PNG
    media_image1.png
    340
    340
    media_image1.png
    Greyscale
United States Patent and Trademark Office    
        
            
                                
            
        
    

Commissioner for Patents
United States Patent and Trademark Office
P.O. Box 1450
Alexandria, VA 22313-1450
www.uspto.gov











BEFORE THE PATENT TRIAL AND APPEAL BOARD


Application Number: 16/265,215
Filing Date: 1 Feb 2019
Appellant(s): Fine et al



__________________
Steven J. Frank
Reg. No. 33,497
For Appellant


EXAMINER’S ANSWER





This is in response to the appeal brief filed 12/17/2021 appealing from the Office action mailed on 08/31/2021.


Every ground of rejection set forth in the Office action dated 06/28/2017 from which the appeal is taken is being maintained by the examiner except for the grounds of rejection (if any) listed under the subheading “WITHDRAWN REJECTIONS.”  New grounds of rejection (if any) are provided under the subheading “NEW GROUNDS OF REJECTION.”

The following ground(s) of rejection are applicable to the appealed claims.

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claims 1, 2, 4-7, 9-21 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Smith et al (Pub. No. US 2011/0154023).

As per claims 1, 6, Smith discloses a security system for servicing memory access requests from a client device including a network interface, the security system comprising: a. a protected device comprising a central processing unit, memory and a lock unit connected to the memory (…SATA storage device is protected using both encryption and a password…for a native locking mechanism, that must be entered by a user before the device can be accessed…see par. 27, 50), the lock unit comprising a network interface; and b. an authentication server, wherein the lock unit is configured to (i) detect a memory access request from the client device, (ii) receive authentication data from the client device and communicate the received authentication data to the authentication server via the network interface (…within manageability engine (ME), identity management firmware Kerberos client interacts with identity management firmware Kerberos server to authenticate users…Kerberos client implements the Kerberos protocol to a Key Distribution Center…Kerberos client may use trusted I/O firmware to use trusted path connections to a display device and user input device to obtain credentials from a user of the system…Kerberos client obtains a Kerberos ticket to access a Kerberos service, such as Kerberos server…Kerberos server enables access to SATA storage device upon receiving a Kerberos ticket indicating that a user’s credentials to access the device have been authenticated…see par. 78), and (iii) only upon receipt via the network interface of an authentication confirmation signal from the authentication server, cause the lock unit to allow the memory access request to be serviced (…ME protected device manager waits for a manageability operation command, such as unlock command, to access SATA storage device…when a manageability operation command is received, ME protected device manager can access the stored metadata to obtain user authentication credentials and/or other information needed to access SATA storage device…see par. 62, 87), and further wherein the network interface is isolated from the central processing unit of the protected device (see fig.1, par. 23, 25, 27, 115).



As per claim 13, Smith discloses a security system for servicing memory access requests from a client device having a central processing unit, the security system comprising: a. on the client device, (i) a protected device comprising memory and a lock unit connected thereto, (ii) a proxy system, and (iii) a communication platform; and b. a management server for performing a management function comprising receiving and processing signals from the client device, the communication platform including a proxy system for establishing a trusted communication channel between the management server and the lock unit (…within manageability engine (ME), identity management firmware Kerberos client interacts with identity management firmware Kerberos server to authenticate users…Kerberos client implements the Kerberos protocol to a Key Distribution Center…Kerberos client may use trusted I/O firmware to use trusted path connections to a display device and user input device to obtain credentials from a user of the system…Kerberos client obtains a Kerberos ticket to access a Kerberos service, such as Kerberos server…Kerberos server enables access to SATA storage device upon receiving a Kerberos ticket indicating that a user’s credentials to access the device have been authenticated…see par. 27, 78), wherein the lock unit is configured to (i) detect a valid memory access request provided via the trusted communication channel, and (ii) allow the memory access request to be serviced and data transmitted to the management server over the trusted communication channel (…ME protected device manager waits for a manageability operation command, such as unlock command, to access SATA storage device…when a manageability operation command is received, ME protected device manager can access the stored metadata to obtain user authentication credentials and/or other information needed to access SATA storage device…see par. 62, 87), and further wherein the trusted communication channel is isolated from the central processing unit of the host device (see fig.1, par. 23, 25, 27, 115).



As per claims 2, 7, Smith discloses wherein the authentication data is a password/ certificate symmetric or asymmetric (Smith: see par. 50).


As per claims 4, 9, Smith discloses wherein the authentication signal specifies read access, read/write access or no access, the processor being configured to responsively operate the lock unit in accordance with the authentication confirmation signal (Smith: see par. 50-51).


As per claim 5, Smith discloses wherein the authentication server is remote from the protected device (Smith: see par. 54).


As per claim 10, Smith discloses wherein the proxy system provides end-to-end encryption between the authentication server and the lock unit (Smith: see par. 65, 68).


As per claim 11, Smith discloses wherein the proxy system provides symmetric encryption between the authentication server and the lock unit (Smith: see par. 34-35).


As per claim 12, Smith discloses wherein the proxy system is configured to examine communications received from the authentication server for a digital signature (Smith: see par. 31).


As per claim 14, Smith discloses wherein the trusted communication channel is established via symmetric encryption (Smith: see par. 69).


As per claim 15, Smith discloses wherein the trusted communication channel is established via end-to-end encryption (Smith: see par. 61, 65).


As per claim 16, Smith discloses wherein the management server is configured to provide an authentication function that includes receiving authentication data from the client device and allowing establishment of the trusted communication channel only following validation of the received authentication data (Smith: see par. 87).


As per claim 17, Smith discloses wherein the memory access request includes data specifying read access, read/write access or no access, the lock unit responsively operating in accordance with the data included in the memory access request (Smith: see par. 50-51).


As per claim 18, Smith discloses wherein the lock unit is responsive only to write commands issued by the management server (Smith: see par. 69).


As per claim 19, Smith discloses wherein the client device comprises a processor, the lock unit being responsive only to write commands issued by the client processor only following receipt via the trusted channel of a valid memory access request including a write permission for the processor (Smith: see par. 68-69).


As per claim 20, Smith discloses wherein the client device is configured to generate telemetry data, cache the telemetry data in the protected device memory, and transmit the telemetry data to the management server via the trusted communication channel (Smith: see par. 103-104).


As per claim 21, Smith discloses wherein the client device comprises a processor, the processor not having access to the telemetry data (Smith: see par. 104).


Claim Rejections - 35 USC § 103

The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 3, 8 are rejected under 35 U.S.C. 103 as being unpatentable over Smith et al (Pub. No. US 2011/0154023) in view of Shaw et al (Pub. No. US 2011/0307724).

As per claims 3, 8, Smith does not explicitly disclose wherein the authentication data is a biometric indicium. However Shaw discloses wherein the authentication data is a biometric indicium (...see biometric security measures…par. 107). Therefore one ordinary skill in the art would have found it obvious before the effective filling date of the claimed invention to use Shaw in Smith for including the above limitations because one ordinary skill in the art would recognize the security device uses predetermined verification information in the security software for verifying the identity of a user by means of biometric such as fingerprint recognition being operated with certain group of computers, see Shaw, par. 107.



(2) Response to Argument
A. Smith does not disclose a secure partition that provides an isolated and controlled environment.
In response to this argument, Examiner respectfully disagrees. Smith discloses audit event processing may be generated by communication from the processor 110 (fig.1) via interfaces HECI 111b, and VECI 111c…ATA security commands that pertain to the locking state of a device produce auditable events, as well as commands that propagate via these interfaces to I/O controller or USB controller….furthermore, HECI commands pertaining to user authentication, encryption, security key management, are auditable events…VECI 111c connects processor 110 to I/O command decode module of chipset/secure partition (DMI 111A, HECI 111B and VECI 111C are connected through the same channel between secure partition and processor 110)…a protected device manager executes in a secure partition that is isolated from a host operating system of the system…via a secure communication channel established between a trusted remote console and the secure partition….also protected device management is provided within a secure partition that provides an isolated and controlled environment…the secure partition may receive commands to perform management operations from a trusted management application…Examiner maintains that the interaction between processor 110 and secure partition 120 is through secure (DMI, HECI and VECI) and has been done in an isolated controlled environment…see Smith, par. 23, 25, 115. Also Examiner further notes that an isolation has been described ONLY once in the instant application description as “the communication path is implemented in a manner that isolates it, logically or physically, from the CPU so that hijacking the CPU is insufficient to gain access to NVM…par. 31”. There are no other description to further clarify the claimed invention as to an isolated environment. Therefore, Examiner maintains that Smith does teach and disclose this limitation.




For the above reasons, it is believed that the rejections should be sustained.
Respectfully submitted,

/GHAZAL B SHEHNI/Primary Examiner, Art Unit 2499                                                                                                                                                                                                        


Conferees: 

/YONAS A BAYOU/Primary Examiner, Art Unit 2499                                                                                                                                                                                     

/PHILIP J CHEA/Supervisory Patent Examiner, Art Unit 2499                                                                                                                                                                                                        




Requirement to pay appeal forwarding fee.  In order to avoid dismissal of the instant appeal in any application or ex parte reexamination proceeding, 37 CFR 41.45 requires payment of an appeal forwarding fee within the time permitted by 37 CFR 41.45(a), unless appellant had timely paid the fee for filing a brief required by 37 CFR 41.20(b) in effect on March 18, 2013.