Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This action is in reply to papers filed on 06/10/2021. Claims 1-22 are pending. Claims 1, 7, 15, and 21 are independent.

Priority
Acknowledgment is made of applicant’s claim for domestic benefit under 35 U.S.C. 119 (e). This application claims the domestic benefit of U.S. provisional patent application 63/033,777 filed on 06/02/2020. 


Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.

Claims 1-4, 6-7, 9-10, 12-13, 15-16, 18-19, and 21-22 are rejected under 35 U.S.C. 103 as being unpatentable over Potlapally et al., US 9,147,086 B1 (hereafter, “Potlapally ‘086”), in view of Suryanarayana et al., US 2018/0268146 A1 (hereinafter, “Suryanarayana ‘146”), and further in view of Divakarla, US 2016/0246637 A1, (hereinafter, “Divakarla ‘637”) 

As per claim 1: Potlapally ‘086 discloses:
	A system for facilitating boot-specific key access in a virtual device platform (a system for providing access to security attributes 118, such as cryptographic keys, within a virtualized computing environment 101 using boot firmware measurements [Potlapally ‘086, Col. 2 lines 17-38, Col. 3 line 39-Col. 4 line 13; Fig. 1]), the system comprising: 
a virtual device platform including circuitry (virtualized computing environment 101 [Potlapally ‘086, Col. 3 lines 39-56; Fig. 1]) configured to: 
(a request to boot and provision a virtual machine 103 within a host computing device 102 for user 113 [Potlapally ‘086, Col. 2 line 61-Col. 3 line 11, Col. 11 lines 31-40; Fig. 1, Fig. 6]); 
generate a first boot record (generate and record a first boot firmware measurement of a host computing device 102 comprising a virtual machine 103, where the boot firmware measurement is associated with the booting of the virtual machine [Potlapally ‘086, Col. 3 lines 63-66, Col. 5 lines 62-65, Col. 6 lines 46-55, Col. 11 lines 7-21; Fig. 1, Fig. 6]); 
generate a second boot record (generate and record a second boot firmware measurement of a host computing device 102 comprising a virtual machine 103, where the boot firmware measurement is associated with the booting of the virtual machine [Potlapally ‘086, Col. 6 lines 25-33, Col. 11 lines 41-54, Col. 12 lines 4-16; Fig. 1, Fig. 6]); 
obtain a (obtain a verification from the Trusted Computing (TC) Host 114 in response to a match between the first boot firmware measurement and the second boot firmware measurement [Potlapally ‘086, Col. 11 line 55-Col. 12 line 3; Fig. 6]); 
obtain an (obtain a key derived from the boot firmware measurement in response to a verification of a match between the first boot firmware measurement and the second boot firmware measurement, where the key may be used to access private information/security attributes 118 [Potlapally ‘086, Col. 6 lines 39-45, Col. 12 lines 19-28; Fig. 1]); and 
obtain, from a cryptographic processor, authorization to access a key in response to a verification of the (in response to a valid key derived from the matching boot firmware measurements, granting access to information/security attributes 118 within the TC Host 114, where the private information/security attributes 118 may be cryptographic keys from a cryptographic accelerator within the TC Host 114 [Potlapally ‘086, Col. 3 lines 57-63, Col. 4 lines 31-45, Col. 6 lines 39-45, Col. 10 lines 47-59, Col. 12 lines 45-62; Fig. 1, Fig. 6, Fig. 7A]).

Potlapally ‘086, as stated above, does not explicitly disclose: “generate a boot marker including a boot identifier in response to a request …; … including the boot identifier and a first boot process identifier, the first boot process identifier being associated with …; … including the boot identifier and a second process identifier, the second process identifier being associated with …; obtain a dynamic credential in response to a match …; obtain an identity certificate, the identity certificate including an identifier of the virtual device and the identity certificate being generated in response to a verification of the dynamic credential; and obtain … authorization … in response to a verification of the identity certificate …”.
Suryanarayana ‘146, however, discloses:
generate a request … (in response to a request to boot a virtual machine 202 to access software stored on hardware 260, such as a service software, generate a boot signature [Suryanarayana ‘146, ¶¶30-31, 45; Fig. 2, Fig. 6]);
… including the boot identifier (obtaining a boot signature from a signature database, also referred to as certificate database (CDB) 119, 274, where the boot signature may be a secure signature [Suryanarayana ‘146, ¶¶27, 31, 45; Fig. 2, Fig. 6]) 
… including the boot identifier (obtaining a boot signature from a certificate management module (CMM) 212 within virtual machine 202 [Suryanarayana ‘146, ¶¶31, 45; Fig. 2, Fig. 6]) 
obtain a dynamic credential in response to a match … (obtain a dynamically generated unlock key in response to a match between the boot signature from the CMM 212 within virtual machine 202 and the boot signature from the CDB 119, 274 [Suryanarayana ‘146, ¶¶30-31, 45; Fig. 6]); 
obtain an identity certificate, the identity certificate including an identifier of the virtual device and the identity certificate being generated in response to a verification of the dynamic credential (in response to validating the dynamically generated unlock key, generating a signed certificate, as well as a session identification, where the signed certificate includes security credentials that identifies the virtual machine 202 [Suryanarayana ‘146, ¶¶33, 46; Fig. 6]); and 
obtain … authorization … in response to a verification of the identity certificate … (in response to a verification of the signed certificate, authorizing access for the virtual machine 202 to the corresponding software stored on hardware 260 [Suryanarayana ‘146, ¶¶33, 46; Fig. 6])

Potlapally ‘086 and Suryanarayana ‘146 are analogous art because they are from the same field of endeavor, namely that of the management of secure virtual devices. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Potlapally ‘086 and Suryanarayana ‘146 before them, to modify the method in Potlapally ‘086 to include the teachings of Suryanarayana ‘146, namely to generate and include a boot signature, as disclosed in Suryanarayana ‘146, within the boot firmware measurement of the virtual machine 103, as disclosed in Potlapally ‘086; and to a implement multi-layer authentication process using a dynamically generated unlock key and a signed certificate, as disclosed in of Suryanarayana ‘146, to access private information/security attributes 118, as disclosed in Potlapally ‘086, where the dynamically generated unlock key is incorporated into the verification response of Potlapally ‘086, and where the key derived from the boot firmware measurement of Potlapally ‘086 is implemented as the signed certificate. The motivation for doing so would be to decrease the likelihood of security breaches by compromised virtual machines by using a plurality of credentials, such as the boot signature, the dynamically generated unlock key, and the signed certificate, which must all be verified determine the identity and integrity of a virtual machine requesting to access secure data (see Suryanarayana ‘146, ¶¶3-4, 7).

Potlapally ‘086 in view of Suryanarayana ‘146, as stated above, does not explicitly disclose: “generate a boot marker including a boot identifier in response to a request …; and a first boot process identifier, the first boot process identifier being associated with …; … including the boot identifier and a second process identifier, the second process identifier being associated with …”.
Divakarla ‘637, however, discloses:
generate a boot marker including a boot identifier in response to a request … (in response to a request to boot a virtual machine, generate identifying information of the virtual machine, where the identifying information include hashes of components involved in the boot process of the virtual machine, and where the hashes include a hash of a master boot record (MBR) which identifies the boot [Divakarla ‘637, ¶¶18, 21-22, 28])
… including the boot identifier and a first boot process identifier, the first boot process identifier being associated with … (obtaining identifying information from a whitelist 128, where the where the identifying information include hashes of components involved in the boot process, and where the hashes include a hash of the MBR which identifies the boot, and hashes of information which identify the boot process such as hashes of GRUB entries, operating system files, device drivers, and other appropriate components of the boot process [Divakarla ‘637, ¶¶18-19; Fig. 3]); 
… including the boot identifier and a second process identifier, the second process identifier being associated with … (obtaining identifying information from an identifying information storage 130, where the where the identifying information include hashes of components involved in the boot process, and where the hashes include a hash of the MBR which identifies the boot, and hashes of information which identify the boot process such as hashes of GRUB entries, operating system files, device drivers, and other appropriate components of the boot process; determining if the retrieved identifying information is a match [Divakarla ‘637, ¶¶16, 22-24; Fig. 3, Fig. 4])

Potlapally ‘086 (modified by Suryanarayana ‘146) and Divakarla ‘637 are analogous art because they are from the same field of endeavor, namely that of the management of secure virtual devices. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Potlapally ‘086 (modified by Suryanarayana ‘146) and Divakarla ‘637 before them, to modify the method in Potlapally ‘086 (modified by Suryanarayana ‘146) to include the teachings of Divakarla ‘637, namely to implement a set of identifying information, as disclosed in Divakarla ‘637, that includes a variety of information relating to the booting of the virtual machine, such as a boot signature, as disclosed in Suryanarayana ‘146, and hashes of information which identify the boot process such as hashes of GRUB entries, operating system files, device drivers, and other appropriate components of the boot process, as disclosed in Divakarla ‘637, where the identifying information may be incorporated into the boot firmware measurement of the virtual machine 103, as disclosed in Potlapally ‘086. The motivation for doing so would be to decrease the likelihood of security breaches by compromised virtual machines by providing detailed information regarding the identity of the requesting virtual machine and the associated boot process, where the identifying information is then verified (see Divakarla ‘637, ¶¶4, 10-11).

As per claim 2: Potlapally ‘086 in view of Suryanarayana ‘146 and further in view of Divakarla ‘637 discloses all limitations of claim 1, as stated above, from which claim 2 is dependent upon. Furthermore, Potlapally ‘086 discloses:
(a request includes information associated with the booting of the virtual machine 105, on the host computing device 102, and information about the requested cryptographic service on the TC Host 114 of the virtualized computing environment 101 [Potlapally ‘086, Col. 3 line 39-Col. 4 line 13, Col. 4 lines 46-59, Col. 10 lines 47-59, Col. 11 line 31-40]).

As stated above, Potlapally ‘086 in view of Suryanarayana ‘146 does not explicitly disclose: “wherein the boot marker includes information related to …”.
Divakarla ‘637, however, discloses: 
wherein the boot marker includes information related to … (the identifying information includes components involved in the boot process of the virtual machine that may be hashed can include a master boot record (MBR), GRUB entries, operating system files, devices drivers, and other appropriate components of the boot process, where the virtual machine may invoke software or cloud-computing upon completion of boot [Divakarla ‘637, ¶¶2, 11, 22])

Potlapally ‘086 (modified by Suryanarayana ‘146) and Divakarla ‘637 are analogous art because they are from the same field of endeavor, namely that of the management of secure virtual devices. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Potlapally ‘086 (modified by Suryanarayana ‘146) and Divakarla ‘637 before them, to modify the method in Potlapally ‘086 (modified by Suryanarayana ‘146) to include the teachings of Divakarla ‘637, namely to include information relating to the requested cryptographic service on the virtualized computing environment 101, as disclose in Potlapally ‘086, within the identifying information of Divakarla ‘637. The motivation for doing so would be to decrease the likelihood of security breaches by compromised virtual machines by providing detailed information regarding the identity of the requesting virtual machine and the associated boot process, where the identifying information is then verified (see Divakarla ‘637, ¶¶4, 10-11).

As per claim 3: Potlapally ‘086 in view of Suryanarayana ‘146 and further in view of Divakarla ‘637 discloses all limitations of claim 1, as stated above, from which claim 3 is dependent upon. Furthermore, Potlapally ‘086 discloses:
	wherein the authorization to access the key is an authorization to allow the virtual device to access and use the key for cryptographic operations (authorization to access the cryptographic key is authorization to allow the virtual machine 105 and the corresponding Host Computing Device 102 to use the key for cryptographic services [Potlapally ‘086, Col. 3 lines 57-63, Col. 4 lines 31-59, Col. 9 line 60-Col. 10 line 9, Col. 12 lines 29-44; Fig. 7A, Fig. 7B]).

As per claim 4: Potlapally ‘086 in view of Suryanarayana ‘146 and further in view of Divakarla ‘637 discloses all limitations of claim 1, as stated above, from which claim 4 is dependent upon. Furthermore, Potlapally ‘086 discloses:
	wherein the first boot record expires after a predetermined amount of time, and wherein the circuitry is configured to compare the first boot record and the second boot record prior to an expiration of the predetermined amount of time (after an expiration of a certain time interval, the boot firmware measurement may be re-measured and compared to the second boot firmware measurement, where the re-measuring and comparing operation may be repeated periodically, and where the re-measuring and comparing is completed prior to the expiration of the instant time interval [Potlapally ‘086, Col. 6 lines 25-35, Col. 11 line 55-Col. 12 line 3]).

As per claim 6: Potlapally ‘086 in view of Suryanarayana ‘146 and further in view of Divakarla ‘637 discloses all limitations of claim 1, as stated above, from which claim 6 is dependent upon. Furthermore, Potlapally ‘086 discloses:
	wherein the key is generated by the cryptographic processor and stored in a memory associated with the virtual device platform (the TC host 114 on a virtualized computing environment 101 generating cryptographic keys, using a cryptographic accelerator, and storing the cryptographic keys in memory partitions 115 [Potlapally ‘086, Col. 3 lines 50-63, Col. 4 lines 8-13, Col. 4 lines 31-45, Col. 10 lines 60-65, Col. 12 line 50-62; Fig. 1, Fig. 7A]).

As per claim 7: Potlapally ‘086 discloses:
	A method for facilitating boot-specific key access (a method for providing access to security attributes 118, such as cryptographic keys, within a virtualized computing environment 101 using boot firmware measurements [Potlapally ‘086, Col. 2 lines 17-38, Col. 3 line 39-Col. 4 line 13; Fig. 1]), the method comprising: 
(a request to boot and provision a virtual machine 103 within a host computing device 102 for user 113 [Potlapally ‘086, Col. 2 line 61-Col. 3 line 11, Col. 11 lines 31-40; Fig. 1, Fig. 6]); 
obtaining a first boot record (generate and record a first boot firmware measurement of a host computing device 102 comprising a virtual machine 103, where the boot firmware measurement is associated with the booting of the virtual machine [Potlapally ‘086, Col. 3 lines 63-66, Col. 5 lines 62-65, Col. 6 lines 46-55, Col. 11 lines 7-21; Fig. 1, Fig. 6]); 
generating a second boot record (generate and record a second boot firmware measurement of a host computing device 102 comprising a virtual machine 103, where the boot firmware measurement is associated with the booting of the virtual machine [Potlapally ‘086, Col. 6 lines 25-33, Col. 11 lines 41-54, Col. 12 lines 4-16; Fig. 1, Fig. 6]); 
comparing the first boot record and the second boot record and obtaining an (comparing the first boot firmware measurement and the second boot firmware measurement, where in response to a match, obtain a verification response from the Trusted Computing (TC) Host 114 and a key derived from the boot firmware measurement [Potlapally ‘086, Col. 6 lines 39-45, Col. 11 line 55-Col. 12 line 3, Col. 12 lines 19-28; Fig. 1, Fig. 6]); and
obtaining, from a cryptographic processor, authorization to use a key in response to a verification of the (in response to a valid key derived from the matching boot firmware measurements, granting access to information/security attributes 118 within the TC Host 114, where the private information/security attributes 118 may be cryptographic keys from a cryptographic accelerator within the TC Host 114 [Potlapally ‘086, Col. 3 lines 57-63, Col. 4 lines 31-45, Col. 6 lines 39-45, Col. 10 lines 47-59, Col. 12 lines 45-62; Fig. 1, Fig. 6, Fig. 7A]).

Potlapally ‘086, as stated above, does not explicitly disclose: “generating a boot identifier in response to a request …; obtaining … including the boot identifier and a first boot process identifier, the first boot process identifier being associated with …; … including the boot identifier and a second process identifier, the second process identifier being associated with …; comparing … and obtaining an identity certificate in response to a match …, the identity certificate including an identifier of the virtual device; and obtaining … authorization … in response to a verification of the identity certificate …”.
Suryanarayana ‘146, however, discloses:
generating a boot identifier in response to a request … (in response to a request to boot a virtual machine 202 to access software stored on hardware 260, such as a service software, generate a boot signature [Suryanarayana ‘146, ¶¶30-31, 45; Fig. 2, Fig. 6]); 
obtaining … including the boot identifier (obtaining a boot signature from a signature database, also referred to as certificate database (CDB) 119, 274, where the boot signature may be a secure signature [Suryanarayana ‘146, ¶¶27, 31, 45; Fig. 2, Fig. 6])  
… including the boot identifier (obtaining a boot signature from a certificate management module (CMM) 212 within virtual machine 202 [Suryanarayana ‘146, ¶¶31, 45; Fig. 2, Fig. 6])  
comparing … and obtaining an identity certificate in response to a match …, the identity certificate including an identifier of the virtual device (obtain a dynamically generated unlock key in response to a match between the boot signature from the CMM 212 within virtual machine 202 and the boot signature from the CDB 119, 274, and where in response to validating the dynamically generated unlock key, generating a signed certificate, as well as a session identification, where the signed certificate includes security credentials that identifies the virtual machine 202 ([Suryanarayana ‘146, ¶¶30-31, 33, 45-46; Fig. 6]); and 
obtaining … authorization … in response to a verification of the identity certificate … (in response to a verification of the signed certificate, authorizing access for the virtual machine 202 to the corresponding software stored on hardware 260 [Suryanarayana ‘146, ¶¶33, 46; Fig. 6]).

Potlapally ‘086 and Suryanarayana ‘146 are analogous art because they are from the same field of endeavor, namely that of the management of secure virtual devices. For the reasons stated in claim 1, prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Potlapally ‘086 and Suryanarayana ‘146 before them, to modify the method in Potlapally ‘086 to include the teachings of Suryanarayana ‘146.

Potlapally ‘086 in view of Suryanarayana ‘146, as stated above, does not explicitly disclose: “obtaining … including the boot identifier and a first boot process identifier, the first boot process identifier being associated with …; … including the boot identifier and a second process identifier, the second process identifier being associated with …”.
Divakarla ‘637, however, discloses:
obtaining … including the boot identifier and a first boot process identifier, the first boot process identifier being associated with … (obtaining identifying information from a whitelist 128, where the where the identifying information include hashes of components involved in the boot process, and where the hashes include a hash of the MBR which identifies the boot, and hashes of information which identify the boot process such as hashes of GRUB entries, operating system files, device drivers, and other appropriate components of the boot process [Divakarla ‘637, ¶¶18-19; Fig. 3]); 
… including the boot identifier and a second process identifier, the second process identifier being associated with … (obtaining identifying information from an identifying information storage 130, where the where the identifying information include hashes of components involved in the boot process, and where the hashes include a hash of the MBR which identifies the boot, and hashes of information which identify the boot process such as hashes of GRUB entries, operating system files, device drivers, and other appropriate components of the boot process; determining if the retrieved identifying information is a match [Divakarla ‘637, ¶¶16, 22-24; Fig. 3, Fig. 4]).

Potlapally ‘086 (modified by Suryanarayana ‘146) and Divakarla ‘637 are analogous art because they are from the same field of endeavor, namely that of the management of secure virtual devices. For the reasons stated in claim 1, prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Potlapally ‘086 (modified by Suryanarayana ‘146) and Divakarla ‘637 before them, to modify the method in Potlapally ‘086 (modified by Suryanarayana ‘146) to include the teachings of Divakarla ‘637.

As per claim 9: Potlapally ‘086 in view of Suryanarayana ‘146 and further in view of Divakarla ‘637 discloses all limitations of claim 7, as stated above, from which claim 9 is dependent upon. Furthermore, Potlapally ‘086 discloses:
	wherein the first boot record is obtained from a hypervisor of a virtual device platform (boot firmware measurements are retrieved from virtual machines 105, where the virtual machines 105 are hosted on a hypervisor within the virtual computing environment 101 [Potlapally ‘086, Col. 3 lines 1-11, Col. 3 lines 39-66; Fig. 1]).

As per claim 10: Potlapally ‘086 in view of Suryanarayana ‘146 and further in view of Divakarla ‘637 discloses all limitations of claim 7, as stated above, from which claim 10 is dependent upon. Furthermore, Potlapally ‘086 discloses:
	generating (generating a request that includes information associated with the booting of the virtual machine 105, on the host computing device 102, and information about the requested cryptographic service on the TC Host 114 of the virtualized computing environment 101 [Potlapally ‘086, Col. 3 line 39-Col. 4 line 13, Col. 4 lines 46-59, Col. 10 lines 47-59, Col. 11 line 31-40]), 
wherein the first boot record includes (the boot firmware measurement includes a summary of the configuration of the virtual machine 105 and the corresponding Host Computing Device 102 [Potlapally ‘086, Col. 6 lines 59-62, Col. 11 lines 7-21; Fig. 1]) 

As stated above, Potlapally ‘086 in view of Suryanarayana ‘146 does not explicitly disclose: “generating a boot marker that includes information … wherein the … includes … the boot marker.”
Divakarla ‘637, however, discloses:
generating a boot marker that includes information related to … (generating identifying information that includes components involved in the boot process of the virtual machine that may be hashed can include a master boot record (MBR), GRUB entries, operating system files, devices drivers, and other appropriate components of the boot process, where the virtual machine may invoke software or cloud-computing upon completion of boot [Divakarla ‘637, ¶¶2, 11, 22]) wherein the … includes … the boot marker (obtaining identifying information from a whitelist 128, where the where the identifying information include hashes of components involved in the boot process, and where the hashes include a hash of the MBR which identifies the boot, and hashes of information which identify the boot process such as hashes of GRUB entries, operating system files, device drivers, and other appropriate components of the boot process [Divakarla ‘637, ¶¶18-19; Fig. 3]).

Potlapally ‘086 (modified by Suryanarayana ‘146) and Divakarla ‘637 are analogous art because they are from the same field of endeavor, namely that of the management of secure virtual devices. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Potlapally ‘086 (modified by Suryanarayana ‘146) and Divakarla ‘637 before them, to modify the method in Potlapally ‘086 (modified by Suryanarayana ‘146) to include the teachings of Divakarla ‘637, namely to include information relating to the requested cryptographic service on the virtualized computing environment 101, as disclose in Potlapally ‘086, within the identifying information of Divakarla ‘637; and to incorporate the identifying information within the boot firmware measurement, as disclosed in Potlapally ‘086, where the identifying information may also include a boot signature, as disclosed in by Suryanarayana ‘146, a hash of the MBR which identifies the boot, and hashes of information which identify the boot process such as hashes of GRUB entries, operating system files, device drivers, and other appropriate components of the boot process. The motivation for doing so would be to decrease the likelihood of security breaches by compromised virtual machines by providing detailed information regarding the identity of the requesting virtual machine and the associated boot process, where the identifying information is verified and used to ensure the integrity of the virtual machine (see Divakarla ‘637, ¶¶4, 10-11).


As per claim 12: Potlapally ‘086 in view of Suryanarayana ‘146 and further in view of Divakarla ‘637 discloses all limitations of claim 7, as stated above, from which claim 12 is dependent upon. Furthermore, Potlapally ‘086 discloses:
	wherein the authorization to use the key is an authorization to allow the virtual device to access and use the key for cryptographic operations (authorization to access the cryptographic key is authorization to allow the virtual machine 105 and the corresponding Host Computing Device 102 to use the key for cryptographic services [Potlapally ‘086, Col. 3 lines 57-63, Col. 4 lines 31-59, Col. 9 line 60-Col. 10 line 9, Col. 12 lines 29-44; Fig. 7A, Fig. 7B]).

As per claim 13: Potlapally ‘086 in view of Suryanarayana ‘146 and further in view of Divakarla ‘637 discloses all limitations of claim 7, as stated above, from which claim 13 is dependent upon. Furthermore, Potlapally ‘086 discloses:
	wherein the first boot record expires after a predetermined amount of time, and wherein the first boot record and the second boot record are compared prior to an expiration of the predetermined amount of time (after an expiration of a certain time interval, the boot firmware measurement may be re-measured and compared to the second boot firmware measurement, where the re-measuring and comparing operation may be repeated periodically, and where the re-measuring and comparing is completed prior to the expiration of the instant time interval [Potlapally ‘086, Col. 6 lines 25-35, Col. 11 line 55-Col. 12 line 3]).

As per claim 15: Potlapally ‘086 discloses:
One or more non-transitory, computer-readable media storing instructions that, when executed by one or more processors, effectuate operations (non-transitory computer-readable storage media storing program instructions for execution by the processor to perform operations [Potlapally ‘086, Col. 14 lines 10-41; Fig. 9]) comprising:
(a request to boot and provision a virtual machine 103 within a host computing device 102 for user 113 [Potlapally ‘086, Col. 2 line 61-Col. 3 line 11, Col. 11 lines 31-40; Fig. 1, Fig. 6]);
generating a first boot record (generate and record a first boot firmware measurement of a host computing device 102 comprising a virtual machine 103, where the boot firmware measurement is associated with the booting of the virtual machine [Potlapally ‘086, Col. 3 lines 63-66, Col. 5 lines 62-65, Col. 6 lines 46-55, Col. 11 lines 7-21; Fig. 1, Fig. 6]); 
obtaining an (comparing the first boot firmware measurement and the second boot firmware measurement, where in response to a match, obtain a verification response from the Trusted Computing (TC) Host 114 and a key derived from the boot firmware measurement [Potlapally ‘086, Col. 6 lines 39-45, Col. 11 line 55-Col. 12 line 3, Col. 12 lines 19-28; Fig. 1, Fig. 6]), 
the second boot record (generate and record a second boot firmware measurement of a host computing device 102 comprising a virtual machine 103, where the boot firmware measurement is associated with the booting of the virtual machine [Potlapally ‘086, Col. 6 lines 25-33, Col. 11 lines 41-54, Col. 12 lines 4-16; Fig. 1, Fig. 6])
obtaining, from a cryptographic processor, authorization to use a key in response to a verification of the (in response to a valid key derived from the matching boot firmware measurements, granting access to information/security attributes 118 within the TC Host 114, where the private information/security attributes 118 may be cryptographic keys from a cryptographic accelerator within the TC Host 114 [Potlapally ‘086, Col. 3 lines 57-63, Col. 4 lines 31-45, Col. 6 lines 39-45, Col. 10 lines 47-59, Col. 12 lines 45-62; Fig. 1, Fig. 6, Fig. 7A]).

Potlapally ‘086, as stated above, does not explicitly disclose: “obtaining a boot identifier and … the boot identifier being associated with the request to boot the virtual device; … including the boot identifier and a first boot process identifier, the first boot process identifier being associated with …; obtaining an identity certificate in response to a match …, … including the boot identifier and a second process identifier, the second process identifier being associated with …, and the identity certificate including an identifier of the virtual device; and … in response to a verification of the identity certificate …”.
Suryanarayana ‘146, however, discloses:
obtaining a boot identifier and … the boot identifier being associated with the request to boot the virtual device (in response to a request to boot a virtual machine 202 to access software stored on hardware 260, such as a service software, generate a boot signature [Suryanarayana ‘146, ¶¶30-31, 45; Fig. 2, Fig. 6]); 
… including the boot identifier (obtaining a boot signature from a signature database, also referred to as certificate database (CDB) 119, 274, where the boot signature may be a secure signature [Suryanarayana ‘146, ¶¶27, 31, 45; Fig. 2, Fig. 6])  
obtaining an identity certificate in response to a match … (obtain a dynamically generated unlock key in response to a match between the boot signature from the CMM 212 within virtual machine 202 and the boot signature from the CDB 119, 274, and where in response to validating the dynamically generated unlock key, generating a signed certificate, as well as a session identification ([Suryanarayana ‘146, ¶¶30-31, 33, 45-46; Fig. 6]), 
… including the boot identifier (obtaining a boot signature from a certificate management module (CMM) 212 within virtual machine 202 [Suryanarayana ‘146, ¶¶31, 45; Fig. 2, Fig. 6]) 
and the identity certificate including an identifier of the virtual device (where the signed certificate includes security credentials that identifies the virtual machine 202 Suryanarayana ‘146, ¶33); and
obtaining … authorization … in response to a verification of the identity certificate … (in response to a verification of the signed certificate, authorizing access for the virtual machine 202 to the corresponding software stored on hardware 260 [Suryanarayana ‘146, ¶¶33, 46; Fig. 6]).

Potlapally ‘086 and Suryanarayana ‘146 are analogous art because they are from the same field of endeavor, namely that of the management of secure virtual devices. For the reasons stated in claim 1, prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Potlapally ‘086 and Suryanarayana ‘146 before them, to modify the method in Potlapally ‘086 to include the teachings of Suryanarayana ‘146.

Potlapally ‘086 in view of Suryanarayana ‘146, as stated above, does not explicitly disclose: “… including the boot identifier and a first boot process identifier, the first boot process identifier being associated with …; … including the boot identifier and a second process identifier, the second process identifier being associated with …”.
Divakarla ‘637, however, discloses:
… including the boot identifier and a first boot process identifier, the first boot process identifier being associated with … (obtaining identifying information from a whitelist 128, where the where the identifying information include hashes of components involved in the boot process, and where the hashes include a hash of the MBR which identifies the boot, and hashes of information which identify the boot process such as hashes of GRUB entries, operating system files, device drivers, and other appropriate components of the boot process [Divakarla ‘637, ¶¶18-19; Fig. 3]); 
… including the boot identifier and a second process identifier, the second process identifier being associated with … (obtaining identifying information from an identifying information storage 130, where the where the identifying information include hashes of components involved in the boot process, and where the hashes include a hash of the MBR which identifies the boot, and hashes of information which identify the boot process such as hashes of GRUB entries, operating system files, device drivers, and other appropriate components of the boot process; determining if the retrieved identifying information is a match [Divakarla ‘637, ¶¶16, 22-24; Fig. 3, Fig. 4]).

Potlapally ‘086 (modified by Suryanarayana ‘146) and Divakarla ‘637 are analogous art because they are from the same field of endeavor, namely that of the management of secure virtual devices. For the reasons stated in claim 1, prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Potlapally ‘086 (modified by Suryanarayana ‘146) and Divakarla ‘637 before them, to modify the method in Potlapally ‘086 (modified by Suryanarayana ‘146) to include the teachings of Divakarla ‘637.

As per claim 16: Potlapally ‘086 in view of Suryanarayana ‘146 and further in view of Divakarla ‘637 discloses all limitations of claim 15, as stated above, from which claim 16 is dependent upon. Furthermore, Potlapally ‘086 discloses:
	generating (generating a request that includes information associated with the booting of the virtual machine 105, on the host computing device 102, and information about the requested cryptographic service on the TC Host 114 of the virtualized computing environment 101 [Potlapally ‘086, Col. 3 line 39-Col. 4 line 13, Col. 4 lines 46-59, Col. 10 lines 47-59, Col. 11 line 31-40]), 
wherein the first boot record includes (the boot firmware measurement includes a summary of the configuration of the virtual machine 105 and the corresponding Host Computing Device 102 [Potlapally ‘086, Col. 6 lines 59-62, Col. 11 lines 7-21; Fig. 1]) 

As stated above, Potlapally ‘086 in view of Suryanarayana ‘146 does not explicitly disclose: “generating a boot marker that includes information … wherein the … includes … the boot marker.”
Divakarla ‘637, however, discloses:
generating a boot marker that includes information related to … (generating identifying information that includes components involved in the boot process of the virtual machine that may be hashed can include a master boot record (MBR), GRUB entries, operating system files, devices drivers, and other appropriate components of the boot process, where the virtual machine may invoke software or cloud-computing upon completion of boot [Divakarla ‘637, ¶¶2, 11, 22]) wherein the … includes … the boot marker (obtaining identifying information from a whitelist 128, where the where the identifying information include hashes of components involved in the boot process, and where the hashes include a hash of the MBR which identifies the boot, and hashes of information which identify the boot process such as hashes of GRUB entries, operating system files, device drivers, and other appropriate components of the boot process [Divakarla ‘637, ¶¶18-19; Fig. 3]).

Potlapally ‘086 (modified by Suryanarayana ‘146) and Divakarla ‘637 are analogous art because they are from the same field of endeavor, namely that of the management of secure virtual devices. For the reasons stated in claim 10, prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Potlapally ‘086 (modified by Suryanarayana ‘146) and Divakarla ‘637 before them, to modify the method in Potlapally ‘086 (modified by Suryanarayana ‘146) to include the teachings of Divakarla ‘637.

As per claim 18: Potlapally ‘086 in view of Suryanarayana ‘146 and further in view of Divakarla ‘637 discloses all limitations of claim 15, as stated above, from which claim 18 is dependent upon. Furthermore, Potlapally ‘086 discloses:
	wherein the authorization to use the key is an authorization to allow the virtual device to access and use the key for cryptographic operations (authorization to access the cryptographic key is authorization to allow the virtual machine 105 and the corresponding Host Computing Device 102 to use the key for cryptographic services [Potlapally ‘086, Col. 3 lines 57-63, Col. 4 lines 31-59, Col. 9 line 60-Col. 10 line 9, Col. 12 lines 29-44; Fig. 7A, Fig. 7B]).

As per claim 19: Potlapally ‘086 in view of Suryanarayana ‘146 and further in view of Divakarla ‘637 discloses all limitations of claim 15, as stated above, from which claim 19 is dependent upon. Furthermore, Potlapally ‘086 discloses:
	wherein the first boot record expires after a predetermined amount of time, and wherein the first boot record and the second boot record are compared prior to an expiration of the predetermined amount of time (after an expiration of a certain time interval, the boot firmware measurement may be re-measured and compared to the second boot firmware measurement, where the re-measuring and comparing operation may be repeated periodically, and where the re-measuring and comparing is completed prior to the expiration of the instant time interval [Potlapally ‘086, Col. 6 lines 25-35, Col. 11 line 55-Col. 12 line 3]).

As per claim 21: Potlapally ‘086 discloses:
A system for facilitating boot-specific key access to a service in a virtual device platform (a system for providing access to cryptographic services within a virtualized computing environment 101 using boot firmware measurements [Potlapally ‘086, Col. 2 lines 17-38, Col. 3 line 39-Col. 4 line 13; Fig. 1]), the system comprising: 
a virtual device platform including circuitry (virtualized computing environment 101 [Potlapally ‘086, Col. 3 lines 39-56; Fig. 1]) configured to: 
(a request to boot and provision a virtual machine 103 within a host computing device 102 for user 113 [Potlapally ‘086, Col. 2 line 61-Col. 3 line 11, Col. 11 lines 31-40; Fig. 1, Fig. 6]); 
generate a first boot record (generate and record a first boot firmware measurement of a host computing device 102 comprising a virtual machine 103, where the boot firmware measurement is associated with the booting of the virtual machine [Potlapally ‘086, Col. 3 lines 63-66, Col. 5 lines 62-65, Col. 6 lines 46-55, Col. 11 lines 7-21; Fig. 1, Fig. 6]); 
generate a second boot record (generate and record a second boot firmware measurement of a host computing device 102 comprising a virtual machine 103, where the boot firmware measurement is associated with the booting of the virtual machine [Potlapally ‘086, Col. 6 lines 25-33, Col. 11 lines 41-54, Col. 12 lines 4-16; Fig. 1, Fig. 6]); 
obtain an (comparing the first boot firmware measurement and the second boot firmware measurement, where in response to a match, obtain a verification response from the Trusted Computing (TC) Host 114 and a key derived from the boot firmware measurement [Potlapally ‘086, Col. 6 lines 39-45, Col. 11 line 55-Col. 12 line 3, Col. 12 lines 19-28; Fig. 1, Fig. 6]); and
obtain authorization to access or use a service via the virtual device platform in response to a verification of the (in response to a valid key derived from the matching boot firmware measurements, granting access to cryptographic services within the TC Host 114 of the virtualized computing environment 101 [Potlapally ‘086, Col. 3 lines 57-63, Col. 4 lines 31-45, Col. 6 lines 39-45, Col. 10 lines 47-59, Col. 12 lines 45-62; Fig. 1, Fig. 6, Fig. 7A]).

Potlapally ‘086, as stated above, does not explicitly disclose: “generate a boot marker including a boot identifier in response to a request …; … including the boot identifier and a first boot process identifier, the first boot process identifier being associated with …; … including the boot identifier and a second process identifier, the second process identifier being associated with …; obtain an identity certificate, the identity certificate including an identifier of the virtual device and the identity certificate being generated in response to a match …; obtain authorization … in response to a verification of the identity certificate.”
Suryanarayana ‘146, however, discloses:
generate a request … (in response to a request to boot a virtual machine 202 to access software stored on hardware 260, such as a service software, generate a boot signature [Suryanarayana ‘146, ¶¶30-31, 45; Fig. 2, Fig. 6]);
… including the boot identifier (obtaining a boot signature from a signature database, also referred to as certificate database (CDB) 119, 274, where the boot signature may be a secure signature [Suryanarayana ‘146, ¶¶27, 31, 45; Fig. 2, Fig. 6]) 
… including the boot identifier (obtaining a boot signature from a certificate management module (CMM) 212 within virtual machine 202 [Suryanarayana ‘146, ¶¶31, 45; Fig. 2, Fig. 6]) 
obtain an identity certificate, the identity certificate including an identifier of the virtual device and the identity certificate being generated in response to a match … (obtain a dynamically generated unlock key in response to a match between the boot signature from the CMM 212 within virtual machine 202 and the boot signature from the CDB 119, 274, and where in response to validating the dynamically generated unlock key, generating a signed certificate, as well as a session identification, where the signed certificate includes security credentials that identifies the virtual machine 202 ([Suryanarayana ‘146, ¶¶30-31, 33, 45-46; Fig. 6]); 
obtain authorization … in response to a verification of the identity certificate (in response to a verification of the signed certificate, authorizing access for the virtual machine 202 to the corresponding software stored on hardware 260 [Suryanarayana ‘146, ¶¶33, 46; Fig. 6]).

Potlapally ‘086 and Suryanarayana ‘146 are analogous art because they are from the same field of endeavor, namely that of the management of secure virtual devices. For the reasons stated in claim 1, prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Potlapally ‘086 and Suryanarayana ‘146 before them, to modify the method in Potlapally ‘086 to include the teachings of Suryanarayana ‘146.

Potlapally ‘086 in view of Suryanarayana ‘146, as stated above, does not explicitly disclose: “generate a boot marker including a boot identifier in response to a request …; and a first boot process identifier, the first boot process identifier being associated with …; … including the boot identifier and a second process identifier, the second process identifier being associated with …”.
Divakarla ‘637, however, discloses:
generate a boot marker including a boot identifier in response to a request … (in response to a request to boot a virtual machine, generate identifying information of the virtual machine, where the identifying information include hashes of components involved in the boot process of the virtual machine, and where the hashes include a hash of a master boot record (MBR) which identifies the boot [Divakarla ‘637, ¶¶18, 21-22, 28])
… including the boot identifier and a first boot process identifier, the first boot process identifier being associated with … (obtaining identifying information from a whitelist 128, where the where the identifying information include hashes of components involved in the boot process, and where the hashes include a hash of the MBR which identifies the boot, and hashes of information which identify the boot process such as hashes of GRUB entries, operating system files, device drivers, and other appropriate components of the boot process [Divakarla ‘637, ¶¶18-19; Fig. 3]); 
… including the boot identifier and a second process identifier, the second process identifier being associated with … (obtaining identifying information from an identifying information storage 130, where the where the identifying information include hashes of components involved in the boot process, and where the hashes include a hash of the MBR which identifies the boot, and hashes of information which identify the boot process such as hashes of GRUB entries, operating system files, device drivers, and other appropriate components of the boot process; determining if the retrieved identifying information is a match [Divakarla ‘637, ¶¶16, 22-24; Fig. 3, Fig. 4])

Potlapally ‘086 (modified by Suryanarayana ‘146) and Divakarla ‘637 are analogous art because they are from the same field of endeavor, namely that of the management of secure virtual devices. For the reasons stated in claim 1, prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Potlapally ‘086 (modified by Suryanarayana ‘146) and Divakarla ‘637 before them, to modify the method in Potlapally ‘086 (modified by Suryanarayana ‘146) to include the teachings of Divakarla ‘637.

As per claim 22: Potlapally ‘086 in view of Suryanarayana ‘146 and further in view of Divakarla ‘637 discloses all limitations of claim 21, as stated above, from which claim 22 is dependent upon. Furthermore, Potlapally ‘086 discloses:
	wherein the service is at least one of a cryptographic service, system update service, or data synchronization service (the requested service may be cryptographic service or an update service relating to software patches [Potlapally ‘086, Col. 3 lines 57-63, Col. 13 line 58-Col. 14 line 9]).

Claims 5, 11, and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Potlapally ‘086, in view of Suryanarayana ‘146, and further in view of Divakarla ‘637, and further in view of  Sciupac, US 6,871,278 B1 (hereinafter, “Sciupac ‘278”) 

As per claim 5: Potlapally ‘086 in view of Suryanarayana ‘146 and further in view of Divakarla ‘637 discloses all limitations of claim 1, as stated above, from which claim 5 is dependent upon. Potlapally ‘086 in view of Suryanarayana ‘146 and further in view of Divakarla ‘637 does not explicitly disclosed the limitations of claim 5. Sciupac ‘278, however, discloses:
	wherein the identity certificate expires after a predetermined amount of time (the digital certificate, which identified a particular entity, has an expiration date [Sciupac ‘278, Col. 4 lines 13-20]), and wherein the identity certificate is verified by the cryptographic processor prior to an expiration of the predetermined amount of time (the digital certificate may validated by cryptographic processor 30, where the digital certificate may be revised and validated prior to the expiration date [Sciupac ‘278, Col. 4 lines 4-12, Col. 7 lines 9-23]).

Potlapally ‘086 (modified by Suryanarayana ‘146 & Divakarla ‘637) and Sciupac ‘278 are analogous art because they are from the same field of endeavor, namely that of the secure access and exchange of data. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Potlapally ‘086 (modified by Suryanarayana ‘146 & Divakarla ‘637) and Sciupac ‘278 before them, to modify the method in Potlapally ‘086 (modified by Suryanarayana ‘146 & Divakarla ‘637) to include the teachings of Sciupac ‘278, namely to implement the signed certificate, as disclosed in Suryanarayana ‘146, such that it has an expiration date, as disclosed in Sciupac ‘278, where the cryptographic accelerator may validate the signed certificate prior to the expiration date. The motivation for doing so would be to use a digital certificate to prevent prevent sensitive data, such as keys, from being forged or falsified, where the digital certificate must be periodically revised and validated before the expiration date to add further protection (see Sciupac ‘278, Col. 4 lines 13-25, Col. 7 lines 9-23).

As per claim 11: Potlapally ‘086 in view of Suryanarayana ‘146 and further in view of Divakarla ‘637 discloses all limitations of claim 7, as stated above, from which claim 11 is dependent upon. Potlapally ‘086 in view of Suryanarayana ‘146 and further in view of Divakarla ‘637 does not explicitly disclosed the limitations of claim 11. Sciupac ‘278, however, discloses:
wherein the identity certificate expires after a predetermined amount of time (the digital certificate, which identified a particular entity, has an expiration date [Sciupac ‘278, Col. 4 lines 13-20]), and wherein the identity certificate is verified by the cryptographic processor prior to an expiration of the predetermined amount of time (the digital certificate may validated by cryptographic processor 30, where the digital certificate may be revised and validated prior to the expiration date [Sciupac ‘278, Col. 4 lines 4-12, Col. 7 lines 9-23]).

Potlapally ‘086 (modified by Suryanarayana ‘146 & Divakarla ‘637) and Sciupac ‘278 are analogous art because they are from the same field of endeavor, namely that of the secure access and exchange of data. For the reasons stated in claim 5, prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Potlapally ‘086 (modified by Suryanarayana ‘146 & Divakarla ‘637) and Sciupac ‘278 before them, to modify the method in Potlapally ‘086 (modified by Suryanarayana ‘146 & Divakarla ‘637) to include the teachings of Sciupac ‘278.

As per claim 17: Potlapally ‘086 in view of Suryanarayana ‘146 and further in view of Divakarla ‘637 discloses all limitations of claim 15, as stated above, from which claim 17 is dependent upon. Potlapally ‘086 in view of Suryanarayana ‘146 and further in view of Divakarla ‘637 does not explicitly disclosed the limitations of claim 17. Sciupac ‘278, however, discloses:
wherein the identity certificate expires after a predetermined amount of time (the digital certificate, which identified a particular entity, has an expiration date [Sciupac ‘278, Col. 4 lines 13-20]), and wherein the identity certificate is verified by the cryptographic processor prior to an expiration of the predetermined amount of time (the digital certificate may validated by cryptographic processor 30, where the digital certificate may be revised and validated prior to the expiration date [Sciupac ‘278, Col. 4 lines 4-12, Col. 7 lines 9-23]).

Potlapally ‘086 (modified by Suryanarayana ‘146 & Divakarla ‘637) and Sciupac ‘278 are analogous art because they are from the same field of endeavor, namely that of the secure access and exchange of data. For the reasons stated in claim 5, prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Potlapally ‘086 (modified by Suryanarayana ‘146 & Divakarla ‘637) and Sciupac ‘278 before them, to modify the method in Potlapally ‘086 (modified by Suryanarayana ‘146 & Divakarla ‘637) to include the teachings of Sciupac ‘278.


Claim 8 is rejected under 35 U.S.C. 103 as being unpatentable over Potlapally ‘086, in view of Suryanarayana ‘146, and further in view of Divakarla ‘637, and further in view of Vakulenko et al., US 2020/0044868 A1 (hereinafter, “Vakulenko ‘868”). 

As per claim 8: Potlapally ‘086 in view of Suryanarayana ‘146 and further in view of Divakarla ‘637 discloses all limitations of claim 7, as stated above, from which claim 8 is dependent upon. Furthermore, Potlapally ‘086 discloses:
	the method further comprising: 
obtaining, from a physical client device, an external security token (obtaining from a user 113 client device, credentials in order to authenticate an identity of the user 113 [Potlapally ‘086, Col. 6 line 63-Col. 7 line 8; Col. 8 lines 6-17; Fig. 1, Fig. 3]), 
wherein the authorization to use the key is further in response to a verification of the external security token (verifying the credentials of the user 113 to authorize the access of the cryptographic key [Potlapally ‘086, Col. 12 line 29-Col. 13 line 6; Fig. 7A, Fig. 7B]) 

As stated above, Potlapally ‘086 in view of Suryanarayana ‘146 and further in view of Divakarla ‘637 does not explicitly disclose: “… verification of the external security token by the cryptographic processor.”
Vakulenko ‘868, however, discloses:
… verification of the external security token by the cryptographic processor (validation of a digital access token by a cryptographic unit of an electronic device [Vakulenko ‘868, ¶¶31, 64]).

Potlapally ‘086 (modified by Suryanarayana ‘146 & Divakarla ‘637) and Vakulenko ‘868 are analogous art because they are from the same field of endeavor, namely that of the access control to secure data and services on a platform. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Potlapally ‘086 (modified by Suryanarayana ‘146 & Divakarla ‘637) and Vakulenko ‘868 before them, to modify the method in Potlapally ‘086 (modified by Suryanarayana ‘146 & Divakarla ‘637) to include the teachings of Vakulenko ‘868, namely to verify the credentials of the user 113, as disclosed in Potlapally ‘086, using a cryptographic unit, as disclosed in Vakulenko ‘868. The motivation for doing so would be to provide the capability of verifying credentials which may have cryptographic elements (see Vakulenko ‘868, ¶¶31, 64).

Claims 14 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Potlapally ‘086, in view of Suryanarayana ‘146, and further in view of Divakarla ‘637, and further in view of Hadley, US 2014/0164793 A1 (hereinafter, “Hadley ‘793”). 

As per claim 14: Potlapally ‘086 in view of Suryanarayana ‘146 and further in view of Divakarla ‘637 discloses all limitations of claim 7, as stated above, from which claim 14 is dependent upon. Furthermore, Potlapally ‘086 discloses:
wherein the key is generated by the cryptographic processor and wherein the key is stored in a memory separate from (the TC host 114 on a virtualized computing environment 101 generating cryptographic keys, using a cryptographic accelerator, and storing the cryptographic keys in memory partitions 115, where the memory partition 115 may be isolated [Potlapally ‘086, Col. 3 lines 50-63, Col. 4 lines 8-13, Col. 4 lines 31-45, Col. 10 lines 60-65, Col. 12 line 50-62; Fig. 1, Fig. 7A]) 

As state above, Potlapally ‘086 in view of Suryanarayana ‘146 and further in view of Divakarla ‘637 does not explicitely disclose: “… key is stored in a memory separate from the cryptographic processor.”
Hadley ‘793, however, discloses:
… key is stored in a memory separate from the cryptographic processor (storing the key at a secure memory, where the secure memory is separated from the cryptographic module 110 [Hadley ‘793, ¶¶14, 17, 21]).

Potlapally ‘086 (modified by Suryanarayana ‘146 & Divakarla ‘637) and Hadley ‘793 are analogous art because they are from the same field of endeavor, namely that of the access control to secure data such as cryptographic keys and other cryptographic information. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Potlapally ‘086 (modified by Suryanarayana ‘146 & Divakarla ‘637) and Hadley ‘793 before them, to modify the method in Potlapally ‘086 (modified by Suryanarayana ‘146 & Divakarla ‘637) to include the teachings of Hadley ‘793, namely to have the isolated memory partitions of Potlapally ‘086, which stores cryptographic keys, be separated from the cryptographic accelerator, as disclosed in Hadley ‘793. The motivation for doing so would be to reduce the likelihood of corruption or leaking of the key information (see Hadley ‘793, ¶21).

As per claim 20: Potlapally ‘086 in view of Suryanarayana ‘146 and further in view of Divakarla ‘637 discloses all limitations of claim 15, as stated above, from which claim 20 is dependent upon. Furthermore, Potlapally ‘086 discloses:
wherein the key is generated by the cryptographic processor and wherein the key is stored in a memory separate from (the TC host 114 on a virtualized computing environment 101 generating cryptographic keys, using a cryptographic accelerator, and storing the cryptographic keys in memory partitions 115, where the memory partition 115 may be isolated [Potlapally ‘086, Col. 3 lines 50-63, Col. 4 lines 8-13, Col. 4 lines 31-45, Col. 10 lines 60-65, Col. 12 line 50-62; Fig. 1, Fig. 7A]) 

As state above, Potlapally ‘086 in view of Suryanarayana ‘146 and further in view of Divakarla ‘637 does not explicitely disclose: “… key is stored in a memory separate from the cryptographic processor.”
Hadley ‘793, however, discloses:
… key is stored in a memory separate from the cryptographic processor (storing the key at a secure memory, where the secure memory is separated from the cryptographic module 110 [Hadley ‘793, ¶¶14, 17, 21]).

Potlapally ‘086 (modified by Suryanarayana ‘146 & Divakarla ‘637) and Hadley ‘793 are analogous art because they are from the same field of endeavor, namely that of the access control to secure data such as cryptographic keys and other cryptographic information. For the reasons stated in claim 14, prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Potlapally ‘086 (modified by Suryanarayana ‘146 & Divakarla ‘637) and Hadley ‘793 before them, to modify the method in Potlapally ‘086 (modified by Suryanarayana ‘146 & Divakarla ‘637) to include the teachings of Hadley ‘793.


Conclusion
The prior art made of record and not relied upon is considered pertinent to the Applicant’s disclosure:
Kim et al., US 2017/0097828 A1: verifying the integrity of the data used for booting a virtual device based on a result of comparing the trusted boot image with the extracted data used for booting.
Song et al., US 2013/0191643 A1: measuring an immutable portion of a virtual machine image configured to instantiate as the virtual machine to generate a trust anchor measurement and storing the trust anchor measurement in a sealed memory.
Hakala et al., US 2018/0365045 A1: checking a signature of the virtual machine image against the stored signature of the trusted virtual machine.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to ALAN LINGQIAN KONG whose telephone number is (571)272-2646. The examiner can normally be reached Monday-Thursday 8:30am-6:00pm EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, JUNG (JAY) KIM can be reached on (571)272-3804. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/ALAN LINGQIAN KONG/Examiner, Art Unit 2494

/SHANTO ABEDIN/Primary Examiner, Art Unit 2494