Information Disclosure Statement


Notice of Pre-AIA  or AIA  Status

1.	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Information Disclosure Statement

2.	The information disclosure statement (IDS) submitted on 7/07/2022  was filed.  The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Allowable Subject Matter

3.	Claim 2 and all intervening claims (3-5) are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.




Double Patenting

4.	The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.


5.	Claim 13 is provisionally rejected on the ground of nonstatutory double patenting as being unpatentable over claim 1 of copending Application No. 15/664,489.  Although the claims at issue are not identical, they are not patentably distinct from each other (see below table).

15/664,489
17/856,574
1. (Previously Presented) An apparatus comprising: a processor comprising: a decoder to decode a first instruction; and one or more execution units to execute the decoded first instruction to: obtain one or more measurements of a secured software container, wherein the measurements describe parameters of the secured software container, functionality of the secured software container is based on the parameters, and particular software is to be run within the secured software container; obtain a data integrity code based on a hardware-based secret; generate a report according to a defined report format; and provide the report, wherein the defined report format comprises a first field to include the measurements and a second field to include the data integrity code.
13. An apparatus comprising: a processor comprising: a decoder to decode a first instruction; one or more execution units to execute the decoded first instruction to: obtain first measurements of contents and configuration of a trust domain to be launched on a computing platform, wherein the trust domain comprises a software container in which software is to be run; obtain second measurements of the computing platform; obtain a data integrity code generated from a key accessible only to a particular processor of the computing platform; and generate an integrity-protected trust domain report structure for the trust domain, wherein the trust domain report structure is according to a defined report structure and comprises the first measurements, the second measurements, and a data integrity code generated from a hardware-secured key. 14, The apparatus of Claim 13, wherein the decoder is further to decode a second instruction and the processor further comprises: one or more execution units to execute the decoded second instruction to: access the trust domain report structure; and verify integrity of the trust domain report structure based on the data integrity code.


This is a provisional nonstatutory double patenting rejection because the patentably indistinct claims have not in fact been patented.

6.	Claim 15 is provisionally rejected on the ground of nonstatutory double patenting as being unpatentable over claim 12 of copending Application No. 15/664,489. Although the claims at issue are not identical, they are not patentably distinct from each other (see below table).

15/664,489
17/856,574
12. (Previously Presented) A system comprising: a host processor; memory; data integrity logic to generate a data integrity code based on a hardware-based key; a container manager to implement a secured container to host a software component, wherein the secured software container is to comprise: measurement logic to determine measurements of the secured container and the software component, wherein the measurements describe parameters of the secured software container, and functionality of the secured software container is based on the parameters; report generation logic, executable to: generate a report according to a defined report format, wherein the defined report format comprises a first field to include the measurements and a second field to include the data integrity code, and the report format is compatible for consumption by any one of a plurality of different quote creator types; and send a quote request comprising the report; quote consumption logic, executable to: receive a quote generated by a particular quote creator in response to the quote request; and send the quote to another system to perform an attestation of at least one of the secured container and the software component.
15. A method comprising: launching a trust domain on a computing platform, wherein the trust domain comprises a software container in which software is to be run; recording initial contents and configuration of the trust domain during the launch of the trust domain; generating a trust domain report of the trust domain, wherein the trust domain report structure comprises: measurements of the trust domain; measurements of the computing platform; and a data integrity code generated from a key accessible only to a particular processor on the computing platform; verifying the trust domain report structure based on the data integrity code; and causing a quote to be generated from the trust domain report structure based on verification of the trust domain report structure, wherein the quote comprises a signed version of the trust domain report structure signed using a certified quote signing key.


This is a provisional nonstatutory double patenting rejection because the patentably indistinct claims have not in fact been patented.


Claim Rejections - 35 USC § 103

The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


7.	Claims 1, and 6-20 are rejected under 35 U.S.C. 103 as being unpatentable over Pub.No.: US 2012/0185694 A1 to MUNETOH et al (hereafter referenced as Munetoh) in view of Pub.No.: US 2010/0082991 A1 to Baldwin et al(hereafter reference as Baldwin).
Regarding claim 1, Munetoh discloses “an apparatus comprising: a processor a virtual machine (Java virtual machine [par.0103]) manager executable by the processor to: launch a trust domain(allocation table for trusted domain services [Fig.6]), “wherein software is to be run in the trust domain” (FIG.3 shows a typical hardware construction of the server configured to provide the Trusted Domain Service) ; “load a trust domain module associated with the trust domain” (subtree domain secret is available to load the subtree to the TPM [par.0084]), “wherein the trust domain module is to: record contents and configuration of the trust domain during the launch of the trust domain” (master boot record [Fig.14]).
Month does not explicitly disclose “and generate a trust domain report of the trust domain, wherein the trust domain report structure comprises: measurements of the trust domain; measurements from the processor; and a data integrity code generated from a key accessible only to the processor.”
However, Baldwin in an analogous art discloses “and generate a trust domain report of the trust domain, wherein the trust domain report structure comprises: measurements of the trust domain” (Baldwin FIG. 8 discloses , a respective virtual TPM (trusted device) that is subsidiary to the hardware TPM associated with each domain to measure and report integrity metrics for the code running in the domain  [par.0047]); “measurements from the processor; and a data integrity code generated from a key accessible only to the processor.”( TPM 118 measures and reports all integrity metrics Baldwin[par.0047]).
Therefore, it would have been obvious to one of ordinary skill in the art at the time the invention was filed to modify Munetoh’s virtual machine processing apparatus comprising signed integrity values for the assertion of integrity codes with Baldwin’s Trusted key management for virtual platforms in order to provide additional security. One of ordinary skill would have been motivated to combine because Month discloses a Java virtual platform comprising an allocation table for trusted domain services, Baldwin  teaches a trusted key management for virtual platforms, and both are from the same field of endeavor.
Regarding claim 6 in view of claim 1, the references combined disclose “wherein the key comprises a message authentication code (MAC) key” (encryption key that is used for encrypting the domain's data Munetoh[par.055]).
Regarding claim 7 in view of claim 1, the references combined disclose “wherein the trust domain comprises a software container in which the software is to be run.”(privileged domain 112 within TPM 119 Baldwin[Fig.8]).
Regarding claim 8 in view of claim 1, the references combined disclose “wherein the trust domain comprises a virtual machine” (Virtual Machine(VM) Baldwin[Fig.13]).
Regarding claim 9 in view of claim 1, the references combined disclose “wherein launching the trust domain comprises allocating a region of secured memory private to the trust domain” (privileged domain Baldwin[Fig.13]).
Regarding claim 10 in view of claim 1, the references combined disclose “wherein the trust domain report structure is generated for the trust domain through execution of a report generation instruction defined in an instruction set architecture associated with the processor” ( TPM 118 measures and reports all integrity metrics Baldwin[par.0047]).
Regarding claim 11 in view of claim 10, the references combined disclose “wherein the report generation instruction is invoked by the trust domain.” ( TPM 118 measures and reports all integrity metrics Baldwin[par.0047]).



Regarding claim 12 in view of claim 1, the references combined disclose “wherein the trust domain report structure is according to a defined report format comprising a plurality of fields.” (Baldwin [FIG. 13] is a depiction of the integrity metrics reported by a service driver associated with a virtual machine of the Baldwin [FIG. 11] virtualized server).
Regarding claim 13, Munetoh discloses “an apparatus comprising: a processor comprising: a decoder to decode a first instruction” (encryption key that is used for encrypting the domain's data Munetoh[par.055]); “one or more execution units to execute the decoded first instruction to: obtain first measurements of contents and configuration of a trust domain to be launched on a computing platform (measure CRTM, measure bopot code Munetoh[Fig.7])., “obtain second measurements of the computing platform” (measure CRTM, measure bopot code Munetoh[Fig.7]) ; “obtain a data integrity code generated from a key accessible only to a particular processor of the computing platform” (encryption key that is used for encrypting the domain's data Munetoh[par.055]);
Munetoh does not explicitly disclose “wherein the trust domain comprises a software container in which software is to be run ;and generate an integrity-protected trust domain report structure for the trust domain, wherein the trust domain report structure is according to a defined report structure and comprises the first measurements, the second measurements, and a data integrity code generated from a hardware-secured key.”

However, Baldwin in an analogous art discloses “wherein the trust domain comprises a software container in which software is to be run” (privileged domain 112 within TPM 119 Baldwin[Fig.8]); “and generate an integrity-protected trust domain report structure for the trust domain” ( TPM 118 measures and reports all integrity metrics Baldwin[par.0047]), “wherein the trust domain report structure is according to a defined report structure and comprises the first measurements, the second measurements, and a data integrity code generated from a hardware-secured key” (Baldwin [FIG. 13] is a depiction of the integrity metrics reported by a service driver associated with a virtual machine of the Baldwin [FIG. 11] virtualized server).
Therefore, it would have been obvious to one of ordinary skill in the art at the time the invention was filed to modify Munetoh’s virtual machine processing apparatus comprising signed integrity values for the assertion of integrity codes with Baldwin’s Trusted key management for virtual platforms in order to provide additional security. One of ordinary skill would have been motivated to combine because Munetoh discloses a Java virtual platform comprising an allocation table for trusted domain services, Baldwin  teaches a trusted key management for virtual platforms, and both are from the same field of endeavor.
Regarding claim 14 in view of claim 13, the references combined disclose “wherein the decoder is further to decode a second instruction and the processor further comprises: one or more execution units to execute the decoded second instruction to: access the trust domain report structure” (encryption key that is used for encrypting the domain's data Munetoh[par.055]); “and verify integrity of the trust domain report structure based on the data integrity code” ( TPM 118 measures and reports all integrity metrics Baldwin[par.0047]
Regarding claim 15, Munetoh discloses “a method comprising: launching a trust domain on a computing platform” (allocation table for trusted domain services [Fig.6]), “wherein the trust domain comprises a software container in which software is to be run” (subtree domain secret is available to load the subtree to the TPM [par.0084]); “recording initial contents and configuration of the trust domain during the launch of the trust domain” (master boot record [Fig.14]), “and a data integrity code generated from a key accessible only to a particular processor on the computing platform” ( TPM 118 measures and reports all integrity metrics Baldwin[par.0047]).
Munetoh does not explicitly disclose “generating a trust domain report of the trust domain; wherein the trust domain report structure comprises: measurements of the trust domain; measurements of the computing platform ; verifying the trust domain report structure based on the data integrity code ;“and causing a quote to be generated from the trust domain report structure based on verification of the trust domain report structure, wherein the quote comprises a signed version of the trust domain report structure signed using a certified quote signing key.”
However, Baldwin discloses “generating a trust domain report of the trust domain” (Baldwin FIG. 8 discloses , a respective virtual TPM (trusted device) that is subsidiary to the hardware TPM associated with each domain to measure and report integrity metrics for the code running in the domain  [par.0047]); “wherein the trust domain report structure comprises: measurements of the trust domain; measurements of the computing platform” ( TPM 118 measures and reports all integrity metrics Baldwin[par.0047]); “verifying the trust domain report structure based on the data integrity code” ( TPM 118 measures and reports all integrity metrics Baldwin[par.0047]) ; “and causing a quote to be generated from the trust domain report structure based on verification of the trust domain report structure” (Baldwin FIG. 8 discloses , a respective virtual TPM (trusted device) that is subsidiary to the hardware TPM associated with each domain to measure and report integrity metrics for the code running in the domain  [par.0047]), “wherein the quote comprises a signed version of the trust domain report structure signed using a certified quote signing key.” ( TPM 118 measures and reports all integrity metrics Baldwin[par.0047]).
Therefore, it would have been obvious to one of ordinary skill in the art at the time the invention was filed to modify Munetoh’s virtual machine processing apparatus comprising signed integrity values for the assertion of integrity codes with Baldwin’s Trusted key management for virtual platforms in order to provide additional security. One of ordinary skill would have been motivated to combine because Munetoh discloses a Java virtual platform comprising an allocation table for trusted domain services, Baldwin  teaches a trusted key management for virtual platforms, and both are from the same field of endeavor.
Regarding claim 16, Munetoh discloses “at least one non-transitory machine-readable storage medium with instruction stored thereon, the instructions executable to cause a machine to: launch a trust domain on a computing platform” (FIG.3 shows a typical hardware construction of the server configured to provide the Trusted Domain Service), “wherein the trust domain comprises a software container in which particular software is to be run” (subtree domain secret is available to load the subtree to the TPM [par.0084]); “record contents and configuration of the trust domain during the launch of the trust domain” (master boot record [Fig.14]); 
Munetoh does not explicitly disclose “generate a trust domain report structure of the trust domain, wherein the trust domain report structure comprises: measurements of the trust domain; measurements of the computing platform; and a data integrity code generated from a key accessible only to a particular processor on the computing platform; verify the trust domain report structure based on the data integrity code; and cause a quote to be generated from the trust domain report structure based on verification of the trust domain report structure, wherein the quote comprises a signed version of the trust domain report structure signed using a certified quote signing key.”
However, Baldwin in an analogous art discloses “generate a trust domain report structure of the trust domain” (Baldwin FIG. 8 discloses , a respective virtual TPM (trusted device) that is subsidiary to the hardware TPM associated with each domain to measure and report integrity metrics for the code running in the domain  [par.0047]), “wherein the trust domain report structure comprises: measurements of the trust domain; measurements of the computing platform” ( TPM 118 measures and reports all integrity metrics Baldwin[par.0047]); “and a data integrity code generated from a key accessible only to a particular processor on the computing platform” ( TPM 118 measures and reports all integrity metrics Baldwin[par.0047]; verify the trust domain report structure based on the data integrity code” ( TPM 118 measures and reports all integrity metrics Baldwin[par.0047]; “and cause a quote to be generated from the trust domain report structure based on verification of the trust domain report structure” (Baldwin FIG. 8 discloses , a respective virtual TPM (trusted device) that is subsidiary to the hardware TPM associated with each domain to measure and report integrity metrics for the code running in the domain  [par.0047]), “wherein the quote comprises a signed version of the trust domain report structure signed using a certified quote signing key.” ( TPM 118 measures and reports all integrity metrics Baldwin[par.0047]).
Therefore, it would have been obvious to one of ordinary skill in the art at the time the invention was filed to modify Munetoh’s virtual machine processing apparatus comprising signed integrity values for the assertion of integrity codes with Baldwin’s Trusted key management for virtual platforms in order to provide additional security. One of ordinary skill would have been motivated to combine because Munetoh discloses a Java virtual platform comprising an allocation table for trusted domain services, Baldwin  teaches a trusted key management for virtual platforms, and both are from the same field of endeavor.
Regarding claim 17, Munetoh discloses “a system comprising: a processor; a memory; a virtual machine manager executable by the processor to: launch a trust domain” (allocation table for trusted domain services [Fig.6]), wherein particular software is to be run in the trust domain” (FIG.3 shows a typical hardware construction of the server configured to provide the Trusted Domain Service); “load a trust domain module associated with the trust domain” (subtree domain secret is available to load the subtree to the TPM [par.0084]), “wherein the trust domain module is to: record initial contents and configuration of the trust domain during the launch of the trust domain” (master boot record [Fig.14]).
Munetoh does not explicitly disclose “and generate a trust domain report of the trust domain, wherein the trust domain report structure comprises: measurements of the trust domain; measurements from the processor ; and a data integrity code generated from a key accessible only to the processor; and a quote creator executable to: determine whether integrity of the trust domain report structure is verified , and sign the trust domain report structure using a certified quote signing key to generate a quote from the trust domain report structure.” 
However, Baldwin in an analogous art discloses “and generate a trust domain report of the trust domain” (Baldwin FIG. 8 discloses , a respective virtual TPM (trusted device) that is subsidiary to the hardware TPM associated with each domain to measure and report integrity metrics for the code running in the domain  [par.0047]), “wherein the trust domain report structure comprises: measurements of the trust domain; measurements from the processor” ( TPM 118 measures and reports all integrity metrics Baldwin[par.0047]); “and a data integrity code generated from a key accessible only to the processor; and a quote creator executable to: determine whether integrity of the trust domain report structure is verified” (Baldwin FIG. 8 discloses , a respective virtual TPM (trusted device) that is subsidiary to the hardware TPM associated with each domain to measure and report integrity metrics for the code running in the domain  [par.0047]; “and sign the trust domain report structure using a certified quote signing key to generate a quote from the trust domain report structure.” (TPM 118 measures and reports all integrity metrics Baldwin[par.0047]).
Therefore, it would have been obvious to one of ordinary skill in the art at the time the invention was filed to modify Munetoh’s virtual machine processing apparatus comprising signed integrity values for the assertion of integrity codes with Baldwin’s Trusted key management for virtual platforms in order to provide additional security. One of ordinary skill would have been motivated to combine because Munetoh discloses a Java virtual platform comprising an allocation table for trusted domain services, Baldwin  teaches a trusted key management for virtual platforms, and both are from the same field of endeavor.
Regarding claim 18 in view of claim 17, the references combined disclose “further comprising report verification logic executable by the processor to verify the trust domain report structure based on the data integrity code, wherein the quote creator generates the quote based on verification of the trust domain report structure by the report verification logic” (Baldwin FIG. 8 discloses , a respective virtual TPM (trusted device) that is subsidiary to the hardware TPM associated with each domain to measure and report integrity metrics for the code running in the domain  [par.0047]).
Regarding claim 19 in view of claim 18, the references combined disclose “wherein the processor comprises an instruction set architecture (ISA), and the ISA defines: a report generation instruction callable to generate the trust domain report structure; and a report verification instruction callable to verify the trust report structure based on the data integrity code” (Baldwin FIG. 8 discloses , a respective virtual TPM (trusted device) that is subsidiary to the hardware TPM associated with each domain to measure and report integrity metrics for the code running in the domain  [par.0047]).
Regarding claim 20 in view of claim 17, the references combined disclose “wherein the trust domain is to initiate a request to generate the quote, and the request comprises the trust domain report structure” (Baldwin FIG. 8 discloses , a respective virtual TPM (trusted device) that is subsidiary to the hardware TPM associated with each domain to measure and report integrity metrics for the code running in the domain  [par.0047])


Conclusion

Any inquiry concerning this communication or earlier communications from the examiner should be directed to MICHAEL D ANDERSON whose telephone number is (571)270-5159. The examiner can normally be reached Mon-Fri 9am-6pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey Pwu can be reached on (571) 272-6798. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/MICHAEL D ANDERSON/           Examiner, Art Unit 2433              

/JEFFREY C PWU/           Supervisory Patent Examiner, Art Unit 2433