DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Objections
Claim 22 is a dependent claim of 1. Claim 22 recites “The server according to claim 1;” while the claim 1 is a method claim rather than a system claim. For the examination purposes, the examiner will interpret claim 22 as depending from independent claim 10, which properly recites “A server comprising:….”
Allowable Subject Matter
Claims 2 4-7, 13, 15-16, 18-21 objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 1, 10-12, 14 and 22 are rejected under 35 U.S.C. 103 as being unpatentable over Spanjers (Pub NO. US 2018/0285569) in view of Boccon-Gibod et al. (Boccon) (Pub No. US 2011/0314271)
Regrading Claim 1 Spanjers teaches a system starting method,[Abstract, A method for initializing a computerized system by executing a boot-script ] comprising : reading secure startup data; [[0012] a method for initializing a computerized system by executing a boot-script having an associated private security key X.sub.i is provided, wherein the computerized system comprises a first secure storage device for storing a plurality of public keys Y.sub.1-Y.sub.N each having a public key index k.sub.1-k.sub.N assigned thereto and a second secure storage device for storing a current key index k. The boot-script is only executed if a public key Y.sub.i selected from the plurality of public keys Y.sub.1-Y.sub.N is uniquely related to the private security key X.sub.i such as to form a unique key pair with the private security key X.sub.i and has a booting key index k.sub.i having a predetermined relationship with the current key index k.] judging whether a private key number [Private Key] in the secure startup data is the same [[Abstract, [0005]-[0006] [0012]-[0013] Fig.3 S2, [0065] the private key X.sub.i and the retrieved public key Y.sub.3 correspond to each other. [0073] boot-script is only executed if a public key selected from the plurality of public keys is uniquely related to the private security key such as to form a unique key pair with the private security key] as a public key number [Public Key] recorded in memory, wherein the memory records a currently effective public key number; [[0017] [0057] first secure storage device 2 is a TPM in which a plurality of public keys Y.sub.1-Y.sub.N are securely stored] performing a system startup procedure when the private key number is the same as the public key number; [Fig.4, S40-S6, Execute boot Script. [0069]-[0070] it is determined that the predetermined relationship is fulfilled, and the process continues at step S6. At the step S6, the boot-script 5 is executed by the boot-script execution unit 6, which is here a CPU. In particular, the operating system of the computer 1 is loaded and the computer 1 is thus initialized and ready for use] and transmitting a startup ending instruction when the private key number is different from the public key number.[Fig.3, S20-S22, Fig.4, S51,S53 and S54, [0075]-[0076], If the unique key pair is not formed with any of the retrieved keys, it is determined, at step S20, that all public keys Y.sub.1-Y.sub.6 have been retrieved from the TPM 2 unsuccessfully. The process then continued with step S21, in which the initialization of the computer 1 is interrupted. At a step S22, the computer 1 issues a warning signal indicating that the initialization of the computer 1 was stopped due to a lack of public key forming the unique key pair with the private key X.sub.i. [0080]-[0084] If it is determined, as step S51, that the booting key index k.sub.i is not larger than the current key index k (namely when the current key index k is larger than the booting key index k.sub.i), the process continues with step S53, in which the initialization of the computer 1 is interrupted. in a step S54, the computer 1 issues a warning signal indicating that the initialization of the computer 1 was stopped due to the predetermined relationship not being fulfilled. ]
Spanjers teaches that public key is stored in a Trusted Platform Module (TPM) storage [[0017] [0057]] Spanjers does not explicitly teach that the TPM storage is a onetime programmable memory.
However, Boccon teaches that a TPM storage can be One Time Programable memory. [[0023] Master Key may be securely embedded in a hardware security element (e.g., One Time Programmable ["OTP"] memory) such as a SoC or Trusted Platform Module ("TPM"). ]
Therefore, it would have been obvious to one of the ordinary skilled in the art to which this invention pertains before the effective filing date of the invention to use the one time programable memory of Boccon to store the public keys in Spanjers’s system .
A person with ordinary skill in the art would have been motivated to combine Boccon and Spanjers to enhance security, performance and reduce cost. [well known advantage of OTP memory]
Claim 10 is having similar limitations to that of the method of claim 1.Accordingly, claim 10 is rejected under a similar rational as that of claim 1 above.
Regrading Claim 10 Spanjers also teaches a server, [Fig.1] comprising: a memory, configured to store a computer program; and a processor, configured to execute the computer program to implement the following operations [Fig.1, computerized system according to an embodiment. [0052] A computer program product, such as a computer program means, may be embodied as a memory card, USB stick, CD-ROM, DVD or as a file which may be downloaded from a server in a network. [0053] mbodiments and features described with reference to the method for initializing the computerized system apply mutatis mutandis to the computerized system described herein.]
Claim 11 is having similar limitations to that of the system of claim 10.Accordingly, claim 11 is rejected under a similar rational as that of claim 10 above.
Regrading Claim 12 Spanjers teaches the secure startup data comprises system data, [[0070] operating system of the computer system] a secure startup control word, [[0057] irst secure storage device 2 is a TPM in which a plurality of public keys Y.sub.1-Y.sub.N are securely stored. In the present example, 6 public keys Y.sub.1-Y.sub.6 are stored in the TPM 2. The number of public keys stored in the TPM 2 may be limited by the storage capacity of the TPM 2. The public keys Y.sub.1-Y6 are here cryptographic public keys, which have been generated by the manufacturer of the computer 1 together with corresponding private key (not represented) such as to form uniquely related cryptographic key pairs. The public keys Y.sub.1-Y.sub.6 were stored in the TPM 2 by the same manufacturer, while the corresponding private keys were safely kept by the manufacturer.] a digital signature of the system data, [[0050] security key X.sub.i is a signature of the boot-script which interacts with the public key Y.sub.i such that the boot-script can only be validated using the public key Y.sub.i.] and the private key number. [[0058] Private Key]
Regrading Claim 14 Spanjers the system startup procedure comprises: directly performing system startup, or performing system judgment after security judgment, or performing a system startup operation after a corresponding verification operation is performed. [Fig.4, S40-S6, Execute boot Script. [0069]-[0070] it is determined that the predetermined relationship is fulfilled, and the process continues at step S6. At the step S6, the boot-script 5 is executed by the boot-script execution unit 6, which is here a CPU. In particular, the operating system of the computer 1 is loaded and the computer 1 is thus initialized and ready for use]
Claim 22 is having similar limitations to that of the method of claim 12.Accordingly, claim 22 is rejected under a similar rational as that of claim 12 above.
Claims 3 and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Spanjers (Pub NO. US 2018/0285569) in view of Boccon-Gibod et al. (Boccon) (Pub No. US 2011/0314271) further in view of Atsumi (Pub No. US 2008/0052610)
Regrading Claim 3 the combination of Spanjers and Boccon teaches: judging whether the private key number in the secure startup data is the same as the public key number. [[Abstract, [0005]-[0006] [0012]-[0013] Fig.3 S2, [0065] the private key X.sub.i and the retrieved public key Y.sub.3 correspond to each other. [0073] boot-script is only executed if a public key selected from the plurality of public keys is uniquely related to the private security key such as to form a unique key pair with the private security key]
The combination of Spanjers and Boccon does not teach acquiring a total number of "1" bits written in the one time programmable memory, and determining the total number of the "1" bits as the public key number;
However, Atsumi teaches: acquiring a total number of "1" bits written in the one time programmable memory, and determining the total number of the "1" bits as the public key number; [Fig.17 and [0077] Fig.18, [0079] [total number of "1" bits in the inputs `a` and `b` is compared with the total number of "1" bits in the result `x` of the orn, orn1, or orn2 operation, and as indicated in the "Comment" column, if the total number of "1" bits in the two inputs and the number of "1" bits in the operation result `x` is a combination of even and odd numbers, or of odd and even numbers, then the value is "1", but if both numbers are even or both numbers are odd, then the value is "0"]
Therefore, it would have been obvious to one of the ordinary skilled in the art to which this invention pertains before the effective filing date of the invention to use the comparison of bits of Atsumi to compare public and private keys in Spanjers’s system.
A person with ordinary skill in the art would have been motivated to combine Spanjers, Boccon and Atsumi to improve the efficiency of the system. [Digital comparison in computers offers immense advantages like superior accuracy, noise immunity, and efficiency because it uses discrete 0s and 1s]
Claim 17 is having similar limitations to that of the method of claim 3.Accordingly, claim 17 is rejected under a similar rational as that of claim 3 above.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ZAHID CHOUDHURY whose telephone number is (571)270-5153. The examiner can normally be reached Monday-Friday.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Andrew J Jung can be reached at 571-270-3779. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/ZAHID CHOUDHURY/Primary Examiner, Art Unit 2175