DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This Office Action is in response to Application No. 16/579,044, filed on 9/23/2019.
Claims 1-20 have been examined and are pending in this application. 
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):

(B)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.

The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention. 

Claims 18 is rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention.
Regarding claim 18, claim 18 recites the limitation “the segment digital digest value”.  The claim does not have a previous recitation of “the segment digital digest value” and as a result, lacks proper antecedent basis. For example, a lack of clarity could arise where a claim refers to "said lever" or “the lever”, where the claim contains no earlier recitation or limitation of a lever and as a result, it would be unclear as to what element the limitation was making reference to (MPEP 2173.05(e) [R-07.2015]). Appropriate correction is required to ensure proper claim interpretation.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
Claim(s) 1-3 are rejected under 35 U.S.C. 103 as being unpatentable over Dasgupta (US 2010/0130287) in view of Sagal et al. (US 8,417,954; Hereinafter “Sagal”).
Regarding claim 1, Dasgupta teaches a server comprising: a processor circuit; and a memory coupled to the processor circuit, wherein the memory comprises computer program instructions that, when executed by the processor circuit, cause the server to perform operations comprising: 
verifying, using a public key, signature data corresponding to a single certificate file for authenticating a software installation package file that was signed using a private source key (Dasgupta: Fig. 2C-2D, Fig. 3A-3C, Fig. 4-6, Para. [0039], a security architecture method for an electronic gaming machine uses authentication of software content, such as content 220, by signing 410 the content with a DSS signature using a private key (encrypted for example with a SHA1 digest value, wherein SHA1 is part of the Secure Hash Algorithm family), and validation 420 of the DSS signature for the content against the a public key corresponding to the private key, wherein the public key may be issued by the entity signing the content. Para. [0043], This signature is then validated 670 by performing a SHA1 over the file data and pathname, then running an algorithm to validate the signature, using the public key stored in the BIOS ROM.); and 
(Dasgupta: Fig. 3A, Para. [0034], In an embodiment, to enable the open ( ) system call file verification for the loop device, the file-integrity kernel module is instructed to load a file signature table (FST) for the loop device and to associate the FST with a major, minor number of the loop device. In an embodiment, each entry in the FST corresponds with a file in a partition of the image and is indexed using the file's inode number and contains a digital signature (e.g., DSS from SHA-1) using the file data and its full path.).
Dasgupta does not explicitly teach responsive to verifying that the signature data matches an originally signed single certificate file.
In an analogous art, Sagal teaches responsive to verifying that the signature data matches an originally signed single certificate file (Sagal: Col. 2, Lines 33-50, In one embodiment, in response to determining that the public certificate is invalid, authentication module 114 issues an error message indicating that the public certificate is invalid. In response to determining that the public certificate is valid, authentication module 114 verifies the authenticity of the received metadata file based on the received signature file and the public certificate.),  reading an image file segment table from the software installation package file, the image file segment table comprising a plurality of records that correspond to ones of a plurality of image file segments of the software installation package file (Sagal: Col. 3, Lines 20-28, Hashing module 110 determines the hash value for each file and writes the hash value and the index or handle to the symmetric key used to encrypt each file to a metadata file. Digital signature module 112 then digitally signs the metadata file and provides a signature file for the metadata file. [metadata file may include an index with hash values, key values, and signature/certificate values], Col. 3, Lines 29-45, In one embodiment, destination 106 downloads the metadata file, the signature file, and the file including the public certificate associated with the private certificate used to generate the signature file. Authentication module 114 determines the authenticity of the metadata file based on the public certificate and the signature file. Once the metadata file is authenticated, destination 106 downloads the plurality of encrypted files for the installation image. Verification module 116 determines whether the encrypted files were corrupted or modified by comparing calculated hash values for the downloaded files to the associated hash values stored in the metadata file.)
It would have been obvious to a person having ordinary skill in the art, before the effective filing date of the claimed invention, to combine the teachings of Sagal with the system and method of Dasgupta to include responsive to verifying that the signature data matches an originally signed single certificate file because this functionality provides enhanced security and more efficient certificate and signature verification techniques that reduce time consumption (Sagal: Col. 1, Lines 10-18). 
Regarding claim 2, Dasgupta, in combination with Sagal, teaches the server of Claim 1, wherein the server is further caused to perform operations comprising launching a plurality of processing threads that correspond a plurality of processor circuit processing cores, wherein each of the plurality of processing threads performs a hashing operation on a different one of the plurality of image file segments (Sagal: Col. 2, Lines 52-59, Verification module 116 receives the metadata file and the plurality of encrypted files making up the installation image. Verification module 116 calculates the hash value for each of the encrypted files using the hash function or functions maintained by destination 106. Col. 3, Lines 62-67, In one embodiment, processor 132 divides installation image 142 into a plurality of files each including a portion of installation image 142. Processor 132 encrypts each of the files using a symmetric key 148 from key table 144. In one embodiment, processor 132 uses a different symmetric key 148 for each file. Processor 132 calculates the hash value for each encrypted file using hash function 150. Processor 132 writes the hash value and the index 146 for each key for each encrypted file to a metadata file. [Processor may include a plurality of cores]).
Regarding claim 3, Dasgupta, in combination with Sagal, teaches the server of Claim 2, wherein the plurality of image file segments comprises a first type of image file segments and a second type of image file segments that is different from the first type of image file segments (Sagal: Claim 1, the memory storing: at least two encrypted files making up an installation image).

Claim(s) 4-9 is rejected under 35 U.S.C. 103 as being unpatentable over Dasgupta (US 2010/0130287) in combination with Sagal et al. (US 8,417,954; Hereinafter “Sagal”) in view of Suryanarayana et al. (US 2020/0334028; Hereinafter “Suryanarayana”).
Regarding claim 4, Dasgupta, in combination with Sagal, teaches the server of claim 1.  Dasgupta, in combination with Sagal, does not explicitly teach wherein the first type of image file segments comprises repetitive data content and the second type of image file segments comprises non-repetitive data content.  
In an analogous art, Suryanarayana teaches wherein the first type of image file segments comprises repetitive data content and the second type of image file segments comprises non-repetitive data content (Suryanarayana: Para. [0027], In this example, because data block 210C has the same data pattern as data block 210F, the data blocks may have the same hash signatures. A unique instance of the duplicate data block may be stored in a pool of repeated or duplicate data. The hash signatures of the data blocks may be similar if the data patterns of the data blocks are similar. For example, if the data patterns in the data blocks are the same but for a data chunk of 2 bytes in the first data block, then the two data blocks are similar. Data chunks may refer to the non-repeated data left in the data block after the determined data patterns are removed from the data block. Para. [0034], In the examples above, uniformly repeated patterns show data pattern “00 01 08 AO” repeated uniformly. Uniquely repeated data patterns show several unique data patterns such as “AA AA AA AA AA AA AA,” “AB AB AB AB AB AB AB,” and “AC AC AC AC AC AC.” As shown, each of the uniquely repeated data patterns may have one or more unique data units separating each data pattern. Para. [0035], [0044]).
It would have been obvious to a person having ordinary skill in the art, before the effective filing date of the claimed invention, to combine the teachings of Suryanarayana with the system and method of Dasgupta and Sagal to include wherein the first type of image file segments comprises repetitive data content and the second type of image file (Suryanarayana: Para. [0022]). 
Regarding claim 5, Dasgupta, in combination with Sagal and Suryanarayana, teaches the server of Claim 4, wherein a first record of the plurality of records comprises a segment digital digest value corresponding to a first image file segment of the plurality of image file segments (Sagal: Col. 3, Lines 12-28, Hashing module 110 determines the hash value for each file and writes the hash value and the index or handle to the symmetric key used to encrypt each file to a metadata file. Digital signature module 112 then digitally signs the metadata file and provides a signature file for the metadata file.), a first segment starting value and a first segment size corresponding to the first image file segment (Sagal: Col. 3, Lines 12-28, In one embodiment, the size of each file is selected such that each file can be downloaded over a network, such as the internet. In one embodiment, the size of each file is within a range between approximately 100 Mbytes and 300 Mbytes, such as 200 Mbytes. Encryption module 108 then encrypts each of the files using a symmetric key.).
Regarding claim 6, Dasgupta, in combination with Sagal and Suryanarayana, teaches the server of Claim 5, wherein the server is further caused to perform operations comprising comparing the segment digital digest value in the first record with a hash of the first image file segment (Sagal: Col. 3, Lines 29-45, Verification module 116 determines whether the encrypted files were corrupted or modified by comparing calculated hash values for the downloaded files to the associated hash values stored in the metadata file. Once the encrypted files are verified as being not corrupted or modified, decryption module 118 decrypts the encrypted files using the symmetric keys indicated by the associated indexes or handles stored in the metadata file.).
Regarding claim 7, Dasgupta, in combination with Sagal and Suryanarayana, teaches the server of Claim 5, wherein a second record of the plurality of records comprises a value of repetitive data, a second segment starting value and a second segment size corresponding to the second image file segment (Suryanarayana: Para. [0027], Para. [0034], In the examples above, uniformly repeated patterns show data pattern “00 01 08 AO” repeated uniformly. Uniquely repeated data patterns show several unique data patterns such as “AA AA AA AA AA AA AA,” “AB AB AB AB AB AB AB,” and “AC AC AC AC AC AC.” As shown, each of the uniquely repeated data patterns may have one or more unique data units separating each data pattern. Para. [0026], Deduplicating the firmware image may include dividing the firmware image into data blocks. The size of the data blocks may be pre-determined or dynamically determined and varied based on one or more assumptions. For example, a firmware image of 256 bytes may be reduced to 48 bytes with a data deduplication table of 32 bytes totaling to 80 bytes of data.  Para. [0035], [0044]).
Regarding claim 8, Dasgupta, in combination with Sagal and Suryanarayana, teaches the server of Claim 7, wherein the server is further caused to perform operations comprising determining that second image file segment comprises the value of repetitive data repeated from the second segment starting value in the second image file segment for the second segment size (Suryanarayana: Para. [0041], After initially identifying sub-blocks 350, 355A, and 355B in data block 345 of FIG. 3, the optimizer identified additional data patterns such as sub-blocks 410A-410F, sub-blocks 415A-415F, a sub-block 417, and sub-blocks 419A-419D. In this example, sub-block 350 mostly includes a uniquely repeated data pattern of “FF” aside from sub-blocks 355A and 355B which includes a uniquely repeated data pattern of “00.” Sub-block 417 which includes a uniquely repeated data pattern of ASCII code “00” may also be identified.).
Regarding claim 9, Dasgupta, in combination with Sagal and Suryanarayana, teaches the server of Claim 8, wherein determining that the second image file segment comprises the value of repetitive data comprises performing a byte by byte comparison to determine that the second image file segment comprises only the value of repetitive data (Para. [0026], Para. [0027], For example, if the data patterns in the data blocks are the same but for a data chunk of 2 bytes in the first data block, then the two data blocks are similar. Data chunks may refer to the non-repeated data left in the data block after the determined data patterns are removed from the data block. Deltas between the two similar data blocks may be determined based on the comparison of the hash signatures of each data blocks. The deltas between the two data blocks may be stored in a pool of unique .

Claim(s) 10-13, and 16 are rejected under 35 U.S.C. 103 as being unpatentable over Cha et al. (US 2011/0138164; Hereinafter “Cha”) in view of Sagal et al. (US 8,417,954; Hereinafter “Sagal”).
Regarding claim 10, Cha teaches a server comprising: a processor circuit; and a memory coupled to the processor circuit, wherein the memory comprises computer program instructions that, when executed by the processor circuit, cause the server to perform operations comprising: 
scanning an image file that corresponds to a software installation package file to identify a plurality of image file segments therein (Cha: Para. [0094], First of all, the entire firmware 240 is divided into N number of regions (or areas). Then, multiple interleaved portions (shown in FIG. 5 as interleaved portion A 510, interleaved portion B 520, and interleaved portion C 530) are generated, which are then adequately aligned in the N number of divided regions (S601). More specifically, interleaved portions A to C are adequately aligned in each of the N number of regions, which divides the entire firmware 240, in accordance with an alignment order decided by the system. For example, it is shown in FIG. 5 that the interleaved portions are aligned in the order of A-C-B-A-C-A-B-C-B-C-B-A for the N number of regions.).
Cha does not explicitly teach generating a single certificate file that corresponds to the plurality of image file segments. 
In an analogous art, Sagal teaches generating a single certificate file that corresponds to the plurality of image file segments (Sagal: Col. 2, Lines 18-26, Digital signature module 112 digitally signs the metadata file containing the hash values and symmetric key indexes. Digital signature module 112 provides a signature file for the metadata file. The digital signature is based on a secret private certificate maintained by source 102. In one embodiment, source 102 generates public certificates based on the source 102 secret root certificates. A public certificate may be transmitted with the signature file generated using the associated secret root certificate.)
It would have been obvious to a person having ordinary skill in the art, before the effective filing date of the claimed invention, to combine the teachings of Sagal with the system and method of Cha to include generating a single certificate file that corresponds to the plurality of image file segments because this functionality provides enhanced security and more efficient certificate and signature verification techniques that reduce time consumption (Sagal: Col. 1, Lines 10-18). 
Regarding claim 11, Cha, in combination with Sagal, teaches the server of Claim 10, wherein the server is further caused to perform operations comprising, based on the scanning, defining the plurality of image file segments in the image file (Cha: Para. [0094], First of all, the entire firmware 240 is divided into N number of regions (or areas). Then, multiple interleaved portions (shown in FIG. 5 as interleaved portion A 510, interleaved portion B 520, and interleaved portion C 530) are generated, which are then adequately aligned in the N number of divided regions (S601). More specifically, interleaved portions A to C are adequately aligned in each of the N number of regions, which divides the entire firmware 240, in accordance with an alignment order decided by the system. For example, it is shown in FIG. 5 that the interleaved portions are aligned in the order of A-C-B-A-C-A-B-C-B-C-B-A for the N number of regions. [divided regions are defined meets the defining the plurality of image file segments limitation]).
Regarding claim 12, Cha, in combination with Sagal, teaches the server of Claim 11, wherein the server is further caused to perform operations comprising hashing ones of the plurality of image file segments into a corresponding plurality of segment digital digest values (Sagal: Col. 3, Lines 12-16, In operation of one embodiment, source 102 divides an installation image into a plurality of files each including a portion of the installation image. Col. 3, Lines 62-67, Col. 3, Lines 20-24, Hashing module 110 determines the hash value for each file and writes the hash value and the index or handle to the symmetric key used to encrypt each file to a metadata file. Col. 4, Lines 1-7).
Regarding claim 13, Cha, in combination with Sagal, teaches the server of Claim 12, wherein the server is further caused to perform operations comprising generating an image file segment table comprising a plurality of records corresponding to respective ones of the plurality of image file segments, and wherein the single certificate file comprises the image file segment table (Sagal: Fig. 2, Fig. 5, Col. 3, Lines 20-24, Hashing module 110 determines the hash value for each file and writes the hash value and the index or handle to the symmetric key used to encrypt each file to a metadata file. [hash value and index written to a metadata file which is signed meets the single certificate file comprises the image file segment table limitation] Col. 2, Lines 18-26, Digital signature module 112 digitally signs the metadata file containing the hash values and symmetric key indexes. Digital signature module 112 provides a signature file for the metadata file. The digital signature is based on a secret private certificate maintained by source 102. In one embodiment, source 102 generates public certificates based on the source 102 secret root certificates. A public certificate may be transmitted with the signature file generated using the associated secret root certificate. Col. 2, Lines 33-67,).
Regarding claim 16, Cha, in combination with Sagal, teaches the server of Claim 10, wherein the plurality of image file segments comprises a first type of image file segments and a second type of image file segments that are different from the first type of image file segments (Sagal: Claim 1, the memory storing: at least two encrypted files making up an installation image).

Claim(s) 17 is rejected under 35 U.S.C. 103 as being unpatentable over Cha et al. (US 2011/0138164; Hereinafter “Cha”) in view of Sagal et al. (US 8,417,954; Hereinafter “Sagal”) in view of Suryanarayana et al. (US 2020/0334028; Hereinafter “Suryanarayana”).
Regarding claim 17, Cha, in combination with Sagal, teaches the server of Claim 16. Cha, in combination with Sagal, does not explicitly teach wherein the first type of 
In an analogous art, Suryanarayana teaches wherein the first type of image file segments comprises repetitive data content and the second type of image file segments comprises non-repetitive data content (Suryanarayana: Para. [0027], In this example, because data block 210C has the same data pattern as data block 210F, the data blocks may have the same hash signatures. A unique instance of the duplicate data block may be stored in a pool of repeated or duplicate data. The hash signatures of the data blocks may be similar if the data patterns of the data blocks are similar. For example, if the data patterns in the data blocks are the same but for a data chunk of 2 bytes in the first data block, then the two data blocks are similar. Data chunks may refer to the non-repeated data left in the data block after the determined data patterns are removed from the data block. Para. [0034], In the examples above, uniformly repeated patterns show data pattern “00 01 08 AO” repeated uniformly. Uniquely repeated data patterns show several unique data patterns such as “AA AA AA AA AA AA AA,” “AB AB AB AB AB AB AB,” and “AC AC AC AC AC AC.” As shown, each of the uniquely repeated data patterns may have one or more unique data units separating each data pattern. Para. [0035], [0044]).
It would have been obvious to a person having ordinary skill in the art, before the effective filing date of the claimed invention, to combine the teachings of Suryanarayana with the system and method of Cha and Sagal to include wherein the first type of image file segments comprises repetitive data content and the second type of image file segments comprises non-repetitive data content because this functionality provides improved storage utilization and bandwidth utilization (Suryanarayana: Para. [0022]). 
Allowable Subject Matter
 	Regarding claim 14,
 	Regarding claim 15, Claim 15 is objected to as being dependent upon an objected dependent claim that depends on a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
 	Regarding claim 18, Claim 18 would be allowable if rewritten to overcome the rejection(s) under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), 2nd paragraph, set forth in this Office action and to include all of the limitations of the base claim and any intervening claims.
	Regarding claims 19-20, Claims 19-20 are allowed.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Nelson Giddins whose telephone number is (571)272-7993.  The examiner can normally be reached on Monday - Friday, 9:00 AM - 5:00 PM.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kristine Kincaid can be reached at (571) 272-4063.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/NELSON S. GIDDINS/            Primary Examiner, Art Unit 2437