DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

This office action is in response to applicant’s amendment filed on 08/11/2022.
	Claims 1-4, 7-11, 14-18 and 21-29 are pending and examined.
Response to Arguments
Applicant’s arguments filed on 08/11/2022 have been fully considered but they are moot in light of new grounds of rejection with a new reference (Soni) applied.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-4, 7-11, 14-18, 21-23, 25, 27, 29 are rejected under 35 U.S.C. 103 as being unpatentable over Salmon et al.  (US PGPUB 2017/0270319) hereinafter Salmon, in view of Banginwar et al. (US PGPUB 20110154501) hereinafter Banginwar, in view of Soni et al. (US PGPUB 2015/0089018) hereinafter Soni.
Per claim 1, Salmon discloses “a method for an attestation machine to attest a software executing on a remote machine, the method comprising: receiving, at the attestation machine from a remote server, metadata associated with each of a plurality of software packages for at least one of installation or upgrade, the receiving based on the remote server automatically sending the metadata to the attestation machine when a new software package is added to the remote server” (Fig. 2; paragraph [0035]; a trusted entity (attestation machine) receives checksums (metadata) of a new application from an application developer (remote server), when the new application’s APK file (software package) is made available (newly added) for installation on Android devices (remote machine)); “receiving, at the attestation machine, a request from the remote machine for attestation of the software executing on the remote machine, wherein the remote machine, before sending the request to the attestation machine, connects to an update management server that is responsible for at least one of installing, upgrading, or updating the software on the remote machine; wherein the attestation machine and the remote machine are physically separated machines” (Fig. 2; paragraphs [0035]-[0038]; an android device (the remote machine) first downloads the application package from the developer (server) and installs the application package, then sends the application’s checksums to the trusted entity, requesting the trusted entity for attestation; the developer’s server can be considered as an update management server because it allows installation a new software on a remote machine; paragraph [0032]; the android device (the remote machine) and the trusted entity are physically separated machines, they are connected via internet); “determining, by the attestation machine, whether metadata associated with the software is received from the remote server using the hardware, when the metadata associated with the software is received from the remote server, sending, from the attestation machine, an attestation confirmation message to the remote machine” (Fig. 2; paragraphs [0035]-[0038]; after the trusted entity receives the request from the remote machine, it performs an attestation process (comparing checksums); then sends a confirmation message (a certificate) to the remote machine).
While Salmon discloses a trusted entity (attestation machine) performing attestation process on a client, Salmon does not explicitly teach “wherein the attestation machine has cryptographic hardware which implements cryptographic functions for attestation”. However, Banginwar discloses the above (paragraphs [0008][0009][0021]; providing hardware attestation techniques to attest a given hardware platform for use with a particular software product; a security controller includes an attest module to attest platform signature to the software application; the security controller may provide various security components and capabilities such as secure boot, secure execution environments, secure storage, hardware cryptographic acceleration for various security algorithms and encryption schemes). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine Salmon and Banginwar to include a security controller (cryptographic hardware) in the attestation machine, because the security controller can provide hardware cryptographic acceleration functions to the attestation machine (for better cryptographic performance).
Salmon does not explicitly teach the remote machine “removing the software from the remote server: and receiving, at the attestation machine, a message from the remote server instructing the attestation machine to delete the metadata associated with the software based on the software being removed from the remote server”. However, Soni suggests the above (claims 8 and 11; after a first application is undeployed (removed) from a remote server, a repository receives a command from the remote server for removing metadata associated with the application from the repository). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine Salmon, Banginwar and Soni that after an application is removed from a remote server, the repository (attestation machine) receives a command to delete metadata associated with the application; this would save storage resource on the repository.

Per claim 2, Salmon further suggests “wherein the request from the remote machine comprises at least an event log associated with the software, wherein the event log comprises at least identification data for the software and other metadata” (Fig. 2; paragraphs [0035]-[0038]; an android device (the remote machine) sends the application’s checksums and activation code (identification data) to the trusted entity, requesting the trusted entity for attestation).

Per claim 3, Salmon further suggests “wherein determining whether the metadata associated with the software is received at the remote server comprises: comparing the other metadata received in the request with the metadata received at the remote server using the cryptographic hardware of the attestation machine” (Fig. 2; paragraphs [0035]-[0038]; the trusted entity compares checksums from the remote machine to the checksums received from the developer then sends a confirmation message to the remote machine). Banginwar further suggests (paragraphs [0008][0009][0021]; a security controller providing hardware cryptographic acceleration for various security algorithms and encryption schemes).

Per claim 4, Salmon further suggests “wherein the metadata associated with each of the plurality of software packages comprises a name and a corresponding hash for each file belonging to the associated software package, and is signed by a software distributor of each software package” (Fig. 2; paragraphs [0035]-[0038]; an android device (the remote machine) sends the application’s checksums (signed by software developer) and activation code (identification data) to the trusted entity, requesting the trusted entity for attestation; (official notice: it would have been obvious that the checksums and activation code are associated with application name, so trusted entity is informed which application is the attestation for)).

Per claim 7, Salmon further suggests “wherein the software comprises one of an operating system software, firmware, or an application executing on the remote machine” (Fig. 2; paragraphs [0035]-[0038]; application to install on the remote machine).

Per claim 21, Salmon further suggests “wherein the remote server stores each new software package added to the remote server” (Fig. 2; paragraph [0035]; a trusted entity (attestation machine) receives checksums (metadata) of a new application from an application developer (remote server), when the new application’s APK file (software package) is made available (newly added) for installation on Android devices (remote machine); thus, application developer (remote server) stores the new software package for distribution).

Per claim 25, Salmon further suggests “wherein the remote machine comprises additional cryptographic hardware to assist with the attestation” (Fig. 2; paragraphs [0035][0040]; the android device (remote machine) checks the integrity of the ODEX or ELF by calculating a checksum for the ODEX or ELF and comparing it to the signed ODEX or ELF checksum (utilizing hardware to perform cryptographic functions)).

Claims 8-11, 14, 22 and 27 are rejected under similar rationales as claims 1-4, 7, 21 and 25.
Claims 15-18, 23 and 29 are rejected under similar rationales as claims 1-4, 7, 21 and 25.

Claims 24, 26 and 28 are rejected under 35 U.S.C. 103 as being unpatentable over Salmon, in view of Banginwar, in view of Soni, and in view of Takekawa et al. (US PGPUB 2009/0271637) hereinafter Takekawa.

Per claim 24, Salmon does not explicitly teach “replaying, via the cryptographic hardware of the attestation machine, events of the event log associated with the software to create one or more hashes; and comparing the hashes to signed hashes in the other metadata received from the remote server”. However, Takekawa suggests the above (paragraphs [0012][0023][0024][0096][0113]; verification of entries in an event log; a cumulative storage section that holds accumulation of entries (replaying events of an event log associated with an application); computes a cumulative hash from the entries of the log; checks the computed cumulative hash against the received cumulative hash (received signed hash)). Banginwar further suggests using cryptographic hardware for attestation (paragraphs [0008][0009][0021]; a security controller providing hardware cryptographic acceleration for various security algorithms and encryption schemes). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine Salmon, Banginwar, Soni and Takekawa to verify an event log by comparing computed hashes against received signed hashes, this would ensure the integrity and prevent tempering of the event log.

Claims 26 and 28 are rejected under similar rationales as claim 24.

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to HANG PAN whose telephone number is (571)270-7667. The examiner can normally be reached 9 AM to 5 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Chat Do can be reached on 571-272-3721. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




/HANG PAN/Primary Examiner, Art Unit 2193