DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claims 1-20 are pending.
Claims 1-2, 10-12, and 17-18 are amended.
Response to Arguments
Applicant’s argument filed 07/12/2021 have been fully considered.
In response to 35 USC 103, Applicant’s arguments with respect to independent claim(s) 1, 11, and 17 along with their respective dependent claims have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim 1-5, 7-8, 10-15, and 17-19 is/are rejected under 35 U.S.C. 103 as being unpatentable over Pinder (US 20110013773) in view of Oxford et al. (US 20170041302 hereinafter Oxford) and in further view of Ferguson et al. (US 20150082048 hereinafter Ferguson).
Re. claim 1, Pinder teaches a computing device comprising: at least one processor (Pinder teaches processor [0009]); memory (Pinder teaches memory [0019]); a plurality of registers (Pinder teaches first register and second register [Abstract]), wherein the at least one processor is to: initialize the computing device (Pinder teaches a value generator 430 may generate a value to initialize register 440 [0033]), wherein each of the plurality of registers are set to a first value and at least one register is changed to a second value at a first later time, wherein, at a second later time, the at least one register is changed to a third value (Pinder teaches loading a first register with the first input value; generating a second input value; loading a second register with the second input value; updating the first register and the second register at the same time, where the step of updating comprises: applying a first update function to the current value of the second register to determine a third input value; applying an XOR function to the third input value and a fixed string to determine a fourth input value, wherein the fixed string contains a legal notice; incrementing an offset to the fixed string; storing the fourth input value in the first register; applying a second update function to the current values of the first register and the second register to determine a fifth input value; storing the fifth input value in the second register; repeating the step of updating the first register and the second register a predetermined number of times; and outputting the value of the second register as the key [Abstract]. Scrambling key 110 may be changed at fixed intervals of time, such as every few seconds, to maintain a secure system [0014] (multiple values are changed at a fixed time)).
Although Pinder discloses shared secret and value, Pinder does not explicitly disclose but Oxford discloses wherein the at least one processor is further to generate a shared secret based on the second value (Oxford teaches the key (Kh) is derived from a deviceID (or serial number) 1022 and the value of a Kh(N-1) (this value is interpreted as multiple values) register 1020. The value of a Kh(N-1) register 1020 is based on the hardware OTP secret (KhOTP) in Kh_otp register 1016 and the value in Kh Next register 1018. The output 1024 of the hash function block (e.g., HMAC) 1014 may be a new secret KhN, which is also used as the Kh Next register 1018 update input [0118]. Hash function block 410 may be a cryptographic one-way hash function [0061]).  
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Oxford into the invention of Pinder for the purpose of sharing of secret data in a secure manner for a connected device after it has been deployed in the field including the creation and sharing of secret data between endpoints (Oxford [0005]).
Although Pinder-Oxford discloses changing multiple values at a fixed time, Pinder-Oxford do not explicitly disclose but Ferguson discloses Wherein the first later time and the second later time occur during a boot process of the computing device (Ferguson teaches An application identity key is derived for each stage of a boot process of the computing device 102 (e.g., a process performed by the boot loader 116). Each stage of the boot process may load and/or execute a component (e.g., an application or other data), derive an application identify key for the sequence of application identity keys 208, delete a preceding application identity key of the sequence of application identity keys 208, and then launch a next stage of the boot process. This may continue any number of times through all stages of the boot process (changing values occur during boot process) [42]. A security configuration of the TrEE loader 120 has been updated "n" times, and a TrEE loader encryption key has been generated for each of the TrEE loader values 1-n corresponding to the security configurations of the TrEE loader [60] Figs. 2 and 3).
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Ferguson into the invention (Ferguson [61]).
Re. claim 2, Pinder-Oxford-Ferguson teach the computing device of claim 1, wherein the memory includes a location that is set to a fourth value, changed to a fifth value at a third later time, and wherein the shared secret is further based on the fourth value (Pinder teaches loading a first register with the first input value; generating a second input value; loading a second register with the second input value; updating the first register and the second register at the same time, where the step of updating comprises: applying a first update function to the current value of the second register to determine a third input value; applying an XOR function to the third input value and a fixed string to determine a fourth input value, wherein the fixed string contains a legal notice; incrementing an offset to the fixed string; storing the fourth input value in the first register; applying a second update function to the current values of the first register and the second register to determine a fifth input value; storing the fifth input value in the second register; repeating the step of updating the first register and the second register a predetermined number of times; and outputting the value of the second register as the key [Abstract]. Scrambling key 110 may be changed at fixed intervals of time, such as every few seconds, to maintain a secure system [0014]. The registers may be defined locations in a memory associated with a key derivation system [0025] (multiple values are changed at a fixed time)). 
Although Pinder-Oxford discloses changing multiple values at a fixed time, Pinder-Oxford do not explicitly disclose but Ferguson discloses wherein the third later time occurs during the boot process of the computing device (Ferguson teaches An application identity key is derived for each stage of a boot process of the computing device 102 (e.g., a process performed by the boot loader 116). Each stage of the boot process may load and/or execute a component (e.g., an application or other data), derive an application identify key for the sequence of application identity keys 208, delete a preceding application identity key of the sequence of application identity keys 208, and then launch a next stage of the boot process. This may continue any number of times through all stages of the boot process (changing values occur during boot process) [42]. A security configuration of the TrEE loader 120 has been updated "n" times, and a TrEE loader encryption key has been generated for each of the TrEE loader values 1-n corresponding to the security configurations of the TrEE loader [60] Figs. 2 and 3), and wherein the computing device is handed over to a host operating system after the boot process completes (Ferguson teaches the TrEE core 122 may maintain the image identity operation key 210 and may continue to operate after the boot process is complete (e.g., including maintaining the image identity operation key 210) [45]. the computing device 102 may send the device identifier and the log of applications that have been loaded at any time [77]).
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Ferguson into the invention of Pinder-Oxford for the purpose of allow an authorized attack to be isolated within a level and avoid replacing all keys (Ferguson [61]).
Re. claim 3, Pinder-Oxford-Ferguson teach the computing device of claim 1, Pinder do not explicitly disclose but Oxford discloses wherein the at least one register is included in a baseboard management controller (Oxford teaches application specific integrated circuit (ASIC) that includes the Kh_otp may be fabricated by a different entity than the provider of the target device and may even be in a different geographic location or country [0065]).  
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Oxford into the invention of Pinder for the purpose of provisioning immutable secret key on a target device (Oxford [0065]).
Re. claim 4, Pinder-Oxford-Ferguson teach the computing device of claim 1, Pinder do not explicitly disclose but Oxford discloses wherein the at least one register is included in a controller (Oxford teaches the chip or application specific integrated circuit (ASIC) that includes the Kh_otp may be fabricated by a different entity than the provider of the target device and may even be in a different geographic location or country [0065]).  
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Oxford into the invention of Pinder for the purpose of provisioning immutable secret key on a target device (Oxford [0065]).
Re. claim 5, Pinder-Oxford-Ferguson teach the computing device of claim 1, Pinder do not explicitly disclose but Oxford discloses wherein the shared secret is the same for a plurality of computing systems (Oxford teaches the re-writeable register may be initialized to a known value (e.g., zero) and the only option that may be available for the system to execute in secure mode in that state may be to write a value into the re-writeable portion of the register [0047]. provisioning of the immutable secret key Kh_otp on a target device [0065]).  
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Oxford into the invention of Pinder for the purpose of provisioning immutable secret key and able to execute more general purpose code while in secure mode (Oxford [0047] [0065]).
Re. claim 7, Pinder-Oxford-Ferguson teach the computing device of claim 1, wherein a derivation function is used to create the shared secret (Pinder teaches A key ladder may be used to derive a key from a given set of inputs. As part of the key ladder process, a string of values may be employed [0012]).  
Re. claim 8, Pinder-Oxford-Ferguson teach the computing device of claim 7, Pinder do not explicitly disclose but Oxford discloses wherein the derivation function is a one way hash function (Oxford teaches the key (Kh) is derived from a deviceID (or serial number) 1022 and the value of a Kh(N-1) register 1020. The value of a Kh(N-1) register 1020 is based on the hardware OTP secret (KhOTP) in Kh_otp register 1016 and the value in Kh Next register 1018. The output 1024 of the hash function block (e.g., HMAC) 1014 may be a new secret KhN, which is also used as the Kh Next register 1018 update input [0118]. Hash function block 410 may be a cryptographic one-way hash function [0061]).  
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Oxford into the invention of Pinder for the purpose of sharing of secret data in a secure manner for a connected device after it has been deployed in the field including the creation and sharing of secret data between endpoints (Oxford [0005]).
Re. claim 10, Pinder-Oxford-Ferguson teach the computing device of claim 1, Pinder do not explicitly disclose but Oxford discloses wherein the shared secret is the unique for each of a plurality of computing systems, and wherein the shared second value is predicatable (Oxford teaches the value stored in this register (referred to as the current Kh Next value) can be overwritten only by a correctly authorized secure operation (or Sec_Op). Such a Sec_Op can only be authorized by an entity that provides an AuthCode based on the current value of the volatile Kh register (which defaults to the Kh_ otp value at power-up) or a value derivative thereof (if the volatile secret register has been written to using a correctly authorized Sec_Op) [0058]. The factory mode register 670 may be a one-time programmable register (e.g., of one bit) initially in a factory mode state (e.g., a value of one) that, once the fuses are blown, may be fixed to a normal mode state (e.g., a value of zero) and may never be reset back to the factory mode state (e.g., one) [101]).  
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Oxford into the invention of Pinder for the purpose of provisioning immutable secret key and able to execute more general purpose code while in secure mode (Oxford [0047] [0065]).
when executed by a physical processing element of a device, cause the device to: initialize the device, wherein a first register is set to a first value (Pinder teaches the input values may be generated in response to user input [0024]. A value generator 430 may generate a value to initialize register 440 [0033]); read the first register at a time after the first value is changed to a second value, wherein at a second later time, the first register is changed to a third value (Pinder teaches loading a first register with the first input value; generating a second input value; loading a second register with the second input value; updating the first register and the second register at the same time, where the step of updating comprises: applying a first update function to the current value of the second register to determine a third input value; applying an XOR function to the third input value and a fixed string to determine a fourth input value, wherein the fixed string contains a legal notice; incrementing an offset to the fixed string; storing the fourth input value in the first register; applying a second update function to the current values of the first register and the second register to determine a fifth input value; storing the fifth input value in the second register; repeating the step of updating the first register and the second register a predetermined number of times; and outputting the value of the second register as the key [Abstract]. Scrambling key 110 may be changed at fixed intervals of time, such as every few seconds, to maintain a secure system [0014] (multiple values are changed at a fixed time)).
Although Pinder discloses shared secret and value, Pinder does not explicitly disclose but Oxford discloses generate a shared secret using a slow derivation function based on the second value (Oxford teaches the key (Kh) is derived from a deviceID (or serial number) 1022 and the value of a Kh(N-1) (this value is interpreted as multiple values) register 1020. The value of a Kh(N-1) register 1020 is based on the hardware OTP secret (KhOTP) in Kh_otp register 1016 and the value in Kh Next register 1018. The output 1024 of the hash function block (e.g., HMAC) 1014 may be a new secret KhN, which is also used as the Kh Next register 1018 update input [0118]. Hash function block 410 may be a cryptographic one-way hash function [0061]).  
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Oxford into the invention of Pinder for the purpose of sharing of secret data in a secure manner for a connected device after it has been deployed in the field including the creation and sharing of secret data between endpoints (Oxford [0005]).
Although Pinder-Oxford discloses changing multiple values at a fixed time, Pinder-Oxford do not explicitly disclose but Ferguson discloses wherein the first later time and the second later time occur during a boot process of the computing device (Ferguson teaches An application identity key is derived for each stage of a boot process of the computing device 102 (e.g., a process performed by the boot loader 116). Each stage of the boot process may load and/or execute a component (e.g., an application or other data), derive an application identify key for the sequence of application identity keys 208, delete a preceding application identity key of the sequence of application identity keys 208, and then launch a next stage of the boot process. This may continue any number of times through all stages of the boot process (changing values occur during boot process) [42]. A security configuration of the TrEE loader 120 has been updated "n" times, and a TrEE loader encryption key has been generated for each of the TrEE loader values 1-n corresponding to the security configurations of the TrEE loader [60] Figs. 2 and 3).
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Ferguson into the invention of Pinder-Oxford for the purpose of allow an authorized attack to be isolated within a level and avoid replacing all keys (Ferguson [61]).
(Pinder teaches loading a first register with the first input value; generating a second input value; loading a second register with the second input value; updating the first register and the second register at the same time, where the step of updating comprises: applying a first update function to the current value of the second register to determine a third input value; applying an XOR function to the third input value and a fixed string to determine a fourth input value, wherein the fixed string contains a legal notice; incrementing an offset to the fixed string; storing the fourth input value in the first register; applying a second update function to the current values of the first register and the second register to determine a fifth input value; storing the fifth input value in the second register; repeating the step of updating the first register and the second register a predetermined number of times; and outputting the value of the second register as the key [Abstract]. Scrambling key 110 may be changed at fixed intervals of time, such as every few seconds, to maintain a secure system [0014] (multiple values are changed at a fixed time)), wherein the third later time occurs during the boot process of the computing device (Ferguson teaches An application identity key is derived for each stage of a boot process of the computing device 102 (e.g., a process performed by the boot loader 116). Each stage of the boot process may load and/or execute a component (e.g., an application or other data), derive an application identify key for the sequence of application identity keys 208, delete a preceding application identity key of the sequence of application identity keys 208, and then launch a next stage of the boot process. This may continue any number of times through all stages of the boot process (changing values occur during boot process) [42]. A security configuration of the TrEE loader 120 has been updated "n" times, and a TrEE loader encryption key has been generated for each of the TrEE loader values 1-n corresponding to the security configurations of the TrEE loader [60] Figs. 2 and 3).  
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Ferguson into the invention of Pinder-Oxford for the purpose of allow an authorized attack to be isolated within a level and avoid replacing all keys (Ferguson [61]).
Re. claim 13, Pinder-Oxford-Ferguson teach the non-transitory machine-readable storage medium of claim 11, Pinder do not explicitly disclose but Oxford discloses wherein the first register is included in or accessible by a baseboard management controller (Oxford teaches application specific integrated circuit (ASIC) that includes the Kh_otp may be fabricated by a different entity than the provider of the target device and may even be in a different geographic location or country [0065]).  
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Oxford into the invention of Pinder for the purpose of provisioning immutable secret key on a target device (Oxford [0065]).
Re. claim 14, Pinder-Oxford-Ferguson teach the non-transitory machine-readable storage medium of claim 11, Pinder do not explicitly disclose but Oxford discloses wherein the shared secret is unique for a plurality of computing systems (Oxford teaches the value stored in this register (referred to as the current Kh Next value) can be overwritten only by a correctly authorized secure operation (or Sec_Op). Such a Sec_Op can only be authorized by an entity that provides an AuthCode based on the current value of the volatile Kh register (which defaults to the Kh_ otp value at power-up) or a value derivative thereof (if the volatile secret register has been written to using a correctly authorized Sec_Op) [0058]).  
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Oxford into the invention of (Oxford [0047] [0065]).
Re. claim 15, Pinder-Oxford-Ferguson teach the non-transitory machine-readable storage medium of claim 11, Pinder do not explicitly disclose but Oxford discloses wherein a derivation function is used to create the shared secret, wherein the slow derivation function is a one way hash function (Oxford teaches the key (Kh) is derived from a deviceID (or serial number) 1022 and the value of a Kh(N-1) register 1020. The value of a Kh(N-1) register 1020 is based on the hardware OTP secret (KhOTP) in Kh_otp register 1016 and the value in Kh Next register 1018. The output 1024 of the hash function block (e.g., HMAC) 1014 may be a new secret KhN, which is also used as the Kh Next register 1018 update input [0118]. Hash function block 410 may be a cryptographic one-way hash function [0061]).  
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Oxford into the invention of Pinder for the purpose of sharing of secret data in a secure manner for a connected device after it has been deployed in the field including the creation and sharing of secret data between endpoints (Oxford [0005]).
Re. claim 17, Pinder teaches a method comprising:19Attorney Docket No.: 90659712 (PDN0710227311) initializing a device, wherein a first register of the device is set to a first value (Pinder teaches the input values may be generated in response to user input [0024]); reading the first register at a first later time after the first value is changed to a second value, wherein a value of the first register subsequently changes to a third value at a second later time, wherein the device further includes a memory and the memory includes a location that is set to a fourth value and changed to a fifth value at a third later time (Pinder teaches loading a first register with the first input value; generating a second input value; loading a second register with the second input value; updating the first register and the second register at the same time, where the step of updating comprises: applying a first update function to the current value of the second register to determine a third input value; applying an XOR function to the third input value and a fixed string to determine a fourth input value, wherein the fixed string contains a legal notice; incrementing an offset to the fixed string; storing the fourth input value in the first register; applying a second update function to the current values of the first register and the second register to determine a fifth input value; storing the fifth input value in the second register; repeating the step of updating the first register and the second register a predetermined number of times; and outputting the value of the second register as the key [Abstract]. Scrambling key 110 may be changed at fixed intervals of time, such as every few seconds, to maintain a secure system [0014] (multiple values are changed at a fixed time)); reading the fourth value (Pinder teaches storing the fourth input value in the first register (storing is interpreted as reading) [Abstract]).
Although Pinder discloses shared secret and value, Pinder does not explicitly disclose but Oxford discloses generating a shared secret based on the second value and the fourth value using a slow derivation function including a one way hash function (Oxford teaches the key (Kh) is derived from a deviceID (or serial number) 1022 and the value of a Kh(N-1) (this value is interpreted as multiple values) register 1020. The value of a Kh(N-1) register 1020 is based on the hardware OTP secret (KhOTP) in Kh_otp register 1016 and the value in Kh Next register 1018. The output 1024 of the hash function block (e.g., HMAC) 1014 may be a new secret KhN, which is also used as the Kh Next register 1018 update input [0118]. Hash function block 410 may be a cryptographic one-way hash function [0061]).  
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Oxford into the invention of Pinder for the purpose of sharing of secret data in a secure manner for a connected device after it has (Oxford [0005]).
Although Pinder-Oxford discloses changing multiple values at a fixed time, Pinder-Oxford do not explicitly disclose but Ferguson discloses wherein the first later time and the second later time, and the third later time occur during a boot process of the computing device (Ferguson teaches An application identity key is derived for each stage of a boot process of the computing device 102 (e.g., a process performed by the boot loader 116). Each stage of the boot process may load and/or execute a component (e.g., an application or other data), derive an application identify key for the sequence of application identity keys 208, delete a preceding application identity key of the sequence of application identity keys 208, and then launch a next stage of the boot process. This may continue any number of times through all stages of the boot process (changing values occur during boot process) [42]. A security configuration of the TrEE loader 120 has been updated "n" times, and a TrEE loader encryption key has been generated for each of the TrEE loader values 1-n corresponding to the security configurations of the TrEE loader [60] Figs. 2 and 3).
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Ferguson into the invention of Pinder-Oxford for the purpose of allow an authorized attack to be isolated within a level and avoid replacing all keys (Ferguson [61]).
Re. claim 18, Pinder-Oxford-Ferguson teach the method of claim 17, Pinder do not explicitly disclose but Oxford discloses wherein the first register is included in a baseboard management controller (Oxford teaches application specific integrated circuit (ASIC) that includes the Kh_otp may be fabricated by a different entity than the provider of the target device and may even be in a different geographic location or country [0065]).  
(Oxford [0065]).
Although Pinder-Oxford discloses changing multiple values at a fixed time, Pinder-Oxford do not explicitly disclose but Ferguson discloses wherein the computing device is handed over to a host operating system after the boot process completes (Ferguson teaches the TrEE core 122 may maintain the image identity operation key 210 and may continue to operate after the boot process is complete (e.g., including maintaining the image identity operation key 210) [45]. the computing device 102 may send the device identifier and the log of applications that have been loaded at any time [77]).
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Ferguson into the invention of Pinder-Oxford for the purpose of allow an authorized attack to be isolated within a level and avoid replacing all keys (Ferguson [61]).
Re. claim 19, Pinder-Oxford-Ferguson teach the method of claim 17, wherein the shared secret is the unique for a plurality of computing systems (Oxford teaches the value stored in this register (referred to as the current Kh Next value) can be overwritten only by a correctly authorized secure operation (or Sec_Op). Such a Sec_Op can only be authorized by an entity that provides an AuthCode based on the current value of the volatile Kh register (which defaults to the Kh_ otp value at power-up) or a value derivative thereof (if the volatile secret register has been written to using a correctly authorized Sec_Op) [0058]).  
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Oxford into the invention of Pinder for the purpose of provisioning immutable secret key and able to execute more general purpose code while in secure mode (Oxford [0047] [0065])
Claims 6, 9, 16, and 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Pinder (US 20110010552), Oxford et al. (US 20170041302 hereinafter Oxford), Ferguson et al. (US 20150082048 hereinafter Ferguson) and in further view of Moon et al. (US 20190163910 hereinafter Moon).
Re. claim 6, Pinder-Oxford-Ferguson teach the computing device of claim 1, Pinder-Oxford-Ferguson do not explicitly disclose but Moon discloses wherein the shared secret is used to authenticate or decrypt a firmware update (Moon teaches receiving, by the security memory loader, an encrypted normal firmware image including a firmware update code from the device security management server, wherein the received encrypted normal firmware image may be updated in the memory of the device [0023]).  
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Moon into the invention of Pinder-Oxford-Ferguson for the purpose of verifies the authentication and integrity of the firmware (Moon [0011]).
Re. claim 9, Pinder-Oxford-Ferguson teach the computing device of claim 1, Pinder-Oxford-Ferguson do not explicitly disclose but Moon discloses wherein the shared secret is used to subsequently decrypt and validate a firmware image (Moon teaches key information used to encrypt the firmware, and authentication information used to authenticate the firmware, and the firmware loading memory area may represent a space in which a decrypted firmware image is loaded after the encrypted firmware is decrypted with the key [0032]).  
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Moon into the invention of Pinder-Oxford-Ferguson for the purpose of verifies the authentication and integrity of the firmware (Moon [0011]).
(Moon teaches key information used to encrypt the firmware, and authentication information used to authenticate the firmware, and the firmware loading memory area may represent a space in which a decrypted firmware image is loaded after the encrypted firmware is decrypted with the key [0032]).  
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Moon into the invention of Pinder-Oxford-Ferguson for the purpose of verifies the authentication and integrity of the firmware (Moon [0011]).
Re. claim 20, Pinder-Oxford-Ferguson teach the method of claim 17, Pinder-Oxford-Ferguson do not explicitly disclose but Moon discloses wherein the shared secret is used to authenticate a firmware (Moon teaches The secure memory loader of the service device 1 extracts key data, verifies the validity of the extracted key data, and decrypts the encrypted firmware stored in the specific area of the flash memory using the validated key data to verify the security of the firmware from the viewpoint of confidentiality after the self-security verification has passed [0069]).
Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Moon into the invention of Pinder-Oxford-Ferguson for the purpose of verifies the authentication and integrity of the firmware (Moon [0011]).


Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Crowley (US 20180157840) discloses during a boot process of a computing device, includes the actions of obtaining a secret key derived from device-specific information for the computing device..
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to KEVIN A AYALA whose telephone number is (571)270-3912.  The examiner can normally be reached on Monday-Thursday 8AM-5PM; Friday: Variable EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Shewaye Gelagay can be reached on 571-272-4219.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.







/K.A./Examiner, Art Unit 2436                                                                                                                                                                                                        
/SHEWAYE GELAGAY/Supervisory Patent Examiner, Art Unit 2436