Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION
The IDS of 6/3/2020 was received and considered.
Claims 1-20 are pending.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 3-4, 6-7 and 18 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
Regarding claim 3, the claim lacks sufficient antecedent basis for the limitation “before the BIOS actively measuring”, as the parent claim lacks “actively”.  
Regarding claim 6, the limitation “the trusted high-speed encryption card” lacks sufficient antecedent basis.
Regarding claim 18, the claim lacks sufficient antecedent basis for the limitation “before the BIOS actively measuring”, as the parent claim lacks “actively”.  

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-2, 5-8, 17 and 19-20 are rejected under 35 U.S.C. 103 as being unpatentable over US 2005/0166024 A1 to Angelo et al. (Angelo), 2006/0075223 A1 to Bade et al. (Bade) and US 2004/0158828 A1 to Zimmer et al. (Zimmer).
Regarding claim 1, Angelo discloses measuring, by a trusted security chip, a BIOS in a device, to generate an integrity measurement result (TPM validates BIOS, ¶31); measuring, by a BIOS, at least one firmware in the device (BIOS measures option ROMs, ¶32).  Angelo is silent regarding the conditional statements “if the integrity measurement result indicates that the BIOS's integrity is not corrupted” and “if an integrity of the at least one firmware in the device measured by the BIOS is not corrupted” and lacks the step of if an integrity of one or more firmware in the device measured by the BIOS is corrupted, prohibiting, by the trusted security chip, the system of the device from being started or controlling the system to enter into a non-secure mode.  However, Bade teaches that a TPM is used as a root of trust, where the CRTM measures the BIOS, then the BIOS measures additional code, etc. (¶6), where if the measurements fail, one option is for the system to stop booting (¶5).  Therefore, it would have been 
Regarding claim 2, Angelo, as modified above, teaches wherein the firmware includes at least one of: a trusted high-speed cryptographic algorithmic firmware, a peripheral storage device, a memory, and a hardware device (option ROMs include programs associated with devices attached to  system buses, ¶32; also note that Zimmer teaches option ROMS contained in peripheral devices, Zimmer, ¶34). 
Regarding claim 5, Angelo, as modified above, teaches loading the operating system after the BIOS and option ROM (¶32), but does not expressly teach wherein: after loading the one or more firmware, the method further comprises: the BIOS measuring the integrity of a Boot Loader.  However, 
Regarding claim 6, Angelo, as modified above, teaches triggering the Boot Loader to measure an integrity of a system kernel of the device (as modified above, by Bade, ¶6) when the integrity of the Boot Loader measured by the BIOS is not corrupted (as modified above, by Bade, ¶¶5-6, teaching that each stage of the measurement and load process is performed before continuing to the next step); and prohibiting the system of the device from booting, or controlling the system to enter into the non-secure mode when the integrity of the Boot Loader is corrupted (as modified above by Bade, ¶¶5-6).
Regarding claim 7, Angelo, as modified above, teaches after triggering the Boot Loader to measure the integrity of the system kernel of the device, the method further comprises: securely booting the system of the device, and/or controlling the system to enter into the secure mode when the integrity of the system kernel measured by the Boot Loader is not corrupted (as modified above by Bade, ¶¶5-6; see also Angelo, ¶32 discussing loading of the operating system kernel).  
Regarding claim 8, Angelo, as modified above, teaches wherein: after triggering the Boot Loader to measure the integrity of the system kernel of the device, the method further comprises: prohibiting the system of the device from booting, or controlling the system to enter into the non-secure mode when the integrity of the system kernel measured by the Boot Loader is corrupted (as modified above by Bade, ¶¶5-6; see also Angelo, ¶32 discussing loading of the operating system kernel).

Regarding claim 19, Angelo, as modified above, discloses prohibiting a system of the device from booting, or controlling the system to enter into a non-secure mode, upon determining that the first measurement result does not satisfy the first preset condition, or the second measurement result does not satisfy the second preset condition (as modified above by Bade, ¶¶5-6; see also Angelo, ¶32 discussing loading of the operating system kernel).  
Regarding claim 20, Angelo discloses wherein measuring the integrity of the BIOS in the device comprises: determining whether a hash value of the BIOS is the same as a preset hash value (measurement comprises hashing code, ¶31 (digital signature); see also claim 27).  

Allowable Subject Matter
Claims 9-16 are allowed.
Regarding claim 9, Angelo discloses an apparatus comprising: one or more processors (Fig. 3, 102); and memory (Fig. 3, 106) storing executable instructions that, when executed by the one or more processors, cause the one or more processors to perform acts comprising: actively measuring, by a BIOS, an integrity of an option memory firmware (BIOS measures option ROMs, ¶32) device in a device when an integrity measurement result made by a trusted security chip indicates that the integrity of the BIOS is not corrupted (TPM validates BIOS, ¶31).  Angelo is silent regarding wherein the one or more firmware are loaded when the integrity of the one or more firmware is not corrupted, or otherwise a system of the device is prohibited from booting or the system is controlled to enter into a non-secure mode.  However, Bade teaches that a TPM is used as a root of trust, where the CRTM measures the BIOS, then the BIOS measures additional code, etc. (¶6), where if the measurements fail, one option is for the Joshi, Vijayrao, Zhang and Kisley are cited for teaching high-speed encryption cards as expansion cards (notable for using option ROM firmware in a system).  However, the prior art, alone or in a reasonable combination fails to teach triggering the option memory firmware of the trusted high-speed encryption card to measure an integrity of one or more firmware in the device if an integrity of the option memory firmware of the trusted high-speed encryption card that is actively measured by the BIOS is not corrupted, in combination with the remaining elements of the claims as a whole.

Claims 3, 4 and 18 would be objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims AND any rejections with respect to 35 U.S.C. §112 above are overcome
Regarding claims 3 and 18, the prior art, alone or in a reasonable combination fails to teach the BIOS actively measuring the at least one firmware in the device, powering on and starting a trusted high-speed encryption card, obtaining a platform measurement root of the trusted high-speed encryption card and the trusted security chip using the platform measurement root and a key to perform an integrity measurement for the BIOS, in combination with the claims as a whole.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MICHAEL J SIMITOSKI whose telephone number is (571)272-3841.  The examiner can normally be reached on Monday - Friday, 7:00-3:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Carl Colin can be reached on 571-272-3862.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/Michael Simitoski/               Primary Examiner, Art Unit 2493                                                                                                                                                                                         
May 17, 2021