DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
1. 	 The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Arguments
2. 	Applicant's arguments filed have been fully considered but they are not persuasive. 
	A – Applicant Argues: On page 7-8 of remarks the applicant respectfully submits that Dmitriev and Kumar alone or in any combination do not teach or suggest “generating the certificated based at least in part on the firmware security descriptor and a device-specific secret associated with the end device”.

	A – The Examiner respectfully disagrees: Kumar teaches: (Kumar, Col. 10 lines 7-9, The certificate service 326 issues a certificate for the signing key generated on the device 100 by the TSP 106 and a security module 104. The device enrollment and certificate issuance process. Claim 4, wherein the authorization attributes of the security descriptor may include one or more of a user account, a service account, member privileges, and a digital code signing certificate.). Therefore Kumar in view of Dmitriev still meets the scope of the limitations as currently claimed.


B – Applicant Argues: On page 8-9 of remarks the applicant respectfully submits that Dmitriev and Kumar alone or in any combination do not teach or suggest “generating a cryptographic key pair comprising a public key and private key based at least in part on receiving the firmware security descriptor produced with publicly available information and obtaining the identifier derived from the device-specific secret”.

B – The Examiner respectfully disagrees: Dmitriev teaches: (Dmitriev, [0052], the user authentication information includes a digital certificate assigned to a user. In another aspect, the user authentication information includes private keys associated with a public key infrastructure (PKI). In particular, the user authentication information can include a secret or private key associated with a user and required for user authorization in association with the public key.) Therefore Dmitriev still meets the scope of the limitations as currently claimed

C – Applicant Argues: On page 11 of remarks the applicant respectfully submits that Dmitriev, Kumar, and Ben-Atar alone or ”

C - The Examiner respectfully disagrees: Ben-Atar teaches: “receiving the device-specific secret from an injection system configured to inject the device-specific secret in the end device” (Ben-Atar, Pg. 35, lines 20-22, a limited view compared to what is possibly the actual functionality of the device, for example an USB-Audio Microphone device which can also support an HID interface which allows the device to inject key strokes to the end-point.   Pg. 6, lines 6-7, at least one processor is configured to detect inputs injected via the usb port which are pre-defined to be indicative of a risk of an attack on the computer.) Dmitriev sheets: “wherein identifying the device-specific secret is based at least in part on receiving the device-specific secret”(Dmitriev, [0052], a variety of information that uniquely identifies a user of the device in which SIM device 114 is employed. In an aspect, the user authentication information includes a digital certificate assigned to a user. In another aspect, the user authentication information includes private keys associated with a public key Dmitriev and Ben-Atar still meets the scope of the limitations as currently claimed.


Applicant is reminded that claims must be given their broadest reasonable interpretation. 


Claim Rejections - 35 USC § 103
3. 	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


4. 	Claims 1, 4,-5, 7-9, 11-12, 14-18 and 21-23 are rejected under 35 U.S.C. 103 as being unpatentable over Dmitriev, (US 2014/0165170 A1) in view of Kumar (US 10341321 B2)

5. 	Regarding Claim 1, Dmitriev and Kumar disclose, a method, comprising:  2receiving a request for a certificate associated with authentication of an end 3device (Dmitriev, ¶[0062], In another aspect, an application 104 can receive a sign request from an external server/device 202 asking a user to digitally sign data. The application 104 can then submit a request to the server 116 to sign the data with a user's digital certificate.); 4identifying publicly-available information based at least in part on receiving 5the request (Dmitriev, ¶[0053],  the authentication component 206 employs a public key infrastructure (PKI) interface to facilitate providing user authorization information in response to a request for the user authorization information.);  
Dmitriev does not disclose the following limitations that Kumar teaches:
6generating a firmware security descriptor based at least in part on identifying 7the publicly-available information (Kumar, Col. 10 lines 64-67 Referring to FIG. 4 and FIG. 6, at block 602 the application 112 registers a security descriptor 602 with the TSP 106. At block 412, the interface handler 420 of the TSP 106 determines, based on the registered security descriptor 602, amongst a plurality of security modules 104 available on the device 100);  8generating the certificate based at least in part on the firmware security Kumar, Claim 4, Col. 10, lines 64-66, the security descriptor may include one or more of a user account, a service account, member privileges, and a digital code signing certificate. Referring to FIG. 4 and FIG. 6, at block 602 the application 112 registers a security descriptor 602 with the TSP 106. At block 412, the interface handler 420 of the TSP 106 determines, based on the registered security descriptor 602, amongst a plurality of security modules 104 available on the device 100 ); and 10transmitting the certificate for authentication of the end device to a server 11associated with authenticating the end device(Kumar, Col. 9 Referring to FIG. 1 and FIG. 3, at block 308 the    LAA 110 requests the TSP 106 to generate a signing key for the event log messages 122. At block 328, the TSP 106 sends a certificate signing request (CSR) to a certificate service 326, executing on a remote certificate server 324 ). 
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to include a firmware security descriptor that generates public information and transmits the certificate to be authenticated to the end device a

6.	1 Regarding Claim 4, Dmitriev and Kumar disclose, the method of claim 1, further comprising:  2transmitting the firmware security descriptor to the end device based at least in 3part on publicly-available information matching boundaries set in the request from the end 4device (Dmitriev, ¶[0068], the SIM device 114 functions as a security element whereby user authentication can be achieved entirely at the client side (e.g., at the device 102) without communication to an outside network or server (e.g., to retrieve authentication information and/or to authenticate a user or generate a digital signature). ¶[0074], After the NFDT component 306 receives information from the SIM device 114 (e.g., user authentication information and/or user account information), the NFDT component 306 can transfer the information to another device, such as device 302 using over the PAN 304 (e.g., using NFC)).  

17. 	Regarding Claim 5, Dmitriev and Kumar disclose, 
Dmitriev does not disclose the following limitations that Kumar teaches:
the method of claim 1, further comprising:  2generating a cryptographic key pair comprising a public key and a private key based at least in part on the firmware security descriptor and the device-specific secret Attorney Docket No. P370 (88231.1150)Micron Ref. No. 2019-0268.00/US 304associated with the end device, wherein the certificate includes the public key of the 5cryptographic key pair (Kumar, Col. 1 lines 47-53. Applications developed for deployment on remote IoT devices perform a plurality of security functions. These may require use of security modules (hardware, firmware or software based root of trust), cryptographic algorithms, encryption keys for confidentiality, signing keys and hash functions for integrity, and certificates for authoritative identification and attestation).  
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to include cryptographic keys that is based in a firmware security descriptor that also includes a certificate key that comprises of a public key to enhance security features.

8. 	1Regarding Claim 7, Dmitriev and Kumar disclose, the method of claim 1, wherein the publicly-available information 2comprises a geographical zone associated with the end device, a time stamp associated with 3activating the end device, information about a user of the end device, information about an 4owner of the end device, a string of characters associated with an entity of the end device, a 5default set of parameters, or any combination thereof (Dmitriev, ¶[0039],  in addition to an ability to communicate with the SIM device 114 over the LAN, device 102 is configured to communicate with various devices, servers, and applications wirelessly using virtually any desired wireless technology, including, for example, cellular, WAN, Wi-Fi, Wi-Max, and WLAN, etc. For example, in an aspect, device 102 is a cellular phone. As the cellular phone moves through a wireless communication network environment, at various times, the device 102 can be connected (e.g., wirelessly connected) to one of a plurality of access points (APs), (e.g., macro or cellular AP, femto AP, pico AP, Wi-Fi AP, Wi-Max AP, hotspot (e.g., Hotspot 1.x, Hotspot 2.x, where x is an integer number; etc.), etc.), that can operate in a wireless communication network environment.).  

9. 	1Regarding Claim 8, Dmitriev and Kumar disclose, the method of claim 1, wherein the end device is a memory device 2configured to store data for a host device (Dmitriev, Figure 1 – Memory 118 Data Store 120, ¶[0006], an embodiment includes a subscriber identity module device, comprising at least one memory to store computer executable components and user information representing a user identity associated with a device with a subscriber identity module interface with which the subscriber identity module device is configured to be employed. ).  1
10. Regarding Claim   9, Dmitriev and Kumar disclose, the method of claim 1, wherein the request is received from the end 2device (Dmitriev, ¶[0007], a hypertext transfer protocol request message from an application of the device over a local area network).
1
11. 	1Regarding Claim   11,  Dmitriev and Kumar disclose, the method of claim 1, further comprising:  2determining an identifier for the end device based at least in part on receiving 3the request (Dmitriev, ¶[0052], User authentication information held in data store 120 can include a variety of information that uniquely identifies a user of the device in which SIM device 114 is employed. ); and  4identifying the device-specific secret based at least in part on the identifier for 5the end device, wherein generating the certificate is based at least in part on identifying the 6device-specific secret (Dmitriev, ¶[0052], User authentication information held in data store 120 can include a variety of information that uniquely identifies a user of the device in which SIM device 114 is employed. In an aspect, the user authentication information includes a digital certificate assigned to a user. In another aspect, the user authentication information includes private keys associated with a public key infrastructure (PKI). In particular, the user authentication information can include a secret).  
12. 	1Regarding Claim   12, Dmitriev and Kumar disclose, a method, comprising:  2receiving, by an end device, a firmware security descriptor produced with 3publicly-available information (Dmitriev, Pg. 10, lines 19-22, e . Device safety level marking - by building a database that holds the detailed specific of each of a multiplicity of USB devices (typically both malicious and non-malicious) encountered by the system, typically cross referenced with publicly available information sources); 4obtaining an identifier derived from a device-specific secret stored in a 5memory of the end device (Dmitriev, ¶[0030], In an aspect, device 102 includes memory 112 for storing computer executable components and instructions. The device 102 further includes a processor 110 to facilitate operation of the computer executable components and instructions by the device 102. In an aspect, SIM device 114 includes memory 118 for storing information); Attorney Docket No. P370 (88231.1150)Micron Ref. No. 2019-0268.00/US316generating a cryptographic key pair comprising a public key and a private key 7based at least in part on receiving the firmware security descriptor produced with publicly-8available information and obtaining the identifier derived from the device-specific secret (Dmitriev, ¶[0052], User authentication information held in data store 120 can include a variety of information that uniquely identifies a user of the device in which SIM device 114 is employed. In an aspect, the user authentication information includes a digital certificate assigned to a user. In another aspect, the user authentication information includes private keys associated with a public key infrastructure (PKI). In particular, the user authentication information can include a secret or private key associated with a user and required for user authorization in association with the public key); and 9authenticating the end device based at least in part on the cryptographic key 10pair (Dmitriev, ¶[0075], remote device 302 can provide information to device 102 over the PAN that can be employed by the authentication component 206 in association with authenticating a user by an application 104. In particular, remote device 302).  
1
113. 	Regarding Claim   14, Dmitriev and Kumar disclose, 
Dmitriev does not disclose the following limitations that Kumar teaches:
the method of claim 12, further comprising:  2identifying a booting event of the end device, wherein generating the 3cryptographic key pair is based at least in part on identifying the booting event (Kumar, Col. 8, lines 42-47. The OT administrator may inspect the analyzed events displayed on the remote device management service console (e.g. web portal) to create or modify a device policy to alter the applications' security operations and intervene with an appropriate directive (action) to mitigate the safety incident on the remote device.).  

114. 	Regarding Claim   15, Dmitriev and Kumar disclose, the method of claim 12, further comprising:  2transmitting, by the end device, a request for the firmware security descriptor 3for generation of the cryptographic key pair(Dmitriev, ¶[0053], In an aspect, data store 120 store's the private key for a user, and the authentication component 206 renders the private key in order to authorize a user in response to a request to authorize the user.), wherein receiving the firmware security 4descriptor produced with publicly-available information is based at least in part on 5transmitting the request (Kumar, Pg. 36, lines 25-29, publicly available sources such as WWW (which include legitimate vendor support web sites, penetration testing sites etc.) which include a higher level of information than the descriptors (in most cases, driver version, time stamp, CRC etc.). A third source is publicized (or disclosed under NDAto the company) forensics on previous attacks, where specific USB tools were used.) . 
 
115. 	Regarding Claim   16, Dmitriev and Kumar disclose, the method of claim 12, further comprising:  2receiving, by the end device, the device-specific secret from an injection 3system during a manufacturing process of the end device (Dmitriev, ¶[0042], The one or more applications 104 reside on device 102 and operate in part based on access to private information stored on SIM device 114. For example, the one or more applications 104 can include applications pre-installed on device 102 during manufacture, applications downloaded to device 102); and 4identifying the device-specific secret based at least in part on receiving the 5device-specific secret (Dmitriev, ¶[0077], an application of another device 302 can request a user's digital signature prior to receiving a transfer of information from device 102 to device 302. The digital signature can serve as a way of informing device 302 that device 102 approves the transaction).

16. 	Regarding Claim    17, Dmitriev and Kumar disclose, a device, comprising: 2a receiver configured to receive a request for a certificate associated with 3authentication of an end device (Dmitriev, ¶[0062], In another aspect, an application 104 can receive a sign request from an external server/device 202 asking a user to digitally sign data. The application 104 can then submit a request to the server 116 to sign the data with a user's digital certificate.); a firmware security descriptor generator configured to: identify publicly-available information based at least in part on receiving the request (Dmitriev, ¶[0053],  the authentication component 206 employs a public key infrastructure (PKI) interface to facilitate providing user authorization information in response to a request for the user authorization information.); generate a firmware security descriptor based at least in part on identifying the publicly-available information (Kumar, Col. 10 lines 64-67 Referring to FIG. 4 and FIG. 6, at block 602 the application 112 registers a security descriptor 602 with the TSP 106. At block 412, the interface handler 420 of the TSP 106 determines, based on the registered security descriptor 602, amongst a plurality of security modules 104 available on the device 100); generate the certificate based at least in part on the firmware security 10descriptor and a device-specific secret associated with the end device (Kumar, Claim 4, Col. 10, lines 64-66, the security descriptor may include one or more of a user account, a service account, member privileges, and a digital code signing certificate. Referring to FIG. 4 and FIG. 6, at block 602 the application 112 registers a security descriptor 602 with the TSP 106. At block 412, the interface handler 420 of the TSP 106 determines, based on the registered security descriptor 602, amongst a plurality of security modules 104 available on the device 100 ); and  11generate a cryptographic key pair comprising a public key and a 12private key based at least in part on the firmware security descriptor and the device- 13specific secret associated with the end device, wherein the certificate includes the 14public key of the cryptographic key pair (Dmitriev, ¶[0052], User authentication information held in data store 120 can include a variety of information that uniquely identifies a user of the device in which SIM device 114 is employed. In an aspect, the user authentication information includes a digital certificate assigned to a user. In another aspect, the user authentication information includes private keys associated with a public key infrastructure (PKI). In particular, the user authentication information can include a secret or private key associated with a user and required for user authorization in association with the public key ); and  15a transmitter configured to transmit the certificate for authentication of the end 16device to a server associated with authenticating the end device (Kumar, Col. 9 Referring to FIG. 1 and FIG. 3, at block 308 the    LAA 110 requests the TSP 106 to generate a signing key for the event log messages 122. At block 328, the TSP 106 sends a certificate signing request (CSR) to a certificate service 326, executing on a remote certificate server 324 )).

17. 	Regarding Claim   18, Dmitriev and Kumar disclose, the device of claim 17, wherein the firmware security descriptor 2generator is further configured to:  3identify the device-specific secret based at least in part on an identity of the 4end device (Dmitriev, ¶[0052], User authentication information held in data store 120 can include a variety of information that uniquely identifies a user of the device in which SIM device 114 is employed. ), wherein generating the certificate is based at least in part on identifying the 5device-specific secret (Dmitriev, ¶[0052], User authentication information held in data store 120 can include a variety of information that uniquely identifies a user of the device in which SIM device 114 is employed. In an aspect, the user authentication information includes a digital certificate assigned to a user. In another aspect, the user authentication information includes private keys associated with a public key infrastructure (PKI). In particular, the user authentication information can include a secret).  

118. 	Regarding Claim   21, Dmitriev and Kumar disclose, the device of claim 17, wherein the transmitter is further configured 2to:  3transmit the firmware security descriptor to the end device based at least in  part on transmitting the certificate to the server (Kumar, Col. 9 Referring to FIG. 1 and FIG. 3, at block 308 the    LAA 110 requests the TSP 106 to generate a signing key for the event log messages 122. At block 328, the TSP 106 sends a certificate signing request (CSR) to a certificate service 326, executing on a remote certificate server 324 )).
 
119. 	Regarding Claim   22,  Dmitriev and Kumar disclose, the device of claim 17, wherein the transmitter is further configured 2to:  3transmit the identified publicly-available information to the end device based 4at least in part on transmitting the certificate to the server (Kumar, Col. 9 Referring to FIG. 1 and FIG. 3, at block 308 the    LAA 110 requests the TSP 106 to generate a signing key for the event log messages 122. At block 328, the TSP 106 sends a certificate signing request (CSR) to a certificate service 326, executing on a remote certificate server 324 )).

120. 	Regarding Claim   23,  Dmitriev and Kumar disclose, the device of claim 17, wherein the publicly-available information 2comprises a geographical zone associated with the end device, a time stamp associated with 3activating the end device, information about a user of the end device, information about an 4owner of the end device, a string of characters associated with an entity of the end device, a 5default set of parameters, or any combination thereof (Dmitriev, ¶[0039],  in addition to an ability to communicate with the SIM device 114 over the LAN, device 102 is configured to communicate with various devices, servers, and applications wirelessly using virtually any desired wireless technology, including, for example, cellular, WAN, Wi-Fi, Wi-Max, and WLAN, etc. For example, in an aspect, device 102 is a cellular phone. As the cellular phone moves through a wireless communication network environment, at various times, the device 102 can be connected (e.g., wirelessly connected) to one of a plurality of access points (APs), (e.g., macro or cellular AP, femto AP, pico AP, Wi-Fi AP, Wi-Max AP, hotspot (e.g., Hotspot 1.x, Hotspot 2.x, where x is an integer number; etc.), etc.), that can operate in a wireless communication network environment.).  

21. 	Claims 2-3, 6, 10, 13 and 19-20 are rejected under 35 U.S.C. 103 as being unpatentable over Dmitriev, (US 2014/0165170 A1) and Kumar (US 10341321 B2) in view of Ben-Atar ( WO 2019/030748 A1)

22. 	1Regarding Claim 2, Dmitriev, Kumar and Ben-Atar disclose, 
Dmitriev and Kumar does not explicitly disclose the following limitations that Ben-Atar teaches:
the method of claim 1, further comprising: 2confirming one or more types of publicly-available information to include in 3the firmware security descriptor based at least in part on information in the request (Ben-Atar, Pg. 36 lines 23-27, The database is structured by fusing multiple information sources e.g. as per all or any subset of the following; first, when an actual device is introduced, all of its descriptors (as described above) are recorded. Second, publicly available sources such as WWW (which include legitimate vendor support web sites, penetration testing sites etc.) which include a higher level of information than the descriptors (in most cases, driver version, time stamp, CRC etc.)), wherein 4identifying the publicly-available information is based at least in part on confirming the one 5or more types of publicly-available information (Ben-Atar, Pg. 36 lines 25-29, Second, publicly available sources such as WWW (which include legitimate vendor support web sites, penetration testing sites etc.) which include a higher level of information than the descriptors (in most cases, driver version, time stamp, CRC etc.). A third source is publicized (or disclosed under NDAto the company) forensics on previous attacks, where specific USB tools were used.).  
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to include one or more types of public information to confirm and identify the information in the firmware descriptor to enhance security.


23. 	Regarding Claim 13, Dmitriev, Kumar and Ben-Atar disclose, the method of claim 1, further comprising:  2identifying a default set of publicly-available information to include in the 3firmware security descriptor based at least in part on information in the request ( Ben-Atar, Pg. 36 lines 23-27, The database is structured by fusing multiple information sources e.g. as per all or any subset of the following; first, when an actual device is introduced, all of its descriptors (as described above) are recorded. Second, publicly available sources such as WWW (which include legitimate vendor support web sites, penetration testing sites etc.) which include a higher level of information than the descriptors (in most cases, driver version, time stamp, CRC etc.) ), wherein 4identifying the publicly-available information is based at least in part on identifying the 5default set of publicly-available information (Ben-Atar, Pg. 36 lines 25-29, Second, publicly available sources such as WWW (which include legitimate vendor support web sites, penetration testing sites etc.) which include a higher level of information than the descriptors (in most cases, driver version, time stamp, CRC etc.). A third source is publicized (or disclosed under NDAto the company) forensics on previous attacks, where specific USB tools were used.)


24. 	1Regarding Claim 6, Dmitriev, Kumar and Ben-Atar disclose, 
Dmitriev and Kumar does not explicitly disclose the following limitations that Ben-Atar teaches:
the method of claim 1, further comprising:  2receiving the device-specific secret from an injection system configured to 3inject the device-specific secret in the end device (Ben-Atar, Pg. 2 lines 19-21, As a USB can be used to interface practically anything to a computer system, with unlimited ability to "inject" data into the computer and "export" data from the computer, a carefully crafted attack mechanism can be used to take over the computer system),
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to include an injection system that is received from the device secret in the end device.
wherein identifying the device-specific 4secret is based at least in part on receiving the device-specific secret (Dmitriev, ¶[0052] User authentication information held in data store 120 can include a variety of information that uniquely identifies a user of the device. the user authentication information can include a secret or private key associated with a user and required for user authorization).  

25. 	Regarding Claim   10, Dmitriev, Kumar and Ben-Atar disclose, the method of claim 1, wherein the firmware security descriptor is 2generated independently on a server used for generating certificates used for authentication of 3the end device (Ben-Atar, Pg. 18-22 , Firmware Validation functional module: this is responsible for detecting infected or manipulated firmware and software that is running on authentic and authorized devices in organizations. Such devices can be abused for spreading malware within the network, and for collecting and storing sensitive data that will later on be ex-filtrated from the organization.).  

26. 	Regarding Claim  13,  Dmitriev, Kumar and Ben-Atar disclose, the method of claim 12, further comprising:  2identifying the publicly-available information, wherein the firmware security 3descriptor contains the publicly-available information (Ben-Atar, Pg. 36 lines 25-29, Second, publicly available sources such as WWW (which include legitimate vendor support web sites, penetration testing sites etc.) which include a higher level of information than the descriptors (in most cases, driver version, time stamp, CRC etc.). A third source is publicized (or disclosed under NDAto the company) forensics on previous attacks, where specific USB tools were used). 

27. 	1Regarding Claim 19,  Dmitriev, Kumar and Ben-Atar disclose, the device of claim 17, wherein the firmware security descriptor 2generator is further configured to:  3identify one or more types of publicly-available information to include in the 4firmware security descriptor based at least in part on information in the request (Ben-Atar, Pg. 36 lines 23-27, The database is structured by fusing multiple information sources e.g. as per all or any subset of the following; first, when an actual device is introduced, all of its descriptors (as described above) are recorded. Second, publicly available sources such as WWW (which include legitimate vendor support web sites, penetration testing sites etc.) which include a higher level of information than the descriptors (in most cases, driver version, time stamp, CRC etc.)), wherein 5identifying the publicly-available information is based at least in part on identifying the one 6or more types of publicly-available information (Ben-Atar, Pg. 36 lines 25-29, Second, publicly available sources such as WWW (which include legitimate vendor support web sites, penetration testing sites etc.) which include a higher level of information than the descriptors (in most cases, driver version, time stamp, CRC etc.). A third source is publicized (or disclosed under NDAto the company) forensics on previous attacks, where specific USB tools were used.).

128. 	Regarding Claim 20,  Dmitriev, Kumar and Ben-Atar disclose, the device of claim 17, wherein the firmware security descriptor 2generator is further configured to:  3identify a default set of publicly-available information to include in the 4firmware security descriptor based at least in part on information in the request (Ben-Atar, Pg. 36 lines 23-27, The database is structured by fusing multiple information sources e.g. as per all or any subset of the following; first, when an actual device is introduced, all of its descriptors (as described above) are recorded. Second, publicly available sources such as WWW (which include legitimate vendor support web sites, penetration testing sites etc.) which include a higher level of information than the descriptors (in most cases, driver version, time stamp, CRC etc.)), wherein 5identifying the publicly-available information is based at least in part on identifying the 6default set of publicly-available information (Ben-Atar, Pg. 36 lines 25-29, Second, publicly available sources such as WWW (which include legitimate vendor support web sites, penetration testing sites etc.) which include a higher level of information than the descriptors (in most cases, driver version, time stamp, CRC etc.). A third source is publicized (or disclosed under NDAto the company) forensics on previous attacks, where specific USB tools were used.).   

Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
 Any inquiry concerning this communication or earlier communications from the examiner should be directed to MAYASA SHAAWAT whose telephone number is (571)272-3939.  The examiner can normally be reached on M-F, 8 AM TO 5 PM. If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, JEFFREY PWU can be reached on (571)272-6789. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/MAYASA SHAAWAT/
Examiner, Art Unit 2433

/JEFFREY C PWU/Supervisory Patent Examiner, Art Unit 2433