Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
This action is in response to the correspondence filed 11/23/2020.
Claims 1-20 are presented for examination.

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Claims 1-20 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-20 of U.S. Patent No. 10,848,474. Although the claims at issue are not identical, they are not patentably distinct from each other because each of the claim limitations of claims 1, 10 and 17 of the present application are anticipated by each of the claim limitations of claims 1, 10 and 16 of U.S. Patent No. 10,848,474.

Claim Interpretation
The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof. 

The following is a quotation of pre-AIA  35 U.S.C. 112, sixth paragraph:
An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.

The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art.  The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the description in the specification when 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is invoked.
As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph:
(A)	the claim limitation uses the term “means” or “step” or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function; 
(B)	the term “means” or “step” or the generic placeholder is modified by functional language, typically, but not always linked by the transition word “for” (e.g., “means for”) or another linking word or phrase, such as “configured to” or “so that”; and 
(C)	the term “means” or “step” or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function. 
Use of the word “means” (or “step”) in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites sufficient structure, material, or acts to entirely perform the recited function.
Absence of the word “means” (or “step”) in a claim creates a rebuttable presumption that the claim limitation is not to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is not interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites function without reciting sufficient structure, material or acts to entirely perform the recited function. 
Claim limitations in this application that use the word “means” (or “step”) are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. Conversely, claim limitations in this application that do not use the word “means” (or “step”) are not being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action.
This application includes one or more claim limitations that do not use the word “means,” but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, because the claim limitation(s) uses a generic placeholder that is coupled with functional language without reciting sufficient structure to perform the recited function and the generic placeholder is not preceded by a structural modifier.  Such claim limitations are: “the processing device to…” in claims 10, 15 and 16.
Because these claim limitations are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, they are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof.
If applicant does not intend to have these limitations interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, applicant may:  (1) amend the claim limitations to avoid them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph (e.g., by reciting sufficient structure to perform the claimed function); or (2) present a sufficient showing that the claim limitations recite sufficient structure to perform the claimed function so as to avoid them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 10-16 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
As to claims 10, 15 and 16, the claim limitations “the processing device to…” invokes 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. However, the written description fails to disclose the corresponding structure, material, or acts for performing the entire claimed function and to clearly link the structure, material, or acts to the function. Therefore, the claim is indefinite and is rejected under 35 U.S.C. 112(b) or pre-AIA  35 U.S.C. 112, second paragraph.
Applicant may:
(a)        Amend the claim so that the claim limitation will no longer be interpreted as a limitation under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph; 
(b)        Amend the written description of the specification such that it expressly recites what structure, material, or acts perform the entire claimed function, without introducing any new matter (35 U.S.C. 132(a)); or 
(c)        Amend the written description of the specification such that it clearly links the structure, material, or acts disclosed therein to the function recited in the claim, without introducing any new matter (35 U.S.C. 132(a)).
If applicant is of the opinion that the written description of the specification already implicitly or inherently discloses the corresponding structure, material, or acts and clearly links them to the function so that one of ordinary skill in the art would recognize what structure, material, or acts perform the claimed function, applicant should clarify the record by either: 
(a)        Amending the written description of the specification such that it expressly recites the corresponding structure, material, or acts for performing the claimed function and clearly links or associates the structure, material, or acts to the claimed function, without introducing any new matter (35 U.S.C. 132(a)); or 
(b)        Stating on the record what the corresponding structure, material, or acts, which are implicitly or inherently set forth in the written description of the specification, perform the claimed function. For more information, see 37 CFR 1.75(d) and MPEP §§ 608.01(o) and 2181.
As to claims 11-14, claims 11-14 do not cure the deficiency of claim 10 and are rejected under 35 USC § 112 for their dependency upon claim 10.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 1-7 and 9-20 are rejected under 35 U.S.C. 103 as being unpatentable over US 10,379,894 to Cruz Oliveira Queiros et al. (hereinafter Cruz) (located on Applicant’s IDS) in view of US 2014/0075522 to Paris et al. (hereinafter Paris) (located on Applicant’s IDS) in view of US 2014/0096134 to Barak et al. (hereinafter Barak) (located on Applicant’s IDS) in further view of US 2019/0108007 to Hia et al. (hereinafter Hia) (located on Applicant’s IDS).
As to claims 1, 10 and 17, Cruz teaches a method comprising: initiating a boot process to launch a virtual machine on a host machine (FIG. 5, box 318 and Col 9, lines 27-29, request to launch virtual machine); authenticating the virtual machine (Col 9, line 58 to Col 10, line 4, validation process for validating the virtual machine); and completing the boot process to launch the virtual machine (Col 10, lines 5-7 launching the virtual machine).
Cruz does not explicitly teach wherein the virtual machine is associated with a first firmware; authenticating the virtual machine with an external server using the first firmware; receiving, from the external server, secret data associated with the virtual machine; and completing the boot process to launch the virtual machine using the secret data.
However, Paris teaches wherein the virtual machine is associated with a first firmware (FIG. 1, VTPM paragraphs 14 and 20; further wherein the VTPM is made of firmware as described in paragraphs 15 and 16); authenticating the virtual machine with an external server using the first firmware (paragraph 20, VM is authenticated by authentication server using credentials sent by the VTPM); receiving, from the external server, secret data associated with the virtual machine (paragraphs 21 and 22, secret associated with VM is sent from the authentication server); and completing the boot process to launch the virtual machine using the secret data (paragraphs 21 and 22, wherein the secret data is used to enable the VM).
It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify the teachings of Cruz to include the method of verifying virtual machines as taught by Paris in order to eliminate or reduce the use of compromised virtual machines or prevent use of its compromised or malicious firmware or applications.
Cruz and Paris do not explicitly teach wherein the secret data is encrypted with an encryption key.
However, Barak teaches secret data being encrypted with an encryption key (paragraphs 46 and 59 sensitive data is encrypted).
It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify the teachings of Cruz and Paris to include the method of encrypting secret data as taught by Barak in order to prevent unauthorized users and/or programs from reading or gaining access to the secret data, therefore increasing the overall security of the system.
Cruz, Paris and Barak do not explicitly teach responsive to authenticating a second firmware using the first firmware, completing the boot process.
However, Hia teaches responsive to authenticating a second firmware using the first firmware, completing the boot process (paragraphs 50 and 52, the information handling system firmware [IHSFW] authenticates the second firmware after it is loaded onto the HIS to complete the process).
It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify the teachings of Cruz, Paris and Barak to include the method of authenticating a second firmware using a first firmware as taught by Hia in order to prevent the use of compromised or malicious firmware or applications which may be loaded or downloaded after launch and/or booting of the system.
As to claims 2, 11 and 18, Paris teaches wherein the first firmware is designated to authenticate the virtual machine with the external server and to authenticate the second firmware (paragraph 20, the firmware is designated to authenticate the VM with the external server as it performs the function of authenticating with the external server [further as discussed above with Hia, the first firmware is designated to authenticate the second firmware as it performs the function of authenticating the second firmware]).
As to claim 3, 12 and 19, Hia teaches wherein the second firmware corresponds to at least one of a Basic Input/Output System (BIOS) firmware or an United Extensible Firmware Interface (UFEI) (paragraph 31, information handling system firmware [IHSFW] includes one or more of a basic input/output system [BIOS] … a Unified Extensible Firmware Interface [UEFI]).
As to claims 4, 13 and 20, Paris teaches wherein authenticating the virtual machine using the first firmware comprises: obtaining, using the first firmware, a measurement indicating a state of the virtual machine; and transmitting the measurement to the external server (paragraphs 18-20, 24 and 25, TP credentials sent to the authentication server wherein the TP credentials are generated by measuring objects to determine or capture integrity of certain software and/or virtual hardware installed in the VM).
As to claims 5 and 14, Paris teaches wherein the measurement indicating the state of the virtual machine comprises a hash of contents of a memory associated with the virtual machine (paragraph 24, hash sums of files or data).
As to claims 6 and 15, Paris teaches receiving, from the external server, an indication that the measurement is not valid; and terminating the boot process to launch the virtual machine on the host machine (paragraph 30, authentication server is not able to match the signed call, then the authentication server may send a null response).
As to claims 7 and 16, Paris teaches responsive to receiving the secret data associated with the virtual machine, loading the second firmware onto the host machine (paragraph 22, wherein the process only continues after receiving the secret data to enable the function or process of the VM, therefore in view of the process discussed above, the enabling of the VM by the received secret data includes loading the second firmware).

As to claim 9, Paris teaches wherein the secret data comprises another encryption key to be used to boot the virtual machine on the host machine (paragraph 27, secret includes cryptographic keys for IPSEC VPN, keys for decrypting a virtual disk, keys for decrypting a database, keys for enabling the startup of an application, etc.).

Claim 8 is rejected under 35 U.S.C. 103 as being unpatentable over Cruz in view of Paris in view of Barak in view of Hia in further view of US 9,852,299 to Nellitheertha et al. (hereinafter Nellitheertha) (located on Applicant’s IDS).
As to claim 8, although Hia teaches authenticating the second firmware using the first firmware, Cruz, Paris, Barak and Hia do not explicitly teach wherein authenticating the second firmware using the first firmware comprises at least one of: determining, using the first firmware, whether the second firmware is signed by a predetermined entity; or determining, using the first firmware, whether the second firmware is signed using a predetermined key.
However, Nellitheertha teaches determining, using the first firmware, whether the second firmware is signed by a predetermined entity (Col 4, lines 14-37, signing key is secure with the program’s author); or determining, using the first firmware, whether the second firmware is signed using a predetermined key (Col 4, lines 14-37, verifiable signature using the public key).
It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify the teachings of Hia to include the firmware being signed by a predetermined entity as taught by Nellitheertha in order to eliminate or reduce the tampering of the firmware by malware.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MALCOLM CRIBBS whose telephone number is (571)270-1566. The examiner can normally be reached Monday-Friday 930a-330p; 430p-630p.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Hadi Armouche can be reached on (571)270-3618. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

MALCOLM . CRIBBS
Examiner
Art Unit 2497



/MALCOLM CRIBBS/Primary Examiner, Art Unit 2497