Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Continued Examination
1. A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 12/22/2025 has been entered.
Claim Status
2. Claims 1, 7, and 13 have currently been amended.
Response to Arguments
3. The applicant’s arguments filed 11/24/2025 have been taken into consideration, but are moot in view of new grounds of rejection.
In response to the applicant’s argument that the cited prior art fails to teach or suggest the newly amended claim limitations:
In light of the amended claim limitations, newly cited prior art reference Fang et al (US 2024/0095329) has been cited, which discloses determining risk levels associated with different operations that may be drawn to hardware tampering (e.g., determine a severity level from a group of severity levels for each of the plurality of tampering events); a determined low security risk level corresponding to operations detected by various sensors, including an acceleration sensor (e.g., wherein the group of severity levels includes a low-severity level associated with accelerometer events), and a high security risk level associated with the operation of opening a door (e.g., a high-severity level associated with chassis opening sensor events).
Claim Rejections – 35 USC 103
4. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office Action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
5. Claims 1-3, 5-9, 11-15, and 17-18 are rejected under 35 USC 103 as being unpatentable over Sinha et al (US 2022/0398597) in view of Swierk et al (US 2018/0253569), further in view of Fang et al (US 2024/0095329).
Regarding claim 1, Sinha et al an information handling system (fig. 1, ‘110) comprising:
at least one processor (fig. 4, ‘402);
a plurality of physical sensors including at least one sensor selected from the group comprising vibration sensors, accelerometers (par [0025], line 15), temperature sensors (par [0031], lines 10-12), chassis opening sensors, and tilt sensors;
a firmware having instructions coded thereon (par [0028-0029]) that are executable by the at least one processor; and
performing a remedial action based on the determined severity level (par [0100], lines 1-10 and par [0121], which disclose performing corrective actions once intrusion and anomalous activity have been detected).
Sinha et al does not explicitly teach detecting, based on one or more of the physical sensors, an unauthorized tampering event associated with the information handling system; and transmitting data regarding the tampering event to a central monitoring system.
However, Swierk et al teaches detecting, based on one or more of the physical sensors, an unauthorized tampering event associated with the information handling system (par [0146], which discloses using tampering sensors for tamper detection in an IHS environment); transmitting data regarding the tampering event to a central monitoring system (par [0119], lines 1-3, “monitor hardware intrusion detection”); and receive data regarding a plurality of tampering events from a plurality of information handling systems (par [0005], lines 6-12, which discloses information handling systems being implemented to disclose events indicative of physical tampering).
It would have been obvious to one of ordinary skill in the art before the effective date of the claimed invention to be motivated to combine the teachings of Swierk et al within the teachings of Sinha et al in order to provide the predictive result of improving recognizing and detection of potential threats and hazards within a remote monitoring environment by providing remote anomaly alerts and notification in the event that anomalous events are detected (as disclosed in par [0139] and par [0146] of Swierk et al) because this feature would further prevent malicious threats from occurring within the embodiments of Sinha et al by providing the anomalous notifications before each potential threat has been fully executed.
Sinha et al and Swierk et al do not explicitly teach wherein the central monitoring system is configured to: determine a severity level from a group of severity levels for each of the plurality of tampering events, wherein the group of severity levels includes a low-severity level associated with accelerometer events and a high-severity level associated with chassis opening sensor events.
However, Fang et al teaches wherein the central monitoring system is configured to:
determine a severity level from a group of severity levels for each of the plurality of tampering events (par [0121], which discloses risk levels associated with different operations), wherein the group of severity levels includes a low-severity level associated with accelerometer events (fig. 3, ‘180F, par [0078], par [0097], lines 1-10, and par [0123], lines 1-10, which disclose a determined low security risk level corresponding to operations detected by various sensors, including an acceleration sensor) and a high-severity level associated with chassis opening sensor events (par [0122], which discloses a high security risk level associated with the operation of opening a door).
It would have been obvious to one of ordinary skill in the art before the effective date of the claimed invention to be motivated to combine the teachings of Fang et al within the teachings of Sinha et al and Swierk et al in order to provide the predictive result of improving security and reliability of the authentication result, and avoid a problem that security of the authentication result is low by using multiple devices to obtain authentication results (as disclosed in par [0017] of Fan et al) because using a single device is limited by hardware or an authentication capability and an acquisition capability are insufficient.
Regarding claim 2, Sinha et al, Swierk et al, and Fang et al teach the limitations of claim 1.
Sinha et al further teaches wherein the information handling system is a portion of a hyper-converged infrastructure (HCI) system (par [0026], line 12).
Regarding claim 3, Sinha et al, Swierk et al, and Fang et al teach the limitations of claim 1.
Sinha et al further teaches wherein the information handling system is an edge node of the HCI system (par [0026], line 12).
Regarding claim 5, Sinha et al, Swierk et al, and Fang et al teach the limitations of claim 1.
Sinha et al further teaches at least one tamper-evident mechanism (par [0099], lines 5-6).
Regarding claim 6, Sinha et al, Swierk et al, and Fang et al teach the limitations of claim 1.
Sinha et al further teaches wherein the tamper-evident mechanism is selected from the group consisting of seals and intrusion detection systems (par [0039], “detect changes to the components”).
Regarding claim 7, Sinha et al a method comprising:
an information handling system (fig. 1, ‘110) wherein a plurality of physical sensors including at least one sensor selected from the group comprising vibration sensors, accelerometers (par [0025], line 15), temperature sensors (par [0031], lines 10-12), chassis opening sensors, and tilt sensors;
the information handling system transmitting, via a firmware thereof (par [0028-0029]), data regarding the tampering event (par [0039-0040], which discloses detecting and providing change event data correspond to the monitored components); and
performing a remedial action based on the determined severity level (par [0100], lines 1-10 and par [0121], which disclose performing corrective actions once intrusion and anomalous activity have been detected).
Sinha et al does not explicitly teach detecting, via a plurality physical sensors thereof, an unauthorized tampering event associated with the information handling system; and transmitting data regarding the tampering event to a central monitoring system.
However, Swierk et al teaches detecting, via a plurality physical sensors thereof, an unauthorized tampering event associated with the information handling system (par [0146], which discloses using tampering sensors for tamper detection in an IHS environment); transmitting data regarding the tampering event to a central monitoring system (par [0119], lines 1-3, “monitor hardware intrusion detection”); and receive data regarding a plurality of tampering events from a plurality of information handling systems (par [0005], lines 6-12, which discloses information handling systems being implemented to disclose events indicative of physical tampering).
It would have been obvious to one of ordinary skill in the art before the effective date of the claimed invention to be motivated to combine the teachings of Swierk et al within the teachings of Sinha et al in order to provide the predictive result of improving recognizing and detection of potential threats and hazards within a remote monitoring environment by providing remote anomaly alerts and notification in the event that anomalous events are detected (as disclosed in par [0139] and par [0146] of Swierk et al) because this feature would further prevent malicious threats from occurring within the embodiments of Sinha et al by providing the anomalous notifications before each potential threat has been fully executed.
Sinha et al and Swierk et al do not explicitly teach wherein the central monitoring system is configured to: determine a severity level from a group of severity levels for each of the plurality of tampering events, wherein the group of severity levels includes a low-severity level associated with accelerometer events and a high-severity level associated with chassis opening sensor events.
However, Fang et al teaches wherein the central monitoring system is configured to:
determine a severity level from a group of severity levels for each of the plurality of tampering events (par [0121], which discloses risk levels associated with different operations), wherein the group of severity levels includes a low-severity level associated with accelerometer events (fig. 3, ‘180F, par [0078], par [0097], lines 1-10, and par [0123], lines 1-10, which disclose a determined low security risk level corresponding to operations detected by various sensors, including an acceleration sensor) and a high-severity level associated with chassis opening sensor events (par [0122], which discloses a high security risk level associated with the operation of opening a door).
It would have been obvious to one of ordinary skill in the art before the effective date of the claimed invention to be motivated to combine the teachings of Fang et al within the teachings of Sinha et al and Swierk et al in order to provide the predictive result of improving security and reliability of the authentication result, and avoid a problem that security of the authentication result is low by using multiple devices to obtain authentication results (as disclosed in par [0017] of Fan et al) because using a single device is limited by hardware or an authentication capability and an acquisition capability are insufficient.
Regarding claim 8, Sinha et al, Swierk et al, and Fang et al teach the limitations of claim 7.
Sinha et al further teaches wherein the information handling system is a portion of a hyper-converged infrastructure (HCI) system (par [0026], line 12).
Regarding claim 9, Sinha et al, Swierk et al, and Fang et al teach the limitations of claim 7.
Sinha et al further teaches wherein the information handling system is an edge node of the HCI system (par [0026], line 12).
Regarding claim 11, Sinha et al, Swierk et al, and Fang et al teach the limitations of claim 7.
Sinha et al further teaches at least one tamper-evident mechanism (par [0099], lines 5-6).
Regarding claim 12, Sinha et al, Swierk et al, and Fang et al teach the limitations of claim 7.
Sinha et al further teaches wherein the tamper-evident mechanism is selected from the group consisting of seals and intrusion detection systems (par [0039], “detect changes to the components”).
Regarding claim 13, Sinha et al an article of manufacture comprising a non-transitory, computer-readable medium (par [0003], lines 1-3) having computer-executable instructions thereon that are executable by a processor (fig. 4, ‘402) of an information handling system (fig. 1, ‘110) for:
a plurality of physical sensors of the information handling system (par [0025], line 15), and a plurality of physical sensors including at least one sensor selected from the group comprising vibration sensors, accelerometers (par [0025], line 15), temperature sensors (par [0031], lines 10-12), chassis opening sensors, and tilt sensors;
transmitting, via a firmware thereof (par [0028-0029]), data regarding the tampering event (par [0039-0040], which discloses detecting and providing change event data correspond to the monitored components); and
performing a remedial action based on the determined severity level (par [0100], lines 1-10 and par [0121], which disclose performing corrective actions once intrusion and anomalous activity have been detected).
Sinha et al does not explicitly teach detecting, via a plurality physical sensors thereof, an unauthorized tampering event associated with the information handling system; and transmitting data regarding the tampering event to a central monitoring system.
However, Swierk et al teaches detecting, via a plurality physical sensors thereof, an unauthorized tampering event associated with the information handling system (par [0146], which discloses using tampering sensors for tamper detection in an IHS environment); transmitting data regarding the tampering event to a central monitoring system (par [0119], lines 1-3, “monitor hardware intrusion detection”); and receive data regarding a plurality of tampering events from a plurality of information handling systems (par [0005], lines 6-12, which discloses information handling systems being implemented to disclose events indicative of physical tampering).
It would have been obvious to one of ordinary skill in the art before the effective date of the claimed invention to be motivated to combine the teachings of Swierk et al within the teachings of Sinha et al in order to provide the predictive result of improving recognizing and detection of potential threats and hazards within a remote monitoring environment by providing remote anomaly alerts and notification in the event that anomalous events are detected (as disclosed in par [0139] and par [0146] of Swierk et al) because this feature would further prevent malicious threats from occurring within the embodiments of Sinha et al by providing the anomalous notifications before each potential threat has been fully executed.
Sinha et al and Swierk et al do not explicitly teach wherein the central monitoring system is configured to: determine a severity level from a group of severity levels for each of the plurality of tampering events, wherein the group of severity levels includes a low-severity level associated with accelerometer events and a high-severity level associated with chassis opening sensor events.
However, Fang et al teaches wherein the central monitoring system is configured to:
determine a severity level from a group of severity levels for each of the plurality of tampering events (par [0121], which discloses risk levels associated with different operations), wherein the group of severity levels includes a low-severity level associated with accelerometer events (fig. 3, ‘180F, par [0078], par [0097], lines 1-10, and par [0123], lines 1-10, which disclose a determined low security risk level corresponding to operations detected by various sensors, including an acceleration sensor) and a high-severity level associated with chassis opening sensor events (par [0122], which discloses a high security risk level associated with the operation of opening a door).
It would have been obvious to one of ordinary skill in the art before the effective date of the claimed invention to be motivated to combine the teachings of Fang et al within the teachings of Sinha et al and Swierk et al in order to provide the predictive result of improving security and reliability of the authentication result, and avoid a problem that security of the authentication result is low by using multiple devices to obtain authentication results (as disclosed in par [0017] of Fan et al) because using a single device is limited by hardware or an authentication capability and an acquisition capability are insufficient.
Regarding claim 14, Sinha et al, Swierk et al, and Fang et al teach the limitations of claim 13.
Sinha et al further teaches wherein the information handling system is a portion of a hyper-converged infrastructure (HCI) system (par [0026], line 12).
Regarding claim 15, Sinha et al, Swierk et al, and Fang et al teach the limitations of claim 13.
Sinha et al further teaches wherein the information handling system is an edge node of the HCI system (par [0026], line 12).
Regarding claim 17, Sinha et al, Swierk et al, and Fang et al teach the limitations of claim 13.
Sinha et al further teaches at least one tamper-evident mechanism (par [0099], lines 5-6).
Regarding claim 18, Sinha et al, Swierk et al, and Fang et al teach the limitations of claim 13.
Sinha et al further teaches wherein the tamper-evident mechanism is selected from the group consisting of seals and intrusion detection systems (par [0039], “detect changes to the components”).
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Randy A. Scott whose telephone number is (571) 272-3797. The examiner can normally be reached on Monday-Thursday 7:30 am-5:00 pm, second Fridays 7:30 am-4pm.
If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, Luu Pham can be reached on (571) 270-5002. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/RANDY A SCOTT/Primary Examiner, Art Unit 2439 20260114