Notice of Pre-AIA  or AIA  Status
1. 	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

2. 	This is the initial office action that has been issued in
response to patent application 16/683,233, filed on 11/13/2019.
Claims 1-20 as originally filed, are currently pending and have
been considered below. Claim 1, 11 and 13 are independent claims.

Claim Rejections - 35 USC § 102
3. 	The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

4. 	Claims 1-6, 9-12, and 14-19 are rejected under 35 U.S.C. 102 (a)(2)as being anticipated  by Nicolson ( US 20110173643 A1).

5. 	Regarding Claim 1, Nicolson discloses, a computing device, comprising: a secure circuit configured to maintain a plurality of cryptographic keys of the computing device (Nicolson, Figure 2 (1120): device). Figure 17 (11004):securing processing environment ¶[0162], SPE 11004 is the secure processing environment. ¶[0240], AIK 21710 stored within the Secure Processing Environment. Figure 9 (1414): Cryptographic Signature; ¶[0152], This signing key is either the private portion of a key securely embedded within the Secure Processing Environment. the signing entity may be an agent of the platform developer or the application developer ); a processor (Nicolson, Abstract, a device with a secure processor); memory having program instructions stored therein that are executable by the processor to cause the computing device to perform operations including: receiving, from an application, a request for an attestation usable to confirm an integrity of the application (Nicolson, ¶[0179], the other attestation parameters to request attestation from that module 11710. Figure 17 (11760) Request Attestation SIGN (NS, Challenge, PCI selection). ¶[0245], for example, before permitting access to secured services by the application, the server needs to be sure that the application is operation within the expected environment; Figure 17 (11728-11732): “Return SP_Quote result, verify result matched expected result matched expected result, return attestation success); supply the attestation for the application (Nicolson, ¶[0245], The OS 21008 uses knowledge of the process space . to determine the AIK that has been previously established for remote attestation of the application ¶[0179], the SP is requested to generate a signed hash. ¶[0245], signed using the private portion of the established AIK); and providing the attestation to a remote computing system in communication with the application (Nicolson, Figure 39 (21922-21924-21926-21928): return SPE_Quote result).  

6. 	Regarding Claim 2, Nicolson discloses, the computing device of claim 1, wherein the secure circuit is configured to: verify received metadata pertaining to the integrity of the application (Nicolson, ¶[0245], the SPE 21004 is used again, this time to verify the integrity of the PSC 21914 for the Application 21010, and the tPCR Support 21002 is used to perform verification); and use the cryptographic key to generate the attestation indicative of the integrity of the application (Nicolson, The SPE 21004 is requested to generate a signed hash 21922 including the PCRs set according to the PCR selection received from the server 21904 and the hash value calculated in 21918 and signed using the private portion of the established AIK) .  

7. 	Regarding Claim 3, Nicolson discloses, the computing device of claim 2, wherein the metadata includes a certificate identifying a hash value signed by a developer of the application, and wherein the secure circuit is configured to: perform a comparison of the signed hash value and a hash value generated from the application in response to the received request ( Nicolson, ¶[0152], there is a Cryptographic signature 1414 that represents a hash of the rest of the data encrypted by a key known to the Secure Processing Environment 1114. the signing entity may be an agent of the platform developer or the application developer. ¶[0245], SPE 21004 is used again, this time to verify the integrity of the PSC 21914 for the Application. ¶[0165], SPE_VerifyPSC 11026, with the parameter set to the PSC, hash of the application is calculated and compared against a reference value stored within the PSC )  

8. 	Regarding Claim 4, Nicolson discloses, the computing device of claim 1, wherein the secure circuit is configured to: generate a public key pair unique to the application, wherein the cryptographic key is a private key of the public key pair (Nicolson, ¶[0162], SPE 11004 is the secure processing environment. ¶[0240], AIK 21710 stored within the Secure Processing Environment. Figure 9 (1414): Cryptographic Signature; ¶[0152], ¶[0152], This signing key is either the private portion of a key securely embedded within the Secure Processing Environment. the signing entity may be an agent of the platform developer or the application developer ; and provide, to the application, a certificate including a public key of the public key pair, wherein the public key is usable by the remote computing system to verify the attestation (Nicolson, (Nicolson, ¶[0179], the other attestation parameters to request attestation from that module 11710. Figure 17 (11760) Request Attestation SIGN (NS, Challenge, PCI selection). ¶[0245], for example, before permitting access to secured services by the application, the server needs to be sure that the application is operation within the expected environment).  

9. 	Regarding Claim 5, Nicolson discloses, the computing device of claim 4, wherein the certificate includes an identifier of the application and a hash value generated from the application (Nicolson, ¶[0245], PCR hash stored within the Application's 21010 PSC. The SPE 21004 is requested to generate a signed hash 21922 including the PCRs set according to the PCR selection received from the server 21904 and the hash value calculated in 21918 and signed using the private portion of the established AIK).  

10. 	Regarding Claim 6, The computing device of claim 4, wherein the secure circuit is configured to: receive a challenge issued by the remote computing system to the application (Nicolson, ¶[0245], The Server 21900 replies by sending its request for attestation 21904, with a message containing a server nonce Ns, a randomly generated Challenge); and generate the attestation by signing the challenge with the private key (Nicolson, ¶[0245], Now the attestation can start; first the signature on the message containing the server nonce, the random Challenge ).  

11. 	Regarding Claim 9, Nicolson discloses, the computing device of claim 1, wherein the program instructions include program instructions of an operating system of the computing device, and wherein the operating system is executable to: verify metadata obtained from the application and pertaining to the integrity of the application (Nicolson, ¶[0245], the SPE 21004 is used again, this time to verify the integrity of the PSC 21914 for the Application 21010, and the tPCR Support 21002 is used to perform verification); and perform the instructing based on the verified metadata (Nicolson, ¶[0252], data extracted from the component (for example, a first predetermined bits extracted from the component) may be used to perform verification).  

12. 	Regarding Claim 10,  Nicolson discloses, the computing device of claim 1, wherein the secure circuit is configured to: use the cryptographic key to establish a connection with a server configured to generate the attestation (Nicolson, ¶[0245], randomly-generated value is returned 21902, which the Application 21010 uses when requesting attestation 21903 from the Server 21900 the SPE 21004 is requested to generate a signed hash 21922 ); and receive the generated attestation from the server (Nicolson, ¶[0245],The Application 21010 passes the generated client nonce Nc to the Server 21900, a value to protect against replay and other attacks on the communication stream between the Application 21010 and the Server 21900.).  

13. 	Regarding Claim 11, Nicolson discloses, a non-transitory computer readable medium having program instructions stored therein that are executable by a computing device to cause the computing device to perform operations comprising: sending, by an application, a request for an attestation indicating that the application has been verified (Nicolson, ¶[0245], The Server 21900 verified that the result passed in equals the expected results 21930, and if so, notifies the Application 21010 that attestation has completed successfully 21932.); supplying, by the application, metadata indicative of an identity of the application (Nicolson, Figure 30 (21914): determine loaded PSC for application); receiving, by the application, the requested attestation from a secure circuit of the computing device, wherein the secure circuit is configured to provide the requested attestation based on a verification of the supplied metadata (Nicolson, Figure 30 (21914): “verify loaded PSC integrity”; ¶[0245], the SPE 21004 is used again, this time to verify the integrity of the PSC 21914 for the Application 21010, and the tPCR Support 21002 is used to perform verification of the tPCRs set within said PSC 21916. The Server 21900 verified that the result passed in equals the expected results 21930, and if so, notifies the Application 21010 that attestation has completed successfully 21932.) ; and use the received attestation to establish a connection with a remote server (Nicolson, ¶[0245], 21922 including the PCRs set according to the PCR selection received from the server 21904 and the hash value calculated in 21918 and signed using the private portion of the established AIK).  

14. 	Regarding Claim 12, Nicolson discloses, the computer readable medium of claim 11, wherein the metadata is supplied to the secure circuit, and wherein the secure circuit is configured to verify the metadata in response to the request (Nicolson, Figure 30 (21914): “verify loaded PSC integrity”; ¶[0245], the SPE 21004 is used again, this time to verify the integrity of the PSC 21914 for the Application 21010, and the tPCR Support 21002 is used to perform verification of the tPCRs set within said PSC 21916. The Server 21900 verified that the result passed in equals the expected results 21930, and if so, notifies the Application 21010 that attestation has completed successfully 21932.).  

15. 	Regarding Claim 14, Nicolson discloses, the computer readable medium of claim 11, wherein the received attestation is signed using a cryptographic key maintained by the secure circuit for the application (Nicolson, ¶[0245], The SPE 21004 is requested to generate a signed hash 21922 including the PCRs set according to the PCR selection received from the server 21904 and the hash value calculated in 21918 and signed using the private portion of the established AIK) .  

16. 	Regarding Claim 15, Nicolson discloses, the computer readable medium of claim 14, wherein the cryptographic key is one of a plurality of keys maintained by the secure circuit, and wherein the request for the attestation includes an index value usable by the secure circuit to identify the cryptographic key (Nicolson, ¶[0179], the other attestation parameters to request attestation from that module 11710. Figure 17 (11760) Request Attestation SIGN (NS, Challenge, PCI selection). [0245], for example, before permitting access to secured services by the application, the server needs to be sure that the application is operation within the expected environment; Figure 17 (11728-11732): “Return SP_Quote result, verify result matched expected result matched expected result, return attestation success. ¶[0245], The OS 21008 uses knowledge of the process space . to determine the AIK that has been previously established for remote attestation of the application ¶[0179], the SP is requested to generate a signed hash. ¶[0245], signed using the private portion of the established AIK)).  

17. 	Regarding Claim 16, Nicolson discloses,	a method, comprising: a server system receiving, from a secure circuit in a computing device, a signed request to provide an attestation for an application executing on the computing device, wherein the attestation is usable to confirm that the application is valid (Nicolson, ¶[0179], the other attestation parameters to request attestation from that module 11710. Figure 17 (11760) Request Attestation SIGN (NS, Challenge, PCI selection). ¶[0245], for example, before permitting access to secured services by the application, the server needs to be sure that the application is operation within the expected environment; Figure 17 (11728-11732): “Return SP_Quote result, verify result matched expected result matched expected result, return attestation success); the server system generating the requested attestation using a cryptographic key maintained by the server system; and the server system sending the generated attestation to the computing device, wherein the attestation is used by the application to establish a communication with service.  

18. 	Regarding Claim 17, Nicolson discloses, the method of claim 16, further comprising: prior to generating the requested attestation, the server system verifying metadata supplied with the request and pertaining to an identity of the application (Nicolson, ¶[0245], the SPE 21004 is used again, this time to verify the integrity of the PSC 21914 for the Application 21010, and the tPCR Support 21002 is used to perform verification).  

19. 	Regarding Claim 18, Nicolson discloses, the method of claim 16, further comprising: the server system receiving, from the secure circuit, an indication that metadata supplied by the application pertaining to an identity of the application has been verified (Nicolson, ¶[0245], the attestation can start; first the signature on the message containing the server nonce, the random Challenge and the physical PCRs to attest to is verified 21912 by the SPE 21004 using the previously-established according to the prior art AIK. The Server 21900 verified that the result passed in equals the expected results 21930, and if so, notifies the Application 21010 that attestation has completed successfully 21932.); and the server system generating the attestation in response to the indication (Nicolson, ¶[0241], The Attestor 21702 generates an Attestation request 21706 and sends it to the Application 2100 that requested attestation ).  

20. 	Regarding Claim 19, Nicolson discloses, the method of claim 16, further comprising: the server system maintaining a plurality of cryptographic keys for generating attestations for the computing device, wherein each of the plurality of cryptographic keys is associated with a respective application executing on a computing device (Nicolson ¶[0240], Attestation Identity Key, is established between the client on the device and a remote server There is an Attestor 21702 that controls the attestation process, which uses an AIK Certificate 21704 that has been previously established and is associated with the Device's 2120 AIK 21710. The Attestor 21702 generates an Attestation request 21706 and sends it to the Application 2100 that requested attestation.).  



Claim Rejections - 35 USC § 103
21. 	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

22. 	Claim 7 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Nicolson (US 2011/173643 A1) in view of Bhargav-Spantzel (US 2018/0183586 A1).

23. 	Regarding Claim 7, Nicolson in view of Bhargav-Spantzel disclose, 
Nicolson does not explicitly disclose the following limitations that Bharga-Spantzel teaches:
the computing device of claim 4, wherein the public key pair is for a particular user of the computing device, and wherein the request for an attestation identifies the particular user (Bhargav-Spantzel, ¶[0041],  The API obtains and parses the template for the authentication factors at step 352. A request is made to a hardware-secured cryptographic service 310. The authentication factors may include, a password, a contextual answer, a biometric feature, a passcode, a personal identification number (PIN), a personal security token, or other factor forms discussed herein. As discussed herein, the AFSI is a value that identifies a particular set of authentication factors for use in an authentication policy.).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to identify a user and 

24. 	Regarding Claim 20, Nicolson in view of Bhargav-Spantzel disclose, 
Nicolson does not explicitly disclose the following limitations that Bharga-Spantzel teaches:
the method of claim 19, further comprising: the server system receiving, from the secure circuit, a request to generate the cryptographic key for the application (Bhargav-Spantzel, ¶[0053], The consuming application 530 will use a cryptographic key controlled by the cryptographic service 510 to verify itself or some data (e.g., for transmission to a verifier 545 or another entity). For example, this may be accomplished in response to a request by the consuming application 530 to a cryptographic service 510); and prior to generating the cryptographic key, the server system verifying that generating the cryptographic key complies with a limit set by a developer of the application, wherein the limit is a number of cryptographic keys permitted to be generated for the application (Bhargav-Spantzel, ¶[0002], In countless settings, a user (e.g., a user through a user's software application or device) may obtain access to another electronic computer system or network by authentication of a cryptographic key. Such cryptographic keys may be used in implementations of a public key infrastructure (PM) that utilize digital certifications and public key encryption techniques for authentication and encryption of data).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to include a secure circuit that generates a cryptographic wherein the limits are set by the developer for the generated application to enhance security.

Claim Rejections - 35 USC § 103
25. 	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


26. 	Claim 8 is rejected under 35 U.S.C. 103 as being unpatentable over Nicolson (US 2011/0173643 A1) and Bhargav-Spantzel (US 2018/0183586 A1) in view of Wyseur (WO 2017/085159 A1).

27. 	Regrding Claim 8, Nicolson, Bhargav-Spantzel and Wyseur disclose, 
Nicolson and Bhargav-Spantzel does not explicitly disclose the following limitations that Wyseur teaches:
the computing device of claim 7, wherein the secure circuit is configured to: receive an application certificate from a developer of the application, wherein the application certificate identifies a threshold number of users for which public key pairs are permitted to be generated (Wyseur, Pg. 1 lines 9-13, The target device generates a certificate (an attestation) making an expression on the execution of software and/or the execution platform. The target device can then present this certificate to a remote party to show that unaltered software); and verify that generating the public key pair complies with the threshold number of users (Wyseur, Pg. 1 lines 11-13, Remote attestation may be combined with public-key encryption so that the information sent can only be read by the programs that presented and requested the attestation).  
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to include a certificate that identifies a number of users within an application certificate and by generating a public pair.

28. 	Claim 13 is rejected under 35 U.S.C. 103 as being unpatentable over Nicolson (US 2011/173643 A1) in view of Lee (US 9569618 B2)

29. 	Regarding Claim 13, Nicolson and Lee disclose, 
Nicolson does not explicitly disclose the following limitations that Lee teaches:
the computer readable medium of claim 11, wherein the supplying includes supplying a signed hash value generated by a developer for an authorized copy of the application, and wherein the secure circuit is configured to verify the hash value prior to generating the attestation (Lee, Col. 5 lines 50-60 The executable code generation unit 110 includes a main attestation module 112, an attestation module generator 114, and a revised attestation module 116, and is configured to receive information relevant to the certain application 12 from the storage unit 150 that stores the information, and generate a random executable code. Herein, the information relevant to the certain application 12 may include at least one or more of a specific function, a specific variable, a hash value of the specific variable, a specific string, and a string with a sequence rearranged, which constitute an original application file.).  
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to include a copy of the application that is supplied using a hash value and uses the secure circuit to verify the hash value prior.

Conclusion
30.	 Any inquiry concerning this communication or earlier communications from the examiner should be directed to MAYASA SHAAWAT whose telephone number is (571)272-3939.  The examiner can normally be reached on M-F, 8 AM TO 5 PM. If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, JEFFREY PWU can be reached on (571)272-6789. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/MAYASA SHAAWAT/
Examiner, Art Unit 2433

/JEFFREY C PWU/Supervisory Patent Examiner, Art Unit 2433