Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
2.	EXAMINER’S NOTE: The claims have been reviewed and considered under the new guidance pursuant to the 2019 Revised Patent Subject Matter Eligibility Guidance (PEG 2019) issued January 7, 2019.
3.	This communication is in response to Applicant’s amendment filed on 06 January 2021. Claims 3, 8, and 14 have been previously canceled. Claims 19-21 have been added. Claims 1, 3-7, 9-13, and 14-21 remain pending. 

Response to Arguments
4.	Applicant’s arguments, see pages 8-9, filed 06 January 2021, with respect to the rejection of claims 1, 3-7, 9-13, and 14-18 in view of Vepa et al. (Pub No. 2015/0089575), Jaber et al. (Pub No. 2010/0146582) and in further view of Rivera (Pub No. 2015/0019850) have been fully considered, but they are not persuasive.  
5.	In light of the previous 103 rejection, the Applicant contends that the cited prior art Vepa et al. nor Jaber et al. discloses, suggest, or teach the plurality of security blocks include trigger security blocks and action security blocks, the trigger security blocks and the action security blocks being selected from a pool of available triggers and actions for end user manipulation of the security policy. The Examiner respectfully disagrees and asserts that Jaber et al. discloses in para. 39-41 and 52-53, a plurality of security trigger blocks and action blocks based upon a security policy, within a user interface, a user creates a new security policy by selecting a "new security policy" option from a menu, clicking on a button, typing a command, or via any other user input 
5.	In light of the previous 103 rejection, the Applicant contends that the cited prior art Vepa et al., Jaber et al., nor Rivera discloses, suggest, or teach performing a policy injection operation, the policy injection operation being performed by a policy injection module, the policy injection operation injecting the security policy to a system of the 
6.	Therefore, the rejection of claims 1, 3-7, 9-13, and 15-21 are maintained in view of the reasons above and in view of the reasons below.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any 
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 3-7, 9-13, and 15-21 are rejected under 35 U.S.C. 103 as being obvious over Vepa et al. (Pub No. 2015/0089575) in view of Jaber et al. (Pub No. 2010/0146582) and in further view of Rivera (Pub No. 2015/0019850).
Referring to the rejection of claim 1, Vepa et al. discloses a computer-implementable method for performing a platform security operation, comprising: 
presenting a platform security user interface, the platform security user interface including a plurality of security blocks, each of the plurality of security blocks corresponding to a particular security policy function; (See Vepa et al., para. 126 and 185)
configuring a security policy via the platform security user interface, the configuring comprising combining a set of the security blocks according to a desired security function; (See Vepa et al., para. 108-113 and 127, 155)
converting the set of security blocks to information representing the security policy; (See Vepa et al., para. 140-147)

However, Vepa et al. does not explicitly disclose wherein the plurality of security blocks include trigger security blocks and action security blocks, the trigger security blocks and the action security blocks being selected from a pool of available triggers and actions for end user manipulation of the security policy. 
Jaber et al. discloses a method for enforcing an encryption security policy for an information handling system. 
Jaber et al. discloses and wherein the plurality of security blocks include trigger security blocks and action security blocks, the trigger security blocks and the action security blocks being selected from a pool of available triggers and actions for end user manipulation of the security policy. (See Jaber et al., para. 39-41 and 52-53)
The combination of Vepa et al. in view of Jaber et al. does not explicitly disclose the deploying comprising performing a policy injection operation, the policy injection operation being performed by a policy injection module, the policy injection operation injecting the security policy to a system of the information handling system, the system of the information handling system maintaining persistence of the security policy.
Rivera discloses a method for securing a computing system comprising a security policy platform. 
Rivera discloses the deploying comprising performing a policy injection operation, the policy injection operation being performed by a policy injection module, the policy injection operation injecting the security policy to a system of the information 
Therefore, it would’ve been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to combine Vepa et al.’s platform security for a global policy store for multiple user applications and Jaber et al.’s method for enforcing an encryption security policy for an information handling system modified with Rivera’s method for securing a computing system comprising a security policy platform. Motivation for such an implementation would enable a security policy enforced for user interfaces wherein one or more enabling or disabling trigger events can be performed within an HIS. (See Jaber et al., para. 22) Motivation for such an implementation would enable a security policy loaded into the firmware of a computing system for preventing against unauthorized code execution within a system management mode (SMM). (See Rivera, para. 20)

Referring to the rejection of claims 3, 9, and 15, (Vepa et al. and Jaber et al. modified by Rivera) discloses wherein: the trigger security blocks and the action security blocks are presented as "if... do" type programming statements. (See Vepa et al., para. 91-93)

Referring to the rejection of claims 4, 10, and 16, (Vepa et al. and Jaber et al. modified by Rivera) discloses wherein: converting the set of security blocks provides scripting logic representing the security policy, the scripting logic being configured to be 

Referring to the rejection of claims 5, 11, and 17, (Vepa et al. and Jaber et al. modified by Rivera) discloses wherein: the deploying the security policy is via at least one of a variable methodology, an attribute methodology and a setting methodology. (See Vepa et al., para. 37-38 and 97)

Referring to the rejection of claims 6, 12, and 18, (Vepa et al. and Jaber et al. modified by Rivera) discloses wherein: the system of the information handling system comprises a basic input output system (BIOS) and the security policy is injected to the basic input output system (BIOS) of the information handling system. (See Vepa et al., para. 202 and Rivera, para. 32 and 50)
The rationale for combining Vepa et al. and Jaber et al. in view of Rivera is the same as claim 1.
Referring to the rejection of claim 7, (Vepa et al. and Jaber et al. modified by Rivera) discloses a system comprising: 
a processor; (See Vepa et al., para. 194)
a data bus coupled to the processor; (See Vepa et al., para. 194-195)
and a non-transitory, computer-readable storage medium embodying computer program code, the non-transitory, computer-readable storage medium being coupled to the data bus, the computer program code interacting with a plurality of computer 
presenting a platform security user interface, the platform security user interface including a plurality of security blocks, each of the plurality of security blocks corresponding to a particular security policy function; (See Vepa et al., para. 126 and 185)
configuring a security policy via the platform security user interface, the configuring comprising combining a set of the security blocks according to a desired security function; (See Vepa et al., para. 108-113 and 127)
converting the set of security blocks to information representing the security policy; (See Vepa et al., para. 140-147)
and, deploying the security policy to an information handling system. (See Vepa et al., para. 176 and 178)
However, Vepa et al. does not explicitly disclose wherein the plurality of security blocks include trigger security blocks and action security blocks, the trigger security blocks and the action security blocks being selected from a pool of available triggers and actions for end user manipulation of the security policy. 
Jaber et al. discloses a method for enforcing an encryption security policy for an information handling system. 
Jaber et al. discloses and wherein the plurality of security blocks include trigger security blocks and action security blocks, the trigger security blocks and the action security blocks being selected from a pool of available triggers and actions for end user manipulation of the security policy. (See Jaber et al., para. 39-41 and 52-53)

Rivera discloses a method for securing a computing system comprising a security policy platform. 
Rivera discloses the deploying comprising performing a policy injection operation, the policy injection operation being performed by a policy injection module, the policy injection operation injecting the security policy to a system of the information handling system, the system of the information handling system maintaining persistence of the security policy. (See Rivera, Fig. 8)
The rationale for combining Vepa et al. and Jaber et al. in view of Rivera is the same as claim 1.

Referring to the rejection of claim 13, (Vepa et al. and Jaber et al. modified by Rivera) discloses a non-transitory, computer-readable storage medium embodying computer program code, the computer program code comprising computer executable instructions configured for: 
presenting a platform security user interface, the platform security user interface including a plurality of security blocks, each of the plurality of security blocks corresponding to a particular security policy function; (See Vepa et al., para. 126 and 185)

converting the set of security blocks to information representing the security policy; (See Vepa et al., para. 140-147)
and, deploying the security policy to an information handling system. (See Vepa et al., para. 176 and 178)
However, Vepa et al. does not explicitly disclose wherein the plurality of security blocks include trigger security blocks and action security blocks, the trigger security blocks and the action security blocks being selected from a pool of available triggers and actions for end user manipulation of the security policy. 
Jaber et al. discloses a method for enforcing an encryption security policy for an information handling system. 
Jaber et al. discloses and wherein the plurality of security blocks include trigger security blocks and action security blocks, the trigger security blocks and the action security blocks being selected from a pool of available triggers and actions for end user manipulation of the security policy. (See Jaber et al., para. 39-41 and 52-53)
The combination of Vepa et al. in view of Jaber et al. does not explicitly disclose the deploying comprising performing a policy injection operation, the policy injection operation being performed by a policy injection module, the policy injection operation injecting the security policy to a system of the information handling system, the system of the information handling system maintaining persistence of the security policy.

Rivera discloses the deploying comprising performing a policy injection operation, the policy injection operation being performed by a policy injection module, the policy injection operation injecting the security policy to a system of the information handling system, the system of the information handling system maintaining persistence of the security policy. (See Rivera, Fig. 8)
The rationale for combining Vepa et al. and Jaber et al. in view of Rivera is the same as claim 1.

Referring to the rejection of claim 19, (Vepa et al. and Jaber et al. modified by Rivera) discloses wherein: the security policy is injected to the basis input output system (BIOS) of the information handling system via at least one of a natively spawned option and a manual option, the policy being automatically injected into the BIOS with the natively spawned option, the policy being injected into the BIOS by importing a policy file with the manual option. (See Rivera, para. 50)
The rationale for combining Vepa et al. and Jaber et al. in view of Rivera is the same as claim 1.

Referring to the rejection of claim 20, (Vepa et al. and Jaber et al. modified by Rivera) discloses wherein: the policy injection module includes at least one of a kernel mode driver and a BIOS access library. (See Rivera, para. 32, 41 and 50)


Referring to the rejection of claim 21, (Vepa et al. and Jaber et al. modified by Rivera) discloses wherein: the BIOS includes a policy monitoring and enforcement portion, the policy monitoring and enforcement portion providing a manufacturer specific operation of a system management mode (SMM) of a uniform extensible firmware interface (UEFI). (See Rivera, para. 24-25 and 31)
The rationale for combining Vepa et al. and Jaber et al. in view of Rivera is the same as claim 1.

Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to COURTNEY D FIELDS whose telephone number is (571)272-3871.  The examiner can normally be reached on IFP M-F 8am-4:30pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, SHEWAYE GELAGAY can be reached on (571)272-4219.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.








/KENDALL DOLLY/Primary Examiner, Art Unit 2436