DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 3/24/2021 has been entered.


Claims 11 and 13 are cancelledClaims 1, 9, and 12 are amendedClaims 1-10, 12, and 14-18 are pending

Examiner’s note: The specification discloses in paragraphs 0008 that a processor is defined to be a machine or an electronic circuit. The specification further discloses in 

Response to Arguments
1.) Applicant’s amendment to claims 1, 9, and 12 filed on 3/24/2021 regarding “calculating, by the processor, a first check value over the encrypted user data during a security-protected operating mode; and calculating, by the processor, a second check value over the encrypted user data during a runtime mode;” necessitated the new ground(s) of rejection presented in this Office action. Therefore, Applicant's arguments with respect to claims 1-10, 12, and 14-18 have been considered but are moot in view of the new ground(s) of rejection.



Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of 
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

1.) Claims 1-5, 7-10, 12, and 15-18 are rejected under 35 U.S.C. 103 as being unpatentable over US 20090172411, Kershaw in view of US 20100107249, Krig 
 	In regards to claim 1, Kershaw teaches a method for checking the integrity of encrypted user data by means of a processor comprising:  	calculating, by the processor, a first check value over the encrypted user data during a security-protected operating mode (see US 20090172411, Kershaw, para. 0005 and 0012, where a processing device generates a signature[i.e. 1st check value] from the encrypted data, wherein a data processor may operate in a secure mode); 	calculating, by the processor, a second check value over the encrypted user data during a runtime mode(see US 20090172411, Kershaw, para. 0012, where the processing device generates a secure signature[i.e. 2nd check value] from the received encrypted data);  	storing the first check value in a security-protected memory module of the processor during the security-protected operating mode(see US 20090172411, Kershaw, para. 0012, where the processing device stores the secure signature[i.e. check value] together with the encrypted data); 	Kershaw does not teach comparing the first check value with the second check value by processor during the runtime mode; and 	providing control information by the processor during the runtime mode, wherein the control information comprises a result of the comparison,  further wherein the control information blocks or releases functions of at least one of the processor and a device including the processor based on the result of the comparison;wherein at least one of the security-protected operating mode and the runtime mode is an operating mode of the processor or the device including the processor.  	However, Krig teaches  	comparing the first check value with the second check value by processor during the runtime mode (see US 20100107249, Krig, para. 0070, where the signature values are compared during runtime); and 	providing control information by the processor during the runtime mode(see US 20100107249, Krig, where a control value is updated at runtime), wherein the control information comprises a result of the comparison(see US 20100107249, Krig, fig. 7, step 702, where the signature compare status is updated in response to a verifying a target signature),  further wherein the control information blocks or releases functions of at least one of the processor and a device including the processor based on the result of the comparison(see US 20100107249, Krig, fig. 7, steps 504 and 706, where a target function is executed or prevented based on the result of the signature comparison);(see US 20100107249, Krig, para. 0044, where a device is configured to operate a secure programmable register in an access mode). 	It would have been obvious to one of ordinary skill in the art before the effective filing data of the claimed invention to modify the teaching of Kershaw with the teaching of Krig because a user would have been motivated to improve protection of data communication with a data processor, taught by Kershaw, by providing a runtime based authentication of information, taught by Krig, in order to protect information from a variety of types of malicious data and/or software attacks(see Krig, para. 0008) 	In regards to claim 2, the combination of Kershaw and Krig the method as claimed in claim 1, wherein the security-protected memory module is once-writable during a runtime of the processor, or the security-protected memory module is once-writable(see US 20100107249, Krig, para. 0072, where the register is one-time writeable) 	It would have been obvious to one of ordinary skill in the art before the effective filing data of the claimed invention to modify the teaching of Kershaw with the teaching of Krig because a user would have been motivated to improve protection of data communication with a data processor, taught by Kershaw, by providing a runtime based authentication of information, taught by Krig, in order to protect information from a variety of types of malicious data and/or software attacks(see Krig, para. 0008)
(see US 20100107249, Krig, para. 0095, where cryptographic keys are stored in a memory segment that is protected by a cryptographic hash). 	It would have been obvious to one of ordinary skill in the art before the effective filing data of the claimed invention to modify the teaching of Kershaw with the teaching of Krig because a user would have been motivated to improve protection of data communication with a data processor, taught by Kershaw, by providing a runtime based authentication of information, taught by Krig, in order to protect information from a variety of types of malicious data and/or software attacks(see Krig, para. 0008)
 	In regards to claim 4, the combination of Kershaw and Krig teach the method as claimed in claim 3, wherein, if a sufficient match is established in the comparison of the first check value and the second check value, the secret is additionally provided during the provisioning(see US 20100107249, Krig, para. 0113, where an access policy for governing an access operation of the MSR register is dictated by a signature verification). 	It would have been obvious to one of ordinary skill in the art before the effective filing data of the claimed invention to modify the teaching of Kershaw with the teaching of Krig because a user would have been motivated to improve protection of data communication with a data processor, taught by Kershaw, by providing a runtime based authentication of information, taught by Krig, in order to protect information from a variety of types of malicious data and/or software attacks(see Krig, para. 0008)
(see US 20100107249, Krig, para. 0112 and 0113, where an access policy for governing an access operation of the MSR register is dictated by a signature verification, wherein the signature is generated using a SHA cryptographic function). 	It would have been obvious to one of ordinary skill in the art before the effective filing data of the claimed invention to modify the teaching of Kershaw with the teaching of Krig because a user would have been motivated to improve protection of data communication with a data processor, taught by Kershaw, by providing a runtime based authentication of information, taught by Krig, in order to protect information from a variety of types of malicious data and/or software attacks(see Krig, para. 0008)
 	In regards to claim 7, the combination of Kershaw and Krig teach the method as claimed in claim 1, wherein the processor calculates the first check value and/or the second check value by a check value function implemented inside the processor(see US 20100107249, Krig, para. 0040, where a signature_compare function checks performs a signature comparison operation). 	It would have been obvious to one of ordinary skill in the art before the effective filing data of the claimed invention to modify the teaching of Kershaw with the teaching of Krig because a user would have been motivated to improve protection of data communication with a data processor, taught by Kershaw, by providing a runtime based (see Krig, para. 0008)
 	In regards to claim 8, the combination of Kershaw and Krig teach the method as claimed in claim 1, wherein the first check value and/or the second check value is/are calculated with a software component by a check value function implemented outside the processor(see US 20100107249, Krig, para. 0063, where the signature is generated using a SHA-1 function). 	It would have been obvious to one of ordinary skill in the art before the effective filing data of the claimed invention to modify the teaching of Kershaw with the teaching of Krig because a user would have been motivated to improve protection of data communication with a data processor, taught by Kershaw, by providing a runtime based authentication of information, taught by Krig, in order to protect information from a variety of types of malicious data and/or software attacks(see Krig, para. 0008)
 	In regards to claim 9, Kershaw teaches a processor for checking the integrity of encrypted user data, having:
A calculation module for calculating a first check value over the encrypted user data(see US 20090172411, Kershaw, para. 0005 and 0012, where a processing device generates a signature[i.e. 1st check value] from the encrypted data, wherein a data processor may operate in a secure mode);a security-protected memory module for storing the first check value over the encrypted user data during a security-protected operating mode(see US 20090172411, Kershaw, para. 0012, where the processing device stores the secure signature[i.e. check value] together with the encrypted data); 	Kershaw does not teach a comparison module for comparing the first check value with a second check value over the encrypted user data during a runtime mode; 	a provisioning module to provide control information during the runtime mode, wherein the control information comprises a result of the comparison, further wherein the control information blocks or releases functions of at least one of the processor and a device including the processor based on the result of the comparison 	However, Krig teaches a comparison module for comparing the first check value with a second check value over the encrypted user data during a runtime mode (see US 20100107249, Krig, para. 0070, where the signature values are compared during runtime); 	a provisioning module to provide control information during the runtime mode(see US 20100107249, Krig, where a control value is updated at runtime), wherein the control information comprises a result of the comparison(see US 20100107249, Krig, fig. 7, step 702, where the signature compare status is updated in response to a verifying a target signature), further wherein the control information blocks or releases functions of at least one of the processor and a device including the processor based on the result of the comparison(see US 20100107249, Krig, fig. 7, steps 504 and 706, where a target function is executed[i.e. releases] or prevented[i.e. blocks] based on the result of the signature comparison) 	It would have been obvious to one of ordinary skill in the art before the effective filing data of the claimed invention to modify the teaching of Kershaw with the teaching of Krig because a user would have been motivated to improve protection of data communication with a data processor, taught by Kershaw, by providing a runtime based authentication of information, taught by Krig, in order to protect information from a variety of types of malicious data and/or software attacks(see Krig, para. 0008)
 	In regards to claim 10, the combination of Kershaw and Krig teach the processor as claimed in claim 9, wherein the processor comprises a first transmission module for transmitting the first check value during the security-protected operating mode and/or for transmitting the second check value during the runtime mode(see US 20100107249, Krig, para. 0090, where a signature verification engine is configured to transmit an external trigger signal to the control logic). 	It would have been obvious to one of ordinary skill in the art before the effective filing data of the claimed invention to modify the teaching of Kershaw with the teaching of Krig because a user would have been motivated to improve protection of data communication with a data processor, taught by Kershaw, by providing a runtime based authentication of information, taught by Krig, in order to protect information from a variety of types of malicious data and/or software attacks(see Krig, para. 0008)
 	In regards to claim 12, Kershaw teaches a device for checking the integrity of user data, having:-    a processor (see US 20090172411, Kershaw, para. 0056 and fig. 1, item 10[processor core]), comprising:-	a calculation module for calculating a first check value over the encrypted user data(see US 20090172411, Kershaw, para. 0005 and 0012, where a processing device generates a signature[i.e. 1st check value] from the encrypted data, wherein a data processor may operate in a secure mode);-    a security-protected memory module for storing a first check value over the encrypted user data during a security-protected operating mode(see US 20090172411, Kershaw, para. 0012, where the processing device stores the secure signature[i.e. check value] together with the encrypted data); 	a first calculation module for calculating the first check value over the user data during the security-protected operating mode(see US 20090172411, Kershaw, para. 0005 and 0012, where a processing device generates a signature[i.e. 1st check value] from the encrypted data, wherein a data processor may operate in a secure mode); anda second calculation module for calculating a second check value over the user data during the runtime mode(see US 20090172411, Kershaw, para. 0012, where the processing device generates a secure signature[i.e. 2nd check value] from the received encrypted data); 	Kershaw does not teach -    a comparison module for comparing the first check value with a second check value over the encrypted user data during a runtime mode;-    a provisioning module to provide control information during the runtime mode, wherein the control information comprises a result of the comparison, further wherein the control information blocks or releases functions of at least one of the  	However, Krig teaches -    a comparison module for comparing the first check value with a second check value over the encrypted user data during a runtime mode (see US 20100107249, Krig, para. 0070, where the signature values are compared during runtime);-    a provisioning module to provide control information during the runtime mode(see US 20100107249, Krig, where a control value is updated at runtime), wherein the control information comprises a result of the comparison(see US 20100107249, Krig, fig. 7, step 702, where the signature compare status is updated in response to a verifying a target signature), further wherein the control information blocks or releases functions of at least one of the processor and the device based on the result of the comparison(see US 20100107249, Krig, fig. 7, steps 504 and 706, where a target function is executed[i.e. releases] or prevented[i.e. blocks] based on the result of the signature comparison). 	It would have been obvious to one of ordinary skill in the art before the effective filing data of the claimed invention to modify the teaching of Kershaw with the teaching of Krig because a user would have been motivated to improve protection of data communication with a data processor, taught by Kershaw, by providing a runtime based authentication of information, taught by Krig, in order to protect information from a variety of types of malicious data and/or software attacks(see Krig, para. 0008)
 	In regards to claim 15, the combination of Kershaw and Krig teach the device as claimed in claim 12, wherein the device comprises a processing module for processing the control information of the processor(see US 20100107249, Krig, para. 0037, where interrupts[i.e. control information] to a CPU may be asserted after a signature comparison). 	It would have been obvious to one of ordinary skill in the art before the effective filing data of the claimed invention to modify the teaching of Kershaw with the teaching of Krig because a user would have been motivated to improve protection of data communication with a data processor, taught by Kershaw, by providing a runtime based authentication of information, taught by Krig, in order to protect information from a variety of types of malicious data and/or software attacks(see Krig, para. 0008)
 	In regards to claim 16, the combination of Kershaw and Krig teach a computer program product, comprising a computer readable hardware storage device having computer readable program code stored therein, said program code executable by a processor of a computer system to implement a method with program commands to carry out the method as claimed in claim 1(see US 20100107249, Krig, fig. 1, where the device depicted in figure 1 is configured to implement a runtime analysis using digital signature information to perform verification) 	It would have been obvious to one of ordinary skill in the art before the effective filing data of the claimed invention to modify the teaching of Kershaw with the teaching of Krig because a user would have been motivated to improve protection of data communication with a data processor, taught by Kershaw, by providing a runtime based authentication of information, taught by Krig, in order to protect information from a variety of types of malicious data and/or software attacks(see Krig, para. 0008)
(see US 20100107249, Krig, fig. 1, where the device depicted in figure 1 is configured to implement a runtime analysis using digital signature information to perform verification) 	It would have been obvious to one of ordinary skill in the art before the effective filing data of the claimed invention to modify the teaching of Kershaw with the teaching of Krig because a user would have been motivated to improve protection of data communication with a data processor, taught by Kershaw, by providing a runtime based authentication of information, taught by Krig, in order to protect information from a variety of types of malicious data and/or software attacks(see Krig, para. 0008)
 	In regards to claim 18, the combination of Kershaw and Krig teach a provisioning apparatus for a computer program product, comprising a computer readable hardware storage device having computer readable program code stored therein, said program code executable by a processor of a computer system to implement a method as claimed in claim 16, wherein the provisioning apparatus stores and/or provides the computer program product (see US 20100107249, Krig, fig. 1, where the device depicted in figure 1 is configured to implement a runtime analysis using digital signature information to perform verification). 	It would have been obvious to one of ordinary skill in the art before the effective (see Krig, para. 0008)2.) Claim 14 is rejected under 35 U.S.C. 103 as being unpatentable over US 20090172411, Kershaw in view of US 20100107249, Krig and further in view of US 20140258736, Merchan 	In regards to claim 14, the combination of Kershaw and Krig teach the device as claimed in claim 12. The combination of Kershaw and Krig do not teach wherein the device comprises a second transmission module for transmitting the first check value to the processor during the security-protected operating mode and/or a third transmission module for transmitting the second check value to the processor during the runtime mode 	However, Merchan teaches wherein the device comprises a second transmission module for transmitting the first check value to the processor during the security-protected operating mode and/or a third transmission module for transmitting the second check value to the processor during the runtime mode(see US 20140258736, Merchan, para. 0038, where a trusted processor receives digital signature information). 	It would have been obvious to one of ordinary skill in the art before the effective (see Merchan, para. 0006)

3.) Claim 6 is rejected under 35 U.S.C. 103 as being unpatentable over US 20090172411, Kershaw in view of US 20100107249, Krig and further in view of US 8768300, Wu
 	In regards to claim 6, the combination of Kershaw and Krig teach the method as claimed claim 1. The combination of Kershaw and Krig teach do not teach wherein the second check value is expected for the comparison within a predefined time interval, wherein the predefined time interval is calculated, in particular, by a watchdog, wherein the control information is provided if the predefined time interval is exceeded 	However, Wu teaches wherein the second check value is expected for the comparison within a predefined time interval, wherein the predefined time interval is calculated, in particular, by a watchdog, wherein the control information is provided if the predefined time interval is exceeded (see US 8768300, Wu, fig. 9, step S901, S902, and S905, where a time length[i.e. interval] is exceeded, a smart card transmits a short message of destruction[i.e. control message]). 	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Kershaw (see Wu, col. 5, lines 30-49) 


CONCLUSION
Any inquiry concerning this communication or earlier communications from the examiner should be directed to GREGORY LANE whose telephone number is (571)270-7469.  The examiner can normally be reached on 571 270 7469 from 8:00 AM to 6:00 PM.
If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, Taghi Arani, can be reached on 571 272 3787.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).
/GREGORY A LANE/                                              Examiner, Art Unit 2438                                                                                                                                                          /TAGHI T ARANI/                                                    Supervisory Patent Examiner, Art Unit 2438