Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .


Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Claims 2-21 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-17 of U.S. Patent No. 10,440,000. Although the claims at issue are not identical, they are not patentably distinct from each other because the claims of US 10,440,000 anticipate all the claim limitations at issue in claims 2-21 of the instant application.


Claim Interpretation
The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof. 

The following is a quotation of pre-AIA  35 U.S.C. 112, sixth paragraph:
An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.



Claim limitations in this application that use the word “means” (or “step”) are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. Conversely, claim limitations in this application that do not use the word “means” (or “step”) are not being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action.

If applicant does not intend to have this/these limitation(s) interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, applicant may:  (1) amend the claim limitation(s) to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph (e.g., by reciting sufficient structure to perform the claimed function); or (2) present a sufficient showing that the claim limitation(s) recite(s) sufficient structure to perform the claimed function so as to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph.
The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art.  The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the description in the specification when 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is invoked. 
As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph:
(A)	the claim limitation uses the term “means” or “step” or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function; 
(B)	the term “means” or “step” or the generic placeholder is modified by functional language, typically, but not always linked by the transition word “for” (e.g., “means for”) or another linking word or phrase, such as “configured to” or “so that”; and 
(C)	the term “means” or “step” or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function. 
Use of the word “means” (or “step”) in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites sufficient structure, material, or acts to entirely perform the recited function. 


Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claim 14 is rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
Claim 14 states “verify the OS signature by comparing the public key with the OS signature”.  It is unclear what is occurring in the claim.  Verification of digital signatures is not accomplished by comparing to a public key.   Appropriate correction is required.



Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


Claim(s) 2, 3, 4, 5, 16, 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Sutton US 2010/0150351 in view of Ballesteros US 9,479,332

As per claims 2, 16, 20 Sutton teaches A device comprising: a first memory to store software; a second memory; and secure data provisioning component operatively coupled to the second memory, wherein the secure data provisioning component to: receive a first instruction to store an entity identification (ID) in the second memory,; receive a second instruction to store a hash value of a public key in the second memory, [0050][0052][0053] [0057][0060] (storing Device ID hash or random value of key)


Ballesteros teaches wherein the entity ID is unique to a particular manufacturer; store the entity ID in the second memory in response to receiving the first instruction wherein the second instruction comprises the hash value and an ID check value, wherein the ID check value is used by the secure data provisioning component to detect an error with the entity ID prior to storing the hash value in the second memory, wherein the public key corresponds to a private key used by the particular manufacturer to sign the software that is stored in the first memory; prior to storing the hash value in the second memory, determine whether the hash value corresponds to the entity ID using the ID check value, wherein the hash value corresponds to the entity ID when the ID check value corresponds to the entity ID; and store the hash value in the second memory when the hash value is determined to correspond to the entity ID.
(Column 3 lines 40 to Column 4 line 6; Column 2 lines 5-40)   (verifying data for specific entity prior to loading/storing data; OEM ID, certificate, keys and BIOS)

It would have been obvious to one of ordinary skill in the art at the time the invention was filed to use Ballesteros with Sutton because it increases OS security.
As per claim 3. Ballesteros teaches The device of claim 2, wherein the second memory is non-volatile memory. (Column 3 lines 40-52) (ID in non-volatile memory, fuse, OTP)As per claim 4. Ballesteros teaches The device of claim 3, wherein the non-volatile memory is at least one of a One Time Programmable (OTP) memory, eFuse, or Multi-time Programmable (MTP) memory. (Column 3 lines 40-52) (ID in non-volatile memory, fuse, OTP)As per claim 5. Ballesteros teaches The device of claim 2, wherein the second memory is volatile memory. [0061][0064]
Claim(s) 6-11, 17, 18, 19, 21 is/are rejected under 35 U.S.C. 103 as being unpatentable over Sutton US 2010/0150351 in view of Ballesteros US 9,479,332 in view of Hussain US 8,843,764
As per claim 6, 17, 21. Sutton teaches The device of claim 2, wherein the secure data provisioning component is further to: receive a third instruction to store a symmetric key in the second memory, wherein the third instruction comprises the symmetric key and an expected value, wherein the expected value is used by the secure data provisioning component to detect an error with the hash value prior to storing the symmetric key in the second memory, [0059]

Hussain teaches wherein the symmetric key is specified by the particular manufacturer to authenticate the device during a later operation of the device; prior to storing the symmetric key in the second memory, determine whether the symmetric key to be stored in the second memory corresponds to the hash value that is stored in the second memory using the expected value, wherein the symmetric key corresponds to the hash value when the expected value matches the hash value stored in the second memory; and store the symmetric key in the second memory when the symmetric key is determined to correspond to the hash value. (Column 6 lines 12-45) (using symmetric key by manufacturer to authenticate the device in later operations)

It would have been obvious skill in the art at the time the invention was filed to use the teaching of Hussain with the prior art combination because it includes redundant security measures.As per claim 7. Sutton teaches The device of claim 6, wherein the first instruction, the second instruction, and the third instruction are associated with a sequence of instructions received by an original device manufacturer (ODM) from an original equipment manufacturer (OEM) via a network. [0046][0049] (device manufacturer)As per claim 8. Ballesteros teaches The device of claim 7, wherein the sequence of instructions is associated with a signature corresponding to the private key, the secure data provisioning component is further to: retrieve, from circuitry of the device, the public key corresponding to the private key; and authenticate the signature of the sequence of instructions based on the public key. (Column 2 lines 5-25) (validating signature of BIOS/OS)As per claim 9. Sutton teaches The device of claim 6, wherein the symmetric key is encrypted based on a wrapping key. [0060] (encrypted with public key)As per claim 10. Sutton teaches The device of claim 9, wherein the wrapping key is stored in the secure data provisioning component. [0060] (Protected memory)

Ballesteros additionally teaches The device of claim 9, wherein the wrapping key is stored in the secure data provisioning component. (Column 3 line 40 to Column 4 line 6) (OTP memory)
As per claim 11. Ballesteros teaches The device of claim 6, wherein the entity ID is an original equipment manufacturer (OEM) ID, wherein the symmetric key is an OEM key associated with the OEM ID. (Column 3 line 40 to Column 4 line 6; Column 2 lines 25-40) (OEM ID, certificate, keys)
As per claim 18. Ballesteros teaches The apparatus of claim 16, wherein the second memory is non-volatile memory. (Column 3 lines 40-52) (ID in non-volatile memory, fuse, OTP)As per claim 19. Ballesteros teaches The apparatus of claim 18, wherein the non-volatile memory is at least one of a One Time Programmable (OTP) memory, eFuse, or Multi-time Programmable (MTP) memory. (Column 3 lines 40-52) (ID in non-volatile memory, fuse, OTP)
Claim(s) 12, 13, 14, 15 is/are rejected under 35 U.S.C. 103 as being unpatentable over Sutton US 2010/0150351 in view of Ballesteros US 9,479,332 in view of Hussain US 8,843,764 in view of Lampson US 7,424,606
As per claim 12. Lampson teaches The device of claim 2, further comprising secure boot logic coupled to the first memory and the second memory, wherein the software, stored in the first memory, is an operating system (OS), wherein the secure boot logic is to execute the OS from the first memory based on the hash value stored in the second memory. (Column 9 lines 10-35; Column 10 lines 30-40; Column 13 lines 4-30) (teaches a secure boot including signature/hash of OS which must be verified to be loaded)
It would have been obvious to one of ordinary skill in the art at the time the invention was filed to use Lampson with the prior art combination because Ballesteros already teaches validating a secure BIOS which leads to an OS and Lampson expands that teaching, and increases security.As per claim 13. Lampson teaches The device of claim 12, wherein the first memory is further to store an OS signature, wherein the secure boot logic is to determine whether to execute the OS based on the OS signature. (Column 9 lines 10-35; Column 10 lines 30-40; Column 13 lines 4-30) (teaches a secure boot including signature/hash of OS which must be verified to be loaded)As per claim 14. Lampson teaches The device of claim 12, wherein the first memory is further to store an OS signature, wherein the secure boot logic is to: retrieve the hash value from the second memory; determine a public key associated with the hash value; verify the OS signature by comparing the public key with the OS signature; and determine whether to execute the OS responsive to the OS signature being verified. (Column 9 lines 10-35; Column 10 lines 30-40; Column 13 lines 4-30) (teaches a secure boot including signature/hash of OS which must be verified with public key to be loaded)As per claim 15. Lampson teaches The device of claim 12, wherein the first memory is further to store an OS signature and a copy of the public key associated with the OS signature, wherein the secure boot logic is to: retrieve the public key stored in the first memory; calculate a second hash value of the copy of the public key; retrieve the hash value from the second memory; verify the OS signature by comparing the second hash value with the hash value; and determine whether to execute the OS responsive to the OS signature being verified. (Column 9 lines 10-35; Column 10 lines 30-40; Column 13 lines 4-30) (teaches a secure boot including signature/hash of OS which must be verified to be loaded)
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to CHRISTOPHER BROWN whose telephone number is (571)272-3833. The examiner can normally be reached M-F 8-5.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu Pham can be reached on (571) 270-5002. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/CHRISTOPHER J BROWN/Primary Examiner, Art Unit 2439