Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 04/27/2022 has been entered.

Examiner’s Amendment
An examiner's amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.

Authorization for this examiner's amendment was given via email from Attorney Eric Jensen (Reg. No. 37647) on June 30, 2022.

The application has been amended as follows:


Amendments to the Claims:
This listing of claims will replace prior versions, and listings, of claims in the application:
Listing of Claims: 
1.	(Currently Amended) A method comprising:
	initiating, by an operating system (OS) executing on a computing device comprising a processor device, a software package verification process in a trusted execution environment (TEE), the OS being part of an OS environment comprising a file system;
	determining, by a package installer executing outside of the TEE on the computing device, that a first software package in a software repository is to be installed into the OS environment, wherein the package installer is a component of the OS; 
downloading the first software package to a storage device; 
sending, by the OS to the software package verification process, first location information that identifies a location of the first software package; 
receiving, by the OS outside of the TEE, from the software package verification process, information that indicates that the first software package on the storage device is trusted, wherein the information that indicates that the first software package on the storage device is trusted is based on a comparison of a calculated cryptographic hash value provided by the software package verification process based on contents of the first software package to a predetermined cryptographic hash value; and
in response to the information that indicates that the first software package on the storage device is trusted, installing, by the package installer, the first software package into the OS environment.

14.	(Currently Amended) A computing device, comprising:
a memory; and
a processor device coupled to the memory to:
initiate, by an operating system (OS), a software package verification process in a trusted execution environment (TEE), the OS being part of an OS environment comprising a file system;
determine, by a package installer executing outside of the TEE on the computing device, that a first software package in a software repository is to be installed into the OS environment, wherein the package installer is a component of the OS; 
download the first software package to a storage device; 
send, by the OS to the software package verification process, first location information that identifies a location of the first software package;
receive, by the OS outside of the TEE, from the software package verification process, information that indicates that the first software package on the storage device is trusted, wherein the information that indicates that the first software package on the storage device is trusted is based on a comparison of a calculated cryptographic hash value provided by the software package verification process based on contents of the first software package to a predetermined cryptographic hash value; and
in response to the information that indicates that the first software package on the storage device is trusted, install, by the package installer, the first software package into the OS environment.

18.	(Currently Amended) A computer program product stored on a non-transitory computer-readable storage medium and including instructions to cause a processor device to:
initiate, by an operating system (OS), a software package verification process in a trusted execution environment (TEE), the OS being part of an OS environment comprising a file system;
determine, by a package installer executing outside of the TEE on the computing device, that a first software package in a software repository is to be installed into the OS environment, wherein the package installer is a component of the OS; 
download the first software package to a storage device; 
send, by the OS to the software package verification process, first location information that identifies a location of the first software package; 
receive, by the OS outside of the TEE, from the software package verification process, information that indicates that the first software package on the storage device is trusted, wherein the information that indicates that the first software package on the storage device is trusted is based on a comparison of a calculated cryptographic hash value provided by the software package verification process based on contents of the first software package to a predetermined cryptographic hash value; and
in response to the information that indicates that the first software package on the storage device is trusted, install, by the package installer, the first software package into the OS environment.



Response to Amendment
This communication is in response to the amendment filed on 04/27/2022. The Examiner acknowledges amended claims 1, 3-14, 16-18, and 20-22. Claims 2, 15, and 19 have been canceled. Claims 21-22 have been added. Claims 1, 3-14, 16-18, and 20-22 are pending and claims 1, 3-14, 16-18, and 20-22 are allowed.  Claims 1, 14, and 18 is/are independent. 

Claims 1, 14, and 18 have been amended with this Examiner’s amendment.
	
		
Response to Arguments
Applicant's arguments (Remarks, page 9, 3rd paragraph to page 10, 3rd paragraph) filed 04/27/2022 have been fully considered and are persuasive. The rejection to the claims 1, 3-14, 16-18, and 20 have been withdrawn in view of the applicant’s amendment and persuasive arguments.

Allowable Subject Matter
Claims 1, 3-14, 16-18, and 20-22 are allowed.

Reasons for Allowance
The following is an examiner’s statement of reasons for allowance:

The prior art of record (in particular, Smith '496 et al. U.S. Publication 20170357496 (hereinafter “Smith '496”), Krishnamurthy et al. U.S. Publication 20140130151 (hereinafter “Krishnamurthy”), Hjelm et al. U.S. Patent No. 9722775 (hereinafter “Hjelm”), Igotti et al. U.S. Patent No. 9536088 (hereinafter “Igotti”), Smith et al. U.S. Publication 20140096182 (hereinafter “Smith '182”), Smith '376 et al. U.S. Publication 20160065376 (hereinafter “Smith '376”), Korkishko et al. U.S. Publication 20100287547 (hereinafter “Korkishko”), and Aissi et al. U.S. Publication 20140066015 (hereinafter “Aissi”)) does not expressly disclose all the limitations recited in independent claim(s) and the combination of their features thereon. With respect to independent claim 1 the closest prior art does not disclose at least the following limitations in the recited context:

receiving, by the OS outside of the TEE, from the software package verification process, information that indicates that the first software package on the storage device is trusted, wherein the information that indicates that the first software package on the storage device is trusted is based on a comparison of a calculated cryptographic hash value provided by the software package verification process based on contents of the first software package to a predetermined cryptographic hash value;


Rather, Smith ‘496 discloses determining software packages that are necessary for updating a client device, requesting release components from an update server, receiving such components, verifying the integrity of the components, and installing the verified software release components. A trusted execution environment may include a release integrity module for verifying the integrity of the release components [Smith ‘496 para. 32, 34, 37, 61-62, figure 7, elements 714, 716, and 718, figure 2, trusted execution environment 256, release integrity module 248, and integrity hash tree 208]. 
However, Smith ‘496 does not disclose at least the features of claim 1 quoted above.  
To this, Krishnamurthy adds a trusted execution environment can be manufactured on a different substrate than a Near Field Communication (NFC) controller. The NFC controller can receive a firmware installation request from a high level application. The NFC controller may ensure that the firmware is coming from a trusted source. The Krishnamurthy system may ensure that the new firmware version being downloaded is higher than the previous version. The security element environment may verify the firmware version number is the last firmware version. The secure element environment can be a trusted execution environment [Krishnamurthy, para. 40, 58, 68, 71, 86, and 91]. Hjelm adds an operating system facilitates the request of signature verification from an applet executing inside the trusted execution environment. If the signature is verified, a secure voice application can complete a voice session key negotiation process [Hjelm, 9:35-44 and figure 7, element 730]. Smith '182 adds a service provider may receive a trusted task request from a client with data and/or code, and provision such data and/or code in a trusted execution environment [Smith '182, para. 26, 102, figure 4C elements 413-415]. Smith '376 adds computing an attestation quote (e.g., a signed hash) of code executing in its own trusted execution environment and compares that to the attestation quote provided by a remote computing device [Smith '376, para. 30]. Korkishko adds a user may choose whether to install a software package based on an integrity verification result, and a mobile device may install the software package based on the user input [Korkishko, para. 61].  Aissi adds a verification agent may prevent installation of a received application until the authenticity of the application is determined [Aissi, para. 70]. 
However, the combination of Smith ‘496, Krishnamurthy, Hjelm, Igotti, Smith '182, Smith '376, Korkishko, and Aissi does not teach at least the features of claim 1 quoted above.  
Claims 14 and 18 are independent claims reciting features analogous to the features of claim 1 and is also allowable for the same reasons as claim 1. 

None of the prior art of record, either taken by itself or in any combination, would have 
anticipated or made obvious the invention of the present application at or before the time it was filed.
For the reasons described above, the prior art of record does not disclose, with respect to independent claim(s) 1, 14, and 18, features corresponding to those of independent claim(s) 1, 14, and 18 in their respective contexts. Therefore, the independent claim(s) 1, 14, and 18 is/are allowed.

Dependent claims 3-13, 16-17, and 20-22 are allowed in view of their respective dependence from independent claim(s) 1, 14, and 18.

Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee. Such submissions should be clearly labeled “Comments on Statement of Reasons for
Allowance.”

Conclusion
	Any inquiry concerning this communication or earlier communications from the examiner should be directed to HOWARD H LOUIE whose telephone number is 571-272-0036.  The examiner can normally be reached on Monday-Friday 9 AM-5 PM EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jung W. Kim can be reached on 571-272-3804.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/HOWARD H. LOUIE/Examiner, Art Unit 2494                                                     
	

/THEODORE C PARSONS/Primary Examiner, Art Unit 2494