DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Priority
Acknowledgment is made of applicant’s claim for foreign priority under 35 U.S.C. 119 (a)-(d). The certified copy has been filed in parent Application No. 15/535,552, filed on June 13, 2017.

Information Disclosure Statement
The information disclosure statements filed February 22, 2021 and March 3, 2021 have been placed in the application file and the information referred to therein has been considered as to the merits.

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Claims 1-19 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-12, and 14-20 of U.S. Patent No. 10,929,540. Although the claims at issue are not identical, they are not patentably distinct from each other because the claims of the instant application are directed towards subject matter related to patented ‘540 claims in that claims of the ‘540 patent contain all of the limitations of the instant application. The ‘540 patented claims are directed towards a method and apparatus for providing trusted updates through a certified child object. The claimed permission list in the instant application is equivalent to the whitelist in the patent. Also the claimed executable in the instant application is equivalent to the update in the patent. Claims 1-19 of the instant application therefore are not patentably distinct from the earlier filed ‘540 patented claims, and as such, is unpatentable for obvious-type double patenting.
Claim 20 is rejected on the ground of nonstatutory double patenting as being unpatentable over claim 15 of U.S. Patent No. 10,929,540. Although the claims at issue are not identical, they are not patentably distinct from each other because the claims of the instant application are directed towards subject matter related to patented ‘540 claims in that claims of the ‘540 patent contain all of the limitations of the instant application. The ‘540 patented claims are directed towards a method and a non-transitory computer readable medium for providing trusted updates through a certified child object. It would have been obvious to one ordinary skill in the before the effective filing date of the claimed invention to substitute one statutory class of an invention for another which would not affect the outcome of the claimed invention. Claim 20 of the instant application therefore is not patentably distinct from the earlier filed ‘540 patented claim, and as such, is unpatentable for obvious-type double patenting.

US application – 17181506
1. A computing apparatus, comprising: a hardware platform comprising a processor and a memory; and instructions encoded within the memory to instruct the processor to: 
provide a permission list; 
allocate an executable, the executable to have permissions according to the permission list; designate a child object of the executable; allocate a certificate for the child object; and after a system reboot, grant the child object permissions of the executable after validating the certificate.








2. The computing apparatus of claim 1, wherein the instructions are further to query a certificate authority to determine that the certificate is valid.
3. The computing apparatus of claim 1, wherein the instructions are further to assign a common certificate to a plurality of files created or imported by the executable.
4. The computing apparatus of claim 3, wherein the instructions are further to grant permission to the plurality of files having a common certificate to modify one another. 
5. The computing apparatus of claim 1, wherein the permission list is to provide permissions specific to the executable.
6. The computing apparatus of claim 1, wherein the instructions are further to allocate a trusted file set, the trusted file set comprising a set of files identified by the permission list as belonging to a common workflow of the executable.
7. The computing apparatus of claim 1, wherein the instructions include instructions to run at least partially as a system management agent.
8. The computing apparatus of claim 1, wherein the instructions are to run at least partially with elevated privileges.
9. The computing apparatus of claim 1, wherein the instructions are to execute at least partially within a kernel module.
10. The computing apparatus of claim 1, wherein the permission list provides systemwide permissions.
11. The computing apparatus of claim 1, wherein the instructions are to provide permissions, according to the certificate, to execute any binary object on the computing apparatus, including binary objects not listed in the permission list.
12. One or more tangible, non-transitory computer-readable storage media, comprising instructions to: allocate an object permission data structure; assign to an updater object permissions from the object permission data structure, the permissions including permission to operate on a set of files; propagate the permissions to a child object of the updater object; assign the child object a cryptographically-verifiable certificate; and after the updater object and child object have terminated, verify the certificate and re-assign the permissions to the child object.




13. The one or more tangible, non-transitory computer-readable storage media of claim 12, wherein the instructions are further to query a certificate authority to determine that the certificate is valid.
14, The one or more tangible, non-transitory computer-readable storage media of claim 12, wherein the instructions are further to assign a common certificate to a plurality of files created or imported by the updater object.
15. The one or more tangible, non-transitory computer-readable storage media of claim 14, wherein the instructions are further to grant permission to the plurality of files having a common certificate to modify one another.
16. The one or more tangible, non-transitory computer-readable storage media of claim 12, wherein the permission data structure is to provide permissions specific to the updater object.
17. The one or more tangible, non-transitory computer-readable storage media of claim 12, wherein the instructions are further to allocate a trusted file set, the trusted file set comprising a set of files identified by the permission data structure as belonging to a common workflow of the updater object.
18. A computer-implemented method of providing inheritable permissions, comprising: allocating an updater binary, the updater binary to update an executable object;  assigning permissions to the updater binary, including permissions to operate on a set of files; allocating a child of the updater binary; associating a certificate with the child; assigning the permissions to the child as inherited permissions; and after a system reset event, causing the child to re-inherit the inherited permissions upon validating the certificate.

19. The method of claim 18, further comprising querying a certificate authority to determine that the certificate is valid.
20. The method of claim 18, further comprising assigning a common certificate to a plurality of files created or imported by the executable object.

US patent – 10,929,540
1. A computing apparatus, comprising: a hardware platform comprising a processor and a memory; 


a whitelist; 
an updater, the updater being an executable object authorized to modify files within the whitelist and to launch one or more child processes; and instructions encoded within the memory to provide a system management agent to: maintain a chain of trust between the one or more child processes and the updater, wherein the one or more child processes inherit whitelist permissions associated with the updater; and track the chain of trust across a system reboot, comprising granting a child process the chain of trust after a reboot only if the child process has associated with it a valid certificate.

2. The computing apparatus of claim 1, wherein the certificate is valid only if it is signed by a trusted certificate authority.

3. The computing apparatus of claim 1, wherein maintaining the chain of trust comprises tracking files created or imported by a trusted executable and sharing a common certificate.
4. The computing apparatus of claim 1, wherein the system management agent is further to permit files within a common chain of trust to modify one another.

5. The computing apparatus of claim 1, wherein the whitelist is specific to the updater.

6. The computing apparatus of claim 1, wherein the instructions are further to allocate a trusted file set, the trusted file set being a subset of the whitelist belonging to a common workflow with the updater.
7. The computing apparatus of claim 1, wherein the updater is a system management agent.

8. The computing apparatus of claim 1, wherein the updater is to run with elevated privileges.
9. The computing apparatus of claim 1, wherein the updater is a kernel module.
10. The computing apparatus of claim 1, wherein the whitelist is a system-wide whitelist.
11. The computing apparatus of claim 1, wherein the updater is further authorized to execute any binary executable object on the computing apparatus, including binary executable objects not on the whitelist.

12. One or more tangible, non-transitory computer-readable media having stored thereon executable instructions to: associate a whitelist with an authorized updater process, the whitelist including a list of files that the authorized updater process and its descendant processes are authorized to modify; assign the updater process inheritable authority to launch child processes in a chain of trust; maintain the chain of trust when the authorized updater or a descendant of the authorized updater launches a process; and upon an invalidating event that invalidates the chain of trust, re-establish the chain of trust after establishing that a process in the chain of trust attempting to re-establish activity has a valid certificate for the chain of trust.
14. The one or more tangible, non-transitory computer-readable media of claim 12, wherein the certificate is valid only if it is signed by a trusted certificate authority.

15. The one or more tangible, non-transitory computer-readable media of claim 12, wherein maintaining the chain of trust comprises tracking files created or imported by a trusted executable and sharing a common certificate.
16. The one or more tangible, non-transitory computer-readable media of claim 12, wherein the instructions are further to permit files within a common chain of trust to modify one another.


17. The one or more tangible, non-transitory computer-readable media of claim 12, wherein the whitelist is specific to the authorized updater.


18. The one or more tangible, non-transitory computer-readable media of claim 12, wherein the instructions are further to allocate a trusted file set, the trusted file set being a subset of the whitelist belonging to a common workflow with the updater.

19. A computer-implemented method, comprising: associating a whitelist with an updater process, wherein the updater process has inheritable permissions, including permission to modify files in the whitelist; maintaining a chain of trust for the updater process, wherein direct or indirect child processes of the updater process inherit the permissions of the updater process; detecting a reboot event that breaks the chain of trust; and re-establishing the chain of trust after determining that a process attempting to resume execution is a direct or indirect child of the updater process, and has a valid certificate.
20. The method of claim 19, wherein the certificate is valid only if it is signed by a trusted certificate authority.

15. The one or more tangible, non-transitory computer-readable media of claim 12, wherein maintaining the chain of trust comprises tracking files created or imported by a trusted executable and sharing a common certificate


Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MATTHEW B SMITHERS whose telephone number is (571)272-3876. The examiner can normally be reached 8:00-4:00 (Teleworking).
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kristine Kincaid can be reached on 571-272-4063. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/MATTHEW SMITHERS/
Primary Examiner
Art Unit 2437