DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Specification
The disclosure is objected to because of the following informalities:  
In ¶¶ 27-28, the paragraphs contains “IP agent(s) 330”, which are not found in the drawings.  Please note that ¶21 of the specification and FIG. 2 of the drawings show “interconnect protocol (IP) agents 230”.
Appropriate correction is required.

Claim Objections
Claims 1, 3, 8, 9, 14-15, and 18-20 are objected to because of the following informalities:
In claim 1, line 7, “an alias checking process on for each of the plurality of IP agents” may be amended to “an alias checking process for each of the plurality of IP agents” to correct a typographical error.  (Emphasis added.)
In claim 3, line 2, “a plurality of IP agents” may be amended to “the plurality of IP agents” to follow proper antecedent basis.  (Emphasis added.)
In claim 8, lines 1-2, “the results of the attestation” may be amended to “results of the attestation” to correct a grammatical error since “results” is first introduced in the claim.  (Emphasis added.)
In claim 8, lines 1-2, “the attestation” may be amended to “the attestation process” to follow proper antecedent basis.  (Emphasis added.)
In claim 9, lines 3-4, “Basic Input/output System (BIOS) firmware” may be amended to “a Basic Input/output System (BIOS) firmware” to correct a grammatical error because an article is required since “Basic Input/output System (BIOS) firmware” is first introduced in the claim.  (Emphasis added.)
In claim 9, line 5, “boot firmware” may be amended to “a boot firmware” to correct a grammatical error because an article is required since “boot firmware” is first introduced in the claim.  (Emphasis added.)
In claim 15, line 11, “a memory map” may be amended to “the memory map” to follow proper antecedent basis.  (Emphasis added.)
In claim 18, line 2, “the processor device” may be amended to “the processor” to follow proper antecedent basis.  (Emphasis added.)
In claim 19, line 2, “the host device” may be amended to “the processor” to follow proper antecedent basis.  (Emphasis added.)
In claim 20, line 1, “The apparatus” may be amended to “the computing device” to follow proper antecedent basis.  (Emphasis added.)
Other claims (e.g., claim 14, lines 1-2; claim 15, lines 4 and 10; etc.) with informalities that are the same as those above and not included here should be amended due to the same reasons set forth above.


Claim Interpretation
The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof. 

The following is a quotation of pre-AIA  35 U.S.C. 112, sixth paragraph:
An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.

The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art.  The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the description in the specification when 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is invoked. 
As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph:
(A)	the claim limitation uses the term “means” or “step” or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function; 

(C)	the term “means” or “step” or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function. 
Use of the word “means” (or “step”) in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites sufficient structure, material, or acts to entirely perform the recited function. 
Absence of the word “means” (or “step”) in a claim creates a rebuttable presumption that the claim limitation is not to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is not interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites function without reciting sufficient structure, material or acts to entirely perform the recited function. 
Claim limitations in this application that use the word “means” (or “step”) are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. Conversely, claim limitations in this application that do not use the word “means” (or “step”) are not being interpreted under 
This application includes one or more claim limitations that do not use the word “means”, but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, because the claim limitation(s) uses a generic placeholder that is coupled with functional language without reciting sufficient structure to perform the recited function and the generic placeholder is not preceded by a structural modifier.  Such claim limitation is:
“a plurality of interconnect protocol (IP) agents” in claims 1, 3, and 20; and
“a fabric interface” in claims 15 and 20.
The Examiner has noted that the written description in paragraphs [0021]-[0022] of the specification is pertinent to a corresponding structure of the claim limitation.
The term “interface” in these claim limitations is interpreted to include different types of interfacing that occur on different levels, ranging from highly visible user interfaces to hardware interfaces.  (See Computer Dictionary, 1994, Microsoft Press, 2nd Edition, p. 218)  Since the user interfaces may be software (e.g., command-line interface, menu-based interface, graphical interface, etc.), the term “interface” in these claim limitations is a nonce or a non-structural term, which relates to one of factors considered for the three-prong test for claim interpretation under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph.
Because these claim limitations are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, they are being interpreted to cover the 
If applicant does not intend to have these limitations interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, applicant may:  (1) amend the claim limitation(s) to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph (e.g., by reciting sufficient structure to perform the claimed function); or (2) present a sufficient showing that the claim limitation(s) recite(s) sufficient structure to perform the claimed function so as to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:

2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claims 1-20, as best thought and understood, are rejected under 35 U.S.C. 103 as being unpatentable over Moran et al. (US 2005/0086508 A1), hereinafter “Moran”, in view of Shivanna et al. (US 2018/0025150 A1), hereinafter “Shivanna”.

	Regarding claim 1, Moran teaches:
An apparatus to facilitate memory map security in a system on chip (SOC), comprising:  
a memory device (FIG. 6; “[0028] … main memory 630”); 
a plurality of interconnect protocol (IP) agents configured to access the memory device (FIG. 6; “[0029] … For example, in one embodiment, main memory 630, processor 610, and device A are trusted agents, while device B and device C are non-trusted agents”; “[0028] … The system 600 includes a processor 610, a MCH 620, a main memory 630, and a number of peripheral devices 640. … main memory 630 includes a random access memory (RAM), or other dynamic storage device, such as, for example, a dynamic random access memory (DRAM), to store data and instructions to be executed by processor 610. The data and instructions are routed between processor 610, main memory 630, and other peripheral devices 640 via MCH 620”; a plurality of interconnect protocol (IP) agents is considered to include the peripheral ; and 
a micro controller to receive a request to grant a host device access to the memory device and perform an alias checking process on for each of the plurality of IP agents to verify accuracy of a memory map of the memory device (FIGs. 2, 6; “[0005] An existing address decoder in a MCH is shown in FIG. 2. The address decoder includes a number of address comparators 210 connected in parallel. Each comparator compares the destination address of the data with an address range of a device within the system. … The address range of the main memory is represented by cfg_bitsN 209. If the destination address falls within the address range of a device, the corresponding comparator outputs a signal to enable the MCH to route the data to the device”; “[0028] … The system 600 includes a processor 610, a MCH 620, a main memory 630, and a number of peripheral devices 640. … main memory 630 includes a random access memory (RAM), or other dynamic storage device, such as, for example, a dynamic random access memory (DRAM), to store data and instructions to be executed by processor 610. The data and instructions are routed between processor 610, main memory 630, and other peripheral devices 640 via MCH 620”; “[0029] … MCH 620 includes a priority address decoder 622 and a set of configuration registers 624 to route data between the devices of computer system 600”; Note that the cfg_bitsN 209 (or the configuration registers 624) of the MCH 620 allows the processor 610 to access the main memory 630 if the destination address falls within the address range of the main memory 630).  

	Moran does not teach a micro controller to receive a request to grant a host device access to the memory device and perform an alias checking process on for each of the plurality of IP agents to verify accuracy of a memory map of the memory device.

	However, Shivanna teaches:
a micro controller to receive a request to grant a host device access to the memory device and perform an alias checking process on for each of the plurality of IP agents to verify accuracy of a memory map of the memory device (FIG. 1; “[0018] As used herein, the boot firmware engine of the computing device may be any combination of hardware and programming to implement the functionalities of a boot firmware such as the BIOS or the United Extensible Firmware Interface (UEFI). In some examples, the functionalities of the boot firmware engine may be at least partially implemented in the form of electronic circuitry.”; “[0019] … Each one of the manageability hardware components 101 a-101N comprises a bus configuration space 103-104 … the bus configuration space 103-104 of each manageability hardware component 101 a-101N comprises memory map registers 105-106 through which the OS components 107 a-107N, such as OS drivers, OS application or OS utilities that are run on-demand, may access the manageability hardware components 101 a-101N … Each one of the OS components 107 a-107N comprises a corresponding OS component authentication module 108 a-108N that communicates with a boot firmware authentication module 110 in the boot firmware engine 109 of the computing device 100 to verify and authenticate the OS components 107 a-107N … Once the enumeration check the addresses pointing to the memory map registers 105-106 of the enumerated manageability hardware components 101 a-101N and reprogram the addresses of the memory map registers 105-106 to an encrypted, encoded or transposed address using a random key that is generated at every booting process”; “[0023] Once one of the OS components 107 a-107N [host device], for example OS component 107 a, request access to one of the manageability hardware components 101 a-101N, for example manageability hardware component 101 a, and the boot firmware authentication module 110 verifies and authenticates the OS component 107 a, the boot firmware engine 109 may unlock the bus configuration space 103 of the manageability hardware component 101 a by setting its attribute as Read/Write, re-program the memory map registers 105 with a proper address that was stored during the enumeration process and re-lock the bus configuration space 103 by setting its attribute as Read-Only or Hide. This may provide full access to the manageability functions of the manageability hardware component 101 a to the authorized OS component 107 a”; note that a micro controller is considered to be the hardware or the electronic circuitry that controls the functionalities of a boot firmware such as the BIOS or the United Extensible Firmware Interface (UEFI) of the boot firmware engine; the memory device is considered to be a memory component that contains the bus configuration space 103/104 with the memory map register 105/106; a memory map is considered to be a mapping of the addresses pointing to the memory map registers 105-106 of the enumerated manageability hardware components 101 a-101N).  

 to provide a computer system having data security of Moran, with a system of Shivanna having a boot firmware engine of a computing device that enumerates manageability hardware components.  Doing so with the system of Moran would provide a solution that protect the manageability hardware components of the computing device from unauthorized accesses by PDoS attacks, OS malwares, root kits and badly written/misbehaving device components during the booting process and during runtime of the computing devices by authorizing on-demand access to the manageability hardware components to those OS components previously verified and authorized by the boot firmware engine of the computing device.  (Shivanna, [0012])

Regarding claims 9 and 15, the claimed method and the claimed device comprise substantially the same steps or elements as those in claim 1.  Accordingly, the claims are also rejected for the same reasons as set forth for those in claim 1 above.

Further regarding claim 15, Moran further teaches:
a fabric interface coupled between the processor, the memory device and the BIOS firmware (“[0003] The MCH in the computer system allows software to allocate memory space in a memory map for various devices in the computer system. When the computer system is initialized, the basic input/output software (BIOS) programs a set of configuration registers in the MCH to define a memory map for the computer system”; “[0028] FIG. 6 shows an exemplary embodiment of a computer fabric interface is considered to be interfaces between the processor 610, the MCH 620 with the BIOS, and the main memory 630 as shown in FIG. 6); and 

Further regarding claim 15, Moran further teaches:
a micro controller coupled to the fabric interface (FIG. 1; “[0019] … The boot firmware engine 109 also comprises a boot firmware enumerator 111 that carry out an enumeration process to identify the topology of the manageability hardware subsystem that includes all the manageability hardware components 101 a-101N. During the enumeration process, the boot firmware engine 109 may store a list of addresses pointing to the memory map registers 105-106 of the enumerated manageability hardware components 101 a-101N, said manageability hardware components 101 a-101N being accessible to the OS components 107 a-107N”; a micro controller is considered to be the hardware or the electronic circuitry that controls the functionalities of a boot firmware such as the BIOS or the United Extensible Firmware Interface (UEFI) of the boot firmware engine; the fabric interface is considered to be the interfaces coupled to the boot firmware engine 109, the manageability hardware components 101 a-101N, and the OS components 107 a-107N as shown in FIG. 1).  
	
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Moran to incorporate the teachings of Shivanna to provide a computer system having data  having a boot firmware engine of a computing device that enumerates manageability hardware components.  Doing so with the system of Moran would provide a solution that protect the manageability hardware components of the computing device from unauthorized accesses by PDoS attacks, OS malwares, root kits and badly written/misbehaving device components during the booting process and during runtime of the computing devices by authorizing on-demand access to the manageability hardware components to those OS components previously verified and authorized by the boot firmware engine of the computing device.  (Shivanna, [0012])

	Regarding claim 2, the combination of Moran teaches the apparatus of claim 1.

Shivanna further teaches:
wherein the micro controller locks registers associated with the memory map (FIG. 1; “[0020] The manageability hardware components 101 a-101N may also comprise registers (not shown in the figure), for example architected registers, to set attributes to hardware features that are mapped to the memory map register of the bus configuration spaces 103-104. The architected registers are programmable registers that are architected for the purpose of controlling access to a specific functionality of the particular manageability hardware component. These attributes, that are stored in the memory map register 105-106 of each manageability hardware components 101 a-101N, may be Read-Only, Read/Write or Hide. The attributes may be used to lock the bus configuration space 103-104 of the manageability hardware components 101 a-memory map is considered to be a mapping of the addresses pointing to the memory map registers 105-106 of the enumerated manageability hardware components 101 a-101N).  

	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Moran to incorporate the teachings of Shivanna to provide a computer system having data security of Moran, with a system of Shivanna having a boot firmware engine that uses attributes to lock the bus configuration space 103-104 of the manageability hardware components 101 a-101N.  Doing so with the system of Moran would provide a solution that protect the manageability hardware components of the computing device from unauthorized accesses by PDoS attacks, OS malwares, root kits and badly written/misbehaving device components during the booting process and during runtime of the computing devices by authorizing on-demand access to the manageability hardware components to those OS components previously verified and authorized by the boot firmware engine of the computing device.  (Shivanna, [0012])

Regarding claim 10, the claimed method comprises substantially the same steps or elements as those in claim 2.  Accordingly, the claim is also rejected for the same reasons as set forth for those in claim 2 above.

	Regarding claim 3, the combination of Moran teaches the apparatus of claim 2.


a Basic Input/output System (BIOS) firmware to program the memory map for a plurality of IP agents (FIG. 6; “[0003] The MCH in the computer system allows software to allocate memory space in a memory map for various devices in the computer system. When the computer system is initialized, the basic input/output software (BIOS) programs a set of configuration registers in the MCH to define a memory map for the computer system”; “[0029] … For example, in one embodiment, main memory 630, processor 610, and device A are trusted agents, while device B and device C are non-trusted agents”; “[0028] … The system 600 includes a processor 610, a MCH 620, a main memory 630, and a number of peripheral devices 640. … main memory 630 includes a random access memory (RAM), or other dynamic storage device, such as, for example, a dynamic random access memory (DRAM), to store data and instructions to be executed by processor 610. The data and instructions are routed between processor 610, main memory 630, and other peripheral devices 640 via MCH 620”; a plurality of interconnect protocol (IP) agents is considered to include the peripheral devices 640 that access data and instructions stored in the main memory 630 since data and instructions are routed between the main memory 630 and the peripheral devices 640 via the MCH 620).  

	Regarding claim 4, the combination of Moran teaches the apparatus of claim 3.

Shivanna further teaches:
wherein the micro controller further performs an attestation process to verify the integrity of the memory map (“[0020] The manageability hardware components 101 a-101N may also comprise registers (not shown in the figure), for example architected registers, to set attributes to hardware features that are mapped to the memory map register of the bus configuration spaces 103-104. The architected registers are programmable registers that are architected for the purpose of controlling access to a specific functionality of the particular manageability hardware component. These attributes, that are stored in the memory map register 105-106 of each manageability hardware components 101 a-101N, may be Read-Only, Read/Write or Hide. The attributes may be used to lock the bus configuration space 103-104 of the manageability hardware components 101 a-101N by setting the attributes as Read-Only or Hide”; “[0023] Once one of the OS components 107 a-107N, for example OS component 107 a, request access to one of the manageability hardware components 101 a-101N, for example manageability hardware component 101 a, and the boot firmware authentication module 110 verifies and authenticates the OS component 107 a, the boot firmware engine 109 may unlock the bus configuration space 103 of the manageability hardware component 101 a by setting its attribute as Read/Write, re-program the memory map registers 105 with a proper address that was stored during the enumeration process and re-lock the bus configuration space 103 by setting its attribute as Read-Only or Hide. This may provide full access to the manageability functions of the manageability hardware component 101 a to the authorized OS component 107 a”; note that an attestation process is considered to be a process in which the boot firmware engine 109 locks the bus configuration space 103-104 by integrity of the memory map is verified since a proper address is programmed to provide full access to the manageability functions of the manageability hardware component 101 a to the authorized OS component 107 a).  

	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Moran to incorporate the teachings of Shivanna to provide a computer system having data security of Moran, with a system of Shivanna having a boot firmware engine that uses attributes to lock the bus configuration space 103-104 of the manageability hardware components 101 a-101N.  Doing so with the system of Moran would provide a solution that protect the manageability hardware components of the computing device from unauthorized accesses by PDoS attacks, OS malwares, root kits and badly written/misbehaving device components during the booting process and during runtime of the computing devices by authorizing on-demand access to the manageability hardware components to those OS components previously verified and authorized by the boot firmware engine of the computing device.  (Shivanna, [0012])



	Regarding claim 5, the combination of Moran teaches the apparatus of claim 4.

Shivanna further teaches:
wherein the micro controller permits the host device to access the memory device upon a determination that the integrity has been verified (“[0023] Once one of the OS components 107 a-107N, for example OS component 107 a, request access to one of the manageability hardware components 101 a-101N, for example manageability hardware component 101 a, and the boot firmware authentication module 110 verifies and authenticates the OS component 107 a, the boot firmware engine 109 may unlock the bus configuration space 103 of the manageability hardware component 101 a by setting its attribute as Read/Write, re-program the memory map registers 105 with a proper address that was stored during the enumeration process and re-lock the bus configuration space 103 by setting its attribute as Read-Only or Hide. This may provide full access to the manageability functions of the manageability hardware component 101 a to the authorized OS component 107 a [host device]”; note that once the integrity of the memory map is verified with the authentication and a proper address programmed, full access is provided to the manageability functions of the manageability hardware component 101 a to the authorized OS component 107 a [host device]; the memory device is considered to be a memory component that contains the bus configuration space 103/104 with the memory map register 105/106).  

	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Moran to incorporate the teachings of Shivanna to provide a computer system having data security of Moran, with a system of Shivanna having a boot firmware engine that uses attributes to lock the bus configuration space 103-104 of the manageability hardware components 101 a-101N and a boot firmware authentication module 110 that verifies and authenticates the OS component 107 a.  Doing so with the system of Moran would provide a solution that protect the manageability hardware components of the computing device from unauthorized accesses by PDoS attacks, OS malwares, root kits and badly written/misbehaving device components during the booting process and during runtime of the computing devices by authorizing on-demand access to the manageability hardware components to those OS components previously verified and authorized by the boot firmware engine of the computing device.  (Shivanna, [0012])

Regarding claims 11 and 17, the claimed method and the claimed device comprise substantially the same steps or elements as those in claim 5.  Accordingly, the claims are also rejected for the same reasons as set forth for those in claim 5 above.

Regarding claim 6, the combination of Moran teaches the apparatus of claim 5.


wherein the micro controller blocks access to the host device upon a determination that the integrity has not been verified (“[0021] The modification of the bus configuration spaces 103-104 is blocked by setting their attributes to Read-Only or Hide on the manageability hardware components 101 a-101N. Any writing operation to this encrypted/transposed/obfuscated bus configuration spaces 103-104, will result in a system exception.”; “[0023] Once one of the OS components 107 a-107N, for example OS component 107 a, request access to one of the manageability hardware components 101 a-101N, for example manageability hardware component 101 a, and the boot firmware authentication module 110 verifies and authenticates the OS component 107 a, the boot firmware engine 109 may unlock the bus configuration space 103 of the manageability hardware component 101 a by setting its attribute as Read/Write, re-program the memory map registers 105 with a proper address that was stored during the enumeration process and re-lock the bus configuration space 103 by setting its attribute as Read-Only or Hide. This may provide full access to the manageability functions of the manageability hardware component 101 a to the authorized OS component 107 a [host device]”; note that the integrity of the memory map is verified after the authentication completes and the proper address is programmed; when the integrity of the memory map is not verified, full access to the manageability functions of the manageability hardware component 101 a to the authorized OS component 107 a [host device] is not provided [i.e., blocked] because the authentication is not completed and the proper address has not been programmed yet).  

	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Moran to incorporate the teachings of Shivanna to provide a computer system having data security of Moran, with a system of Shivanna having a boot firmware engine that uses attributes to lock the bus configuration space 103-104 of the manageability hardware components 101 a-101N and a boot firmware authentication module 110 that verifies and authenticates the OS component 107 a.  Doing so with the system of Moran would provide a solution that protect the manageability hardware components of the computing device from unauthorized accesses by PDoS attacks, OS malwares, root kits and badly written/misbehaving device components during the booting process and during runtime of the computing devices by authorizing on-demand access to the manageability hardware components to those OS components previously verified and authorized by the boot firmware engine of the computing device.  (Shivanna, [0012])

Regarding claims 12 and 18, the claimed method and the claimed device comprise substantially the same steps or elements as those in claim 6.  Accordingly, the claims are also rejected for the same reasons as set forth for those in claim 6 above.

Regarding claim 7, the combination of Moran teaches the apparatus of claim 6.

Shivanna further teaches:
wherein the micro controller blocks access to the host device via a hardware locking mechanism (“[0020] The manageability hardware components 101 a-101N may also comprise registers (not shown in the figure), for example architected registers, to set attributes to hardware features that are mapped to the memory map register of the bus configuration spaces 103-104. The architected registers are programmable registers that are architected for the purpose of controlling access to a specific functionality of the particular manageability hardware component. These attributes, that are stored in the memory map register 105-106 of each manageability hardware components 101 a-101N, may be Read-Only, Read/Write or Hide. The attributes may be used to lock the bus configuration space 103-104 of the manageability hardware components 101 a-101N by setting the attributes as Read-Only or Hide”; “[0023] Once one of the OS components 107 a-107N, for example OS component 107 a, request access to one of the manageability hardware components 101 a-101N, for example manageability hardware component 101 a, and the boot firmware authentication module 110 verifies and authenticates the OS component 107 a, the boot firmware engine 109 may unlock the bus configuration space 103 of the manageability hardware component 101 a by setting its attribute as Read/Write, re-program the memory map registers 105 with a proper address that was stored during the enumeration process and re-lock the bus configuration space 103 by setting its attribute as Read-Only or Hide. This may provide full access to the manageability functions of the manageability hardware component 101 a to the authorized OS component 107 a [host device]”; note that a hardware locking mechanism is considered to be using the attributes stored in the architected (hardware) registers to lock the bus configuration .  

	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Moran to incorporate the teachings of Shivanna to provide a computer system having data security of Moran, with a system of Shivanna having a boot firmware engine that uses attributes stored in the architected (hardware) registers to lock the bus configuration space 103-104 of the manageability hardware components 101 a-101N and a boot firmware authentication module 110 that verifies and authenticates the OS component 107 a.  Doing so with the system of Moran would provide a solution that protect the manageability hardware components of the computing device from unauthorized accesses by PDoS attacks, OS malwares, root kits and badly written/misbehaving device components during the booting process and during runtime of the computing devices by authorizing on-demand access to the manageability hardware components to those OS components previously verified and authorized by the boot firmware engine of the computing device.  (Shivanna, [0012])

Regarding claims 13 and 19, the claimed method and the claimed device comprise substantially the same steps or elements as those in claim 7.  Accordingly, the claims are also rejected for the same reasons as set forth for those in claim 7 above.

Regarding claim 8, the combination of Moran teaches the apparatus of claim 4.

Shivanna further teaches:
wherein the micro controller publishes the results of the attestation to the BIOS firmware (“[0023] Once one of the OS components 107 a-107N [host device], for example OS component 107 a, request access to one of the manageability hardware components 101 a-101N, for example manageability hardware component 101 a, and the boot firmware authentication module 110 verifies and authenticates the OS component 107 a, the boot firmware engine 109 [BIOS firmware] may unlock the bus configuration space 103 of the manageability hardware component 101 a by setting its attribute as Read/Write, re-program the memory map registers 105 with a proper address that was stored during the enumeration process and re-lock the bus configuration space 103 by setting its attribute as Read-Only or Hide”; note that the attributes stored in the architected (hardware) registers to lock and unlock the bus configuration space 103-104 is considered to be used to publish the results of the attestation to the boot firmware engine 109 [BIOS firmware], similar to the description of paragraph [0031] of Applicant’s specification).  

	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Moran to incorporate the teachings of Shivanna to provide a computer system having data security of Moran, with a system of Shivanna having a boot firmware engine that uses attributes stored in the architected (hardware) registers to lock the bus configuration space 103-104 of the manageability hardware components 101 a-101N and a boot 

Regarding claim 14, the claimed method comprises substantially the same steps or elements as those in claim 8.  Accordingly, the claim is also rejected for the same reasons as set forth for those in claim 8 above.

Regarding claim 20, the combination of Moran teaches the apparatus of claim 15.
	
Moran further teaches:
the plurality of IP agents coupled to the fabric interface (FIG. 6; “[0028] FIG. 6 shows an exemplary embodiment of a computer system 600. The system 600 includes a processor 610, a MCH 620, a main memory 630, and a number of peripheral devices 640”; note that the fabric interface is considered to include the interface coupled between the MCH 620 and the peripheral devices 640 [IP agents] as shown in FIG. 6).

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Tong B Vo whose telephone number is (571)272-7568.  The examiner can normally be reached on M-F 8:00 AM - 4:00 PM EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Charles Rones can be reached on (571)272-4085.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/T.B.V./Patent Examiner, Art Unit 2136