Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This action is in reply to papers filed on 01/28/2020. Claims 1-20 are pending. Claims 1, 8, and 15 are independent.  

Priority
Acknowledgment is made of applicant’s claim for foreign priority under 35 U.S.C. 119 (a)-(d). This application claims the foreign priority of foreign patent application IN201921003516 filed on 01/29/2019. Receipt is acknowledged of certified copies required by 37 CFR 1.55.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 2, 9, 16, and 18 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.

As per claim 2: Claim 2 recites “device tree binary”. The term “device tree binary” makes the claim ambiguous and indefinite in that it is unclear whether the decrypted “device tree binary” in claim golden copy of a device tree binary” or the “running copy of the device tree binary” in claim 1, from which claim 2 is dependent upon (emphasis added).

As per claim 9: Claim 9 recites “device tree binary”. The term “device tree binary” makes the claim ambiguous and indefinite in that it is unclear whether the decrypted “device tree binary” in claim 9 is referring to the “golden copy of a device tree binary” or the “running copy of the device tree binary” in claim 8, from which claim 9 is dependent upon (emphasis added).

As per claim 16: Claim 16 recites “a corrective action” (line 5). The term “a corrective action” makes the claim ambiguous and indefinite in that it lacks proper antecedent basis. It is unclear whether the “corrective action” in claim 16 is referring to the same “corrective action” in claim 15, from which claim 16 is dependent upon, or a different “corrective action”.

As per claim 18: Claim 18 recites “device tree binary”. The term “device tree binary” makes the claim ambiguous and indefinite in that it is unclear whether the decrypted “device tree binary” in claim 18 is referring to the “golden copy of a device tree binary” or the “running copy of the device tree binary” in claim 15, from which claim 18 is dependent upon (emphasis added).

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.

Claims 1, 3-4, and 6 are rejected under 35 U.S.C. 103 as being unpatentable over Shukla, US 2019/0121886 A1 (hereinafter, “Shukla ‘886”) in view of Gonzalez Diaz et al., US 2017/0177245 A1 (hereinafter, “Gonzalez ‘245”).

As per claim 1: Shukla ‘886 discloses: A method comprising: 
storing a golden copy (standard structured data 250; the standard structured 250 data refers to a golden copy of structured data 200 that specifies information for each standard element 260, and is stored on the data storage hardware 160 [Shukla ‘886, ¶27; Fig. 1]) of a device tree binary of a system (the structured data 200 may be binary data in a tree structure; the structured data 200 may represent Basic Input/Output System (BIOS) data and firmware of devices and hardware [Shukla ‘886, ¶¶2, 6, 10, 20, 23-25]) 
identifying whether one or more parameters (data elements 210 [Shukla, ¶¶24-25; Fig. 1]) of a running copy (structured data 200; data elements 210 are identified and extracted from the structured data 200 [Shukla, ¶¶24-25; Fig. 1]) of the device tree binary of the system are different from corresponding parameters of the golden copy (standard structured data 250 [Shukla ‘886, ¶27; Fig. 1]) by comparing the running copy with the golden copy (comparing the data elements 210 of the structured data 200 with the corresponding standard elements 260 of the standard structured data 250 to identify differences [Shukla ‘886, ¶27; Fig. 1]); and 
performing a corrective action responsive to an indication that at least one of the one or more parameters of the running copy are different from the corresponding parameters of the golden copy (generating a signal 172 indicating the presence of a different or unexpected element 210 in the structured data 200 [Shukla ‘886, ¶¶ 20, 32, 43, 53; Fig. 1, Fig. 7]).
Shukla ‘886, as stated above, does not explicitly disclose: “storing a golden copy … in a trusted execution environment”.
Gonzalez ‘245, however, discloses: storing a golden copy (System Manage Mode (SMM) authentication Information Element (IE) 148; the SMM authentication IE 148 is derived from a master copy of the SMM Control Routine 134 [Gonzalez ‘245, ¶30; Fig. 1]) … in a trusted execution environment (the SMM authentication IE 148 is stored in the Trusted Execution Environment (TEE) Storage 146 in TEE 140 [Gonzalez ‘245, ¶¶18-19, 26, 30; Fig. 1]).
Shukla ‘886 and Gonzalez ‘245 are analogous art because they are from the same field of endeavor, namely that of verifying the integrity of data. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Shukla ‘886 and Gonzalez ‘245 before them, to modify the method in Shukla ‘886 to include the teachings of Gonzalez ‘245, namely to store the standard structured data 250 in a trusted execution environment (TEE). The motivation for doing so would be to provide a secure environment for processing and/or storing sensitive information such as master/golden copies of data (Gonzalez ‘245, ¶32).

As per claim 3: Shukla ‘886 in view of Gonzalez ‘245 discloses all limitations of claim 1, as stated above, from which claim 3 is dependent upon. Furthermore, Shukla ‘886 discloses: wherein performing the corrective action (generating a signal 172 indicating the presence of a different or unexpected element 210 in the structured data 200 [Shukla ‘886, ¶¶ 20, 32, 43, 53; Fig. 1, Fig. 7]) includes at least one of: 
quarantining a component of the system associated with the one or more parameters (devices with unexpected or different elements are considered to be compromised, flagged, and removed from a whitelist [Shukla ‘886, ¶¶20-21, 32, 36-38, 42-43; Fig. 5B, Fig. 5C]); 
evaluating each of the one or more parameters of the running copy identified as different from the corresponding parameters of the golden copy (comparing the data elements 210 of the structured data 200 with the corresponding standard elements 260 of the standard structured data 250 to identify differences [Shukla ‘886, ¶27; Fig. 1]); or 
notifying a user of the system (generating a signal 172 indicating the presence of a different or unexpected element 210 in the structured data 200 and causing a user interface 182 to display a notification of the presence of a different or unexpected element 210 [Shukla ‘886, ¶53; Fig. 1, Fig. 7]).

As per claim 4: Shukla ‘886 in view of Gonzalez ‘245 discloses all limitations of claim 1, as stated above, from which claim 4 is dependent upon. Furthermore, Shukla ‘886 discloses: further comprising generating the running copy of the device tree binary (structured data 200, where the structured data 200 may be binary data in a tree structure; samples of the structured data 200 are generated and then received by verifier 150 [Shukla ‘886, ¶¶2, 6, 10, 20-25; Fig. 1]).

As per claim 6: Shukla ‘886 in view of Gonzalez ‘245 discloses all limitations of claim 1, as stated above, from which claim 6 is dependent upon. Furthermore, Shukla ‘886 discloses: further comprising receiving the running copy of the device tree binary (structured data 200, where the structured data 200 may be binary data in a tree structure [Shukla ‘886, ¶¶2, 6, 10, 20, 23-25]) from a non-trusted execution environment (samples of the structured data 200 are received by verifier 150 from user device 102; under the broadest reasonable interpretation, user device 102 is interpreted to be a “non-trusted execution environment” [Shukla ‘886, ¶¶24, 32-33; Fig. 1]).

Claim 2 is rejected under 35 U.S.C. 103 as being unpatentable over Shukla ‘886 in view of Gonzalez ‘245 and further in view of Kobres, US 10,887,296 B2 (hereinafter, “Kobres ‘296”).

As per claim 2: Shukla ‘886 in view of Gonzalez ‘245 discloses all limitations of claim 1, as stated above, from which claim 2 is dependent upon. Shukla ‘886 in view of Gonzalez ‘245 does not explicitly disclose the limitations of claim 2.
further comprising decrypting the device tree binary of the system (secure provisioning manifest 250; decrypting the secure provisioning manifest 250 using a private key 245 [Kobres ‘296, Col. 9 line 10, Col. 11 line 49; Fig. 4, Fig. 5]), wherein the device tree binary is a data structure describing one or more hardware components of the system (the secure provisioning manifest 250 is a data structure that includes information identifying hardware peripherals that are attached to the computer system [Kobres ‘296, Col. 3 line 51, Col. 6 line 53, Col. 12 line 63; Fig. 4, Fig. 5]).
Shukla ‘886 (modified by Gonzalez ‘245) and Kobres ‘296 are analogous art because they are from the same field of endeavor, namely that of managing hardware/devices within a computing environment. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Shukla ‘886 (modified by Gonzalez ‘245) and Kobres ‘296 before them, to modify the method in Shukla ‘886 (modified by Gonzalez ‘245) to include the teachings of Kobres ‘296, namely to decrypt a structured data 200, such as an encrypted secure provisioning manifest 250, which contains information identifying devices and hardware attached to the computer system. The motivation for doing so would be to provide secure communications with authenticated hardware peripherals attached to the computer system (Kobres ‘296, Col. 1 line 62, Col. 9 line 18).

Claim 5 is rejected under 35 U.S.C. 103 as being unpatentable over Shukla ‘886 in view of Gonzalez ‘245 and further in view of Radjabi et al., US 10,922,068 B1 (hereinafter, “Radjabi ‘068”).

As per claim 5: Shukla ‘886 in view of Gonzalez ‘245 discloses all limitations of claims 1 and 4, as stated above, all from which claim 5 is dependent upon. Furthermore, Shukla ‘886 discloses: wherein generating the running copy of the device tree binary (structured data 200, where the structured data  further comprises recording one or more parameters associated with one or more components of the system (elements 210 of the structured data 200 and element comparisons are recorded and stored in within a structured data registry 162 and an element registry 164 [Shukla ‘886, ¶¶27-28, 34-36; Fig. 1, Fig. 5B, Fig. 5C])
Shukla ‘886 in view of Gonzalez ‘245, as stated above, does not explicitly disclose: “… one or more parameters associated with one or more components of the system … wherein the one or more parameters are presented in a kernel pseudo file”.
Radjabi ‘068, however, discloses: one or more parameters associated with one or more components of the system (device data file 114 includes information about kernel subsystems and hardware devices coupled to the computer system [Radjabi ‘068, Col. 6 lines 27-33; Fig. 1]) … wherein the one or more parameters are presented in a kernel pseudo file (the device data file is presented as a pseudo file capable of exporting information from the device model of the kernel [Radjabi ‘068, Col. 6 lines 33-40; Fig. 1]).
Shukla ‘886 (modified by Gonzalez ‘245) and Radjabi ‘068 are analogous art because they are from the same field of endeavor, namely that of managing hardware/devices within a computing environment. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Shukla ‘886 (modified by Gonzalez ‘245) and Radjabi ‘068 before them, to modify the method in Shukla ‘886 (modified by Gonzalez ‘245) to include the teachings of Radjabi ‘068, namely to present the structured data registry 162 and an element registry 164 as pseudo files capable of exporting information from the device model of the kernel. The motivation for doing so would be to make hardware device information easily available to the user space through virtual files (Radjabi ‘068, Col. 6 lines 36-40).

Claim 7  is rejected under 35 U.S.C. 103 as being unpatentable over Shukla ‘886 in view of Gonzalez ‘245 and further in view of Truskovsky et al., US 2013/0326614 A1 (hereinafter, “Truskovsky ‘614”).

As per claim 7: Shukla ‘886 in view of Gonzalez ‘245 discloses all limitations of claim 1, as stated above, from which claim 7 is dependent upon. Furthermore, Shukla ‘886 discloses: further comprising(structured data 200; the structured data 200 may be binary data in a tree structure; the structured data 200 may represent Basic Input/Output System (BIOS) data and firmware of devices and hardware [Shukla ‘886, ¶¶2, 6, 10, 20, 23-25]) 
Shukla ‘886 in view of Gonzalez ‘245, as stated above, does not explicitly disclose: “determining that a timer has been attacked based on an indication that … has not been generated or received before the timer expired.”
Truskovsky ‘614, however, discloses: determining that a timer has been attacked (determining that a hacker has modified the system clock to manipulate a ticket’s period of validity [Truskovsky ‘614, ¶¶131-132]) based on an indication that … has not been generated or received before the timer expired (expired time-limited tickets are recorded in a list of revoked tickets, and an attempt to use a revoked time-limited ticket indicates that the ticket’s period of validity has been manipulated [Truskovsky ‘614, ¶¶130-132]).
Shukla ‘886 (modified by Gonzalez ‘245) and Truskovsky ‘614 are analogous art because they are from the same field of endeavor, namely that of controlling access to secure resources and preventing security breaches in devices. Prior to the effective filing date of the claimed invention, it would have .

Claims 8, 10-11 and 13 are rejected under 35 U.S.C. 103 as being unpatentable over Shukla ‘886 in view of Posini, US 2015/0268952 A1 (hereinafter, “Posini ‘952”).

As per claim 8: Shukla ‘886 discloses: A system for detecting an attack to an internet-of-things enabled device (a system for detecting and determining whether a device on a network is compromised by malicious code [Shukla ‘886, ¶¶2, 20-21]), the system comprising: 
one or more memory devices having instructions stored thereon (memory 620 stores sequences of instructions [Shukla ‘886, ¶¶46-47; Fig. 6]) that, when executed by one or more processors, cause the one or more processors to perform operations (processors 610 executing computer programs stored in memory to perform functions and operations [Shukla ‘886, ¶¶45, 55-56; Fig. 6]) comprising:  

storing a golden copy (standard structured data 250; the standard structured 250 data refers to a golden copy of structured data 200 that specifies information for each standard element 260, and is stored on the data storage hardware 160 [Shukla ‘886, ¶27; Fig. 1]) of a device tree binary of the system (the structured data 200 may be binary data in a tree structure; the structured data 200 may represent Basic Input/Output System (BIOS) data and firmware of devices and hardware [Shukla ‘886, ¶¶2, 6, 10, 20, 23-25]); 
identifying whether one or more parameters (data elements 210 [Shukla, ¶¶24-25; Fig. 1]) of a running copy (structured data 200; data elements 210 are identified and extracted from the structured data 200 [Shukla, ¶¶24-25; Fig. 1]) of the device tree binary of the system are different from corresponding parameters of the golden copy (standard structured data 250 [Shukla ‘886, ¶27; Fig. 1])  by comparing the running copy with the golden copy (comparing the data elements 210 of the structured data 200 with the corresponding standard elements 260 of the standard structured data 250 to identify differences [Shukla ‘886, ¶27; Fig. 1]); and 
performing a corrective action responsive to an indication that at least one of the one or more parameters of the running copy are different from the corresponding parameters of the golden copy (generating a signal 172 indicating the presence of a different or unexpected element 210 in the structured data 200 [Shukla ‘886, ¶¶ 20, 32, 43, 53; Fig. 1, Fig. 7]).
Shukla ‘886, as stated above, does not explicitly disclose: “loading an operating system in a trusted execution environment, wherein at least part of the operating system is used as a root of trust”.
Posini ‘952, however, discloses: loading an operating system in a trusted execution environment (a trusted operating system (OS) 305 is loaded in a trusted execution environment (TEE) 301 [Posini ‘952, ¶¶31-32, 41; Fig. 3]), wherein at least part of the operating system is used as a root of trust (the system-on-chip (SoC) 300 includes a trusted OS 305, where the root of trust provided by the 
Shukla ‘886 and Posini ‘952 are analogous art because they are from the same field of endeavor, namely that of managing hardware/devices within a computing environment. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Shukla ‘886 and Posini ‘952 before them, to modify the method in Shukla ‘886 to include the teachings of Posini ‘952, namely to perform the method described above in a trusted execution environment (TEE) where is operating system (OS) is loaded an used as a root of trust. The motivation for doing so would be to provide a secure environment for processing and/or storing sensitive information and guarantee that only authorized code can be executed in the TEE (Posini ‘952, ¶¶35, 41).

As per claim 10: Shukla ‘886 in view of Posini ‘952 discloses all limitations of claim 8, as stated above, from which claim 10 is dependent upon. Furthermore, Shukla ‘886 discloses: wherein performing the corrective action (generating a signal 172 indicating the presence of a different or unexpected element 210 in the structured data 200 [Shukla ‘886, ¶¶ 20, 32, 43, 53; Fig. 1, Fig. 7]) includes at least one of: 
quarantining a component of the system associated with the one or more parameters (devices with unexpected or different elements are considered to be compromised, flagged, and removed from a whitelist [Shukla ‘886, ¶¶20-21, 32, 36-38, 42-43; Fig. 5B, Fig. 5C]); 
evaluating each of the one or more parameters of the running copy identified as different from the corresponding parameters of the golden copy (comparing the data elements 210 of the structured data 200 with the corresponding standard elements 260 of the standard structured data 250 to identify differences [Shukla ‘886, ¶27; Fig. 1]); or 
notifying a user of the system (generating a signal 172 indicating the presence of a different or unexpected element 210 in the structured data 200 and causing a user interface 182 to display a notification of the presence of a different or unexpected element 210 [Shukla ‘886, ¶53; Fig. 1, Fig. 7]).

As per claim 11: Shukla ‘886 in view of Posini ‘952 discloses all limitations of claim 8, as stated above, from which claim 11 is dependent upon. Furthermore, Shukla ‘886 discloses: further comprising generating the running copy of the device tree binary (structured data 200, where the structured data 200 may be binary data in a tree structure; samples of the structured data 200 are generated and then received by verifier 150 [Shukla ‘886, ¶¶2, 6, 10, 20-25; Fig. 1]).

As per claim 13: Shukla ‘886 in view of Posini ‘952 discloses all limitations of claim 8, as stated above, from which claim 13 is dependent upon. Furthermore, Shukla ‘886 discloses: further comprising receiving the running copy of the device tree binary (structured data 200, where the structured data 200 may be binary data in a tree structure [Shukla ‘886, ¶¶2, 6, 10, 20, 23-25]) from a non-trusted execution environment (samples of the structured data 200 are received by verifier 150 from user device 102; under the broadest reasonable interpretation, user device 102 is interpreted to be a “non-trusted execution environment” [Shukla ‘886, ¶¶24, 32-33; Fig. 1]).

Claim 9 is rejected under 35 U.S.C. 103 as being unpatentable over Shukla ‘886 in view of Posini ‘952 and further in view of Kobres ‘296.

As per claim 9: Shukla ‘886 in view of Posini ‘952 discloses all limitations of claim 8, as stated above, from which claim 9 is dependent upon. Shukla ‘886 in view of Posini ‘952 does not explicitly disclose the limitations of claim 9.
further comprising decrypting the device tree binary of the system (secure provisioning manifest 250; decrypting the secure provisioning manifest 250 using a private key 245 [Kobres ‘296, Col. 9 line 10, Col. 11 line 49; Fig. 4, Fig. 5]), wherein the device tree binary is a data structure describing one or more hardware components of the system (the secure provisioning manifest 250 is a data structure that includes information identifying hardware peripherals that are attached to the computer system [Kobres ‘296, Col. 3 line 51, Col. 6 line 53, Col. 12 line 63; Fig. 4, Fig. 5]).
Shukla ‘886 (modified by Posini ‘952) and Kobres ‘296 are analogous art because they are from the same field of endeavor, namely that of managing hardware/devices within a computing environment. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Shukla ‘886 (modified by Posini ‘952) and Kobres ‘296 before them, to modify the method in Shukla ‘886 (modified by Posini ‘952) to include the teachings of Kobres ‘296, namely to decrypt a structured data 200, such as an encrypted secure provisioning manifest 250, which contains information identifying devices and hardware attached to the computer system. The motivation for doing so would be to provide secure communications with authenticated hardware peripherals attached to the computer system (Kobres ‘296, Col. 1 line 62, Col. 9 line 18).

Claim 12 is rejected under 35 U.S.C. 103 as being unpatentable over Shukla ‘886 in view of Posini ‘952 and further in view of Radjabi ‘068.

As per claim 12: Shukla ‘886 in view of Posini ‘952 discloses all limitations of claims 8 and 11, as stated above, all from which claim 12 is dependent upon. Furthermore, Shukla ‘886 discloses: wherein generating the running copy of the device tree binary (structured data 200, where the structured data  further comprises recording one or more parameters associated with one or more components of the system (elements 210 of the structured data 200 and element comparisons are recorded and stored in within a structured data registry 162 and an element registry 164 [Shukla ‘886, ¶¶27-28, 34-36; Fig. 1, Fig. 5B, Fig. 5C])
Shukla ‘886 in view of Posini ‘952, as stated above, does not explicitly disclose: “… one or more parameters associated with one or more components of the system … wherein the one or more parameters are presented in a kernel pseudo file”.
Radjabi ‘068, however, discloses: one or more parameters associated with one or more components of the system (device data file 114 includes information about kernel subsystems and hardware devices coupled to the computer system [Radjabi ‘068, Col. 6 lines 27-33; Fig. 1]) … wherein the one or more parameters are presented in a kernel pseudo file (the device data file is presented as a pseudo file capable of exporting information from the device model of the kernel [Radjabi ‘068, Col. 6 lines 33-40; Fig. 1]).
Shukla ‘886 (modified by Posini ‘952) and Radjabi ‘068 are analogous art because they are from the same field of endeavor, namely that of managing hardware/devices within a computing environment. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Shukla ‘886 (modified by Posini ‘952) and Radjabi ‘068 before them, to modify the method in Shukla ‘886 (modified by Posini ‘952) to include the teachings of Radjabi ‘068, namely to present the structured data registry 162 and an element registry 164 as pseudo files capable of exporting information from the device model of the kernel. The motivation for doing so would be to make hardware device information easily available to the user space through virtual files (Radjabi ‘068, Col. 6 lines 36-40).

Claim 14 is rejected under 35 U.S.C. 103 as being unpatentable over Shukla ‘886 in view of Posini ‘952 and further in view of Truskovsky ‘614.

As per claim 14: Shukla ‘886 in view of Posini ‘952 discloses all limitations of claim 8, as stated above, from which claim 14 is dependent upon. Furthermore, Shukla ‘886 discloses: further comprising(structured data 200; the structured data 200 may be binary data in a tree structure; the structured data 200 may represent Basic Input/Output System (BIOS) data and firmware of devices and hardware [Shukla ‘886, ¶¶2, 6, 10, 20, 23-25]) 
Shukla ‘886 in view of Posini ‘952, as stated above, does not explicitly disclose: “determining that a timer has been attacked based on an indication that … has not been generated or received before the timer expired.”
Truskovsky ‘614, however, discloses: determining that a timer has been attacked (determining that a hacker has modified the system clock to manipulate a ticket’s period of validity [Truskovsky ‘614, ¶¶131-132]) based on an indication that … has not been generated or received before the timer expired (expired time-limited tickets are recorded in a list of revoked tickets, and an attempt to use a revoked time-limited ticket indicates that the ticket’s period of validity has been manipulated [Truskovsky ‘614, ¶¶130-132]).
Shukla ‘886 (modified by Posini ‘952) and Truskovsky ‘614 are analogous art because they are from the same field of endeavor, namely that of controlling access to secure resources and preventing security breaches in devices. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Shukla ‘886 (modified by Posini .

Claims 15-17 and 19  are rejected under 35 U.S.C. 103 as being unpatentable over Shukla ‘886 in view of Posini ‘952 and further in view of Kahana et al., US 2016/0063281 A1 (hereinafter, “Kahana ‘281”).

As per claim 15: Shukla ‘886 discloses: A method comprising: 

storing a golden copy (standard structured data 250; the standard structured 250 data refers to a golden copy of structured data 200 that specifies information for each standard element 260, and is stored on the data storage hardware 160 [Shukla ‘886, ¶27; Fig. 1]) of a device tree binary of a system (the structured data 200 may be binary data in a tree structure; the structured data 200 may represent Basic Input/Output System (BIOS) data and firmware of devices and hardware [Shukla ‘886, ¶¶2, 6, 10, 20, 23-25]); 

determining whether a running copy of the device tree binary of the system (structured data 200, where the structured data 200 may be binary data in a tree structure [Shukla ‘886, ¶¶2, 6, 10, 20, 23-25]) is received or generated (verifier 150 determines whether samples of the structured data 200 are generated and then received [Shukla ‘886, ¶¶2, 6, 10, 20-25; Fig. 1])
performing(generating a signal 172 indicating the presence of a different or unexpected element 210 in the structured data 200 [Shukla ‘886, ¶¶ 20, 32, 43, 53; Fig. 1, Fig. 7]).
Shukla ‘886, as stated above, does not explicitly disclose: “loading an operating system in a trusted execution environment, wherein at least part of the operating system is used as a root of trust; initiating a timer with a randomly generated period of time; determining whether a running copy … is received or generated before the timer expires; and performing, based on determination that the running copy is not received or generated before the timer expires, a corrective action”.
Posini ‘952, however, discloses: loading an operating system in a trusted execution environment (a trusted operating system (OS) 305 is loaded in a trusted execution environment (TEE) 301 [Posini ‘952, ¶¶31-32, 41; Fig. 3]), wherein at least part of the operating system is used as a root of trust (the system-on-chip (SoC) 300 includes a trusted OS 305, where the root of trust provided by the SoC 300 can guarantee that the trusted OS 305 is the only component  on the SoC 300 that is able to derive secrets [Posini ‘952, ¶¶35, 41; Fig. 3]).
Shukla ‘886 and Posini ‘952 are analogous art because they are from the same field of endeavor, namely that of managing hardware/devices within a computing environment. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Shukla ‘886 and Posini ‘952 before them, to modify the method in Shukla ‘886 to include the teachings of Posini ‘952, namely to perform the method described above in a trusted execution environment (TEE) where is operating system (OS) is loaded an used as a root of trust. The motivation 
Shukla ‘886 in view of Posini ‘952, as stated above, does not explicitly disclose: “initiating a timer with a randomly generated period of time; determining whether a running copy … is received or generated before the timer expires; and performing, based on determination that the running copy is not received or generated before the timer expires, a corrective action”.
Kahana ‘281, however, discloses: initiating a timer with a randomly generated period of time (the monitor module sets a timer and requests information from a core on the system on chip (SoC), where the timer interval may be randomly selected [Kahana ‘281, ¶¶29-30, 66-67]); 
determining whether a running copy … is received or generated before the timer expires (determining whether the monitor module receives the information prior to the expiration of the timer or whether the generated information is expected [Kahana ‘281, ¶¶29-30]); and 
performing, based on determination that the running copy is not received or generated before the timer expires, a corrective action (if the monitor module does not receive the information prior to the expiration of the timer or if the generated information is not expected, security measures may be initiated [Kahana ‘281, ¶¶29-30]).
Shukla ‘886 (modified by Posini ‘952) and Kahana ‘281 are analogous art because they are from the same field of endeavor, namely that of managing and preventing security breaches of hardware/devices within a computing environment. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Shukla ‘886 (modified by Posini ‘952) and Kahana ‘281 before them, to modify the method in Shukla ‘886 (modified by Posini ‘952) to include the teachings of Kahana ‘281, namely to determine whether structured data is compromised based on whether it is generated or received prior to the expiration of a timer. The motivation for doing so would be to provide more robust, flexible, and cost-effective security 

As per claim 16: Shukla ‘886 in view of Posini ‘952 and further in view of Kahana ‘281 discloses all limitations of claim 15, as stated above, from which claim 16 is dependent upon. Furthermore, Shukla ‘886 discloses: further comprising: 
identifying whether one or more parameters (data elements 210 [Shukla, ¶¶24-25; Fig. 1]) of the running copy (structured data 200; data elements 210 are identified and extracted from the structured data 200 [Shukla, ¶¶24-25; Fig. 1]) of the device tree binary of the system are different from corresponding parameters of the golden copy (standard structured data 250 [Shukla ‘886, ¶27; Fig. 1]) by comparing the running copy with the golden copy (comparing the data elements 210 of the structured data 200 with the corresponding standard elements 260 of the standard structured data 250 to identify differences [Shukla ‘886, ¶27; Fig. 1]); and 
performing a corrective action responsive to an indication that at least one of the one or more parameters of the running copy are different from the corresponding parameters of the golden copy (generating a signal 172 indicating the presence of a different or unexpected element 210 in the structured data 200 [Shukla ‘886, ¶¶ 20, 32, 43, 53; Fig. 1, Fig. 7]).

As per claim 17: Shukla ‘886 in view of Posini ‘952 and further in view of Kahana ‘281 discloses all limitations of claim 15, as stated above, from which claim 17 is dependent upon. Furthermore, Shukla ‘886 discloses: wherein performing the corrective action includes at least one of: 
quarantining a component of the system associated with the one or more parameters (devices with unexpected or different elements are considered to be compromised, flagged, and removed from a whitelist [Shukla ‘886, ¶¶20-21, 32, 36-38, 42-43; Fig. 5B, Fig. 5C]); 
evaluating each of the one or more parameters of the running copy identified as different from the corresponding parameters of the golden copy (comparing the data elements 210 of the structured data 200 with the corresponding standard elements 260 of the standard structured data 250 to identify differences [Shukla ‘886, ¶27; Fig. 1]); or 
notifying a user of the system (generating a signal 172 indicating the presence of a different or unexpected element 210 in the structured data 200 and causing a user interface 182 to display a notification of the presence of a different or unexpected element 210 [Shukla ‘886, ¶53; Fig. 1, Fig. 7]).

As per claim 19: Shukla ‘886 in view of Posini ‘952 and further in view of Kahana ‘281 discloses all limitations of claim 15, as stated above, from which claim 19 is dependent upon. Furthermore, Shukla ‘886 discloses: further comprising generating the running copy of the device tree binary (structured data 200, where the structured data 200 may be binary data in a tree structure; samples of the structured data 200 are generated and then received by verifier 150 [Shukla ‘886, ¶¶2, 6, 10, 20-25; Fig. 1]).

Claim 18 is rejected under 35 U.S.C. 103 as being unpatentable over Shukla ‘886 in view of Posini ‘952 and further in view of Kahana ‘281 and further in view of Kobres ‘296.

As per claim 18: Shukla ‘886 in view of Posini ‘952 and further in view of Kahana ‘281 discloses all limitations of claim 15, as stated above, from which claim 18 is dependent upon. Shukla ‘886 in view of Posini ‘952 and further in view of Kahana ‘281 does not explicitly disclose the limitations of claim 18.
Kobres ‘296, however, discloses: further comprising decrypting the device tree binary of the system (secure provisioning manifest 250; decrypting the secure provisioning manifest 250 using a private key 245 [Kobres ‘296, Col. 9 line 10, Col. 11 line 49; Fig. 4, Fig. 5]), wherein the device tree binary is a data structure describing one or more hardware components of the system (the secure provisioning manifest 250 is a data structure that includes information identifying hardware peripherals that are attached to the computer system [Kobres ‘296, Col. 3 line 51, Col. 6 line 53, Col. 12 line 63; Fig. 4, Fig. 5]).
Shukla ‘886 (modified by Posini ‘952 & Kahana ‘281) and Kobres ‘296 are analogous art because they are from the same field of endeavor, namely that of managing hardware/devices within a computing environment. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Shukla ‘886 (modified by Posini ‘952 & Kahana ‘281) and Kobres ‘296 before them, to modify the method in Shukla ‘886 (modified by Posini ‘952 & Kahana ‘281) to include the teachings of Kobres ‘296, namely to decrypt a structured data 200, such as an encrypted secure provisioning manifest 250, which contains information identifying devices and hardware attached to the computer system. The motivation for doing so would be to provide secure communications with authenticated hardware peripherals attached to the computer system (Kobres ‘296, Col. 1 line 62, Col. 9 line 18).

Claim 20 is rejected under 35 U.S.C. 103 as being unpatentable over Shukla ‘886 in view of Posini ‘952 and further in view of Kahana ‘281 and further in view of Radjabi ‘068.

As per claim 20: Shukla ‘886 in view of Posini ‘952 and further in view of Kahana ‘281 discloses all limitations of claims 15 and 19, as stated above, all from which claim 20 is dependent upon. Furthermore, Shukla ‘886 discloses: wherein generating the running copy of the device tree binary (structured data 200, where the structured data 200 may be binary data in a tree structure; samples of the structured data 200 are generated and then received by verifier 150 [Shukla ‘886, ¶¶2, 6, 10, 20-25; Fig. 1]) further comprises recording one or more parameters associated with one or more components of the system (elements 210 of the structured data 200 and element comparisons are recorded and stored in within a structured data registry 162 and an element registry 164 [Shukla ‘886, ¶¶27-28, 34-36; Fig. 1, Fig. 5B, Fig. 5C])
Shukla ‘886 in view of Posini ‘952 and further in view of Kahana ‘281, as stated above, does not explicitly disclose: “… one or more parameters associated with one or more components of the system … wherein the one or more parameters are presented in a kernel pseudo file”.
Radjabi ‘068, however, discloses: one or more parameters associated with one or more components of the system (device data file 114 includes information about kernel subsystems and hardware devices coupled to the computer system [Radjabi ‘068, Col. 6 lines 27-33; Fig. 1]) … wherein the one or more parameters are presented in a kernel pseudo file (the device data file is presented as a pseudo file capable of exporting information from the device model of the kernel [Radjabi ‘068, Col. 6 lines 33-40; Fig. 1]).
Shukla ‘886 (modified by Posini ‘952 & Kahana ‘281) and Radjabi ‘068 are analogous art because they are from the same field of endeavor, namely that of managing hardware/devices within a computing environment. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Shukla ‘886 (modified by Posini ‘952 & Kahana ‘281) and Radjabi ‘068 before them, to modify the method in Shukla ‘886 (modified by Posini ‘952 & Kahana ‘281) to include the teachings of Radjabi ‘068, namely to present the structured data registry 162 and an element registry 164 as pseudo files capable of exporting information from the device model of the kernel. The motivation for doing so would be to make hardware device information easily available to the user space through virtual files (Radjabi ‘068, Col. 6 lines 36-40).

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ALAN LINGQIAN KONG whose telephone number is (571)272-2646. The examiner can normally be reached Monday-Thursday 7:30am-5:00pm EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, JUNG (JAY) KIM can be reached on (571)272-3804. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




/ALAN LINGQIAN KONG/
Examiner, Art Unit 2494                                                                                                                                                                                         
/JUNG W KIM/Supervisory Patent Examiner, Art Unit 2494