DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
1. The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Rejections - 35 USC § 103
2. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

3. Claims 1-3,5-12 and 14-15 are rejected under 35 U.S.C. 103 as being unpatentable over Aguayo Gonzalez (US Pub.No.2015/0317475) (hereinafter referred as “Aguayo 1”) in view of Aguayo Gonzalez (US Pub.No.2016/0342791) (hereinafter referred as “Aguayo 2”).

4.  Regarding claims 1 and 10 Aguayo 1 teaches a method and a system of remote attestation of a power delivery network, the method comprising:
storing a trusted golden reference waveform in secure memory, the trusted golden reference waveform characterizing a power delivery network in response to a load generated on the power delivery network; at a remote cloud server, generating a remote attestation request of the power delivery network; receiving, at the remote server, an attestation packet from the power delivery network; and verifying, at the remote server, whether the attestation packet is consistent with an expected power delivery network identity  (Para:0005,Para:0060  and Para:0063 teaches a power fingerprinting (PFP) system provides an integrity assessment.  In PFP integrity assessment, an independent monitor can observe a side channel, such as the power consumption of the target system, during operation using a physical sensor. The 

Aguayo 1 teaches all the above claimed limitations but does not expressly teach receiving and verifying the attestation packet at the remote cloud server.

Aguayo 2 teaches receiving and verifying the attestation packet at the remote cloud server (Fig.1 para: 0022 and Para: 0030 and Para: 0046 teaches receiving and verifying the attestation packet at the remote cloud server).

Therefore, it would have been obvious to one of the ordinary skill in the art before the effective filing date of the invention was filed to modify the teachings of Aguayo 1 to include receiving and verifying the attestation packet at the remote cloud server, as taught by Aguayo 2 since such a setup will effectively use the cloud  for malware detection, it is desirable to protect the system traffic and provide cyber-security measures to safeguard the privacy, availability, and integrity of traffic, data, and services (para: 0044).

5. Regarding claims 2 and 11 Aguayo 1 teaches the method and the system, further comprising cryptographically signing the trusted golden reference waveform (Para: 0005 and Para: 0063 teaches the reference data is cryptographically signed).



Therefore, it would have been obvious to one of the ordinary skill in the art before the effective filing date of the invention was filed to modify the teachings of Aguayo 1 to include adding a trusted/secure time-stamp provided by the requesting party, as taught by Aguayo 2 since such a setup will monitor and detect unauthorized execution in the system.

7. Regarding claims 5 and 14 Aguayo 1 in Para: 0285-0286 and Para: 0289-0293 teaches verifying the data/ packet signature integrity and authenticity using symmetric key cryptography, but does not expressly teach the method and the system, further comprising: the verification of the attestation packet is based on a shared HMAC secret. However, it is known in the art that the symmetric key cryptography uses HMAC algorithm. Therefore it would have been obvious variant, and a simple substitution of one known element for another to achieve a predictable result.
  (Also, reference, Chabanne (US.Pub.No.2013/0230170 in para: 0002 teaches the symmetric key cryptography uses HMAC algorithm).

8. Regarding claims 6 and 15 Aguayo 1 teaches the method and the system, where if the trust value is determined to reach a predefined threshold, or a binary indication confirms a match between the trusted golden reference waveform and a captured and aggregated waveform, the server provisions trusted code to the power delivery network (Para: 0064 and Para: 0093 teaches determine if the value has reached a predetermined threshold).



Therefore, it would have been obvious to one of the ordinary skill in the art before the effective filing date of the invention was filed to modify the teachings of Aguayo 1 to include at random intervals, the load generated on the power delivery network and measurement of induced noise to determine the trusted golden reference, as taught by Aguayo 2 since such a setup will monitor and detect unauthorized execution in the system.

10. Regarding claim 8 Aguayo 2 teaches the method, where a plurality of data-windows are aggregated at random time offsets to generate the trusted golden reference (Fig. 7A Para: 0079 -0080 and Para: 0096 teaches at random time offsets to generate the reference data).

Therefore, it would have been obvious to one of the ordinary skill in the art before the effective filing date of the invention was filed to modify the teachings of Aguayo 1 to include a plurality of data-windows are aggregated at random time offsets to generate the trusted golden reference as taught by Aguayo 2 since such a setup will monitor and detect unauthorized execution in the system.

11. Regarding claim 9 Aguayo 2 teaches the method, where a plurality of data-windows are aggregated at random or pseudorandom intervals and in fixed time relation for summing individual samples of multiple windows over a same time interval (Fig. 7A Para: 0079 -0080 and Para: 0096  teaches plurality of data-windows are aggregated at random intervals).

.

12. Claims 4 and 13 are rejected under 35 U.S.C. 103 as being unpatentable over Aguayo Gonzalez (US Pub.No.2015/0317475) (hereinafter referred as “Aguayo 1”) in view of Aguayo Gonzalez (US Pub.No.2016/0342791) (hereinafter referred as “Aguayo 2”) as applied to claims 1 and 10 above and further in view of Bronk (US Pub.No.2016/0050563).

13. Regarding claims 4 and 13 Aguayo 1 teaches all the above claimed limitations but does not expressly teach the method and the system, further comprising a server-generated random NONCE co-signed with a trust value to trigger the server-generated remote attestation.

Bronk teaches a server-generated random NONCE co-signed with a trust value to trigger the server-generated remote attestation (Para: 0079 teaches generating random nonce).

  Therefore, it would have been obvious to one of the ordinary skill in the art before the effective filing date of the invention was filed to modify the teachings of Aguayo 1 and in view of Aguayo 2 to include a server-generated random NONCE co-signed with a trust value to trigger the server-generated remote attestation as taught by Bronk since such a setup would verify the computing nodes.



Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DEREENA T CATTUNGAL whose telephone number is (571)270-0506. The examiner can normally be reached Mon-Fri: 7:30 AM-5 PM EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn Feild can be reached on 571-272-2092. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/DEREENA T CATTUNGAL/Primary Examiner, Art Unit 2431