DETAILED ACTION
The following claims are pending in this office action: 1-9 and 11-20
The following claims are amended: 1-4, 9, 11-15 and 20
The following claims are new: -
The following claim is cancelled: 10
Claims 1-9 and 11-20 are rejected. This rejection is FINAL.
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 08/06/2021 and 10/08/2021 have been considered.  The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly, an initialed and dated copy of Applicant’s IDS form 1449 filed 08/06/2021 and 10/08/2021 are attached to the instant Office action. 
Previous Objections and Rejections Withdrawn
The claim interpretation under 35 U.S.C. § 112 (f) is withdrawn. 
The objections to claims 2-6 and 14-19 are withdrawn based on the amendments. 
The 35 U.S.C. § 101 rejection to claims 1-8 are withdrawn and applicant’s remarks clarifying that the processor readable media as clearly defined in the written description “does not include transitory media, such as modulated data signals and carrier waves” contrary to its ordinary meaning encompassing signals per se is noted and persuasive.  



RESPONSE TO ARGUMENTS
Applicant’s 35 U.S.C. § 103 arguments filed in the amendment filed 10/08/2021 have been fully considered but are moot in view of new ground of rejection necessitated by amendment.  The reasons are set forth below.
Applicant notes:  
Hadley and Freeman, taken either alone or in combination, however, fail to teach or fairly suggest “perform[ing] a trusted measurement on a cryptographic operation chip,” let alone “[a] security chip perform[ing] a trusted measurement on a cryptographic operation chip according to [a] dynamic measurement requirement [included in a cryptographic operation request]… the cryptographic operation chip perform[ing]  cryptographic operation processing after the security chip completes the dynamic measurement requirement,”  as amended claim 1 recites

Hadley and Freeman fail to teach each and every feature of amended claim 9.  

Hadley and Freeman taken alone or in combination, fail to teach or fairly suggest “receiv[ing] a cryptographic operation request, wherein the cryptographic operation request includes instruction information indicating whether a cryptographic operation chip is needed to be measured.  

These limitation represented in independent claims 1, 9, 12 have been mapped to Naguib (US Pub. 2015/0200934) and Rozas et al. (US Pub. 2008/0244746) below.  Naguib explicitly teaches a cryptographic chip as opposed to a dynamic measurement module or measurement entity as was taught in Hadley.  Rozas teaches a dynamic measurement requirement that allows measurement by a security chip or a cryptographic chip according to a dynamic measurement requirement instead of the dynamic measurement requirement being used for indicating that a dynamic measurement module is needed to be measured as was taught in Freeman.    
Dependent claims 2-8, 11, and 13-20 depend on independent claims 1, 9, and 12.  As the amendments of the independent claims and dependent claims necessitate new grounds of rejection, Naguib and Rozas have accordingly been mapped to elements of the dependent claims.  
To advance prosecution, examiner suggests amendments be made that further clarifies and narrow on the elements of “cryptographic operation chip”, and “dynamic measurement” which seem to be broad terms that do not properly characterize the scope of the invention.  
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.

Claim 14 is rejected under 35 U.S.C. 112(b), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor regards as the invention.
Claim 14 recites the limitation “the dynamic measurement requirement” (claim 14, ln. 2-3).  There is insufficient antecedent basis for this limitation in the claim.  Examiner suggests replacing “the dynamic measurement requirement” with “a dynamic measurement requirement”.  

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 7-9, and 11-14 are rejected under 35 U.S.C. 103 as being unpatentable over Naguib (US Pub. 2015/0200934) (hereinafter “Naguib”), in view of Rozas et al. (US Pub. 2008/0244746) (hereinafter “Rozas”) 

As per claim 1, Naguib teaches one or more processor readable media storing executable instructions that, when executed by one or more processors of a trusted forwarding module, cause the one or more processors to perform acts comprising:  ([Naguib, para. 0027] a computer [a trusted forwarding module] contains memory/storage that stores information accessible by the processor which includes instructions that may be executed by the processor)
receiving a cryptographic operation request; and ([Naguib, para. 0049] the computer receives from the user a selection to operate computing device 102 in a secure mode to perform a cryptographic operation including an electronic signature [a cryptographic operation request])
sending the cryptographic operation request to a security chip if the cryptographic operation request has a [dynamic] measurement requirement ([Naguib, para. 0050; para. 0083; para. 0096] in response to the user selection, the computer hardware initiates [sends the request to] the integrity verification module 137 [the TPM security chip – see para. 0083] to go into secure mode; the request has a measurement requirement: an integrity check; the measurement requirement being a dynamic measurement requirement is taught by Rozas below) wherein the security chip performs a trusted measurement on a cryptographic operation chip according to the [dynamic] measurement requirement, ([Naguib, Para. 0083] the integrity check is accomplished by the integrity verification module 137 included as a TPM chip [a security chip] in order to perform a trusted measurement. The trusted measurement is performed on all hardware and software on the device including cryptographic modules 138 and 139 performing cryptographic operations. [Para. 0029] cryptographic modules are any integrated circuits suitable for cryptographic processing [a cryptographic operation chip]) and the cryptographic operation chip performs cryptographic operation processing after the security chip completes the [dynamic] measurement requirement. ([Para. 0097-0098] in an embodiment, passing the check enables the cryptographic module.  The module then encrypts using a private key [performs cryptographic operation processing])
Naguib does not explicitly teach the measurement requirement is a dynamic measurement requirement.  
([Rozas, para. 0015] once it has been determined to run a measurement, either by the user or some form of control code, instructions are sent to the controlling processor to begin a trusted measurement.  [Para. 0011] the measurement occurs to measure or remeasure a trusted platform at run-time, and so is a dynamic measurement)
At the time of filing it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Naguib with the teachings of Rozas to include that the measurement requirement is a dynamic measurement requirement.  One of ordinary skill in the art would have been motivated to make this modification because such a procedure would allow measurement of a system during run-time [a dynamic measurement] which allows the platform to be more secure, and provide a more meaningful measurement, for example at a time where there is a greater potential for the security breach.  (Rozas, para. 0005; para. 0014)

As per claim 7, Naguib in view of Rozas teaches claim 1.
Naguib does not teach obtaining a requirement parameter included in the cryptographic operation request after receiving the cryptographic operation request, wherein the requirement parameter is used to indicate whether the dynamic measurement requirement exists; and determining whether the cryptographic operation request has the dynamic measurement requirement according to the requirement parameter.
However, Rozas teaches obtaining a requirement parameter included in the cryptographic operation request after receiving the cryptographic operation request, wherein the requirement parameter is used to indicate whether the dynamic measurement requirement exists; and ([Rozas, para. 0024; para. 0029] a request regarding the security current state of the platform [the cryptographic operation request, as the cryptographic module of Naguib may respond to challenges only after the security state of the platform is verified] includes a TPM TICK COUNT [a requirement parameter].  [Para. 0025] The TPM TICK COUNT is used to determine whether a measurement or remeasurement should occur on the system [used to indicate whether the dynamic measurement request exists])
determining whether the cryptographic operation request has the dynamic measurement requirement according to the requirement parameter. ([Rozas, para. 0026] if the TPM TICK COUNT [requirement parameter] is not sufficiently fresh, the measurement process begins [a determination that the cryptographic operation request has the dynamic measurement requirement])
At the time of filing it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Naguib with the teachings of Rozas to include obtaining a requirement parameter included in the cryptographic operation request after receiving the cryptographic operation request, wherein the requirement parameter is used to indicate whether the dynamic measurement requirement exists; and determining whether the cryptographic operation request has the dynamic measurement requirement according to the requirement parameter.  One of ordinary skill in the art would have been motivated to make this modification because a requirement parameter allows for the system to determine the potential for one or more breaches of security to happen, and the relative need for a measurement so that a measurement may be performed when it is required.  (Rozas, para. 0014)

As per claim 9, Naguib teaches a method implemented by a security chip comprising one or more processors and memory, the method comprising: receiving a cryptographic operation request, ([Naguib, para. 0049] the computer receives from the user a selection to operate computing device 102 in a secure mode to perform a cryptographic operation including an electronic signature [a cryptographic operation request]) wherein the cryptographic operation request includes a [dynamic] measurement requirement, ([Para. 0096] the user selection causes [includes] an integrity check [a measurement requirement].  The measurement requirement being a dynamic measurement requirement is taught by Rozas below)
performing a trusted measurement on a cryptographic operation chip according to the [dynamic] measurement requirement to obtain a measurement result; and ([Naguib, Para. 0083] the integrity check is accomplished by a integrity verification module 137 included as a TPM chip [a security chip] in order to perform a trusted measurement. The trusted measurement is performed on all hardware and software on the device including cryptographic modules 138 and 139 performing cryptographic operations. [Para. 0029] cryptographic modules are any integrated circuits suitable for cryptographic processing [a cryptographic operation chip])
sending the cryptographic operation request to the cryptographic operation chip to perform a cryptographic operation when the measurement result indicates that an integrity of the cryptographic operation chip is intact. ([Para. 0097-0098] in an embodiment, passing the check enables the cryptographic module.  The module then encrypts using a private key [performs cryptographic operation processing])
Naguib does not explicitly teach the measurement requirement is a dynamic measurement requirement.  
However, Rozas teaches that the measurement requirement is a dynamic measurement requirement.  ([Rozas, para. 0015] once it has been determined to run a measurement, either by the user or some form of control code, instruction are sent to the controlling processor to begin a trusted measurement.  [Para. 0011] the measurement occurs to measure or remeasure a trusted platform at run-time, and so is a dynamic measurement)
At the time of filing it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Naguib with the teachings of Rozas for the same reasons as disclosed above. 

As per claim 11, Naguib in view of Rozas teaches claim 9.
([Naguib, para. 0104] in step 714, the user is required to sign the transaction using a sim card, authorizing the transaction [verifying legitimacy of the cryptographic operation request].  This step is done after receiving the user’s input to execute the computer device in secure mode, and booting up the system, step 702)
allowing the cryptographic operation chip to be measured upon successful verification.  ([Naguib, para. 0105] following step 714, at step 716, the operating system invokes the integrity verification module [the TPM security chip – see para. 0083] to attest [examiner notes the common meaning of the word “measure”: to prove to have necessary qualification; same meaning as attest] the integrity of the cryptographic module [part of the system, see Fig. 2])

As per claim 12, Naguib teaches a trusted forwarding module comprising one or more processors and memory, the trusted forwarding module being configured to: ([Naguib, para. 0027] a computer [a trusted forwarding module] contains memory/storage that stores information accessible by the processor which includes instructions that may be executed by the processor of the computer)
receive a cryptographic operation request, wherein the cryptographic operation request includes instruction information indicating whether a cryptographic operation chip is needed to be measured ([Naguib, para. 0049; para. 0083] the computer receives the user’s input to execute the computer device in secure mode to perform a cryptographic operation including an electronic signature [a cryptographic operation request], where the input includes the requirement to perform an integrity check of all hardware and software on the device including cryptographic modules 138 and 139 performing cryptographic operations [instruction information indicating whether the cryptographic module/chip needs to be measured]. [Para. 0029] cryptographic modules are any integrated circuits suitable for cryptographic processing [a cryptographic operation chip])
([Naguib, para. 0050; para. 0083] in response to the user selection, the computer hardware initiates [sends the request to] the integrity verification module 137 [the TPM security chip – see para. 0083] to execute the computer device in secure mode to perform a cryptographic operation) or the cryptographic operation chip [based on whether the instruction information indicates that the cryptographic operation chip is needed to be measured] ([Para. 0097-0098] user’s input to perform a cryptographic operation is forwarded to the cryptographic operation chip for an encryption operation.  Forwarding the request based on whether the instruction information indicates that the chip is needed to be measured is taught by Rozas below)
Naguib does not explicitly teach forward the request based on whether the instruction information indicates that the chip is needed to be measured.  
However, Rozas teaches forward the request based on whether the instruction information indicates that the chip is needed to be measured.  ([Rozas, para. 0024; 0026] the TPM TICK COUNT [instruction information] indicates whether core system code [code running on a chip]: is sufficiently fresh.  If it is determined that the code is not sufficiently fresh, the core system code needs to be measured, and the code is passed onto the RTMA for a secure measurement.  If it is determined that the code is sufficiently fresh, no measurement needs to occur, and the code is forwarded operation on the core system.  The RTMA as a TPM security chip for measurement and the core system as a cryptographic chip for performing cryptographic operations was taught by Naguib above) 
At the time of filing it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Naguib with the teachings of Rozas for the same reasons as disclosed above. 

As per claim 13, Naguib in view of Rozas teaches claim 12.  
Naguib also teaches wherein the trusted forwarding module forwards the cryptographic operation request to the security chip when the instruction information indicates that the cryptographic operation chip is needed to be measured.  ([Naguib, para. 0049-0050; para. 0083] the computer receives the user’s input to execute the computer device in secure mode [a cryptographic operation request], where the input includes the requirement to perform an integrity check of the cryptographic module 138 [instruction information indicating whether the module/chip needs to be measured]. In response to the user’s input, the computer hardware initiates [forwards the request to] the integrity verification module 137 [the TPM security chip – see para. 0083])

As per claim 14, Naguib in view of Rozas teaches claim 13.  
	Naguib also teaches wherein the security chip is configured to measure the cryptographic operation chip according to the [dynamic] measurement requirement to obtain a measurement result, ([Naguib, Para. 0083] the integrity check is accomplished by the integrity verification module 137 included as a TPM chip [a security chip] in order to perform a trusted measurement. The trusted measurement is performed on all hardware and software on the device including cryptographic modules 138 and 139 performing cryptographic operations. [Para. 0029] cryptographic modules are any integrated circuits suitable for cryptographic processing [a cryptographic operation chip; the measurement requirement being a dynamic measurement requirement is taught by Rozas below) and cause the cryptographic operation chip to perform a requested cryptographic operation when the measurement result indicates that an integrity of the cryptographic operation chip is intact.  ([Para. 0098] the module then encrypts a message using a private key to provide a challenge response [performs a requested cryptographic operation])
Naguib does not explicitly teach the measurement requirement is a dynamic measurement requirement.  
However, Rozas teaches that the measurement requirement is a dynamic measurement requirement.  ([Rozas, para. 0015] once it has been determined to run a measurement, either by the user or some form of control code, instruction are sent to the controlling processor to begin a trusted measurement.  [Para. 0011] the measurement occurs to measure or remeasure a trusted platform at run-time, and so is a dynamic measurement)
At the time of filing it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Naguib with the teachings of Rozas for the same reasons as disclosed above. 

Claims 2-3, 15, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Naguib in view of Rozas as applied to claims 1 above, and further in view of Kazmierczak et al. (US Pub. 2009/0172378) (hereinafter “Kazmierczak”).  Kazmierczak is included in the IDS dated 06/03/2021.  

As per claim 2, Naguib in view of Rozas teaches claim 1.
Naguib in view of Rozas does not teach obtaining a monitoring result when the cryptographic operation request does not have the dynamic measurement requirement, wherein the monitoring result indicates whether a system performing cryptographic operations has an abnormal feature.  
However, Kazmierczak teaches obtaining a monitoring result when the cryptographic operation request does not have the dynamic measurement requirement, wherein the monitoring result indicates whether a system performing cryptographic operations has an abnormal feature.  ([Kazmierczak, para. 0026] the PTS kernel monitors and obtains a static measurement of a file [a monitoring result] when the OS loads an executable [when the cryptographic operation request does not have a dynamic measurement requirement, and when the request is executed without the measurement].  The monitoring results is used to construct an integrity report for verification [indicates whether a system has an abnormal feature])
At the time of filing it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Naguib with the teachings of Kazmierczak to include obtaining a monitoring the dynamic measurement requirement, wherein the monitoring result indicates whether a system performing cryptographic operations has an abnormal feature.  One of ordinary skill in the art would have been motivated to make this modification because such a step would allow for an integrity report which may be used later in verifying the trustworthiness of the a platform, as opposed to doing an entire measurement of the operating system, which may be inefficient and delay the operation.  (Kazmierczak, para. 0016, para. 0023)

As per claim 3, Naguib in view of Rozas and further in view of Kazmierczak teaches claim 2.
Naguib also teaches sending a requested cryptographic operation request to the cryptographic operation chip to perform a cryptographic operation.  ([Naguib, para. 0049; para. 0098] in response to the user selection to operate computing device 102 in a secure mode to perform a cryptographic operation including an electronic signature [a requested cryptographic operation request], the computer module encrypts a message with a private key [performs a cryptographic operation])
Naguib in view of Rozas does not teach performing the operation if the monitoring result indicates that the system performing cryptographic operations does not have an abnormal feature.  
However, Kazmierczak teaches performing the operation if the monitoring result indicates that the system performing cryptographic operations does not have an abnormal feature.  ([Kazmierczak, para. 0016] an integrity report [the monitoring result] may be used later in verifying the trustworthiness of the PC platform.  [Para. 0004] Once a file, such an OS program loader, is monitored by the PTS kernel, and determined by a verifier to have an acceptable level of trustworthiness [does not have an abnormal feature], the trust boundary is extended from the PTS to the OS program loader which can use this cryptographic operation to extend the trust boundary, such as measuring other executable programs [see, for example, para. 0028, the program loader]) 


As per claim 15, Naguib in view of Rozas teaches claim 12.  
Naguib also teaches forwards the cryptographic operation request to the cryptographic operation chip for performing the cryptographic operation [when the instruction information indicates that the cryptographic operation chip is not needed to be measured] ([Naguib, para. 0049; para. 0097-0098] the user selection to operate computing device 102 in a secure mode to perform a cryptographic operation including an electronic signature [cryptographic operation request] is forwarded to the cryptographic operation chip to be encrypted and given to another party as a response to the challenge that is encrypted.  ([Para. 0098] the module then encrypts a message using a private key to provide a challenge response [performs a requested cryptographic operation]. Forwarding the request for performing an operation when the instruction information indicates that the chip is not needed to be measured is taught by Rozas below)
Naguib in view of Rozas does not explicitly teach forward the request for performing an operation when the instruction information indicates that the chip is not needed to be measured.  
However, Rozas teaches forward the request based on whether the instruction information indicates that the chip is needed to be measured.  ([Rozas, para. 0024; 0026] the TPM TICK COUNT [instruction information] indicates whether core system code [code running on a chip]: is sufficiently fresh.  If it is determined that the code is not sufficiently fresh, the core system code needs to be measured, and the code is passed onto the RTMA for a secure measurement.  If it is determined that the code is sufficiently fresh, no measurement needs to occur, and the code is forwarded for operation on the core system.  The RTMA as a TPM security chip for measurement and the core system as a cryptographic chip for performing cryptographic operations was taught by Naguib above) 
At the time of filing it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Naguib with the teachings of Rozas for the same reasons as disclosed above. 
Naguib in view of Rozas does not teach forwards the cryptographic operation request to the cryptographic operation chip for performing the cryptographic operation when an obtained monitoring result indicates that a system performing cryptographic operations has no abnormal feature.  
However, Kazmierczak teaches forwards the cryptographic operation request to the cryptographic operation chip for performing the cryptographic operation when an obtained monitoring result indicates that a system performing cryptographic operations has no abnormal feature.  ([Kazmierczak, para. 0016] an integrity report [the monitoring result] may be used later in verifying the trustworthiness of the PC platform.  [Para. 0004] Once a file, such an OS program loader, is monitored by the PTS kernel, and determined by a verifier to have an acceptable level of trustworthiness [does not have an abnormal feature], the trust boundary is extended from the PTS to the OS program loader which can use a cryptographic operation performed by a cryptographic operation chip to extend the trust boundary, such as measuring other executable programs [see, for example, para. 0028, the program loader])
At the time of filing it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Naguib with the teachings of Kazmierczak for the same reasons as disclosed above. 

As per claim 20, Naguib in view of Rozas teaches claim 12.  
Naguib in view of Rozas does not teach wherein the trust forwarding module further comprises: a trusted software base, and a trusted software stack.  
further comprises: a trusted software base, and a trusted software stack. ([Kazmierczak, para. 0005, para. 0018] the trusted platform comprises the static root of trust for measurement, the core [base] trusted root implemented in software [trusted software base], and a transitive chain of trusted applications [a trusted software stack])
At the time of filing it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Naguib with the teachings of Kazmierczak for the same reasons as disclosed above.

Claims 4-5, and 16-17 are rejected under 35 U.S.C. 103 as being unpatentable over Naguib in view of Rozas and Kazmierczak as applied to claim 2 above, and further in view of Corley et al. (US Pub. 2007/0094711) (hereinafter “Corley”).

As per claim 4, Naguib in view of Rozas and Kazmierczak teaches claim 2.
Naguib in view of Rozas and Kazmierczak does not teach obtaining a security level of a user who sends the cryptographic operation request when the monitoring result indicates that the system performing cryptographic operations has the abnormal feature.  
However, Corley teaches obtaining a security level of a user ([Corley, para. 0065] a security user level is obtained either externally or from information gathered by the system) who sends the cryptographic operation request ([Para. 0060] the user sends a request to perform potentially problematic operations, [a cryptographic security operation - see para. 0041]  which are compiled and analyzed) when the monitoring result indicates that the system performing cryptographic operations has the abnormal feature.  ([Para. 0057] the monitoring operation determines whether the operations that are problematic or suspicious in accordance to a policy)
the abnormal feature.  One of ordinary skill in the art would have been motivated to make this modification because such a modification would improve computational security over a data processing system by allowing computer security procedures to be implemented in a flexible manner with respect to different users.  (Corley, para. 0011)

As per claim 5, Naguib in view of Rozas and Kazmierczak and further in view of Corley teaches claim 4.
Naguib also teaches sending the cryptographic operation request to the security chip (([Naguib, para. 0050; para. 0083] in response to the user selection to operate computing device 102 in a secure mode to perform a cryptographic operation including an electronic signature, the computer hardware initiates [sends the request to] the integrity verification module 137 [the TPM security chip – see para. 0083] to perform a full integrity check of the system)
Naguib in view of Rozas and Kazmierczak does not teach when the security level of the user is a high security level, wherein security levels of users include: the high security level and a low security level.  
However, Corley teaches when the security level of the user is a high security level, wherein security levels of users include: the high security level and a low security level. ([Corley, para. 0053; FIG. 4C-4D] a user security level for a given user is expressed as a variable where a user that is a high security risk is assigned a low computational security level [a low security level], and is not allowed to access or execute [see, for example, para. 0057 – the user’s session can be terminated in response], and a user that is a low security risk is assigned a high computational security level and is permitted to access or execute [see. for example, para. 0067, resource, i.e. the cryptographic operation request, can be granted or denied based on a computational security level)
At the time of filing it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Naguib with the teachings of Corley for the same reasons as disclosed above.

As per claim 16, the claim language is identical or substantially similar to that of claim 4. Therefore, it is rejected under the same rationale applied to claim 4.

As per claim 17, the claim language is identical or substantially similar to that of claim 5. Therefore, it is rejected under the same rationale applied to claim 5.

Claims 6, and 18-19 are rejected under 35 U.S.C. 103 as being unpatentable over Naguib in view of Rozas, Kazmierczak, and Corley as applied to claim 4 above, and further in view of Meyer et al. (US Patent No. 8,442,960) (hereinafter “Meyer”).

As per claim 6, Naguib in view of Rozas, Kazmierczak and Corley teaches claim 4.
Naguib also teaches sending the cryptographic operation request to the security chip after receiving an instruction indicating a need to start a [dynamic] measurement.  ([Naguib, para. 0050; para. 0083; para. 0096] in response to the user selection to operate computing device 102 in a secure mode to perform a cryptographic operation including an electronic signature, the computer hardware initiates [sends the request to] the integrity verification module 137 the request to go into secure mode; the request has an instruction indicating a need to start a measurement: an integrity check; the measurement being a dynamic measurement is taught by Rozas below)
Naguib does not explicitly teach the measurement is a dynamic measurement.  
([Rozas, para. 0015] once it has been determined to run a measurement, either by the user or some form of control code, instruction are sent to the controlling processor to begin a trusted measurement.  [Para. 0011] the measurement occurs to measure or remeasure a trusted platform at run-time, and so is a dynamic measurement)
At the time of filing it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Naguib with the teachings of Rozas for the same reasons as disclosed above.
Naguib in view of Rozas, Kazmierczak and Corley does not teach sending prompt information indicating that the system is at risk when the security level of the user is a low security level. 
However, Meyer teaches sending prompt information ([Meyer, col. 6, ln. 39-46; Fig. 3] a prompt is given for a user to elevate privileges) indicating that the system is at risk ([col. 6, ln. 54-58] the prompt includes security information, such as if the process will compromise protected resources [see col. 1, ln. 14-16]) when the security level of the user is a low security level.  ([col. 3, ln. 31-34] the phrase “privilege” refers to a level of permission that can be granted to a user.  “Elevate” refers to raising the permission level of the user from a lower security level. [Col. 7, ln. 5-7] the user may allow the request to continue by elevating the privilege)
At the time of filing it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Naguib with the teachings of Meyer to include sending prompt information indicating that the system is at risk when the security level of the user is a low security level.  One of ordinary skill in the art would have been motivated to make this modification because by prompting a user to elevate privileges, an administrative-privilege module may allow the process to proceed through normal execution with full privileges, despite the low security level of the user.  (Meyer, col. 7, ln. 31-34; col. 3, ln. 50-57)



As per claim 19, the claim language is identical or substantially similar to that of claim 6. Therefore, it is rejected under the same rationale applied to claim 6.

Claim 8 is rejected under 35 U.S.C. 103 as being unpatentable over Naguib in view of Rozas as applied to claim 1 above, and further in view of Dodeja et al. (US Pub. 2014/0122897) (hereinafter “Dodeja”).

As per claim 8, Naguib in view of Rozas teaches claim 1.
Naguib also teaches verifying validity of the cryptographic operation request according to a user [platform identity certificate] included in the cryptographic operation request after receiving the cryptographic operation request, and ([Naguib, para. 0104] in step 714, the user is required to sign the transaction using a sim card, authorizing the transaction [verifying validity of the cryptographic operation request according to a user].  This step is done after the user selection to operate computing device 102 in a secure mode to perform a cryptographic operation including an electronic signature [see para. 0049], step 702.  Using a user platform certificate to verify the validity is taught by Dodeja below) allowing the cryptographic operation request to be forwarded upon successful verification.  ([para. 0098; para. 0105] following step 714, at step 716, the user selection is forwarded to the cryptographic module 138 to send to the browser, and then to the service provider for verification)
Naguib in view of Rozas does not explicitly teach verifying validity of the cryptographic operation request according to a user platform identity certificate. 
([Dodeja, Fig. 1; para. 0025] the integrity management architecture includes a function to verify an OS layer certificate.  [Fig. 2; para. 0035] after receiving the request for trusted environment verification [the cryptographic operation request] the validity of the request is verified and forwarded to the next step, contingent upon successful verification [see para. 0031 – the steps in Fig. 2 are performed in sequence]) 
At the time of filing it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Naguib with the teachings of Dodeja to include verifying validity of the cryptographic operation request according to a user platform identity certificate.  One of ordinary skill in the art would have been motivated to make this modification because such a modification would allow certificates for verification of each component and platform of the device such as HW drivers, the OS, the BIOS and various applications.  (Dodeja, para. 0021; Fig. 2)
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
The follow prior art made of record and not relied upon is considered pertinent to applicant's disclosure.  Zhang et al.; A new approach of TPM construction based on J2810; Wuhan Univ. J. of Nat. Sci. 12, 21–24 (2007); https://doi.org/10.1007/s11859-006-0146-6; pg. 4 teaches a hardware root of trust in a TPM that contains its own CPU separate from the CPU of the computer that it is incorporated into which measure the CPU of the computer that it is incorporated into which is a cryptographic processor.  Areno et al. (US Pub. 2019/0311126) discloses TPM in a HRoT device that binds to/measures the HRoT device (a cryptographic chip), which in turn passes trusted secure boot codes to the host platform (a cryptographic operation).  Shah et al. (US Pub. 2017/0364685) describes a secure processor that verifies an MVA which then verifies the rest of the components, including applications dynamically and on demand.  
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ZHE LIU whose telephone number is (571) 272-3634.  The examiner can normally be reached on Monday - Friday: 8:30 AM to 5:30 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Carl Colin can be reached on (571) 272-3862.  The fax phone number for the organization where this application or proceeding is assigned is (571) 273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at (866) 217-9197 (toll-free). If you would like assistance from a 
/Z.L./Examiner, Art Unit 2493                                                                                                                                                                                                        

/Catherine Thiaw/Primary Examiner, Art Unit 2493                                                                                                                                                                                                        11/5/2021