DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Priority
Acknowledgment is made of applicant’s claim for foreign priority under 35 U.S.C. 119 (a)-(d). The certified copy has been filed in parent Application No. CN202010465293.6, filed on May 28, 2020.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on December 16, 2020 is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Specification
The disclosure is objected to because of the following informalities: 
In page 4, lines 8-9, “a trusted-end application” does not match the item “Trusted application in Fig. 1.
Appropriate correction is required.

Claim Objections
Claim 4 is objected to because of the following informalities: 
In claim 4, line 2, “authorization, comprising ~ ” should be read as “authorization comprising ~”. 
Appropriate correction is required

Claim Rejections - 35 USC § 112
The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.

The following is a quotation of the first paragraph of pre-AIA  35 U.S.C. 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention.

Claims 5 and 8 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement. The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA  35 U.S.C. 112, the inventor(s), at the time the application was filed, had possession of the claimed invention.

Regarding claim 5, the claim recite, “the TEE is able to manage websites simply by taking a picture or copying the websites to a management system”. 
The BRI of the language is that somehow manage websites as recited in the claim. There is no disclosure in the specification what is “to manage websites” and “taking a picture or copying the websites to a management system” and how to manage websites by taking a picture or copying the websites to a management system. The specification does not indicate that the inventor had possession of the details of what is the “to manage websites” and “taking a picture or copying the websites to a management system” and how “simply taking a picture or copying the websites to a management system” makes the TEE be able to “manage websites” as claimed. The specification is silent as to what effect the inventor desires to be obtained by maintaining the “to manage websites simply by taking a picture or copying the websites to a management system“. Thus, the claim limitation covers all ways of the “to manage websites simply by taking a picture or copying the websites to a management system“ and the specification does not provide support for such a broad genus limitation.
An original claim may lack written description when the claim defines the invention in functional language specifying a desired result but the specification does not sufficiently identify how the inventor has devised the function to be performed or result achieved. There is no description in the specification as to what is the “to manage websites” and “taking a picture or copying the websites to a management system” and to how the “to manage websites simply by taking a picture or copying the websites to a management system” is maintained. Simply restating in the specification, the desired result or function recited in the claim is not sufficient.
Furthermore, as in MPEP 2161.01 (I),  "The description requirement of the patent statute requires a description of an invention, not a generic or functional language indicating a result that one might achieve if one made that invention." It is not enough that one skilled in the art  could achieve the claimed function because the specification must demonstrate that the applicant has made a generic invention that achieves the claimed result and do so by showing that the applicant has invented species sufficient to support a claim to the functionally-defined genus.

Regarding claim 8, the claim recite, “data in a security zone is synchronized through an encrypted point-to-point channel in device replacement, backup, or addition scenarios”. 
The BRI of the language is that somehow synchronize data in a security zone under the recited addition scenarios in the claim. There is no disclosure in the specification what is addition scenarios. The specification does not indicate that the inventor had possession of the details of what is the “addition scenarios” as claimed. The specification is silent as to what effect the inventor desires to be obtained by maintaining the addition scenarios. Thus, the claim limitation covers all ways of the addition scenarios and the specification does not provide support for such a broad genus limitation.
An original claim may lack written description when the claim defines the invention in functional language specifying a desired result but the specification does not sufficiently identify how the inventor has devised the function to be performed or result achieved. There is no description in the specification as to what is the addition scenarios and to how the addition scenarios is maintained. Simply restating in the specification, the desired result or function recited in the claim is not sufficient.
Furthermore, as in MPEP 2161.01 (I),  "The description requirement of the patent statute requires a description of an invention, not a generic or functional language indicating a result that one might achieve if one made that invention." It is not enough that one skilled in the art  could achieve the claimed function because the specification must demonstrate that the applicant has made a generic invention that achieves the claimed result and do so by showing that the applicant has invented species sufficient to support a claim to the functionally-defined genus.

The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claim 1-8 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.

Claims 1. 2, and 7 recite the limitation “strong password” which is a relative term and renders the claim indefinite, respectively. The term “strong” is not defined by the claim, the specification does not provide a standard for ascertaining the requisite degree, and one of ordinary skill in the art would not be reasonably apprised of the scope of the invention. There is nothing in the specification for any indication as to what range is covered by the term "strong” to define “a strong password”. Thus, the specification lacks some standard for measuring the degrees intended.

Claims 4, 6, and 7 recite the limitation “but not limited to” which rends the claim indefinite. The phrase “but not limited to” renders the claim(s) indefinite because the element delineates the boundaries of the protected subject matter unclearly and makes the scope unclear.  See MPEP § 2173.04.

Claim 6 recites the limitation “the computer management system”. There is insufficient antecedent basis for this limitation in the claim, because claim 6 and claim 1, on which the claim 6 depends, recite no “computer management system”. 

Claim 8 recites the term “or addition scenarios” which is an ambiguous term that renders the claim indefinite.  The phrase "or addition scenarios” renders the claim(s) indefinite because the claim(s) include(s) elements not actually disclosed (those encompassed by "addition scenarios"), thereby rendering the scope of the claim(s) unascertainable.  See MPEP § 2173.05(d).

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


Claim(s) 1-3 and 5-6 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by  Varadarajan et al.  (U.S. PG Publication No. 2017/0118215, hereinafter " Varadarajan ").

Regarding claim 1, Varadarajan discloses a trusted execution environment (TEE)-based password management method [Abstract; operations for generating a password, storing or updating existing passwords, and replacing web browser input fields with secure data], comprising: 
a) when receiving a request for entering a password from an application [[0043] A user accesses the registration page of a URL in a web browser, such as a banking website (operation 510). The user inputs (e.g. types) the User ID information, and may enter values to various other fields into a fillable web form. The user then requests auto-generation of the password field within the website (e.g., using features of the browser), and submits the registration form (operation 520).], sending the request to a TEE for processing [[0044] A request is sent to a password manager (operating in a secure enclave) from the browser renderer process through the IPC manager (operation 530).]; 
b) creating, by the TEE, a strong password for an account of the application [[0044] The password manager, operating in a secure enclave, generates a random password and seals the password to the secure enclaves (operation 540), and sends a one-time code (OTC) token to the browser renderer process (operation 550).]; and 
c) storing a correspondence between the application and the account in a hardware security zone, and returning a stored account list for a user to select upon application login [[0044] The password manager, operating in a secure enclave, generates a random password and seals the password to the secure enclaves (operation 540), and sends a one-time code (OTC) token to the browser renderer process (operation 550).; [0045] If the registration is successful, the newly generated sealed password may be maintained (e.g., persisted in storage memory) within a password database (operation 580).].  

Regarding claim 2, Varadarajan discloses the method of claim 1, wherein the method further comprises: 
creating, by the application, a new strong password for the account in the TEE [[0038] In an example, instead of sending the clear password to a renderer process 316 via an IPC manager 344 for inclusion in the web application, the password manager 346 generates a One-Time Code (OTC) token 322 to substitute as the password and communicates this OTC token 322 to the renderer process 316 via the IPC manager 344.], wherein application-account binding information is stored in a trust zone [[0039] In an example used for the access of a stored password, the renderer process 316 fills the password field on the web application 314 with the OTC token 322, so that when a user submits the form in the browser rendered output 310, the OTC token 322 is communicated to the SSL manager 342. The SSL manager 342 exchanges the OTC token 322 for the actual password through a secure channel with the secure enclave operating the password manager 346, and then the SSL manager 342 communicates the actual password in the TLS encrypted session with the web server 312. Thus, the password is never accessible in the clear in any untrusted portions of the browser 302, increasing the security of user data.], and registration of a plurality of new accounts and passwords is supported.  

Regarding claim 3, Varadarajan discloses the method of claim 1, wherein when the application requests login, a plurality of bound registered accounts are retrieved in the TEE and returned, and a user selects an account for login [[0052] The user then submits the login form, using the login form control on the website (operation 740). A request is sent from the renderer process to the SSL manager through the IPC manager, and the SSL manager requests the actual password value from the password manager for the given OTC token (operation 750).; [0053] The password manager, operating in a secure enclave, looks up the securely stored password and verifies its integrity (operation 760).; [0051] First, a user accesses the login page of a URL for which there is a saved password (operation 710) (e.g., created and saved with the data flows of FIG. 5 or saved with the data flows of FIG. 6 described above). The user inputs (e.g., types) the User ID information or selects the applicable identifier (operation 720).].

Regarding claim 5, Varadarajan discloses the method of claim 1, wherein in addition to managing accounts of local applications, the TEE is able to manage websites simply by taking a picture or copying the websites to a management system [[0113] In Example 33, the subject matter of any one or more of Examples 23-32 optionally include wherein the storage memory persists the sensitive data for a website of the remote service, the sensitive data including a password value associated with a website uniform resource locator (URL) and a user identifier, wherein the password value is stored in the storage memory within a binary object sealed by code executing within the secure enclave, the binary object including a password for the website and a verification hash, the verification hash based on the website URL, the user identifier, and the password.].  

Regarding claim 6, Varadarajan discloses the method of claim 1, wherein a trusted device is also used to manage other devices without a TEE, comprising but not limited to computers [[0054] In addition to the operations of interacting with a website, other operations may be enabled to allow the access and viewing of sensitive data on the local computer.]; 
the trusted device is connected to a computer through an encrypted point-to-point channel [[0056] The password manager sets up a secure channel with an output device using output protection technologies such as Protected Audio Video Path (PAVP) or Threadville-Display (operation 820).]; 
a computer-end management system transmits an application ID or a URL [[0056] First, the "saved passwords" web app sends a "show password" request to the password manager operating in a secure enclave (operation 810).]; 
after TEE authorization succeeds [[0059] Such trusted input verifications may be combined with the techniques described herein to ensure that a human user is responsible for password generation and access activities.], the trusted device registers or retrieves a corresponding account and returns it to the computer [[0058]  The previously described techniques may be modified to establish a secure communication with the online password management service, which then retrieves and forwards a copy of a secure password, using code running in a secure enclave.]; and 
The machine may be an personal computer (PC), a tablet PC, a hybrid tablet/notebook PC, a personal digital assistant (PDA), a mobile telephone or smartphone, or any machine capable of executing instructions (sequential or otherwise) that specify actions to be taken by that machine.].  
Varadarajan does not appear to explicitly disclose that the computer management system performs automatic login. However, it is obvious to one ordinary skilled in art that the computer management system performs automatic login based on the autofill password. [[0038] In an example, when the web application 314 that is rendered by the renderer process 316 of the browser 302 (being rendered to the output device 320) requests a password for autofill purposes, the password record from the password database 330 is read, integrity verified, and decrypted within the secure enclave operating the password manager 346, thus, conducting all sensitive operations within a trusted execution environment.] 

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


Claims 4 and 7 are rejected under 35 U.S.C. 103 as being unpatentable over Varadarajan in view of Prasad et al. (US PG Publication No. 2020/0372513 A1, hereinafter “Prasad”).

Regarding claim 4, Varadarajan discloses the method of claim 1, wherein a password operation involving the TEE requires user authorization [[0059] Additionally, in other examples, the presently disclosed authentication techniques may be used in combination with authentication techniques such as biometric verification, physical presence verification, communications from secure input devices, and communication to secure output devices.], master password]; and 
the password operation is rejected if authentication fails [[0040] In some existing browsers, a "master password" or other user credentials may be required to access a password manager, requiring the user to enter the master password to enable the retrieval and use of saved passwords.].
Varadarajan,  however, does not appear to explicitly disclose that the user authentication comprises but not limited to fingerprint recognition, iris recognition, and face recognition module. 
However, Prasad discloses that the user authentication comprises but not limited to fingerprint recognition, iris recognition, face recognition module, and a super password input [Fig. 4, item 422, device authenticators; [0057] The operating system TEE components 420 of electronic device 400 include device authenticator trusted apps 422 that collect user authentication data such as by controlling and receiving inputs from any of the sensors 280 illustrated with respect to FIG. 2 [0057] The user authentication data can include biometric data such as fingerprints, iris images, facial images, and others. The user authentication data can include gatekeeper data such as PINs, passcodes, patterns, and others.].  
Varadarajan and Prasad are both considered to be analogous to the claimed invention because they are in the same field of data security. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the biometric verification taught by Varadarajan to incorporate the teachings of Prasad, fingerprints, iris images, facial images, and others, since both systems store sensitive information in the trust storage of a trust execution environment (TEE) and  utilize biometric verification to enable the retrieval and use of saved passwords. The motivation to do so is to securely use the sensitive information,  (obvious to one skilled in the art). 

Regarding claim 7, Varadarajan discloses a TEE-based password management system [Abstract; system configurations for maintaining, accessing, and utilizing secure data of a web browser in a hardware-managed secure data store], comprising: 
a) a generation module [Fig. 10, item 1004, sensitive data manger component], configured to receive a request for generating a password from a TEE, and randomly generate a strong password for an account, wherein the generation module is connected to a storage module [[0068] The sensitive data manager component 1004 (e.g., a password manager component) may be used, for example, to seal and persist sensitive data to the data storage component 1012, as the sensitive data manager component 1004 operates and seals the data within the trusted execution component 1014 (e.g., a TEE).]; 
b) the storage module [Fig. 10, item 1012, data storage component], configured to receive application information and account information, and store them in a hardware security zone in pairs [[0067] a data storage component 1012 used for securely storing data for the trusted environment.; [0034] In some examples, the password database 330 may be configured to store other sensitive information (e.g., user information) in addition to a URL, User ID, and password value.], wherein the storage module is connected to the generation module, an output module, and 
6c) the output module [Fig. 10, item 1002, secure data communication component], configured to receive the application information, retrieve a corresponding account in the storage module, and return it to a requester application after authentication [0068] The secure data communication component 1002, also operating within the trusted execution component 1014, may be used to securely transmit the sensitive data from the trusted execution component 1014 to the remote service using an encrypted connection.]; 
d) the authentication module, connected to the storage module, wherein all read and write operations on the storage module need to be authenticated [[0040] In some existing browsers, a "master password" or other user credentials may be required to access a password manager, requiring the user to enter the master password to enable the retrieval and use of saved passwords.; [0059] Additionally, in other examples, the presently disclosed authentication techniques may be used in combination with authentication techniques such as biometric verification, physical presence verification, communications from secure input devices, and communication to secure output devices],
Varadarajan,  however, does not appear to explicitly disclose that the authentication module comprises but is not limited to a fingerprint authentication module, an iris authentication module, a face recognition module, and a super password input module in a mobile phone. 
However, Prasad discloses that the authentication module comprises but is not limited to a fingerprint authentication module, an iris authentication module, a face recognition module, and a super password input module in a mobile phone [Fig. 4, item 422, device authenticators; [0057] The operating system TEE components 420 of electronic device 400 include device authenticator trusted apps 422 that collect user authentication data such as by controlling and receiving inputs from any of the sensors 280 illustrated with respect to FIG. 2 [0057] The user authentication data can include biometric data such as fingerprints, iris images, facial images, and others. The user authentication data can include gatekeeper data such as PINs, passcodes, patterns, and others.; [0058] In some cases, device authenticator trusted apps include a gatekeeper subsystem that performs device PIN, pattern, or password authentication in the TEE. One non-exclusive example of an operating system that can be used to implement the operating system TEE components 420 described herein is the ANDROID operating system and its variations.].  
Varadarajan and Prasad are both considered to be analogous to the claimed invention because they are in the same field of data security. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the biometric verification taught by Varadarajan to incorporate the teachings of Prasad, fingerprints, iris images, facial images, and others, since both systems store sensitive information in the trust storage of a trust execution environment (TEE) and  utilize biometric verification to enable the retrieval and use of saved passwords. The motivation to do so is to securely use the sensitive information,  (obvious to one skilled in the art). 

Claim 8 is rejected under 35 U.S.C. 103 as being unpatentable over Varadarajan in view of Prasad further in view of Li et al. (US 2019/0392417, hereinafter “Li”).
Regarding claim 8, Varadarajan in view of Prasad, discloses the system of claim 7 as outlined above. However, the combination of Varadarajan and Prasad, does not appear to explicitly discloses wherein the system further supports point-to-point interconnection between storage modules of two different trusted devices; when both parties are authenticated by authentication modules, data in a security zone is synchronized through an encrypted point-to-point channel in device replacement, backup, or addition scenarios.
However, Li discloses wherein the system further supports point-to-point interconnection between storage modules of two different trusted devices [[0100] 402. The first terminal establishes a peer-to-peer wireless communication connection to a second terminal.]; and when both parties are authenticated by authentication modules [[0104] It should be noted that the first terminal may first obtain a verification credential and a first terminal certificate before sending the request for obtaining bank card data to the second terminal. The verification credential may include a service credential and an identity credential.; [0109] It should be noted that, before sending the bank card data to the first terminal, the second terminal needs to perform verification on the verification credential and/or the first terminal certificate.], data in a security zone is synchronized through an encrypted point-to-point channel in device replacement, backup, or addition scenarios [[0102] 403. The first terminal sends a request for obtaining bank card data to the second terminal.; [0107] 405. The second terminal sends the bank card data to the first terminal.  It should be noted that after the user binds the physical bank card to the second terminal to generate the virtual bank card for the first time, with user permission and/or authentication, the backup data is generated in the second terminal, and the backup data is stored by using secure hardware (such as trusted storage space of a TEE or storage space of an eSE) in a protected operating environment of the second terminal.].
Varadarajan and Li are both considered to be analogous to the claimed invention because they are in the same field of data security. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Varadarajan to incorporate the teachings of Li since both system generate and store sensitive data in trusted storage space of a trust execution environment (TEE). The combination establishes systems and methods for providing confidentiality and privacy of user data, allowing the sensitive data stored in the trusted storage space to be backed up without re-entering the sensitive data and user experience to be effectively improved.  [Li, [0117] In this embodiment of this application, the first terminal obtains the bank card data of the related bank card account information from the second terminal through the peer-to-peer wireless communication connection to the second terminal, and binds a physical bank card to the first terminal by using the bank card data, to generate a virtual bank card. Therefore, the user does not need to enter the bank card account information on the first terminal in a non-automatic manner to perform card issuing, so that user operation steps are simplified, and user experience is effectively improved.]

	Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JEONGSOOK YI whose telephone number is (571) 272-9407. The examiner can normally be reached Monday-Friday 8:00 am -5:00 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jorge Ortiz-Criado can be reached on (571)272-7624. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




/J.Y./Examiner, Art Unit 2496                                                                                                                                                                                                        
/JORGE L ORTIZ CRIADO/Supervisory Patent Examiner, Art Unit 2496