DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

1.  This Final Office Action is in response to amendment filed on 11/11/2021.
	Claims 1, and 11 have been amended. Claims 1-20 remain pending in the application. 
Response to Amendment

The amendment filed 11/11/2021 has been entered. Claims 1 and 11 have has been amended. Claims 1-20 remain pending in the application. 
Applicant amendments to the Specifications have overcome the objections previously set forth in the Non-Final Office Action mailed on 06/11/2021. The objection has been withdrawn in view of the amended Specifications.
Applicant amendment to the claims have overcome the objections previously set forth in the Non-Final Office Action mailed on 06/11/2021. The objection has been withdrawn in view of the amended Claims.
Applicant arguments to the 35 U.S.C. § 112a rejections have overcome the rejections previously set forth in the Non-Final Office Action mailed on 06/11/2021. The rejection has been withdrawn in view of the Claims.


Response to Arguments

Regarding Applicant’s arguments, on page 8-14 of the remark filed on 11/11/2021, on the objection to the Drawings on page 8 par. 2-7 are not persuasive. In the MEPE 37 C.F. R 1.84 Standards for drawings the Office states in subsection (o) “Legends. Suitable descriptive legends may be used subject to approval by the Office, or may be required by the examiner where necessary for understanding of the drawing.”, Examiner acknowledges that the drawings should contain few words as possible, however there are no labels in any of the drawings of Figures 1-2 and 4-5 as well as no corresponding reference characters in Figure 5. This makes it difficult for the Examiner to understand, identify and interpret the drawings alone without having to view the specification with no labels. The Office states in MPEP 608.02(b) and 6.22 that the drawings must comply and are objected to that require descriptive text labels. Therefore, the objection is maintained.


 	Regarding Applicant’s arguments, on page 8-14 of the remark filed on 11/11/2021, on the limitations of claims 1: “cryptographically sign the hash value using a physically unclonable function value of the apparatus”, arguments are not persuasive.
	Applicant argues on page 10 paragraph 5 and page 11 paragraph 3 of the remarks filed on 11/11/2021 that the cited references fail to expressly or inherently disclose or make obvious the amended features incorporate cryptographically sign the 

Regarding Applicant’s arguments, on page 8-14 of the remark filed on 11/11/2021, on the newly added limitations of claims 1: “the direct coupling not traversing a further device comprised in the apparatus,” arguments are not persuasive.
Applicant argues on page 11 paragraph 1 and page 12 paragraph 2 of the remarks filed on 11/11/2021 that the cited references fail to expressly or inherently disclose or make obvious the amended features incorporate the direct coupling not traversing a further device comprised in the apparatus and that this feature is absent in Kirkpatrick as well as in Westerninen where the claim wording is not met. Applicant’s interpretation of the reference has been noted; however, examiner respectfully disagrees. Westerninen describes in Figure 3 labels 316 and 314 showing the direct coupling or linking but not traversing of the security module and the processor. Examiner respectfully disagrees with the claim wording not being met because in the instant application in Par. (0038) not traversing a further device is defined to not 

However, newly added limitation to Claims 1: “and to provide the signed hash value from the secure hardware element as an attestation of the input data.” argument is persuasive. 
Therefore, the 35 U.S.C. 103 rejection Westerinen et al. (WO Pub. No. 2009055147) in further view of Kirkpatrick et al. (U.S Pub. No. 20130254636), has been withdrawn. However, upon further consideration, a new ground(s) of rejection is made under 35 U.S.C. § 103 in view of the following prior art: Carter et al. (U.S No. 9135444), in conjunction with Westerinen et al. (WO Pub. No. 2009055147) and Kirkpatrick et al. (U.S Pub. No. 20130254636). Please refer to the 35 U.S.C. 103 section below for a detailed explanation.
	For the reasons stated above and the new ground(s) of rejection under 35 U.S.C. 103 below, Examiner respectfully disagrees with Applicant’s argument, see Applicant’s Remarks Pages 8-14, regarding allowance of the application. Examiner asserts that claims 1-20 are rejected for the reasons stated above in conjunction with the new ground(s) of rejection under 35 U.S.C. 103 below.
	Conclusion: Westerinen - Kirkpatrick - Carter teach the aforementioned limitations of independent claims 1 and 11 rendering the claim limitations obvious before the effective date of the claimed invention.

Drawings

The drawings (Figures 1-2 and 4-5) are objected to as failing to comply with 37 CFR 1.84(p) (4) because there are no descriptive legends present for reference character numbers 110, 112, 114, 116, 120, 130, 140, 150, 160, 170, 180, 1G, 1F, 1E, 1N, 1D, 1C., 1B, 1J, 1K, 1M, 1L, 1H, and 1A in the drawings of Figure 1. This creates confusion as to what the reference characters represent without appropriate labels and viewing the drawings alone without having to view the detail description in the specifications.
In Figure 2 there are no descriptive legends present for reference character numbers 210-260 in the drawings of Figure 2. This creates confusion as to what the reference characters represent without appropriate labels and viewing the drawings alone without having to view the detail description in the specifications.
In Figure 4, there are no descriptive legends present for reference characters 410-460 and 112, 130, and 114 in the drawings of Figure 4. This creates confusion as to what the reference characters represent without appropriate labels and viewing the drawings alone without having to view the detail description in the specifications.
In Figure 5, there are no reference character numbers present for labels “PCR0”, “PCR1” “PCR2” and no present descriptive legend for reference character number 130 in the drawings of Figure 5.
Corrected drawing sheets in compliance with 37 CFR 1.121(d) are required in reply to the Office action to avoid abandonment of the application. Any amended 



Claim Rejections - 35 USC § 112

The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.



Claims 4-7 and 16 is/are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as failing to set forth the subject matter which the inventor or a joint inventor, (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant) regards as the invention. 

In regards to Claims 4-7, the applicant recites the limitation “an attestation”, this is unclear because an attestation is already previously recited in independent claim 1. This creates confusion if the applicant is reciting another embodiment of an attestation or if the applicant is referring to the attestation recited previously in claim 1. The specification states in Par. (0030) “the hash value obtained thus may be cryptographically signed using an encryption key generated using the identifier provided by identity processing circuitry 112, to obtain the attestation of the memory space. The attestation may be stored in platform configuration register, PCR, circuitry. PCR circuitry may be comprised in trusted element 110, for example. In various embodiments, trusted element 110 may have one, two or more than two platform configuration registers to store memory attestations. In the simplest case, a single attestation is derived over the entire contents of memory 130, that is, the memory space used to provide the data for the hash function is the entire memory space of memory”. Therefore it will be broadly and reasonably interpreted that an attestation is referring to the same attestation recited previously in claim 1. Examiner amending the claims by using the phrase “the” in front of attestation to recite consistent claim language and to avoid confusion. Claims 5-7 is being additionally rejected for being dependent on a rejected base claim.  

In regards to Claims 6 and 16, the applicant recites the limitation “wherein the secure hardware [..] but does not comprise circuitry arranged to perform a decryption operation using the private key”. This limitation becomes unclear because it is not found anywhere in the specification detailing how this operation is In some embodiments, to save silicon space, only a single encryption function is configured in trust element 110. To save even more silicon space, in some embodiments cryptographic signing is the only cryptographic procedure supported by trust element 110. In embodiments in accordance with trusted platform module, TPM  2.0 standards, two encryption keys are generated,”. However that aspect of the specification does not explain how the circuitry can perform one cryptographic operation such as signing/encrypting a hash but not the other that entails decrypting. Therefore it will be broadly and reasonably interpreted the secure hardware element comprises of circuitry that has an encryption operation that cryptographically signs information that will be sufficient to meeting the claimed limitations as well as the latter portion of the claim “but does not comprise circuitry arranged to perform a decryption operation using the private key”, has no patentable weight as it is not described in detail in any portion of the specifications how this operation is clearly being performed. Examiner suggests amending the claims to further define how the secure hardware element has circuitry to sign but not to decrypt as well as how it is being performed to avoid confusion. 




Claim Rejections - 35 USC § 103


In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-2 and 8-9, is/are rejected under 35 U.S.C. 103 as being unpatentable over Westerinen et al. (WO Pub. No. 2009055147 (retrieved from IDS), hereinafter referred to as "Westerinen") and Kirkpatrick et al. (U.S Pub. No. 20130254636, hereinafter referred to as "Kirkpatrick") in further view of Carter et al. (U.S No. 9135444, hereinafter referred to as “Carter”)

Regarding Independent Claim 1 (Currently Amended), Westerinen teaches an apparatus comprising: - a random access memory device; (Figure 1 labels 130, 132)
 -at least one processing core coupled via a first interface with the random access memory device, and (Figure 1 labels 120, 123, and 124; Processor connected to Memory/RAM)
 - a secure hardware element (Figure 1 label 129), comprising hash function circuitry (Par. (0031) “the security module 200 [..] perform a hash on the code as it is read) , and coupled directly via a second interface with the random access memory device (Par. (0031) “In order to read data in the computer memory 130 without the threat of malicious code running on the processor 120, the security module 200 may assert itself as a system bus master via the bus interface 206. When acting as a bus master, the security module 200 may use direct access to the memory 130 without threat of interference.”),
the direct coupling not traversing a further device comprised in the apparatus, (Fig 3 labels 316 and 314; direct coupling not traversing (security module not traversing process) (Examiner notes: in the instant application the specification state on Par. (0038) that not traverse a further device in particular means it does not traverse a processor of the apparatus as shown in Figure 3 of the Westerninen prior art reference as well as mirrors the instant application Figure 1 drawings of labels 110 (security hardware element (TPM)) not traversing labels 120 (the processor))
 the secure hardware element configured to obtain data from a memory space of the random access memory device, to produce as output a hash value of the input, (Par. (0031) “the security module 200 may use direct access to the memory 130 without threat of interference. The processor 202 may read the executable code out of an appropriate computer memory, such as application program memory 135, and perform a hash on the code as it is read)
However Westerinen does not explicitly teach to cryptographically sign the hash value using a physically unclonable function value of the apparatus and to provide the signed hash value from the secure hardware element as an attestation of the input data.
Wherein Kirkpatrick teaches to cryptographically sign the hash value using a physically unclonable function value of the apparatus (Par. (0005) “providing a seed value to a physically unclonable function (PUF), generating an output value from the physically unclonable function (PUF) using the seed value, storing an error-correction syndrome generated from the output value, transmitting the output value to the cryptographic core”; physical unclonable function value) , (Par. (0004) ““a cryptographic core is configured to generate a hash using a key and to use the hash as a private key in symmetric cryptography  [..] wherein the cryptographic core is configured to generate the key pair using the combined key as input. In at least one embodiment of a system for cryptographic functions according to the present disclosure, the system comprises a digital signature comprising a communication signed by the private key, wherein the public key is configured to verify the authenticity of the digital signature through public key cryptography.”; cryptographically signed hash value), (Figure 1 label 10, 16, 110; apparatus (10), PUF (16)), (Par. (0007) “digital signatures signed hash value using PUF), (Par. (0004) “a cryptographic core is configured to generate a hash using a key and to use the hash as a private key”; generated hash as private key)), (Par. (0106) “The secret key sk, then becomes e or e' as appropriate. To compute the public key pk, the CC 210 computes the modular multiplicative inverse of sk by using the extended Euclidean algorithm. That is, in one example, the CC 210 computes d such that skd.ident.1 (mod .phi.(n)). In example, this value d then becomes the public key pk. Given this key pair (pk, sk), the PUF ROK can be used in multiple ways. For example, the command Sign(m) could be issued to the CC 210, requesting a cryptographic signature. In this example, after generating (pk, sk), the CC 210 uses sk to sign m, returning the signature and the public key pk to PC. pk can then be used by a third party to verify the signature”; secret key used to generate public key pk), (Par. (0108) “contains a persistent public key pair, similar to the Endorsement Key (EK) stored in a Trusted Platform Module (TPM). In addition to providing the pk, the CC 210 could also return SignEK(pk), denoting the signature of the pk under this persistent key. This technique provides the necessary assurance, as the persistent key is bound to the CC 210. It should be appreciated that this embodiment is improved with a key management infrastructure similar to existing TPM-based attestation schemes.”; sign EK (pk); the public key is signed)
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Kirkpatrick within the teachings of Westerinen to include to cryptographically signing the hash value using a physically 
The motivation to combine these reference is because by utilizing the physical unclonable function when cryptographically signing a hash value is because it creates a secure and authenticated communication exchange between the secure hardware element and input data from RAM. When dealing with integrated circuits and memory vulnerability and malware attacks such as side-channel man in the middle can be mitigated and avoided because by combining the multiple variations and unpredictability of PUF values with the signed and encrypted hash it in return lessens the likelihood of compromise and tampered information thus securely protecting memory spaces stored in RAM. This leads to reliability and trust for processing units and hardware components.

Wherein Carter teaches to cryptographically sign the hash value (Col. 6 lines 38-50 “certain hash values to be combined together and signed to create a TPM remote attestation. This remote attestation is sent by the TPM enabled orchestration service for validation (and sent perhaps with other data as described herein and below). The TPM enabled orchestration service verifies the remote attestation using a previously registered public key for the physical device or physical processing environment in which the TPM resides”; cryptographically sign the hash value (hash values combine together and signed))
 and to provide the signed hash value from the secure hardware element as an attestation of the input data. (Col. 6 lines 29-45 “A Trusted Platform Module (TPM) is a less capable instantiation of the GPM. The TPM provides a set of registers which record hash values for elements of the physical processing environment. Some typical hash values recorded within the registers include a hash of components [..] certain hash values to be combined together and signed to create a TPM remote attestation. This remote attestation is sent by the TPM enabled orchestration service for validation (and sent perhaps with other data as described herein and below). The TPM enabled orchestration service verifies the remote attestation using a previously registered public key for the physical device or physical processing environment in which the TPM resides and by comparing the hash”; provide the signed hash value from the secure hardware element e (hash values combined together and signed  [..] sent by the TPM) as an attestation of the input data (for validation/ verifies/ remote attestation)), (Col. 7 lines 1-15 signed hash of the software resources and configuration of the physical processing environment, signed with a private key of the TPM protected area. In some cases, this attestation may be essentially registered by the TPM enabled orchestration service. This is processed as an authentication credential for the physical processing environment and provides one mechanism for validating the physical processing environment”; as an attestation of the input data (signed hash corresponding to an attestation of resources/ physical environment)), (Col. 3 lines 45-50 “A resource is [..] identifying information (e.g., identifiers with passwords, biometric data, hardware specific data, digital certificates, digital signatures,”; input data (resource corresponding to hardware data)), (Col. 6 lines38-50 “an application or service can use the sealing capability of a TPM in order to bind data to a particular physical processing environment. To "seal" some piece of data, the application creates a key and encrypts the data with it. The key is then encrypted with certain register values from the TPM and stores that”; input data (physical processing environment corresponding to binded data))
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Carter within the teachings of Westerinen and Kirkpatrick to include the cryptographically signing of the hash value as well as the providing of a signed hash value from the secure hardware element as an attestation of the data because of the analogous concept of hardware elements such as Trusted module platforms and the verification of data using hash values. Carter includes a process in which the secure hardware element provides a signed hash as an attestation of the input data. This is significant because by providing a signed hash value from the secure hardware element of Trusted platform module the user in communication can be 

Regarding Dependent Claim 2 (Original), Westerinen does not explicitly teach the apparatus according to claim 1, wherein the physically unclonable function value of the apparatus comprises a value characteristic of manufacturing variations of the random access memory device.
Wherein Kirkpatrick teaches the apparatus according to claim 1, wherein the physically unclonable function value of the apparatus comprises a value characteristic of manufacturing variations of the random access memory device (Par. (0020) “PUFs use distinct instances of hardware produce distinct behavioral characteristics, like, for example, variations in the length and width of wire producing varying oscillations between ring oscillators in a PUF. That is, each copy of the device, even if designed to be identical, normally will exhibit slight variations that can be measured; physical unclonable function with manufacturing variation characteristics), (Par. (0022) “It should be appreciated that the definition of the PUF 16 function is determined exclusively by the variations in the PUF 16 hardware. As a result, no manufacturing variations characteristics)
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Kirkpatrick within teachings of Westerinen and Carter because of the reasons discussed in independent claim 1 stated above. 

Regarding Dependent Claim 8 (Original), Westerinen teaches the apparatus according to claim 1, further comprising a read-only memory, and wherein the secure hardware element is coupled via a third interface with the read-only memory, (Figure 1, labels 122, 121, 170, 131; three interfaces (network, Graphics, and I/O interfaces) with read-only memory (131))
However Westerinen does not explicitly teach and wherein the secure hardware element is configured to obtain as inputs the physically unclonable function value of the apparatus or a second physically unclonable function value of the apparatus, and data from the read-only memory, to generate a second hash value.
Wherein Kirkpatrick teaches and wherein the secure hardware element is configured to obtain as inputs the physically unclonable function value of the apparatus or a second physically unclonable function value of the apparatus, and data from the read-only memory, to generate a second hash value.  (Par. (0037) “The CC 110 is a stand-alone hardware component that provides cryptographic services to the PC 12”; secure hardware element (CC or cryptographic core), (Par. (0004) “the PUF configured to receive a seed value as an input and to generate a key as an output; secure hardware element (cryptographic core) receiving input from physical unclonable function (PUF)), (Par. (0004) “a cryptographic core is configured to generate a hash using a key and to use the hash as a private key in symmetric cryptography.”; secure hardware element (Cryptographic core) generates a hash value)), 
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Kirkpatrick within teachings of Westerinen and Carter because of the reasons discussed in independent claim 1 stated above. 

Regarding Dependent Claim 9 (Original), the combination of Westerinen, Kirkpatrick and Carter teach the apparatus of claim 1, Westerinen further teaches the apparatus according to claim 1, wherein the at least one processing core comprises a microcontroller processing core configured to execute computer code stored in the memory space of the random access memory device. (Figure 1, labels 120, 130, 131, 132; processing core comprising of microcontroller with RAM and ROM space), (Par. (0014) “implemented with or in software programs or instructions and integrated circuits (ICs)”; microcontroller configured to execute computer code (instructions), (Par. (0002) “Many techniques have been described that validate the integrity of code before it is executed. Most often, a trusted routine in the boot program or operating system verifies a hash or other digital signature of a program or utility executed code)), (Claim 1 “each executed by the processor (120); and a security module (129) comprising: a controller that performs integrity checks of the memory”; controller that executes code stored in memory))

Claims 11-12 and 18-19 is/are rejected under 35 U.S.C. 103 as being unpatentable over Westerinen et al. (WO Pub. No. 2009055147 (retrieved from IDS), hereinafter referred to as "Westerinen") in further view of Kirkpatrick et al. (U.S Pub. No. 20130254636, hereinafter referred to as "Kirkpatrick")


Regarding Independent Claim 11 (Currently Amended), Westerinen teaches a method in an apparatus comprising: - obtaining, by a secure hardware element, data from a memory space of a random access memory device as input; - producing as output a hash value of the input, and (Par. (0031) “the security module 200 may use direct access to the memory 130 without threat of interference. The processor 202 may read the executable code out of an appropriate computer memory, such as application program memory 135, and perform a hash on the code as it is read”; security hardware element (security module) obtaining input from memory to produce a hash)
- wherein the apparatus comprises the random access memory device (Figure 1 labels 130, 132), at least one processing core coupled via a first interface with the random access memory device (Figure 1 labels 120, 123, and 124; Processor connected to Memory/RAM), and the secure hardware element (Figure 1 which is coupled directly via a second interface with the random access memory device. (Par. (0031) “In order to read data in the computer memory 130 without the threat of malicious code running on the processor 120, the security module 200 may assert itself as a system bus master via the bus interface 206. When acting as a bus master, the security module 200 may use direct access to the memory 130 without threat of interference.”),
However Westerinen does not explicitly teach - cryptographically signing the hash value using a physically unclonable function value of the apparatus.
Wherein Kirkpatrick teaches - cryptographically signing the hash value using a physically unclonable function value of the apparatus, (Par. (0005) “providing a seed value to a physically unclonable function (PUF), generating an output value from the physically unclonable function (PUF) using the seed value, storing an error-correction syndrome generated from the output value, transmitting the output value to the cryptographic core”; physical unclonable function value) , (Par. (0004) ““a cryptographic core is configured to generate a hash using a key and to use the hash as a private key in symmetric cryptography  [..] wherein the cryptographic core is configured to generate the key pair using the combined key as input. In at least one embodiment of a system for cryptographic functions according to the present disclosure, the system comprises a digital signature comprising a communication signed by the private key, wherein the public key is configured to verify the authenticity of the digital signature through public key cryptography.”; cryptographically signed hash value), (Figure 1 label 10, 16, 110; apparatus (10), PUF (16)), (Par. (0007) “digital signatures using a hardware-based physically unclonable function (PUF) [..]  setting an initial seed signed hash value using PUF),
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Kirkpatrick to the apparatus comprising of a random access memory device coupled with a processing core via interface and a secure hardware element configured to obtain input data from the random access memory device to produce a hash value teachings of Westerinen because of the analogous concept of securely managing memory integrated devices to increase reliability and trust of processing hardware components.  Kirkpatrick includes a method of cryptographically signing a hash value with a physical unclonable function value, this allows the secure hardware element to support platform integrity  and confidence that the device will not be tampered with and compromised with unauthorized users or susceptible to interference with unauthenticated versions of firmware. By implementing a PUF value in the process of signing a hash value the memory spaces from the RAM with confidential input data is protected and secured once received by the secure hardware element in conjunction with the PUF. The PUF value provides uniqueness that is unpredictable that discourages attackers and makes it extremely difficult to duplicate. This protects the device from interception, impersonation or modification of input data once it is hashed. 
The motivation to combine these reference is because by utilizing the physical unclonable function when cryptographically signing a hash value is because it creates a secure and authenticated communication exchange between the secure hardware element and input data from RAM. When dealing with integrated circuits and memory 

Regarding Dependent Claim 12 (Original), Westerinen does not explicitly teach the method according to claim 11, wherein the physically unclonable function value of the apparatus comprises a value characteristic of manufacturing variations of the random access memory device.
Wherein Kirkpatrick teaches the method according to claim 11, wherein the physically unclonable function value of the apparatus comprises a value characteristic of manufacturing variations of the random access memory device. (Par. (0020) “PUFs use distinct instances of hardware produce distinct behavioral characteristics, like, for example, variations in the length and width of wire producing varying oscillations between ring oscillators in a PUF. That is, each copy of the device, even if designed to be identical, normally will exhibit slight variations that can be measured; physical unclonable function with manufacturing variation characteristics), (Par. (0022) “It should be appreciated that the definition of the PUF 16 function is determined exclusively by the variations in the PUF 16 hardware. As a result, no properties can be assumed about the function itself. That is, in general, the PUF 16 is neither linear nor injective nor subjective”; manufacturing variations characteristics)


Regarding Dependent Claim 18 (Original), Westerinen teaches the method according to claim 11, wherein the apparatus further comprises; a read-only memory, and wherein the secure hardware element is coupled via a third interface with the read-only memory, (Figure 1, labels 122, 121, 170, 131; three interfaces (network, Graphics, and I/O interfaces) with read-only memory (131))
However Westerinen does not explicitly teach and wherein the secure hardware element is configured to obtain as inputs the physically unclonable function value of the apparatus or a second physically unclonable function value of the apparatus, and data from the read-only memory, to generate a second hash value.
Wherein Kirkpatrick teaches and wherein the method further comprises obtaining, by the secure hardware element, as inputs the physically unclonable function value of the apparatus or a second physically unclonable function value of the apparatus, and data from the read-only memory, and generating a second hash value.  (Par. (0037) “The CC 110 is a stand-alone hardware component that provides cryptographic services to the PC 12”; secure hardware element (CC or cryptographic core), (Par. (0004) “the PUF configured to receive a seed value as an input and to generate a key as an output; an error-correction core electronically coupled to the PUF and the cryptographic core, the error-correction core configured to receive the key as an input and to transmit the key to the cryptographic core”; secure hardware element (cryptographic core) receiving input from physical unclonable function (PUF)), (Par. (0004) “a cryptographic core is configured to generate a hash using a key and to use the hash as a private key in symmetric cryptography.”; secure hardware element (Cryptographic core) generates a hash value)), 
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Kirkpatrick within teachings of Westerinen because of the reasons discussed in independent claim 11 stated above. 


Regarding Dependent Claim 19 (Original), the combination of Westerinen, and Kirkpatrick teach the method of claim 11, Westerinen further teaches the method according to claim 11, wherein the at least one processing core comprises a microcontroller processing core configured to execute computer code stored in the memory space of the random access memory device. (Figure 1, labels 120, 130, 131, 132; processing core comprising of microcontroller with RAM and ROM space), (Par. (0014) “implemented with or in software programs or instructions and integrated circuits (ICs)”; microcontroller configured to execute computer code (instructions), (Par. (0002) “Many techniques have been described that validate the integrity of code before it is executed. Most often, a trusted routine in the boot program or operating system verifies a hash or other digital signature of a program or utility immediately prior to its execution”; executed code)), (Claim 1 “each executed by the processor (120); and a security module (129) comprising: a controller that performs integrity checks of the memory”; controller that executes code stored in memory))

Claim 3 is/are rejected under 35 U.S.C. 103 as being unpatentable over Westerinen et al. (WO Pub. No. 2009055147 (retrieved from IDS), hereinafter referred to as "Westerinen"), Kirkpatrick et al. (U.S Pub. No. 20130254636, hereinafter referred to as "Kirkpatrick") and Carter et al. (U.S No. 9135444, hereinafter referred to as “Carter”) in further view of Cheng et al. (U.S Pub. No. 20080005574, hereinafter referred to as "Cheng")

Regarding Dependent Claim 3 (Original), the combination of Westerinen, Kirkpatrick and Carter do not explicitly teach the apparatus according to claim 1, wherein the secure hardware element is configured to provide the hash value to platform configuration register circuitry comprised in the secure hardware element, the platform configuration register circuitry being configured to store plural hash values derived from plural memory spaces of the random access memory device. 
	Wherein Cheng teaches the apparatus according to claim 1, wherein the secure hardware element is configured to provide the hash value to platform configuration register circuitry comprised in the secure hardware element, the platform configuration register circuitry being configured to store plural hash values derived from plural memory spaces of the random access memory device (Par. (0016) “TPM 120 includes a number of platform configuration registers ("PCRs", not shown in this figure) that can contain cryptographic hash values. The only way to change a PCR (other than by a reset of the system or of the TPM) is through an "extend" operation, which combines the existing PCR value with a new value to produce secure hardware element (TPM) with Platform configuration registry (PCR) that provides (produces) hash values)), (Par. (0022) “the processor locates a block of memory (425) including its address and length, then fetches data from the block (430) and computes a cryptographic hash of the data (435). The hash may be computed according to a Secure Hash Algorithm ("SHA"), a Message Digest ("MD") algorithm, or other suitable cryptographically secure, one-way hash algorithm supported by the TPM”; hash value derived from memory spaces (block of memory)), (Par. (0016) “a number of platform configuration registers ("PCRs", not shown in this figure) that can contain cryptographic hash values”; plural hash values), (Par. (0027) “including but not limited to [..] Random Access Memory (RAM),”; Random access memory), (Figure 5 labels 580, 530; plural memory spaces (blocks of memory))
	Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Cheng within the teachings of Westerinen, Kirkpatrick and Carter to include secure hardware element providing the hash value to platform configuration register circuitry and the platform configuration register circuitry being storing plural hash values derived from the random access memory device because of the analogous concept of securely managing memory integrated devices to increase reliability and trust of processing hardware components. Cheng includes providing the hash value from the secure hardware element to platform configuration register circuitry that store the plurality of hash values from multiple memory spaces of the RAM. This becomes important because it allows the secure hardware element to have a trusted component to measure the integrity of the stored hash values, by having information such as the hash of memory locations and contents 
	The motivation to combine these references is because by having a component that is trusted to store hash values from memory spaces of the RAM it allows the device to be multifaceted and accessible. By storing hash values by the size it is generated and by extending new values to existing entries the storage system can become more effective and efficient when dealing with multiple has values over multiple memory spaces in the RAM. It not only provides organization with a checksum and log event system but it promotes platform integrity and the secure protection against compromise or tampering by validating and comparing hash values that are stored. This in conjunction with the trusted platform module or secure hardware element establishes trust and reliability to users with confidential information in memory for integrated devices. 

Claims 4-7 is/are rejected under 35 U.S.C. 103 as being unpatentable over Westerinen et al. (WO Pub. No. 2009055147 (retrieved from IDS), hereinafter referred to as "Westerinen"), Kirkpatrick et al. (U.S Pub. No. 20130254636, hereinafter referred to as "Kirkpatrick") and Carter et al. (U.S No. 9135444, hereinafter referred to as “Carter”) in further view of Troia et al. (U.S Pub. No. 20200313899, hereinafter referred to as "Troia")

Regarding Dependent Claim 4 (Original), the combination of Westerinen, Kirkpatrick and Carter do not explicitly teach the apparatus according to claim 1, further 
Wherein Troia teaches the apparatus according to claim 1, further configured to output an attestation of memory contents of the memory space of the random access memory device, the attestation comprising the hash value (Par. (0040) “Circuitry 210 can generate a block 220 in a block chain for validating (e.g., authenticating and/or attesting) the data stored in memory 216 (e.g., in memory array 201). The block 220 can include a cryptographic hash of (e.g., a link to) the previous block in the block chain, and a cryptographic hash of (e.g., identifying) the data stored in memory array 201”; attesting memory contents (memory data) stored in memory space comprising a hash value (cryptographic hash)), (Par. (0002) “Memory devices are typically provided as internal, semiconductor, integrated circuits and/or external removable devices in computers or other electronic devices. There are many different types of memory including volatile and non-volatile memory. Volatile memory can require power to maintain its data and can include random-access memory (RAM), dynamic random access memory (DRAM), and synchronous dynamic random access memory (SDRAM), among others”; random access memory)
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Troia within the teachings of Westerinen, Kirkpatrick and Carter to include outputting an attestation of memory contents of the random access memory device and the attestation having a hash value because of the analogous concept of securely managing memory integrated devices to increase reliability and trust of processing hardware components. Troia includes a process of the 
The motivation to combine these references is because by implementing an attestation process of the output comprising a hash it mitigates and makes it difficult for unauthorized users to tamper with hardware components in a memory management system. This promotes platform integrity and creates a reliable and trustworthy environment for users with confidential data in memory to be protected without increasing the complexity of the device.

Regarding Dependent Claim 5 (Original), the combination of Westerinen, Kirkpatrick and Carter do not explicitly teach the apparatus according to claim 4, configured to cryptographically sign the hash value using a private key of a public key - private key pair of a public key cryptosystem.
Wherein Troia teaches the apparatus according to claim 4, configured to cryptographically sign the hash value using a private key of a public key - private key pair of a public key cryptosystem. (Par. (0043) “For instance, host 202 can generate the cryptographic hash of the data stored in memory array 201, and send the generated cryptographic hash to memory device 206”; cryptographic hash value sent to memory), (Par. (0044) “The digital signature associated with the block 220 can be generated (e.g., calculated), for example, by circuitry 210 based on (e.g., responsive to) an external command, such as a command received from host 202. For instance, the digital signature can be generated using symmetric or asymmetric cryptography”; digital signature of signed hash value generated by asymmetric cryptography (use of public/private key pairs)), (Par. (0045) “the digital signature associated with block 220, can be stored in memory array 201.”; signed hash value (digital signature) corresponding to hash value stored in memory), (Par. (0074) “Layer 2 755 of the memory device can include [..] a public key (“K.sub.Lk public”) 770 (referred to as a device public key) and a private key (“K.sub.LK private”) 772 (referred to as a device private key) associated with a memory device”; private and public key pair in memory device)), (Par. (0053) “memory device 206 can include a main memory, such as, for instance, a DRAM or SDRAM”; memory device correlating to random access memory))
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Troia within the teachings of Westerinen Kirkpatrick and Carter because of the reasons discussed in dependent claim 4 stated above.
 

Regarding Dependent Claim 6 (Original),the combination of Westerinen, Kirkpatrick and Carter teach the apparatus of claim 1, Westerinen further teaches the apparatus according to claim 5, wherein the secure hardware element comprises circuitry arranged to cryptographically sign information, but does not comprise circuitry arranged to perform a decryption operation using the private key (Figure 2, label 200, 212; secure hardware element (200) with circuitry arranged to cryptographically sign information (212)), (Par. (0028-0029) “The security module 200 may have a [..]  A cryptographic function 212 may be used to perform digital signature verifications, perform encryption and decryption functions,”; secure hardware element (security module) with circuitry ( cryptographic function) that cryptographically signs information (performs digital signature [..] encryption)), (Examiner notes: As rejected to in the 112b rejection above, there is no antecedent basis for the latter part of the claims not is this performed process of the claim described anywhere in the specification “does not comprise circuitry arranged to perform a decryption operation using the private key”, therefore this part of the claim has no patentable weight and as stated in the 112b rejection above digitally signing information requires a cryptographic operation that is the same operation as decryption using a private key , it is not possible to have one operation without the other. Examiner will broadly and reasonably interpret this claim as a secure hardware element digitally signing information with an encryption operation)



Regarding Dependent Claim 7 (Original), the combination of Westerinen, Kirkpatrick and Carter do not explicitly teach the apparatus according to claim 5, wherein the public key cryptosystem comprises the Rivest-Shamir-Adleman, RSA, or the ElGamal cryptosystem.
the apparatus according to claim 5, wherein the public key cryptosystem comprises the Rivest-Shamir-Adleman, RSA, or the ElGamal cryptosystem. (Par. (0044) “the digital signature can be generated using symmetric or asymmetric cryptography.”; RSA (asymmetric/ symmetric cryptography), (Par. (0070) “asymmetric key generator 663 can generate a public key”; public key comprises of RSA (asymmetric cryptography)) 
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Troia within the teachings of Westerinen Kirkpatrick and Carter because of the reasons discussed in dependent claim 4 stated above.

Claim 13 is/are rejected under 35 U.S.C. 103 as being unpatentable over Westerinen et al. (WO Pub. No. 2009055147 (retrieved from IDS), hereinafter referred to as "Westerinen") and Kirkpatrick et al. (U.S Pub. No. 20130254636, hereinafter referred to as "Kirkpatrick") in further view of Cheng et al. (U.S Pub. No. 20080005574, hereinafter referred to as "Cheng")

Regarding Dependent Claim 13 (Original), the combination of Westerinen and Kirkpatrick do not explicitly teach the method according to claim 11, further comprising; providing, by the secure hardware element, the hash value to platform configuration register circuitry comprised in the secure hardware element, the platform configuration register circuitry being configured to store plural hash values derived from plural memory spaces of the random access memory device.
he method according to claim 11, further comprising; providing, by the secure hardware element, the hash value to platform configuration register circuitry comprised in the secure hardware element, the platform configuration register circuitry being configured to store plural hash values derived from plural memory spaces of the random access memory device. (Par. (0016) “TPM 120 includes a number of platform configuration registers ("PCRs", not shown in this figure) that can contain cryptographic hash values. The only way to change a PCR (other than by a reset of the system or of the TPM) is through an "extend" operation, which combines the existing PCR value with a new value to produce an extended cryptographic hash value”; secure hardware element (TPM) with Platform configuration registry (PCR) that provides (produces) hash values)), (Par. (0022) “the processor locates a block of memory (425) including its address and length, then fetches data from the block (430) and computes a cryptographic hash of the data (435). The hash may be computed according to a Secure Hash Algorithm ("SHA"), a Message Digest ("MD") algorithm, or other suitable cryptographically secure, one-way hash algorithm supported by the TPM”; hash value derived from memory spaces (block of memory)), (Par. (0016) “a number of platform configuration registers ("PCRs", not shown in this figure) that can contain cryptographic hash values”; plural hash values), (Par. (0027) “including but not limited to [..] Random Access Memory (RAM),”; Random access memory), (Figure 5 labels 580, 530; plural memory spaces (blocks of memory))
	Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Cheng to the apparatus comprising of a random access memory device coupled with a processing core via interface and a 
	The motivation to combine these references is because by having a component that is trusted to store hash values from memory spaces of the RAM it allows the device to be multifaceted and accessible. By storing hash values by the size it is generated and by extending new values to existing entries the storage system can become more effective and efficient when dealing with multiple has values over multiple memory spaces in the RAM. It not only provides organization with a checksum and log event system but it promotes platform integrity and the secure protection against compromise or tampering by validating and comparing hash values that are stored. This in conjunction with the trusted platform module or secure hardware element establishes trust and reliability to users with confidential information in memory for integrated devices. 

Claims 14-17 is/are rejected under 35 U.S.C. 103 as being unpatentable over Westerinen et al. (WO Pub. No. 2009055147 (retrieved from IDS), hereinafter referred to as "Westerinen") and Kirkpatrick et al. (U.S Pub. No. 20130254636, hereinafter referred to as "Kirkpatrick") in further view of Troia et al. (U.S Pub. No. 20200313899, hereinafter referred to as "Troia")

Regarding Dependent Claim 14 (Original), the combination of Westerinen and Kirkpatrick do not explicitly teach the method according to claim 11, further comprising; outputting an attestation of memory contents of the memory space of the random access memory device, the attestation comprising the hash value.
Wherein Troia teaches the method according to claim 11, further comprising; outputting an attestation of memory contents of the memory space of the random access memory device, the attestation comprising the hash value. (Par. (0040) “Circuitry 210 can generate a block 220 in a block chain for validating (e.g., authenticating and/or attesting) the data stored in memory 216 (e.g., in memory array 201). The block 220 can include a cryptographic hash of (e.g., a link to) the previous block in the block chain, and a cryptographic hash of (e.g., identifying) the data stored in memory array 201”; attesting memory contents (memory data) stored in memory space comprising a hash value (cryptographic hash)), (Par. (0002) “Memory devices are typically provided as internal, semiconductor, integrated circuits and/or external removable devices in computers or other electronic devices. There are many different types of memory including volatile and non-volatile memory. Volatile memory can random access memory)
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Troia to the apparatus comprising of a random access memory device coupled with a processing core via interface and a secure hardware element configured to obtain input data from the random access memory device to produce a hash value teachings of Westerinen and a method of cryptographically signing a hash value with a physical unclonable function value teachings of Kirkpatrick because of the analogous concept of securely managing memory integrated devices to increase reliability and trust of processing hardware components. Troia includes a process of the device to output an attestation of memory contents of the RAM that comprises a hash value. This provides a level of validation and proof that can identify the device. This eliminates impersonation or compromise of the device because the attestation that comprises a hash value corresponds to the memory contents and space it represents. By outputting an attestation the cryptographic process becomes even more secure and protected because it certifies memory contents of the RAM are valid, authenticated and signed by an authorized user.
The motivation to combine these references is because by implementing an attestation process of the output comprising a hash it mitigates and makes it difficult for unauthorized users to tamper with hardware components in a memory management system. This promotes platform integrity and creates a reliable and trustworthy 

Regarding Dependent Claim 15 (Original), the combination of Westerinen and Kirkpatrick do not explicitly teach the method according to claim 14, further comprising; cryptographically signing the hash value using a private key of a public key - private key pair of a public key cryptosystem.
Wherein Troia teaches the method according to claim 14, further comprising; cryptographically signing the hash value using a private key of a public key - private key pair of a public key cryptosystem. (Par. (0043) “For instance, host 202 can generate the cryptographic hash of the data stored in memory array 201, and send the generated cryptographic hash to memory device 206”; cryptographic hash value sent to memory), (Par. (0044) “The digital signature associated with the block 220 can be generated (e.g., calculated), for example, by circuitry 210 based on (e.g., responsive to) an external command, such as a command received from host 202. For instance, the digital signature can be generated using symmetric or asymmetric cryptography”; digital signature of signed hash value generated by asymmetric cryptography (use of public/private key pairs)), (Par. (0045) “the digital signature associated with block 220, can be stored in memory array 201.”; signed hash value (digital signature) corresponding to hash value stored in memory), (Par. (0074) “Layer 2 755 of the memory device can include [..] a public key (“K.sub.Lk public”) 770 (referred to as a device public key) and a private key (“K.sub.LK private”) 772 (referred to as a device private key) associated with a memory device”; private and public key pair in memory device)), (Par. (0053) “memory device 206 can include a main memory, such as, for instance, a DRAM or SDRAM”; memory device correlating to random access memory))
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Troia within the teachings of Westerinen and Kirkpatrick because of the reasons discussed in dependent claim 14 stated above.

Regarding Dependent Claim 16 (Original), the combination of Westerinen and Kirkpatrick teach the apparatus of claim 1, Westerinen further teaches The method according to claim 15, wherein the secure hardware element comprises a circuitry arranged to cryptographically sign information, but does not comprise a circuitry arranged to perform a decryption operation using the private key. (Figure 2, label 200, 212; secure hardware element (200) with circuitry arranged to cryptographically sign information (212)), (Par. (0028-0029) “The security module 200 may have a [..]  A cryptographic function 212 may be used to perform digital signature verifications, perform encryption and decryption functions,”; secure hardware element (security module) with circuitry ( cryptographic function) that cryptographically signs information (performs digital signature [..] encryption) (Examiner notes: As rejected to in the 112b rejection above, there is no antecedent basis for the latter part of the claims not is this performed process of the claim described anywhere in the specification “does not comprise circuitry arranged to perform a decryption operation using the private key”, therefore this part of the claim has no patentable weight and as stated in the 112b rejection above digitally signing information requires a cryptographic operation that is the same operation as decryption using a private key , it is not possible to have one operation without the other. Examiner will broadly and reasonably interpret this claim as a secure hardware element digitally signing information with an encryption operation)




Regarding Dependent Claim 17 (Original), the combination of Westerinen and Kirkpatrick do not explicitly teach the method according to claim 15, wherein the public key cryptosystem comprises the Rivest-Shamir-Adleman, RSA, or the ElGamal cryptosystem.
Wherein Troia teaches the method according to claim 15, wherein the public key cryptosystem comprises the Rivest-Shamir-Adleman, RSA, or the ElGamal cryptosystem. (Par. (0044) “the digital signature can be generated using symmetric or asymmetric cryptography.”; RSA (asymmetric/ symmetric cryptography), (Par. (0070) “asymmetric key generator 663 can generate a public key”; public key comprises of RSA (asymmetric cryptography)) 
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Troia within the teachings of Westerinen and Kirkpatrick because of the reasons discussed in dependent claim 14 stated above.

In regards to Claims 14-17, claim 14-17 recites similar limitations of claim 4-7 and the teachings of Westerinen, Kirkpatrick and Troia address all the limitations discussed in Claim 4-7 and are thereby rejected under the same grounds.


Relevant Prior Art

The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.

EKBERG JAN-ERIK (WO Pub. No. 2011101795) “METHOD AND APPARATUS TO PROVIDE ATTESTATION WITH PCR REUSE AND EXISTING INFRASTRUCTURE”. Considered this reference because it addressed the use of platform configuration registries in a trusted platform modules with the use of cryptographic hash values that were signed. 

Boldyrev; Sergey (U.S No. 8447974) “Method And Apparatus For Managing Access Rights To Information Spaces”. Considered this application because it relates to signatures and access memory to determine if the signature correlates to the authorized user of the memory space.

Yan; Zheng (U.S Pub. No. 20170214694) “A Security And Trust Framework For Virtualized Networks”. Considered this application because it addresses . 

Conclusion

Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  

A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 

Applicants are encouraged to take advantage of the After Final Consideration Pilot 2.0 (AFCP 2.0) which authorizes non-production time for consideration of responses filed after a final rejection. The purpose of the pilot is to compact prosecution of the case. The request must include 1) A signed AFCP request form (PTO/SB/434 or 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to HASSAN A HUSSEIN whose telephone number is (571)272-3554. The examiner can normally be reached on 7:30am-5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni Shiferaw can be reached on (571)272-3867. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information 



/H.A.H./Examiner, Art Unit 2497                                                                                                                                                                                                        
/Jeremy S Duffield/           Primary Examiner, Art Unit 2498