DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .



Response to Amendments
This communication is in response to the amendments filed on 4 November 2022:
	Claims 1-3 and 7-8 are amended.
	Claims 1-8 are pending.



Response to Arguments
In response to Applicant’s remarks filed on 4 November 2022:
a.	Applicant’s arguments and amendments regarding the objection to the title has been fully considered and is deemed fully persuasive. The objection to the title has been withdrawn.
b.	Applicant’s arguments that nowhere in the specification and drawings, does Crowder JR. teach or suggest the feature of “create policy information indicating a setting related to a verification target area…wherein the verifying of the signature includes confirming the partition of the verification target area and the partition of the non-verification target by referring to the created policy information and verifying the signature of the compressed file stored in the partition of the verification target area” has been fully considered but is deemed moot in view of the new grounds of rejection presented in this Office Action. 



Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claims 1-3 and 5-8 are rejected under 35 U.S.C. 103 as being unpatentable over Crowder JR. et al. (U.S. PGPub. 2008/0045342), hereinafter Crowder, in view of Campbell (U.S. PGPub. 2009/0220078), in further view of Callaghan et al. (U.S. PGPub. 2019/0364048), hereinafter Callaghan. 

	Regarding claim 1, Crowder teaches An information processing apparatus comprising:
	circuitry configured to (Crowder, Paragraph [0048], see “With reference to FIG. 2, a block diagram illustrates components 50 of the gaming machine 10 capable of authentication before and during use of the gaming machine 10…These components include, without limitation, one or more processors…”, where “gaming machine 10” is being read as an information processing apparatus and where “processor” is being read as comprising circuitry):
		
		create in a storage area, a partition of the verification target area for verifying integrity and authenticity and a partition of a non-verification target area for not verifying the integrity and authenticity, (Crowder, Paragraph [0017], see “…a component is authenticated as or within partitions on the hard disk device…the hard disk device contains multiple partitions containing, for example, the Linux operating system, gaming libraries and executables, and multiple games with each game being placed within a separate partition. During boot up, the manifest for the partitions is authenticated using PVSSR algorithm, and then each partition is authenticated when it is mounted or loaded by the operating system…Then the libraries are authenticated and loaded. Only the games that are active need to have their respective partitions authenticated and loaded…For example, and not by way of limitation, if a hard drive has 100 game partitions, but only 10 games are active, then only the 10 game partitions of the active games need to be authenticated at boot time”, where “hard disk device” is being read as one or more memories, where “if a hard drive has 100 game partitions, but only 10 games are active, then only the 10 game partitions of the active games need to be authenticated at boot time” is being read as having a verification target area and a non-verification target area, where “active games” is being read as being included in a partition in a verification target area, and where the inactive games are read as being included in a non-verification target area, due to the active games undergoing an integrity and authenticity check, and where each game is placed within a separate partition);
		store a (Crowder, Paragraph [0045], see “…Each manifest includes a list of file records, wherein each record contains the name of a file stored on the hard disk device, and a signature value derived from the contents of the file on a device”, where “each manifest includes a list of file records” is being read as comprising a file, where “signature value” is being read as authentication data, where “hard disk device” is being read as one or more memories, wherein a file (file records) and authentication data (signature value) is stored in a partition in the verification target area of one or more memories (hard disk device));
		verify a signature of the (Crowder, Paragraph [0122], see “…the manifest partition is a list of files and their associated signature values, with a digital signature at the end of the partition, so that the entire partition is authenticated before loading”, where “signature values” is being read as authentication data associated with each file, where “digital signature” is being read as a signature, where a signature (digital signature) of the file is verified using the file and the authentication data (signature values) stored in the partition in the verification target area of the one or more memories (hard disk drive)) (Crowder, Paragraph [0128], discusses an embodiment related to utilization both the signature values of the files (authentication data) and the signature itself); 
		
		(Crowder, Paragraph [0122], see “…the manifest partition is a list of files and their associated signature values, with a digital signature at the end of the partition, so that the entire partition is authenticated before loading”, where “signature values” is being read as authentication data associated with each file, where “digital signature” is being read as a signature, where a signature (digital signature) of the file is verified using the file and the authentication data (signature values) stored in the partition in the verification target area of the one or more memories (hard disk drive)). 
	Crowder does not teach the following limitation(s) as taught by Campbell: store a compressed file and authentication data created from the compressed file in the partition of the verification target area (Campbell, Paragraph [0056], see “FIG. 6 illustrates a nonvolatile memory of a gaming machine used for on-the-fly encryption of data that is not preloaded on a secondary storage of the gaming machine…The nonvolatile memory 600 includes compressed files 601, game executable(s) 602…”, where “nonvolatile memory 600” is analogous to a memory comprising the verification target area, where the nonvolatile memory stores compressed files);
	verify a signature of the compressed file using the compressed file and the authentication data stored in the partition of the verification target area (Campbell, Paragraph [0077], see “…the compressed files are verified…the compressed files 601 may include a digital signature appended thereto…the installation module 237 may verify the compressed files 601 based on the digital signature…”, where a signature (digital signature) of the compressed file is verified); and
	based on a successful result of the signature verification, decompress, and expand the compressed file to the partition of the non-verification target area (Campbell, FIG. 8, see “812”, “814”, “816”, where in steps “812” and “814”, the signature is verified and where in step “816”, based on a successful result of the signature verification, the file is decompressed and expanded into the non-verification target area of the one or more memories, where “secondary storage” is analogous to the non-verification target area of the one or more memories) (Campbell, Paragraph [0078], see “…the installation module 237 may verify the on-the-fly encryption data 608 based on the digital signature. While block 812 and block 814 described the verification of the compressed file and the on-the-fly encryption data as two separate operations, in some embodiments, the compressed file and the on-the-fly encryption data may be verified together based on the digital signature 612…the installation module 237 may generate a digital signature for the data stored in the nonvolatile memory 600 and compare the digital signature to the digital signature 612…”) (Campbell, Paragraph [0079], see “At block 816, file ‘X’ is decompressed to the secondary storage…the installation module 237 may decompress file ‘X’ of the compressed files 601 for installation into the secondary storage 208”, where “secondary storage 208” is analogous to a memory comprising the non-verification target area, where based on a successful result of the signature verification, the compressed file is decompressed to the partition in the non-verification target area of the one or more memories (secondary storage 208)).
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for data integrity and non-repudiation, disclosed of Crowder, by implementing techniques for on-the-fly encryption on a gaming machine, comprising of verifying a signature of a compressed file and based on a successful result of the signature verification, decompressing and expanding the compressed file into a separate memory disclosed of Campbell.
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for an information processing apparatus, comprising of verifying a signature of a compressed file and based on a successful result of the signature verification, decompressing and expanding the compressed file into a separate memory. This allows for better security management by verifying a digital signature of a compressed file before decompressing the file and loading it onto a secure memory. Campbell is deemed as analogous art due to the art disclosing techniques for verifying a signature of a compressed file and decompressing the compressed file into a specific memory based on a successful result of the signature verification (Campbell, Paragraphs [0078 – 0079]). 
Crowder as modified by Campbell do not teach the following limitation(s) as taught by Callaghan: create policy information indicating a setting related to a verification target area (Callaghan, Paragraph [0115], see “As the operating system kernel is booting, the integrity management subsystem, e.g., an IMA subsystem, of the operating system kernel is enabled…The integrity management subsystem is configured with policy information that indicates which security relevant immutable files on which to perform measurements, appraisals, and for which to generate corresponding logs. During booting and during operation of the service processor, the integrity management subsystem records operating system level execution measurements of security relevant immutable files in the hash chain of the TPM’s registers, e.g., the PCRs, and corresponding logs in the event log storage of the service processor, as well as performs appraisals, all based on the established policy and file labels associated with the files accessed by the service processor…”, where “The integrity management subsystem is configured with policy information that indicates which security relevant immutable files on which to perform measurements, appraisals…” is analogous to creating policy information indicating a setting related to a verification target area, where “security relevant immutable files on which to perform measurements, appraisals…” is analogous to relating to a verification target area);
create in a storage area, a partition of the verification target area for verifying integrity and authenticity and a partition of a non-verification target area for not verifying the integrity and authenticity, based on the created policy information (Callaghan, Paragraph [0083], see “The identification of what files to measure and appraise by the measurement and appraisal logic 324 may be accomplished by specifying, in the custom policies stored in the configuration data of the integrity management subsystem 322 and applied by the execution of the integrity management subsystem 322, a set of labels or identifiers. Labels are “affixed” to files as an extended attribute, e.g., file system metadata. Any file that has affixed to it one of these labels or identifiers, will be measured and appraised by the measurement and appraisal logic 324 of the integrity management subsystem 322” where any file that has affixed to it one of these labels or identifiers, are partitioned in the verification target area and any file that does not have a label is interpreted as being in the non-verification target area, based on the created policy information);
wherein the verifying of the signature includes confirming the partition of the verification target area and the partition of the non-verification target by referring to the created policy information (Callaghan, Paragraph [0033], see “…the SP also verifies digital signatures and/or records the measurements of executable files and security relevant files before they are executed or opened”) (Callaghan, Paragraph [0079], see “…The integrity management subsystem 322 verifies that all system sensitive files opened by the OS kernel 320 have a valid digital signature or match a predetermined hash value, and that the contents of the files have not changed since their corresponding signatures or hashes were generated…the integrity management subsystem 322 measurement and appraisal logic 324 may perform appraisal operations on a file the first time the file is accessed, and then again only when the file has been changed. In addition, if the file has an applicable FILE_CHECK policy rule, the integrity management subsystem 322 may prevent signed files from being opened for write”, where “if the file has an applicable FILE_CHECK policy rule, the integrity management subsystem 322 may prevent signed files from being opened for write” is analogous to wherein the verifying of the signature includes confirming the partition of the verification target area and the partition of the non-verification target area by referring to the created policy information, where “FILE_CHECK policy rule” is analogous to the created policy information, and where “prevent signed files from being opened for write” is analogous to being comprised in the non-verification target area, due to the file having been verified) (Callaghan, Paragraph [0115], see “…The integrity management subsystem is configured with policy information that indicates which security relevant immutable files on which to perform measurements, appraisals, and for which to generate corresponding logs”, where “policy information that indicates which security relevant immutable files on which to perform measurements, appraisals, and for which to generate corresponding logs” is analogous to confirming the partition of the verification target area (i.e., which files to verify) and the partition of the non-verification target area (i.e., which files that do not need verification) by referring to the policy information).
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for data integrity and non-repudiation, disclosed of Crowder, and techniques disclosed of Campbell, by implementing techniques for a system with secure booting and monitoring of service processor integrity, comprising of creating policy information indicating a setting related to a verification target area, wherein the verifying of the signature comprises confirming the contents of the verification target area and the contents of the non-verification target area by referring to the created policy information, disclosed of Callaghan. 
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for an information processing apparatus, comprising of creating policy information indicating a setting related to a verification target area, wherein the verifying of the signature comprises confirming the contents of the verification target area and the contents of the non-verification target area by referring to the created policy information. This allows for better security management in Linux systems by utilizing an IMA subsystem for creating policy information indicating a setting related to a verification target area, which allows for the creation and collection of hashes of files when opened, before their contents are accessed for read or execution. The IMA subsystem can interact within the system to protect the collected hashes from tampering by a rogue administrator or application. Callaghan is deemed as analogous art due to the art disclosing techniques for creating policy information indicating a setting related to a verification target area (Callaghan, Paragraph [0079]).  

Regarding claim 2, Crowder as modified by Campbell do not teach the following limitation(s) as taught by Callaghan: The information processing apparatus of claim 1, wherein
when the verification target area is set according to a type of file system in the policy information, the circuitry creates the partition of the verification target area according to the type of file system (Callaghan, Paragraph [0083], see “The identification of what files to measure and appraise by the measurement and appraisal logic 324 may be accomplished by specifying, in the custom policies stored in the configuration data of the integrity management subsystem 322 and applied by the execution of the integrity management subsystem 322, a set of labels or identifiers. Labels are “affixed” to files as an extended attribute, e.g., file system metadata. Any file that has affixed to it one of these labels or identifiers, will be measured and appraised by the measurement and appraisal logic 324 of the integrity management subsystem 322”, where “The identification of what files to measure and appraise…may be accomplished by specifying, in the custom policies stored in the configuration data of the integrity management subsystem 322, a set of labels or identifiers. Labels are “affixed” to files as extended attribute, e.g., file system metadata” is analogous to the verification target area (i.e., identification of what files to measure and appraise) is set according to a type of file system in the policy information (i.e., specified in the custom policies stored in the configuration data) and where “Labels are “affixed” to files as an extended attribute, e.g., file system metadata” is analogous to the circuitry creating the partition of the verification target area (i.e., with labels) according to the type of file system). 
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for data integrity and non-repudiation, disclosed of Crowder, and techniques disclosed of Campbell, by implementing techniques for a system with secure booting and monitoring of service processor integrity, comprising of setting the verification target area according to a type of file system in the policy information and creating the partition of the target area according to the type of file system, disclosed of Callaghan. 
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for an information processing apparatus, comprising of setting the verification target area according to a type of file system in the policy information and creating the partition of the target area according to the type of file system. This allows for better security management by labeling the files in the verification target area according to a type of file system in order for the system to format the files respectively. Callaghan is deemed as analogous art due to the art disclosing techniques of setting the verification target area according to a type of file system in the policy information (Callaghan, Paragraph [0083]). 

Regarding claim 3, Crowder as modified by Campbell teaches The information processing apparatus of claim 1, wherein
	(Crowder, Fig. 2, see “110”, “150”, “160”, which depicts different storage medias, each comprising a plurality of partitions, wherein the circuitry creates the partition in the target area according to the identification information allocated to the partition, where in this example, “/os1”, “/os2”, “/download”, “/games” represent a specific partition, which are created according to the identification information allocated to the partition). 
	Crowder as modified by Campbell do not teach the following limitation(s) as taught by Callaghan: when the verification target area is set according to identification information allocated to each partition in the policy information (Callaghan, Paragraph [0083], see “The identification of what files to measure and appraise by the measurement and appraisal logic 324 may be accomplished by specifying, in the custom policies stored in the configuration data of the integrity management subsystem 322 and applied by the execution of the integrity management subsystem 322, a set of labels or identifiers. Labels are “affixed” to files as an extended attribute, e.g., file system metadata. Any file that has affixed to it one of these labels or identifiers, will be measured and appraised by the measurement and appraisal logic 324 of the integrity management subsystem 322”, where “labels” is analogous to identification information allocated to each partition in the policy information).
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for data integrity and non-repudiation, disclosed of Crowder, and techniques disclosed of Campbell, by implementing techniques for a system with secure booting and monitoring of service processor integrity, comprising of the verification target area being set according to identification information allocated to each partition in the policy information, disclosed of Callaghan.  
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for an information processing apparatus, comprising of the verification target area being set according to identification information allocated to each partition in the policy information. This allows for better security management by labeling which files need to undergo the measurement and appraisal test in order to a quick and efficient boot. Callaghan is deemed as analogous art due to the art disclosing techniques for the verification target area being set according to identification information allocated to each partition in the policy information (Callaghan, Paragraph [0083]). 

	Regarding claim 5, Crowder as further modified by Callaghan teaches The information processing apparatus of claim 1, wherein
	the circuitry is further configured to verify the signature of the  (Crowder, Paragraph [0065], see “…the BIOS is the first program to start when the gaming machine is powered on”) (Crowder, Paragraph [0077], see “…Whether remote or local, hard disk or solid state, for each media storage device, the BIOS reads the manifests…the manifests are read from a first partition 110 located on a hard disk device 100…since the manifests are stored in a EXT2 Linux file system on the partition 110, the BIOS is programmed to read this file system so that it can open the root directory, subdirectories, and files within the subdirectories. The BIOS starts at the root directory for the manifest partition 110a and performs a depth first recursive search for all manifest files that have the “.mfst” suffix. Every manifest file found is then authenticated by the BIOS”, where “Every manifest file found is then authenticated by the BIOS” is being read as the circuitry being configured to verify the signature of the file (due to authentication disclosed by Crowder involving verification of signatures) when the information processing apparatus (gaming machine) is started (or powered on), due to the BIOS being the first program to start when the gaming machine is powered on). 
	Crowder as further modified by Callaghan does not teach the following limitation(s) as taught by Campbell: the circuitry is further configured to verify the signature of the compressed file when the information processing apparatus is started (Campbell, Paragraph [0077], see “…the compressed files are verified…the compressed files 601 may include a digital signature appended thereto…the installation module 237 may verify the compressed files 601 based on the digital signature…”, where a signature (digital signature) of the compressed file is verified).
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for data integrity and non-repudiation, disclosed of Crowder, and techniques disclosed of Callaghan, by implementing techniques for on-the-fly encryption on a gaming machine, comprising of verifying a signature of a compressed file, disclosed of Campbell. 
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for an information processing apparatus, comprising of verifying a signature of a compressed file. This allows for better security management by verifying a digital signature of a compressed file before decompressing the file and loading it onto a secure memory. Campbell is deemed as analogous art due to the art disclosing techniques for verifying a signature of a compressed file before decompressing the compressed file into a specific memory based on a successful result of the signature verification (Campbell, Paragraphs [0077]).  

	Regarding claim 6, Crowder as further modified by Callaghan do not teach the following limitation(s) as taught by Campbell: The information processing apparatus of claim 1, wherein
	the circuitry is further configured to cancel decompression and expansion of the compressed file when the signature verification failed (Campbell, FIG. 8, see “812”, “814”, “816”, “824”, where in steps “812” and “814” the signature verification is performed, and the compressed file is only decompressed and expanded when the signature verification process is successful. In other words, when the signature verification fails (steps 812 and/or 814 result in a NO), the gaming machine is moved to an inoperative step whilst skipping (and/or canceling) the step of decompression and expansion of the compressed file). 
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for data integrity and non-repudiation, disclosed of Crowder, and techniques disclosed of Callaghan, by implementing techniques for on-the-fly encryption on a gaming machine, comprising of canceling decompression and expansion of the compressed file when the signature verification fails, disclosed of Campbell. 
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for an information processing apparatus, comprising of canceling decompression and expansion of the compressed file when the signature verification fails. This allows for better security management, as well as a more organized use of processing power, by limiting the need to decompress a file if a signature verification fails. That way, the system can also associate a decompressed file as an authentic file in the system with some regard. Campbell is deemed as analogous art due to the art disclosing techniques for canceling decompression and expansion of a compressed file when the signature verification fails (Campbell, FIG. 8).   

 Regarding claim 7, Crowder teaches An information processing method comprising (Crowder, Paragraph [0048], see “With reference to FIG. 2, a block diagram illustrates components 50 of the gaming machine 10 capable of authentication before and during use of the gaming machine 10…These components include, without limitation, one or more processors…”, where “gaming machine 10” is being read as an information processing apparatus):

creating in a storage area, a partition of the verification target area for verifying integrity and authenticity and a partition of a non-verification target area that does not verify the integrity and authenticity, (Crowder, Paragraph [0017], see “…a component is authenticated as or within partitions on the hard disk device…the hard disk device contains multiple partitions containing, for example, the Linux operating system, gaming libraries and executables, and multiple games with each game being placed within a separate partition. During boot up, the manifest for the partitions is authenticated using PVSSR algorithm, and then each partition is authenticated when it is mounted or loaded by the operating system…Then the libraries are authenticated and loaded. Only the games that are active need to have their respective partitions authenticated and loaded…For example, and not by way of limitation, if a hard drive has 100 game partitions, but only 10 games are active, then only the 10 game partitions of the active games need to be authenticated at boot time”, where “hard disk device” is being read as one or more memories, where “if a hard drive has 100 game partitions, but only 10 games are active, then only the 10 game partitions of the active games need to be authenticated at boot time” is being read as having a verification target area and a non-verification target area, where “active games” is being read as being included in a partition in a verification target area, and where the inactive games are read as being included in a non-verification target area, due to the active games undergoing an integrity and authenticity check, and where each game is placed within a separate partition);
storing a (Crowder, Paragraph [0045], see “…Each manifest includes a list of file records, wherein each record contains the name of a file stored on the hard disk device, and a signature value derived from the contents of the file on a device”, where “each manifest includes a list of file records” is being read as comprising a file, where “signature value” is being read as authentication data, where “hard disk device” is being read as one or more memories, wherein a file (file records) and authentication data (signature value) is stored in a partition in the verification target area of one or more memories (hard disk device));
verifying a signature of the (Crowder, Paragraph [0122], see “…the manifest partition is a list of files and their associated signature values, with a digital signature at the end of the partition, so that the entire partition is authenticated before loading”, where “signature values” is being read as authentication data associated with each file, where “digital signature” is being read as a signature, where a signature (digital signature) of the file is verified using the file and the authentication data (signature values) stored in the partition in the verification target area of the one or more memories (hard disk drive)) (Crowder, Paragraph [0128], discusses an embodiment related to utilization both the signature values of the files (authentication data) and the signature itself); 

(Crowder, Paragraph [0122], see “…the manifest partition is a list of files and their associated signature values, with a digital signature at the end of the partition, so that the entire partition is authenticated before loading”, where “signature values” is being read as authentication data associated with each file, where “digital signature” is being read as a signature, where a signature (digital signature) of the file is verified using the file and the authentication data (signature values) stored in the partition in the verification target area of the one or more memories (hard disk drive)).
Crowder does not teach the following limitation(s) as taught by Campbell: storing a compressed file and authentication data created from the compressed file in the partition of the verification target area (Campbell, Paragraph [0056], see “FIG. 6 illustrates a nonvolatile memory of a gaming machine used for on-the-fly encryption of data that is not preloaded on a secondary storage of the gaming machine…The nonvolatile memory 600 includes compressed files 601, game executable(s) 602…”, where “nonvolatile memory 600” is analogous to a memory comprising the verification target area, where the nonvolatile memory stores compressed files);
verifying a signature of the compressed file using the compressed file and the authentication data stored in the partition of the verification target area (Campbell, Paragraph [0077], see “…the compressed files are verified…the compressed files 601 may include a digital signature appended thereto…the installation module 237 may verify the compressed files 601 based on the digital signature…”, where a signature (digital signature) of the compressed file is verified); and
	based on a successful result of the signature verification, decompressing, and expanding the compressed file to the partition of the non-verification target area (Campbell, FIG. 8, see “812”, “814”, “816”, where in steps “812” and “814”, the signature is verified and where in step “816”, based on a successful result of the signature verification, the file is decompressed and expanded into the non-verification target area of the one or more memories, where “secondary storage” is analogous to the non-verification target area of the one or more memories) (Campbell, Paragraph [0078], see “…the installation module 237 may verify the on-the-fly encryption data 608 based on the digital signature. While block 812 and block 814 described the verification of the compressed file and the on-the-fly encryption data as two separate operations, in some embodiments, the compressed file and the on-the-fly encryption data may be verified together based on the digital signature 612…the installation module 237 may generate a digital signature for the data stored in the nonvolatile memory 600 and compare the digital signature to the digital signature 612…”) (Campbell, Paragraph [0079], see “At block 816, file ‘X’ is decompressed to the secondary storage…the installation module 237 may decompress file ‘X’ of the compressed files 601 for installation into the secondary storage 208”, where “secondary storage 208” is analogous to a memory comprising the non-verification target area, where based on a successful result of the signature verification, the compressed file is decompressed to the partition in the non-verification target area of the one or more memories (secondary storage 208)).
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for data integrity and non-repudiation, disclosed of Crowder, by implementing techniques for on-the-fly encryption on a gaming machine, comprising of verifying a signature of a compressed file and based on a successful result of the signature verification, decompressing and expanding the compressed file into a separate memory disclosed of Campbell.
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for an information processing apparatus, comprising of verifying a signature of a compressed file and based on a successful result of the signature verification, decompressing and expanding the compressed file into a separate memory. This allows for better security management by verifying a digital signature of a compressed file before decompressing the file and loading it onto a secure memory. Campbell is deemed as analogous art due to the art disclosing techniques for verifying a signature of a compressed file and decompressing the compressed file into a specific memory based on a successful result of the signature verification (Campbell, Paragraphs [0078 – 0079]). 
Crowder as modified by Campbell do not teach the following limitation(s) as taught by Callaghan: creating policy information indicating a setting related to a verification target area (Callaghan, Paragraph [0115], see “As the operating system kernel is booting, the integrity management subsystem, e.g., an IMA subsystem, of the operating system kernel is enabled…The integrity management subsystem is configured with policy information that indicates which security relevant immutable files on which to perform measurements, appraisals, and for which to generate corresponding logs. During booting and during operation of the service processor, the integrity management subsystem records operating system level execution measurements of security relevant immutable files in the hash chain of the TPM’s registers, e.g., the PCRs, and corresponding logs in the event log storage of the service processor, as well as performs appraisals, all based on the established policy and file labels associated with the files accessed by the service processor…”, where “The integrity management subsystem is configured with policy information that indicates which security relevant immutable files on which to perform measurements, appraisals…” is analogous to creating policy information indicating a setting related to a verification target area, where “security relevant immutable files on which to perform measurements, appraisals…” is analogous to relating to a verification target area);
creating in a storage area, a partition of the verification target area for verifying integrity and authenticity and a partition of a non-verification target area that does not verify the integrity and authenticity, based on the created policy information (Callaghan, Paragraph [0083], see “The identification of what files to measure and appraise by the measurement and appraisal logic 324 may be accomplished by specifying, in the custom policies stored in the configuration data of the integrity management subsystem 322 and applied by the execution of the integrity management subsystem 322, a set of labels or identifiers. Labels are “affixed” to files as an extended attribute, e.g., file system metadata. Any file that has affixed to it one of these labels or identifiers, will be measured and appraised by the measurement and appraisal logic 324 of the integrity management subsystem 322” where any file that has affixed to it one of these labels or identifiers, are partitioned in the verification target area and any file that does not have a label is interpreted as being in the non-verification target area, based on the created policy information);
wherein the verifying of the signature includes confirming the partition of the verification target area and the partition of the non-verification target area by referring to the created policy information (Callaghan, Paragraph [0033], see “…the SP also verifies digital signatures and/or records the measurements of executable files and security relevant files before they are executed or opened”) (Callaghan, Paragraph [0079], see “…The integrity management subsystem 322 verifies that all system sensitive files opened by the OS kernel 320 have a valid digital signature or match a predetermined hash value, and that the contents of the files have not changed since their corresponding signatures or hashes were generated…the integrity management subsystem 322 measurement and appraisal logic 324 may perform appraisal operations on a file the first time the file is accessed, and then again only when the file has been changed. In addition, if the file has an applicable FILE_CHECK policy rule, the integrity management subsystem 322 may prevent signed files from being opened for write”, where “if the file has an applicable FILE_CHECK policy rule, the integrity management subsystem 322 may prevent signed files from being opened for write” is analogous to wherein the verifying of the signature includes confirming the partition of the verification target area and the partition of the non-verification target area by referring to the created policy information, where “FILE_CHECK policy rule” is analogous to the created policy information, and where “prevent signed files from being opened for write” is analogous to being comprised in the non-verification target area, due to the file having been verified) (Callaghan, Paragraph [0115], see “…The integrity management subsystem is configured with policy information that indicates which security relevant immutable files on which to perform measurements, appraisals, and for which to generate corresponding logs”, where “policy information that indicates which security relevant immutable files on which to perform measurements, appraisals, and for which to generate corresponding logs” is analogous to confirming the partition of the verification target area (i.e., which files to verify) and the partition of the non-verification target area (i.e., which files that do not need verification) by referring to the policy information).
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for data integrity and non-repudiation, disclosed of Crowder, and techniques disclosed of Campbell, by implementing techniques for a system with secure booting and monitoring of service processor integrity, comprising of creating policy information indicating a setting related to a verification target area, wherein the verifying of the signature comprises confirming the contents of the verification target area and the contents of the non-verification target area by referring to the created policy information, disclosed of Callaghan. 
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for an information processing apparatus, comprising of creating policy information indicating a setting related to a verification target area, wherein the verifying of the signature comprises confirming the contents of the verification target area and the contents of the non-verification target area by referring to the created policy information. This allows for better security management in Linux systems by utilizing an IMA subsystem for creating policy information indicating a setting related to a verification target area, which allows for the creation and collection of hashes of files when opened, before their contents are accessed for read or execution. The IMA subsystem can interact within the system to protect the collected hashes from tampering by a rogue administrator or application. Callaghan is deemed as analogous art due to the art disclosing techniques for creating policy information indicating a setting related to a verification target area (Callaghan, Paragraph [0079]).  

Regarding claim 8, Crowder teaches A non-transitory recording medium which, when executed by one or more processors on an information processing apparatus, cause the processors to perform an information processing method (Crowder, Paragraph [0050], see “Either within the gaming machine 10, or in the diagnostic system 140 attachable to the gaming machine 10, are executable instructions or a software program 70 for authentication of the components (authentication software 70), which may itself be one of the components 50 to authenticate if it is internal to the gaming machine 10…authentication software 70 is stored on a persistent storage media such as the hard disk device 90, ROM 77, EEPROM 64…or other type of persistent memory”, where “gaming machine 10” is being read as an information processing apparatus and where “persistent storage media” is being read as a recording medium which, when executed by one or more processors on an information processing apparatus, perform respective methods), comprising:

creating in a storage area, a partition of the verification target area for verifying integrity and authenticity and a partition of a non-verification target area that does not verify the integrity and authenticity, (Crowder, Paragraph [0017], see “…a component is authenticated as or within partitions on the hard disk device…the hard disk device contains multiple partitions containing, for example, the Linux operating system, gaming libraries and executables, and multiple games with each game being placed within a separate partition. During boot up, the manifest for the partitions is authenticated using PVSSR algorithm, and then each partition is authenticated when it is mounted or loaded by the operating system…Then the libraries are authenticated and loaded. Only the games that are active need to have their respective partitions authenticated and loaded…For example, and not by way of limitation, if a hard drive has 100 game partitions, but only 10 games are active, then only the 10 game partitions of the active games need to be authenticated at boot time”, where “hard disk device” is being read as one or more memories, where “if a hard drive has 100 game partitions, but only 10 games are active, then only the 10 game partitions of the active games need to be authenticated at boot time” is being read as having a verification target area and a non-verification target area, where “active games” is being read as being included in a partition in a verification target area, and where the inactive games are read as being included in a non-verification target area, due to the active games undergoing an integrity and authenticity check, and where each game is placed within a separate partition); 
storing a (Crowder, Paragraph [0045], see “…Each manifest includes a list of file records, wherein each record contains the name of a file stored on the hard disk device, and a signature value derived from the contents of the file on a device”, where “each manifest includes a list of file records” is being read as comprising a file, where “signature value” is being read as authentication data, where “hard disk device” is being read as one or more memories, wherein a file (file records) and authentication data (signature value) is stored in a partition in the verification target area of one or more memories (hard disk device));
verifying a signature of the (Crowder, Paragraph [0122], see “…the manifest partition is a list of files and their associated signature values, with a digital signature at the end of the partition, so that the entire partition is authenticated before loading”, where “signature values” is being read as authentication data associated with each file, where “digital signature” is being read as a signature, where a signature (digital signature) of the file is verified using the file and the authentication data (signature values) stored in the partition in the verification target area of the one or more memories (hard disk drive)) (Crowder, Paragraph [0128], discusses an embodiment related to utilization both the signature values of the files (authentication data) and the signature itself); 

(Crowder, Paragraph [0122], see “…the manifest partition is a list of files and their associated signature values, with a digital signature at the end of the partition, so that the entire partition is authenticated before loading”, where “signature values” is being read as authentication data associated with each file, where “digital signature” is being read as a signature, where a signature (digital signature) of the file is verified using the file and the authentication data (signature values) stored in the partition in the verification target area of the one or more memories (hard disk drive)).
Crowder does not teach the following limitation(s) as taught by Campbell: storing a compressed file and authentication data created from the compressed file in the partition of the verification target area (Campbell, Paragraph [0056], see “FIG. 6 illustrates a nonvolatile memory of a gaming machine used for on-the-fly encryption of data that is not preloaded on a secondary storage of the gaming machine…The nonvolatile memory 600 includes compressed files 601, game executable(s) 602…”, where “nonvolatile memory 600” is analogous to a memory comprising the verification target area, where the nonvolatile memory stores compressed files);
verifying a signature of the compressed file using the compressed file and the authentication data stored in the partition of the verification target area (Campbell, Paragraph [0077], see “…the compressed files are verified…the compressed files 601 may include a digital signature appended thereto…the installation module 237 may verify the compressed files 601 based on the digital signature…”, where a signature (digital signature) of the compressed file is verified); and
	based on a successful result of the signature verification, decompressing, and expanding the compressed file to the partition of the non-verification target area (Campbell, FIG. 8, see “812”, “814”, “816”, where in steps “812” and “814”, the signature is verified and where in step “816”, based on a successful result of the signature verification, the file is decompressed and expanded into the non-verification target area of the one or more memories, where “secondary storage” is analogous to the non-verification target area of the one or more memories) (Campbell, Paragraph [0078], see “…the installation module 237 may verify the on-the-fly encryption data 608 based on the digital signature. While block 812 and block 814 described the verification of the compressed file and the on-the-fly encryption data as two separate operations, in some embodiments, the compressed file and the on-the-fly encryption data may be verified together based on the digital signature 612…the installation module 237 may generate a digital signature for the data stored in the nonvolatile memory 600 and compare the digital signature to the digital signature 612…”) (Campbell, Paragraph [0079], see “At block 816, file ‘X’ is decompressed to the secondary storage…the installation module 237 may decompress file ‘X’ of the compressed files 601 for installation into the secondary storage 208”, where “secondary storage 208” is analogous to a memory comprising the non-verification target area, where based on a successful result of the signature verification, the compressed file is decompressed to the partition in the non-verification target area of the one or more memories (secondary storage 208)).
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for data integrity and non-repudiation, disclosed of Crowder, by implementing techniques for on-the-fly encryption on a gaming machine, comprising of verifying a signature of a compressed file and based on a successful result of the signature verification, decompressing and expanding the compressed file into a separate memory disclosed of Campbell.
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for an information processing apparatus, comprising of verifying a signature of a compressed file and based on a successful result of the signature verification, decompressing and expanding the compressed file into a separate memory. This allows for better security management by verifying a digital signature of a compressed file before decompressing the file and loading it onto a secure memory. Campbell is deemed as analogous art due to the art disclosing techniques for verifying a signature of a compressed file and decompressing the compressed file into a specific memory based on a successful result of the signature verification (Campbell, Paragraphs [0078 – 0079]). 
Crowder as modified by Campbell do not teach the following limitation(s) as taught by Callaghan: creating policy information indicating a setting related to a verification target area (Callaghan, Paragraph [0115], see “As the operating system kernel is booting, the integrity management subsystem, e.g., an IMA subsystem, of the operating system kernel is enabled…The integrity management subsystem is configured with policy information that indicates which security relevant immutable files on which to perform measurements, appraisals, and for which to generate corresponding logs. During booting and during operation of the service processor, the integrity management subsystem records operating system level execution measurements of security relevant immutable files in the hash chain of the TPM’s registers, e.g., the PCRs, and corresponding logs in the event log storage of the service processor, as well as performs appraisals, all based on the established policy and file labels associated with the files accessed by the service processor…”, where “The integrity management subsystem is configured with policy information that indicates which security relevant immutable files on which to perform measurements, appraisals…” is analogous to creating policy information indicating a setting related to a verification target area, where “security relevant immutable files on which to perform measurements, appraisals…” is analogous to relating to a verification target area);
creating in a storage area, a partition of the verification target area for verifying integrity and authenticity and a partition of a non-verification target area that does not verify the integrity and authenticity, based on the created policy information (Callaghan, Paragraph [0083], see “The identification of what files to measure and appraise by the measurement and appraisal logic 324 may be accomplished by specifying, in the custom policies stored in the configuration data of the integrity management subsystem 322 and applied by the execution of the integrity management subsystem 322, a set of labels or identifiers. Labels are “affixed” to files as an extended attribute, e.g., file system metadata. Any file that has affixed to it one of these labels or identifiers, will be measured and appraised by the measurement and appraisal logic 324 of the integrity management subsystem 322” where any file that has affixed to it one of these labels or identifiers, are partitioned in the verification target area and any file that does not have a label is interpreted as being in the non-verification target area, based on the created policy information);
wherein the verifying of the signature includes confirming the partition of the verification target area and the partition of the non-verification target area by referring to the created policy information (Callaghan, Paragraph [0033], see “…the SP also verifies digital signatures and/or records the measurements of executable files and security relevant files before they are executed or opened”) (Callaghan, Paragraph [0079], see “…The integrity management subsystem 322 verifies that all system sensitive files opened by the OS kernel 320 have a valid digital signature or match a predetermined hash value, and that the contents of the files have not changed since their corresponding signatures or hashes were generated…the integrity management subsystem 322 measurement and appraisal logic 324 may perform appraisal operations on a file the first time the file is accessed, and then again only when the file has been changed. In addition, if the file has an applicable FILE_CHECK policy rule, the integrity management subsystem 322 may prevent signed files from being opened for write”, where “if the file has an applicable FILE_CHECK policy rule, the integrity management subsystem 322 may prevent signed files from being opened for write” is analogous to wherein the verifying of the signature includes confirming the partition of the verification target area and the partition of the non-verification target area by referring to the created policy information, where “FILE_CHECK policy rule” is analogous to the created policy information, and where “prevent signed files from being opened for write” is analogous to being comprised in the non-verification target area, due to the file having been verified) (Callaghan, Paragraph [0115], see “…The integrity management subsystem is configured with policy information that indicates which security relevant immutable files on which to perform measurements, appraisals, and for which to generate corresponding logs”, where “policy information that indicates which security relevant immutable files on which to perform measurements, appraisals, and for which to generate corresponding logs” is analogous to confirming the partition of the verification target area (i.e., which files to verify) and the partition of the non-verification target area (i.e., which files that do not need verification) by referring to the policy information).
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for data integrity and non-repudiation, disclosed of Crowder, and techniques disclosed of Campbell, by implementing techniques for a system with secure booting and monitoring of service processor integrity, comprising of creating policy information indicating a setting related to a verification target area, wherein the verifying of the signature comprises confirming the contents of the verification target area and the contents of the non-verification target area by referring to the created policy information, disclosed of Callaghan. 
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for an information processing apparatus, comprising of creating policy information indicating a setting related to a verification target area, wherein the verifying of the signature comprises confirming the contents of the verification target area and the contents of the non-verification target area by referring to the created policy information. This allows for better security management in Linux systems by utilizing an IMA subsystem for creating policy information indicating a setting related to a verification target area, which allows for the creation and collection of hashes of files when opened, before their contents are accessed for read or execution. The IMA subsystem can interact within the system to protect the collected hashes from tampering by a rogue administrator or application. Callaghan is deemed as analogous art due to the art disclosing techniques for creating policy information indicating a setting related to a verification target area (Callaghan, Paragraph [0079]).  


Claim 4 is rejected under 35 U.S.C. 103 as being unpatentable over Crowder, in view of Campbell, in further view of Callaghan, in further view of SATO (U.S. PGPub. 2022/0156842), hereinafter Sato.

	Regarding claim 4, Crowder as modified by Campbell and further modified by Callaghan do not teach the following limitation(s) as taught by Sato: The information processing apparatus of claim 1, wherein
	the circuitry is further configured to compress all of a plurality of files to generate one compressed file (Sato, Paragraph [0181], see “…the authentication program 60a compresses all the data files and creates one first compressed file. The first compressed file is in ZIP format, but the format is not limited to this”, where “compresses all the data files and creates one first compressed file” is analogous to compressing all of a plurality of files to generate one compressed file). 
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for data integrity and non-repudiation, disclosed of Crowder, techniques disclosed of Campbell, and techniques disclosed of Callaghan, by implementing techniques for a data processing system, comprising of compressing all of a plurality of files to generate one compressed file, disclosed of Sato.  
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for an information processing apparatus, comprising of compressing all of a plurality of files to generate one compressed file. This allows for better security management in terms of processing the compressed files by mitigating file sizes to facilitate disk-space efficiency, as well as allowing for faster transmissions of compressed files over different storage mediums and/or networks. Sato is deemed as analogous art due to the art disclosing techniques for compressing all of a plurality of files to generate one compressed file (Sato, Paragraph [0181]).  




Conclusion
Applicant’s amendment necessitated the new ground(s) of rejection presented in this Office Action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). 
	A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to RODMAN ALEXANDER MAHMOUDI whose telephone number is (571)272-8747.  The examiner can normally be reached on M-F 11:00am – 7:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Philip Chea can be reached on (571) 272-3951.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/R.A.M./Examiner, Art Unit 2499                                                                                                                                                                                                        /PHILIP J CHEA/Supervisory Patent Examiner, Art Unit 2499