DETAILED ACTION
	This Office Action is in response to the Response to Election/Restriction filed on 05/16/2022.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Election/Restrictions
	The Applicant’s election without traverse of Species II, which includes claims 1, 4, 11 and 14 is acknowledged.

Claim Objections
Claims 1 and 14 are objected to because of the following informalities:  
Claim 1 recites the limitation “..the layers identifiable...” in line 5, which should be changed to “..the multiple layers identifiable...” 
Claim 14 is objected for the same rationale as claim 1 above. Appropriate correction is required.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 4, 11 and 14 are rejected under 35 U.S.C. 103 as being unpatentable over Symmetric Identity Based Device Attestation Version 1.0, Revision 0.95, published on 01/07/2021 (hereinafter NPL) and in view of Bromstrom et al. (IoT Boot Integrity Measuring and Reporting-hereinafter Bromstrom.) 
Regarding claim 1, NPL discloses a device, comprising: 
a network interface configured to communicate with a verifier over a communication network (at least page 6, section 4, lines 14-15, it’s inherent that an interface is configured for communications between a device and a verifier over a communication network); 
a memory configured to store multiple layers of mutable code (at least pages 7 & 11, sections 5.1 & 5.5, wherein a storage to store multiple layers of software are stored); and 
a processor, configured to: 
for a given boot cycle, generate a nonce associated uniquely with the given boot cycle (at least page 7, last paragraph; figure 2, page 8, 2nd paragraph, device generates a nonce that is not used more than once/unique); 
receive a challenge from the verifier for attestation of a given layer of the mutable code (at least page 7, figure 1, 1st & last paragraphs, where verifier a random challenge C is received from verifier for attestation of a given layer of mutable code); 
calculate an attestation key (at least page 7, 2nd to last paragraph, wherein attestation key/Symmetric Alias key is calculated);
calculate a response for the challenge, by signing the challenge using the attestation key (at least figure 2, page 7, last paragraph, wherein a response R is calculated by concatenating the challenge C with nonce generated by the device, and computing a corresponding MAC using the attestation/ Symmetric Alias Key); and 
send the response to the verifier for verification of the given layer (at least figure 2, page 8, first paragraph, wherein the response R & nonce generated by device are sent to the verifier.)
NPL does not explicitly disclose the layers identifiable by respective measurements and the attestation key are generated from (i) a Unique Device Secret (UDS) stored securely in the device, (ii) a measurement of the given layer taken by another layer, and (iii) the nonce generated for the given boot cycle.
However, NPL discloses that additional inputs for key derivation is optional (at least page 7, 2nd to last paragraph.) 
As such, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the device of NPL to add additional inputs to derive key in order to meet the inventor’s needs.
NPL does explicitly disclose the layers identifiable by respective measurements.
However, Bromstrom discloses a plurality of software components (layers), wherein each software component identity is represented by a digest (measurement) produced from a cryptographic hash of that component (at least page 15, section 2.1.)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to explicitly include the teaching of Bromstrom into the device of NPL to protect the integrity of the software components/layers.

Regarding claim 4, NPL and Bromstrom disclose the device according to claim 1. NPL also discloses the attestation 5key comprises a symmetric key that depends on the nonce, and wherein the processor is configured to calculate the response by signing at least the challenge using the symmetric key, and to send both the response and the nonce to the verifier (at least pages 7-8, figure 2, attestation key/symmetric Alias Key is generated, MAC of at least the challenge is computed using the Symmetric Alias Key, and response R and nonce are sent to the verifier.)

Claim 11 is rejected for the same rationale as claim 1 above.
Claim 14 is rejected for the same rationale as claim 4 above.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to PHY ANH TRAN VU whose telephone number is (571)270-7317. The examiner can normally be reached Monday-Friday 7 am-1 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Taghi T Arani can be reached on (571) 272-3787. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/PHY ANH T VU/           Primary Examiner, Art Unit 2438