Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION
This action is responsive to Applicants’ reply on 11/23/2021.
Claims 1 – 24 are pending; wherein claims 1, 9, 14, and 20 have been amended.
Claims 1 – 24 have been examined; wherein examiner amends claims 1, 4 – 6, 9, 11, 12, 14, 16 – 18, and 20 – 24.
Claims 1 – 24 are allowed.

Response to Amendment
Objections for claims 1 – 17 are withdrawn in view of Applicant’s amendments.

EXAMINER’S AMENDMENT
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Upon agreement on amendments, authorization for the amendments was given in a telephone interview with attorney Eric. C. Bachinski (Reg. No. 73,684) on 12/02/2021, to put the claims in condition for allowance.
Amend claims 1, 4 – 6, 9, 11, 12, 14, 16 – 18, and 20 – 24 as follow:
Claim 1 (currently amended)
An orchestration apparatus for attestation manifest derivation and distribution, the orchestration apparatus comprising: 
processing circuitry; and 
memory including instructions that, when executed by the processing circuitry, cause the processing circuitry to perform operations to: 
obtain a software update package manifest from an edge device; 
generate a reference integrity measurement manifest that includes at least one integrity measurement for a reference software update package associated with the software update package manifest based on the software update package manifest, wherein the at least one integrity measurement is generated in part based on a security version number included in the software update package manifest, and wherein the reference integrity measurement manifest includes a hash of the reference software update package; 
initiate an attestation request with the edge device; 
verify the edge device using the reference integrity measurement manifest that includes the at least one integrity measurement to generate an attestation result, wherein the attestation result includes an attestation key generated from a key generation process seeded with a hash of a software update package received from the edge device; 
generate a new device cryptographic identity for the edge device upon verification of a signature for a current device cryptographic identity of the edge device and verification that the hash of the software update package received from the edge 
generate an attestation record for the edge device based the new device cryptographic identity.

Claim 4 (currently amended)
The orchestration apparatus of claim 1, the memory further comprising instructions that, when executed by the processing circuitry, cause the processing circuitry to perform operations to: 
sign the new device cryptographic identity with a certificate corresponding to [[a]] the current device cryptographic identity; and 
transmit the new device cryptographic identity to the edge device, wherein the verification of the edge device includes use of the new device cryptographic identity.

Claim 5 (currently amended)
The orchestration apparatus of claim 4, the memory further comprising instructions that, when executed by the processing circuitry, cause the processing circuitry to perform operations to: 
transmit the reference software update package associated with the software update package manifest to the edge device; 
initiate a reset of the edge device; and 
counter-sign the new device cryptographic identity with a new key generated in response to the reset of the edge device.

Claim 6 (currently amended)
The orchestration apparatus of claim 1, the memory further comprising instructions that, when executed by the processing circuitry, cause the processing circuitry to perform operations to issue a token to the edge device based on the verification of the edge device.

Claim 9 (currently amended)
At least one non-transitory machine-readable medium including instructions for attestation manifest derivation and distribution that, when executed by processing circuitry, cause the processing circuitry to perform operations to:
obtain a software update package manifest from an edge device;
generate a reference integrity measurement manifest that includes at least one integrity measurement for a reference software update package associated with the software update package manifest based on the software update package manifest, wherein the at least one integrity measurement is generated in part based on a security version number included in the software update package manifest, and wherein the reference integrity measurement manifest includes a hash of the reference software update package;
initiate an attestation request with the edge device;
verify the edge device using the reference integrity measurement manifest that includes the at least one integrity measurement to generate an attestation result, wherein the attestation result includes an attestation key generated from a key  received from the edge device;
generate a new device cryptographic identity for the edge device upon verification of a signature for a current device cryptographic identity of the edge device and verification that the hash of the software update package received from the edge device matches the hash of the reference software update package
generate an attestation record for the edge device based the new device cryptographic identity.

Claim 11 (currently amended)
The at least one non-transitory machine-readable medium of claim 9, further comprising instructions that, when executed by the processing circuitry, cause the processing circuitry to perform operations to: 
sign the new device cryptographic identity with a certificate corresponding to [[a]] the current device cryptographic identity; and 
transmit the new device cryptographic identity to the edge device, wherein the verification of the edge device includes use of the new device cryptographic identity.

Claim 12 (currently amended)
The at least one non-transitory machine-readable medium of claim 11, further comprising instructions that, when executed by the processing circuitry, cause the processing circuitry to perform operations to: AMENDMENT AND RESPONSE UNDER 37 C.F.R. § 1.116Page 6 Application Number: 16/235,598Dkt: 1884.632US1 Filing Date: December 28, 2018  
reference software update package associated with the software update package manifest to the edge device; 
initiate a reset of the edge device; and 
counter-sign the new device cryptographic identity with a new key generated in response to the reset of the edge device.

Claim 14 (currently amended)
A method for attestation manifest derivation and distribution by an edge device orchestrator, the method comprising:
obtaining a software update package manifest for an edge device;
generating a reference integrity measurement manifest that includes at least one integrity measurement for a reference software update package associated with the software update package manifest based on the software update package manifest, wherein the at least one integrity measurement is generated in part based on a security version number included in the software update package manifest, and wherein the reference integrity measurement manifest includes a hash of the reference software update package;
initiating an attestation request with the edge device;
verifying the edge device using the reference integrity measurement manifest that includes the at least one integrity measurement to generate an attestation result, wherein the attestation result includes an attestation key generated from a key generation process seeded with a hash of a software update package received from the edge device;
 device cryptographic identity of the edge device and verification that the hash of the software update package received from the edge device matches the hash of the reference software update package
generating an attestation record for the edge device based the new device cryptographic identity.

Claim 16 (currently amended)
The method of claim 14, further comprising: 
signing the new device cryptographic identity using a certificate corresponding to [[a]] the current device cryptographic identity; and 
transmitting the new device cryptographic identity to the edge device, wherein the verifying the edge device includes use of the new device cryptographic identity.

Claim 17 (currently amended)
The method of claim 16, further comprising: 
transmitting the reference software update package associated with the software update package manifest to the edge device; 
initiating a reset of the edge device; and 
counter-signing the new device cryptographic identity with a new key generated in response to the reset of the edge device.

Claim 18 (currently amended)
The method of claim 14, further comprising issuing a token to the edge device based on the verification of the edge device.

Claim 20 (currently amended)
An edge computingsystem for attestation manifest derivation and distribution, the edge computingsystem comprising: 
at least one edge computing device, each device comprising processing circuitry and memory; and 
wherein the memory of one or more of the at least one edge computing device includes  of the one or more of the at least one edge computing device, cause the processing circuitry to perform operations to: 
transmit a software update package manifest to an orchestration edge device, the software update package manifest including a security version number that is used in part to generate a reference integrity measurement manifest that includes a hash of a reference software update package and at least one integrity measurement for [[a]] the reference software update package associated with the software update package manifest based on the software update package manifest; 
install a software update package associated with the software update package manifest; 

seed a key generation process with a hash of the software update package; 
generate an attestation key generated using the key generation process; 
transmit a signature for a current device cryptographic identity of [[the]] an identified edge computing device and [[a]] the hash of the software update package;
receive a new device cryptographic identity based on verification of the signature for the current device cryptographic identity of the identified edge computing device and verification that the hash of the software update package matches the hash of the reference software update package, wherein the attestation response includes the new device cryptographic identity;
transmit an attestation response including the new device cryptographic identity to the orchestration edge device to generate an attestation record, wherein the attestation response includes the attestation key and is generated in part using at least one integrity measurement that is generated in part based on the security version number included in the software update package manifest; and 
receive the attestation key, from the orchestration edge device, in response to an attestation result, the attestation result based on the reference integrity measurement manifest the key generation process seeded with [[a]] the hash of the software update package.

Claim 21 (currently amended)
The edge computing system of claim 20, the memory of the one or more of the at least one edge computing device further comprising instructions that, when executed by the processing circuitry of the one or more of the at least one edge computing device, cause the processing circuitry to perform operations to communicate with another edge device on an edge device network using the attestation record.

Claim 22 (currently amended)
The edge computing system of claim 20, the memory of the one or more of the at least one edge computing device further comprising instructions that, when executed by the processing circuitry of the one or more of the at least one edge computing device, cause the processing circuitry to perform operations to receive the software update package and the software update package manifest from a software update server.

Claim 23 (currently amended)
The edge computing system of claim 20, wherein the installation of the software update package is based on receipt of an installation command from the orchestration edge device, and the memory of the one or more of the at least one edge computing device further comprising instructions that, when executed by the processing  of the one or more of the at least one edge computing device, cause the processing circuitry to perform operations to: 
initiate a reset operation upon completion of the installation of the software update package and receipt of a reset command from the orchestration edge device; 
generate a new key in response to the reset operation; 
counter–sign the new device cryptographic identity

Claim 24 (currently amended)
The edge computing system of claim 23, the memory of the one or more of the at least one edge computing device further comprising instructions that, when executed by the processing circuitry of the one or more of the at least one edge computing device, cause the processing circuitry to perform operations to receive the new device cryptographic identity from the orchestration edge device, wherein the new device identity is signed using the current device cryptographic identity.

Examiner’s Statement of Reasons for Allowance
The following is an examiner’s statement of reasons for allowance:
Claim 1
generate a new device cryptographic identity for the edge device upon verification of a signature for a current device cryptographic identity of the edge device and verification that the hash of a software update package received from the edge device matches the hash of the reference software update package included in the reference integrity measurement manifest.”  The claimed limitations in combination with other elements cited are not present in the prior arts of record and would not have been obvious.  The claimed limitations present subject matter that is novel.  Therefore, claim 1 and its dependent claims are allowed.
Claims 9 and 14
Claims 9 and 14 recite limitations in the same manner as claim 1; thus, they and their dependent claims are also allowed for the same reasons.
Claim 20
The claimed limitations “receive a new device cryptographic identity based on verification of the signature for the current device cryptographic identity of the identified edge computing device and verification that the hash of the software update package matches the hash of the reference software update package, wherein the attestation response includes the new device cryptographic identity” in combination with other elements cited are not disclosed by the prior arts of record and would not have been obvious.  The claimed limitations present subject matter that is novel.  Thus, claim 20 and its dependent claims are allowed.


Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
CACERES et al. (Pub. No. US 2020/0021445 A1): a device obtains an attestation policy to verify an identity of application.
Pappachan et al. (Pub. No. US 2019/0278911 A1): Technologies for verifying hardware attestation information.
Karim Eldefrawy et al. (NPL; PURE Using Verified Remote Attestation to Obtain Proofs of Update Reset and Erasure in Low-End Embedded Systems): A secure RA architecture is extended to enable important and useful security services for low-end embedded devices.
Arvind Seshadri et al (NPL; SWATT SoftWare-based ATTestation for Embedded Devices): a Software-based ATTestation technique (SWATT) for verifying memory contents of embedded devices and establish absence of malicious changes to the memory contents.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to CUONG V LUU whose telephone number is (571)270-1733. The examiner can normally be reached 7:00 AM - 4:00 PM.

If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Hyung S. Sough can be reached on (571) 272-6799. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/CUONG V LUU/Examiner, Art Unit 2192                                                                                                                                                                                                        
/S. Sough/SPE, Art Unit 2192