Office Action Predictor
Application No. 17/492,795

SELF-ENCRYPTING DEVICE (SED) SETUP SYSTEM AND METHOD

Final Rejection §103
Filed
Oct 04, 2021
Examiner
LANIER, BENJAMIN E
Art Unit
2437
Tech Center
2400 — Computer Networks
Assignee
Dell Products, L.P.
OA Round
6 (Final)
69%
Grant Probability
Favorable
7-8
OA Rounds
3y 6m
To Grant
48%
With Interview

Examiner Intelligence

69%
Career Allow Rate
628 granted / 909 resolved
Without
With
+-21.5%
Interview Lift
avg trend
3y 6m
Avg Prosecution
36 pending
945
Total Applications
career history

Statute-Specific Performance

§101
7.4%
-32.6% vs TC avg
§103
48.1%
+8.1% vs TC avg
§102
17.7%
-22.3% vs TC avg
§112
17.1%
-22.9% vs TC avg
Black line = Tech Center average estimate • Based on career data

Office Action

§103
DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Response to Arguments Applicant argues on page 9 of the response, “Korkishko, however, does not teach that the displayed information includes a quantity of those multiple devices that possess the device public key certificate. Rather, Korkishko only teach that the information associate with the devise is displayed in such a manner as to enable the user of the local domain management apparatus to point to and select certain devices to add to the local domain among the devices displayed on the display.” In response, the claims merely require that the displayed information include a “quantity of those multiple devices” that possess the certificate. In other words, the broadest reasonable claim scope includes the display of information specific to the devices having the certificate. Korkishko reads on this limitation to the extent that Korkishko discloses the display of information specific to devices that have been discovered to possess public key certificates (Page 7, first paragraph). Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows: 1. Determining the scope and contents of the prior art. 2. Ascertaining the differences between the prior art and the claims at issue. 3. Resolving the level of ordinary skill in the pertinent art. 4. Considering objective evidence present in the application indicating obviousness or nonobviousness. Claims 1, 5, 6, 8, 12, 13, 15, 18, 19 are rejected under 35 U.S.C. 103 as being unpatentable over Sugimoto, WO 2020/017643, in view of Watsen, U.S. Patent No. 9,380,051, in view of Pearson, CN 107408175, in view of Hendel, WO 2019/084510, and further in view of Korkishko, KR 20070097736. Referring to claims 1, 8, 15, Sugimoto discloses a terminal device that can be a general PC/smartphone including CPU (Page 9, last two paragraphs: general PC/smartphone also include memory), which meets the limitation of a systems manager stored in at least one memory and executed by at least one processor. A user creates an account for a key management system using the user terminal device (Page 6, step 1: user terminal reads on the claimed IHS; key management system reads on the EKMS), which meets the limitation of store, in a subset of a plurality of information handling system (IHS), user account information associated with an external key management server (EKMS) service provided by an EKMS. The user account information includes a user ID and password (Page 23, second to last paragraph), which meets the limitation of the user account information including a unique identifier of the IHS. The user logs into the key management system using the terminal device and causes generation of a certificate signing request (CSR)(Page 6, step 3: user login into the key management system shows that the user id and password were used in the process of generating the CSR), which meets the limitation of when the IHS is to be registered for use with the EKMS, generate a certificate signing request (CSR) for the IHS using the stored account information. The user terminal transmits the CSR to a certificate authority (CA)(Page 6, step 4), which meets the limitation of communicate with a certificate authority (CA) associated with the EKMS to obtain a signed CSR and a EKMS certificate associated with the EKMS. The CA issues a certificate based on the CSR and sends it to the user where the certificate is imported to the key management system (Page 6, steps 5 & 6: certificate sent to the user shows that the user terminal receives the certificate), which meets the limitation of load [the signed CSR] and the EKMS on the IHS. Sugimoto does not disclose that the certificate includes a signed CSR. Watsen the generation of certificates that include a signed CSR (Col. 10, lines 53-55), which meets the limitation of load the signed CSR and the EKMS certificate on the IHS. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the CA of Sugimoto to have digitally signed the received CSR and included the signed CSR in the issued certificate in order to provide a chain of trust to the CA as discussed in Watsen (Col. 10, lines 55-57). Sugimoto does not disclose providing a self-encrypted drive for the terminal device. Pearson discloses authenticated access to a self-encrypting drive (SED) that utilizes a certificate to enable unlocking/accessing the content of the SED (Page 3, Preferred Embodiment), which meets the limitation of wherein the EKMS service provides a SED for the IHS. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the system of Sugimoto to have utilized the issued certificates in order to access an SED in order to provide encrypted storage as suggested by Pearson (Page 2, Background Technology). Sugimoto does not disclose the storage and identification of the number of terminals registered to a user account. Hendel discloses that multiple devices can be registered to an account such that the number of registered user devices can be displayed ([0112]), which meets the limitation of store, in a subset of a plurality of Information Handling Systems (IHSs), user account information, identify a first quantity of the subset of the IHSs that possess the user account information, the possession of the user account information indicating that its respective HIS is EKMS-capable, display the first quantity of the EKMS-capable IHSs for view by a user. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to display the number of registered terminals to the user account in the system of Sugimoto in order to provide the user with the current status summary of user terminals as suggested by Hendel ([0112]). Sugimoto does not disclose the display of the devices having received the certificate. Korkishko discloses discovering devices that have received a verified certificate (Page 7, first paragraph), which meets the limitation of identify a second quantity of a second subset of EKMS-ready IHSs that possess the signed CSR and a EKMS certificate. The discovered devices are displayed (Page 7, first paragraph), which meets the limitation of display the second quantity of the EKMS-ready IHSs for view by the user. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have displayed the user terminal devices that have received a certificate for the key management system in Sugimoto in order to allow for the selection from among verified devices as suggested by Korkishko (Page 7, first paragraph). Referring to claims 5, 12, 18, Sugimoto discloses that the user logs into the key management system using the terminal device (Page 6, steps 2 & 3). Upon successful authentication, an authorization code is sent to the terminal device where the authorization code is displayed (Page 11, first paragraph), which meets the limitation of display information associated with the EKMS-capable IHSs for view by a user. Referring to claims 6, 13, 19, Sugimoto discloses that the user logs into the key management system using the terminal device (Page 6, steps 2 & 3) such that successful authentication requires determining that the user has an account with a corresponding certificate (Page 11, paragraphs 6-8), which meets the limitation of identify from among a plurality of the IHSs, one or more EKMS-ready IHSs that possess [the signed CSR] and a EKMS certificate. Upon successful authentication, an authorization code is sent to the terminal device where the authorization code is displayed (Page 11, first paragraph), which meets the limitation of display additional information associated with the EKMS-ready IHSs for view by a user. Sugimoto does not disclose that the certificate includes a signed CSR. Watsen the generation of certificates that include a signed CSR (Col. 10, lines 53-55), which meets the limitation of the signed CSR and a EKMS certificate. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the CA of Sugimoto to have digitally signed the received CSR and included the signed CSR in the issued certificate in order to provide a chain of trust to the CA as discussed in Watsen (Col. 10, lines 55-57). Claims 2, 9, 16 are rejected under 35 U.S.C. 103 as being unpatentable over Sugimoto, WO 2020/017643, in view of Watsen, U.S. Patent No. 9,380,051, in view of Pearson, CN 107408175, in view of Hendel, WO 2019/084510, in view of Korkishko, KR 20070097736, and further in view of Kang, U.S. Publication No. 2008/0313401. Referring to claims 2, 9, 16, Sugimoto discloses that the user account information includes a user ID and password (Page 23, second to last paragraph). Sugimoto does not specify that the user ID and password information is stored in hidden memory. Kang discloses the storage of (Figure 11, element 148a & [0070]), which meets the limitation of the systems manager is further executed to store the user account information in a hidden memory storage of the IHS. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the user ID and password information of Sugimoto to have been stored in the terminal device in a hidden area of memory in order to protect the information from unauthorized access as suggested by Kang ([0054]). Claims 3, 4, 10, 11, 17 are rejected under 35 U.S.C. 103 as being unpatentable over Sugimoto, WO 2020/017643, in view of Watsen, U.S. Patent No. 9,380,051, in view of Pearson, CN 107408175, in view of Hendel, WO 2019/084510, in view of Korkishko, KR 20070097736, and further in view of Dhanabalan, U.S. Publication No. 2022/0210146. Referring to claims 3, 10, 17, Sugimoto does not disclose the implementation of a plugin to perform the certificate procedures. Dhanabalan the generation of a CSR, transmission of the CSR to a CA/CSS, and receiving a signed certificate from the CA/CSS (Figures 1 & 4) such that the procedures can be implemented using a plugin on the client ([0029]), which meets the limitation of wherein the acts of generating a CSR, communicating with a CA, and loading the signed CSR and the EKMS certificate on the IHS are performed by a plugin that is stored in the at least one memory and executed by the at least one processor. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for certificate procedures of the user terminal device to have been implemented by a plugin in order allow for the procedures to be executed in the background in conjunction with the application using the certificate as suggested by Dhanabalan ([0029]). Referring to claims 4, 11, Sugimoto does not disclose the implementation of a plugin to perform the certificate procedures. Dhanabalan the generation of a CSR, transmission of the CSR to a CA/CSS, and receiving a signed certificate from the CA/CSS (Figures 1 & 4) such that the procedures can be implemented using a plugin on the client ([0029]: Examiner notes that the plugin could be executed on any number of clients), which meets the limitation of wherein the plugin is further executed to perform the acts of generating a CSR, communicating with a CA, and loading the signed CSR and the EKMS certificate on a plurality of the IHSs. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for certificate procedures of the user terminal device to have been implemented by a plugin in order allow for the procedures to be executed in the background in conjunction with the application using the certificate as suggested by Dhanabalan ([0029]). Claims 7, 14, 20 are rejected under 35 U.S.C. 103 as being unpatentable over Sugimoto, WO 2020/017643, in view of Watsen, U.S. Patent No. 9,380,051, in view of Pearson, CN 107408175, in view of Hendel, WO 2019/084510, in view of Korkishko, KR 20070097736, and further in view of Lin, U.S. Publication No. 2017/0012770. Referring to claims 7, 14, 20, Sugimoto discloses that the CA issues a certificate based on the CSR and sends it to the user where the certificate is imported to the key management system (Page 6, steps 5 & 6), which meets the limitation of wherein the system manager is further executed to load [the signed CSR] and the EKMS certificate on [a Baseboard Management Controller (BMC) of the HIS, wherein the BMC is configured to administer the operation of the SED]. Sugimoto does not disclose that the certificate includes a signed CSR. Watsen the generation of certificates that include a signed CSR (Col. 10, lines 53-55), which meets the limitation of the signed CSR and a EKMS certificate. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the CA of Sugimoto to have digitally signed the received CSR and included the signed CSR in the issued certificate in order to provide a chain of trust to the CA as discussed in Watsen (Col. 10, lines 55-57). Sugimoto does not specify that the terminal device includes a BMC. Lin discloses a device implementing a SED that includes a BMC ([0006]), which meets the limitation of wherein the system manager is further executed to load the signed CSR and the EKMS certificate on a Baseboard Management Controller (BMC) of the HIS, wherein the BMC is configured to administer the operation of the SED. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the terminal device of the modified Sugimoto to have included a BMC because BMCs provide increased security by not relying on open source code as suggested by Lin ([0004]). Conclusion THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to BENJAMIN E LANIER whose telephone number is (571)272-3805. The examiner can normally be reached M-Th: 6:20-4:50. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Alexander Lagor can be reached at 5712705143. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /BENJAMIN E LANIER/Primary Examiner, Art Unit 2437
Read full office action

Prosecution Timeline

Oct 04, 2021
Application Filed
Jan 08, 2024
Non-Final Rejection — §103
Apr 01, 2024
Response Filed
Jul 09, 2024
Final Rejection — §103
Sep 11, 2024
Response after Non-Final Action
Oct 11, 2024
Applicant Interview (Telephonic)
Oct 11, 2024
Response after Non-Final Action
Oct 22, 2024
Request for Continued Examination
Oct 26, 2024
Response after Non-Final Action
Mar 17, 2025
Non-Final Rejection — §103
Jun 18, 2025
Response Filed
Jul 01, 2025
Final Rejection — §103
Aug 28, 2025
Response after Non-Final Action
Oct 14, 2025
Request for Continued Examination
Oct 21, 2025
Response after Non-Final Action
Oct 22, 2025
Non-Final Rejection — §103
Jan 26, 2026
Response Filed
Feb 05, 2026
Applicant Interview (Telephonic)
Feb 05, 2026
Examiner Interview Summary
Feb 12, 2026
Final Rejection — §103
Apr 06, 2026
Response after Non-Final Action

Precedent Cases

Applications granted by this same examiner with similar technology. Study what changed to get past this examiner.

Patent 12598079
DIGITAL SIGNATURES WITH KEY-DERIVATION
2y 5m to grant Granted Apr 07, 2026
Patent 12587541
SECURE CONNECTION BROKER FOR SWARM COMMUNICATIONS
2y 5m to grant Granted Mar 24, 2026
Patent 12566846
TURING MACHINE AGENT FOR BEHAVIORAL THREAT DETECTION
2y 5m to grant Granted Mar 03, 2026
Patent 12566884
MULTIMODAL FINGERPRINTING OF DIGITAL ASSETS
2y 5m to grant Granted Mar 03, 2026
Patent 12556414
SYSTEMS AND METHODS FOR AUTHENTICATION USING RELATIVISTIC ZERO KNOWLEDGE PROOFS
2y 5m to grant Granted Feb 17, 2026

AI Strategy Recommendation

Click below to generate an AI-powered prosecution strategy using examiner precedents, rejection analysis, and claim mapping.
Powered by AI — typically takes 5-10 seconds

Prosecution Projections

7-8
Expected OA Rounds
69%
Grant Probability
48%
With Interview (-21.5%)
3y 6m
Median Time to Grant
High
PTA Risk
Based on 909 resolved cases by this examiner