DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Amendment
The following detailed action acknowledges the amendments of the response filed on 16th February 2022. The amendments in the filed response have been entered. 
Claims 1, 3, 5, 9, 11, 13, 17 and 19 have been amended. 
Claims 1-20 are pending in the application and the status of the application is currently pending. 

Priority
Receipt is acknowledged of certified copies of papers required by 37 CFR 1.55.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:

2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
Claims 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over Beecham (US 2019/0340379, hereinafter “Beecham”), in view of Zhang (US 2021/0167971, hereinafter “Zhang”).
Regarding Claims 1, 9 and 17, Beecham teaches 
receiving, by a [computing device], a startup instruction (“Next, some embodiments may cause a program counter or other instruction address register of the processor or another processor of the embedded computing device to point to a first address of the firmware in the rewritable memory to initiate execution of the firmware (or other sub-OS-level code), as indicated by block 462.” See Beecham in [0054]);
in response to receiving the startup instruction, sending, by the [computing device], a signature verification request for [firmware] stored in the [computing device] to a […] acceleration card comprised in the [computing device] (interpreting the acceleration card has received the instructions and will perform the cryptographic verification: “In some embodiments, downloading may involve the operations described above with reference to FIG. 1B. Some embodiments may verify a cryptographic signature of the downloaded trusted instance of the sub-OS-level code, as indicated by block 496, and upon verification proceed execution, as indicated by block 490.” See Beecham in [0059]),
wherein a provider public key of a provider of the disk image is pre-stored in the […] acceleration card (interpreted as the intended use of the claimed invention, not reciting content that is created and stored by the claimed invention: “In some embodiments, the public key 430 is a public key of a cryptographic key pair of an asymmetric encryption protocol. In some embodiments, the public key 430 is a public key of an author of the code or host of the tamper-evident, immutable data repository 480, or there may be multiple keys for multiple entities. In some embodiments, various entities may cryptographically sign the information sent from the tamper-evident, immutable data repository 480 to the embedded computing device 402, which may verify that the sent information was signed by an entity with access to the private key corresponding to public key 430 before processing the sent information further, for example to install sent code or execute sent code.” See Beecham in [0047]);
receiving, by the [computing device], a signature verification result from the […] acceleration card, wherein the signature verification result indicates whether a signature of the [firmware] passes a verification (“Some embodiments may perform further verification steps before initiating execution of the firmware, for example, verifying that downloaded code was cryptographically signed by an entity with access to a private key corresponding to public key 430, blocking execution in the event that the signature is flawed, and permitting execution if the signature is verified.” See Beecham in [0055]); and
in response to determining that the signature verification result indicates that the signature of the [firmware] passes the verification (examples shown in Beecham in [0055] and [0059]),
executing, by the [computing device], the [firmware] (“In some embodiments, this process may include receiving a request to execute with a computing device, or install on the computing device, and untrusted instance of sub-OS-level executable code stored in rewritable memory of the computing device, as indicated by block 482.” … “Some embodiments may then determine whether the first hash value matches (for example, is identical to) the second hash value, as indicated by block 488. Upon determining that the values match, some embodiments may execute or install the untrusted instance of the sub-OS-level code, as indicated by block 490.” See Beecham in [0056]-[0057]).
Beecham substantially teaches the station is integrated into a blockchain (“Some embodiments store and retrieve for installation and execution on computing devices (such as embedded devices) trusted copies of firmware and other sub-OS-level code in the trusted repository described below. Some embodiments offload the code to a blockchain or a series of blockchains with fragmented data stored across a network of blockchains, and thereby store a firmware image (or hash digest thereof). This image can be various sizes and can represent a variety of types of firmware (or other types of sub-OS-level code noted above), as complexity relating to the storage and validation of the data may be shielded from the computing device on which protected code is to execute.” See Beecham in [0034]). Beecham further substantially teaches a disk image as installation firmware (See Beecham in [0034]).
Regarding the limitation in response to receiving the startup instruction, the interpretation of receiving startup instructions is that the instructions are executed, which includes sending a signature verification request. Considering the interpretation is attempting to describe the functions of a computing device, it would be reasonable to interpret the claim as providing instructions to execute the claimed invention. Thus, where Beecham teaches executing the instructions it is reasonable to conclude that Beecham teaches receiving startup instructions. 
Beecham does not expressly teach a cryptographic acceleration card comprised within a device that verifies a signature.  
However, Zhang does teach a signature verification unit (“According to a fourth aspect of the one or more implementations of the present specification, an apparatus for implementing a confidential transaction in a blockchain is proposed, including: …a signature verification unit, configured to verify the linkable ring signature, where the linkable ring signature is generated by the remitter based on the private key x_j, the public key P_j, a pseudo private key r″, and a pseudo public key P″_j that correspond to the remitter, and a public key P_i and a pseudo public key P″_i that correspond to a cover party i, where when the linkable ring signature is successfully verified, it is determined that a sum of the asset amounts t_j_1 to t_j_m is equal to a sum of transfer amounts t′_1 to t′_u that correspond to payees Q_1 to Q_u…” See Zhang in at least [0009]). 
It would have been obvious to a person having ordinary skill in the art, before the effective filing date of the claimed invention, to modify the teachings of Beecham of “a computing device verifying that downloaded code” to include “signature verification unit”, as taught by Zhang, because the use of the asymmetric keys to create and secure the signature required to validate an executable program.
Regarding Claims 2, 10 and 18, Beecham, in view of Zhang, teaches the limitations of claims 1, 9 and 17. Beecham further teaches wherein the disk image comprises at least one of: a binary disk image, wherein when the binary disk image is executed, one or more functions of a blockchain node are added to the blockchain integrated station; or a platform disk image comprising the binary disk image, wherein when the platform disk image is executed, one or more functions of a blockchain node and one or more additional functions different than the one or more functions of the blockchain node are added to the blockchain integrated station (“Some embodiments may accept files or other binary larger objects (BLOBS). The translator 20 that may then replace those values in the lower-trust database 14 with a pointer, like a segment identifier in the secure distributed storage, in the manner described below, and then cause those that data to be stored in the secure distributed storage 16 in the manner described below. In some examples, documents may be stored, which may be relatively small stand-alone values to binary large objects encoding file-system objects like word-processing files, audio files, video files, chat logs, compressed directories, and the like. In some cases, a document may correspond to an individual value within a database, or document may correspond to a file or other binary large object.” See Beecham in [0075]).
Regarding Claims 3, 11 and 19, Beecham, in view of Zhang, teaches the limitations of claims 1, 9 and 17. Beecham, in view of Zhang, further teaches wherein the signature verification result is determined using the provider public key (“In addition, a signature is needed for a user to initiate a transaction in a blockchain network. For example, when user A wants to spend an asset held by user A in a blockchain, user A can initiate a blockchain transaction and sign the transaction by using a private key x_j held by user A. Correspondingly, the previous signature can be verified by using a public key P_j corresponding to the private key x_j held by user A. However, direct verification on the signature also exposes that user A is a signer of the corresponding signature, disclosing privacy of user A.” … “User A can hide the public key P_j held by user A in a group of public keys (P_1, . . . , P_n), where the public keys P_1 to P_j−1 and P_j+1 to P_n respectively belong to other users. Then, user A generates a signature by using the private key x_j held by user A and the previous group of public keys (P_1, . . . , P_n). In this case, a verifier can verify that the signature is generated by using a private key corresponding to one in the previous group of public keys (P_1, . . . , P_n), but cannot determine which particular public key is used, so as to hide the identity of the signer by using the previous group of public keys (P_1, . . . , P_n).” See Zhang in [0041]-[0042]).
Regarding Claims 4, 12 and 20, Beecham, in view of Zhang, teaches the limitations of claims 3, 11 and 19. Beecham, in view of Zhang, further teaches wherein the signature is generated by the provider of the disk image by signing the disk image using a provider private key, and wherein the provider private key and the provider public key are a pair of asymmetric keys (See Zhang in at least [0009]).
Regarding Claims 5 and 13, Beecham, in view of Zhang, teaches the limitations of claims 1 and 9. Beecham further teaches wherein in response to determining that the signature verification result indicates that the signature of the disk image does not pass the verification, the operations further comprise at least one of: requesting, by the blockchain integrated station, an additional disk image and an additional signature of the additional disk image from the provider of the disk image; terminating, by the blockchain integrated station, a startup process of the blockchain integrated station; or sending, by the blockchain integrated station, a warning of the disk image (“Alternatively, upon determining that the hash values do not match, some embodiments may block execution or installation of the untrusted instance of the sub-OS-level code, as indicated by block 492. Some embodiments may then download a trusted instance of the sub-OS-level code from the distributed acyclic graph of cryptographic hash pointers or another such graph or source, as indicated by block 494.” See Beecham in [0059]).
Regarding Claims 6 and 14, Beecham, in view of Zhang, teaches the limitations of claims 1 and 9. Beecham further teaches in response to determining that the signature verification result indicates that the signature of the disk image does not pass the verification, reading, by the blockchain integrated station, a backup disk image from a trusted execution environment of the blockchain integrated station; replacing, by the blockchain integrated station, the disk image with the backup disk image; and responding to the startup instruction again (interpreting the process must include a repository: “The host system 400 may be in communication with a tamper-evident, immutable data repository 408, like those described below with reference to FIGS. 1D through 12, for example, via the Internet or various other networks. In some embodiments, the tamper-evident, immutable data repository 408 may store various versions of executable code 410 to be executed by the embedded computing devices 402 or the CPU 404, and those versions of code 410 may be stored and processed in the same manner as the documents described below in some embodiments, or with some subset of the operations described with reference to the documents described below when discussing FIGS. 1D through 12. For instance, versions may be stored as “cliffs” in a version graph or as unconnected documents.” See Beecham in [0039]).
Regarding Claims 7 and 15, Beecham, in view of Zhang, teaches the limitations of claims 6 and 14. Beecham, in view of Zhang, further teaches in response to receiving an additional signature verification result indicating that an additional signature of an additional disk image passes verification for a first time, storing, by the blockchain integrated station, the additional disk image in the trusted execution environment of the blockchain integrated station as the backup disk image (interpreting the download of the executable code must require a storing in memory to execute, See Beecham in at least [0039]).
Regarding Claims 8 and 16, Beecham, in view of Zhang, teaches the limitations of claims 1 and 9. Beecham further teaches wherein the blockchain integrated station further comprises at least one of an intelligent network card or a smart contract processing chip (“In some embodiments, the embedded computing devices 402 may include a processor 414 (like a microcontroller or a microprocessor), a write-once memory 416 (like a set of fuses that are blown to permanently write a binary value incrementing a version number of executable code installed on the embedded computing device 402), an interface to the host system 418 (like a PCI express bus interface, SMbus interface, or a direct memory access controller), a network interface 420 (like an ethernet controller or wireless network controller), re-writable persistent memory 422 (like a EEPROM, flash memory, or the like, or some embodiments may use nonpersistent rewritable memory), and a read-only memory 412, which may be a form of a write-once memory that is written by an OEM.” See Beecham in [0042]), and wherein the blockchain integrated station comprises at least one of a certificate authority service, a standardized on-cloud service interface, or a standardized cross-chain service interface (“This may be done by calculating a SHA256 or similar hash (examples being noted below) of the current firmware (or other code) stored in the computing device and comparing this hash against an entry in the blockchain or network of blockchains, e.g., with a smart contract executed on a blockchain network, or by downloading a hash digest from the blockchain to the computing device that performs the comparison.” See Beecham in [0035]).

Response to Arguments
Applicant’s arguments, filed 16th February 2022, with respect to the rejections under 35 USC 103 have been fully considered.  
Regarding the rejection under 35 USC 103, the Applicant argues: Claims 1-20 are rejected under 35 U.S.C. §103 over U.S. Publication No. 2019/0340379 to Beecham (hereinafter, "Beecham") and in view of U.S. Publication No. 2021/0167971 to Zhang (hereinafter, "Zhang").
Without conceding the merits of the 35 U.S.C. §103 rejection, Applicant has amended the independent claims. For example, claim 1 has been amended to recite, among other things:
in response to receiving the startup instruction, sending, by the at least one processor of the blockchain integrated station, a signature verification request for a disk image stored in the blockchain integrated station to the cryptographic acceleration card comprised in the blockchain integrated station, wherein a provider public key of a provider of the disk image is pre-stored in the cryptographic acceleration card[.]
(Emphasis added).
Applicant respectfully submits that the proposed combination of Beecham and Zhang has not been shown to teach or suggest at least these newly added features in amended claim 1.
For the teaching of sending a signature verification request, the Office Action on page 4 offers Beecham ( citing para. [0059]). Upon review, Applicant respectfully submits that these portions of Beecham have not been shown to teach or suggest the current claim language.
For example, Beecham (para. [0059]) states:
Alternatively, upon determining that the hash values do not match, some embodiments may block execution or installation of the untrusted instance of the sub-OS-level code, as indicated by block 492. Some embodiments may then download a trusted instance of the sub-OS-level code from the distributed acyclic graph of cryptographic hash pointers or another such graph or source, as indicated by block 494. In some embodiments, downloading may involve the operations described above with reference to FIG. 1B. Some embodiments may verify a cryptographic signature of the downloaded trusted instance of the sub-OS-level code, as indicated by block 496, and upon verification proceed execution, as indicated by block 490. 
(Emphasis added).
Applicant respectfully submits that this, as well as the other cited portions of Beecham, refers to verifying a cryptographic signature of a trusted instance of the sub-OS-level code once the trusted instance of the sub-OS-level code is downloaded. Beecham has not been shown to, and does not appear to, teach or suggest that verifying the cryptographic signature is performed in response to receiving a startup instruction. (Emphasis added). Therefore, Applicant respectfully submits that the cited portions of Beecham have not been shown to teach or suggest that "sending a signature verification request for a disk image" is performed "in response to receiving the startup instruction" as recited in amended claim 1. Zhang has not been shown to remedy at least this deficiency of Beecham.
In response: The argument identifies a portion of the prior art that does not teach the limitations in the claim. However, the argument is interpreting the art in a different manner that is described in the rejection. The art of Beecham substantially teaches the receipt of code that is used to execute functions that teach the elements of the claimed invention. The art of Beecham does teach the function of sending a signature verification request as recited in the claim. It would be reasonable to interpret the receipt of instructions to be generic instructions, as they do not recite an element that is unique to the claimed invention, and it is reasonable to interpret that if the art teaches the first step after receiving instructions, then it teaches the receipt of the instructions as recited. The art of Beecham teaches the amended limitation of in response to receiving the startup instruction. 
Further in the argument, the limitation wherein a provider public key of a provider of the disk image is pre-stored in the cryptographic acceleration card is a recitation of the intended use of the claimed invention. None of the devices recited in the claims are capable of generating the keys that are pre-stored in the cryptographic acceleration card. However, Beecham does teach identifying the keys of a public/private cryptographic key pair provided to the device prior any actions. See rejection above. Thus, the art of Beecham teaches the claims as recited, and the claims remain rejected as obvious over Beecham.
The Applicant further argues: In addition, for the teaching of storing a provider public key, the Office Action on pages 7-8 offers Zhang (citing paras. [0041]-[0042]) when rejecting claim 3, which has been incorporated into the newly amended claim 1. However, Applicant respectfully disagrees.
For example, Zhang states:
[0041] In addition, a signature is needed for a user to initiate a transaction in a blockchain network. For example, when user A wants to spend an asset held by user A in a blockchain, user A can initiate a blockchain transaction and sign the transaction by using a private key x j held by user A. Correspondingly, the previous signature can be verified by using a public key P_j corresponding to the private key x_j held by user A. However, direct verification on the signature also exposes that user A is a signer of the corresponding signature, disclosing privacy of user A.
[0042] For the purpose of protecting an identity of a signer, a related technology proposes a ring signature-based processing solution. User A can hide the public key P_j held by user A in a group of public keys (P_l, ... , P_n), where the public keys P_l to P_j-1 and P_j+ 1 to P_n respectively belong to other users. Then, user A generates a signature by using the private key x_j held by user A and the previous group of public keys (P_1, ... , P_n). In this case, a verifier can verify that the signature is generated by using a private key corresponding to one in the previous group of public keys (P_1, ... , P_n), but cannot determine which particular public key is used, so as to hide the identity of the signer by using the previous group of public keys (P_1, ... , P_n).
Applicant respectfully submits that this, as well as the other cited portions of Zhang, appears to refer to verifying a previous signature using a public key. Zhang has not been shown to, and does not appear to, teach or suggest that the public key is pre-stored in a cryptographic acceleration card, let alone that the "cryptographic acceleration card" is comprised in the "blockchain integrated station." Therefore, Applicant respectfully submits that the cited portions of Zhang have not been shown to teach or suggest that "a provider public key of a provider of the disk image is pre-stored in the cryptographic acceleration card" as recited in amended claim 1. (Emphasis added). Beecham has not been shown to remedy at least this deficiency of Zhang.
For at least the above-mentioned reasons, Applicant respectfully submits that claim 1 distinguishes over the proposed combination of Beecham and Zhang, and is in condition for allowance. Therefore, Applicant respectfully requests reconsideration and allowance of independent claim 1 and all claims depending therefrom.
In response: In view of the response to the previous argument against Beecham, the claim recites the limitation of a pre-stored key as the intended use of the claimed invention because it is not describing a function of the defined devices and it is not shown that any of the devices generated the keys to store in the cryptographic acceleration card. As recited, the claim limitation is taught by the art of Beecham to define the public/private cryptographic key pair. Thus, the art teaches the claim limitations and the claims remain rejected under 103 as obvious over Beecham, in view of Zhang. 

Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to EDGAR R MARTINEZ-HERNANDEZ whose telephone number is (571)270-0658. The examiner can normally be reached M-F from 9:00 am - 5:00 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, JOHN W. HAYES can be reached on (571) 272-6708. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


/ERM/Examiner, Art Unit 3685   

/JOHN W HAYES/Supervisory Patent Examiner, Art Unit 3685