DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 02/24/2022 has been entered.
 
Response to Arguments
Applicant’s arguments have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  


A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


Claims 1-6, 8-14, & 16 are rejected under 35 U.S.C 103 as being unpatentable over Gulati et al (US 2017/0048070), and hereon referred to as Gulati, in view of Ju et al. (US 2014/0082690), hereon referred to as Ju, in view of Shivanna et al. (US 20180096154), and hereon referred to as Shivanna.  
	In regards to claims 1 & 9, Gulati discloses personal data that uniquely associates the IC or a user with a service provider (The TEE is a secure environment for the update application to run and operate; The TEE may comprise separate physical hardware, for example an integrated circuit ( IC); Paragraph 0026); and use the personal data for identifying the IC or the user for granting a service from the service provide (The personal data may be used to granting a service such as communicating with a service provider (Paragraphs 0086; 0146; 0214). 
	However, Gulati does not disclose wherein the RoT secret is embedded into the nonvolatile storage element at production; and using the RoT secret, generate securely within the IC. In an analogous art Ju discloses wherein the RoT secret is embedded into the nonvolatile storage element at production (The hardware security module (RoT) can be implemented and embedded into the memory (nonvolatile storage) of the device; Paragraphs 0035-0038; 0069); using the RoT secret, generate securely within the IC (The hardware security module (RoT) can be utilized in an integrated circuit to store and generate cryptographic elements; Paragraphs 0035-0038; 0069).   
At the time before the effective filing date of the invention, it would have been obvious to the one with ordinary skill in the art to combine the teachings disclosed by Gulati, with the teachings 
However, the combination of Gulati and Ju does not disclose wherein the Root of Trust (RoT) secret is independent of the generated personal data. However, in an analogous art Shivanna discloses wherein the Root of Trust (RoT) secret is independent of the generated personal data (An independent RoT can be utilized separate from interaction with other data and utilities; Paragraphs 0005-0010; Figs. 1-3). 
At the time before the effective filing date of the invention, it would have been obvious to the one with ordinary skill in the art to combine the teachings disclosed by the combination of Gulati and Ju, with the teachings disclosed by Shivanna regarding wherein the Root of Trust (RoT) secret is independent of the generated personal data. The suggestion/motivation of the combination would have been to provide a high-security execution environment by verifying integrity (Shivanna; Abs.) 
The Examiner takes official notice that the prior art references may not explicitly disclose applications to generate user personal data or reporting user personal data or being independent of personal data, but that is merely a design choice of the function of an application. The generation of the user personal data is not relied upon for any functional element of the invention. The prior art discloses the functional aspect of installing an application, reporting and being independent.
In regards to claims 2 & 10 Gulati discloses wherein the IC with the pre-programmed RoT secret is applicable in multiple different devices selected from a list comprising: a smart card, a credit card, and a Subscriber Identity Module (SIM) card (The device may include an IC such as a SIM chip; Paragraph 0054).
 3 & 11 Gulati discloses wherein the application program comprises a vendor specific program that generates for the IC personal data suitable for a specific vendor, or a generic program that generates for the IC personal data suitable for multiple different vendors (The applications can be used by vendors to program (personalize) the devices; Paragraphs 0054; 0067; 0155).
In regards to claims 4 & 12, Gulati discloses wherein the processor is configured to receive another data image comprising user specific information provided by a vendor for which the IC is being personalized (The images can include manufacturing markers which can include a programmer ID of the programmer, a customer ID, a location (e.g., geographical coordinates, etc.) of manufacture or programming of a component, a date or a time of manufacture or programming of a component, a time window, a factory or manufacturer ID, a vendor ID; Paragraphs 0054; 0067; 0155).
In regards to claims 5 & 13, Gulati discloses wherein the processor is coupled to a nonvolatile memory (NVM) device, and wherein the processor is configured to store in the NVM device one or more of (i) the user personal data that was generated using the application program and (ii) other personal data provided in the data image or in another data image (The device may include any of: volatile memories, non-volatile memories, hard drives, solid state drives (SSDs) removable drives, for storing information (personal data) or instructions; Paragraphs 0066; 0205; 0215).
In regards to claims 6 & 14, Gulati discloses wherein the processor is configured to protect the user personal data to be reported using one or more cryptographic methods and one or more respective cryptographic keys provided within the data image, within the RoT secret, or agreed, using a key agreement scheme, with a processor to which the user personal data is reported (Security keys may be includes with payload packages (data image); Paragraphs 0026; 0028; 0037).
In regards to claims 8 & 16, wherein the processor is configured to report the user personal data for verifying that the IC has been uniquely personalized with the user personal data (The IC may be .

Claims 7, 15 & 17-18 are rejected under 35 U.S.C 103 as being unpatentable over the combination of Gulati and Ju, in view of Prakash et al. (US 2016/0371493), hereon referred to as Prakash.
In regards to claims 7 & 15, the combination of Gulati and Ju does not disclose wherein the received data image comprises an image signature generated using a signature-generating key that matches a signature- verification key in the RoT secret, and wherein the processor is configured to verify that the received data image is trusted by verifying the image signature using the signature-verification key of the RoT secret. However, in an analogous art Prakash discloses wherein the received data image comprises an image signature generated using a signature-generating key that matches a signature- verification key in the RoT secret, and wherein the processor is configured to verify that the received data image is trusted by verifying the image signature using the signature-verification key of the RoT secret (The digital signature, which may be an encrypted signature, is used to verify the integrity of the component; the digital signature of the software update image or components included in the image is verified. If the verification fails, the image update is rejected or postponed at operation; Paragraphs 0031-0032; 0042).
At the time before the effective filing date of the invention, it would have been obvious to the one with ordinary skill in the art to combine the teachings disclosed by the combination of Gulati and Ju, with the teachings disclosed by Prakash regarding wherein the received data image comprises an image signature generated using a signature-generating key that matches a signature- verification key in the RoT secret, and wherein the processor is configured to verify that the received data image is trusted by verifying the image signature using the signature-verification key of the RoT secret. The 
In regards to claims 17 & 18, receive via an unsecured link a data image that is securely protected…, the data image containing at least an application program for generating user personal data (The image can be communicated via a WPAN (unsecured link) or the like; The secure update application module may ensure that software update images include all of these components before allowing installation of the update. The secure update application module may also maintain user authentication information used to verify the identity and/or authority of the user to install the update; Paragraphs 0013-0014; 0020; 0026-0027); install the application program in response to verifying (Software update applications are sent, after secure authentication, the application update is installed; Paragraphs 0013; 0024; 0026-0027); run the application program to generate the user personal data, securely within the IC (The TEE is a secure environment for the update application to run and operate; The TEE may comprise separate physical hardware, for example an integrated circuit ( IC); Paragraph 0026); and report the user personal data using a secured scheme (The device can be configured to report back to the server elements of the verification or of the application; Paragraphs 0041; 0046; 0051). 
	However, Prakash does not disclose , using the RoT secret, that the received data image is trusted. In an analogous art Gulati discloses using the RoT secret, that the received data image is trusted using the RoT secret, that the received data image is trusted (The system may utilize RoT secret to establish trust and security; Paragraphs 0094; 0124-0128). 




Conclusion

Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHARIF E ULLAH whose telephone number is (571)272-5453. The examiner can normally be reached Mon-Fri 7:00-5:30.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached on 571-272-3739. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/SHARIF E ULLAH/Primary Examiner, Art Unit 2495