DETAILED ACTION
	 This Office Action is in response to the amendment filed on 02/19/2021. Claim 18 has been amended. Claims 11-18 are presented for examination on the merits.
Notice of Pre-AIA  or AIA  Status

 	The present application is being examined under the first inventor to file provisions of the AIA .
Response to Arguments

1.	With regards to the rejection under 35 U.S.C. § 112(a) and §112(b), Applicants arguments have been considered and are persuasive. As such, the Examiner hereby withdraws the rejections under 35 U.S.C. §112(a) and §112(b).

2.  	With regards to the rejection under 35 USC § 103(a), Applicant’s arguments in pages 24-27 of the remarks filed on 02/19/2021 is acknowledged. In light of Applicant’s remarks and Examiner’s newly performed search/consideration, the rejection to dependent claims 12, 14, 15 and 17-18 have been withdrawn. Therefore, dependent claims 12, 14, 15 and 17-18 would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims. 
 	However, after careful review, the rejection under 35 U.S.C. 103(a) to claims 11, 13, and 16 are maintained for the reasons specified in the rejection below.




3.  	With regards to claims 11-18 rejected under 35 USC § 103, Applicant’s amendments to the claims are acknowledged. 
	Regarding claim amendments corresponding to the rejection under 35 U.S.C. 103(a), applicant argues, for example:
 	“The Office Action's assertion is not sufficient to establish a prima facie 
determination of obviousness. In sustaining a holding of non-obviousness, the Federal Circuit has stated that: 
"Obviousness requires more than a mere showing that the prior art includes separate references covering each separate limitation in a claim under examination." Unigene Lab., Inc. v. Apotex, Inc., ____ F.3d ____ (Fed. Cir. 2011) (Rader, C.J.). 

Further, a determination of obviousness must be based on articulated reasoning, not conclusory statements. The Federal Circuit has stated that: 

"rejections on obviousness cannot be sustained with mere conclusory statements;  instead, there must be some articulated reasoning with some rational underpinning to support the legal conclusion of obviousness." In re Kahn, 441 F.3d 977, 988, 78 USPQ2d 1329, 1336 (Fed. Cir. 2006). See also KSR, 550 U.S. at ___ 2 USPQ2d 
    PNG
    media_image1.png
    23
    25
    media_image1.png
    Greyscale
at 1396 (quoting Federal Circuit statement 
 	with approval).”

 	The Examiner respectfully disagrees and points out that Cope et al. does not change the principle of operation of the primary reference or render the reference inoperable for its intended purpose. See MPEP § 2143.01. The test for obviousness is not whether the features of a secondary reference may be bodily incorporated into the structure of the primary reference Winslow. Rather, the test is what the combined teachings of those references would have suggested to those of ordinary skill in the art.” In re Keller, 642 F.2d 413, 425, 208 USPQ 871, 881 (CCPA 1981). See also In re Sneed, 710 F.2d 1544, 1550, 218 USPQ 385, 389 (Fed. Cir. 1983). It is not necessary 
 	Combining the teachings of references Winslow and Cope does not involve an ability to combine their specific structures. Thus, one cannot show nonobviousness by attacking references individually where the rejections are based on combinations of references.  See In re Keller, 642 F.2d 413, 208 USPQ 871 (CCPA 1981); In re Merck & Co., 800 F.2d 1091, 231 USPQ 375 (Fed. Cir. 1986). Therefore, prior arts must be considered in entirely, including discloses that teach away from the claims, MPEP § 2143.01-02.
	The “mere existence of differences between the prior art and an invention does not establish the invention’s nonobviousness.” Dann v. Johnston, 425 U.S. 219, 230, 189 USPQ 257, 261 (1976). The gap between the prior art and the claimed invention may not be “so great as to render the [claim] nonobvious to one reasonably skilled in the art.” Id. MPEP 2141 (section III).
 	In view of the above, it would have been obvious to the skilled artisan to modify the teachings of Cope with the teachings of Winslow to perfrom the functions of the  device as claimed including the trusted environment and the hardware computing device that supports security functions such as authentication, seeding, encryption, decryption.
	Accordingly, the claimed invention as a whole was at least prima facie obvious, if not anticipated by the reference, especially in the absence of sufficient, clear, and convincing evidence to the contrary.
Examiner Notes 

4.	  Claims that set forth a list of alternatives from which a selection is to be made are typically referred to as “Markush claims.”  In the instance case, the recitation of the conjunction “or” and the phrase “any of” in the claim language makes a “Markush grouping,” and thus, it is understood that the prior art needs to disclose only one limitation, from each of the groupings, in order to reject the claims. Accordingly, the Examiner has rejected particular limitations from the list of alternatives in the claims and highlighted the particular limitation with bold fonts in the office action (Claims 11-13, 15, for example). 
 	The Applicant is requested to respond to the rejection specific to the selected limitations/features highlighted in the Office Action with bold fonts (since the other limitations/features in the claims are made optional by the Markush groupings).
				Claim Rejections - 35 USC § 103

5.	In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
6.	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

7.	The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
8.	Claims 11, 13, and 16 are rejected under 35 U.S.C. 103 as being unpatentable over Winslow et al. (US 20130111211 A1, hereinafter, Winslow) in view of Cope et al. (Patent No. US 8649770 B1, hereinafter, Cope)
 	Regarding claim 11, Winslow discloses a trusted environment including device (Abstract, Paragraphs 0004-0005: trusted hardware component may send a request to the untrusted device) comprising: a hardware computing device, including a processor, a memory (Fig. 3 and associated texts ERM 310, Processor 314, Memory 316; Paragraphs 0011, 0029: Trusted hardware component/module (i.e. external reference monitor (XRM) and/or an enterprise reference monitor (ERM)); 
 	the hardware computing device connected to and communicating with an untrusted environment legacy computing system (Paragraph 0035: ERM 104 communicates with the untrusted devices over a communication network; Figs. 5, 6. 8A and associated texts: XRM 510 and untrusted Device 500; ERM 802 and untrusted Device 804), 
 	the untrusted environment legacy computing system including any of a computer, a notebook, a tablet, a smartphone, a server (Paragraphs 0016, 0018, 0044, 
 	the hardware computing device connected directly to a network ((Winslow, Fig. 1 ERM 104 (trusted hardware component/module) is directly connected to the network without being connected to untrusted device (legacy computing system); Fig. 3: ERM 310 (trusted hardware component/module) is directly connected to network 302 without being connected to untrusted device; Fig. 4: ERM proxy server 402 at enterprise location is directly connected with cellular network (3G/4G internet) without being connected to untrusted device (legacy computing system); Further, Winslow discloses how claimed hardware computing device is connected to the "network" without
being connected with the legacy computing system i.e. untrusted device (Paragraph 0078: an ERM is used, the request is sent directly from the ERM to Communication Peer 806 via a communication network; Paragraph 0054: ERM 310 is in communication with Network 302; Paragraph 0045: CUA (Customer Unique Application (CUAs))is included within an XRM and designed to operate over the wide variety of communications systems, for example commercial land line telephone, military radios, communication satellites, Voice over IP, and/or different cellular telephone standards; Paragraph 0054: Paragraph 0070: XRM 704 receives information regarding the operational state and/or security level via a local communication medium/network (e.g., Bluetooth, NFC, etc.)); 

 	the untrusted environment legacy computing system not communicatively coupled the secured input device, or the secured output device (Paragraphs 0028; 0010, 0107-0109: trusted input/output….trusted hardware module may include an output interface configured to display an indication of the security status) 
 	[corresponding network communications received by the hardware computing device not accessible by the untrusted environment legacy computing system] (Paragraphs 0048, 0118, 01030, 0053-0055, 0104, 0115 0028, 0032: In the second mode of operation, the applications running on the untrusted device are limited to a predetermined whitelist to ensure unauthorized applications do not have access to sensitive data… In an example, applications included in a blacklist are suspended or hibernated when performing secure communications or operating in a secure mode…..ERM 310 blocks access of a compromised COTS element from accessing secure data or block the compromised COTS element… an XRM token includes a tamper proof casing that prevents unauthorized access…); 

 	including any of authentication, storing sensitive information, detecting character strings, seeding, encryption, decryption, sending data to the untrusted environment legacy computing system, (Paragraphs 0006-0007, 0009, 0030, 0108: input is a seed to a hashing function, a random number, or some other input generated by the trusted hardware… the trusted hardware module is configured to authenticate .. The trusted hardware module is configured to receive encrypted data, decrypt encrypted data to form decrypted data… The XRM and/or ERM may be configured to securely update sensitive data).  
 	Winslow does not explicitly states but Cope from the same or similar fields of endeavor teaches corresponding network communications received by the hardware computing device not accessible by the untrusted environment legacy computing system (Cope, Col. 7, lines 1-23: the trust zone extension application 124b prevents the untrusted applications 162 from executing while the communication link via the cellular wireless modem 102 to the network 108 is established, thereby preventing the untrusted applications 162 from spying on inputs to the input devices 156;Fig. 2 and associated texts)
  	Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have corresponding network communications received by the hardware computing device not accessible by the untrusted environment legacy computing system as taught by Cope in the teachings of  for the advantage of blocking access to the user interface input device by the trusted security module (Cope, Col. 1, lines 40-57)
  	Regarding claim 13, the combination of Winslow and Cope discloses the hardware computing device according to claim 11, wherein the hardware computing device is incorporated into any of a keyboard, a camera, a router, an input device, an output device, or an interface to an input or output device (Winslow, Paragraphs 0010, 0029, 0109: secure hardware component displays an indication of the security status on an output device, wherein the output is included in the secure hardware component…  trusted input of the XRM for accepting inputs from the user, the physical hardware (e.g., keyboard, touchscreen display, microphone, sensors, etc.) of the untrusted device is used by the user to provide inputs when communicating with the ERM). 
  	Regarding claim 16, the combination of Winslow and Cope discloses the secured computing system according to claim 15, wherein the secured computing system serving as a remote personal computer to allow a user of the hardware computing device and the legacy computing system to access internet sites (Winslow, Paragraphs 0058, 0077, 0126: The ERM interface with the untrusted devices in order to actively provide security functions and/or to interactively monitor the operation of the untrusted devices. For example, active security services that are provided by the ERM includes support for secure voice calls, authentication services, secure remote access (e.g., via the Secure Thin Client)….OSs that utilize a Linux process (e.g., thread) model using Inter-Process Communication (IPC) for message passing, remote procedure calls (RPC)). 

Allowable Subject Matter 

9.	Claims 12, 14-15, and 17-18 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims. 

Conclusion

10. 	The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Asokan et al. (US 20110093938 A1 discloses an apparatus that includes a processor configured to receive a security certificate request from a remote device comprising a public key of the remote device and an authentication credential based upon a legacy authentication mechanism of the remote device.
11. 	THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
12.	Any inquiry concerning this communication or earlier communications from the examiner should be directed to MAHFUZUR RAHMAN whose telephone number is (571)270-7638.  The examiner can normally be reached on Monday thru Friday.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Yin-Chen Shaw can be reached on 571-272-8878.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/MAHFUZUR RAHMAN/Primary Examiner, Art Unit 2498