DETAILED ACTION

1.	 
This is in reply to an application filed on 06/25/2020. Claims 1-13 are pending examination.

2. 
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
3.

Drawing Objection
Figure 3 is objected to, because this figure is not labeled. Examiner suggests labeling the figure, for example labeling the figures with text in addition to the numbers according to the specification.

4.
Claim Objection
1)
Claim 9 is objected to, because this claim has typographical error. The examiner suggests the following correction: Replacement of “while verifying the integrity of the sequences received” with “while verifying the integrity of the sequence or sequences received”.

2)
Claims 1-4, 6-8, and 11 are objected to, because one or more limitations of these claims lack an antecedent basis in the claim. The examiner suggests the following correction:
Claim 1:
Replacement of “a method for checking the integrity” with “a method for checking an integrity”.
Replacement of “the content of which has been previously authenticated” with “a content of which has been previously authenticated”.
Replacement of “such that an integrity control command results in the execution of the following steps” with “such that an integrity control command results in execution of the following steps”.
Replacement of “on the content received from the memory of the data storage means (MEM)” with “on the content received from a memory of the data storage means (MEM)”.
Replacement of “wherein an integrity control command results in the execution of the following successive steps” with “wherein an integrity control command results in execution of the following successive steps”.
Replacement of “a request to receive the entire content of, the secure element (SE) then performs said authentication check” with “a request to receive entire content of, the secure element (SE) then performs said authentication check”.
Claim 2:
Replacement of “when the device is considered to be integral, the device is able to operate according to the nominal behaviour which has been attributed to it” with “when the device is considered to be integral, the device is able to operate according to a nominal behaviour which has been attributed to it”.

Claim 3:
Replacement of “the device is programmed to operate in a suitable mode taking into account the failure of the verification procedure” with “the device is programmed to operate in a suitable mode taking into account a failure of the verification procedure”.

Claim 4:
Replacement of “a preliminary phase for the configuration of the electronic device (DE)” with “a preliminary phase for a configuration of the electronic device (DE)”.
Replacement of “an electronic signature system using the private key corresponding to the public key (KP) loaded on the secure element (SE)” with “an electronic signature system using a private key corresponding to the public key (KP) loaded on the secure element (SE)”.
Claim 6:
Replacement of “when the device is started or when it receives a request from the user for an integrity check” with “when the device is started or when it receives a request from a user for an integrity check”.

Claim 7:
Replacement of “the failure of the authentication check on the content of the memory leads to the use of one or more of the following degraded operating modes” with “a failure of the authentication check on the content of the memory leads to the use of one or more of the following degraded operating modes”.
Replacement of “the user is notified of the failure of the integrity check” with “a user is notified of the failure of the integrity check”.

Claim 8:
Replacement of “the secure element (SE) stores a 4reference time interval T which is configured to be less than the maximum time” with “the secure element (SE) stores a 4reference time interval T which is configured to be less than a maximum time”.
Replacement of “each integrity control command sent to the device results in the execution of the following successive steps” with “each integrity control command sent to the device results in execution of the following successive steps”.
Replacement of “the secure element (SE) measures the time elapses between sending the request and receipt of the sequence” with “the secure element (SE) measures a time elapses between sending the request and receipt of the sequence”.

Claim 11:
Replacement of “the content of which has been previously authenticated and the an integrity of which can be verified using the public key” with “a content of which has been previously authenticated and an integrity of which can be verified using the public key”.
Replacement of “in which an integrity control command results in the execution of the following successive steps” with “in which an integrity control command results in an execution of the following successive steps”.
Replacement of “a request to receive the entire content of its memory” with “a request to receive entire content of its memory”.

5.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):

(B)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.

The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention. 


Claims 4 and 7 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite.

1.
the phrase "such as" renders the claim indefinite because the metes and bounds of the claim are not clearly set forth.  See MPEP § 2173.05(d) (See claim 4).

2.
It is unclear what meant by the phrase “wherein, after at least one”. Examiner suggests amending the claim to resolve this issue (See claim 7).

6.

Claim Rejections - 35 USC § 102

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention.


	Claims 1-7 and 10-13 are rejected under 35 U.S.C. 102(a)(1) as being unpatentable over Pearson et al. US 2002/0023032 (hereinafter Pearson).

Regarding claim 1 Pearson teaches a method for checking the integrity of an electronic device (DE), in particular a card payment system, comprising at least: 
a processor (MPU) ([0046]), a secure element (SE), capable of storing and managing data and onto which a public key (KP) has been loaded, intended for verifying an electronic signature, and a means of storing data (MEM), the content of which has been previously authenticated and the integrity of which can be verified using the public key, such that an integrity control command results in the execution of the following steps: the secure element (SE) performs, through the processor (MPU), on the content received from the memory of the data storage means (MEM), an authentication check, in order to check, using the public key (KP), that its content has not been modified since its initial authentication, when the authentication check has been successful, the device is considered to be integral, wherein an integrity control command results in the execution of the following successive steps (Pearson teaches a trusted device may comprise a memory to store certificate with a public key to verify the integrity of platform utilizing the public key such as verifying a digest of a BIOS instructions stored in a memory, wherein verifying the BIOS instruction gives a potential user of the platform a high level of confidence that the platform has not been subverted at hardware or BIOS program level, and wherein a non-volatile memory may store integrity metric in a form of a digest value [0047-0049], and fig. 1-4): the processor (MPU) of the device calls the secure element (SE), in response, the secure element (SE) sends, via the processor (MPU), by means of data storage (MEM), a request to receive the entire content of its memory, the secure element (SE) then performs said authentication check (Pearson teaches a controller 30 programmed to control the overall operation of the trusted device 24, and interact with the other functions on the trusted device 24 and with the other devices on the motherboard 20 [0036-0037].A transaction to be processed after checking the integrity of a payment terminal [0012]. A seal data may be encrypted and signed and moved from a user smartcard to a trusted device 24, wherein the seal data may be selected by a user with a unique identifier, and wherein the trusted device may decrypt the seal data to retrieve and display a correct image [0059-0064], and fig. 1-3). Note entire memory interpreted as a memory (i.e. smartcard) storing at least one bit or more.  

Regarding claim 2 Pearson teaches the method for verifying the integrity of an electronic device (DE) according to claim 1, in which, when the device is considered to be integral, the device is able to operate according to the nominal behaviour which has been attributed to it (Pearson teaches After system reset, the trusted device 24 performs a secure boot process to ensure that the operating system of the platform 10 is running properly and in a secure manner. During the secure boot process, the trusted device 24 acquires an integrity metric of the computing platform 10. The trusted device 24 can also perform secure data transfer and, for example, authentication between it and a smart card via encryption/decryption and signature/verification [0035]).

Regarding claim 3 Pearson teaches the method for verifying the integrity of an electronic device (DE) according to claim 1, in which when the authentication check fails, the device is programmed to operate in a suitable mode taking into account the failure of the verification procedure (Pearson teaches the result of the integrity check will be displayed on the trusted personal device or the payment terminal [0012]).  


Regarding claim 4 Pearson teaches the an integrity control method according to claim 1, comprising, in addition to the steps executed each time an integrity control command is sent to the device, a preliminary phase for the configuration of the electronic device (DE), in which the initial content of the memory of the data storage means (MEM) is validated using digital authentication means such as, in particular, an electronic signature system using the private key corresponding to the public key (KP) loaded on the secure element (SE) (Pearson teaches each entity has asymmetric key pairs for signature and verification [0070]).  

Regarding claim 5 Pearson teaches the method for checking the integrity of an electronic device (DE) according to claim 4, in which the electronic signature initially produced during the preliminary configuration phase of the electronic device (DE) is loaded either into the data storage means (MEM), or into the memory of the secure element (SE) (Pearson teaches each entity has asymmetric key pairs for signature and verification [0070]).  

Regarding claim 6 Pearson teaches the method for checking the integrity of an electronic device (DE) according to claim 1, in which an integrity check command is performed either when the device is started or when it receives a request from the user for an integrity check [0035].  

Regarding claim 7 Pearson teaches an integrity control method according to claim 1 wherein, after at least one, but a determined number of executions of the integrity control steps do not result in confirmation of the integrity of the memory with respect to its initial state, the failure of the authentication check on the content of the memory leads to the use of one or more of the following degraded operating modes: 
- the user is notified of the failure of the integrity check, 
- access to the data loaded on the secure element (SE) is blocked, 
- access to the electronic device (DE) is blocked, 
- all or part of the data stored in the electronic device (DE) and the elements that comprise it are erased (Pearson teaches the result of the integrity check will be displayed on the trusted personal device or the payment terminal [0012]).  


Regarding claim 10 Pearson teaches the method for checking the integrity of an electronic device (DE) according to claim 1, wherein the function of the processor (MPU) is provided by a microcontroller [0046].  

In response to Claim 11: Rejected for the same reason as claim 1
  Regarding claim 12 Pearson teaches an electronic device (DE) according to claim 11, which comprises a microcontroller whose memory includes all or part of the data storage means (MEM) and whose processor performs the function of the processor (MPU) (Pearson teaches the trusted device is a microcontroller [0046], wherein the trusted device comprises a a volatile memory and non-volatile memory [0037], and fig. 3).  

Regarding claim 13 Pearson teaches an electronic device (DE) according to claim 11, wherein it also includes one and/or the other of the following complementary means: 
- a human/machine interface, in particular a keyboard or screen, 
- a communication interface with external digital devices, in particular a computer, a communication network or a remote server [0029].


7.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:

A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

		Claims 8-9 are rejected under 35 U.S.C. 103 as unpatentable over Pearson as mentioned above, and further in view of Yu et al,. US 2014/0278882 (hereinafter Yu).

Regarding claim 8 Pearson teaches the method for checking the integrity of an electronic device (DE) according to claim 1. Interrupts execution of the subsequent steps of the integrity control procedure (Pearson teaches the platform may unable to verify its integrity [0053]). Pearson does not teach an element stores a 4reference time interval T which is configured to be less than the maximum time required for the element to recover the entire content of the memory to be authenticated, and in which each integrity control command sent to the device results in the execution of the following successive steps: the element sends a request to a data storage to send it one or more sequences of data extracted from its memory, the element measures the time which elapses between sending the request and receipt of the sequence or sequences requested, and compares this with the reference time interval T, If the elapsed time is greater than time T, the element refuses to authenticate the content of the memory of the data storage. Yu substantially teaches determining a difference between a receipt and sending time of a sending promotion, and comparing the difference with a predetermined time threshold. If the difference time is greater than a threshold, then the authentication will be rejected otherwise the authentication will be approved [0146-0150].
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to modify Pearson such that the invention further includes an element stores a reference time interval T which is configured to be less than the maximum time required for the element to recover the entire content of the memory to be authenticated, and in which each integrity control command sent to the device results in the execution of the following successive steps: the element sends a request to a data storage to send it one or more sequences of data extracted from its memory, the element measures the time which elapses between sending the request and receipt of the sequence or sequences requested, and compares this with the reference time interval T, If the elapsed time is greater than time T, the element refuses to authenticate the content of the memory of the data storage. One would have been motivated to do so to ensure that the response is received according to a predetermined policy (i.e. the response should be received according to the system’s capability and/or availability).


Regarding claim 9 Pearson as modified teaches the method for checking the integrity of an electronic device (DE) according to claim 8, in which, when the time elapsed between the sending of the request by the secure element (SE) and the receipt of the requested sequence or sequences is less than interval T, the secure element (SE) executes the steps of the integrity control method, while verifying the integrity of the sequences received with respect to the authenticity of the content of the memory which it must validate (Wu teaches determining a difference between a receipt and sending time of a sending promotion, and compare the difference with a predetermined time threshold. If the difference time is greater than a threshold, then the authentication will be rejected otherwise the authentication will be approved [0146-0150]).


Conclusion


Any inquiry concerning this communication or earlier communications from the examiner should be directed to AYOUB ALATA whose telephone number is (313)446-6541.  The examiner can normally be reached on Monday - Friday 7:30 - 5:00 Est.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jung (Jay) Kim can be reached on (571)272-3804.  The fax phone number for the organization where this application or proceeding is assigned is (571)273-8300. 
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/AYOUB ALATA/           Primary Examiner, Art Unit 2494