Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Status of claims
This office action is in response to claims filed on 02/02/2026
Claims 1-21 are pending and rejected; claims 1, 8 and 15 are independent claims
The 112 rejection is withdrawn in response to applicant explanation.
Response to Arguments
Applicant's arguments filed on 08/05/2025 have been fully considered but they are not persuasive.
With respect to applicant’s argument: the cited combination of arts does not teach “a system configured to "load an executable module from the BIOS into random-access memory (RAM); and prior to execution of the executable module that has been loaded from the BIOS into RAM, compare a calculated hash for the in-RAM executable module to a stored hash for the executable module stored in the driver integrity table to validate that the in-RAM executable module has not been altered during a time period subsequent to the loading of the executable module from the BIOS into RAM."”
Examiner respectfully disagree with applicant argument for the following reasons: The recited claim limitation is disclosed by the Samuel (see Samuel Figs. 2 6, ¶¶24-25 42 44 60, BIOS may read the firmware code of a component and calculate a measurement (e.g., a hash value) of the firmware code. The BIOS may read a value (e.g., a hash value) in a table corresponding to the component's firmware [i.e. executable module] and verify a signature of the value. The BIOS may compare the calculated measurement with the table value and determine if there is a match [i.e. compare a calculated hash for the in-RAM executable module to a stored hash]. If the BIOS determines that the calculated measurement matches the table value, then the BIOS may determine that the component's firmware is approved (e.g., known) firmware [i.e., reading the firmware is “loading executable module into RAM”; comparing the calculated measurement with the table value is “comparing a calculated hash for the in-RAM executable module to a stored hash in the integrity table”, that is before execution, at is well known in the art]). Disclosing the recited claim limitation.
In addition, the amended claim limitations have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim(s) 1-23 are rejected under 35 U.S.C. 103 as being unpatentable over Samuel et al. US Pub. No.: 2020/0097658 A1 (hereinafter Samuel) in view of Puthillathe et al. US Pub. No.: 2020/0019708 A1 (hereinafter Puthillathe) and further in view of Mahmoud US Patent.: 6,567,911 B1 (hereinafter Mahmoud).
Samuel teaches:
As to claim 1, an information handling system comprising:
a processor (see Samuel Fig. 1 ¶17, one or more processing resources such as a central process ); and
a basic input/output system (BIOS) comprising a program of instructions comprising boot firmware configured to be the first code executed by the processor when the information handling system is booted or powered on in order to initialize the information handling system for operation (see Samuel Fig. 1, ¶¶7 21, a boot/power on process off a computing device read a firmware to execute the boot process to initialize a system, stored in a basic input output system (BIOS) of the computing device); and
the management controller comprising: firmware configured to perform functionality of the management controller (see Samuel Fig. 3 and ¶¶20 46, build server to build a firmware of individual components of a computing device [i.e. functionality of the management controller]);
a driver integrity table setting forth a plurality of entries (see Samuel ¶¶20 30, table 116 [integrity table] may include multiple component identifiers corresponding to each of the components 108), each entry comprising identifying information for an executable module of the BIOS and a hash of executable code of such executable module signed by a private key, wherein the driver integrity table is signed by the private key (see Samuel Figs. 1-3 and ¶¶30-32, a hash 120(1) may be associated with the component ID 118(1) and the hash 120(N) may be associated with the component ID 118(N); ¶¶30-31, each of the hashes 120 may be digitally signed, e.g., using a private key 154 of a public key infrastructure (PKI) 152); and
a public key associated with the private key (see Samuel ¶34, PKI 152 may include the private key 154 ) ;
wherein the management controller is further configured to: verify integrity of a firmware of the management controller using the public key (see Samuel ¶20, table of approved firmware may be created by a build server that (1) builds (e.g., creates) the firmware for individual components…build server creates a measurement (e.g., a hash) for the firmware of each component and digitally signs each measurement with a private key… the table may be signed using the private key… signature may be verified using a hash of a public key that is embedded into the system's Platform Controller Hub (PCH) by a manufacturer of the computing device [i.e. the table of approved firmware is verified using the public key]);
verify integrity of the driver integrity table using the public key (see Samuel ¶21, the BIOS verifies the hash (or other measurement) of a signature of the approved firmware table; ¶25, verifying a digital signature of the current table using a public key stored in the BIOS [i.e. the hash of a signature of approved firmware table is the integrity table]); and
perform power sequencing of the information handling system to begin execution of the BIOS if the integrity of the firmware and the integrity of the driver integrity table are verified (see Samuel Fig. 6 and ¶¶59-60, a boot process of the computing device 102 is initiated, the BIOS 112 may perform a secure boot that includes extending a root of trust of the BIOS 112 to each of the firmware 110 of the components 108);
load an executable module from the BIOS into random-access memory (RAM) (see Samuel ¶¶35 60, the BIOS 112 may select a component, such as the component 108(1), read the corresponding firmware 110(1), [i.e., the BIOS read/load the (executable module)/(corresponding firmware) into RAM, as it is well known in the art]); and
prior to execution of the executable module that has been loaded from the BIOS into (RAM), compare a calculated hash for the uncompressed, in-RAM executable module to a stored hash for the executable module stored in the driver integrity table to validate that the uncompressed, in-RAM executable module has not been altered during a time period subsequent to the loading of the executable module from the BIOS ingo RAM (see Samuel Figs. 2 6, ¶¶24-25 42 44 60, BIOS may read the firmware code of a component and calculate a measurement (e.g., a hash value) of the firmware code. The BIOS may read a value (e.g., a hash value) in a table corresponding to the component's firmware [i.e. executable module] and verify a signature of the value. The BIOS may compare the calculated measurement with the table value and determine if there is a match [i.e. compare a calculated hash for the in-RAM executable module to a stored hash]. If the BIOS determines that the calculated measurement matches the table value, then the BIOS may determine that the component's firmware is approved (e.g., known) firmware [i.e., reading the firmware is equivalent to “loading executable module into RAM”; comparing the calculated measurement with the table value is equivalent to “comparing a calculated hash for the in-RAM executable module to a stored hash in the integrity table”, that is before execution and while in the RAM]).
Samuel does not explicitly teach but the related art Puthillathe teaches:
a management controller communicatively coupled to the processor and configured to provide out-of-band management facilities for management of the information handling system (see Puthillathe Figs.6A-6B ¶15, remote access controller [management controller] in the computing device 202 that provides an out-of-band channel between the computing device 202 and the secure server system 206),
Therefore, it would have been obvious to one with ordinary skill in the art before the effective filing date of the claimed invention, to modify extend root of trust to include firmware of individual components of a device disclosed by Samuel to include the remote access controller out-of-band access system as thought by Puthillathe. A person with ordinary skill in the art would have been motivated to implement out-of-band management in order to update firmware, restore platforms, retrieve server event/error logs, retrieve or update boot configuration data, and/or provide for a variety of other server management activities known in the art (see Puthillathe ¶3).
The combination of Samuel and Puthillathe does not explicitly teach but the related art Mahmoud teaches:
wherein the executable module is stored in the BIOS in a compressed form (see Mahmoud FIG. 3A illustrates a diagram 100' that includes an option ROM BIOS chip 120 and system RAM 102, Col. 3 lines 10-13, computer system includes… having an associated… ROM BIOS chip that includes a compressed BIOS image), and wherein loading the executable module from the BIOS into RAM comprises uncompressing the compressed form and storing the executable module uncompressed in RAM (see Mahmoud FIG. 3A illustrates a diagram 100' that includes an option ROM BIOS chip 120 and system RAM 102, Col. 6 lines 43-54, decompressor code.. executed.. to enable decompression of the initialization code directly from the.. ROM chip.. decompression of the compressed initialization code… uncompressed initialization code… to be loaded to the system RAM… when loaded, the uncompressed initialization code is only loaded to the conventional memory and not to the option ROM memory space)
Therefore, it would have been obvious to one with ordinary skill in the art before the effective filing date of the claimed invention, to modify extend root of trust to include firmware of individual components of a device disclosed by Samuel and the remote access controller out-of-band access system disclosed by Puthillathe to include the method of conserving memory resources during execution of system BIOS as thought by Mahmoud. A person with ordinary skill in the art would have been motivated for conserving memory resources available to a computer system during execution of the system BIOS in order to reduce the amount of memory area that is occupied by the system's various BIOS images. Such an approach would thereby ensure proper initialization of the computer system (see Mahamoud Col. 2 lines 18-24).
As to claim 2, the combination of Samuel, Puthillathe and Mahmoud discloses, information handling system of claim 1, wherein the management controller is configured to perform a remedial action if verification of either of the integrity of the firmware or the integrity of the driver integrity table fails (see Samuel ¶62, If a determination is made, at 618, that the hash of the firmware of the component fails to match the stored hash in the updated table, then the process may proceed to 620, where one or more actions may be performed based on a policy)
As to claim 3, the combination of Samuel, Puthillathe and Mahmoud discloses, the information handling system of claim 2, wherein the remedial action comprises powering down the information handling system (see Samuel ¶62, (4) stopping, at 628, the boot process or (5) disabling, at 630, the computing device (e.g., by preventing the computing device from booting))
As to claim 4, the combination of Samuel, Puthillathe and Mahmoud discloses, the information handling system of claim 1, wherein the management controller is further configured to, prior to execution of each executable module:
permit execution of such executable module if the calculated hash for such executable module matches the stored hash for such executable module (see Samuel Fig. 6 and ¶60, if a determination is made, at 618, that the hash associated with the firmware of the component matches the stored hash in the updated table, then the process may proceed to 612 where the boot process continues) ; and
perform a remedial action if the calculated hash for such executable module fails to match the stored hash for such executable module (see Samuel Fig. 6 and ¶¶39 62, If a determination is made, at 618, that the hash of the firmware of the component fails to match the stored hash in the updated table, then the process may proceed to 620, where one or more actions may be performed based on a policy).
As to claim 5, the combination of Samuel, Puthillathe and Mahmoud discloses, the information handling system of claim 4, wherein the remedial action comprises powering down the information handling system (see Samuel Fig. 6 ¶62, the boot process or (5) disabling, at 630, the computing device (e.g., by preventing the computing device from booting))
As to claim 6, the combination of Samuel, Puthillathe and Mahmoud discloses, the information handling system of claim 4, wherein the calculated hash is calculated by a dispatcher of the BIOS (see Samuel ¶39, a BIOS may select, in turn, each component of a computing device, read the firmware of the component, determine (e.g., calculate) a measurement (e.g., a hash value) of the firmware)
As to claim 7, the combination of Samuel, Puthillathe and Mahmoud discloses, the information handling system of claim 1, wherein the driver integrity table and the public key are written to the management controller by a provisioning server after build of the BIOS (see Samuel Fig. 3 and ¶20, the build server creates a measurement (e.g., a hash) for the firmware of each component and digitally signs each measurement with a private key. The table may be signed using the private key. The public key is stored in the BIOS and sealed)
Samuel teaches:
As to claim 15, an article of manufacture comprising:
a non-transitory computer readable medium (see Samuel Fig. 1); and
computer-executable instructions carried on the computer readable medium, the instructions readable by a processor (see Samuel Fig. 1 ¶17, one or more processing resources such as a central process ), the instructions, when read and executed, for causing the processor to,
verify, by the management controller, integrity of firmware of the management controller using a public key (see Samuel ¶36, verify the signature 172(N) of the hash 120(N) and compare the firmware hash 156 with the hash 120(N) corresponding to the component 108(N) to determine if there is a match);
verify, by the management controller, integrity of a driver integrity table using the public key, wherein the driver integrity table sets forth a plurality of entries(see Samuel ¶¶20 25 the authenticity of the new table may be verified by verifying a digital signature of the current table using a public key stored in the BIOS), each entry comprising identifying information for an executable module of a basic input/output system (BIOS) of the information handling system and a hash of executable code of such executable module signed by a private key (see Samuel Figs. 1-3 and ¶¶30-32 60, a hash 120(1) may be associated with the component ID 118(1) and the hash 120(N) may be associated with the component ID 118(N); ¶¶30-31, each of the hashes 120 may be digitally signed, e.g., using a private key 154 of a public key infrastructure (PKI) 152) , wherein the driver integrity table is signed by the private key and wherein the private key is associated with the public key (see Samuel ¶¶36 60, verify the signature 172(N) of the hash 120(N) and compare the firmware hash 156 with the hash 120(N) corresponding to the component 108(N) to determine if there is a match); and
perform, by the management controller, power sequencing of the information handling system to begin execution of the BIOS if integrity of the firmware and integrity of the driver integrity table are verified (see Samuel Fig. 6 and ¶¶59-60, a boot process of the computing device 102 is initiated, the BIOS 112 may perform a secure boot that includes extending a root of trust of the BIOS 112 to each of the firmware 110 of the components 108); and
load an executable module from the BIOS into random-access memory (RAM) (see Samuel ¶¶35 60, he BIOS 112 may select a component, such as the component 108(1), read the corresponding firmware 110(1), [i.e., the BIOS read/load the (executable module)/(corresponding firmware) into RAM]); and
prior to execution of the executable module that has been loaded from the BIOS into (RAM), compare a calculated hash for the uncompressed, in-RAM executable module to a stored hash for the executable module stored in the driver integrity table to validate that the uncompressed, in-RAM executable module has not been altered during a time period subsequent to the loading of the executable module from the BIOS ingo RAM (see Samuel Figs. 2 6, ¶¶24-25 42 44 60, BIOS may read the firmware code of a component and calculate a measurement (e.g., a hash value) of the firmware code. The BIOS may read a value (e.g., a hash value) in a table corresponding to the component's firmware [i.e. executable module] and verify a signature of the value. The BIOS may compare the calculated measurement with the table value and determine if there is a match [i.e. compare a calculated hash for the in-RAM executable module to a stored hash]. If the BIOS determines that the calculated measurement matches the table value, then the BIOS may determine that the component's firmware is approved (e.g., known) firmware [i.e., reading the firmware is equivalent to “loading executable module into RAM”; comparing the calculated measurement with the table value is equivalent to “comparing a calculated hash for the in-RAM executable module to a stored hash in the integrity table”, that is before execution and while in the RAM]).
Samuel does not explicitly teach but the related art Puthillathe teaches:
a management controller communicatively coupled to the processor and configured to provide out-of-band management facilities for management of the information handling system (see Puthillathe Figs.6A-6B ¶15, remote access controller [management controller] in the computing device 202 that provides an out-of-band channel between the computing device 202 and the secure server system 206),
Therefore, it would have been obvious to one with ordinary skill in the art before the effective filing date of the claimed invention, to modify extend root of trust to include firmware of individual components of a device disclosed by Samuel to include the remote access controller out-of-band access system as thought by Puthillathe. A person with ordinary skill in the art would have been motivated to implement out-of-band management in order to update firmware, restore platforms, retrieve server event/error logs, retrieve or update boot configuration data, and/or provide for a variety of other server management activities known in the art (see Puthillathe ¶3).
The combination of Samuel and Puthillathe does not explicitly teach but the related art Mahmoud teaches:
wherein the executable module is stored in the BIOS in a compressed form (see Mahmoud FIG. 3A illustrates a diagram 100' that includes an option ROM BIOS chip 120 and system RAM 102, Col. 3 lines 10-13, computer system includes… having an associated… ROM BIOS chip that includes a compressed BIOS image), and wherein loading the executable module from the BIOS into RAM comprises uncompressing the compressed form and storing the executable module uncompressed in RAM (see Mahmoud FIG. 3A illustrates a diagram 100' that includes an option ROM BIOS chip 120 and system RAM 102, Col. 6 lines 43-54, decompressor code.. executed.. to enable decompression of the initialization code directly from the.. ROM chip.. decompression of the compressed initialization code… uncompressed initialization code… to be loaded to the system RAM… when loaded, the uncompressed initialization code is only loaded to the conventional memory and not to the option ROM memory space)
Therefore, it would have been obvious to one with ordinary skill in the art before the effective filing date of the claimed invention, to modify extend root of trust to include firmware of individual components of a device disclosed by Samuel and the remote access controller out-of-band access system disclosed by Puthillathe to include the method of conserving memory resources during execution of system BIOS as thought by Mahmoud. A person with ordinary skill in the art would have been motivated for conserving memory resources available to a computer system during execution of the system BIOS in order to reduce the amount of memory area that is occupied by the system's various BIOS images. Such an approach would thereby ensure proper initialization of the computer system (see Mahamoud Col. 2 lines 18-24).
As to independent claim 8, this claim is directed to a method executed by the system of claim 1; therefore it is rejected along similar rationale.
As to dependent claims 9-14 and 16-21, these claims contain substantially similar subject matter as claim 2-7; therefore they are rejected along the same rationale.
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to NEGA WOLDEMARIAM whose telephone number is (571)270-7478. The examiner can normally be reached Monday to Friday, 8am-5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Cathy Thiaw can be reached at 5712701138. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
NEGA . WOLDEMARIAM
Examiner
Art Unit 2407
/N.W/ Examiner, Art Unit 2407
/Catherine Thiaw/ Supervisory Patent Examiner, Art Unit 2407 4/2/2026
Prosecution Insights