DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 11/24/2020 has been entered.
 Response to Arguments
In response to the applicant’s arguments, see Applicant Arguments/Remarks Made in an Amendment, filed 11/24/2020, with respect to the rejection(s) of claim(s) 1-29 and 31, which are amended, have been fully considered and are persuasive. Therefore, the rejection has been withdrawn.  However, upon further consideration, a new ground(s) of rejection is made in view of Lewis et al. (US 20140331037 A1) in view of, where applicable, the previous reference(s). Lewis et al. resolves the deficiencies of the previous reference(s).
Examiner Notes
	Examiner believes an interview may progress prosecution of this application. Applicant is encouraged to request an interview if this would further prosecution.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:


The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claim(s) 1-16, 18-19, 21-29 and 31 is/are rejected under 35 U.S.C. 103 as being unpatentable over Pattar et al. (US 20110041003 A1), hereinafter Pattar in view of Lewis et al. (US 20140331037 A1), hereinafter Lewis.


Regarding claim 1, Pattar teaches a method comprising: 
	detecting, in a computing device (Fig. 10; 1005 H (e) NB, and [0003] “Home evolved node B (H(e)NB), known also as femtocells, are small, portable access points to 3G networks”), a failure of a trusted boot procedure of the computing device ([0090] “During the secure start-up process, when the device performs the local measurements of the components, the generated digest is compared with the values specified in the device configuration data sheet. If a mismatch occurs then it is construed as a failure of the device integrity validation”); and 
	in response to the detecting, transmitting a trust failure message via a network, wherein the trust failure message is generated, in the computing device (Fig. 19; 3 ‘INFORM (DISTRESS SIGNAL)” and [0098] “send a distress signal”), by utilizing a launch control policy of a trusted platform module ([0078] “Trusted Platform Module (TPM) on the verified platform”) to integrate the trust status of the computing device into the trust failure message ([0098] “The contents of the distress signal may be stored securely within the FBC on the device, or may be provisioned by the MNO and securely stored as part of the device configuration data sheet. The distress signal may contain an error code information element indicating the details of the device integrity check failure”).  

	Pattar does not teach a trust failure message without booting the computing device.

	Lewis teaches a trust failure message without booting the computing device (Fig. 2; 209->214 and [0022] “the signature match (step 209) does not succeed, then the boot sequence moves to the next boot option (step 213). If there are more boot options for the computing device (step 213), the sequence iterates and checks to see whether the Secure Boot configuration setting is enabled (step 207). If there are no more boot options, a boot failure has been experienced (step 214). Boot failure handling varies depending upon the computing device configuration, but a typical technique is to display an error message in response to the failure”).
	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to send a trust failure message without booting the device as taught by Lewis for reporting the failure messages of Pattar. One of ordinary skill in the art would have been motivated to prevent malicious attacks (Lewis [0005]).

	

Regarding to claim 2, Pattar in view of Lewis teaches the method of claim 1, wherein the trust failure message is pre- defined, hardcoded or generated in the computing device ([0098] “The contents of the distress signal may be stored securely within the FBC on the device”).
  
Regarding claim 3, Pattar in view of Lewis teaches the method of claim 1, wherein the trust failure message is transmitted, from the computing device, by utilizing a direct or broadcast protocol ([0098] “send a distress signal to a pre-designated H(e)MS”).
  
Regarding claim 4, Pattar in view of Lewis teaches the method of claim 1, wherein the failure of the trusted boot procedure is detected, in the computing device, by means of a trust measurement at a later stage of the boot procedure, such as by remote attestation ([0108] “In such later-stage checks, integrity of other components, configurations, or parameters of the rest of the H(e)NB may be checked when they are loaded or started, or at other, pre-defined run-time time events, wherever such are available to the measuring component”).  

Regarding claim 5, Pattar in view of Lewis teaches the method of claim 1, wherein the trust failure message is transmitted, from the computing device ([0098] “send a distress signal to a pre-designated H(e)MS”), via a management network (Fig. 12; 1205 H(E)NB -> 1230 H(E)MS).  

Regarding claim 6, Pattar in view of Lewis teaches the method of claim 1, wherein the failure of the trusted boot procedure is detected, in the computing device, based on a dynamic root of trust by carrying out trust measurements on the boot procedure at once ([0090] “During the secure start-up process, when the device performs the local measurements of the components, the generated digest is compared with the values specified in the device configuration data sheet. If a mismatch occurs then it is construed as a failure”).  

Regarding claim 7, Pattar in view of Lewis teaches the method of claim 1, wherein the failure of the trusted boot procedure is detected, in the computing device, based on a static root of trust by carrying out trust measurements on the boot procedure stage-by- stage as each lower layer is first measured and checked ([0099] “Root of Trust (RoT)” and [0108] “In such later-stage checks, integrity of other components, configurations, or parameters of the rest of the H(e)NB may be checked when they are loaded or started, or at other, pre-defined run-time time events, wherever such are available to the measuring component”).
  
Regarding claim 8, Pattar in view of Lewis teaches the method of claim 1, wherein the launch control policy is integrated into a cloud environment component (Fig. 12; 1205 H(E)NB).  

Regarding claim 9, Pattar in view of Lewis teaches the method of claim 1, wherein the trust failure message comprises an address of the computing device, such a MAC address or temporary IP address of the computing device ([0099] “The distress signal may contain any combination of information elements such as the Device ID”).  

Regarding claim 10, Pattar in view of Lewis teaches the method of claim 1, wherein the trust failure message comprises information on one or more of an identification -3-of a platform configuration register that failed the trust measurement, contents of the platform configuration register that failed the trust measurement, failed trust measurement results ([0098] “The distress signal may contain an error code information element indicating the details of the device integrity check failure”), ([0100] “The Device ID is a structure that may contain a manufacturer name; an organizationally unique identifier (OUI) of the device manufacturer; a ProductClass that may be utilized to indicate the class of product”), static root-of-trust status, and dynamic root-of-trust status.  

Regarding claim 11, Pattar in view of Lewis teaches the method of claim 1, wherein the method further comprises running, in the computing device, a launch control policy code for halting the trusted boot procedure at a selected stage ([0047] “severity 1 may be a failure of the module/function that results in high impact on the H(e)NB functionality and may warrant halting operation of the system”).  

Regarding claim 12, Pattar teaches a method comprising:

	receiving, at a network node (Fig. 12; 1230 H(E)MS), via a network, a trust failure message (Fig. 10; 3 “INFORM (DISTRESS SIGNAL)”), the trust failure message being generated in a computing device when detecting a failure of a trusted boot procedure of the computing device and by utilizing a launch control policy of a trusted platform module  ([0078] “Trusted Platform Module (TPM) on the verified platform”) to integrate the trust status of the computing device into the trust failure message  ([0098] “The contents of the distress signal may be stored securely within the FBC on the device, or may be provisioned by the MNO and securely stored as part of the device configuration data sheet. The distress signal may contain an error code information element indicating the details of the device integrity check failure”); and 
([0102] “The H(e)MS 1010 may invoke the RPC method download and provides the URL of the location of the firmware or software and the device configuration data sheet”).  

	Pattar does not teach a trust failure message without booting the computing device.

	Lewis teaches a trust failure message without booting the computing device (Fig. 2; 209->214 and [0022] “the signature match (step 209) does not succeed, then the boot sequence moves to the next boot option (step 213). If there are more boot options for the computing device (step 213), the sequence iterates and checks to see whether the Secure Boot configuration setting is enabled (step 207). If there are no more boot options, a boot failure has been experienced (step 214). Boot failure handling varies depending upon the computing device configuration, but a typical technique is to display an error message in response to the failure”).
	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to send a trust failure message without booting the device as taught by Lewis for reporting the failure messages of Pattar. One of ordinary skill in the art would have been motivated to prevent malicious attacks (Lewis [0005]).

Claims 13, 14, 15, 16, and 21 are methods directed to receiving at the network node (Fig. 12; 1230 H(E)MS) the messages from the computing device of claim 1, the limitations are substantially similar to claims 3, 5, 9, 10, and 11 respectively. Therefore claim 13, 14, 15, 16, and 21 are rejected for the same reasons as claims 3, 5, 9, 10, and 11, respectively.

Regarding claim 18, Pattar in view of Lewis teaches the method of claim 12, wherein the method further comprises, in the network node, checking and confirming the -5-failure of the trusted boot procedure by directly calling the computing device or by calling remote attestation (Fig. 13 A; 5F “Authentication Failed”).  

Regarding claim 19, Pattar in view of Lewis teaches the method of claim 12, wherein the reacting is directed to a component of the computing device, chosen depending upon at which stage the failure of the trusted boot procedure occurred ([0140] “During the secure start-up process if the stage 1 code and stage 2 code passes the integrity check and is loaded and executed and authentication is performed successfully, then the H(e)NB 1505 may communicate with the SeGW 1510 send the result of local integrity checks in the IKEv2 message (1). The H(e)NB 1505 sends a list of failed functionalities and the list of manufacturers specific error codes”) and/or which PCR register failed a trust measurement.
  
 
Regarding claim 22, Pattar in view of Lewis teaches the method of claim 12, wherein the reacting comprises pre-emptively denying communication with the computing device, other than communication related to remote attestation and/or failure diagnoses via a secured route ([0113] “If the authentication is successful, and a list of failed functionalities was included in the IKE_AUTH message, then the SeGW 1310 forwards the list of the failed functionalities along with the H(e)NB ID to the PVE 1315 (6). If the list is absent, an empty list is sent to the PVE 1315. Based on the list of the failed functionality, the PVE 1315 may decide on the actions to be taken, such as quarantine the device”).  

Claims 23 and 24 are an apparatus comprising a processor and a memory (Pattar Fig. 20; 1920) to perform the method of claims 1 and 2, respectively. Therefore claims 23 and 24 are rejected for the same reasons as claim 1 and 2.

Claims 25 and 26 are an apparatus comprising a processor and a memory (Pattar Fig. 20; 1920) to perform the method of claims 12 and 13, respectively. Therefore claims 25 and 26 are rejected for the same reasons as claim 12 and 13, respectively.

Claims 27 and 28 are a computer system (Pattar Fig. 12) to perform the method of claims 1 and 2, respectively. Therefore claims 27 and 28 are rejected for the same reasons as claim 1 and 2, respectively.

Claims 29 and 31 are a computer program product embodied on a non- transitory distribution medium readable by a computer for performing the method of claim 1. Therefore claims 29 and 31 are rejected for the same reasons as claim 1.

Claim 17 and 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Pattar in view of Lewis, and Giust et al. (US 20180351824 A1), hereinafter Giust.

Regarding claim 17, Pattar in view of Lewis teaches the method of claim 12.
	Pattar does not teach the specifics of wherein the method further comprises reporting the trust failure messages via an Or-Nf interface, Vi-So interface or Or-Vi interface to an orchestrator node.

(Fig. 2 “Or-Vi” and [0040] “enable the MANO orchestrator to provide information to the VAFM regarding service chains composed by virtual functions and MEC applications or other applications”).

	Pattar and Giust are analogous art because both are directed to the same field of endeavor or problem solving area of managing networked functions.

	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have used the Or-Vi interface as taught by Giust for reporting the failure messages of Pattar. One of ordinary skill in the art would have been motivated to follow the MANO framework standard and enable the MANO orchestrator to provide information (Giust [0008]).

Regarding claim 20, Pattar in view of Lewis teaches the method of claim 12, wherein the reacting comprises informing [a VNF manager] that selected functionalities of the computing device are unavailable.  
	Pattar does not teach a VNF manager.

	Giust teaches a VNF manager (Fig. 2; VNF Manager, and [0027] “management of the integrated service platform can be provided by a VNF Manager”)

	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have used the VNF Manager as taught by Giust for reporting the failure 
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHON G FOLEY whose telephone number is (469)295-9092.  The examiner can normally be reached on 10AM-6PM CT M-F.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, James Lee can be reached on (571) 270-5965.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/S.G.F./Examiner, Art Unit 3668                                                             
/JAMES J LEE/Supervisory Patent Examiner, Art Unit 3668