DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 04/13/2020 is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Claim Objections
Claim 5 is objected to because of the following informalities:  The examiner suggest amending the claim to recite “at a subordinate control device” in line 2 instead of “at subordinate control device”.  Appropriate correction is requested.
Claims 13-14 are objected to because of the following informalities:  The examiner suggest amending the claim to recite “the symmetric cryptographic key” instead of “the symmetric key” to correspond with the other claim language.  Appropriate correction is requested.
Claims 1-3 and 6-11 are objected to because of the following informalities:  The examiner suggest amending the claims to recite “initialization” instead of “initialisation” and “authorization” instead of “authorsation” to provide better clarity.  Appropriate correction is requested.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 14-15 rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
Claim 14 recites the limitation "the event" in line 3.  There is insufficient antecedent basis for this limitation in the claim.
Claim 15 recites the limitations "the status" in line 3 and “the event” in line 6.  There is insufficient antecedent basis for this limitation in the claim.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim(s) 1 and 6-7 are rejected under 35 U.S.C. 103 as being unpatentable over Acar (US Pub No. 2012/0173885) in view of Jacobs et al. (US Pub No. 2015/0089209).
Regarding independent claim 1, Acar teaches a method for secure key exchange in a platform, the method comprising: generating at least one symmetric cryptographic key (Acar, page 3, paragraph 0030, page 2, paragraph 0020 and page 4, paragraph 0038; DKM key [symmetric key]); encrypting the at least one symmetric cryptographic key using a public cryptographic key (Acar, page 2, paragraph 0020 & 0026, page 3, paragraphs 0030-0031 & 0037 and page 4, paragraph 0038; DMK key are sealed/encrypted with TPM wrapping key). 
	Acar does not explicitly teach checking a value of parameter via a platform hardware initialisation device to determine a status of an agent; generating a variable representing the encrypted at least one symmetric cryptographic key; and enabling access to the variable from the agent via the platform hardware initialisation device.
	Jacobs teaches checking a value of parameter via a platform hardware initialisation device to determine a status of an agent (Jacobs, page 5, paragraph 0037); generating a variable representing the encrypted at least one symmetric cryptographic key (Jacobs, page 3, paragraphs 0033-0034; program keys and lists into authenticated variables); and enabling access to the variable from the agent via the platform hardware initialisation device (Jacobs, page 1, paragraph 0016, page 3, paragraphs 0028 & 0035).
	It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Acar with the teachings of Jacobs to manage secure boot variable to provide the advantage of preventing authorized access (Jacobs, pages 1-2, paragraph 0016).
Regarding independent claim 6, Acar teaches an apparatus, comprising a processor and a memory, the processor to: register a public cryptographic key received from a platform hardware initialisation device (Acar, page 3, paragraphs 0031-0032 & 0037 TPM key); generate a symmetric cryptographic key (Acar, page 3, paragraph 0030, page 2, paragraph 0020 and page 4, paragraph 0038; DKM key [symmetric key]); and encrypt the symmetric cryptographic key using the public cryptographic key (Acar, page 2, paragraph 0020, page 3, paragraphs 0030-0031 & 0037 and page 4, paragraph 0038; DMK key are sealed/encrypted with TPM wrapping key). 
	Acar does not explicitly teach modify a state of a subordinate control device stored in the memory.
Jacobs teaches modify a state of a subordinate control device stored in the memory (Jacobs, page 3, paragraph 0033 and page 4, paragraph 0040).
	It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Acar with the teachings of Jacobs to manage default list in BMC & BIOS and secure boot variable to provide the advantage of preventing authorized access (Jacobs, pages 1-2, paragraph 0016).
	Regarding claim 7, Acar in view of Jacobs teaches the apparatus further comprising an agent to: retrieve a variable from the platform hardware initialisation device representing the encrypted symmetric cryptographic key (Jacobs, page 1, paragraph 0016, page 3, paragraphs 0028 & 0033-0035).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Acar with the teachings of Jacobs to manage default list in BMC & BIOS and secure boot variable to provide the advantage of preventing authorized access (Jacobs, pages 1-2, paragraph 0016).

Claim(s) 2-4 and 8-10 are rejected under 35 U.S.C. 103 as being unpatentable over Acar (US Pub No. 2012/0173885) in view of Jacobs et al. (US Pub No. 2015/0089209) as applied to claims 1, 6 and 7 above, and further in view of Jensen et al. (US Pub No. 2014/0359288).
Regarding claim 2, Acar in view of Jacobs teaches each and every claim limitation of claim 1. 
Acar in view of Jacobs does not explicitly teach the method further comprising generating the at least one symmetric cryptographic key using a random authorisation code seeded from a unique and unpredictable platform dependent value.
Jensen teaches generating the at least one symmetric cryptographic key using a random authorisation code seeded from a unique and unpredictable platform dependent value (Jensen, page 4, paragraph 0079; generate symmetric key from unlock code; unlock code unique to each device based in IMSI and seed).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Acar in view of Jacobs with the teachings of Jensen to control key generator device to provide the advantage of preventing tampering or modification (Jensen, page 1, paragraphs 0001-0002).
Regarding claim 3, Acar in view of Jacob and in further view of Jensen teaches the method further comprising: retrieving the encrypted at least one symmetric cryptographic key from the platform hardware initialisation device (Acar, page 2, paragraph 00020 and page 4, paragraphs 0038-0039), however Jensen teaches retrieving an authorisation code (Jensen, page 4, paragraphs 0079-0080; unlock code); and using the authorisation code to unlock a private cryptographic key stored in a secure cryptoprocessor of the platform  (Jensen, page 4, paragraphs 0079-0080; decrypt private key with unlock code).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Acar in view of Jacobs with the teachings of Jensen to control key generator device to provide the advantage of preventing tampering or modification (Jensen, page 1, paragraphs 0001-0002).
Regarding claim 4, Acar in view of Jacob and in further view of Jensen teaches the method further comprising: decrypting the encrypted at least one symmetric cryptographic key using the private cryptographic key (Acar, page 1, paragraph 0005, page 2, paragraph 0020, page 3, paragraph 0031; TPM keypair [private key] to decrypt/unseal). 
Regarding claim 8, Acar in view of Jacobs teaches the apparatus the agent further to: generate a cryptographic key pair comprising the public cryptographic key and a corresponding private key secured in a secure cryptoprocessor of the platform (Acar, page 1, paragraph 0018 and page 3, paragraph 0037; TPM for generating and storing keys; TPM keys). 
Acar in view of Jacobs does not explicitly teach generating a cryptographic key pair using a random authorisation code.
Jensen teaches generating a cryptographic key pair using a random authorisation code. (Jensen, pages 3-4, paragraph 0067 and page 4, paragraphs 0079-0080).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Acar in view of Jacobs with the teachings of Jensen to control key generator device to provide the advantage of preventing tampering or modification (Jensen, page 1, paragraphs 0001-0002).
Regarding claim 9, Acar in view of Jacob and in further view of Jensen teaches the apparatus , the agent further to: retrieving the encrypted at least one symmetric cryptographic key from the platform hardware initialisation device (Acar, page 2, paragraph 00020 and page 4, paragraphs 0038-0039), however Jensen teaches retrieve an authorisation code (Jensen, page 4, paragraphs 0079-0080; unlock code); and decrypt the encrypted symmetric cryptographic key using the private key protected by the authorisation code and secure cryptoprocessor of the platform (Jensen, page 4, paragraphs 0079-0080; decrypt private key with unlock code).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Acar in view of Jacobs with the teachings of Jensen to control key generator device to provide the advantage of preventing tampering or modification (Jensen, page 1, paragraphs 0001-0002).
Regarding claim 10, Acar in view of Jacob and in further view of Jensen teaches the apparatus, the agent further to: lock the private cryptographic key after use by extending a platform configuration register (Jensen, page 4, paragraphs 0079-0080; encrypt private key with unlock code).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Acar in view of Jacobs with the teachings of Jensen to control key generator device to provide the advantage of preventing tampering or modification (Jensen, page 1, paragraphs 0001-0002).

Claim 5 is rejected under 35 U.S.C. 103 as being unpatentable over Acar (US Pub No. 2012/0173885) in view of Jacobs et al. (US Pub No. 2015/0089209) as applied to claims 1, 6 and 7 above, and further in view of Fu (US Pub No. 2018/0234255).
Regarding claim 5, Acar in view of Jacobs teaches each and every claim limitation of claim 1. 
Acar in view of Jacobs does not explicitly teach the method further comprising: generating, at subordinate control device of the platform, a nonce; signing the nonce using the public cryptographic key; and recording the public cryptographic key in the subordinate control device of the platform.
Fu teaches generating, at subordinate control device of the platform, a nonce (Fu, page 1, paragraphs 0006-0008); signing the nonce using the public cryptographic key (Fu, page 1, paragraphs 0006-0008); and recording the public cryptographic key in the subordinate control device of the platform (Fu, page 1, paragraphs 0006-0008).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Acar in view of Jacobs with the teaching of Fu for key distribution between trusted computing devices based on nonce to provide the advantage of  secure attestation in the system (Fu, page 1, paragraphs 0002 & 0005-0006).

Claim(s) 11 and 13-15 are rejected under 35 U.S.C. 103 as being unpatentable over Ibrahim et al. (US Pub No. 2008/0130893) in view of Jensen et al. (US Pub No. 2014/0359288).
Regarding independent claim 11, Ibrahim teaches a non-transitory machine-readable storage medium encoded with instructions executable by a processor in a platform to enable secure key exchange between an agent and a subordinate control device of the platform, the machine-readable storage medium comprising instructions to: retrieve an encrypted symmetric cryptographic key from a platform hardware initialisation device (Ibrahim, page 1, paragraph 0010; wrap symmetric for securely exchange symmetric key).
Ibrahim does not explicitly teach retrieve an authorisation code and unlock a private cryptographic key stored in a secure cryptoprocessor of the platform using the authorisation code.
Jensen teaches retrieve an authorisation code (Jensen, page 4, paragraphs 0079-0080; unlock code); and unlock a private cryptographic key stored in a secure cryptoprocessor of the platform using the authorisation code to (Jensen, page 4, paragraphs 0079-0080; decrypt private key with unlock code).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Acar in view of Jacobs with the teachings of Jensen to control key generator device to provide the advantage of preventing tampering or modification (Jensen, page 1, paragraphs 0001-0002).
Regarding claim 12, Ibrahim in view of Jensen teaches the non-transitory machine-readable storage medium further encoded with instructions to: decrypt the encrypted symmetric cryptographic key using the private cryptographic key (Ibrahim, page 1, paragraph 0010; wrap symmetric for securely exchange symmetric key).
Regarding claim 13, Ibrahim in view of Jensen teaches the non-transitory machine-readable storage medium further encoded with instructions to:  monitor a period of time between a platform boot and a first use of a communication secured by the symmetric key (Ibrahim, page 4, paragraphs 0033-0034).
Regarding claim 14, Ibrahim in view of Jensen teaches the non-transitory machine-readable storage medium further encoded with instructions to:  reject a use of the symmetric key in the event that the monitored period of time exceeds a predetermined threshold value. (Ibrahim, page 4, paragraphs 0033-0034).
Regarding claim 15, Ibrahim in view of Jensen teaches the non-transitory machine-readable storage medium further encoded with instructions to: monitor time between a platform boot, retrieving the status, and accepting a signed nonce (Ibrahim, pages 3-4, paragraphs 0029-0034 and page 7, paragraph 0059); and regulate when registration is to take place on a freshly booted device in the event that the monitored time exceeds a predetermined threshold value (Ibrahim, pages 3-4, paragraphs 0029-0034 and page 7, paragraph 0059).

Claim(s) 12 is rejected under 35 U.S.C. 103 as being unpatentable over Ibrahim et al. (US Pub No. 2008/0130893) in view of Jensen et al. (US Pub No. 2014/0359288) as applied to claims 11 and 13-15 above and in further view of Acar (US Pub No. 2012/0173885).
Regarding claim 12, Ibrahim in view of Jensen teaches each and every claim limitation of claim 11. 
Ibrahim in view of Jensen does not explicitly teach the non-transitory machine-readable storage medium further encoded with instructions to: decrypt the encrypted symmetric cryptographic key using the private cryptographic key.

Acar teaches decrypting the encrypted at least one symmetric cryptographic key using the private cryptographic key (Acar, page 1, paragraph 0005, page 2, paragraph 0020, page 3, paragraph 0031; TPM keypair [private key] to decrypt/unseal).
	It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Ibrahim in view of Jensen with the teachings of Acar to decrypt/unseal a symmetric key with a TPM private key to provide the advantage of strengthening processing security surrounding management of keys with hardware base security (Acar, page 1, paragraph 0005).

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHAQUEAL D WADE whose telephone number is (571)270-0357. The examiner can normally be reached M-F 8:00-5:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kristine Kincaid can be reached on 571-272-4063. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/SHAQUEAL D WADE-WRIGHT/Primary Examiner, Art Unit 2437