Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Amendment
Applicant’s amendment filed 4/29/2021 has been entered.  Claims 1, 3, 4, 7, 9 and 13 were amended.  Claims 1-20 are presented for examination.
Applicant’s amendments have overcome each and every drawing and specification objection in the Non-Final Office Action mailed 2/16/2021.  
Applicant’s claim amendments have overcome the claim objections and 112(b) rejection in the Non-Final Office Action mailed 2/16/2021.  

Response to Arguments
Applicant’s arguments with respect to claim(s) 1, 7 and 13 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.  The new grounds of rejection rely on Brandwine (10,133,867).
 
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-3, 6, 7-9, 12, 13-15 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Hu (2016/0267267) in view of Repasi (2007/0277241) in view of Brandwine (10,133,867).  

Regarding claim 1, Hu teaches 
a computer-implementable method for performing a security vulnerability detection operation, comprising:  
configuring a … security profiling environment (Hu, [0023] an application installation interface function in the package management service will be called, in the present embodiment, by modifying the specific implementation flow in the existing application installation interface function, the application can be performed virus scan before executing installation operation for the application, so as to avoid an application carrying a virus to be installed in a terminal equipment.)
receiving a … update file via the … processor;  (Hu, [0021] In FIG. 1, in S100, when an Android operating system needs to install an application, identification information of the application that needs to be installed is transmitted from a framework layer to an application layer.)
using the … security detection operation to identify a security vulnerability within the … update file; and,  (Hu, [0029] In S110, at the application layer, a virus scanner application is activated on the basis of the identification information of the application to allow the virus scanner application to run virus scan on the application that needs to be installed. 
[0030] Specifically, at the application layer, the application installation listening interface function can provide the identification information of the application to the virus scanner application in the terminal equipment (the virus scanner application can also be referred to as the security management application such as the existing virus killing application) and trigger the virus scanner application to run the virus scan on the application corresponding to the identification information of the application )
installing the  … update file to the information handling system only when no security vulnerability is identified…  the installing being performed by the … host (Hu [0033] As a specific example, after completing the virus scan operation, the security management application calls the application installation resuming class function or the application installation terminating class function in the application layer and sets input parameters of the application installation resuming class function or the application installation terminating class function in the application layer on the basis of the virus scan result. The application installation resuming class function or the application installation terminating class function in the application layer then calls an application installation resuming class function or an application installation terminating class function provided by the service of the framework layer, to notify the framework layer of whether or not to execute the installation operation for the application.)
Hu teaches an application virus check but does not explicitly teach a firmware virus check, so Hu does not explicitly teach a firmware update file.
However Repasi teaches a firmware update file and firmware security profiling (Repasi, [0081] Referring now to FIG. 2A, a block diagram is shown representing an example system 200 to scan firmware of a processing system 100 for malware. [0062] an analysis module to analyse the copy of the firmware to determine if the firmware has been modified by malware.) and identify a security vulnerability within the firmware (Repasi [0099] The pattern matching module 226 of the analysis module is configured to search the copies of the firmware for particular patterns of strings or instructions which are indicative of malware. The pattern matching module 226 may operate in combination with the disassembly module 228 of the analysis module 220. The disassembly module 228 is configured to disassemble the binary code stored of the firmware such that disassembly module determines processing system instructions of the firmware. The processing system instructions of the 
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have combined Repasi’s firmware check with Hu’s application check because doing so improves malware detection (Repasi, [0008] Firmware is software that is embedded in a hardware device of the processing system. [0018] Therefore, there exists a need for a method, system, computer readable medium of instructions, and/or a computer program product to scan firmware of a processing system for malware which addresses or at least ameliorates problems inherent in the prior art.)
Hu does not teach a trusted host and a trusted service processor.
However Brandwine teaches 
the trusted host comprising a host system configured to provide a trust boundary for data the trusted host provides to an associated sub-system, (Brandwine, Col 2 ,lines 2-6, In particular, various embodiments provide a trusted enclave inside a host machine operated by a resource provider, or other such entity, where that trusted enclave is logically owned by a separate party, such as a customer of the resource provider. The trusted enclave in some embodiments can take the form of a peripheral card including a trusted co-processor, where the card is connected to a high speed bus, such as a peripheral component interconnect (PCI bus), in the host machine. Col 4 ,lines 18-23, In some embodiments, the public key used to verify the signature can be stored in a trusted platform module (TPM) (not shown) on the host computing device.) (See Fig 3) the trusted service processor being configured to provide a trust boundary for data the trusted service processor provides an information handling system (Brandwine, Col 5, lines 32-34, The configuration of the trusted co-processor enables it to be logically considered to be within a trust boundary, cryptographic boundary, trust region, or trusted enclave, 
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have applied Brandwine’s trusted platform to Hu’s virus scanning platform because objects in the secure environment have improved protection from unintended modification (Brandwine, Col 4, lines 46-51, Approaches in accordance with various embodiments can attempt to improve security in such an environment while ensuring that customer secrets, keys, secure data, and other such objects are well secured within that environment, and that no unintended or unexpected modification of the environment has occurred.)

Regarding claim 2, Hu, Repasi and Brandwine teach
the method of claim 1, wherein:  
the firmware update file is used to update a sub-system of the information handling system (Repasi, [0087] Example firmware devices of the processing system 100 which can populate the list can comprise a BIOS chip, a video card, an optical storage device, a mobile phone in data communication with the processing system 100, a scanner, an MP3 player, a USB device, a digital camera, or any other device which comprises EEPROM which could be susceptible to a malware attack.)

Regarding claim 3, Hu, Repasi and Brandwine teach
the method of claim 1, wherein:  
tthe firmware update file is received via an externally provided firmware update package (Hu, [0021] In FIG. 1, in S100, when an Android operating system needs to install an application, identification information of the application that needs to be installed is transmitted from a framework layer to an application layer [0024] In the present embodiment, the pre-installation package detection 

Regarding claim 6, Hu, Repasi and Brandwine teach
the method of claim 1, further comprising: 
mapping the firmware update file to a memory-mapped device contained within the trusted service processor (Repasi, [0087] The copy module 210 is configured to determine one or more firmware devices of the processing system 100. The copy module 210 can initiate the firmware device detection module 213 which generates a list of the one or more firmware devices of the processing system 100. The firmware device detection module 213 may call a device manager of the specific operating system used on the processing system 100 to populate the list. Example firmware devices of the processing system 100 which can populate the list can comprise a BIOS chip, a video card, an optical storage device, a mobile phone in data communication with the processing system 100, a scanner, an MP3 player, a USB device, a digital camera, or any other device which comprises EEPROM which could be susceptible to a malware attack.)

Claims 7-9 and 12 are system claims for the method claims 1-3 and 6 and are rejected for the same reasons as claims 1-3 and 6.

Claims 13-15 and 18 are medium claims for the method claims 1-3 and 6 and are rejected for the same reasons as claims 1-3 and 6.


Claims 4, 10 and 16 are rejected under 35 U.S.C. 103 as being unpatentable over Hu (2016/0267267) in view of Repasi (2007/0277241) in view of Brandwine (10,133,867) in view of Viljoen (8,234,709).

Regarding claim 4, Hu, Repasi and Brandwine teach
the method of claim 1, wherein: 
the identifying the security vulnerabilities comprises using a … and a digital signature (Brandwine, Col 4, lines 15-20, In one example, the update can be signed using a private key or other such credential of a trusted source in order to ensure authenticity of the update. If the update is signed using a private key, the host computing device may need to validate the signature of the update before applying the patch. Col 14, lines 9-13, Accordingly, approaches in accordance with various embodiments can utilize signed payloads, where the update is signed using a digital signature or other credential, )
Hu teaches application scanning but does not teach a malware scanning application file
However Viljoen teaches a malware scanning application file (Viljoen, Col 3 line 634 to Col 4, line 1. Through this network connection, signature update server 110 can provide signature definition file updates to client computers 120(1)-(M),)
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have combined Viljoen’s malware scanning updates with Hu’s application check because doing so improves quick updates to virus’ detection (Viljoen, Col 3, lines 49-52, In this manner, anti-malware clients incorporating embodiments of the present invention can receive signature definition updates in a manner of minutes after certification of new malware signatures.)



Claim 16 is a medium claim for the method claim 4 and is rejected for the same reasons as claim 4.

Claims 5, 11, 17 and 19-20 are rejected under 35 U.S.C. 103 as being unpatentable over Hu (2016/0267267) in view of Repasi (2007/0277241) in view of Brandwine (10,133,867) in view of Viljoen (8,234,709) in view of Gschwind (2015/0248283).

Regarding claim 15, Hu, Repasi, Brandwine and Viljoen teach
the method of claim 4, wherein: 
the digital signature are provided by the trusted host (Brandwine, Col 7, lines 50-55,  The customer system receiving the information can verify that the image is as expected and can trust the attestation chain. A customer system getting quotes (or other measurements, which may be signed) for each subsystem can also verify the signature on each quote, as well as the values within those signatures. ) malware scanning application file (Viljoen, Col 3 line 634 to Col 4, line 1. Through this network connection, signature update server 110 can provide signature definition file updates to client computers 120(1)-(M),).
Hu does not teach provided by the trusted host.
However Gschwind teaches provided by the trusted host (Gschwind, [0023] In the example of FIG. 1, memory 110 can be loaded with software including instructions for implementing methods for initiating communication between user trusted device 10 and a network 165. [0067] In embodiments, the method further includes: transferring data, a user trusted device firmware update, from the server 
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have applied Gschwind’s updates to trusted devices to Hu-Repasi-Brandwine-Viljoen’s trusted host because doing so improves updates security (Gschwind, [0058] However, updates or changes of functionality can still be performed securely even though it can partly rely on an otherwise insecure SD card (as discussed in reference to some embodiments below).

Claim 11 is a system claim for the method claim 5 and is rejected for the same reasons as claim 5.

Claim 17 is a medium claim for the method claim 5 and is rejected for the same reasons as claim 5.

Regarding claim 19, Hu, Repasi, Brandwine, Viljoen and Gschwind teach
the non-transitory, computer-readable storage medium of claim 13, wherein: 
the computer executable instructions are deployable to a client system from a server 3system at a remote location (Gschwind, [0023] In the example of FIG. 1, memory 110 can be loaded with software including instructions for implementing methods for initiating communication between user trusted device 10 and a network 165. [0093] Step S8d, the transfer of the update from the server to the client is completed and the update is stored on a memory (persistent or not) of device 10.)  EN: Gschwind teaches network updates.

Regarding claim 20, Hu, Repasi, Brandwine, Viljoen and Gschwind teach
the non-transitory, computer-readable storage medium of claim 13, wherein: 
the computer executable instructions are provided by a service provider to a user on an on-demand basis (Gschwind, [0026] Network 165 can be an IP-based network for communication between computer 101 and any external server, client and the like via a broadband connection. Network 165 transmits and receives data between computer 101 and external systems, e.g., a server 30. In exemplary embodiments, network 165 can be a managed IP network administered by a service provider. [0081] Then, the updater interacts with the BIOS to use the network card of the computer, in order to establish a secure network connection to a server and retrieve updates.)


Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
Callaghan (2018/0365422) teaches a trusted platform module for protecting service processes.

Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory 
The following are suggested formats for either a Certificate of Mailing or Certificate of Transmission under 37 CFR 1.8(a).  The certification may be included with all correspondence concerning this application or proceeding to establish a date of mailing or transmission under 37 CFR 1.8(a).  Proper use of this procedure will result in such communication being considered as timely if the established date is within the required period for reply.  The Certificate should be signed by the individual actually depositing or transmitting the correspondence or by an individual who, upon information and belief, expects the correspondence to be mailed or transmitted in the normal course of business by another no later than the date indicated. 

/BRUCE S ASHLEY/               Examiner, Art Unit 2494                                                                                                                                                                                         
/THEODORE C PARSONS/               Primary Examiner, Art Unit 2494