

Examiner notes the following mapping of structural claim elements to the prior art. 

a secure storage region – Pirzadeh, Figure 2,  element 210
a common storage region – Pirzadeh, Figure 2,  element 207

a first storage – Pirzadeh, Figure 2,  element 210 and paragraph 24
one central processing unit (CPU) coupled to the transceiver, the memory, and the SE, –      Pirzadeh, Figure 2,  element 204

B.  The Appellant states that the combination of Pirzadeh and Isozaki does not disclose an SE and at least one CPU being located in a first semiconductor chip, while a memory is located in a second semiconductor chip.
The Examiner states that claims 1 and 5-29 are rejected  over the combination of Pirzadeh and Isozaki because the combination of Pirzadeh and Isozaki discloses an SE and at least one CPU being located in a first semiconductor chip. Examiner submits that Pirzadeh teaches at Figure 2, a mobile device (element 202) discrete elements of the mobile device include a secure element  (210), mobile device circuitry (204) and a memory  (207). 

    PNG
    media_image2.png
    678
    949
    media_image2.png
    Greyscale

The secure element (210) comprises a CPU as well as memory storage for sensitive data, Pirzadeh discloses at paragraph 24 “Note further that a secure element (SE) may include one or more of a secure data storage region, a processing element (such as a CPU or microprocessor capable of executing a set of instructions), or an element capable of executing cryptographic functions, among other components.  Examiner submits that it would be obvious to one of ordinary skill in the art at the time of the invention that the secure element would comprise a single semiconductor chip, therefore Pirzadeh’s disclosure of a processing element and a secure data storage region is sufficient in terms of art to teach the claimed limitation of the SE and the at least one CPU are located in a first semiconductor chip in the mobile payment apparatus.  
Examiner submits that  Pirzadeh’s contactless element 206  maps to the claimed CPU, the Applicants argue that  Pirzadeh uses a different chip integration structure than the chip integration structure recited by the independent claims. In Pirzadeh, only the SE and the contactless communication element are integrated in the same chip. In contrast, the independent claims recite that the CPU running the OS and the SE are integrated in the same chip.  Examiner states that the mere integration of a component is not a novel feature, the functionality of the system discloses by Pirzadeh is equivalent to the process of the claimed invention.  The combination or separation of  claim element is considered an obvious variation of the art.   See    in re Larson, 340 F.2d 965, 968, 144 USPQ 347, 349 (CCPA 1965);  Schenck v. Nortron Corp., 713 F.2d 782, 218 USPQ 698 (Fed. Cir. 1983)  as well as In re Dulberg, 289 F.2d 522, 523, 129 USPQ 348, 349 (CCPA 1961) (The claimed structure, a lipstick holder with a removable cap, was fully met by the prior art except that in the prior art the cap is "press fitted" and therefore not manually removable. The court held that "if it were considered desirable for any reason to obtain access to the end of [the prior art’s] holder to which the cap is applied, it would be obvious to make the cap removable for that purpose.").
C. The Appellant states that the combination of Pirzadeh and Isozaki does not disclose a memory comprising a secure storage region and a common storage region that are isolated from each other, wherein the processor is configured to load the mobile payment software from the 210 ( or an associated secure data storage element or region) may contain user or payment application authentication data, encryption key data, user or payment account identification data, payment transaction record data, account balance data, etc.”.  Examiner therefore submits that Pirzadeh teaching of the secure element having a memory containing sensitive data is sufficient in terms of art to teach the claimed “secure storage region”.  Furthermore the memory 207 of Pirzadeh is mapped to the claim element of“common storage region”.  Examiner submits that since non-secure applications a stored on memory 207, it is a “common storage region”, at paragraph 24 Pizradeh states “Processor 104 may access data storage 112 (or another suitable memory region or element) to retrieve instructions or data used in executing the instructions”.  Examiner submits that element 112 of figure 1 is the same memory as element 207 of figure 2 therefore is sufficient in terms of art to teach  a “common storage region”.    In regard to the limitation “wherein the processor is configured to load the mobile payment software from the secure storage region into the first storage and execute the mobile payment software.”  Examiner states that the processor Pirzadeh states at paragraph 31 “In some embodiments, secure element 210 ( or an associated secure data storage element or region) may contain user or payment application authentication data, encryption key data, user or payment account identification data, payment transaction record data, account balance data, etc. Applications 209 are typically stored as a set of executable Ex parte Masham, 2 USPQ2d 1647 (1987)).imilarly, while features of an apparatus may be recited either structurally or functionally, claims directed to an apparatus must be distinguished from the prior art in terms of structure rather than function alone (MPEP 2214; In re Swineheart, 169 USPQ 226; In re Schreiber, 44 USPQ2d 1429 (Fed. Cir. 1997))
Examiner further submits that Isozaki disclosees a secure storage region and a common storage region that are isolated from each other, wherein the secure storage region is used to store mobile payment software, and wherein the common storage region is used to store general operating system software. At Figure 3, Isozaki teaches secure and non-secure memory regions, Examiner notes that the claim is silent as to how these regions are implemented, as to whether they are physically separate of logically separate, Examiner therefore submits that the logical separation as taught by Isokai is sufficient in terms of art to teach the claimed invention.

D.  The Appellant states that Pirzadeh teaches away from a processor of an SE being configured to load the mobile payment software from the secure storage region into the first storage and execute the mobile payment software.
In re Oetiker, 977 F.2d 1443, 24 USPQ2d 1443 (Fed. Cir. 1992).  In this case,  Pirzadeh and Isozaki both deal with a problem similar to that of the claim invention in that they both segregate sensitive data to improve the security of a transaction by protecting segments of data.

E. The Appellant states that Claim 7 is allowable over the combination of Pirzadeh and Isozaki because the combination of Pirzadeh and Isozaki does not disclose the limitations of claim 7.
The Examiner responds the dependent claim 7 is rejected over the combination of Pirzadeh and Isozaki because dependent claim 7 depends from independent claim 1, which is rejected for the reasons discussed above. Examiner submits that the combination of Pirzadeh and Isozaki discloses that the SE further comprises a second storage configured to store a startup program for initiating the processor, and wherein the processor is further configured to read the startup program from the second storage when the SE is powered on, load the mobile payment operating system software from the memory to the first storage under action of the startup program, and execute the mobile payment operating system software. Pirzadeh teaches at paragraph 37 “As shown in the figure, in some embodiments, the inventive system design or architecture is composed of a set of functional modules that are implemented as executable instructions (or another functionally equivalent form, such as firmware, middleware, etc.) in a secure element 302. Secure element (SE) 302 represents one possible embodiment for 

F. The Appellant states that Claim 18 is allowable over the combination of Pirzadeh and Isozaki because the combination of Pirzadeh and Isozaki does not disclose the limitations of claim 18.
The Examiner responds the dependent claim 18 is rejected over the combination of Pirzadeh and Isozaki because dependent claim 18 depends from independent claim 1, which is rejected for the reasons discussed above.
Examiner submits that the combination of Pirzadeh and Isozaki  discloses that the SE is configured to perform security verification on the mobile payment software after the processor loads the mobile payment software from the memory to the first storage, and instruct the processor to execute the mobile payment software after the security verification succeeds, wherein the security verification comprises at least one of security decryption or first hash check.   Isozaki discloses at paragraph 76 “The hash value verifying unit 370 performs a comparison operation to check whether or not the value stored in the hash value storing unit 311 is identical to a value stored in the expected value storing unit 360. Thus, the expected value storing unit 360 is used to store a value that the hash value verifying unit 370 uses in verifying the identicalness of values. In the expected value storing unit 360 is stored either one of the following two values: the value obtained at the time of manufacturing the information processing device 100 by calculating in advance the image of the non-secure OS unit 500 according to the abovementioned 200 or the secure OS unit 300 prior to the booting of the information processing device 100. Thus, in the case when the non-secure OS unit 500 is booted without being altered, the hash value is identical with the value stored in the expected value storing unit 360.”  Examiner submits that Isozakis calculation of a hash value and subsequent use to validate software is sufficient in terms of art to teach  “perform security verification on the mobile payment software after the processor loads the mobile payment software from the memory to the first storage, and instruct the processor to execute the mobile payment software after the security verification succeeds,  wherein the security verification comprises at least one of security decryption or first hash check.”

G. The Appellant states that Claim 28 is allowable over the combination of Pirzadeh and Isozaki because the combination of Pirzadeh and Isozaki does not disclose the limitations of claim 28.
The Examiner responds the dependent claim 28 is rejected  over the combination of Pirzadeh and Isozaki because dependent claim 28 depends from independent claim 1, which is rejected  for the reasons discussed above.
Examiner submits that the combination of Pirzadeh and Isozaki  discloses, wherein the processor is further configured to send update data or an erase instruction to the at least one CPU, and wherein the at least one CPU is further configured to: perform second hash operation processing on the update data or the erase instruction in a trusted execution environment using a key to obtain a processing result; and 9Atty. Docket: 4576-38900 (84439869US05) send the processing result to the memory, wherein the trusted execution environment is securely isolated from the general operating system software, and wherein the memory is further configured to: perform second hash check on the processing 370 performs a comparison operation to check whether or not the value stored in the hash value storing unit 311 is identical to a value stored in the expected value storing unit 360. Thus, the expected value storing unit 360 is used to store a value that the hash value verifying unit 370 uses in verifying the identicalness of values. In the expected value storing unit 360 is stored either one of the following two values: the value obtained at the time of manufacturing the information processing device 100 by calculating in advance the image of the non-secure OS unit 500 according to the abovementioned equation; and the value calculated in advance by the secure monitor unit 200 or the secure OS unit 300 prior to the booting of the information processing device 100. Thus, in the case when the non-secure OS unit 500 is booted without being altered, the hash value is identical with the value stored in the expected value storing unit 360.”.  Examiner submits that Isozakis calculation of a hash value and subsequent use to validate software is sufficient in terms of art to teach  “perform security verification on the mobile payment software after the processor loads the mobile payment software from the memory to the first storage, and instruct the processor to execute the mobile payment software after the security verification succeeds,  wherein the security verification comprises at least one of security decryption or first hash check.”  Examiner further notes that the claimed “second hash check” is merely a duplication of a claim element and as such does not have patentable weight. Mere duplication of parts has no patentable significance unless new and unexpected result is produced, In re Harza, 124 USPQ 378 (CCPA 1960)



For the above reasons, it is believed that the rejections should be sustained.
Respectfully submitted,

/JOHN M WINTER/            Examiner, Art Unit 3685                                                                                                                                                                                                        


Conferees:
/PATRICK MCATEE/            Supervisory Patent Examiner, Art Unit 3685                                                                                                                                                                                            
/STEVEN S KIM/            Primary Examiner, Art Unit 3685 
                                                                                                                                                                                           Requirement to pay appeal forwarding fee.  In order to avoid dismissal of the instant appeal in any application or ex parte reexamination proceeding, 37 CFR 41.45 requires payment of an appeal forwarding fee within the time permitted by 37 CFR 41.45(a), unless appellant had timely paid the fee for filing a brief required by 37 CFR 41.20(b) in effect on March 18, 2013.