DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claim 3 is rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention. Claim 3 references a force[d] installation, i.e. “to, when the system is updated using a force installation file for rewriting-24- the entire system.” and similarly a force installation file. Such language is not clearly defined in the specification and does not clearly disclose the scope and boundaries of claim 3. For the purposes of examination, Examiner interprets “forced installation” to be an installation without user interaction necessary to initiate or complete the installation. 
Appropriate correction is required. 

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim(s) 1-6 is/are rejected under 35 U.S.C. 103 as being unpatentable over Djabarov et al. Pub. No.: US 2013/0185563 Al hereafter DJABAROV in view of Callaghan et al. US 2018/0365424 A1  hereafter CALLAGHAN. 
As to Claim 1
DJABAROV teaches “[a]n information processing apparatus comprising: 5a memory; (memory 804 [0077]) and processing circuitry electrically coupled to the memory, (computer system 800 includes a processor 802, memory 804, storage 806, an input/ output (I/O) interface 808, a communication interface 810, and a bus 812. [0077]) the processing circuitry being configured to: perform signature verification based on a value and a signature file to ensure integrity and 10authenticity of an update file to be used when a system is updated, (Bootloader 603 verifies universal manifest signature 604a via UniversalManifestKey.pub in Step 503, serial number 604c with SerialNumberKey.pub, and per device manifest signature 604d with PerDeviceManifestKey.pub, After the manifest has been verified, the system image is hashed [i.e. a value] via a predetermined hash function, and checked against the hash value in manifest 604b (SystemImage SHA1). As previously described above, the newly updated system image or firmware 605 then takes control of mobile device 122 (Step 506), and may load applications 606. [0069]) the value being uniquely calculated based on the update file, (the system image is hashed via a predetermined hash function, and checked against the hash value in manifest 604b [0069]) After the manifest has been verified, the system image is hashed via a predetermined hash function, and checked against the hash value in manifest 604b (System Image SHA1). As previously described above, the newly updated system image or firmware 605 then takes control of mobile device 122 (Step 506), and may load applications 606. [0069]) wherein after the system is updated using the update file for which the integrity and authenticity are ensured, (After the manifest has been verified, the system image is hashed via a predetermined hash function, and checked against the hash value in manifest 604b (System Image SHA1). As previously described above, the newly updated system image or firmware 605 then takes control of mobile device 122 (Step 506), and may load applications 606. [0069] ) the processing circuitry is configured 20to cause the system to be launched using the invocation file for which the integrity and authenticity are ensured, (At Step 502, the bootloader application gains execution control, and at Step 503, the bootloader reads the manifest from manifest partition 204. In particular embodiments, the bootloader may obtain the manifest from any of the flash replicas in manifest partition 204. [0061]) to ensure the integrity and authenticity of files that are used when the system is updated and at startup of the system.( After the manifest has been verified, the system image is hashed via a predetermined hash function, and checked against the hash value in manifest 604b (System Image SHA1). As previously described above, the newly updated system image or firmware 605 then takes control of mobile device 122 (Step 506), and may load applications 606. [0069])
DJABAROV does not teach “and the signature file corresponding to the update file;”
However, in an analogous art of secure boot CALLAGHAN teaches “and the signature file corresponding to the update file;” ( [t]he first level boot loader 332 ensures that any operating system (OS) kernel image 320 subsequently booted was digitally signed by a private key corresponding to a trusted public key configured in the first level boot loader 332. [0077])
DJABAROV and CALLAGHAN are analogous arts because both teach secure boot machines/systems/methods along with an update file getting sent securely to the updated device. 
It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify DJABAROV by taking a signature of the entire update file disclosed in CALLAGHAN because the effect of performing a cryptographic signature to ensure the validity of the file is well known. It is using a well-known method (cryptographic signatures) to produce a known result (the update file’s authenticity is ensured). So much so in fact, that DJABAROV teaches a similar function, (Both serial number 604c and PerDeviceManifest signature 604d are generated by update server 120 by digitally signing the serial number with SerialNumberKey. private 609b ( check 613) and PerDeviceManifestKey.private 609a, respectively. [0068] See also Fig. 6.). DJABAROV cryptographically signs a manifest, which acts as a unique proxy for the update file, but is not actually the update file itself.
As to Claim 2

The combination of DJABAROV and CALLAGHAN teaches “[t]he information processing apparatus according to claim 1” (as above) ,  Furthermore, Callaghan discloses the method/apparatus wherein the update file and the signature file are downloaded from a network server” “wherein the update file and the signature file are downloaded from a network server” (In particular embodiments, the serial number may be signed by a private per device manifest key stored at update server [0052] [and] [h]aving authenticated the manifest, mobile device 122 at Step 308a requests the payload from payload server 124 by making a request to the URL specified in the manifest. In particular embodiments, the request is an HTTP request. In particular embodiments, the request is an HTTP request with range support in order to support resumable or partial downloading of the payload. In particular embodiments, the request is a torrent tracker file for downloading from a plurality of download servers 124. [0054]).
As to Claim 3
The combination of DJABAROV and CALLAGHAN teaches “[t]he information processing apparatus according to claim 1, (as above) . Furthermore, DJABAROV discloses the method/apparatus wherein the update file and the signature file are downloaded from a network server i.e. “wherein the processing circuitry is configured to, when the system is updated using a force installation file for rewriting-24- the entire system” (“the bootloader application gains execution control, … the bootloader reads the manifest from manifest partition … [0061] the bootloader verifies the hash value of the system image against the hash value transmitted in the manifest. [0063] the social networking system, software provider, or carrier may trigger the OTA update process by transmitting an out-of-band message instructing mobile device 122 to begin the OTA process [a forced installation without user interaction] ,… [with the added feature that]  [t]his disclosure contemplates any suitable means of triggering the OTA update process.” DJABAROV [0037])  perform signature verification based on a second value and a second signature file, (After the firmware developer readies a firmware update to be pushed to all devices, it attaches a signature to manifest 604b. Universal manifest signature 604a is generated by digitally signing manifest 604b with UniversalMainfiestKey. private ( check 612).  [the first signature on first value] Bootloader 603 verifies universal manifest signature 604a via UniversalManifestKey.pub in Step 503, serial number 604c with SerialNumberKey.pub, and per device manifest signature 604d [the second value and second signature file] DJABAROV [0069]) “the second value being uniquely calculated based on the force installation file,” (“After the manifest has been verified, the system image is hashed via a predetermined hash function, and checked against the hash value in manifest 604b” [0069])  and the second signature 5file corresponding to the force installation file; (“[t]he first level boot loader 332 ensures that any operating system (OS) kernel image 320 subsequently booted was digitally signed by a private key corresponding to a trusted public key configured in the first level boot loader 332 CALLAGHAN [0077]”) “and ensure, when installation is forcibly performed, the integrity and authenticity of the force installation file.” After the manifest has been verified, the system image is hashed via a predetermined hash function, and checked against the hash value in manifest 604b (System Image SHA1). As previously described above, the newly updated system image or firmware 605 then takes control of mobile device 122 (Step 506), and may load applications 606. DJABAROV [0069])
As to Claim 4
The combination of DJABAROV and CALLAGHAN teaches “The information processing apparatus according to claim 1, Furthermore, DJABAROV discloses the method/apparatus  “wherein the uniquely calculated value is based on a result of a hash operation” (“the system image is hashed via a predetermined hash function, and checked against the hash value in manifest 604b” DJABAROV [0069])

As to Claim 5
DJABAROV teaches “A method for ensuring files for an information processing apparatus, the method comprising: performing signature verification based on a value and a signature file to ensure integrity and 20authenticity of an update file to be used when a system is updated” (“example method of booting a mobile device to a newly updated system image [0060] … Bootloader 603 verifies universal manifest signature 604a via UniversalManifestKey.pub in Step 503, serial number 604c with SerialNumberKey.pub, and per device manifest signature 604d with PerDeviceManifestKey.pub … After the manifest has been verified, the system image is hashed via a predetermined hash function, and checked against the hash value in manifest 604b (System Image SHA1). As previously described above, the newly updated system image or firmware 605 then takes control of mobile device 122 (Step 506), and may load applications 606. [0069]) the value being uniquely calculated based on the update file, (the system image is hashed via a predetermined hash function, and checked against the hash value in manifest 604b [0069]) After the manifest has been verified, the system image is hashed via a predetermined hash function, and checked against the hash value in manifest 604b (System Image SHA1). As previously described above, the newly updated system image or firmware 605 then takes control of mobile device 122 (Step 506), and may load applications 606. [0069] ) invoking the system to ensure the integrity and authenticity of an invocation file that is executed at startup of the system.” (“At Step 502, the bootloader application gains execution control, and at Step 503, the bootloader reads the manifest from manifest partition 204. In particular embodiments, the bootloader may obtain the manifest from any of the flash replicas in manifest partition 204. [0061] After the manifest has been verified, the system image is hashed via a predetermined hash function, and checked against the hash value in manifest 604b (System Image SHA1). As previously described above, the newly updated system image or firmware 605 then takes control of mobile device 122 (Step 506), and may load applications 606. [0069])
DJABAROV does not teach “and the signature file corresponding to the update file;”
However, in an analogous art of secure boot CALLAGHAN teaches “and the signature file corresponding to the update file;” ( [t]he first level boot loader 332 ensures that any operating system (OS) kernel image 320 subsequently booted was digitally signed by a private key corresponding to a trusted public key configured in the first level boot loader 332. [0077])
DJABAROV and CALLAGHAN are analogous arts because both teach secure boot machines/systems/methods along with an update file getting sent securely to the updated device. 
It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify DJABAROV by taking a signature of the entire update file disclosed in CALLAGHAN because the effect of performing a cryptographic signature to ensure the validity of the file is well known. It is using a well-known method (cryptographic signatures) to produce a known result (the update file’s authenticity is ensured). So much so in fact, that DJABAROV teaches a similar function, (Both serial number 604c and PerDeviceManifest signature 604d are generated by update server 120 by digitally signing the serial number with SerialNumberKey. private 609b ( check 613) and PerDeviceManifestKey.private 609a, respectively. [0068] See also Fig. 6.). DJABAROV cryptographically signs a manifest, which acts as a unique proxy for the update file, but is not actually the update file itself.
As to Claim 6
DJABAROV teaches “A non-transitory storage medium storing a program that, when executed by a computer, causes the computer to execute a method, the method comprising: performing signature verification based on a -25- value and a signature file to ensure integrity and authenticity of an update file to be used when a system is updated,” (“non-transitory, computer-readable media comprising instructions operable, when executed by one or more computing systems, to: [Claims 12-20].  “Bootloader 603 verifies universal manifest signature 604a via UniversalManifestKey.pub in Step 503, serial number 604c with SerialNumberKey.pub, and per device manifest signature 604d with PerDeviceManifestKey.pub  After the manifest has been verified, the system image is hashed via a predetermined hash function, and checked against the hash value in manifest 604b (System Image SHA1). As previously described above, the newly updated system image or firmware 605 then takes control of mobile device 122 (Step 506), and may load applications 606.” [0069] ) ]) the value being uniquely calculated based on the update file, (the system image is hashed via a predetermined hash function, and checked against the hash value in manifest 604b [0069]) After the manifest has been verified, the system image is hashed via a predetermined hash function, and checked against the hash value in manifest 604b (SystemImage SHA1). As previously described above, the newly updated system image or firmware 605 then takes control of mobile device 122 (Step 506), and may load applications 606.[0069]) ensuring the integrity and authenticity of an execution file that is executed at startup of the 10system. (After the manifest has been verified, the system image is hashed via a predetermined hash function, and checked against the hash value in manifest 604b (System Image SHA1). As previously described above, the newly updated system image or firmware 605 then takes control of mobile device 122 (Step 506), and may load applications 606. [0069] )
DJABAROV does not teach “and the signature file corresponding to the update file;”
However, in an analogous art of secure boot CALLAGHAN teaches “and the signature file corresponding to the update file;” ( [t]he first level boot loader 332 ensures that any operating system (OS) kernel image 320 subsequently booted was digitally signed by a private key corresponding to a trusted public key configured in the first level boot loader 332. [0077])
DJABAROV and CALLAGHAN are analogous arts because both teach secure boot machines/systems/methods along with an update file getting sent securely to the updated device

It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify DJABAROV by taking a signature of the entire update file disclosed in CALLAGHAN because the effect of performing a cryptographic signature to ensure the validity of the file is well known. It is using a well-known method (cryptographic signatures) to produce a known result (the update file’s authenticity is ensured). So much so in fact, that DJABAROV teaches a similar function, (Both serial number 604c and PerDeviceManifest signature 604d are generated by update server 120 by digitally signing the serial number with SerialNumberKey. private 609b ( check 613) and PerDeviceManifestKey.private 609a, respectively. [0068] See also Fig. 6.). DJABAROV cryptographically signs a manifest, which acts as a unique proxy for the update file, but is not actually the update file itself.


Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
Nelson US 20200084042 A1 which discusses secure boot and using a ditigal signature to authenticate firmware as a part of the secure boot process. 
Wentz US 20210091952 A1 discloses an attested boot sequence using cryptographic keys to verify the software to be executed on startup. 
Fox et al. US 20210092604 A1 discloses a secure startup “device [that] may validate device, agency, and user credentials. For a valid verification on start-up, cryptographically signed tokens may be contained” (See Abstract.)
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ROBERT MATIJASEC whose telephone number is (571)272-6314. The examiner can normally be reached on Mon-Thu from 9AM to 6PM. The examiner can also be reached on alternate Fridays 9AM-6PM.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, YIN-CHEN SHAW, can be reached at telephone number (571)272-8878. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://portal.uspto.gov/external/portal. Should you have questions about access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

/R.M./Examiner, Art Unit 4173        

/SAMSON B LEMMA/Primary Examiner, Art Unit 2498