Notice of Pre-AIA or AIA Status
1. The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
2. The response filed on 12/23/2025 was received and considered.
Claims 1, 3-5, and 7-11 are pending.
Response to Arguments
3. Applicant’s arguments in the amendment filed 12/23/2025 with respect to the 103 rejections have been fully considered but they are not persuasive. Applicant argues that the independent claims 1 and 11 have been amended to recite the limitations “determines whether the storage has been encrypted, and hides a menu item of the setting menu for saving the encryption key in the second memory in a case that the storage is determined to have not been encrypted “. This limitation is similar to claim 3 and was already rejected by Kakutani.
Claim Rejections - 35 USC § 112
4. The following is a quotation of 35 U.S.C. 112(d):
(d) REFERENCE IN DEPENDENT FORMS.—Subject to subsection (e), a claim in dependent form shall contain a reference to a claim previously set forth and then specify a further limitation of the subject matter claimed. A claim in dependent form shall be construed to incorporate by reference all the limitations of the claim to which it refers.
The following is a quotation of pre-AIA 35 U.S.C. 112, fourth paragraph:
Subject to the following paragraph [i.e., the fifth paragraph of pre-AIA 35 U.S.C. 112], a claim in dependent form shall contain a reference to a claim previously set forth and then specify a further limitation of the subject matter claimed. A claim in dependent form shall be construed to incorporate by reference all the limitations of the claim to which it refers.
5. Claim 3 is rejected under 35 U.S.C. 112(d) or pre-AIA 35 U.S.C. 112, 4th paragraph, as being of improper dependent form for failing to further limit the subject matter of the claim upon which it depends, or for failing to include all the limitations of the claim upon which it depends. Claim 1 as amended is already reciting in a case when the storage is not encrypted (data are not encrypted) hides the menu item on the setting menu for saving the encryption key in the second memory. Applicant may cancel the claim(s), amend the claim(s) to place the claim(s) in proper dependent form, rewrite the claim(s) in independent form, or present a sufficient showing that the dependent claim(s) complies with the statutory requirements.
Claim Rejections - 35 USC § 103
6. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
7. Claims 1, 3-5 & 10-11 are rejected under 35 U.S.C. 103 as being unpatentable over Kakutani (US Pub. 2018/0039582 A2), hereafter Kakutani, in view of Ito et al. (US Pub. 2010/0174919 A1), hereafter Ito and in view of McClean (US Pub. 2009/0075630 A1).
Regarding claim 1, Kakutani teaches an information processor comprising:
a storage that saves data that is encrypted with an encryption key; (Kakutani [0037] “a configuration may also be adopted in which confidential data in the [hard disk drive] HDD 109 is encrypted directly with a [trusted platform module] TPM encryption key.”)
a first non-secure memory for saving the encryption key; (Kakutani [0033] “a TPM 123 allows use of a TPM encryption key (a TPM function).” Here, TPM 123 is used as a first memory for saving the encryption key. Further Kakutani [0004] teaches “in the case of adopting this TPM function, if the TPM malfunctions or is lost, for example, the TPM is replaced in some cases.” In this sense the TPM 123 is considered non-secure because it is not seen as free from malfunction or risk of data loss due to losing access to the encryption key upon being replaced.)
a second secure memory that is mountable to save the encryption key; (Kakutani [0033] “a USB connection unit 124 connects to a USB memory 125 (external memory), and performs input/output of data from/to the USB memory 125.” Further Kakutani [0063] “CPU 106 writes the archived TPM encryption key backup data to the USB memory 125.” Since the USB memory may be additionally mounted to save the encryption key and is used to further secure the apparatus it is mounted to, it is thus considered to be the second secure memory.)
a display that shows various setting menus; (Kakutani [0032] “outputting, to the console unit 111, image data to be displayed.” Here the console unit 111 is considered the display as it is used to display various setting menus shown in Kakutani Figures 5A-5C, 7, 9, & 12A-12C (further see Kakutani [0019], [0021], [0023], & [0026] for corresponding figure descriptions).)
an inputter with which a user makes various types of input; and (Kakutani [0032] “A console unit interface 110 performs the roles of controlling an interface to a console unit 111 having a touch panel, outputting, to the console unit 111, image data to be displayed on the console unit 111, and transmitting, to the CPU 106, information that has been input by the user via the console unit 111.” Here the console unit interface 110 is considered to be the inputter as it is used together with a touch panel and display to receive and transmit user input.)
a controller that controls saving of the encryption key and displaying on the display, (Kakutani [0031] “A CPU 106 is a processor that performs overall control of the multi-function peripheral 100.” Additionally, Kakutani [0036] and [0043] teach “the CPU 106 inputs the TPM encryption key 202 to the TPM 123” and “the CPU 106 displays an error screen (not illustrated here) on the console unit 111.” Since the CPU 106 controls saving the encryption key and displaying on the display, it is considered to act as the controller.) wherein when an instruction to save the encryption key in the second memory is input to the inputter (Kakutani [0058] “In step S601, the CPU 106 displays, on the console unit 111, a screen for inputting a password for backing up the TPM encryption key.” Kakutani [0060] “here, when the user presses an OK button 702, the CPU 106 receives the password for backing up the TPM encryption key and an instruction to execute backup of the TPM encryption key.”) in a state that the data is encrypted and the second memory is mounted, (Kakutani [0055] “when the user enables the TPM function in these steps S404 to S411, processing for generating a TPM encryption key is executed under the condition that the TPM encryption key can be backed up in advance.” Here steps S404 to S411, which as seen in Kakutani Figures 4 & 6, come just prior to S601 mentioned above as well as enforce a state where a “TPM function” is enabled and the second (USB) memory is connected. Where Kakutani [0004] teaches “generally, devices provided with a TPM realize safe management of confidential data by encrypting the confidential data and managing, within the TPM, the key that was used for the encryption. Hereinafter, such encryption/decryption using a TPM of an information processing apparatus is referred to as a 'TPM function'.”) the controller saves the encryption key in the second memory, (Kakutani [0063] “In step S605, the CPU 106 writes the archived TPM encryption key backup data to the USB memory 125.”)
wherein the controller causes the display to show a setting menu for saving the encryption key in the second memory (Kakutani [0058] “In step S601, the CPU 106 displays, on the console unit 111, a screen for inputting a password for backing up the TPM encryption key.”) when: the data is encrypted and the second memory is mounted on the information processor, and the encryption key is saved in the first memory, and (Kakutani [0055] “when the user enables the TPM function in these steps S404 to S411, processing for generating a TPM encryption key is executed under the condition that the TPM encryption key can be backed up in advance.” Here steps S404 to S411, which as seen in Kakutani Figures 4 & 6, come just prior to S601 mentioned above as well as enforce a state where a “TPM function” is enabled and the second memory is mounted. Where Kakutani [0004] teaches “generally, devices provided with a TPM realize safe management of confidential data by encrypting the confidential data and managing, within the TPM, the key that was used for the encryption. Hereinafter, such encryption/decryption using a TPM of an information processing apparatus is referred to as a 'TPM function'.”) the controller moves the encryption key saved in the first memory to the second memory (Kakutani [0063] “In step S605, the CPU 106 writes the archived TPM encryption key backup data to the USB memory 125.”) when the instruction to save the encryption key in the second memory is input to the inputter. (Kakutani Figure 6 shows that S605 of saving the encryption key to the second (USB) memory is to be executed if input is received from S601 which correlates to an instruction to back up the encryption key to the second (USB) memory.)
and wherein the controller further determines whether the storage has been encrypted, (para 11 determining whether or not an HSM function that allows encryption and decryption of data using the encryption key of the HSM is enabled) and hides a menu item of the setting menu for saving the encryption key in the second memory in a case that the storage is determined to have not been encrypted (para 11 performs control to back up the key, when enabled and paragraph 52 shows that when enabled backup the grayed out is released for enabling TPM setting, which implies that when not encrypted (not enabled TPM setting or not enabling HSM function) the grayed out is not released).
Another explanation as the one that was provided in claim 3 is: (Kakutani [0058] “In step S601, the CPU 106 displays, on the console unit 111, a screen for inputting a password for backing up the TPM encryption key.” However, Kakutani [0055] teaches “when the user enables the TPM function in these steps S404 to S411, processing for generating a TPM encryption key is executed under the condition that the TPM encryption key can be backed up in advance.” Here and as seen in Figures 4 & 6, a “TPM function” must be enabled to reach step S601 which displays the setting menu for moving the encryption key to the second (USB) memory. Where Kakutani [0004] teaches “generally, devices provided with a TPM realize safe management of confidential data by encrypting the confidential data and managing, within the TPM, the key that was used for the encryption. Hereinafter, such encryption/decryption using a TPM of an information processing apparatus is referred to as a 'TPM function'.” Therefore, the CPU 106 does not cause the console unit 111 to show a setting menu for moving the encryption key to the second (USB) memory when the storage is not encrypted (i.e., when the “TPM function” is not enabled).)
Kakutani does not appear to explicitly teach wherein the controller deletes the encryption key saved in the first memory after moving the encryption key to the second memory. However, Ito teaches:
wherein the controller deletes the encryption key saved in the first memory after moving the encryption key to the second memory. (For context Ito [0323] teaches “According to the present embodiment, an encryption key is stored into the internal protected memory unit 144 which is access-restricted, and when the data encryption/decryption function unit 160 performs encryption processing using the encryption key for the first time, the mode is switched to acquire the encryption key from the internal protected memory unit 144. After that, the encryption key is copied into the memory unit 103 which is accessible, and the encryption key copied into the memory unit 103 is used in the normal mode.” Afterwards, Ito [0325] teaches that the “data encryption/decryption function unit 160, upon receiving a request to encrypt predetermined data stored in the memory unit 103, calculates the hash value of the application program, and if the calculated hash value does not match the hash value stored in the memory unit 103, deletes the encryption key copied in the memory unit 103.” Here, Ito teaches deleting an encryption key from a first memory 103. Where Ito [0070] teaches that a “normal security processing unit, in the normal mode, further deletes the stored key.” In this case, the normal security processing unit is considered to act as a controller as it is in control of deleting the saved encryption key.)
Accordingly, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, having the teachings of Kakutani and Ito before them, to include Ito’s key deletion techniques in Kakutani’s system performing deletion of the encryption key saved in the first memory. One would have been motivated to make such a combination to more efficiently secure the secrecy of the encryption key and ensure data confidentiality as taught by Ito (see Ito [0326]).
Kakutani does not appear to explicitly teach causes the display to show on the setting menu a specific display notifying a user that a secure state of the encryption key is established. However, McClean discloses causes the display to show on the setting menu a specific display notifying a user that a secure state of the encryption key is established (see paragraph [0041], [0086], and [0148]) disclosing when the deletion of encryption key is established, the mobile handset receives a completion message and up-to-date status success message.
Accordingly, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to modify Kakutani to show on the setting menu a display notifying a user that a secure state of the encryption key is established. One of ordinary skill in the art would have been motivated to do so because it would provide a way to notify the user that data is protected as suggested by McClean (para 41).
Regarding claim 3, Kakutani in view of Shimitami teaches the elements of claim 1 as outlined above. Kakutani also teaches:
wherein when the data are not encrypted, the controller does not cause the display to show the setting menu for moving the encryption key to the second memory. (Kakutani [0058] “In step S601, the CPU 106 displays, on the console unit 111, a screen for inputting a password for backing up the TPM encryption key.” However, Kakutani [0055] teaches “when the user enables the TPM function in these steps S404 to S411, processing for generating a TPM encryption key is executed under the condition that the TPM encryption key can be backed up in advance.” Here and as seen in Figures 4 & 6, a “TPM function” must be enabled to reach step S601 which displays the setting menu for moving the encryption key to the second (USB) memory. Where Kakutani [0004] teaches “generally, devices provided with a TPM realize safe management of confidential data by encrypting the confidential data and managing, within the TPM, the key that was used for the encryption. Hereinafter, such encryption/decryption using a TPM of an information processing apparatus is referred to as a 'TPM function'.” Therefore, the CPU 106 does not cause the console unit 111 to show a setting menu for moving the encryption key to the second (USB) memory when the storage is not encrypted (i.e., when the “TPM function” is not enabled).)
Regarding claim 4, Kakutani in view of Shimitami teaches the elements of claim 1 as outlined above. Kakutani also teaches:
wherein the controller saves the encryption key in the first memory at a time of encryption of the data. (Kakutani [0054] “in the first embodiment, when the TPM setting is enabled, the CPU 106 outputs an instruction to generate a TPM encryption key to the TPM 123.” Where Kakutani [0040] teaches “this TPM setting is setting information that indicates whether the TPM function of the multi-function peripheral 100 is enabled or disabled.” Further where Kakutani [0004] teaches “generally, devices provided with a TPM realize safe management of confidential data by encrypting the confidential data and managing, within the TPM, the key that was used for the encryption. Hereinafter, such encryption/decryption using a TPM of an information processing apparatus is referred to as a 'TPM function'.” Here, “TPM function” indicates encryption using the TPM’s features and once enabled is to cause the generation of an encryption key to the TPM 123 via the CPU 106.)
Regarding claim 5, Kakutani in view of Shimitami teaches the elements of claim 1 as outlined above. Kakutani also teaches:
wherein the controller selectively saves the encryption key in either the first memory or the second memory at a time of encryption of the data. (Kakutani [0053] teaches a “step S409, where the CPU 106 determines whether or not the button 502 for enabling TPM setting has been pressed. If the CPU 106 determines in step S409 that the button 502 has been pressed, the procedure advances to step S410, where the CPU 106 enables the TPM setting.” Here the CPU may selectively enable a “TPM setting” upon user input of button 502 being pressed. Where Kakutani [0040] teaches “this TPM setting is setting information that indicates whether the TPM function of the multi-function peripheral 100 is enabled or disabled.” Further where Kakutani [0004] teaches “generally, devices provided with a TPM realize safe management of confidential data by encrypting the confidential data and managing, within the TPM, the key that was used for the encryption. Hereinafter, such encryption/decryption using a TPM of an information processing apparatus is referred to as a 'TPM function'.” Here in Kakutani [0040] and [0004] it is taught that a “TPM setting” matches to a “TPM function” which indicates a state of encryption of the storage. Also, Kakutani [0054] teaches that “when the TPM setting is enabled, the CPU 106 outputs an instruction to generate a TPM encryption key to the TPM 123.” Thus, at the time the “TPM setting” which correlates to a “TPM function” is selectively enabled by the CPU, the CPU can then generate and save the encryption key.)
Regarding claim 10, Kakutani in view of Shimitami teaches the elements of claim 1 as outlined above. Kakutani also teaches:
an image forming apparatus (Kakutani [0029] “FIG. 1 is a block diagram for describing a schematic hardware configuration of a multi-function peripheral 100 according to a first embodiment of the present invention.” Kakutani Figure 1 teaches the multi-function peripheral (MFP) 100 includes a printer 103, scanner 102, image bus interface 117, and image processing units 121 & 122. Since the MFP 100 has the aforementioned components and the functionality that naturally comes with them, it is considered to be an image forming apparatus.) on which the information processor according to claim 1 is mounted and (Kakutani [0028] “in this embodiment, an MFP (multi-function peripheral/digital multi-function peripheral) will be described as an example of an information processing apparatus.”) in which image data are saved in the storage. (Kakutani [0031] “An HDD 109 is a hard disk drive, and stores programs executed by the CPU 106, applications, image data and the like.”)
Regarding claim 11, Kakutani teaches a control method for an information processor comprising:
saving data in a storage and encrypting the data with an encryption key; (Kakutani [0037] “a configuration may also be adopted in which confidential data in the HDD 109 is encrypted directly with a [trusted platform module] TPM encryption key.”)
saving the encryption key in a first non-secure memory; (Kakutani [0033] “a TPM 123 allows use of a TPM encryption key (a TPM function).” Here, TPM 123 is used as a first memory for saving the encryption key. Further Kakutani [0004] teaches “in the case of adopting this TPM function, if the TPM malfunctions or is lost, for example, the TPM is replaced in some cases.” In this sense the TPM 123 is considered non-secure because it is not seen as free from malfunction or risk of data loss due to losing access to the encryption key upon being replaced.)
saving the encryption key in a second secure memory that is mountable; (Kakutani [0033] “a USB connection unit 124 connects to a USB memory 125 (external memory), and performs input/output of data from/to the USB memory 125.” Further Kakutani [0063] “CPU 106 writes the archived TPM encryption key backup data to the USB memory 125.” Since the USB memory may be additionally mounted to save the encryption key and is used to further secure the apparatus it is mounted to, it is thus considered to be the second secure memory.)
showing various setting menus on a display; (Kakutani [0032] “outputting, to the console unit 111, image data to be displayed.” Here the console unit 111 is considered the display as it is used to display various setting menus shown in Figures 5A-5C, 7, 9, & 12A-12C (further see Kakutani [0019], [0021], [0023], & [0026] for corresponding figure descriptions).)
making various types of input by a user; and (Kakutani [0032] “A console unit interface 110 performs the roles of controlling an interface to a console unit 111 having a touch panel, outputting, to the console unit 111, image data to be displayed on the console unit 111, and transmitting, to the CPU 106, information that has been input by the user via the console unit 111.” Here the console unit interface 110 is considered to be the inputter as it is used together with a touch panel and display to receive and transmit user input.)
controlling saving of the encryption key and displaying on the display, (Kakutani [0031] “A CPU 106 is a processor that performs overall control of the multi-function peripheral 100.” Additionally, Kakutani [0036] and [0043] teach “the CPU 106 inputs the TPM encryption key 202 to the TPM 123” and “the CPU 106 displays an error screen (not illustrated here) on the console unit 111.” Since the CPU 106 controls saving the encryption key and displaying on the display, it is considered to act as the controller.) wherein in the controlling of the saving of the encryption key and displaying on the display, when an instruction to save the encryption key in the second memory is input to the inputter (Kakutani [0058] “In step S601, the CPU 106 displays, on the console unit 111, a screen for inputting a password for backing up the TPM encryption key.” Kakutani [0060] “here, when the user presses an OK button 702, the CPU 106 receives the password for backing up the TPM encryption key and an instruction to execute backup of the TPM encryption key.”) in a state that the data is encrypted and the second memory is mounted, (Kakutani [0055] “when the user enables the TPM function in these steps S404 to S411, processing for generating a TPM encryption key is executed under the condition that the TPM encryption key can be backed up in advance.” Here steps S404 to S411, which as seen in Kakutani Figures 4 & 6, come just prior to S601 mentioned above as well as enforce a state where a “TPM function” is enabled and the second (USB) memory is connected. Where Kakutani [0004] teaches “generally, devices provided with a TPM realize safe management of confidential data by encrypting the confidential data and managing, within the TPM, the key that was used for the encryption. Hereinafter, such encryption/decryption using a TPM of an information processing apparatus is referred to as a 'TPM function'.”) the encryption key is saved in the second memory, (Kakutani [0063] “In step S605, the CPU 106 writes the archived TPM encryption key backup data to the USB memory 125.”)
wherein the controller causes the display to show a setting menu for saving the encryption key in the second memory (Kakutani [0058] “In step S601, the CPU 106 displays, on the console unit 111, a screen for inputting a password for backing up the TPM encryption key.”) when: the data is encrypted and the second memory is mounted on the information processor, and the encryption key is saved in the first memory, and (Kakutani [0055] “when the user enables the TPM function in these steps S404 to S411, processing for generating a TPM encryption key is executed under the condition that the TPM encryption key can be backed up in advance.” Here steps S404 to S411, which as seen in Kakutani Figures 4 & 6, come just prior to S601 mentioned above as well as enforce a state where a “TPM function” is enabled and the second memory is mounted. Where Kakutani [0004] teaches “generally, devices provided with a TPM realize safe management of confidential data by encrypting the confidential data and managing, within the TPM, the key that was used for the encryption. Hereinafter, such encryption/decryption using a TPM of an information processing apparatus is referred to as a 'TPM function'.”) the controller moves the encryption key saved in the first memory to the second memory (Kakutani [0063] “In step S605, the CPU 106 writes the archived TPM encryption key backup data to the USB memory 125.”) when the instruction to save the encryption key in the second memory is input to the inputter. (Kakutani Figure 6 shows that S605 of saving the encryption key to the second (USB) memory is to be executed if input is received from S601 which correlates to an instruction to back up the encryption key to the second (USB) memory.)
determining whether the storage has been encrypted, (para 11 determining whether or not an HSM function that allows encryption and decryption of data using the encryption key of the HSM is enabled) and hiding a menu item of the setting menu for saving the encryption key in the second memory in a case that the storage is determined to have not been encrypted (para 11 performs control to back up the key, when enabled and paragraph 52 shows that when enabled backup the grayed out is released for enabling TPM setting, which implies that when not encrypted (not enabled TPM setting or not enabling HSM function) the grayed out is not released).
Another explanation as the one that was provided in claim 3 is: (Kakutani [0058] “In step S601, the CPU 106 displays, on the console unit 111, a screen for inputting a password for backing up the TPM encryption key.” However, Kakutani [0055] teaches “when the user enables the TPM function in these steps S404 to S411, processing for generating a TPM encryption key is executed under the condition that the TPM encryption key can be backed up in advance.” Here and as seen in Figures 4 & 6, a “TPM function” must be enabled to reach step S601 which displays the setting menu for moving the encryption key to the second (USB) memory. Where Kakutani [0004] teaches “generally, devices provided with a TPM realize safe management of confidential data by encrypting the confidential data and managing, within the TPM, the key that was used for the encryption. Hereinafter, such encryption/decryption using a TPM of an information processing apparatus is referred to as a 'TPM function'.” Therefore, the CPU 106 does not cause the console unit 111 to show a setting menu for moving the encryption key to the second (USB) memory when the storage is not encrypted (i.e., when the “TPM function” is not enabled).)
Kakutani does not appear to explicitly teach wherein the controller deletes the encryption key saved in the first memory after moving the encryption key to the second memory. However, Ito teaches:
wherein the controller deletes the encryption key saved in the first memory after moving the encryption key to the second memory. (For context Ito [0323] teaches “According to the present embodiment, an encryption key is stored into the internal protected memory unit 144 which is access-restricted, and when the data encryption/decryption function unit 160 performs encryption processing using the encryption key for the first time, the mode is switched to acquire the encryption key from the internal protected memory unit 144. After that, the encryption key is copied into the memory unit 103 which is accessible, and the encryption key copied into the memory unit 103 is used in the normal mode.” Afterwards, Ito [0325] teaches that the “data encryption/decryption function unit 160, upon receiving a request to encrypt predetermined data stored in the memory unit 103, calculates the hash value of the application program, and if the calculated hash value does not match the hash value stored in the memory unit 103, deletes the encryption key copied in the memory unit 103.” Here, Ito teaches deleting an encryption key from a first memory 103. Where Ito [0070] teaches that a “normal security processing unit, in the normal mode, further deletes the stored key.” In this case, the normal security processing unit is considered to act as a controller as it is in control of deleting the saved encryption key.)
Accordingly, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, having the teachings of Kakutani and Ito before them, to include Ito’s key deletion techniques in Kakutani’s system performing deletion of the encryption key saved in the first memory. One would have been motivated to make such a combination to more efficiently secure the secrecy of the encryption key and ensure data confidentiality as taught by Ito (see Ito [0326]).
Kakutani does not appear to explicitly teach causes the display to show on the setting menu a specific display notifying a user that a secure state of the encryption key is established. However, McClean discloses causes the display to show on the setting menu a specific display notifying a user that a secure state of the encryption key is established (see paragraph [0041], [0086], and [0148]) disclosing when the deletion of encryption key is established, the mobile handset receives a completion message and up-to-date status success message.
Accordingly, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to modify Kakutani to show on the setting menu a display notifying a user that a secure state of the encryption key is established. One of ordinary skill in the art would have been motivated to do so because it would provide a way to notify the user that data is protected as suggested by McClean (para 41).
8. Claim 7 is rejected under 35 U.S.C. 103 as being unpatentable over Kakutani in view of Ito and in view of McClean as applied to claim 1 above, and further in view of “Li Jun and Yu Huiping, Trusted Full Disk Encryption Model Based on TPM, 2010, IEEE, 4 pages” (Non-Patent Literature Documents Citation U, listed on Notice of References Cited by Examiner dated 10/31/2024), hereafter Li.
Regarding claim 7, the combination of Kakutani, Ito, and McClean teaches the elements of claim 1 as outlined above. Kakutani also teaches:
wherein in a state where that the [data] is encrypted and the encryption key is saved in the second memory, (Kakutani [0055] “when the user enables the TPM function in these steps S404 to S411, processing for generating a TPM encryption key is executed under the condition that the TPM encryption key can be backed up in advance.” Here steps S404 to S411 enforce a state where a “TPM function” is enabled and the second (USB) memory is connected. Where Kakutani [0004] teaches “generally, devices provided with a TPM realize safe management of confidential data by encrypting the confidential data and managing, within the TPM, the key that was used for the encryption. Hereinafter, such encryption/decryption using a TPM of an information processing apparatus is referred to as a 'TPM function'.”) the controller provides the specific display in the various setting menus. (Kakutani [0067]-[0068] “when backup of the TPM encryption key is complete in this manner, the procedure advances to step S412 in FIG. 4, and the CPU 106 displays, on the console unit 111, a message indicating that the TPM setting is enabled. FIG. 5C depicts a view showing an example of the TPM setting screen when the TPM setting is enabled.” Here the setting menu shown in Figure 5C is considered to be the specific display.)
Kakutani does not appear to explicitly teach where that the storage is encrypted. However, Li teaches:
where that the storage is encrypted. (Li [Section I. "Introduction" lines 18-20] “constructs a trusted full-disk encryption model by combining TPM’s features and traditional [full-disk encryption] FDE model.”)
Accordingly, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, having the teachings of Kakutani and Li before them, to include Li’s trusted full-disk encryption (TFDE) model in Kakutani’s system to perform encryption of a storage with an encryption key. One would have been motivated to make such a combination to more efficiently provide secure storage encryption through the likes of FDE as taught by Li (see Li [Section V. "Security Analysis for the Model"], specifically subsections [A. para. 2] and [B. para. 3]]).
9. Claim 8 is rejected under 35 U.S.C. 103 as being unpatentable over Kakutani in view of Ito and in view of McClean as applied to claim 1 above, and further in view of Hubbard et al. (US Pub. 2005/0125744 A1), hereafter Hubbard.
Regarding claim 8, the combination of Kakutani, Ito, and McClean teaches the elements of claim 1 as outlined above. Kakutani also teaches:
wherein after moving the encryption key that is saved in the first memory to the second memory, the controller executes processing of the setting menu. (Recall from claim 1 above that Kakutani [0058] teaches the setting menu that claim 8 depends upon. Where Kakutani Fig. 6 and [0064] teach “if it is determined in step S606 that backup to the USB memory 125 was successful, the procedure advances to step S608, where the CPU 106 stores a backup completion flag to the SRAM 114, and the procedure advances to step S609. In step S609, the CPU 106 displays, on the console unit 111, a message indicating that backup of the TPM encryption key is complete, and ends this processing for backing up the TPM encryption key.” Here Kakutani is considered to teach, subsequent steps/processes performed after displaying the setting menu mentioned in claim 2 above, where the controller (CPU) executes processing of the setting menu to display a message where it is indicated that moving the encryption key that is saved in the first memory to the second memory (i.e., the backup process) is completed.)
Kakutani does not appear to explicitly teach gray-out processing of the setting menu. However, Hubbard teaches:
gray-out processing of the setting menu. (Hubbard [0051] teaches “an exemplary menu display is illustrated in FIG. 4. In this illustration, a menu 400 has been displayed consisting of two items: CONFIG 402 and POWER 401. The CONFIG menu item 402 has been selected, causing display of a submenu as a pull down menu 412. Among the menu items of the pull down menu 412 is a "save" menu item 404 which has been displayed in a different font and grayed-out to indicate that it is unavailable. A cursor 406 has been detected hovering over this menu item, and an unavailability reason has been displayed in a tooltip box 408.” Here Hubbard teaches to gray-out a “save” button in a setting menu (e.g., CONFIG 402 submenu) to indicate that it is no longer available, where box 408 in Fig. 4 teaches the reason to gray-out the menu button is because it is already saved with no changes having occurred since the last save. Further it is noted that Kakutani [0065] is considered to suggest alternate configurations to be adopted in relation to the setting menu for backing up/saving the encryption key, and further Kakutani is considered to also suggest a similar teaching as Hubbard’s that may at least be seen in Kakutani paragraphs 94-96 and figures 12A-C of execution of a similar gray-out process.)
Accordingly, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, having the teachings of Kakutani and Hubbard before them, to include Hubbard’s gray-out teaching in Kakutani’s system to perform gray-out processing on the setting menu. One would have been motivated to make such a combination to indicate and make the menu item to be unavailable as taught by Hubbard (see Hubbard [0017] and/or [0051]).
10. Claim 9 is rejected under 35 U.S.C. 103 as being unpatentable over Kakutani in view of Ito and in view of McClean as applied to claim 1 above, and further in view of Terao (US Pub. 2008/0226081 A1), hereafter Terao.
Regarding claim 9, the combination of Kakutani, Ito, and McClean teaches the elements of claim 1 as outlined above. Kakutani also teaches:
wherein the controller causes the display to show a setting menu for backing up and saving the encryption key (Kakutani [0058] teaches a “step S601, the CPU 106 displays, on the console unit 111, a screen for inputting a password for backing up the TPM encryption key.”)
Kakutani does not appear to explicitly teach which is saved in the second memory, in a third memory attachable to and detachable from the information processor. However, Terao teaches:
which is saved in the second memory, in a third memory attachable to and detachable from the information processor. (Terao claim 10 teaches “wherein the backup unit is configured to encrypt the second encryption key using a password entered by an operator, and back up the second encryption key in a detachable third storage unit as a backup key.” Further Terao Figure 17A teaches a possible embodiment of this back up technique, where encryption keys B and C stored in a USB memory rather than the TPM memory is then saved into a detachable/attachable medium.)
Accordingly, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, having the teachings of Kakutani and Terao before them, to include Terao’s techniques for encryption key backup in Kakutani’s system performing encryption key backup to a(n) additional/third memory. One would have been motivated to make such a combination to more efficiently allow restoration of the encryption key through redundancy by backing up the encryption keys to additional memory as taught by Terao (see Terao [0079]-[0080]).
Conclusion
11. The prior art made of record and not relied upon is considered pertinent to applicant's disclosure as US Patent Publication US 20110107114 discloses part of the amended limitation of claims 1 and 11.
12. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
13. Any inquiry concerning this communication or earlier communications from the examiner should be directed to Carl G Colin whose telephone number is (571)272-3862. The examiner can normally be reached Monday-Thursday 8:00-5:00 PM, Friday 8-12 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Amy Cohen Johnson can be reached on 571-272-2238. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/CARL G COLIN/Supervisory Patent Examiner, Art Unit 2493