DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Information Disclosure Statement
The information disclosure statements (IDS) submitted on 07/21/2021, 09/14/2022 and 12/09/2022 are in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim(s) 1, 5-7, 11-13, 17-18 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Turissini et al. (Us Pub No. 2019/0028281) in view of Kostiainen et al. (US Pub No. 2008/0320308).
Regarding independent claim 1, Turissini teaches a device comprising: a hardware backed key store configured to: generate a device key pair, the device key pair including a device private key and a device public key (Turissini, page 3, paragraphs 0023-0025 and page 4, paragraphs 0038-0040; device attestation key pair generated by the HSM); and based on the device private key, sign a first attestation resulting in a signed first attestation, the first attestation claiming the device private key originated from the hardware backed key store (Turissini, page 3, paragraphs 0023-0027 and page 4, paragraphs 0039-0045; attestation that keys are generated from HSM); generate a first key pair, the first key pair including first private key and a first public key (Turissini, page 3, paragraphs 0029 & 0033 and page 4, paragraph 0043; user key pair generated by HSM); based on the device private key, sign a second attestation resulting in a signed second attestation, the second attestation claiming the first application private key originated from the hardware backed key store (Turissini, page 3, paragraphs 0029-0030 & 0034 and page 4, paragraphs 0043-0051; signing user public key with device attestation private key to create attestation signature); communications circuitry configured to: based on the device public key and the signed first attestation, register the device with a trusted authority (Turissini, page 3, paragraphs 0023-0027 and page 4, paragraphs 0039-0045; attestation certificate from certificate authority; and based on the first public key and the signed second attestation, register a first application of the device to a first server (Turissini, page 3, paragraphs 0029-0031 & 0034-0035 and page 4, paragraphs 0043-0056).
	Turissini teaches generating new user keys (Turissini, page 3, paragraphs 0029 & 0033 and page 4, paragraph 0043) but dos not explicitly teach does not explicitly teaches generate a first application key pair, the first application key pair including first application private key and a first application public key; based on the device private key, sign a second attestation resulting in a signed second attestation, the second attestation claiming the first application private key originated from the hardware backed key store. 
	Kostiainen teaches generate a first application key pair, the first application key pair including first application private key and a first application public key (Kostiainen, page 4, paragraph 0047; TPM create first key pair for application); based on the device private key, sign a second attestation resulting in a signed second attestation, the second attestation claiming the first application private key originated from the hardware backed key store (Kostiainen, page 4, paragraphs 0047-0048;  first public key is transform with AIK secret key). 
	It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Turissini with the teachings of Kostiainen for key attestation for application keys to provide the advantage of efficient and secure mechanism for a verifier to check software configuration running on devices (Kostiainen, pages 1-2, paragraph 0009). 
	Regarding claim 5, Turissini in view of Kostiainen teaches the device wherein the hardware backed key store is further configured to derive the device public key and the device private key from a hardware backed key that is unique to the hardware backed key store of the device (Turissini, page 3, paragraphs 0025 and page 4, paragraphs 0038-0042).
Regarding claim 6, Turissini in view of Kostiainen teaches the device wherein the device private key is a Rivest-Shafir- Adleman (RSA) signing key or an elliptic curve cryptography (ECC) signing key (Turissini, page 3, paragraphs0029 & 0033).
Regarding independent claim 7, Turissini teaches a method comprising: generating, by hardware of a device, a device key pair, the device key pair including a device private key and a device public key (Turissini, page 3, paragraphs 0023-0025 and page 4, paragraphs 0038-0040; device attestation key pair generated by the HSM); and based on the device private key, sign a first attestation resulting in a signed first attestation, the first attestation claiming the device private key originated from the (Turissini, page 3, paragraphs 0023-0027 and page 4, paragraphs 0039-0045; attestation that keys are generated from HSM); based on the device public key and the signed first attestation, register the device with a trusted authority (Turissini, page 3, paragraphs 0023-0027 and page 4, paragraphs 0039-0045; attestation certificate from certificate authority); generating, by the hardware, a first key pair, the first key pair including first private key and a first public key (Turissini, page 3, paragraphs 0029 & 0033 and page 4, paragraph 0043; user key pair generated by HSM); based on the device private key, sign a second attestation resulting in a signed second attestation, the second attestation claiming the first application private key originated from the (Turissini, page 3, paragraphs 0029-0030 & 0034 and page 4, paragraphs 0043-0051; signing user public key with device attestation private key to create attestation signature); and based on the first public key and the signed second attestation, register a first application of the device to a first server (Turissini, page 3, paragraphs 0029-0031 & 0034-0035 and page 4, paragraphs 0043-0056).
	Turissini teaches generating new user keys (Turissini, page 3, paragraphs 0029 & 0033 and page 4, paragraph 0043) but dos not explicitly teach does not explicitly teaches generating, by the hardware, a first application key pair, the first application key pair including first application private key and a first application public key; based on the device private key, sign a second attestation resulting in a signed second attestation, the second attestation claiming the first application private key originated from the hardware backed key store. 
	Kostiainen teaches generating, by the hardware, a first application key pair, the first application key pair including first application private key and a first application public key (Kostiainen, page 4, paragraph 0047; TPM create first key pair for application); based on the device private key, sign a second attestation resulting in a signed second attestation, the second attestation claiming the first application private key originated from the hardware backed key store (Kostiainen, page 4, paragraphs 0047-0048;  first public key is transform with AIK secret key). 
	It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Turissini with the teachings of Kostiainen for key attestation for application keys to provide the advantage of efficient and secure mechanism for a verifier to check software configuration running on devices (Kostiainen, pages 1-2, paragraph 0009). 
	Regarding claim 11, Turissini in view of Kostiainen teaches the method further comprising deriving the device public key and the device private key from a hardware backed key that is unique to the hardware backed key store of the device (Turissini, page 3, paragraphs 0025 and page 4, paragraphs 0038-0042).
Regarding claim 12, Turissini in view of Kostiainen teaches the method wherein the device private key is a Rivest-Shafir- Adleman (RSA) signing key or an elliptic curve cryptography (ECC) signing key (Turissini, page 3, paragraphs0029 & 0033).
Regarding independent claim 13, Turissini teaches a non-transitory machine-readable medium including instructions stored thereon that, when executed by a device, cause the device to perform operations comprising: generating  a device key pair, the device key pair including a device private key and a device public key (Turissini, page 3, paragraphs 0023-0025 and page 4, paragraphs 0038-0040; device attestation key pair generated by the HSM); and based on the device private key, sign a first attestation resulting in a signed first attestation, the first attestation claiming the device private key originated from hardware of the device(Turissini, page 3, paragraphs 0023-0027 and page 4, paragraphs 0039-0045; attestation that keys are generated from HSM); based on the device public key and the signed first attestation, register the device with a trusted authority (Turissini, page 3, paragraphs 0023-0027 and page 4, paragraphs 0039-0045; attestation certificate from certificate authority); generating, by the hardware, a first key pair, the first key pair including first private key and a first public key (Turissini, page 3, paragraphs 0029 & 0033 and page 4, paragraph 0043; user key pair generated by HSM); based on the device private key, sign a second attestation resulting in a signed second attestation, the second attestation claiming the first application private key originated from the hardware (Turissini, page 3, paragraphs 0029-0030 & 0034 and page 4, paragraphs 0043-0051; signing user public key with device attestation private key to create attestation signature); and based on the first public key and the signed second attestation, register a first application of the device to a first server (Turissini, page 3, paragraphs 0029-0031 & 0034-0035 and page 4, paragraphs 0043-0056).
	Turissini teaches generating new user keys (Turissini, page 3, paragraphs 0029 & 0033 and page 4, paragraph 0043) but dos not explicitly teach does not explicitly teaches generating a first application key pair, the first application key pair including first application private key and a first application public key; based on the device private key, sign a second attestation resulting in a signed second attestation, the second attestation claiming the first application private key originated from the hardware backed key store. 
	Kostiainen teaches generating, by the hardware, a first application key pair, the first application key pair including first application private key and a first application public key (Kostiainen, page 4, paragraph 0047; TPM create first key pair for application); based on the device private key, sign a second attestation resulting in a signed second attestation, the second attestation claiming the first application private key originated from the hardware backed key store (Kostiainen, page 4, paragraphs 0047-0048;  first public key is transform with AIK secret key). 
	It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Turissini with the teachings of Kostiainen for key attestation for application keys to provide the advantage of efficient and secure mechanism for a verifier to check software configuration running on devices (Kostiainen, pages 1-2, paragraph 0009). 
	Regarding claim 17, Turissini in view of Kostiainen teaches the non-transitory machine-readable medium wherein the operation further comprise deriving the device public key and the device private key from a hardware backed key that is unique to the hardware backed key store of the device (Turissini, page 3, paragraphs 0025 and page 4, paragraphs 0038-0042).
Regarding independent claim 18, Turissini teaches a method comprising: receiving, from a device, an application registration request, the application registration request including an public key and a signed attestation (Turissini, page 3, paragraphs 0029-0030 and 0034-0035 and page 4, paragraph 0049; certificate request including user public key and attestation signature); based on a device public key of the device, verifying whether the signed attestation is bound to a hardware backed key store of the device (Turissini, page 3, paragraphs 0030-0031 & 0034-0035 and page 4, paragraphs 0036 & 0049-0051; verify proof pf procession/attestation of device private key); responsive to verifying the signed attestation is bound to the hardware backed key store of the device, determining whether claims of the signed attestation satisfy a policy (Turissini, page 4, paragraphs 0039 & 0051); and responsive to determining the claims satisfy the policy, registering the device with an application associated with the application registration request (Turissini, page 4, paragraphs 0036-0037).
Turissini does not explicitly teach an application public key. 
Kostiainen teaches application public key (Kostiainen, page 4, paragraphs 0047-0048;  first public key is transformed with AIK secret key). 
	It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Turissini with the teachings of Kostiainen for key attestation for application keys to provide the advantage of efficient and secure mechanism for a verifier to check software configuration running on devices (Kostiainen, pages 1-2, paragraph 0009). 
Regarding claim 20, Turissini in view of Kostiainen teaches the method further comprising: receiving a certificate, the certificate including an attestation that the device private key originated from the hardware backed key store and a signature of a trusted authority; and verifying a chain of trust of the certificate (Turissini, page 3, paragraphs 0028-0029 & 0035-0037 and page 4, paragraphs 0049-0051).

Claim(s) 3, 9 and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Turissini et al. (Us Pub No. 2019/0028281) in view of Kostiainen et al. (US Pub No. 2008/0320308) as applied to claims 1, 5-7, 11-13, 17-18 and 20 above, and in further view of Adrangi et al. (US Pub No. 2016/0373257).
Regarding claim 3, Turissini in view of Kostiainen teaches each and every claim limitation of claim 1. 
Turissini in view of Kostiainen does not explicitly teach the device wherein registering the device and the first application includes communication over a transport layer security channel.
Adrangi teaches wherein registering the device and the first application includes communication over a transport layer security channel (Adrangi, page 3, paragraph 0028).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Turissini in view of Kostiainen to use TLS sessions to provide the advantage of improve session security and trustworthiness (Adrangi, page 3, paragraph 0028).
Regarding claim 9, Turissini in view of Kostiainen teaches each and every claim limitation of claim 7. 
Turissini in view of Kostiainen does not explicitly teach the method wherein registering the device and the first application includes communication over a transport layer security channel.
Adrangi teaches wherein registering the device and the first application includes communication over a transport layer security channel (Adrangi, page 3, paragraph 0028).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Turissini in view of Kostiainen to use TLS sessions to provide the advantage of improve session security and trustworthiness (Adrangi, page 3, paragraph 0028).
Regarding claim 15, Turissini in view of Kostiainen teaches each and every claim limitation of claim 13. 
Turissini in view of Kostiainen does not explicitly teach the non-transitory machine-readable medium wherein registering the device and the first application includes communication over a transport layer security channel.
Adrangi teaches wherein registering the device and the first application includes communication over a transport layer security channel (Adrangi, page 3, paragraph 0028).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Turissini in view of Kostiainen to use TLS sessions to provide the advantage of improve session security and trustworthiness (Adrangi, page 3, paragraph 0028).

Claim(s) 19 is rejected under 35 U.S.C. 103 as being unpatentable over Turissini et al. (Us Pub No. 2019/0028281) in view of Kostiainen et al. (US Pub No. 2008/0320308) as applied to claims 1, 5-7, 11-13, 17-18 and 20 above, and in further view of SINHA et al. (US Pub No. 2020/0396217).
Regarding claim 19, Turissini in view of Kostiainen teaches each and every claim limitation of claim 18. 
Turissini in view of Kostiainen does not explicitly teach the method wherein verifying whether the signed attestation is bound to the hardware backed key store includes: issuing, to a trusted authority, a request for the device public key; and receiving, from the trusted authority, attestation status of the device public key and the device public key.
SINHA teaches wherein verifying whether the signed attestation is bound to the hardware backed key store includes: issuing, to a trusted authority, a request for the device public key; and receiving, from the trusted authority, attestation status of the device public key and the device public key (SINHA, page 6, paragraph 0064-0065; request for attestation certificate and key pair).


Allowable Subject Matter
Claims 2, 4, 8, 10, 14 and 16 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
Examiner’s Statement for Indicating Allowable Subject Matter
The following is a statement of reasons for the indication of allowable subject matter: The  prior art Le Saint et al. (US Pub No. 2018/0167208) discloses confidentially and securely provisioning data to an authenticated user device. A user device may register an authentication public key with an authentication server. The authentication public key may be signed by an attestation private key maintained by the user device. Once the user device is registered, a provisioning server may send an authentication request message including a challenge to the user device. The user device may sign the challenge using an authentication private key corresponding to the registered authentication public key, and may return the signed challenge to the provisioning server. In response, the provisioning server may provide provisioning data to the user device. The registration, authentication, and provisioning process may use public key cryptography while maintaining confidentiality of the user device, the provisioning server, and then authentication server. (Le Saint, Abstract), SINHA et al. (US Pub No. 2020/0396217) discloses a computing device sends a request for an attestation certificate to an attestation service along with information regarding the hardware and/or software of the device. The attestation service processes the request and verifies the information received from the device. After verifying the information, the attestation service selects a public/private key pair from a collection of reusable public/private key pairs and generates an attestation certificate for the device and public key of the public/private key pair. This attestation certificate is digitally signed by the attestation service and returned to the device. The private key of the selected public/private key pair is also encrypted to a trusted secure component of the device, ensuring that the key cannot be stolen by malware and re-used on another device, and is returned to the device. The device uses this attestation certificate to access relying parties, and optionally generates additional public/private key pairs and attestation certificates. (SINHA, Abstract), and CACERES et al. (US Pub No. 2020/0021445) discloses device receives, from an application, a request to access an attestation key stored in a secure element of the device. The device obtains an attestation policy, by which to verify an identity of the application. The device examines an application file associated with the application, to determine whether the application file satisfies the attestation policy. The device selectively generates a temporary key based on a result of examining the application file. The temporary key may be used to access the attestation key. The temporary key may be generated based on the application file satisfying the attestation policy, and may not be generated based on the application file not satisfying the attestation policy.(CACERES, Abstract), however, the prior art taken alone or in combination does not teach or suggest “receive, from the trusted authority, a certificate attesting the device private key originated from the hardware backed key store; and wherein registering the first application of the device includes providing the certificate to the first server” (claims 2, 8 & 14) and “the hardware backed key store is further configured to: generate a second application key pair, the second application key pair including a second application private key and a second application public key; and based on the device private key, sign a third attestation resulting in a signed third attestation; and the communications circuitry is further configured to: based on the second application public key and the signed third attestation, register a second application of the device to a second server” (claims 4, 10 & 16), in combination with the remaining claim limitations. 

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHAQUEAL D WADE whose telephone number is (571)270-0357. The examiner can normally be reached M-F 8:00-5:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kristine Kincaid can be reached on 571-272-4063. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/SHAQUEAL D WADE-WRIGHT/Primary Examiner, Art Unit 2437