DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
1. 	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Rejections - 35 USC § 112
2. 	The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


3. 	Claims 2, 10-11 recites the limitation “the time when the integrity verification block has been generated” in lines 2.  Claim 3 and 13 recites the limitations “the time of digital signing” in the last lines.
There is insufficient antecedent basis for this limitation in the claim.
Claim Rejections - 35 USC § 103
4. 	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would 

5. 	Claims 1, 6-7, 9 and 12 are rejected under 35 U.S.C. 103 as being unpatentable over Han (KR 20150089696 A) in view of Vigneron (US 20200358612)

6. 	Regarding Claim 1, Han and Vigneron disclose, a device, comprising: 
Han does not explicitly disclose the following limitations that Vigneron teaches:
an integrity verification chain generating unit generating an integrity verification chain including at least one or more integrity verification blocks (Vigneron, [0045], The trust service engine also supports the verification of chains by the verification or re-verification of the chaining integrity and of their accredited blocks. ); 
	It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to generate the integrity verification chain and to include the block within the unit to enhance security features.

and an integrity verification unit verifying integrity of the device by using the integrity verification chain, wherein the integrity verification block includes current data including Han, Pg. 6, the integrity verification on the priority of the priority which is stored in the safe file system (131) if it receives the integrity verifier (142) verification request and the integrity verification target recorded in the method for proving the integrity configuration and validation method based on the direct RIM list file (10) whether oneself determines whether the integrity verification will be requested to the mobile security module (120).  Pg. 6, the integrity measuring unit (141)" the integrity verification target is the execution file" and the integrity value of library the verification are requested after doing the measurement to the integrity verifier (142).); and a message digest about the current data (Han, Pg. 6, the integrity value comprises the hash-value of encrypted hash function (the hash function" and the abstract function) which are consecutively performed in the software package which is the integrity verification information of the software package and ID of the software package" the information of the software package and ID of the verification agency etc.).

7. 	Regarding Claim 6, Han and Vigneron disclose, a system for verifying integrity of a device, the system comprising: 

Han does not explicitly disclose the following limitations that Vigneron teaches:
a device generating an integrity verification chain including at least one or more integrity verification blocks (Vigneron, [0045], The trust service engine also supports the verification of chains by the verification or re-verification of the chaining integrity and of their accredited blocks. ); and a server obtaining the integrity verification chain from the device and verifying integrity of the device by using the integrity verification chain, wherein the integrity verification block includes current data including information on an integrity verification target and a message digest about a previous integrity verification block (Han, Pg. 6, the integrity verification on the priority of the priority which is stored in the safe file system (131) if it receives the integrity verifier (142) verification request and the integrity verification target recorded in the method for proving the integrity configuration and validation method based on the direct RIM list file (10) whether oneself determines whether the integrity verification will be requested to the mobile security module (120).  Pg. 6, the integrity measuring unit (141)" the integrity verification target is the execution file" and the integrity value of library the verification are requested after doing the measurement to the integrity verifier (142).); and a message digest about the Han, Pg. 6, the integrity value comprises the hash-value of encrypted hash function (the hash function" and the abstract function) which are consecutively performed in the software package which is the integrity verification information of the software package and ID of the software package" the information of the software package and ID of the verification agency etc.).

8. 	Regarding Claim 7, Han and Vigneron disclose, the system of claim 6, wherein the server transmits the integrity verification chain transmission request message to the device, and the device transmits the integrity verification chain to the server in response to the request message(Han, Abstract, the integrity verification target based on the information stored in the file system ; it obtains the security module and the integrity verification request message producing the integrity verification request message according to the priority of the integrity verification target ; and performs the integrity verification.).

9. 	Regarding Claim 9, Han and Vigneron disclose, the system of claim 6, wherein the server verifies integrity of the device by comparing a currently obtained integrity verification chain with a previously obtained integrity verification chain (Han, Pg.6, the verification is produced and it compares with the RIM Cert ("RIM certificate " less than the Certification" box) of RIM data has been read and the match of two values is determined and the integrity verification about the integrity verification target).

10. 	Regarding Claim 12, Han and Vigneron disclose, the system of claim 6, wherein the device includes an integrity verification unit verifying integrity of the device by using the integrity verification chain (Han, Pg. 6, the integrity verification on the priority of the priority which is stored in the safe file system (131) if it receives the integrity verifier (142) verification request and the integrity verification target recorded in the method for proving the integrity configuration and validation method based on the direct RIM list file (10) whether oneself determines whether the integrity verification will be requested to the mobile security module (120) ).

11. 	Claims 2 and 10 are rejected under 35 U.S.C. 103 as being unpatentable over Han (KR 20150089696 A), Vigneron (US 20200358612) and Choi (KR 20180089682 A) in view of Kim (KR 20180084053 A)

12. 	Regarding Claim 2, Han, Vigneron, Choi and Kim disclose, the device of claim 1, 
Han and Vigneron does not explicitly disclose the following limitations that Choi teaches: 
wherein the current data further comprises: a header structure including information on the time when the integrity verification block has been generated, an order of the integrity verification block, and ID of the device (Choi, Pg. 5, At least one element stored in the above-mentioned stored block chain among the number of the above-mentioned stored data and the time in which the server (101) is predetermined based on at least one and at least one element included in the above-mentioned grouped data are compared and the abovementioned stored data integrity can be verified.); 
	It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to include a header structure and the time of the verification block that generates the function and ID of the device to enhance security features. 

an integrity verification target structure including a filename of the integrity verification target (Han, Abstract, The present invention relates to the integrity verification system of the mobile terminal equipped with the file system in which the access which the priority about the integrity verification target and method for proving the integrity configuration, it obtains the security module and the integrity verification request message producing the integrity verification request message according to the priority of the integrity verification target ; and performs the integrity verification.); 
Han, Vigneron and Choi does not explicitly disclose the following limitations that Kim teaches:
a message digest about the integrity verification target structure (Kim, Pg. 5, the verification entity delivers the contents to the target device or it notifies service provider taking whole charge of the validity check message transfer in the target device.); 
	It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to include the message digest within the structure of the target to enhance security features.

and a message digest about the previous integrity verification block in addition to the header structure, the integrity verification target structure, and the message digest about the integrity verification target structure (Han, Pg. 3, The integrity verification system of the mobile terminal includes the security module which determines the method for proving the integrity about the integrity verification target based on the information stored in the file system and produces the integrity verification request message according to the priority of the integrity verification target and the mobile security module which if obtains the integrity verification request message).

13. 	Regarding Claim 10, Han, Vigneron, Choi and Kim disclose, the system of claim 9, 
Han and Vigneron does not explicitly disclose the following limitations that Kim teaches:
wherein the current data further comprises: a header structure including information on the time when the integrity verification block has been generated, an order of the integrity verification block, and ID of the device (Choi, Pg. 5, At least one element stored in the above-mentioned stored block chain among the number of the above-mentioned stored data and the time in which the server (101) is predetermined based on at least one and at least one element included in the above-mentioned grouped data are compared and the abovementioned stored data integrity can be verified.); an integrity verification target structure including a filename of the integrity verification target (Han, Abstract, The present invention relates to the integrity verification system of the mobile terminal equipped with the file system in which the access which the priority about the integrity verification target and method for proving the integrity configuration, it obtains the security module and the integrity verification request message producing the integrity verification request message according to the priority of the integrity verification target ; and performs the integrity verification ); 
Han, Vigneron, Choi does not explicitly disclose the following limitations that Kim teaches:
a message digest about the integrity verification target structure(Kim, Pg. 5, the verification entity delivers the contents to the target device or it notifies service provider taking whole charge of the validity check message transfer in the target device); and a message digest about the previous integrity verification block in addition to the header structure, the integrity verification target structure, and the message digest about the integrity verification target structure (Han, Pg. 3, The integrity verification system of the mobile terminal includes the security module which determines the method for proving the integrity about the integrity verification target based on the information stored in the file system and produces the integrity verification request message according to the priority of the integrity verification target and the mobile security module which if obtains the integrity verification request message).

14. 	Claims 3 is rejected under 35 U.S.C. 103 as being unpatentable over Han (KR 20150089696 A), Vigneron (US 20200358612), Choi(KR 20180089682 A) and Kim (KR 20180084053 A) in view of Callaghan (US 2015/0365240 A1).

15. 	Regarding Claim 3, Han, Vigneron, Choi, Kim and Callaghan disclose, the device of claim 2, 
Han, Vigneron, Choi and Kim does not explicitly disclose the following limitations that Callaghan teaches:
wherein the integrity verification block further includes certificate data, wherein the certificate data is digitally signed by using a private key of the device, and a message digest about the current data is used as an input value at the time of digital signing (Callaghan, [0036], Certificate authority signature 340 is available to facilitate verification of the authenticity and integrity of the certificate component 300 data. [0049], At 1110, a digitally signed message component is generated. Such a message can be generated by applying a hash function or algorithm to a message to produce a message digest. The message digest is a short fixed length representation of a typically longer and variable length message).
	It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to include a certificate that is digital signed within the verification unit of the private key and inputs the value at the time of the signature to enhance security.

16. 	Claims 4-14 are rejected under 35 U.S.C. 103 as being unpatentable over Han (KR 20150089696 A), Vigneron (US 20200358612), Choi (KR 20180089682 A) and Kim (KR 20180084053 A) in view of Akishita (CA 2400786 C).

17. 	Regarding Claim 4, Han, Vigneron, Choi, Kim and Akishita disclose, the device of claim 2, 
Han, Vigneron, Choi, and Kim does not explicitly disclose the following limitations that Akishita teaches:
wherein the integrity verification block further comprises certificate data, wherein the certificate data is one of a message authentication code or an encryption value generated through a predetermined encryption algorithm (Akishita, Pg. 129, the sequential number of the certificate allotted to the certificate user by the certificate authority, an algorithm arid parameters used for the electronic signature, the name of the certificate authority. Pg. 115-116, an encryption algorithm indicating an algorithm used to encrypt content blocks in the content section, an encryption mode indicating a method for operating the algorithm used to encrypt the content in the content section, and an integrity check method indicating a method for generating integrity check values).
	It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to include a MAC within the verification block that encrypts the certificate data to enhance security. 

18. 	Regarding Claim 14, Han, Vigneron, Choi, Kim and Akishita disclose, the system of claim 6, 
Han, Vigneron, Choi, and Kim does not explicitly disclose the following limitations that Akishita teaches:
wherein the integrity verification block further comprises certificate data, wherein the certificate data is one of a message authentication code or an encryption value generated through a predetermined encryption algorithm (Akishita, Pg. 129, the sequential number of the certificate allotted to the certificate user by the certificate authority, an algorithm arid parameters used for the electronic signature, the name of the certificate authority. Pg. 115-116, an encryption algorithm indicating an algorithm used to encrypt content blocks in the content section, an encryption mode indicating a method for operating the algorithm used to encrypt the content in the content section, and an integrity check method indicating a method for generating integrity check values).

19. 	Claims 5 and 8 are rejected under 35 U.S.C. 103 as being unpatentable over Han (KR 20150089696 A) and Vigneron (US 20200358612) in view of Choi (KR 20180089682 A).

20. 	Regarding Claim 5, Han, Vigneron and Choi disclose, the device of claim 1, 
Han and Vigneron does not explicitly disclose the following limitations that Choi teaches: 
wherein the integrity verification chain generating unit updates the integrity verification chain by generating the integrity verification block every predetermined period of time (Choi, Pg. 8, the processor compares at least one element included among the number of the above-mentioned stored data and the predetermined time in at least one element and above-mentioned grouped data of data stored in the block chain based on at least one and it can verify the above-mentioned stored data integrity.).
	It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to generate the period of time within each integrity verification chain to enhance security.

21. 	Regarding Claim 8, Han, Vigneron and Choi disclose, the system of claim 6, 
Han and Vigneron does not explicitly disclose the following limitations that Choi teaches: 
wherein the device updates the integrity verification chain by generating the integrity verification block every predetermined period of time and transmits the integrity verification chain updated every predetermined period of time to the server (Choi, Pg. 8, the processor compares at least one element included among the number of the above-mentioned stored data and the predetermined time in at least one element and above-mentioned grouped data of data stored in the block chain based on at least one and it can verify the above-mentioned stored data integrity.).

22. 	Claim 11 is rejected under 35 U.S.C. 103 as being unpatentable over Han (KR 20150089696 A), Vigneron (US 20200358612), Choi (KR 20180089682 A) and Kim(KR 20180084053 A) in view of Liu (US 8,607,335 B1).

23. 	Regarding Claim 11, Han, Vigneron, Choi, Kim and Liu disclose, the system of claim 10, 
Han and Vigneron does not expliclty disclose the following limitations that Choi teaches:
wherein, when it is found from integrity verification of the device that information on at least one of the time when the integrity verification block has been generated, an order of the integrity verification block (Choi, Pg. 5, At least one element stored in the above-mentioned stored block chain among the number of the above-mentioned stored data and the time in which the server (101) is predetermined based on at least one and at least one element included in the above-mentioned grouped data are compared and the abovementioned stored data integrity can be verified.), 
Han, Vigneron, Choi and Kim does not explicitly disclose the following limitations that Liu teaches:
and the filename has been changed, the server determines that integrity of the device has been breached (Liu,  Col. 5, lines 61-63 misnamed files may be checked against these individual file entries to determine the correct file name and other associations. Col. 3, lines 48-51, If the information returned from the server computer fails to confirm the authenticity of all the files, the user of the second computer will be alerted that the system integrity has been breached.).
	It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to include the changed filename of the server and to have the device integrity breached to enhance security.

24. 	Claim 13 and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Han (KR 20150089696 A) and Vigneron (US 20200358612) in view of Callaghan (US 2015/0365240 A1).

25. 	Regarding Claim 13, Han, Vigneron and Callaghan disclose, the system of claim 6, 
Han and Vigneron does not explicitly disclose the following limitations that Callaghan teaches:
wherein the integrity verification block further includes certificate data, wherein the certificate data is digitally signed by using a private key of the device, and a message digest about the current data is used as an input value at the time of digital signing (Callaghan, [0036], Certificate authority signature 340 is available to facilitate verification of the authenticity and integrity of the certificate component 300 data. [0049], At 1110, a digitally signed message component is generated. Such a message can be generated by applying a hash function or algorithm to a message to produce a message digest. The message digest is a short fixed length representation of a typically longer and variable length message).

26. 	Regarding Claim 15, Han, Vigneron and Callaghan disclose, 
Han does not explicitly disclose the following limitations that Vigneron teaches:
a device, comprising: an integrity verification chain generating unit generating an integrity verification chain including at least one or more integrity verification blocks (Vigneron, [0045], The trust service engine also supports the verification of chains by the verification or re-verification of the chaining integrity and of their accredited blocks. ); and an integrity verification unit verifying integrity of the device by using the integrity verification chain, wherein current data and a message digest about the current data are arranged together on the integrity verification block by the integrity verification chain generating unit (Han, Pg. 6, the integrity verification on the priority of the priority which is stored in the safe file system (131) if it receives the integrity verifier (142) verification request and the integrity verification target recorded in the method for proving the integrity configuration and validation method based on the direct RIM list file (10) whether oneself determines whether the integrity verification will be requested to the mobile security module (120).  Pg. 6, the integrity measuring unit (141)" the integrity verification target is the execution file" and the integrity value of library the verification are requested after doing the measurement to the integrity verifier (142).); by the integrity verification chain generating unit, the current data includes information on an integrity verification target and a message digest about a previous integrity verification block; by the integrity verification chain generating unit, the current data further includes a message digest about a current block (Han, Pg. 6, the integrity value comprises the hash-value of encrypted hash function (the hash function" and the abstract function) which are consecutively performed in the software package which is the integrity verification information of the software package and ID of the software package" the information of the software package and ID of the verification agency etc.); 
Han and Vigneron does not explicitly disclose the following limitations that Callaghan teaches:
information on the integrity verification target is defined as first information, a message digest about the first information is defined as a first digest, and a message digest about the previous integrity verification block is defined as a second digest (Callaghan, [0042], Authentication component 660, reads the hash information contained in the digital signature component, retrieves the identified hash function, and applies it to the sent message to generate a message digest. ); 
Han and Vigneron does not explicitly disclose the following limitations that Callaghan teaches:
when a message digest about the current block is defined as a third digest, the third digest includes the first information, the first digest, and the second digest (Callaghan, [0049], determining the hash algorithm used to generate the message digest and producing a second message digest on the received message using the same hash algorithm.); 

Han and Vigneron does not explicitly disclose the following limitations that Callaghan teaches:
when a message digest about the current data is defined as a fourth digest, the fourth digest includes a message digest about all of the current data including the first information, the first digest, the second digest, and the third digest by the integrity verification generating unit (Callaghan, [0049], The original message digest and information concerning the hash algorithm used to construct the message digest can be transmitted with the message in a message component. The original message digest and the later created message digest can be compared to determine the authenticity of the received message. If the digests are different then the receiving device can be notified that the message has been corrupted. If the digests are the same the message sent can be assumed with a high degree of certainty to be the same as the message received.); 
Han and Vigneron does not explicitly disclose the following limitations that Callaghan teaches:
a message digest about an integrity verification block in a configuration order including all of the first information, the first digest, the second digest, the third digest, and the fourth digest becomes a message digest about a previous integrity verification block corresponding to a second digest in the next integrity verification block (Callaghan [0041], The message can be any information that an automation device would like to communicate to another automation device such as commands or a PLC program, for example. Message component also has a digital signature component 720 associated, linked, or embedded therewith. Digital signature component 720 includes message digest 722 and hash information 724. Message digest 722 contains the output value of a hash function applied to the original message 710. As discussed supra, the message digest is a short and fixed length representation of a longer variable length message. The message digest facilitates detection of alteration of a message in transit by comparing the provided message digest 722 with a second digest generated on the received message by the receiving entity. ) ; 
Han and Vigneron does not explicitly disclose the following limitations that Callaghan teaches:
and the second digest included in the integrity verification block of the configuration order by the integrity verification chain generating unit is used for generation of each of the third digest included in the integrity verification block of the configuration order, the fourth digest, and a message digest about the integrity verification block of the configuration order (Callaghan, [0041], The message digest facilitates detection of alteration of a message in transit by comparing the provided message digest 722 with a second digest generated on the received message by the receiving entity. Hash information 724 provides data concerning the actual hash function utilized to generate the message digest (e.g., MD5, SHA. This information can then be utilized by the device receiving the digital signature message component 620 to verify that the message sent is the same message received, by generating a second message digest utilizing hash information 722 and the received message and subsequently comparing the generated digest to the provided message digest 722. If the two digests are not the same, then the receiving entity will know that the message as been altered. ) .
	
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to include the message digest within the integrity verification of the information and to define the second, third and fourth digest when including the verification block through the configuration order to enhance security features. 

Conclusion
27. 	Any inquiry concerning this communication or earlier communications from the examiner should be directed to MAYASA SHAAWAT whose telephone number is (571)272-3939.  The examiner can normally be reached on M-F, 8 AM TO 5 PM. 
If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, JEFFREY PWU can be reached on (571)272-6789. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/MAYASA SHAAWAT/
Examiner, Art Unit 2433

/JEFFREY C PWU/Supervisory Patent Examiner, Art Unit 2433