DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
1.The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

                                                Claim Rejections - 35 USC §112
2.The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.

The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.

3. Claims 17-18 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention.

4. Claims 17 and 18  discloses an acronym “BMC”,  which has not been defined in the claims. Examiner recommends spelling out the acronym to overcome this rejection. 
Appropriate clarification is needed.

Claim Rejections - 35 USC § 103
5.The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

6. Claim(s) 12-13 and 15-21 are rejected under 35 U.S.C. 103 as being unpatentable over Callaghan (US Pub.No.2018/0364522) in view of Fraser (US Pub.No.2016/0232354).

7. Regarding claim 12 Callaghan method comprising: requesting, by an introspection enclave (IE), access to a scanning engine of a device, wherein the device is independent to an OS; requesting, by the device, authentication from the IE; in response to authentication verification from the IE to the device, initiating a secure exchange between the IE and the device, wherein the exchange includes a heartbeat signal from the device to the IE; comparing, by the IE, the measurements of the data structure from the device and the measurement engine; and in response to a difference in the comparison of the measurements, taking, by the IE, remedial action (Para:0079 and Para:0031-0032 teaches the OS kernel runs with integrity management subsystem support enabled, e.g., IMA enabled. The IMA subsystem verifies that all system sensitive files opened by the OS kernel have a valid digital signature or match a predetermined hash value, and that the contents of the file have not changed since the signature or hash was affixed. This operation is referred to herein as integrity management system “appraisal”, or IMA appraisal. The IMA appraisal is not limited to boot time or to the first time that a file is opened. In fact, IMA appraisal continues until the next boot cycle, and, in some illustrative embodiments, may cover tens of thousands of application files. For performance, in some illustrative embodiments, IMA only appraises a file the first time, and then again only when the file has changed. In addition, if the file has an applicable FILE CHECK policy rule, IMA will prevent signed files from being opened for write. The organization or individual that has ownership over the physical service processor and/or host system can configure the integrity management subsystem, e.g., IMA subsystem, to run in one of two modes: enforcing or logging. In enforcing mode, if any verification fails, the SP will raise an alert and output or transmit a notification that the service processor and host system are compromised, and then terminate all services of the service processor);

Callaghan teaches all the above claimed limitations, but does not expressly teach requesting, measurements of the data structure in the memory from a measurement engine in a kernel of the OS.

Fraser teaches a request for the device to measure a data structure in a memory; requesting, by the IE, measurements of the data structure in the memory from a measurement engine in an inner kernel of the OS (Para:0041-0045 and Para:0050-0055 teaches  the host memory integrity monitoring system which comprises a host memory integrity monitor operating independently of the state of the monitored structure and which resides on a co-processor (physically or virtually), as well as an administrative system connected to the monitor through an independent communication link. The host memory monitor hashes monitored structures in the memory to detect changes made thereto, and sends reports on the state of the host kernel to the administrative station via the independent communication link existing therebetween. The monitored structures reside in the main memory and may include operating systems (kernel), applications, domain manager, etc.).

Therefore, it would have been obvious to one of the ordinary skills in the art before the effective filing date of the claimed invention to modify the system disclosed by Callaghan to include requesting, measurements of the data structure in the memory from a measurement engine in a kernel of the OS as taught by Fraser, such a setup  would verify and monitor the system, which will prevent replay attacks.

8.  Regarding claim 13 Fraser teaches the method further comprising: measuring continuously, by the scanning engine of the device, the data structure in memory (Para: 0052 teaches  measuring continuously, the data structure in memory).

9. Regarding claim 15 Fraser teaches the method wherein the device access’s the memory to measure the data structures in memory through a system management mode (Para:0041-0045 and Para:0050-0055 teaches  measure the data structures in memory). 

10. Regarding claim 16 Fraser teaches the method, wherein the inner kernel is a part of a kernel and the inner kernel runs critical security functions (Para:0041-0045 and Para:0050-0055  teaches the inner kernel is a part of a kernel).

11. Regarding claim 17, the limitations of this claim are rejected using the same prior art and rationale as previously addressed in claim 12.

12. Regarding claim 18 Callaghan teaches the non-transitory machine-readable storage medium, wherein, in response to a failure to respond to the heartbeat signal, the BMC to initiate remedial action (Para:0093-00094 teaches initiate remedial action). 

13. Regarding claim 19 Fraser teaches the non-transitory machine-readable storage medium,  wherein the OS includes the inner kernel and an outer kernel (Para:0020-0023).

14. Regarding claim 20 Callaghan teaches the non-transitory machine-readable storage medium, wherein the instructions are executed in a trusted execution environment within the outer kernel of the OS (Para:0020-0023 and Para:0093-00094 teaches instructions are executed in a trusted execution environment within the kernel of the OS).
15. Regarding claim 21 Callaghan in view of Fraser  teaches the method, further comprising: requesting, by the IE, second measurements of the data structure in the memory, at different times, from a measurement engine in an inner kernel of the OS; comparing, by the IE, the second measurements of the data structure from the device and the measurement engine; and in response to a second difference in the comparison of the measurements of the data structure, taking, by the IE, further remedial action (Callaghan: Para:0079 and Para:0031-0032 teaches the OS kernel runs with integrity management subsystem support enabled, e.g., IMA enabled. The IMA subsystem verifies that all system sensitive files opened by the OS kernel have a valid digital signature or match a predetermined hash value, and that the contents of the file have not changed since the signature or hash was affixed. This operation is referred to herein as integrity management system “appraisal”, or IMA appraisal. The IMA appraisal is not limited to boot time or to the first time that a file is opened. In fact, IMA appraisal continues until the next boot cycle, and, in some illustrative embodiments, may cover tens of thousands of application files. For performance, in some illustrative embodiments, IMA only appraises a file the first time, and then again only when the file has changed. In addition, if the file has an applicable FILE CHECK policy rule, IMA will prevent signed files from being opened for write. The organization or individual that has ownership over the physical service processor and/or host system can configure the integrity management subsystem, e.g., IMA subsystem, to run in one of two modes: enforcing or logging. In enforcing mode, if any verification fails, the SP will raise an alert and output or transmit a notification that the service processor and host system are compromised, and then terminate all services of the service processor.

Fraser: Para:0050-0055 teaches he host memory integrity monitor calculates “known good” hashes of the monitored structures in their uncompromised state, and then recalculates the hashes of the critical structures throughout the host system runtime. Further, the “known good” hashes and the hashes calculated during the kernel runtime are compared, and in the case that the differences between the hashes are detected, the host memory integrity monitor sends a report to the administrative station on the state of the examined structure. The recalculation of the hashes can be initiated periodically, for example, with a predetermined time period of approximately 30 seconds, or it may be activated at randomized time intervals. At the administrative station, a manual or automatic analysis of the received report is conducted and judgment is formulated on whether the deviation between the “known good” hashes and the hashes calculated during the host system runtime represents a malicious modification to the monitored structure, or the deviation is due to a valid structure modification affected by the administrative system).

16. Claim 14 is rejected under 35 U.S.C. 103 as being unpatentable over Callaghan (US Pub.No.2018/0365422) in view of Fraser (US Pub.No.2016/0232354) as applied to claim 12 above and further in view of Jacobs (US Pub.No.2015/0089209)

17. Regarding claim  14 Callaghan in view of Fraser teaches  all the above claimed limitations but does not expressly teach the method, wherein communication between the IE and the device is encrypted.

Jacobs teaches the method, wherein communication between the IE and the device is encrypted (Para:0032 and Para:0038 teaches the communication is encrypted).

Therefore, it would have been obvious to one of the ordinary skills in the art before the effective filing date of the claimed invention to modify the system disclosed by Callaghan in view of Fraser to include communication between the IE and the device is encrypted as taught by Jacobs, such a setup would provide a secure operating system.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DEREENA T CATTUNGAL whose telephone number is (571)270-0506. The examiner can normally be reached Mon-Fri : 7:30 AM-5 PM EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn Feild can be reached on 571-272-2092. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/DEREENA T CATTUNGAL/Primary Examiner, Art Unit 2431