Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-3, 6-9, 12-15, and 18 are rejected under 35 U.S.C. 103 as being unpatentable over MOON et al. (United States Patent Application Publication US 2019/0163910), hereinafter MOON, in view of Inaba (United States Patent Application Publication US 2020/0334360), hereinafter Inaba.

Regarding claim 1, MOON teaches performing, by the processor, a cryptographic algorithm on the boot code by using the boot key to obtain a runtime signature; ([0170] “The secure memory loader decrypts the encrypted firmware image using the obtained original FEK to verify the confidentiality of the firmware and to obtain an original firmware image, and copies the obtained original firmware image to the firmware loading memory area (shown in FIG. 7) of the flash memory (S570).” [0171] “Then, the secure memory loader extracts the F/W authentication public key and the F/W signature value from the secure memory loader area to verify the authentication and integrity of the original firmware image obtained by decryption, dynamically calculates a new F/W signature value using the original firmware image located in the firmware loading memory area (for example, the signature value of the original firmware image is calculated by using the authentication public key, the one-way hash function, and a signature calculation algorithm), and then compares the extracted F/W signature value with the calculated new F/W signature value to verify the reliability of the firmware (S580).” During the booting process, the signature value of the original firmware image is calculated by using the authentication public key, the one-way hash function, and a signature calculation algorithm. As discussed above, the booting process is performed by the CPU. Thus, the processor or CPU performs the one-way hash function and a signature calculation algorithm, which is interpreted as performing a cryptographic algorithm on the boot code, to calculate or obtain the signature value, which is interpreted as to obtain a runtime signature using a public key.)
reading, by the processor, an original signature from a secure area of the storage device for verifying the runtime signature; ([0171] “Then, the secure memory loader extracts the F/W authentication public key and the F/W signature value from the secure memory loader area to verify the authentication and integrity of the original firmware image obtained by decryption, dynamically calculates a new F/W signature value using the original firmware image located in the firmware loading memory area (for example, the signature value of the original firmware image is calculated by using the authentication public key, the one-way hash function, and a signature calculation algorithm), and then compares the extracted F/W signature value with the calculated new F/W signature value to verify the reliability of the firmware (S580).” The F/W signature value is extracted from the secure memory loader area to compare to the calculated signature or the runtime signature to verify the integrity of the firmware, which is determined based on the verification by the comparison.) and
providing, by the processor, the boot code for the host device to perform a boot operation when the runtime signature is consistent with the original signature. ([0172] “If it is determined that the firmware reliability is normal when the extracted F/W signature value matches the calculated new F/W signature (S590), the process of FIG. 9 proceeds to step S600.” Fig. 9 S600 “Transfer control to firmware” [0173] “When the firmware reliability is normal, the secure memory loader finishes all operations and transfers control to the original firmware located in the firmware loading memory area (S600).” When the extracted signature value matches the calculated signature, which is interpreted as if the runtime signature is consistent with the original signature, the firmware of the service device takes the control of the booting process, which is interpreted as providing the boot code for the host device to perform a boot operation.)
However, MOON does not teach a secure boot method, adapted to boot a host device by a boot apparatus external to the host device, the boot apparatus having a storage device and a processor, the method comprising: connecting the processor to the host device through a connecting device; reading, by the processor, a boot code and a boot key for booting the host device from the storage device after the processor is connected to the host device through the connecting device.
Inaba teaches a secure boot method, adapted to boot a host device by a boot apparatus external to the host device, (FIG. 1 “MAIN CPU” 101 “SUB CPU” 115 114, 117, FIG. 12 T0 “MFP POWER ON SUB CPU ACTIVATED” T1 117 “CANCELED MAIN CPU 101 ACTIVATED”)
the boot apparatus having a storage device and a processor, ([0040] “The sub CPU 115 includes a CPU core 301, an SPI master 302, a GPIO 303, the OTP memory area 304, an SRAM 305, an encryption processor 308, the boot ROM 310, and a Crypto RAM 311.”)
the method comprising: connecting the processor to the host device through a connecting device; ([0040] “the sub CPU 115, which supports secure boot, functions as a detector that detects an alteration by verifying the boot code (boot program) or the execution code (execution program) of each controller for controlling a load such as the main CPU 101, the HDD controller 124, or the like. These verification operations are performed before these controllers are activated, thus implementing secure boot.” [0033] “The main CPU 101, the flash ROM 112 and the sub CPU 115 are connected to each other by a SPI (Serial Peripheral Interface) bus 114.” [0035] “A reset signal 117 is output from the GPIO port of the sub CPU 115, and a dedicated signal line is connected to a reset terminal of the main CPU 101.” The main CPU and the sub CPU are connected through a SPI bus. Also, the signal from the sub CPU is also transmitted to the main CPU through the connection of the GPIO.)
reading, by the processor, a boot code and a boot key for booting the host device from the storage device after the processor is connected to the host device through the connecting device, ([0057] “Next, in step S702, the CPU core 301 causes the encryption processor 308 to decrypt the FW signature 505 by a public key in the OTP memory area 304 and obtain the correct hash value. Next, in step S703, the CPU core 301 causes the encryption processor 308 to calculate the hash value of the sub CPU FW 504. Subsequently, in step S704, the CPU core 301 compares the hash value obtained in step S502 with the hash value calculated in step S703. If the hash values do not match (NO), the processing ends. Otherwise (YES), the process advances to step S705, and the CPU core 301 loads the sub CPU FW 504 into the SRAM 305 and executes the sub CPU FW.” The sub CPU and the main CPU are already connected through the SPI bus and the GPIO before the sub CPU performs the reading the booting process, such as reading the firmware and decrypting the FW signature by a public key. Also, by verifying the sub FW using the signature and the public key, the sub CPU activates or boots the main CPU, which is interpreted as for booting the host device from the storage device.)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified MOON to incorporate the teaching of Inaba of reading a boot code and a boot key for booting the host device from the storage device after the processor is connected to the host device through the connecting device. They are all directed toward securely booting the device. As well known in the art before the effective filing date of the claimed invention, a security of the device while booting process is one of the most important protection from the malicious code to be loaded into the system. By using an apparatus external to the device to be booted, the verification of the device before loading the boot code by the external apparatus adds another layer of security protection from unwanted access resulting in enhancement of the security. Therefore, it would be advantageous to incorporate the teaching of Inaba of reading a boot code and a boot key for booting the host device from the storage device after the processor is connected to the host device through the connecting device to enhance the security of the device.

Regarding claim 2, MOON in view of Inaba teaches all the limitations of the method of claim 1, as discussed above.
MOON, as modified above, further teaches wherein the boot key is stored in the secure area of the storage device. (Fig. 7 “Flash Memory Layout” “Secure Memory Loader Area” [0164] “At this time, the secure memory loader may use an OTP memory or a device security management server for self-verification. In addition, the secure memory loader code, the secure memory loader header, the memory protection policy, the key information, the authentication information, the network code, the crypto code, and the like may be verified when performing the security verification for the secure memory loader.” [0169] “If the CRK stored in the secure memory loader area is valid, the secure memory loader unwraps the AES wrapped FEK using the CRK to obtain the original FEK key value. In addition, the secure memory loader may verify the validity of the obtained original FEK key value using the OTP memory (S560).” The public key is stored in a flash memory.)

Regarding claim 3, MOON in view of Inaba teaches all the limitations of the method of claim 1, as discussed above.
MOON, as modified above, further teaches prohibiting, by the processor, providing the boot code to the host device and setting a status flag to a fail state if the runtime signature is inconsistent with the original signature. ([0174] “when the firmware reliability is not normal, the secure memory loader switches to an emergency mode and forwards, to the device security management server, a defect which is recognized by the results of the self-verification in step S520 or is reported by the memory protection unit 112 in step S550, and a problem that the two firmware signature values are matched in step S590 (S610).” When the verification fails, which is interpreted as if the runtime signature is inconsistent with the original signature, the fail is reported and the secure memory loader switches to the emergency mode and perform countermeasure, which is interpreted as prohibiting providing the boot code to the host device. Also, the emergency mode, which is interpreted as a status flag to a fail state, is set.)

Regarding claim 6, MOON in view of Inaba teaches all the limitations of the method of claim 1, as discussed above.
MOON, as modified above, further teaches wherein the cryptographic algorithm comprises an elliptic curve digital signature algorithm (ECDSA). ([0116] “the signature generation processing unit 333 may verify the security validity of data according to a standard such as an elliptic curve digital signature algorithm (ECDSA).”)

Regarding claims 7-9 and 12, the claims 7-9 and 12 do not further teach or define the limitation over the limitations cited in the rejected claims 1-3 and 6 above. Therefore, MOON in view of Inaba teaches all the limitations of the claims 7-9 and 12.

Regarding claim 13-15 and 18, the claims 13-15 and 18 do not further teach or define the limitation over the limitations cited in the rejected claims 1-3, 6-9 and 12 above, except a security boot system. MOON further teaches a security boot system. (“FIG. 1 is an exemplary diagram illustrating a structure of a service network according to an exemplary embodiment of the present invention.”) Therefore, MOON in view of Inaba teaches all the limitations of the claims 13-15 and 18.

Claims 4, 5, 10, 11, 16, and 17 are rejected under 35 U.S.C. 103 as being unpatentable over MOON in view of Inaba and further in view of Khatri et al. (United States Patent Application Publication US 2018/0075242), hereinafter Khatri.

Regarding claim 4, MOON in view of Inaba teaches all the limitations of the method of claim 1, as discussed above.
MOON further teaches generating, by the processor, a digest from the boot code by using a checking method; ([0119] “The digest generation processing unit 336 generates the digest value by performing one-way hash of the input data, and transfers the generated digest value to the OTP generation processing unit 335.” The digest generation processing unit generates the digest value using the FEK, the CRK, and the like as input values as necessary, which is interpreted as generating a digest from the boot code, by performing one-way hash, which is interpreted as by using a checking method.)
However, MOON in view of Inaba does not teach signing, by the processor, the digest with the boot key by using the cryptographic algorithm to generate the runtime signature.
Khatri teaches signing, by the processor, the digest with the boot key by using the cryptographic algorithm to generate the runtime signature. ([0061] “Image digests, also known as "hashes," may be obtained through application of a cryptographic hash function to an image of a pre-boot code module. At block 504, the user then signs each digest with their custom key(s). The user may either sign each digest individually, or may sign multiple digests as a group (with a single signature or certificate), and these signed image digests serve as customer-owned digital signatures for the pre-boot code modules.” Digest are signed with their custom keys through application of a cryptographic hash function to an image, which is interpreted as signing the digest with the boot key by using the cryptographic algorithm. These signed image digest serve as customer-owned digital signature, which is interpreted as to generate the runtime signature.)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified MOON in view of Inaba by incorporating the teaching of Khatri of signing the digest with the boot key using the cryptographic algorithm to generate a signature. They are all directed toward security of the device firmware. As recognized by Khatri, a traditional solution to obtain the images to sign and securely install the signed images on the devices since the user has to work with each supplier to obtain the supplier’s UEFI firmware image and a secure mechanism to update the device with firmware images signed by the customer. ([0007], [0008]) Furthermore, as the number of components and firmware used by the various devices in any modern IHS increases deployment and maintenance time to interact with large number of device suppliers. ([0009]) Thus, by signing the digest to generate the runtime signature, the user can securely install the signed firmware images, which also reduces or eliminates the need to obtain firmware images from various device suppliers. ([0076]) Therefore, it would be advantageous to incorporate the teaching of Khatri of signing the digest with the boot key using the cryptographic algorithm to generate a signature for securely install the signed firmware images.

Regarding claim 5, MOON in view of Inaba and further in view of Khatri teaches all the limitations of the method of claim 4, as discussed above.
MOON, as modified above, further teaches wherein the checking method comprises calculating a checksum, a cyclic redundancy check (CRC) code, or a hash value of the boot code to generate the digest. ([0119] “The digest generation processing unit 336 generates the digest value by performing one-way hash of the input data, and transfers the generated digest value to the OTP generation processing unit 335. The digest generation processing unit 336 may selectively use crypto & network codes (CNC), the FEK, the CRK, and the like as input values as necessary. The CNC represents a cryptographic code library and a network code library to be dedicated by the third modified secure memory loader. The CNC may be placed in a specific memory area on the flash memory described below.” A checking method to generate a digest uses a one-way hash, which is interpreted as a hash value of the boot code to generate the digest.)

Regarding claims 10, 11, 16, and 17, the claims 10, 11, 16, and 17 are the apparatus claims of the method claims 4 and 5. The claims 10, 11, 16, and 17 do not further teach or define the limitation over the limitations recited in the rejected claims 4 and 5 above. Therefore, MOON in view of Inaba and further in view of Khatri teaches all the limitations of the claims 10, 11, 16, and 17.

Response to Arguments
Applicant’s arguments, see Remarks, filed 8/29/2022, with respect to the rejection(s) of claim(s) 1-3, 6-9, 12-15, and 18 under 35 U.S.C. 102 have been fully considered and are persuasive.  Therefore, the rejection has been withdrawn.  However, upon further consideration, a new ground(s) of rejection is made in view of Inaba. Inaba teaches an information processing apparatus with the sub CPU to validate the sub firmware of the sub CPU, which then activates the main CPU.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Lo (United States Patent Application Publication US 2009/0132797) teaches methods and a system for booting a diskless client by determining a match between a cached image signature and a received image signature from the boot server.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to HYUN SOO KIM whose telephone number is (571)270-1768. The examiner can normally be reached Monday - Friday 8:30 am - 5:30 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jaweed Abbaszadeh can be reached on (571) 270-1640. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/H.K./Examiner, Art Unit 2187         
/JAWEED A ABBASZADEH/Supervisory Patent Examiner, Art Unit 2187