DETAILED ACTION

Claims 1-20 are presented for examination.


Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claims 2-6, 8-9, 11-15, 17-18 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.


Information Disclosure Statement
The Information Disclosure Statement(s) submitted by applicant on 01/14/2021 has/have been considered. The submission is in compliance with the provisions of 37 CFR § 1.97. Form PTO-1449 signed and attached hereto.

	
Notice of Pre-AIA  or AIA  Status

The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

Claim Rejections - 35 USC § 103

The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


Claims1, 7, 10, and 19-20 are rejected under 35 U.S.C. 103 as being unpatentable over Narayanan et al. (US Patent Application No. 20170075699) (Hereinafter) in view of Khare et al. (US Patent No. 10,735,190) (Hereinafter Khare).
	

As per claim 1,  Narayanan discloses A method for authenticating an origin of a network device, the method 
comprising: 
in response to an initialization of the device, the device performing (para 5, in response to the booting system): 
establishing communications with a trusted platform module (TPM) integrated into the device (fig 3 and 6; para 5, the trusted platform module in response to the booting subsystem and the network operating system engine performing the boot process, authenticate the trusted platform module); 
 reading from memory within the device, an encryption certification authority (CA) signed data package, the data package including a device identification parameter and a trusted platform module (TPM) public key (para 35, receive the (decrypted) PCR data signed with the TPM public key, see para 39, decrypting the trusted platform module certificate);  
decoding the signed data package to obtain a decoded identification parameter and a decoded public TPM key (para 35, receive the (decrypted) PCR data signed with the TPM public key, see para 39, decrypting the trusted platform module certificate); 
 obtaining a device identification parameter from the device and a public TPM key from the TPM integrated into the device (para 33, TPM public key may be created within the trusted platform module and stored in the embedded non-volatile memory system);  
determining whether the decoded identification parameter matches the device-obtained identification parameter (Fig 8, para 40, 42, decrypt the authentication 
in response to one of failing to establish communications with the TPM, failing 
to match the decoded identification parameter, or failing to verify the TPM-obtained public key, at least one of suspending operation of the device  or transmitting a report of an authentication failure across a network on which the device is operating. However, Khare discloses verifying whether the TPM-obtained public key and the decoded public TPM key correspond (col 13, lines 65-67, TPM public key is used verify the encrypted nonce);  
in response to one of failing to establish communications with the TPM, failing 
to match the decoded identification parameter, or failing to verify the TPM-obtained public key, at least one of suspending operation of the device (col 14, lines 2-4, if verification fails, corrective actions are performed that broadly includes notification of failure) or 
transmitting a report of an authentication failure across a network on which 
the device is operating (col 14, lines 2-4, if verification fails, corrective actions are performed that broadly includes notification of failure).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Narayanan and Khare. The motivation would have been to build the network that provide endpoint security solutions (both hardware and software based). 

 


As per claim 7, claim is rejected for the same reasons as claim 1 including motivation, as above. In addition Khare wherein the signed data package is read from at least one of read only memory (ROM) or flash memory of the network device (fig 9). 
 
As per claim 10, claim is rejected for the same reasons as claims 1 and 7, including motivation, as above. 

As per claim 16, claim is rejected for the same reasons as claims 10 and 7, including motivation, as above.

As per claim 19, claim is rejected for the same reasons as claims 1 and 7, including motivation, as above. 

As per claim 20, claim is rejected for the same reasons as claims 1 and 19 including motivation, as above. In addition Khare discloses wherein the one or more decoded parameters comprises a unique identification parameter of the device and a TPM entrustment key (EK) (col 1, line 21, EK).


Conclusion



Any inquiry concerning this communication or earlier communications from the examiner should be directed to MOHAMMAD A SIDDIQI whose telephone number is (571)272-3976. The examiner can normally be reached Monday-Friday.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Carl G Colin can be reached on 571-272-3862. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/MOHAMMAD A SIDDIQI/Primary Examiner, Art Unit 2493