Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claims 1-15 are pending.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


Claims 1-15 is/are rejected under 35 U.S.C. 103 as being unpatentable over U.S. Patent Application Publication 20080263345 to Booth et al., in view of U.S. Patent Application Publication 20100306076 to Taveau et al.

As to claim 1, Booth discloses a computing device comprising:
	a first hash for a computer file [correct value of the hash of a computer file, i.e. the second firmware, as obtained from a trusted source: paragraph 0008]; 
 a memory to store a second hash associated with a computer program executed by an operating system of the computing device 
a processor to: retrieve the first hash when the computer file is to be executed by the processor during a firmware boot sequence [obtain correct value from a trusted source: paragraph 0008]; and 
compare the first hash with the second hash to establish a trusted firmware boot sequence for execution by the computing device [compare the first and second hash, i.e. the first trusted correct hash value and the second measured hash, to establish a trusted firmware boot: paragraph 0008]. 
Booth teaches the limitations of the claim but does not teach that a circuit chip to compute the first hash, and that the first hash is password protected.  
Taveau teaches that a trusted source may comprise keys for verifying software, i.e. security data such as a hash [secure vault for holding private identifying key material: paragraph 0058].  Thus, Taveau teaches a trusted source similar to that of Booth.  Taveau further teaches a circuit chip to compute the first hash [calculate a cryptographic hash for verifying the trustworthiness of a software entity, i.e. the computer file: paragraphs 0059-0062], and the security data, i.e. the first hash, is stored in a password protected vault [paragraph 0058].  
Before the effective filing date of the claimed invention, it would have been obvious to a person of ordinary skill in the art to employ a password protected trusted data store as taught by Taveau.  One of ordinary skill in the art would have been motivated to do so to prevent unauthorized access to the data store.
It would have been obvious to one of ordinary skill in the art to combine the teachings of the cited references because they are both directed to the problem of storing security data for authentication.  Moreover, the password protected trusted data store means taught by Taveau would 

As to claim 2, Taveau discloses the circuit chip is communicatively linked to the computer program [boot firmware may access to hash values and functions: paragraphs 0069-0072]. 

As to claim 3, Booth discloses the firmware boot sequence is to receive firmware boot sequence-enforced security policy data from the computer program for storage in a firmware-protected memory and retrieval by the computer program from the firmware-protected memory on demand [second boot firmware measures and stores additional security policy data to validate firmware as it is loaded from non-volatile memory: paragraph 0009]. 

As to claim 4, Booth discloses the computer file comprises the firmware boot sequence-enforced security policy data, and wherein the computer program is to enforce security policies provided by the firmware boot sequence-enforced security policy data [second firmware verifies remainder of firmware is authentic for booting: paragraph 0009]. 

As to claim 5, Taveau discloses the password of the first hash is randomly generated during an installation process of the computer program onto the computing device [password is generated randomly when verification for access to the password protected material, i.e. first hash, is requested, i.e. during an installation process: paragraph 0108]. 

As to claim 6, Taveau discloses the password of the first hash is provided by a user [security data such as username and password is provided by a user: paragraph 0103].  Booth further teaches that this 

As to claim 7, Booth discloses a computer system comprising: a memory comprising a computer program, a cryptographic first hash [correct value to verify the hash of a computer file: paragraph 0008], and a set of trusted security guidelines for operating an electronic device [procedure to verify that firmware is authentic: paragraph 0009]; a trusted platform module device to store a cryptographic second hash associated with the computer program [measure a second boot firmware to be executed by way of a cryptographic hash; calculation results are inherently stored in a memory: paragraph 0008]; a trusted application computing agent to establish that a hardware initialization sequence of the electronic device is trusted upon matching the first hash with the second hash [compare the first and second hash to establish a trusted firmware boot: paragraph 0008]; and a controller to operate the computer program on the electronic device according to the set of trusted security guidelines [system performs procedures to verify that firmware is authentic: paragraph 0009].   Taveau further teaches that security data, i.e. the first cryptographic hash, may be stored in a set of data [secure vault comprising various security data: paragraph 0058].  It would have been obvious to one of ordinary skill in the art to combine the cited references for the same reasons as for Claim 1 as discussed above.

As to claim 8, Taveau discloses the trusted platform module device comprises a non-volatile memory, and wherein the computer program is to store the cryptographic first hash for the set of data in the non-volatile memory [secure vault for holding private identifying key material, i.e. hash data: paragraph 0058]. 

As to claim 9, Taveau discloses the code is to protect a programmable storage slot in the non-volatile memory [storage locations in the secure vault for storing data such as first cryptographic hash, is protected by a password, i.e. code: paragraph 0058]. 

As to claim 10, Booth discloses the set of trusted security guidelines comprises hardware initialization-enforced security policy data associated with the operational security of the electronic device [second firmware verifies remainder of firmware is authentic for booting, is enforced when memory is paged in: paragraph 0009].

As to claim 11, Taveau discloses the set of data is a data structure [secure vault comprising various security data: paragraph 0058].  A BLOB is a data structure - a binary large object is a single data structure comprising a collection of binary data - well known in the art ; it would therefore have been obvious to one of ordinary skill in the art to use a BLOB to store any type of data, such as a password-protected hash file, substantially as claimed.  It well known in the art that specific data from the BLOB can be extracted for use; i.e. providing a modified version of the BLOB. 

As to claim 12, Booth discloses a machine-readable storage medium comprising computer-executable instructions that when executed cause a processor of a computing device to: establish a cryptographic hash function for a computer file [correct value to verify the hash of a computer file: paragraph 0008]; select the cryptographic hash function when the computer file is to be executed during a hardware initialization sequence [obtain correct value from a trusted source: paragraph 0008]; link the cryptographic hash function comprising the password with a previously stored cryptographic hash function associated with a computer program executed by the computing device, wherein the linking is to establish a trusted hardware initialization sequence for execution by the computing device 

As to claim 13, Booth discloses the instructions, when executed, further cause the processor to determine whether to enable the computer program to operate on the computing device based on a comparison of the cryptographic hash function with the previously stored cryptographic hash function [paragraph 0008]. 

As to claim 14, Booth discloses the instructions, when executed, further cause the processor to accept a request by the computer program to operate upon the cryptographic hash function matching the previously stored cryptographic hash function [if the hashes do match, the processor executes the computer program: paragraph 0029]. 

As to claim 15, Booth discloses the instructions, when executed, further cause the processor to reject a request by the computer program to operate upon the cryptographic hash function not matching the previously stored cryptographic hash function [if the hashes do not match, the processor remains in diagnostic mode and prevents computer program from operating: paragraph 0029].

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ERIC CHANG whose telephone number is (571)272-3671. The examiner can normally be reached M-F 9:00-5:30.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kim Huynh can be reached on (571) 272-4147. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/ERIC CHANG/Examiner, Art Unit 2186                                                                                                                                                                                                        

/KIM HUYNH/Supervisor Patent Examiner, Art Unit 2186