DETAILED ACTION

Response to Arguments
Applicant's arguments ("REMARKS") filed May 4, 2022 have been fully considered, and they are partially persuasive. However, upon further consideration, a new ground of rejection has been issued.
Claims 1-20 are currently pending. Claims 1, 12, and 20 were amended. Claims 1, 12, and 20 are independent.  

Re: Amendments to the Specification
Amendments to the Specification, described on p.2 of the REMARKS, have been received and entered. 

Re: Rejection of claims under 35 U.S.C. 103
Applicant’s arguments, on pp. 8-9 of the REMARKS, in response to the rejection of the claims under 35 U.S.C. §103 with respect to Smith et al., US 2020/0374700 A1 (hereinafter, “Smith ‘700”), Nord et al., US 2014/0164774 A1 (hereinafter, “Nord ‘774”), Jefferies et al., (hereinafter, “Jefferies ‘639”), and Hollis et al., US 8,874,685 (hereinafter, “Hollis ‘685”) have been fully considered and are partially persuasive. Specifically, Applicant argues that:
Smith ‘700 in view of Nord ‘774 fails to disclose certain limitations in claims 1, 12, and 20 as amended. Particularly, Applicant argues that Smith ‘700 and Nord ‘774 does not teach or suggest ‘encrypting and decrypting a signature portion or a SWID portion’, where ‘Nord ‘774 only discloses encrypting data using multiple keys and then using those keys to decrypt portions of the encrypted data’, and where ‘Smith ‘700 is silent on encrypting or decrypting the Platform Certificate or any portion thereof’;
Smith ‘700 in view of Nord ‘774 and further in view of Jefferies ‘639 fails to disclose the limitation “wherein the first key is issued by a Trusted Platform Module in the IHS at the time of the IHS' manufacture” recited in claim 12, as amended; 
Smith ‘700, in view of Nord ’774, and further in view of Jefferies ‘639, and further in view of Hollis ‘685 fails to disclose the limitation “wherein the new workspace definition is usable to instantiate the workspace to meet a security target and a productivity target” recited in claim 20, as amended. 

In response to Argument A:
Argument A, in response to the rejection of the claims 1, 12, and 20 under 35 U.S.C. §103 with respect to Smith ‘700, in view of Nord ‘774, and further in view of Jefferies ‘639 have been fully considered and are partially persuasive. However, a new ground of rejection has been asserted in view of Winter et al., US 2016/0323250 A1 (hereinafter, “Winter ‘250”). 
One cannot show nonobviousness by attacking references individually where the rejections are based on combinations of references. See In re Keller, 642 F.2d 413, 208 USPQ 871 (CCPA 1981); In re Merck & Co., 800 F.2d 1091, 231 USPQ 375 (Fed. Cir. 1986).
Smith ‘700 discloses a manifest (Platform Certificate, Smith ‘700, ¶44; Fig. 3) comprising a SWID portion (SWID tag component of the Platform Certificate, Smith ‘700, ¶85) and a signature portion (Signature Data component of the Platform Certificate, Smith ‘700, ¶¶46-48; Fig. 3), where the manifest is used to perform attestation (Platform Certificate is used to perform attestation and onboarding of a device, Smith ‘700, ¶¶63-65, 85, 103).  
While Smith ‘700 may be silent on encrypting or decrypting a certain portion of the Platform Certificate (emphasis added), Smith ‘700 discloses storing Platform Certificate information within a blockchain, where the blockchain contains encrypted information, encrypted with encryption keys, within private portions of the blockchain (emphasis added) (see Smith ‘700, ¶¶80, 175).
Winter ‘250, on the other hand, discloses a method of encrypting/decrypting a first portion of a file with a first key and encrypting/decrypting a second portion of a file with a second key (encrypting/decrypting a first portion of a blob, also referred to as a file data, with a first key and encrypting/decrypting a second portion of a blob with a second key, Winter ‘250, ¶¶21-23), where keys are retrieved from databases (keys are retrieved from data stores within the master key storage system, Winter ‘250, ¶¶6, 22, 125).
Thus, it would have been obvious to one of ordinary skill in the art to modify the method in Smith ‘700 to include the teachings of Winter ‘250, namely to split the Platform Certificate, as disclosed in Smith ‘700, into separate portions, such as into a SWID portion and a signature data portion, where each portion may be encrypted or decrypted with a different corresponding key, as disclosed in Winter ‘250. See Claim Rejections – 35 USC § 103 below for further details.

In response to Argument B:
Argument B, in response to the rejection of the claim 12 under 35 U.S.C. §103 with respect to Smith ‘700, in view of Nord ‘774, and further in view of Jefferies ‘639 have been fully considered and are partially persuasive. However, a new ground of rejection has been asserted in view of Winter ‘250. 
One cannot show nonobviousness by attacking references individually where the rejections are based on combinations of references. See In re Keller, 642 F.2d 413, 208 USPQ 871 (CCPA 1981); In re Merck & Co., 800 F.2d 1091, 231 USPQ 375 (Fed. Cir. 1986).
Smith ‘700 discloses a manufacturing key embedded in secure hardware, such as a Trusted Platform Module (TPM), at the time of manufacturing (see Smith ‘700, ¶¶52, 72, 85, 98; Fig. 4). While Smith ‘700 doesn’t explicitly disclose using the manufacturing key to encrypt the Platform Certificate or portions thereof, Smith ‘700 discloses verifying the manufacturing key and signature data, by a device onboarding tool, to ensure the applicability of an Approved Products List (APL), where the APL is compared to the Platform Certificate to determine the integrity of an onboarded device (see Smith ‘700, ¶¶70, 72, 172, 185).
Winter ‘250, on the other hand, discloses a method of encrypting/decrypting a first portion of a file with a first key and encrypting/decrypting a second portion of a file with a second key (encrypting/decrypting a first portion of a blob, also referred to as a file data, with a first key and encrypting/decrypting a second portion of a blob with a second key, Winter ‘250, ¶¶21-23), where keys are retrieved from databases (keys are retrieved from data stores within the master key storage system, Winter ‘250, ¶¶6, 22, 125).
Thus, it would have been obvious to one of ordinary skill in the art to modify the method in Smith ‘700 to include the teachings of Winter ‘250, namely to split the Platform Certificate, as disclosed in Smith ‘700, into separate portions, such as into a SWID portion and a signature data portion, where the SWID portion may be encrypted by a second key and the signature data portion may be encrypted by a first key, as disclosed in Winter ‘250, and where the first key may be implemented using the manufacturing key, as disclosed in Smith ‘700. See Claim Rejections – 35 USC § 103 below for further details.

In response to Argument C:
Argument C, in response to the rejection of the claims under 35 U.S.C. §103 with respect to Smith ‘700, in view of Nord ‘774, and further in view of Jefferies ‘639, and further in view of Hollis ‘685 have been fully considered and are persuasive. However, a new ground of rejection has been asserted in view of Winter ‘250 and Coppinger et al., US 2014/0344009 A1. See Claim Rejections – 35 USC § 103 below for further details.


Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.

Claims 1-2, 5-6 and 12 are rejected under 35 U.S.C. 103 as being unpatentable over Smith et al., US 2020/0374700 A1 (hereinafter, “Smith ‘700”) in view of Winter et al., US 2016/0323250 A1 (hereinafter, “Winter ‘250”) and further in view of Jefferies et al., US 2010/0169639, (hereinafter, “Jefferies ‘639”).

As per claim 1: Smith ‘700 discloses:
An Information Handling System (IHS) (an internet of thing (IoT) system [Smith ‘700, ¶¶25-26]), comprising: 
a processor (processor 1452, [Smith ‘700, ¶128; Fig. 14); and 
a memory coupled to the processor, the memory having program instructions stored thereon that, upon execution (memory 1454 coupled to processor 1452; memory 1454 storing instructions 1482 to be executed by the processor 1452 to perform operations [Smith ‘700, ¶¶129, 145; Fig. 14]), cause the IHS to: 
receive a request to perform attestation of a client device (request to perform verification and attestation of an internet of things (IoT) device during onboarding [Smith ‘700, ¶¶63, 65, 85, 98, 103; Fig. 4, Fig. 7]); 
retrieve, from an agent executed by the client device (retrieving, from an onboarding tool executed by the IoT device [Smith ‘700, ¶¶53-54; Fig. 4]), a manifest (a Platform Certificate [Smith ‘700 ¶¶23, 44-46; Fig. 3]) comprising: 
(i) a signature portion (Signature Data portion of the Platform Certificate [Smith ‘700, ¶¶46-48; Fig. 3]) encrypted (storing Platform Certificate, which comprises the signature data portion, within a blockchain, where the blockchain contains encrypted information, encrypted with encryption keys, within private portions of the blockchain [Smith ‘700, ¶¶80, 175]), and 
(ii) a software identification (SWID) portion (a software identification (SWID) portion of the Platform Certificate [Smith ‘700, ¶¶44, 57, 84-85, 90; Fig. 3, Fig. 6, Fig. 9]) encrypted (storing Platform Certificate, which comprises the SWID portion, within a blockchain, where the blockchain contains encrypted information, encrypted with encryption keys, within private portions of the blockchain [Smith ‘700, ¶¶80, 175]); 
retrieve the first key (retrieving a manufacturing key, where the manufacturing key is verified along with signature data by a device onboarding tool, to ensure the applicability of an Approved Products List (APL), and where the APL is compared to the Platform Certificate to determine the integrity of an onboarded device, and where the manufacturing key is embedded in secure hardware, such as a Trusted Platform Module (TPM), at the time of manufacturing [Smith ‘700, ¶¶52, 70, 72, 85, 98, 172; Fig. 4]); 

(Signature Data portion of the Platform Certificate [Smith ‘700, ¶¶46-48; Fig. 3]) 
(a software identification (SWID) portion of the Platform Certificate [Smith ‘700, ¶¶44, 57, 84-85, 90; Fig. 3, Fig. 6, Fig. 9] 
perform the attestation using the decrypted manifest (performing verification and attestation of the internet of things (IoT) device during onboarding using the Platform Certificate [Smith ‘700; ¶¶63, 65, 85, 98, 103; Fig. 4, Fig. 7]).

As stated above, Smith ‘700 does not explicitly disclose: “a manifest comprising : … portion encrypted with a first key, and … portion encrypted with a second key; retrieve the first key from a manufacturer database; retrieve the second key from a customer database; decrypt the … portion with the first key; decrypt the … portion with the second key …”.
Winter ‘250, however, discloses:
a manifest (a blob, also referred to as file data [Winter ‘250, ¶16]) comprising : 
… portion encrypted with a first key, and … portion encrypted with a second key (the blob is split into multiple portions, where each portion is encrypted with a unique encryption/decryption key [Winter ‘250, ¶¶21-23]); 
retrieve the first key from a (retrieving the unique encryption/decryption keys from data stores 164 within the master key storage system 112, where the master key storage 112 system may be a customer database that contains customer keys and customer data [Winter ‘250, ¶¶17, 19-20, 22, 29; Fig. 1]); 
decrypt the … portion with the first key; decrypt the … portion with the second key … (the blob is split into multiple portions, where each portion is decrypted with a unique encryption/decryption key [Winter ‘250, ¶¶17, 21-23, 32).

Smith ‘700 and Winter ‘250 are analogous art because they are from the same field of endeavor, namely that of the encryption/decryption of sensitive data using a plurality of cryptographic keys from different sources. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Smith ‘700 and Winter ‘250 before them, to modify the method in Smith ‘700 to include the teachings of Winter ‘250, namely to split the Platform Certificate, as disclosed in Smith ‘700, into separate portions, such as into a SWID portion and a signature data portion, where each portion may be encrypted/decrypted with a unique corresponding key, and where the first key used to encrypt/decrypt the signature data portion may be implemented using the unique manufacturing key, as disclosed in Smith ‘700, and where the keys are retrieved from a customer database, as disclosed in Winter ‘250. The motivation for doing so would be to increase security of sensitive data, such as customer-related data, by increasing the number of unique cryptographic keys during encryption of the data (see Winter ‘250, ¶¶15-17).

As stated above, Smith ‘700 in view of Winter ‘250 does not explicitly disclose: “retrieve … from a manufacturer database; retrieve … from a customer database”. 
Jefferies ‘639, however, discloses:
retrieve … from a manufacturer database (retrieve data from manufacture database system 20 [Jefferies ‘639, ¶¶63-66; Fig. 1]); 
retrieve … from a customer database (retrieve data from global database system 10, where global database 10 may be a customer database [Jefferies ‘639, ¶¶63, 90-91; Fig. 1]).

Smith ‘700 (modified by Winter ‘250) and Jefferies ‘639 are analogous art because they are from the same field of endeavor, namely that of the secure exchange and storage of sensitive data with respect to a plurality of databases. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Smith ‘700 (modified by Winter ‘250) and Jefferies ‘639 before them, to modify the method in Smith ‘700 (modified by Winter ‘250) to include the teachings of Jefferies ‘639, namely to retrieve the second keys from the customer databases disclosed in Winter ‘250, but retrieving the first key from a separate manufacturer database, as disclosed in Jefferies ‘639. The motivation for doing so would be to reduce the possibility of data being compromised along a data transfer chain, by having a plurality of separate independent databases along a data transfer chain (e.g. manufacturer and customer) that are separate and blind to each other (see Jefferies ‘639 ¶¶28-29).

As per claim 2: Smith ‘700 in view of Winter ‘250 and further in view of Jefferies ‘639 discloses all limitations of claim 1, as stated above, from which claim 2 is dependent upon. Furthermore, Smith ‘700 discloses:
	wherein the IHS is part of a remotely-located evaluation service (the IoT system may perform verification and attestation with respect to a plurality of remotely-located IoT devices [Smith ‘700, ¶¶26, 35, 55, 123]).

As per claim 5: Smith ‘700 in view of Winter ‘250 and further in view of Jefferies ‘639 discloses all limitations of claim 1, as stated above, from which claim 5 is dependent upon. Furthermore, Smith ‘700 discloses:
wherein the manifest further comprises a device identification portion (the Platform Certificate includes a device identification portion [Smith ‘700, ¶¶44-45, 57, 88, 95; Fig. 3]).
	
As per claim 6: Smith ‘700 in view of Winter ‘250 and further in view of Jefferies ‘639 discloses all limitations of claims 1 and 5, as stated above, all from which claim 6 is dependent upon. Furthermore, Smith ‘700 discloses:
wherein the SWID portion comprises an indication of each service executed by, or installed in, the client device (the SWID portion of the Platform Certificate indicates each software component that makes up the IoT device [Smith ‘700, ¶¶44, 54, 85, 90; Fig. 3]).

As per claim 12: Smith ‘700 discloses:
A memory storage device having program instructions stored thereon that, upon execution (memory 1454 coupled to processor 1452; memory 1454 storing instructions 1482 to be executed by the processor 1452 to perform operations [Smith ‘700, ¶¶129, 145; Fig. 14]) by an Information Handling System (IHS) (an internet of thing (IoT) system [Smith ‘700, ¶¶25-26]), cause the IHS to: 
transmit, to a client device, a request (transmit, to an IoT device, a request to perform verification and attestation during onboarding [Smith ‘700, ¶¶63, 65, 85, 98, 103; Fig. 4, Fig. 7]) to retrieve a manifest (to retrieve a Platform Certificate [Smith ‘700 ¶¶23, 44-46, 53-54; Fig. 3, Fig. 4) comprising : 
(i) a signature portion (Signature Data portion of the Platform Certificate [Smith ‘700, ¶¶46-48; Fig. 3]) encrypted (storing Platform Certificate, which comprises the signature data portion, within a blockchain, where the blockchain contains encrypted information, encrypted with encryption keys, within private portions of the blockchain [Smith ‘700, ¶¶80, 175]), and 
(ii) a software identification (SWID) portion (a software identification (SWID) portion of the Platform Certificate [Smith ‘700, ¶¶44, 57, 84-85, 90; Fig. 3, Fig. 6, Fig. 9]) encrypted (storing Platform Certificate, which comprises the SWID portion, within a blockchain, where the blockchain contains encrypted information, encrypted with encryption keys, within private portions of the blockchain [Smith ‘700, ¶¶80, 175]) (the SWID portion of the Platform Certificate indicates each software component that makes up the IoT device [Smith ‘700, ¶¶44, 54, 85, 90; Fig. 3]); 
retrieve the first key , wherein the first key is issued by a Trusted Platform Module in the IHS at the time of the IHS’ manufacture (retrieving a manufacturing key, where the manufacturing key is verified along with signature data by a device onboarding tool, to ensure the applicability of an Approved Products List (APL), and where the APL is compared to the Platform Certificate to determine the integrity of an onboarded device, and where the manufacturing key is embedded in secure hardware, such as a Trusted Platform Module (TPM), at the time of manufacturing [Smith ‘700, ¶¶52, 70, 72, 85, 98, 172; Fig. 4]);

(Signature Data portion of the Platform Certificate [Smith ‘700, ¶¶46-48; Fig. 3]) 
(a software identification (SWID) portion of the Platform Certificate [Smith ‘700, ¶¶44, 57, 84-85, 90; Fig. 3, Fig. 6, Fig. 9])

As stated above, Smith ‘700 does not explicitly disclose: “a manifest comprising: … portion encrypted with a first key, and … portion encrypted with a second key different from the first key … retrieve the first key from a manufacturer database … ; retrieve the second key from a customer database; and decrypt the … portion using the first key; and decrypt the … portion with the second key.”
Winter ‘250, however, discloses:
a manifest (a blob, also referred to as file data [Winter ‘250, ¶16]) comprising: 
… portion encrypted with a first key, and … portion encrypted with a second key different from the first key … (the blob is split into multiple portions, where each portion is encrypted with a unique encryption/decryption key [Winter ‘250, ¶¶21-23])
retrieve the first key from a … ; retrieve the second key from a customer database (retrieving the unique encryption/decryption keys from data stores 164 within the master key storage system 112, where the master key storage 112 system may be a customer database that contains customer keys and customer data [Winter ‘250, ¶¶17, 19-20, 22, 29; Fig. 1]); and 
decrypt the … portion using the first key; and decrypt the … portion with the second key (the blob is split into multiple portions, where each portion is decrypted with a unique encryption/decryption key [Winter ‘250, ¶¶17, 21-23, 32).

Smith ‘700 and Winter ‘250 are analogous art because they are from the same field of endeavor, namely that of the encryption/decryption of sensitive data using a plurality of cryptographic keys from different sources. For the same reasons stated in Claim 1, prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Smith ‘700 and Winter ‘250 before them, to modify the method in Smith ‘700 to include the teachings of Winter ‘250.

As stated above, Smith ‘700 in view of Winter ‘250 does not explicitly disclose: “retrieve … from a manufacturer database; retrieve … from a customer database”. 
Jefferies ‘639, however, discloses:
retrieve … from a manufacturer database (retrieve data from manufacture database system 20 [Jefferies ‘639, ¶¶63-66; Fig. 1]); 
retrieve … from a customer database (retrieve data from global database system 10, where global database 10 may be a customer database [Jefferies ‘639, ¶¶63, 90-91; Fig. 1]).

Smith ‘700 (modified by Winter ‘250) and Jefferies ‘639 are analogous art because they are from the same field of endeavor, namely that of the secure exchange and storage of sensitive data with respect to a plurality of database. For the same reasons stated in Claim 1, prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Smith ‘700 (modified by Winter ‘250) and Jefferies ‘639 before them, to modify the method in Smith ‘700 (modified by Winter ‘250) to include the teachings of Jefferies ‘639.


Claims 3-4, 7-11, and 13-19 are rejected under 35 U.S.C. 103 as being unpatentable over Smith ‘700, in view of Winter ‘250, and further in view of Jefferies ‘639, and further in view of Hollis et al., US 8,874,685 (hereinafter, “Hollis ‘685”).
	
As per claim 3: Smith ‘700 in view of Winter ‘250 and further in view of Jefferies ‘639 discloses all limitations of claim 1, as stated above, from which claim 3 is dependent upon. Smith ‘700 in view of Winter ‘250 and further in view of Jefferies ‘639 does not explicitly disclose the limitations of claim 3.
Hollis ‘685, however, discloses:
wherein the agent comprises a Security Content Automation Protocol (SCAP) agent or daemon (compliance engine is executed to generate a SCAP compliance profile, [Hollis ‘685, Col. 4 lines 27-46]), and wherein the manifest comprises a SCAP- compliant manifest (SCAP compliance profile, where the SCAP compliance profile indicates the security vulnerabilities of a client device and the level of compliance [Hollis ‘685, Col. 4 line 47 – Col. 5 line 3, Col. 9 lines 10-27; Fig. 1, Fig. 12]).
Smith ‘700 (modified by Winter ‘250 & Jefferies ‘639) and Hollis ‘685 are analogous art because they are from the same field of endeavor, namely that of the evaluation of security, integrity, compliance of devices within a networked system. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Smith ‘700 (modified by Winter ‘250 & Jefferies ‘639) and Hollis ‘685 before them, to modify the method in Smith ‘700 (modified by Winter ‘250 & Jefferies ‘639) to include the teachings of Hollis ‘685, namely to implement the onboarding tool in Smith ‘700 as a compliance engine which, when executed, generates a SCAP compliance profile for the IoT device. The motivation for doing so would be to take advantage of the existing Security Content Automation Protocol to automate vulnerability management, measurement, device and software enumeration, and policy compliance evaluation for client devices (see Hollis ‘685, Col. 4 lines 4-46).

As per claim 4: Smith ‘700, in view of Winter ‘250, and further in view of Jefferies ‘639, and further in view of Hollis ‘685 discloses all limitations of claims 1 and 3, as stated above, all from which claim 4 is dependent upon. Furthermore, Jefferies ‘639 discloses:
wherein the customer database comprises a (global database system 10, where global database 10 may be a customer database [Jefferies ‘639, ¶¶63, 90-91; Fig. 1]), and wherein the manufacturer database comprises an inventory database (manufacture database system 20, where the manufacture database may contain an inventory of products within a product supply chain [Jefferies ‘639, ¶¶63-66, 72; Fig. 1, Fig. 4]).
Smith ‘700 (modified by Winter ‘250) and Jefferies ‘639 are analogous art because they are from the same field of endeavor, namely that of the secure exchange and storage of sensitive data with respect to a plurality of database. For the same reasons stated in Claim 1, prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Smith ‘700 (modified by Winter ‘250) and Jefferies ‘639 before them, to modify the method in Smith ‘700 (modified by Winter ‘250) to include the teachings of Jefferies ‘639.

As stated above, Smith ‘700 in view of Winter ‘250 and further in view of Jefferies ‘639 does not explicitly disclose: “the customer database comprises a SCAP-compliant database”.
Hollis ‘685, however, discloses:
the customer database comprises a SCAP-compliant database (receiving data from a SCAP-compliant configuration server database [Hollis ‘685, Col. 8 lines 1-16, Col. 9 lines 40-55]).

Smith ‘700 (modified by Winter ‘250 & Jefferies ‘639) and Hollis ‘685 are analogous art because they are from the same field of endeavor, namely that of the evaluation of security, integrity, compliance of devices within a networked system.  Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Smith ‘700 (modified by Winter ‘250 & Jefferies ‘639) and Hollis ‘685 before them, to modify the method in Smith ‘700 (modified by Winter ‘250 & Jefferies ‘639) to include the teachings of Hollis ‘685, namely to implement the global database system 10 as disclosed in Jefferies ‘639 as a SCAP-compliant server database as disclosed in Hollis ‘685. The motivation for doing so would be to take advantage of the existing Security Content Automation Protocol to automate vulnerability management, measurement, device and software enumeration, and policy compliance evaluation for client devices (see Hollis ‘685, Col. 4 lines 4-46).

As per claim 7: Smith ‘700, in view of Winter ‘250, and further in view of Jefferies ‘639, and further in view of Hollis ‘685 discloses all limitations of claims 1, 5, and 6, as stated above, all from which claim 7 is dependent upon. Furthermore, Smith ‘700 discloses:
wherein to perform the attestation (request to perform verification and attestation of an internet of things (IoT) device during onboarding [Smith ‘700, ¶¶63, 65, 85, 98, 103; Fig. 4, Fig. 7]), the program instructions, upon execution (memory 1454 coupled to processor 1452; memory 1454 storing instructions 1482 to be executed by the processor 1452 to perform operations [Smith ‘700, ¶¶129, 145; Fig. 14]), further cause 
the IHS to compare the SWID portion of the decrypted manifest (a software identification (SWID) portion of the Platform Certificate [Smith ‘700, ¶¶44, 57, 84-85, 90; Fig. 3, Fig. 6, Fig. 9]) against 
a (OCF Approved Products List (APL); comparing the SWID portion of the Platform Certificate with the APL [Smith ‘700, ¶¶44, 53, 64, 68, 85; Fig. 3, Fig. 4]) 
wherein the (APL [Smith ‘700, ¶44; Fig. 3]) comprises at least one of: 
(i) an indication of a service allowed to be executed by, or installed in, the client device, or (ii) an indication of a service not allowed to be executed by, or installed in, the client device (the APL contains a list of approved/compliant component and services allowed to be installed on the IoT device [Smith ‘700, ¶¶23, 44-46, 53; Fig. 3]).

As stated above, Smith ‘700, in view of Winter ‘250 does not explicitly disclose: “a SCAP digest associated with the device identification and stored in the customer database, wherein the SCAP digest comprises …”.
Jefferies ‘639, however, discloses:
a digest associated with the device identification and stored in the customer database (storing data within the global database system 10, where global database 10 may be a customer database [Jefferies ‘639, ¶¶63, 90-91; Fig. 1]),  wherein the digest comprises …

Smith ‘700 (modified by Winter ‘250) and Jefferies ‘639 are analogous art because they are from the same field of endeavor, namely that of the secure exchange and storage of sensitive data with respect to a plurality of database. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Smith ‘700 (modified by Winter ‘250) and Jefferies ‘639 before them, to modify the method in Smith ‘700 (modified by Winter ‘250) to include the teachings of Jefferies ‘639, namely to store the APL, as disclosed in Smith ‘700, within a separate global customer database system as disclose in Jefferies ‘639. The motivation for doing so would be to reduce the possibility of data, such as the APL, being compromised along a data transfer chain, by having a plurality of separate independent databases along a data transfer chain (e.g. manufacturer and customer) that are separate and blind to each other (see Jefferies ‘639 ¶¶28-29).

As stated above, Smith ‘700 in view of Winter ‘250 and further in view of Jefferies ‘639 does not explicitly disclose: “a SCAP digest associated with the device identification … wherein the SCAP digest comprises …”
Hollis ‘685, however, discloses:
a SCAP digest (a SCAP configuration; analyzing and comparing the SCAP compliance profile relative to the rules and guidelines within the received SCAP configuration [Hollis ‘685, Col. 4 lines 27-46, Col. 8 lines 1-16, Col. 9 line 56 – Col. 10 line 3]) associated with the device identification … wherein the SCAP digest comprises …

Smith ‘700 (modified by Winter ‘250 & Jefferies ‘639) and Hollis ‘685 are analogous art because they are from the same field of endeavor, namely that of the evaluation of security, integrity, compliance of devices within a networked system.  For the reasons stated in Claim 1, prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Smith ‘700 (modified by Winter ‘250 & Jefferies ‘639) and Hollis ‘685 before them, to modify the method in Smith ‘700 (modified by Winter ‘250 & Jefferies ‘639) to include the teachings of Hollis ‘685.

As per claim 8: Smith ‘700, in view of Winter ‘250, and further in view of Jefferies ‘639, and further in view of Hollis ‘685 discloses all limitations of claims 1, 5, 6, and 7 as stated above, all from which claim 8 is dependent upon. Furthermore, Smith ‘700 discloses:
	wherein the IHS is the client device (IoT device [Smith ‘700, ¶¶25-26]), and wherein the request is identified by a workspace attestation service (ecosystem operator (EO); the attestation request is identified by the EO executed by the IoT device [Smith ‘700, ¶130; Fig. 9]) executed by the client device.

As per claim 9: Smith ‘700, in view of Winter ‘250, and further in view of Jefferies ‘639, and further in view of Hollis ‘685 discloses all limitations of claims 1, 5, 6, 7, and 8 as stated above, all from which claim 9 is dependent upon. Smith ‘700, in view of Winter ‘250, and further in view of Jefferies ‘639 does not explicitly disclose the limitations of claim 9.
Hollis ‘685, however, discloses:
wherein in response to a result of the attestation being different from a previous result of a previous attestation (in response to a change in vulnerability score (also referred to as security metric), where the change is due to deviations of the compliance profiles of devices within the system from a desired state since the last assessment [Hollis ‘685, Col. 4 lines 4-26, Col. 4 line 47 – Col. 5 line 3, Col. 5 lines 10-25; Fig. 1, Fig. 2]), the program instructions, upon execution, further cause the IHS (processors executing stored instructions to cause an organization with a plurality networked devices within a system to [Hollis ‘685, Col. 16 lines 18-30]) to: 
enter a quarantine mode, firewall protected data, or deny network access (preclude from accessing the network and restrict access to certain applications [Hollis ‘685, Col. 6 lines 17-27, Col. 8 line 63 – Col. 9 line 9]).

Smith ‘700 (modified by Winter ‘250 & Jefferies ‘639) and Hollis ‘685 are analogous art because they are from the same field of endeavor, namely that of the evaluation of security, integrity, compliance of devices within a networked system.  Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Smith ‘700 (modified by Winter ‘250 & Jefferies ‘639) and Hollis ‘685 before them, to modify the method in Smith ‘700 (modified by Winter ‘250 & Jefferies ‘639) to include the teachings of Hollis ‘685, namely to perform certain restrictive actions for IoT devices in the system, such as precluding from accessing the network and restricting access certain applications, based on different results from a previous attestation of IoT devices. The motivation for doing so would be to have an efficient method of detecting and evaluating changes in the security of a system within an organization, and performing corrective/protective actions for the system in response to the changes. (see Hollis ‘685, Col. 4 lines 4-46, Col. 8 line 54 – Col. 9 line 9).

As per claim 10: Smith ‘700, in view of Winter ‘250, and further in view of Jefferies ‘639, and further in view of Hollis ‘685 discloses all limitations of claims 1, 5, 6, 7, and 8 as stated above, all from which claim 10 is dependent upon. Smith ‘700, in view of Winter ‘250, and further in view of Jefferies ‘639 does not explicitly disclose the limitations of claim 10.
Hollis ‘685, however, discloses:
wherein in response to a result of the attestation being different from a previous result of a previous attestation, the program instructions, upon execution, further cause the IHS to (processors executing stored instructions to cause an organization with a plurality networked devices within a system to [Hollis ‘685, Col. 16 lines 18-30]) communicate a change in a security score (due to deviations of the compliance profiles of devices within the system from a desired state since the last assessment, communicate a change in vulnerability score (also referred to as security metric) [Hollis ‘685, Col. 4 lines 4-26, Col. 4 line 47 – Col. 5 line 3, Col. 5 lines 10-25; Fig. 1, Fig. 2]) to a workspace orchestration service (to a network administrator service for the system of the organization [Hollis ‘685, Col. 4 lines 47 – Col. 5 line 3]).

Smith ‘700 (modified by Winter ‘250 & Jefferies ‘639) and Hollis ‘685 are analogous art because they are from the same field of endeavor, namely that of the evaluation of security, integrity, compliance of devices within a networked system.  Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Smith ‘700 (modified by Winter ‘250 & Jefferies ‘639) and Hollis ‘685 before them, to modify the method in Smith ‘700 (modified by Winter ‘250 & Jefferies ‘639) to include the teachings of Hollis ‘685, namely to receive an indication of a changed vulnerability score for a system within an organization, based on attestation and on boarding of IoT devices as disclosed in Smith ‘700, where a new status for the system is generated based on the changed vulnerability score. The motivation for doing so would be to have an efficient method of detecting and evaluating changes in the security of a system within an organization, and performing corrective/protective actions for the system in response to the changes. (see Hollis ‘685, Col. 4 lines 4-46, Col. 8 line 54 – Col. 9 line 9).

As per claim 11: Smith ‘700, in view of Winter ‘250, and further in view of Jefferies ‘639, and further in view of Hollis ‘685 discloses all limitations of claims 1, 5, 6, 7, 8, and 10, as stated above, all from which claim 11 is dependent upon. Smith ‘700, in view of Winter ‘250, and further in view of Jefferies ‘639 does not explicitly disclose the limitations of claim 11.
Hollis ‘685, however, discloses:
	wherein the workspace orchestration service is configured to transmit a new workspace definition to the IHS in response to the change in the security score (in response to receiving an indication of a change to the vulnerability score, transmitting, by the network administrator service to the system, a new status for the system within the organization; for example, a vulnerability score under a certain threshold may indicate a ‘failing’ status, in which devices within the system will not be authorized to access certain applications [Hollis ‘685, Col. 4 line 47 – Col. 5 line 3, Col. 5 lines 35-54, Col. 6 lines 28-43, Col. 8 line 54 – Col. 9 line 9; Fig. 3, Fig. 4]).

	Smith ‘700 (modified by Winter ‘250 & Jefferies ‘639) and Hollis ‘685 are analogous art because they are from the same field of endeavor, namely that of the evaluation of security, integrity, compliance of devices within a networked system.  Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Smith ‘700 (modified by Winter ‘250 & Jefferies ‘639) and Hollis ‘685 before them, to modify the method in Smith ‘700 (modified by Winter ‘250 & Jefferies ‘639) to include the teachings of Hollis ‘685, namely to receive an indication of a changed vulnerability score for a system within an organization based on attestation and on boarding of IoT devices as disclosed in Smith ‘700, where a new status for the system is generated based on the changed vulnerability score. The motivation for doing so would be to have an efficient method of detecting and evaluating changes in the security of a system within an organization, and performing corrective/protective actions for the system in response to the changes. (see Hollis ‘685, Col. 4 lines 4-46, Col. 8 line 54 – Col. 9 line 9).

As per claim 13: Smith ‘700, in view of Winter ‘250, and further in view of Jefferies ‘639 discloses all limitations of claim 12, as stated above, from which claim 13 is dependent upon. Furthermore, Jefferies ‘639 discloses:
wherein the customer database comprises a (global database system 10, where global database 10 may be a customer database [Jefferies ‘639, ¶¶63, 90-91; Fig. 1]), and wherein the manufacturer database comprises an inventory database (manufacture database system 20, where the manufacture database may contain an inventory of products within a product supply chain [Jefferies ‘639, ¶¶63-66, 72; Fig. 1, Fig. 4]).

Smith ‘700 (modified by Winter ‘250) and Jefferies ‘639 are analogous art because they are from the same field of endeavor, namely that of the secure exchange and storage of sensitive data with respect to a plurality of database. For the same reasons stated in Claim 1, prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Smith ‘700 (modified by Winter ‘250) and Jefferies ‘639 before them, to modify the method in Smith ‘700 (modified by Winter ‘250) to include the teachings of Jefferies ‘639.

As stated above, Smith ‘700 in view of Winter ‘250 and further in view of Jefferies ‘639 does not explicitly disclose: “the customer database comprises a Security Content Automation Protocol (SCAP)-compliant database”.
Hollis ‘685, however, discloses:
the customer database comprises a Security Content Automation Protocol (SCAP)-compliant database (receiving data from a SCAP-compliant configuration server database [Hollis ‘685, Col. 8 lines 1-16, Col. 9 lines 40-55]).

Smith ‘700 (modified by Winter ‘250 & Jefferies ‘639) and Hollis ‘685 are analogous art because they are from the same field of endeavor, namely that of the evaluation of security, integrity, compliance of devices within a networked system.  For the reasons stated in Claim 4, prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Smith ‘700 (modified by Winter ‘250 & Jefferies ‘639) and Hollis ‘685 before them, to modify the method in Smith ‘700 (modified by Winter ‘250 & Jefferies ‘639) to include the teachings of Hollis ‘685.

As per claim 14: Smith ‘700, in view of Winter ‘250, and further in view of Jefferies ‘639, and further in view of Hollis ‘685 discloses all limitations of claims 12 and 13, as stated above, all from which claim 14 is dependent upon. Furthermore, Smith ‘700 discloses:
wherein the program instructions, upon execution (memory 1454 coupled to processor 1452; memory 1454 storing instructions 1482 to be executed by the processor 1452 to perform operations [Smith ‘700, ¶¶129, 145; Fig. 14]), further cause the IHS to compare the SWID portion of the decrypted manifest (a software identification (SWID) portion of the Platform Certificate [Smith ‘700, ¶¶44, 57, 84-85, 90; Fig. 3, Fig. 6, Fig. 9]) against 
a (OCF Approved Products List (APL); comparing the SWID portion of the Platform Certificate with the APL [Smith ‘700, ¶¶44, 53, 64, 68, 85; Fig. 3, Fig. 4]) associated with the device identification (request to perform verification and attestation of an internet of things (IoT) device during onboarding [Smith ‘700, ¶¶63, 65, 85, 98, 103; Fig. 4, Fig. 7]).

As stated above, Smith ‘700, in view of Winter ‘250 does not explicitly disclose: “a SCAP digest associated with the device identification and stored in the customer database”.
Jefferies ‘639, however, discloses:
a digest associated with the device identification and stored in the customer database (storing data within the global database system 10, where global database 10 may be a customer database [Jefferies ‘639, ¶¶63, 90-91; Fig. 1]).

Smith ‘700 (modified by Winter ‘250) and Jefferies ‘639 are analogous art because they are from the same field of endeavor, namely that of the secure exchange and storage of sensitive data with respect to a plurality of database. For the reasons stated in Claim 7, prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Smith ‘700 (modified by Winter ‘250) and Jefferies ‘639 before them, to modify the method in Smith ‘700 (modified by Winter ‘250) to include the teachings of Jefferies ‘639.

As stated above, Smith ‘700 in view of Winter ‘250 and further in view of Jefferies ‘639 does not explicitly disclose: “a SCAP digest associated with the device identification …”
Hollis ‘685, however, discloses:
a SCAP digest associated with the device identification (a SCAP configuration; analyzing and comparing the SCAP compliance profile relative to the rules and guidelines within the received SCAP configuration [Hollis ‘685, Col. 4 lines 27-46, Col. 8 lines 1-16, Col. 9 line 56 – Col. 10 line 3]) … 

Smith ‘700 (modified by Winter ‘250 & Jefferies ‘639) and Hollis ‘685 are analogous art because they are from the same field of endeavor, namely that of the evaluation of security, integrity, compliance of devices within a networked system.  For the reasons stated in Claim 1, prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Smith ‘700 (modified by Winter ‘250 & Jefferies ‘639) and Hollis ‘685 before them, to modify the method in Smith ‘700 (modified by Winter ‘250 & Jefferies ‘639) to include the teachings of Hollis ‘685.

As per claim 15: Smith ‘700, in view of Winter ‘250, and further in view of Jefferies ‘639, and further in view of Hollis ‘685 discloses all limitations of claims 12, 13, and 14, as stated above, all from which claim 15 is dependent upon. Furthermore, Smith ‘700 discloses:
wherein the (APL [Smith ‘700, ¶44; Fig. 3]) comprises an indication of a service allowed to be executed by, or installed in, the client device (the APL contains a list of approved/compliant component and services allowed to be installed on the IoT device [Smith ‘700, ¶¶23, 44-46, 53; Fig. 3]).

As stated above, Smith ‘700 in view of Winter ‘250 and further in view of Jefferies ‘639 does not explicitly disclose: “the SCAP digest comprises …”
Hollis ‘685, however, discloses:
the SCAP digest comprises (a SCAP configuration; analyzing and comparing the SCAP compliance profile relative to the rules and guidelines within the received SCAP configuration [Hollis ‘685, Col. 4 lines 27-46, Col. 8 lines 1-16, Col. 9 line 56 – Col. 10 line 3]) … 

Smith ‘700 (modified by Winter ‘250 & Jefferies ‘639) and Hollis ‘685 are analogous art because they are from the same field of endeavor, namely that of the evaluation of security, integrity, compliance of devices within a networked system.  For the reasons stated in Claim 1, prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Smith ‘700 (modified by Winter ‘250 & Jefferies ‘639) and Hollis ‘685 before them, to modify the method in Smith ‘700 (modified by Winter ‘250 & Jefferies ‘639) to include the teachings of Hollis ‘685.

As per claim 16: Smith ‘700, in view of Winter ‘250, and further in view of Jefferies ‘639, and further in view of Hollis ‘685 discloses all limitations of claims 12, 13, and 14, as stated above, all from which claim 16 is dependent upon. Furthermore, Smith ‘700 discloses:
wherein the (APL [Smith ‘700, ¶44; Fig. 3]) comprises an indication of a service not allowed to be executed by, or installed in, the client device (the APL is associated with a blacklist of APL components [Smith ‘700, ¶¶72, 169, 182]).

As stated above, Smith ‘700 in view of Winter ‘250 and further in view of Jefferies ‘639 does not explicitly disclose: “the SCAP digest comprises …”
Hollis ‘685, however, discloses:
the SCAP digest comprises (a SCAP configuration; analyzing and comparing the SCAP compliance profile relative to the rules and guidelines within the received SCAP configuration [Hollis ‘685, Col. 4 lines 27-46, Col. 8 lines 1-16, Col. 9 line 56 – Col. 10 line 3]) … 

Smith ‘700 (modified by Winter ‘250 & Jefferies ‘639) and Hollis ‘685 are analogous art because they are from the same field of endeavor, namely that of the evaluation of security, integrity, compliance of devices within a networked system.  For the reasons stated in Claim 1, prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Smith ‘700 (modified by Winter ‘250 & Jefferies ‘639) and Hollis ‘685 before them, to modify the method in Smith ‘700 (modified by Winter ‘250 & Jefferies ‘639) to include the teachings of Hollis ‘685.

As per claim 17: Smith ‘700, in view of Winter ‘250, and further in view of Jefferies ‘639, and further in view of Hollis ‘685 discloses all limitations of claims 12, 13, and 14 as stated above, all from which claim 17 is dependent upon. Smith ‘700, in view of Winter ‘250, and further in view of Jefferies ‘639 does not explicitly disclose the limitations of claim 17.
Hollis ‘685, however, discloses:
wherein in response to a result of the attestation being different from a previous result of a previous attestation (in response to a change in vulnerability score (also referred to as security metric), where the change is due to deviations of the compliance profiles of devices within the system from a desired state since the last assessment [Hollis ‘685, Col. 4 lines 4-26, Col. 4 line 47 – Col. 5 line 3, Col. 5 lines 10-25; Fig. 1, Fig. 2]), the program instructions, upon execution, further cause the IHS (processors executing stored instructions to cause an organization with a plurality networked devices within a system to [Hollis ‘685, Col. 16 lines 18-30]) to: 
transmit a command to the client device to enter a quarantine mode, firewall protected data, or deny network access (preclude the device from accessing the network and restrict access to certain applications [Hollis ‘685, Col. 6 lines 17-27, Col. 8 line 63 – Col. 9 line 9]).

Smith ‘700 (modified by Winter ‘250 & Jefferies ‘639) and Hollis ‘685 are analogous art because they are from the same field of endeavor, namely that of the evaluation of security, integrity, compliance of devices within a networked system.  For the same reasons as Claim 9, prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Smith ‘700 (modified by Winter ‘250 & Jefferies ‘639) and Hollis ‘685 before them, to modify the method in Smith ‘700 (modified by Winter ‘250 & Jefferies ‘639) to include the teachings of Hollis ‘685.

As per claim 18: Smith ‘700, in view of Winter ‘250, and further in view of Jefferies ‘639, and further in view of Hollis ‘685 discloses all limitations of claims 12, 13, and 14 as stated above, all from which claim 18 is dependent upon. Smith ‘700, in view of Winter ‘250, and further in view of Jefferies ‘639 does not explicitly disclose the limitations of claim 18.
Hollis ‘685, however, discloses:
wherein in response to a result of the attestation being different from a previous result of a previous attestation, the program instructions, upon execution, further cause the IHS to (processors executing stored instructions to cause an organization with a plurality networked devices within a system to [Hollis ‘685, Col. 16 lines 18-30]) communicate a change in a security metric (due to deviations of the compliance profiles of devices within the system from a desired state since the last assessment, communicate a change in vulnerability score (also referred to as security metric) [Hollis ‘685, Col. 4 lines 4-26, Col. 4 line 47 – Col. 5 line 3, Col. 5 lines 10-25; Fig. 1, Fig. 2]) to a workspace orchestration service (to a network administrator service for the system of the organization [Hollis ‘685, Col. 4 lines 47 – Col. 5 line 3]).

Smith ‘700 (modified by Winter ‘250 & Jefferies ‘639) and Hollis ‘685 are analogous art because they are from the same field of endeavor, namely that of the evaluation of security, integrity, compliance of devices within a networked system.  For the reasons stated in Claim 10, prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Smith ‘700 (modified by Winter ‘250 & Jefferies ‘639) and Hollis ‘685 before them, to modify the method in Smith ‘700 (modified by Winter ‘250 & Jefferies ‘639) to include the teachings of Hollis ‘685.

As per claim 19: Smith ‘700, in view of Winter ‘250, and further in view of Jefferies ‘639, and further in view of Hollis ‘685 discloses all limitations of claims 12, 13, 14, and 16, as stated above, all from which claim 19 is dependent upon. Smith ‘700, in view of Winter ‘250, and further in view of Jefferies ‘639 does not explicitly disclose the limitations of claim 19.
Hollis ‘685, however, discloses:
	wherein the workspace orchestration service is configured to transmit a new workspace definition to the client device in response to the change in the security score (in response to receiving an indication of a change to the vulnerability score, transmitting, by the network administrator service to the device, a new status for the system within the organization; for example, a vulnerability score under a certain threshold may indicate a ‘failing’ status, in which devices within the system will not be authorized to access certain applications [Hollis ‘685, Col. 4 line 47 – Col. 5 line 3, Col. 5 lines 35-54, Col. 6 lines 28-43, Col. 8 line 54 – Col. 9 line 9; Fig. 3, Fig. 4]).

	Smith ‘700 (modified by Winter ‘250 & Jefferies ‘639) and Hollis ‘685 are analogous art because they are from the same field of endeavor, namely that of the evaluation of security, integrity, compliance of devices within a networked system.  For the reasons stated in Claim 11, prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Smith ‘700 (modified by Winter ‘250 & Jefferies ‘639) and Hollis ‘685 before them, to modify the method in Smith ‘700 (modified by Winter ‘250 & Jefferies ‘639) to include the teachings of Hollis ‘685.


Claim 20 is rejected under 35 U.S.C. 103 as being unpatentable over Smith ‘700, in view of Winter ‘250, and further in view of Jefferies ‘639, and further in view of Hollis ‘685, and further in view of Coppinger et al., US 2014/0344009 A1 (hereinafter, Coppinger ‘009).

As per claim 20: Smith ‘700 discloses:
A method, comprising: 

(i) receiving, from an agent executed by the IHS (retrieving, from an onboarding tool executed by the IoT system [Smith ‘700, ¶¶53-54; Fig. 4]), a manifest (a Platform Certificate [Smith ‘700 ¶¶23, 44-46; Fig. 3]) comprising: 
(i) a signature portion (Signature Data portion of the Platform Certificate [Smith ‘700, ¶¶46-48; Fig. 3]) encrypted  (storing Platform Certificate, which comprises the signature data portion, within a blockchain, where the blockchain contains encrypted information, encrypted with encryption keys, within private portions of the blockchain [Smith ‘700, ¶¶80, 175]), and 
(ii) a software identification (SWID) portion (a software identification (SWID) portion of the Platform Certificate [Smith ‘700, ¶¶44, 57, 84-85, 90; Fig. 3, Fig. 6, Fig. 9]) encrypted (storing Platform Certificate, which comprises the SWID portion, within a blockchain, where the blockchain contains encrypted information, encrypted with encryption keys, within private portions of the blockchain [Smith ‘700, ¶¶80, 175]); 
(ii) retrieving the first key (retrieving a manufacturing key, where the manufacturing key is verified along with signature data by a device onboarding tool, to ensure the applicability of an Approved Products List (APL), and where the APL is compared to the Platform Certificate to determine the integrity of an onboarded device, and where the manufacturing key is embedded in secure hardware, such as a Trusted Platform Module (TPM), at the time of manufacturing [Smith ‘700, ¶¶52, 70, 72, 85, 98, 172; Fig. 4])

(Signature Data portion of the Platform Certificate [Smith ‘700, ¶¶46-48; Fig. 3]) 
(a software identification (SWID) portion of the Platform Certificate [Smith ‘700, ¶¶44, 57, 84-85, 90; Fig. 3, Fig. 6, Fig. 9]) 
(vi) performing an attestation of the IHS using the decrypted manifest (performing verification and attestation of the internet of things (IoT) device during onboarding using the Platform Certificate [Smith ‘700; ¶¶63, 65, 85, 98, 103; Fig. 4, Fig. 7])




As stated above, Smith ‘700 does not explicitly disclose: “receiving, at a workspace orchestration service, an indication of a change in a security metric of a workspace instantiated by an Information Handling System (IHS), wherein the indication is received in response to an evaluation service: … a manifest comprising : … portion encrypted with a first key, and … portion encrypted with a second key; (ii) retrieving the first key from a manufacturer database; (iii) retrieving the second key from a customer database; (iv) decrypting the … portion with the first key; (v) decrypting the … portion with the second key; and … wherein the change in the security metric is due, at least in part, to a result of the attestation being different from a previous result of a previous attestation; and in response to receiving the indication, transmitting, by the workspace orchestration service to the IHS, a new workspace definition, wherein the new workspace definition is usable to instantiate the workspace to meet a security target and a productivity target, and wherein the new workspace definition is produced based, at least in part, upon the change in the security metric.”
Winter ‘250, however, discloses:

a manifest (a blob, also referred to as file data [Winter ‘250, ¶16]) comprising : 
… portion encrypted with a first key, and … portion encrypted with a second key (the blob is split into multiple portions, where each portion is encrypted with a unique encryption/decryption key [Winter ‘250, ¶¶21-23]); 
(ii) retrieving the first key from a (retrieving the unique encryption/decryption keys from data stores 164 within the master key storage system 112, where the master key storage 112 system may be a customer database that contains customer keys and customer data [Winter ‘250, ¶¶17, 19-20, 22, 29; Fig. 1]); 
(iv) decrypting the … portion with the first key; (v) decrypting the … portion with the second key (the blob is split into multiple portions, where each portion is decrypted with a unique encryption/decryption key [Winter ‘250, ¶¶17, 21-23, 32); and … 





Smith ‘700 and Winter ‘250 are analogous art because they are from the same field of endeavor, namely that of the encryption/decryption of sensitive data using a plurality of cryptographic keys from different sources. For the reasons stated in Claim 1, prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Smith ‘700 and Winter ‘250 before them, to modify the method in Smith ‘700 to include the teachings of Winter ‘250.

As stated above, Smith ‘700 in view of Winter ‘250 does not explicitly disclose: “receiving, at a workspace orchestration service, an indication of a change in a security metric of a workspace instantiated by an Information Handling System (IHS), wherein the indication is received in response to an evaluation service: … retrieving … from a manufacturer database; … retrieving … from a customer database; … wherein the change in the security metric is due, at least in part, to a result of the attestation being different from a previous result of a previous attestation; and in response to receiving the indication, transmitting, by the workspace orchestration service to the IHS, a new workspace definition, wherein the new workspace definition is usable to instantiate the workspace to meet a security target and a productivity target, and wherein the new workspace definition is produced based, at least in part, upon the change in the security metric.”
Jefferies ‘639, however, discloses:

retrieving … from a manufacturer database (retrieve data from manufacture database system 20 [Jefferies ‘639, ¶¶63-66; Fig. 1]); … 
retrieving … from a customer database (retrieve data from global database system 10, where global database 10 may be a customer database [Jefferies ‘639, ¶¶63, 90-91; Fig. 1]); … 





Smith ‘700 (modified by Winter ‘250) and Jefferies ‘639 are analogous art because they are from the same field of endeavor, namely that of the secure exchange and storage of sensitive data with respect to a plurality of database. For the reasons stated in Claim 1, prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Smith ‘700 (modified by Winter ‘250) and Jefferies ‘639 before them, to modify the method in Smith ‘700 (modified by Winter ‘250) to include the teachings of Jefferies ‘639.

As stated above, Smith ‘700 in view of Winter ‘250, and further in view of Jefferies ‘639 does not explicitly disclose: “receiving, at a workspace orchestration service, an indication of a change in a security metric of a workspace instantiated by an Information Handling System (IHS), wherein the indication is received in response to an evaluation service: … wherein the change in the security metric is due, at least in part, to a result of the attestation being different from a previous result of a previous attestation; and in response to receiving the indication, transmitting, by the workspace orchestration service to the IHS, a new workspace definition, wherein the new workspace definition is usable to instantiate the workspace to meet a security target and a productivity target, and wherein the new workspace definition is produced based, at least in part, upon the change in the security metric.”
Hollis ‘685, however, discloses:
receiving, at a workspace orchestration service (receiving, at a network administrator service [Hollis ‘685, Col. 4 lines 47 – Col. 5 line 3]), an indication of a change in a security metric of a workspace instantiated by an Information Handling System (IHS) (an indication of a change in vulnerability score (also referred to as security metric) of an organization with a plurality networked devices within a system [Hollis ‘685, Col. 2 lines 17-31; Col. 5 lines 10-25, Col. 10 lines 22-37; Fig. 2, Fig. 3]), wherein the indication is received in response to an evaluation service (the indication of a change in the vulnerability score is received in response to a SCAP-compliance evaluation service [Hollis ‘685, Col. 4 lines 4-46]): 
... wherein the change in the security metric is due, at least in part, to a result of the attestation being different from a previous result of a previous attestation (the change in vulnerability score is due to deviations of the compliance profiles of devices within the system from a desired state since the last assessment [Hollis ‘685, Col. 4 lines 4-26, Col. 4 line 47 – Col. 5 line 3, Col. 5 lines 10-25; Fig. 1, Fig. 2]); and 
in response to receiving the indication, transmitting, by the workspace orchestration service to the IHS, a new workspace definition (in response to receiving an indication of a change to the vulnerability score, transmitting, by the network administrator service to the system, a new status for the system within the organization; for example, a vulnerability score under a certain threshold may indicate a ‘failing’ status, in which devices within the system will not be authorized to access certain applications [Hollis ‘685, Col. 4 line 47 – Col. 5 line 3, Col. 5 lines 35-54, Col. 6 lines 28-43, Col. 8 line 54 – Col. 9 line 9; Fig. 3, Fig. 4]), 
wherein the new workspace definition is usable to instantiate the workspace to meet a security target (the new status for the system within the organization is used to meet a score; for example, if the status is currently ‘failing’, then corrective actions may be triggered to adjust a score such that a certain desired score is reached, where a higher score indicates a higher level of security [Col. 5 line 55-Col. 6 line 42, Col. 8 line 54-Col. 9 line 9]) 
and wherein the new workspace definition is produced based, at least in part, upon the change in the security metric (the new status for the system within the organization is produced based upon the change in the vulnerability score [Hollis ‘685, Col. 4 line 47 – Col. 5 line 3, Col. 5 lines 35-54, Col. 6 lines 28-43, Col. 8 line 54 – Col. 9 line 9; Fig. 3, Fig. 4]).

Smith ‘700 (modified by Winter ‘250 & Jefferies ‘639) and Hollis ‘685 are analogous art because they are from the same field of endeavor, namely that of the evaluation of security, integrity, compliance of devices within a networked system.  Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Smith ‘700 (modified by Winter ‘250 & Jefferies ‘639) and Hollis ‘685 before them, to modify the method in Smith ‘700 (modified by Winter ‘250 & Jefferies ‘639) to include the teachings of Hollis ‘685, namely to receive an indication of a changed vulnerability score for a system within an organization based on attestation and on boarding of IoT devices as disclosed in Smith ‘700, where a new status for the system is generated based on the changed vulnerability score, and where the new status may be used to increase the score by triggering corrective actions that increase the score and the overall security of the system. The motivation for doing so would be to have an efficient method of detecting and evaluating changes in the security of a system within an organization, and performing corrective/protective actions for the system in response to the changes. (see Hollis ‘685, Col. 4 lines 4-46, Col. 8 line 54 – Col. 9 line 9).

As stated above, Smith ‘700 in view of Winter ‘250, and further in view of Jefferies ‘639, and further in view of Hollis ‘685 does not explicitly disclose: “… wherein the new workspace definition is usable to instantiate the workspace to meet … a productivity target.” 
Coppinger ‘009, however, discloses:
… wherein the new workspace definition (the desired future state of the end user computing (EUC) system that is based on GRAPE parameters (Governance, Risk, Audit, Productivity, Elasticity) [Coppinger ‘009, ¶55; Fig. 5]) is usable to instantiate the workspace to meet … a productivity target (the desired future EUC state is used to adjust a variety of GRAPE scores, including the productivity score, to meet a desired score in a EUC plan [Coppinger ‘009, ¶¶7-8,45; Fig. 5]).

Smith ‘700 (modified by Winter ‘250 & Jefferies ‘639 & Hollis ‘685) and Coppinger ‘009 are analogous art because they are from the same field of endeavor, namely that of the evaluation of security, integrity, compliance of devices within a networked system.  Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Smith ‘700 (modified by Winter ‘250 & Jefferies ‘639 & Hollis ‘685) and Coppinger ‘009 before them, to modify the method in Smith ‘700 (modified by Winter ‘250 & Jefferies ‘639 & Hollis ‘685) to include the teachings of Coppinger ‘009, namely to indicate a desired future state based on GRAPE parameters, as disclosed in Coppinger ‘009, of a system of IoT devices, as disclosed in Smith ‘700, where the new status for the system is generated based on the changed vulnerability score, and where the desired future state may be used to produce a plan for the system of IoT devices that facilitates the system in meeting a desired productivity score. The motivation for doing so would be to provide a platform that assists in integrating devices into a system, where the platform identifies requirements, such as a level of productivity, that need to be met by the integration, as well as produces plans on how certain parameters may be adjusted to achieve a desired level (see Coppinger ‘009, ¶¶3-5).


Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
Taylor, US 2018/0114000 A1: calculating a cryptographic hash fingerprint of software on a device and sending it to the attestation service to prove it is untampered with. The attestation service then generates a pass or fail attestation result. 
Lattin et al., US 11,080,387 B1: receiving a check value from a computing device, where the check value is based on the software on the computing device. Determining whether the software is authentic based on a comparison of the received check value and the local check value.
Irwan et al., US 10,270,770 B1: issuing authentication challenges to the computing devices requesting enrollment, wherein the challenges are based on the comparison of device security data.
Dyer et al., US 9,258,331 B2: A trust control management method for security; generating a unique ID values based on hardware. Depending on whether the ID values is a match or mismatch, determining if the device is trusted, and can take appropriate alerts and policy actions.
Nord et al., 2014/0164774 A1: using two vault servers, each containing a different key, where the first key or the second key alone only allows to decryption a portion of a file.
 
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ALAN LINGQIAN KONG whose telephone number is (571)272-2646. The examiner can normally be reached Monday-Thursday 8:00am-5:30pm EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, JUNG (JAY) KIM can be reached on (571)272-3804. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/ALAN LINGQIAN KONG/Examiner, Art Unit 2494

/JUNG W KIM/Supervisory Patent Examiner, Art Unit 2494