DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Amendment
Applicant’s amendment filed 31 May 2022 amends claims 30 and 32. Applicant’s amendment has been fully considered and entered.
Response to Arguments
Applicant argues, “In contrast, the primary reference, Hashimoto, appears to treat all of its partial boot images…the same…Hashimoto further discloses that the boot image may be larger than the size of a secure internal memory, and accordingly, the boot image may be divided into partial boot images…The cited portions of Kudo and Mitra do not make up for at least these deficiencies of Hashimoto.” This argument is not persuasive because the Non-Final rejection mailed 28 March 2022 (“Non-Final”) makes it clear that the limitations in question are taught by the Mitra reference. Specifically, pages 7-8 of the Non-Final state that “Mitra discloses an operating system that includes portions considered to be required for operation while other portions of the operating system are not considered to be required (Col. 9, lines 16-33), which meets the limitation of divided into at least one system image resident segment and at least one system image dynamic loading segment in a manner that pieces of the program code of the image of the secure operating system that correspond to functions of the secure operating system that are mandatory for the secure operating system to run are comprised in the at least one system image resident segment and pieces of the program code of the image of the secure operating system that correspond to functions of the secure operating system that are not mandatory for the secure operating system to run are comprised in the at least one system image dynamic loading segment. Mitra specifies that the required portions are maintained in memory so that device can be recovered quickly from a hibernation state (Col. 9, lines 16-24), which meets the limitation of each system image resident segment and initialized and uninitialized data of the image of the secure operating system reside in the secure memory throughout the processor running the secure operating system. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the divided boot images of Hashimoto, as modified by Kudo, to have been divided using priority levels that include a priority level for required portions, in order to reduce device power consumption by providing a device hibernation mechanism that allows for quick restoration as suggested by Mitra (Col. 1, line 57 – Col. 2, line 29).”
Applicant argues, “Kudo does not suggest that the dividing itself proceeds based on any of the contents of the boot image, let along any of the other above-identified features of Claim 17…” In response, and as discussed above, the limitations in question are taught by the Mitra reference.
Applicant argues, “Nowhere, however, does Mitra disclose, teach, or suggest dividing program code and read-only data of the image of the secure operating system into at least one system image resident segment and at least one system image dynamic loading segment, and that each system image resident segment and initiatlized and uninitialized data of the image of the secure operating system reside in the secure memory throughout the processor running the secure operating system, whereas the at least on system image dynamic loading segment is divided into a plurality of pages and migrated…to an external storage for the device.” In response, Examiner reminds Applicant that the names of the claimed segments do not receive patentable weight (See MPEP 2111.04-2111.05). Additionally, Applicant has failed to fully consider the combination of references as presented in the Non-Final. Specifically, Hashimoto discloses a memory management system wherein a boot image is divided into partial boot images ([0085] & [0161]). Hashimoto does not disclose that the boot image is divided into partial boot images based data/code from the boot image being prioritized in some manner. Kudo discloses that a boot image is divided into parts based on a priority level of the data in the boot image ([0043]). Kudo does not disclose that the priority level indicates parts that are mandatory. Mitra discloses an operating system that includes portions considered to be required for operation while other portions of the operating system are not considered to be required (Col. 9, lines 16-33). Mitra specifies that the required portions are maintained in memory so that device can be recovered quickly from a hibernation state (Col. 9, lines 16-24).
Therefore, Hashimoto, as modified in view of Kuda and Mitra, discloses a memory management system wherein a boot image is divided into partial boot images (Hashimoto: [0085] & [0161]) such that the boot image division is performed based on a priority level of the data in the boot image (Kudo: [0043]) and the priority level is determined based upon portions that are determined to be required for operation or not required for operation (Mitra: Col. 9, lines 16-33). Partial boot images that are identified as required would be maintained in memory so that the device can be quickly recovered from hibernation (Mitra: Col. 9, lines 16-24).
Applicant argues, “Applicant respectfully maintains that the Office improperly dismisses several claim features on the purported basis that the features are “non-functional descriptive material” or are otherwise not entitled to patentable weight…As claimed, each of the terms that is alleged to be ‘non-functional descriptive material’ corresponds to programming that ‘performs some function with respect to the computer with which it is associated,’ and accordingly the terms must be given patentable weight and fully examined.” In response, the claimed data is specifically divided based upon whether or not that data is mandatory for the secure operating system to run, and that determination does not functionally take into account whether or not the claimed data is “read-only”, “program code”, or anything else specifically. The claimed division only cares about whether or not that data is mandatory for the secure operating system, and the claims do not functionally make that determination based upon the contents of the claimed data. 
Applicant argues, “To the extent there is even such a requirement, the dividing of a particular type of data is sufficiently functionally using that data for the data type to be given patentable weight.” This argument is not persuasive because the type of data, be it read-only or program code, is not considered as part of the division. Instead, the division occurs based upon whether or not the claimed data is considered to be mandatory for the operating system to run. The claims make no functional utilization of specific read-only data or specific program code to make this determination of whether or not that data is mandatory for the operating system to run. It is this specific lack of functional utilization that the claimed data has been identified as non-functional descriptive material that receives no patentable weight.
Applicant argues, “To attempt to map the proposed combination to these claim features, the Office Action awkwardly breaks up the claim features in a way that do not make sense, and attempts to map disjointed portions of the references to these features in ways that do not disclose, teach, or suggest all the claim features or otherwise render them obvious.” In response, Examiner would like to initially note that the claim limitation that specifies “generate a second signature for a group comprising the at least one system image resident segment, the first signature, and the at least one system image dynamic loading segment” does not require the creation of a single signature using a signature calculation performed on the combination of the at least one system image resident segment, the first signature, and the at least one system image dynamic loading segment. Applicant appears to imply that the claims require the generation of the second signature using all of the at least one system image resident segment, the first signature, and the at least one system image dynamic loading segment together as a single calculation. However, the claims include no such requirement. Instead, the claims require the calculation of a signature for a group of data. However, the claims do not specifically require that the claimed generation requires the generation to be performed on the combined group, together, to create a single signature. 
Examiner’s Amendment
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner’s amendment was given in an interview with Chad Terrell (Reg. No. 52,279) on 07 June 2022.
The application has been amended as follows: 
Claim 17.	(Currently Amended) A device, comprising:	a processor and a non-transitory memory;	wherein the non-transitory memory stores instructions executable by the processor, and the instructions include instructions to: 		load a secure program into a secure memory and run the secure program, wherein the secure program comprises an image of a secure operating system, program code and read-only data of the image of the secure operating system are divided into at least one system image resident segment and at least one system image dynamic loading segment in a manner that pieces of the program code or pieces of the read-only data of the image of the secure operating system that correspond to functions of the secure operating system that are mandatory for the secure operating system to run are comprised in the at least one system image resident segment and pieces of the program code or pieces of the read-only data of the image of the secure operating system that correspond to functions of the secure operating system that are not mandatory for the secure operating system to run are comprised in the at least one system image dynamic loading segment, and each system image resident segment and initialized and uninitialized data of the image of the secure operating system reside in the secure memory throughout the processor running the secure operating system, wherein the image of the secure operating system comprises: 			a first signature for the at least one system image resident segment; and 			a second signature generated from a combined group comprising the at least one system image resident segment, the first signature, and the at least one system image dynamic loading segment; and	the processor is configured to: 		divide the at least one system image dynamic loading segment into a plurality of pages, wherein each of the plurality of pages comprises content of the corresponding system image dynamic loading segment;		perform security processing on each of the plurality of pages to generate a plurality of security-processed pages; and		migrate each of the plurality of security-processed pages to an external storage for the device.

Claim 21. 	(Currently Amended) The device according to claim 17, wherein:	

Claim 30. 	(Currently Amended) A device, comprising:	a processor configured to:		divide program code and read-only data of an image of a secure operating system into at least one system image resident segment and at least one system image dynamic loading segment in a manner that that pieces of the program code or pieces of the read-only data of the image of the secure operating system that correspond to functions of the secure operating system that are mandatory for the secure operating system to run are comprised in the at least one system image resident segment and pieces of the program code or pieces of the read-only data of the image of the secure operating system that correspond to functions of the secure operating system that are not mandatory for the secure operating system to run are comprised in the at least one system image dynamic loading segment;		generate a first signature for the at least one system image resident segment; and		generate a second signature [[for]] from a combined group comprising the at least one system image resident segment, the first signature, and the at least one system image dynamic loading segment, wherein the secure operating system is an operating system run by a secure element disposed in a terminal device

Claim 32. 	(Currently Amended) A method, comprising:	receiving, by a terminal device, a secure program from a server, wherein: 		the terminal device comprises a secure element, the secure element comprising a processor and a secure memory, the processor and the secure memory being integrated into a semiconductor chip, the secure memory being configured to provide a storage space for the processor to load and run the secure program; 		the secure program comprises an image of a secure operating system, program code and read-only data of the image of the secure operating system being divided into at least one system image resident segment and at least one system image dynamic loading segment in a manner that that pieces of the program code or pieces of the read-only data of the image of the secure operating system that correspond to functions of the secure operating system that are mandatory for the secure operating system to run are comprised in the at least one system image resident segment and pieces of the program code or pieces of the read-only data of the image of the secure operating system that correspond to functions of the secure operating system that are not mandatory for the secure operating system to run are comprised in the at least one system image dynamic loading segment; [[and]] 		the at least one system image resident segment and initialized and uninitialized data of the image of the secure operating system reside in the secure memory when the processor runs the secure operating system; and		the image of the secure operating system comprises: 			a first signature for the at least one system image resident segment; and 			a second signature generated from a combined group comprising the at least one system image resident segment, the first signature, and the at least one system image dynamic loading segment;	dividing, by the terminal device, the at least one system image dynamic loading segment into a plurality of pages, wherein each of the plurality of pages comprises content of the corresponding system image dynamic loading segment;	performing, by the terminal device, security processing on each of the plurality of pages to obtain a plurality of security-processed pages; and	migrating, by the terminal device, each of the plurality of security-processed pages to an external storage for the secure element.
Allowable Subject Matter
Claims 17-34 are allowed.
The following is an examiner’s statement of reasons for allowance:
This communication warrants No Examiner's Reason for Allowance, applicant's reply (5/31/2022), in combination with the Examiner’s amendment above, make evident the reasons for allowance, satisfying the “record as a whole” proviso of the rule 37 CFR 1.104(e). Specifically, applicant’s arguments when considered with respect to the Examiner’s amendment above, are persuasive. As such the reasons for allowance are in all probability evident from the record and no statement is deemed necessary (see MPEP 1302.14).
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to BENJAMIN E LANIER whose telephone number is (571)272-3805. The examiner can normally be reached M-Th: 6:20-4:50.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kristine Kincaid can be reached on 5712724063. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/BENJAMIN E LANIER/Primary Examiner, Art Unit 2437