PNG
    media_image1.png
    340
    340
    media_image1.png
    Greyscale
United States Patent and Trademark Office    
        
            
                                
            
        
    

Commissioner for Patents
United States Patent and Trademark Office
P.O. Box 1450
Alexandria, VA 22313-1450
www.uspto.gov











BEFORE THE PATENT TRIAL AND APPEAL BOARD


Application Number: 16/874,109
Filing Date: 14 May 2020
Appellant(s): HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP



__________________
Fred G. Pruner, Jr. [reg# 40, 779]
For Appellant


EXAMINER’S ANSWER





This is in response to the appeal brief filed on 04/29/2022.
 (1) Grounds of Rejection to be Reviewed on Appeal

Every ground of rejection set forth in the Office action dated 01/13/2022 from which the appeal is taken is being maintained by the examiner except for the grounds of rejection (if any) listed under the subheading “WITHDRAWN REJECTIONS.”  New grounds of rejection (if any) are provided under the subheading “NEW GROUNDS OF REJECTION.”
 
WITHDRAWN REJECTIONS
The following grounds of rejection are not presented for review on appeal because they have been withdrawn by the examiner.  In response to Terminal Disclaimer filed on 04/28/2022, the provisional non-statutory double patenting rejection has been withdrawn.

(2) Response to Argument
In the remarks, appellants argued in substance that
A:    Whether Claims 21 – 24, 26 and 33 - 39 Are anticipated under 35 U.S.C. § 102(a)(1) by U. S. Patent Application Pub. No. 2016/0147996 0147996 (Martinez).

1. 	Whether Claims 21 and 33 Are anticipated under 35 U.S.C. § 102(a)(1) by U. S. Patent Application Pub. No. 2016/0147996 (Martinez).

Appellant argues, “---Martinez fails to, however, whether cited paragraphs or otherwise, disclose a hardware root of trust boot block, and accordingly Martinez fails to disclose “the measurement is performed beginning from a hardware root of trust boot block” as recited in claim 21. The final fails to specifically identify the element of Martinez that is considered to be the hardware root of trust boot block.” [appeal brief pages 8- 10].
Both Martinez and the instant application are directed to the operation of Trusted Platform Module (TPM) to perform secure booting of a computer system.  
 The arguments presented in the Brief seems to directed to the terminology and semantics rather than the actual operation of the claims. Applicant went through great length to argue terms that are commonly use and defined by TPM technical specification. Note that Martinez indicates in para. 0015 that TPM120 is compliant with the international and points to the technical specification written by computer industry consortium, the Trusted Computing Group (TCG).   
A copy of the Trusted Platform Module Library (Part 1: Architecture published by the TCG dated Oct 30, 2014 is attached as extrinsic evidence to provide a better understanding of the terminology relating to the TPM. 	 
 Appellant argues Martinez discusses in para. [0010] and [0016] that the PCR does not store a hash of the firmware image but rather the PCR is extended with a measurement and concluded that Martinez does not teach the measurement of a firmware image from a stored location.  First, the claims does not requires that the PCR stores the hash of firmware image.  The claim simply requires a “measurement of the firmware image from a storage location.    
 Nevertheless, Martinez teaches “to further protect the integrity of the measurements, hash measurements are not directly written to PCRs, but rather a PCR is “extended” with a measurement (para. 0016) and during a subsequent boot of information handling system 100, successful booting of system 100 requires that a measurement of the current state during the boot process must match the state recorded at the TPM PCR 122”  (para. 21). Thus, as one can see the state of the recorded in the PCR is the measurement of the firmware image . It is also noted that since the Martinez’s Extend function uses a hash function to combine new data with an existing value of a digest (see section 11.4.7). The Root of Trust for Measurement (RTM) sends integrity-relevant information (measurements) to provide better protection of the measurement to Root Trust Storage(RTS) and does but the measure clearly show that this Martinez teaches measurement in relation to the PCR location. The Extend operation is a feature of the Integrity Measurement and reporting of the TPM 2.0 (see sections 9.4.1, 9.5.5, 11.4.7)  The Extend process allows the TPM to accumulate an indefinite number of measurements in a relatively small amount of memory.

As for the argument that Martinez does not disclose “the measurement is performed beginning from a hardware root of boot block”.   Martinez discusses hardware structure of the TPM 120 (par. 15) that is compliant with an international standard for a secure cryptoprocessor (TPM technical specification by the TCG) . TPM 120 can include a dedicated microprocessor designed to secure hardware and communicates with the rest of the system by using a hardware bus, such as SPI bus 106.  Martinez further discloses (par. 16) d during the boot process, TPM 120 can measure (hash) all the critical software and firmware components, including the BIOS, boot loader, and operating system kernel, before they are loaded. The TCG requires that code not be executed until after it has been measured.  
 Section 34 of the TPM specification discusses the Hardware core root of trust - A process that puts the system in a known state running known code creates the starting point for a chain of trust. A computer system reset puts the processor and chipset into a known state, and the processor (the root of trust for measurement) begins executing code provided by the platform manufacturer. This initial code is the core root of trust for measurement (CRTM). Section 9.4 of the TPM specification talks about Root of Trust for Measurement (RTM) which sends integrity-relevant information (measurements) to the RTS (Root of Trust Storage). Typically, the RTM is the CPU controlled by the Core Root of Trust for Measurement (CRTM). The CRTM is the first set of instructions executed when a new chain of trust is established. When a system is reset, the CPU begins executing the CRTM. The CRTM then sends values that indicate its identity to the RTS. This establishes the starting point for a chain of trust.    As can see, the TPM 120 of Martinez describes the parallel process and structure to perform the root of trust measurement which is the claimed “ beginning from a hardware root of boot block” 

Thus , Examiner respectfully disagrees, as Martinez’s TPM 120 performs the functions of “determining at a firmware component in a system (TPM 120, can include a microchip designed to provide basic security-related functions, i.e. firmware component), a measurement of firmware image [TMP measures (hash) all software before they are loaded into memory,  firmware image 112 store in firmware memory 112], wherein the measurement is performed beginning from a hardware root of trust boot block  [ during a boot process, TMP 120 can measure all critical software and firmware components, including BIOS, boot loader and operating system kernel before they are loaded, i.e. equivalent to boot blocks of firmware and measurement (hash) is performed from the beginning of a boot block in order to measure each component before it is loaded]” as described in para. 0015 – 0016, also 18-19 below:

 [0015]: TPM 120 is compliant with an international standard for a secure cryptoprocessor. TPM 120 can include a dedicated microprocessor designed to secure hardware by integrating cryptographic keys into devices. The TPM technical specification was written by a computer industry consortium called the Trusted Computing Group (TCG). A TPM, such as TPM 120, can include a microchip designed to provide basic security-related functions, primarily involving encryption keys. The TPM is usually installed on the motherboard of a computer, such as information handling system 100, and communicates with the rest of the system by using a hardware bus, such as SPI bus 106. TPM 120 can create cryptographic keys and encrypt them so that they can only be decrypted by TPM 120. This process, often called “wrapping” or “binding” a key, can help protect the key from disclosure. TPM 120 can provide a master “wrapping” key, called the storage root key, which is stored within the TPM itself. The private portion of a key created at TPM 120 is never exposed to any other component, software, process, or person. TPM 120 can also create a key that has not only been wrapped but is also tied to certain platform measurements. This type of key can only be unwrapped when those platform measurements have the same values that they had when the key was created. This process is called “sealing” the key to the TPM. Decrypting the key is called “unsealing.” TPM 120 can also seal and unseal data generated outside of the TPM. With this sealed key and software such as BitLocker Drive Encryption, data can be locked until specific hardware or software conditions are met. Private portions of key pairs are kept separate from the memory controlled by the operating system. Keys can be sealed to the TPM, and certain assurances about the state of a system can be made before the keys are unsealed and released for use. 

[0016]: During the boot process, TPM 120 can measure (hash) all the critical software and firmware components, including the BIOS, boot loader, and operating system kernel, before they are loaded. By making these measurements before the software runs and storing them on TPM 120, the measurements are isolated and secure from subsequent modification attempts. Measurements can be of code, data structures, configuration, information, or anything that can be loaded into memory. The TCG requires that code not be executed until after it has been measured. To further protect the integrity of the measurements, hash measurements are not directly written to PCRs, but rather a PCR is "extended" with a measurement. This means that the TPM takes the current value of the PCR and the measurement to be extended, hashes them together, and replaces the content of the PCR with that hash result. The effect is that the only way to arrive at a particular measurement in a PCR is to extend exactly the same measurements in exactly the same order. Therefore, if any module being measured has been modified, the resulting PCR measurement will be different and thus it is easy to detect if any code, configuration, data, etc. that has been measured had been altered or corrupted. A TPM_Extend command adds a new measurement to a PCR. 

[0018] Method 200 continues at block 202 where a unique random symmetric key is generated. For example, early in the boot sequence following initiation of the reboot at block 201, such as during the early pre-EFI (PEI) phase, intrinsic BIOS code included the original firmware image can check to see whether the BIOS update flag is asserted. Since the flag has been asserted, the intrinsic BIOS code generates a symmetric key that will be used to encrypt, and later decrypt, the new firmware image. The method continues at block 203 where the symmetric key is stored at a TPM, the key sealed to the current TPM PCR state. For example, early in the PEI phase, TPM 120 can perform a measurement, and store the measurement at a register of PCR 122 using a TPM_Extend command. At a future time, the key can only be extracted from TPM 120 and unsealed if system 100 is at the same PCR state.

[0019] The method continues at block 204 where the EFI hand-off block passes the symmetric key to the Driver Execution Environment (DXE) phase. A hand-off block (HOB) is a binary data structure that passes system state information from the HOB producer phase to the HOB consumer phase in the UEFI Framework architecture. HOBs are used to hand off system information in the early pre-boot stages. For example, the UEFI Framework can use an BOB to pass information from the PEI phase to the DXE phase. The method continues at block 205 where the new firmware image is encrypted using the symmetric key generated at block 202. For example, processor 102 can retrieve the new firmware image from system memory 104, encrypt the image using the symmetric key, and store the encrypted image at system memory 104. One of skill will appreciate that a portion of the new firmware image is not encrypted. In particular, intrinsic BIOS code responsible for initializing TPM 120 and system memory 104, decrypting the remaining firmware image, and the like, is not encrypted and is thereby executable during the early stages of the PEI phase of the boot sequence. In one embodiment, the portion of the new firmware image that is encrypted corresponds substantially to instructions executed during the DXE phase of the boot sequence. The method continues at block 206 where the BOB and symmetric key are deleted from memory. The method continues at block 207 where the encrypted firmware image is stored at firmware memory 110. When information handling system 100 is once again re-booted, the updated firmware stored at firmware memory 110 will be decrypted and executed, as described below with reference to FIG. 3.






Appellant further argues, “---Martinez fails to disclose, “retrieving----a pre-determined measurement of the firmware image from a storage location” and “comparing the measurement ----- with a pre-deter-mined measurement of a firmware image .” [appeal brief pages 11 – 12]. 
The examiner respectfully disagrees Martinez teaches retrieving---pre-determined measurement of the firmware image from the storage location [Fig. 3, step 302 - 306, retrieval of the symmetric key from TPM 120 requires that state measurements at the present time match the PCR state at the time that the key was originally stored at TPM 120, at block 303 where the encrypted firmware image is retrieved from firmware memory and decrypted using the symmetric key, and at block 306 where the decompressed firmware image is measured and appended to a TPM PCR, fig. 3] and comparing [match] the measurement ---with pre-determined measurement of a firmware image [successful booting of system 100 requires that a measurement of the current state during the boot process must match the state recorded at the TPM PCR 122. If the present PCR state does not match the state at the time the new firmware image was measured, further booting of information handling system 100 is disabled. If, however, the present PCR state matches the state at the time the new firmware image was measured, the method continues at block 307 where BIOS execution continues] as described in para 0020-0021.
 [0020] FIG. 3 is a flow diagram illustrating a method 300 for executing an encrypted firmware image at the information handling system of FIG. 1 according to another embodiment of the present disclosure. Method 300 begins at block 301 where a TPM and system memory is initialized during a re-boot of an information handling system. For example, early in the PEI boot stage of information handling system 100, system resources such TPM 120 and system memory 104 are initialized for operation. The method continues at block 302, where the symmetric key is retrieved from the TPM 120. As described above, retrieval and unsealing of the symmetric key from TPM 120 requires that state measurements at the present time match the PCR state at the time that the key was originally stored at TPM 120. The method continues at block 303 where the encrypted firmware image is retrieved from firmware memory and decrypted using the symmetric key. For example, processor 102 of information handling system 100 can retrieve the encrypted firmware image from firmware memory 110 and decrypt the image using the symmetric key.
[0021] At block 304, the decrypted image can be decompressed and stored at the system memory. The flow continues at block 305 where the symmetric key is cleared from system memory. Accordingly, a rogue program or unauthorized individual cannot access and decrypt the contents of firmware memory 110 without access to the symmetric key. The method continues at block 306 where the decompressed firmware image is measured and appended to a TPM PCR. For example, during a subsequent boot of information handling system 100, successful booting of system 100 requires that a measurement of the current state during the boot process must match the state recorded at the TPM PCR 122. If the present PCR state does not match the state at the time the new firmware image was measured, further booting of information handling system 100 is disabled. If, however, the present PCR state matches the state at the time the new firmware image was measured, the method continues at block 307 where BIOS execution continues, pre-boot system memory is cleared, and the operating system is initialized.
Appellant further argues, “---Martinez fails to disclose, “continuing the measurement along a chain of trust based on the hardware root of trust during boot of the system.” [appeal brief page 13].
The examiner respectfully disagrees Martinez teaches continuing the measurement along a chain of trust [steps 302 – 306] based on the hardware root of trust [the BIOS, boot loader] during boot of the system as described in para 0020-0021 below.
[0020] FIG. 3 is a flow diagram illustrating a method 300 for executing an encrypted firmware image at the information handling system of FIG. 1 according to another embodiment of the present disclosure. Method 300 begins at block 301 where a TPM and system memory is initialized during a re-boot of an information handling system. For example, early in the PEI boot stage of information handling system 100, system resources such TPM 120 and system memory 104 are initialized for operation. The method continues at block 302, where the symmetric key is retrieved from the TPM 120. As described above, retrieval and unsealing of the symmetric key from TPM 120 requires that state measurements at the present time match the PCR state at the time that the key was originally stored at TPM 120. The method continues at block 303 where the encrypted firmware image is retrieved from firmware memory and decrypted using the symmetric key. For example, processor 102 of information handling system 100 can retrieve the encrypted firmware image from firmware memory 110 and decrypt the image using the symmetric key.
[0021] At block 304, the decrypted image can be decompressed and stored at the system memory. The flow continues at block 305 where the symmetric key is cleared from system memory. Accordingly, a rogue program or unauthorized individual cannot access and decrypt the contents of firmware memory 110 without access to the symmetric key. The method continues at block 306 where the decompressed firmware image is measured and appended to a TPM PCR. For example, during a subsequent boot of information handling system 100, successful booting of system 100 requires that a measurement of the current state during the boot process must match the state recorded at the TPM PCR 122. If the present PCR state does not match the state at the time the new firmware image was measured, further booting of information handling system 100 is disabled. If, however, the present PCR state matches the state at the time the new firmware image was measured, the method continues at block 307 where BIOS execution continues, pre-boot system memory is cleared, and the operating system is initialized.
Appellant further argues, “For the similar reasons, independent claim 33 overcomes corresponding § 102 rejection” [appeal brief page 13]. 
The examiner  respectfully disagrees and does not overcome the § 102 rejection of claim 33 for the similar reason of claim 21 as explained above in point 1 under A.


2.	Whether Claim 22 Is Anticipated under 35 U.S.C. 102(a)(1) by U. S. Patent Application Pub. No. 2016/0147966 (Martinez).

Appellant argues, “Claim 22, overcomes the § 102 rejection for at least same reasons as claim 21” [appeal brief page 13]. 
The examiner  respectfully disagrees and does not overcome the § 102 rejection of claim 22 for the similar reason of claim 21 as explained above in point 1 under A.

Appellant further argues, “ TPM 120 does not however, determine a measurement of a firmware image, beginning from a hardware root of trust boot block as recited in claim 21. Moreover, Martinez fails to disclose that the TPM 120 compares a measurement of a firmware image with a pre-determined measurement of the firmware image as also recited in claim 21. Moreover, Martinez’s TPM 120 neither performs a management function, nor would one of ordinary skill in art consider a TPM to be a management processor.”. [appeal brief page 13 – 14]. 

The examiner  respectfully disagrees as TPM 120 discloses to determine a measurement of a firmware image, beginning from a hardware root of trust boot block as recited in claim 21, as explained above under point 1. Moreover, Martinez discloses TPM 120 match [compares] a measurement of a firmware image with a pre-determined measurement of the firmware image as also recited in claim 21, as explained under point 1. Martinez’s TPM 120 performs a management function [to secure hardware by integrating cryptographic keys and consider to be a management processor [TPM include a dedicated microprocessor to secure hardware by integrating cryptographic keys] as described in para 0015. 
[0015]: TPM 120 is compliant with an international standard for a secure cryptoprocessor. TPM 120 can include a dedicated microprocessor designed to secure hardware by integrating cryptographic keys into devices. The TPM technical specification was written by a computer industry consortium called the Trusted Computing Group (TCG). A TPM, such as TPM 120, can include a microchip designed to provide basic security-related functions, primarily involving encryption keys. The TPM is usually installed on the motherboard of a computer, such as information handling system 100, and communicates with the rest of the system by using a hardware bus, such as SPI bus 106. TPM 120 can create cryptographic keys and encrypt them so that they can only be decrypted by TPM 120. This process, often called "wrapping" or "binding" a key, can help protect the key from disclosure. TPM 120 can provide a master "wrapping" key, called the storage root key, which is stored within the TPM itself. The private portion of a key created at TPM 120 is never exposed to any other component, software, process, or person. TPM 120 can also create a key that has not only been wrapped but is also tied to certain platform measurements. This type of key can only be unwrapped when those platform measurements have the same values that they had when the key was created. This process is called "sealing" the key to the TPM. Decrypting the key is called "unsealing." TPM 120 can also seal and unseal data generated outside of the TPM. With this sealed key and software such as BitLocker Drive Encryption, data can be locked until specific hardware or software conditions are met. Private portions of key pairs are kept separate from the memory controlled by the operating system. Keys can be sealed to the TPM, and certain assurances about the state of a system can be made before the keys are unsealed and released for use.


3.	Whether Claims 23, 24, 26 and 34 – 39 Are Anticipated under 35 U.S.C. 102(a)(1) by U. S. Patent Application Pub. No. 2016/0147966 (Martinez).

Appellant argues, “Claims 23, 24, 26 and 34 - 39, overcomes the corresponding  § 102 rejection for at least same reasons the claims from which they depend” [appeal brief page 14]. 
The examiner  respectfully disagrees and claims 23, 24, 26 and 34 – 39 does not overcome the §102 rejection of claim 21 for the similar reason of claim 21 as explained above in point 1 under A.


B.	Whether Claim 25 Is Rendered Obvious under 35 U.S.C. § 103 as Being Unpatentable over U.S. Patent Application Pub. No. 2016/0147996 (Martinez) in View of U. S. Patent Application Pub. No. 2016/0350536 (Grimes).

Appellant argues, “Claim 25, overcomes the § 103 rejection for at least same reasons as claim 21” [appeal brief page 14]. 
The examiner respectfully disagrees and does not overcome the § 103 rejection under 35 U.S.C. 103 35 U.S.C. for the similar reason of claim 21 as explained above in point 1 under A.


C.	Whether Claims 27 – 32 are Rendered Obvious under 35 U.S.C. § 103 as Being Unpatentable over U.S. Patent Application Pub. No. 2016/0147996 (Martinez) in View of U. S. Patent Application Pub. No. 2017036485 (Shah).
1.	Whether Claim 27 Is Rendered Obvious under 35 U.S.C. § 103 as Being Unpatentable over U.S. Patent Application Pub. No. 2016/0147996 (Martinez) in View of U. S. Patent Application Pub. No. 2017036485 (Shah).


Appellant argues, “Claim 27, overcomes the § 103 for at least the reason that Martinez fails to disclose or render obvious several elements of the claim, for at least the reasons that are discussed above in claim 21” [appeal brief page 15]. 
The examiner respectfully disagrees and does not overcome the § 103 rejection for the similar reason of claim 21 as explained above in point 1 and similar reason of claim 22 as explained above in point 2.

Appellant further argues, “Although on page 20, the final office action, in summarization of the 103 rejections of claims 27 – 32, states that these claims are rejected as being unpatentable over Martinez in view of Shah, the Final Office Action appears to rely on Vea (US Patent Application Pub, No. 20170109817) instead of Shah in the 103 rejections.”
The examiner agrees with applicant, it’s typographical error, and summarization of the 103 rejection of claims 27 – 32, should states these claims are rejected as being unpatentable over Martinez in view of Vea (US Patent Application Pub, No. 20170109817) [cited in PTO – 892].

Appellant further argues, “Vea fails to cure the deficiency of Martinez as in para 0034 and 0074. And no plausible reason has been advanced by the Final Office Action to explain why one of ordinary skill in art would have otherwise derived these  elements, absent impermissible hindsight gleaned solely from the preset application.”

The examiner respectfully disagrees as Martinez teaches all the limitations of claim 27 as explained in Final Office Action and explained above under point 1, and also motivation is given in Final Office Action why one of ordinary skill in art would have otherwise derived these elements. Martinez teaches retrieve a pre-determined measurement of the firmware image from a remote database [UEFI provide extension of platform firmware by loading UEFI driver to access from remote , para 0010, 0013, 0019]. However, Martinez’s retrieve a pre-determined measurement of the firmware image fails to teach explicitly from a whitelisted database.
However, Vea teaches in the same filed of endeavor a system and method including validating and authenticating the SMS message by checking whitelisted database [80 whitelisted database, para 0034,0079, fig. 2].
Therefore, it would have been obvious to one of ordinary skill in the art, having the teachings of Martinez and Vea before the effective filing date of the claimed invention, to combine and modify/include the remote storage as disclosed by Martinez to include a whitelisted database as taught by Vea in order to obtain system and method to validate and authenticate the request sent by checking the whitelisted database [para 0079]. 
One of ordinary skill in the art wanted to be motivated to modify/include the remote storage as disclosed by Martinez to include a whitelisted database in order to obtain system and method to validate and authenticate the request sent by checking the whitelisted database [para 0079].
2.	Whether Claim 28 Is Rendered Obvious under 35 U.S.C. § 103 as Being Unpatentable over U.S. Patent Application Pub. No. 2016/0147996 (Martinez) in View of U. S. Patent Application Pub. No. 2017036485 (Shah).

Appellant argues, “Claim 28, overcomes the corresponding rejection § 103 for at least the same reasons as claim 27 as discussed above. [appeal brief page 15]. 
The examiner respectfully disagrees and does not overcome the § 103 rejection for the similar reason of claim 27 as explained above in point 1 under C. 
Appellant further notes, “---on page 20, the Final Office Action, claim 28 is rejected as being unpatentable over Martinez in view of Shah. The Final Office Action appears to rely on Vea (US Patent Application Pub, No. 20170109817) instead of Shah in the 103 rejection of claim 28.”
The examiner agrees with applicant, it’s typographical error, and summarization of the 103 rejection of claims 27 – 32, should states these claims are rejected as being unpatentable over Martinez in view of Vea (US Patent Application Pub, No. 20170109817) [cited in PTO – 892].

Appellant further argues, “The Final Office Action fails to identify the alleged remote server management processor of system 20”, and, “why one of ordinary skill in art would have modified server in financial services application that is discussed in accessing a firmware image, determining a measurement of a firmware image beginning from a hardware root of trust boot block, storing the measurement, retrieving a predetermined of firmware image, comparing the measurement of firmware image with the pre-determined measurement of firmware image or performing an action as recited in claim 27.”
The examiner respectfully disagrees as Martinez in view of Vea teaches all the limitations of claim 27 as explained in Final Office Action and explained above under point 1 under C. Martinez teaches retrieve a pre-determined measurement of the firmware image from a remote database [UEFI provide extension of platform firmware by loading UEFI driver to access from remote , para 0010, 0013, 0019], and Vea teaches a system [20] including Savings and Loan server [40, SLS includes a processor] in data communication with the communication server and whitelist database [80] [para 0053, 0057, fig. 2]. Additionally, Vea is not relied upon to teach argued limitations accessing a firmware image, determining a measurement of a firmware image beginning from a hardware root of trust boot block, storing the measurement, retrieving a predetermined of firmware image, comparing the measurement of firmware image with the pre-determined measurement of firmware image or performing an action.  As stated in final office action, “One of ordinary skill in the art wanted to be motivated to modify/include the remote storage as disclosed by Martinez to include a whitelisted database in order to obtain system and method to validate and authenticate the request sent by checking the whitelisted database [para 0079]”.  

3.	Whether Claim 32 Is Rendered Obvious under 35 U.S.C. § 103 as Being Unpatentable over U.S. Patent Application Pub. No. 2016/0147996 (Martinez) in View of U. S. Patent Application Pub. No. 2017036485 (Shah).

Appellant argues, “Claim 32, overcomes the § 103 rejection for the same reasons as claim 27 as discussed above. [appeal brief page 17]. 
The examiner respectfully disagrees and does not overcome the § 103 rejection for the similar reason of claim 27 as explained above in point 1 under C. 
Appellant further argues, “Martinez fails to disclose or render obvious disabling a particular firmware component associated with the firmware image associated with the firmware image, as set forth in claim 32. Martinez fails to disclose or render obvious disabling a firmware component [further booting is disabled] associated with one of these states if states differ [if present PCR state does not match the state at the time the new firmware image was measured].” [appeal brief page 18]. 
The examiner respectfully disagrees as Martinez teaches the action includes disabling a firmware component associated with the firmware image as described in para 0021.
 [0021] At block 304, the decrypted image can be decompressed and stored at the system memory. The flow continues at block 305 where the symmetric key is cleared from system memory. Accordingly, a rogue program or unauthorized individual cannot access and decrypt the contents of firmware memory 110 without access to the symmetric key. The method continues at block 306 where the decompressed firmware image is measured and appended to a TPM PCR. For example, during a subsequent boot of information handling system 100, successful booting of system 100 requires that a measurement of the current state during the boot process must match the state recorded at the TPM PCR 122. If the present PCR state does not match the state at the time the new firmware image was measured, further booting of information handling system 100 is disabled. If, however, the present PCR state matches the state at the time the new firmware image was measured, the method continues at block 307 where BIOS execution continues, pre-boot system memory is cleared, and the operating system is initialized. 


4.	Whether Claims 29 – 31 and 40 Are Rendered Obvious under 35 U.S.C. § 103 as Being Unpatentable over U.S. Patent Application Pub. No. 2016/0147996 (Martinez) in View of U. S. Patent Application Pub. No. 2017036485 (Shah).

Appellant argues, “Claim 29 – 31 and 40, overcomes the corresponding 35 U.S.C. § 103 rejection for the same reasons as claim 27 as discussed above. [appeal brief page 19]. 
The examiner respectfully disagrees and does not overcome the rejection of claims 29 – 31 and 40 under 35 U.S.C. § 103 35 U.S.C. for the similar reason of claim 27 as explained above in point 1 under C. 


For the above reasons, it is believed that the rejections should be sustained.

Requirement to pay appeal forwarding fee.  In order to avoid dismissal of the instant appeal in any application or ex prate reexamination proceeding, 37 CFR 41.45 requires payment of an appeal forwarding fee within the time permitted by 37 CFR 41.45(a), unless appellant had timely paid the fee for filing a brief required by 37 CFR 41.20(b) in effect on March 18, 2013.

Respectfully submitted,

/NITIN C PATEL/Primary Examiner, Art Unit 2186                                                                                                                                                                                                        

Conferees:

/Paul Yen/Primary Examiner, Art Unit 2186                                                                                                                                                                                                        


/KIM HUYNH/             Supervisor Patent Examiner, Art Unit 2186