COMPUTER SYSTEM AND METHOD FOR PROVIDING CRYPTOGRAPHIC CONFIGURATION FILES TO COMPUTER APPLICATIONS

DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Herein after “it would have been obvious” should be read as “it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention”. Response to Arguments Applicant's arguments filed 12/22/25 have been fully considered but they are not persuasive. In regards to the claimed requesting from a configuration manager. Atta et al teaches Abstract “The method can include transmitting the signed encrypted configuration data in response to the request”. [0028] “The logic repository service 110 can receive an API request 160 to retrieve configuration data and signed and encrypted configuration data 162 can be returned in response to the request 160”. In regards to applicants argument Atta specifically discloses configuring the hardware so that it performs the functions specified by the application logic (Atta, [0021], lines 6-8), but performing the specific functions in the hardware does not enable operation of the computer device. The limitation of “computer device has an application requiring a configuration file for enabling operation of the computer device”. The examiner has reviewed applicants specification for the meaning of this claim limitation. Applicants specification in describing figure 4 makes clear that the configuration file enables the computer device to execute the application, Not that the operation of the computer device itself is enabled. Atta et al teaches Abstract. “The configuration data can include data for implementing the application logic”. This is enabling the computer device to implement the application logic. Although no additional reference would be needed for this limitation, Since Atta et al’s wording is “can include data for implementing” which doesn’t expressly mean that the configuration file is “required” for implementing only that it “can include data for implementing” the examiner is also citing references that teach configuration files/data is required for the operation of an application. Such as Xu et al PN 7,752,140 that teaches Abstract: “A licensing server source distributes a so-called license configuration file to a client for purposes of enabling operation of a software application installed on a computer”. Koch et al PN 2024/0073040 that teaches [0180] “Configuration user 192 writes configuration data 121 to enable FPGA 300 to execute auxiliary array application 321”. Biear PN 9.910,663 Abstract: “The configuration data enables the electronic device to execute a locally stored instance of an application on the electronic device”. In regards to the claim limitation that states “the configuration file that is ciphered for security” Atta et al already teaches [0029] “If any of the validation checks fail, the logic repository service 110 can deny the request to retrieve the signed and encrypted configuration data 162. Thus, the logic repository service 110 can potentially safeguard the security and the availability of the computing resources 120 while enabling a user to customize hardware of the computing resources 120”. The purpose of cyphering is for security however Atta et al is not expressly using the words “cyphered for security” Therefore Yi et al PN 2014/0169320 is being cited that teaches [0047] “The Cyphering which keeps data security is provided to both SRB and DRB”. It would have been obvious to cypher for security because this is the purpose of cyphering. In regards to applicants argument that Burnham et al “merely discloses a secure medium between a macro manager 430 and an end user 440 (Burnham, col. 4, lines 36-38). The macro managers 430 is a software server. Therefore, the secure medium is between a software server and an end user. This is not the same as the system configuration manager component and a device. An end user is not a device. In addition, the macro manager 430, being a software server, is not the same as a configuration manager component” "Not only the specific teachings of a reference but also reasonable inferences which the artisan would have logically drawn therefrom may be properly evaluated in formulating a rejection." In re Preda, 401 F.2d 825, 159 USPQ 342 (CCPA 1968) and In re Shepard 319 F.2d 194, 138 USPQ 148 (CCPA 1963). An end user must use a device for communication with a server over a network the signals from the server do not magically become readable by the end user without there being some device to interpret for the end user. Secondly Atta et al already teaches a network between the configuration manager (logic repository 110) and a device 140. The only thing missing was the network being secure. In regards to applicants argument that modifying Atta et al by making its network a secure network would render unsatisfactory for its intended purpose. It intended purpose is to retrieve encrypted configuration data from the logic repository. Making the network between 110 and 140 secure would in no way hinder this purpose as long as the “signed & encrypted configuration data” is able to be retrieved over the network between 110 and 140. In regards to applicants argument regarding Walker et al. In reviewing Atta et al it has become clear that Atta et al teaches Abstract “The method can include transmitting the signed encrypted configuration data in response to the request”. [0028] “The logic repository service 110 can receive an API request 160 to retrieve configuration data and signed and encrypted configuration data 162 can be returned in response to the request 160”. Thus making Walker superfluous for the teaching of requesting the configuration file. Walker however also teaches the claimed “upon initialization of the computer device” performing the requesting. Abstract: “Upon startup of a workstation, an application executing on the workstation may automatically transmit a request to the configuration server to load the configurations for that workstation”. In regards to applicants argument regarding the updating the configuration file. Atta et al teaches "indicating an updated file has been received," "causing the at least one application to request”, and "initiate execution of the updated ciphered file for continued operation". Vines et al teaches Column 3 line 61 et seq. “The DMM executive process 136 polls periodically for an updated configuration file 240, then notifies the monitoring processes 140. The monitoring processes 140 then read the new configuration file 240 The monitoring processes 140 then read the new configuration file 240” The notifying is indicating the updated file has been received. The read the new configuration is causing requesting the new configuration file. Atta et al already teaches using the configuration data. The new received configuration file is inherently used this is executing the configuration file. Atta et al however expressly uses the configuration data. [0012] “Configurable logic is hardware that can be programmed or configured to perform a logic function that is specified by configuration data that is applied to the configurable logic”, Performing functions specified by a configuration file is executing of the configuration data/file. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claim(s) 1-5, 12-15, 21-25 is/are rejected under 35 U.S.C. 103 as being unpatentable over Atta et al PN 2022/0060454 in view of Burnham et al PN 6,301,695, Biear PN 9,910,663, and Yi et al PN 2014/0169320. In regards to claims 1, 12, 21: Atta et al teaches a computer-implemented method for providing a ciphered configuration file (signed and encrypted configuration data 162) to a computer device (server 140) having at least one application (application logic 132) requiring a configuration file for enabling operation of the computer device (the configuration file is "so that it performs" thus it is required [0021] "configure the configurable hardware 142 so that it performs the functions specified by the application logic 132 and the host logic 134") comprising the steps: requesting, from a device configuration manager in a computer device (Abstract “The method can include transmitting the signed encrypted configuration data in response to the request”. [0028] “The logic repository service 110 can receive an API request 160 to retrieve configuration data and signed and encrypted configuration data 162 can be returned in response to the request 160”), a ciphered configuration file (signed and encrypted configuration data), Atta et al teaches receiving, from a system configuration manager component (logic repository service 110), a ciphered configuration file to the computer device (signed and encrypted configuration data 162), wherein the system configuration manager component (logic repository 110) is coupled to the device via a communication network ([0002] “Cloud computing is the use of computing resources (hardware and software) which are available in a remote location and accessible over a network”); pushing, upon reception of the ciphered configuration file in the computer device, the received ciphered configuration to the at least one application in the computer device (crypto engine 146 is responsible for authenticating and decrypting the received configuration data prior to providing it to the configurable hardware. [0020] "The cryptographic engine 146 can be used to authenticate a cryptographic digital signature and/or to decrypt encrypted information (such as encrypted configuration data)". ([0021] "the generated configuration data 136 can include information that can be used to program or configure the configurable hardware 142"); and executing the at least one application in the computer device utilizing the received ciphered configuration file ([0021] "configure the configurable hardware 142 so that it performs the functions specified by the application logic 132 and the host logic 134"). While the sending of signed and encrypted configuration data implies a secure network, Atta et al does not expressly state the network is a secure network. Burnham et al teaches (Column 4 line 53 et seq. "In some embodiments, macro manager 430 is a software server, which can be accessed by end user 440 by way of a secure medium such as a private network, telephone connection, or an encrypted channel of a public network. For example, in one embodiment macro manager 430 is a web server that receives encrypted configuration files from end user 440 over the internet and sends configuration data over the internet to end user 440. In one embodiment, macro manager 430 is implemented using the Java. TM. environment. ("Java" is a trademark of Sun Microsystems, Inc.")”). It would have been obvious to send the configuration over a secure network because this would have prevented malicious actions. Atta et al teaches Abstract. “The configuration data can include data for implementing the application logic”. This is enabling the computer device to implement the application logic. However Atta et al does not expressly teach requiring a configuration fire for enabling the computer device only that a configuration file can enable the computer device. Biear PN 9.910,663 Abstract: “The configuration data enables the electronic device to execute a locally stored instance of an application on the electronic device”. It would have been obvious to use the configuration file to enable operation of the computer device because this it the purpose of a configuration file. Atta et al also teaches [0029] “If any of the validation checks fail, the logic repository service 110 can deny the request to retrieve the signed and encrypted configuration data 162. Thus, the logic repository service 110 can potentially safeguard the security and the availability of the computing resources 120 while enabling a user to customize hardware of the computing resources 120”. The purpose of cyphering is for security however Atta et al is not expressly using the words “cyphered for security”. Yi et al PN 2014/0169320 is being cited that teaches [0047] “The Cyphering which keeps data security is provided to both SRB and DRB”. It would have been obvious to cypher for security because this is the purpose of cyphering. In regards to claims 2, 13, 22: Atta et al teaches programmable logic ([0019] “that can be a controller” [0099]). In regards to claims 3, 23: Atta et al teaches plural computer devices (figure 4) 402A,B,C). each having a configuration manager component (408A,B,C). In regards to claims 4, 14, 24: Atta et al teaches ([0027] “Examples of symmetric cryptographic algorithms include Advanced Encryption Standard (AES)"), AES is a standard that includes cryptographic primitives for identifying the cryptographic protocol. In regards to claims 5, 15, 25: Atta et al teaches all of ([0042] "An asymmetric cryptography algorithm") ([0027] "RSA") ([0042] "public key" encryption) ([0027] "elliptic curve cryptography.") and ([0043] "Signing a file can include applying a cryptographic hash function to the file to create a hash value or digest. As one example, the cryptographic hash function can include a block cipher, such as the advanced encryption standard (AES)"). Claim(s) 6, 8-10, 16, 26, 28-29 is/are rejected under 35 U.S.C. 103 as being unpatentable over Atta et al PN 2022/0060454 in view of Burnham et al PN 6,301,695, Biear PN 9,910,663, and Yi et al PN 2014/0169320 as applied to claim 3 above, and further in view of Walker et al PN 2009/0282133. In regards to claims 6, 16: Atta et al teaches the configuration file is sent to the receiving computer. Atta et al also teaches a call/request for the configuration file, however not necessarily “upon initialization of the computer device” Walker also teaches the claimed “upon initialization of the computer device” performing the requesting. Abstract: (“Upon startup of a workstation, an application executing on the workstation may automatically transmit a request to the configuration server to load the configurations for that workstation”). It would have been obvious to request/retrieve the configuration file upon initialization/startup of because this would have prevented retrieving a configuration file before it is required. In regards to claims 8, 28: Both Atta et al and Walker et al teaches storage designed to store the configuration file(s) "logic repository database 250". In regards to claims 9, 26, 29: Atta et al teaches ([0020] “In particular, the configurable hardware 142 can include static logic that is loaded during a power-on or initialization sequence of the configurable hardware 142. Specifically, configuration data corresponding to the static logic can be stored in a memory (such as a flash memory) that is used to program the configurable hardware 142 with the static logic during the initialization sequence. The static logic can include all or a portion of the cryptographic engine 146. As another example, the cryptographic engine 146 can include hardware and software executing on the server computer 140.”). In regards to claim 10: Atta et al teaches ([0095] "As another example, the signed encrypted configuration data can be retrieved in response to a developer or the compute services provider updating, viewing, or testing the configuration data"). Claim(s) 7, 17-19, 27 is/are rejected under 35 U.S.C. 103 as being unpatentable over Atta et al PN 2022/0060454 in view of Burnham et al PN 6,301,695, Biear PN 9,910,663, Yi et al PN 2014/0169320 and Walker et al PN 2009/0282133 as applied to claim 6 above, and further in view of Structured computer Organization third edition by Andrew S/ Tancnbaum herein after Tancnbaum. In regards to claims 7, 17, 27: Walker et al teaches the configuration manager is a server which inherently would be running a program to perform the its functions. However Walker et al does not expressly teach a software module performing the functions. It is theoretically possible the configuration server performs all the functions in hardware. Tancnbaum teaches ("Hardware and software are logically equivalent" Any operation performed by software can also be built directly into the hardware and any instruction executed by the hardware can also be simulated in software. The decision to put certain functions in hardware and others- in software is based on such factors as cost. speed, reliability, and frequency of expected changes"). It would have been obvious to perform all the function by respective software modules because software is easier to modify than hardware. In regards to claim 18: Both Atta et al and Walker et al teaches storage designed to store the configuration file(s) "logic repository database 250". In regards to claim 19: Atta et al teaches ([0020] "In particular, the configurable hardware 142 can include static logic that is loaded during a power-on or initialization sequence of the configurable hardware 142. Specifically, configuration data corresponding to the static logic can be stored in a memory (such as a flash memory) that is used to program the configurable hardware 142 with the static logic during the initialization sequence. The static logic can include all or a portion of the cryptographic engine 146. As another example, the cryptographic engine 146 can include hardware and software executing on the server computer 140."). Claim(s) 11, 30-21 is/are rejected under 35 U.S.C. 103 as being unpatentable over Atta et al PN 2022/0060454 in view of Burnham et al PN 6,301,695, Biear PN 9,910,663, Yi et al PN 2014/0169320 and Walker et al PN 2009/0282133 as applied to claim 10 above, and further in view of Vines PN 6,006,171. In regards to claims 11, 30-31: Walker teaches updating the configuration file. Walker however docs not teach messaging/notifying the application about the updated configuration file or transmitting the updater configuration file to the application. Vines et al teaches (Column 3 line 61 et seq. "The DMM configurator process 190 conveys configuration information to the DMM monitoring and executive software on the process control application workstation 132 by writing the new or updated configuration file 240 to a specific directory on the process control application workstation 132 using the Net FoxAPI 134. The DMM executive process 136 polls periodically for an updated configuration file 240, then notifies the monitoring processes 140. The monitoring processes 140 then read the new configuration file 240") Atta et al expressly uses the configuration data. [0012] “Configurable logic is hardware that can be programmed or configured to perform a logic function that is specified by configuration data that is applied to the configurable logic”. It would have been obvious to notify the application of an updated configuration because this would have allowed the application to use the updated configuration. Claim(s) 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Atta et al PN 2022/0060454 in view of Burnham et al PN 6,301,695, Biear PN 9,910,663, Yi et al PN 2014/0169320, Walker et al PN 2009/0282133 and Tancnbaum as applied to claim 19 above, and further in view of Vines et al PN 6.006,171. In regards to claim 20: Walker teaches updating the configuration file. Walker however does not teach messaging/notifying the application about the updated configuration file. Vines et al teaches (Column 3 line 61 et seq. "The DMM configurator process 190 conveys configuration information to the DMM monitoring and executive software on the process control application workstation 132 by writing the new or updated configuration file 240 to a specific directory on the process control application workstation 132 using the Net FoxAPI 134. The DMM executive process 136 polls periodically for an updated configuration file 240, then notifies the monitoring processes 140. The monitoring processes 140 then read the new configuration file 240"). It would have been obvious to notify the application of an updated configuration because this would have allowed the application to use the updated configuration. Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to PAUL R MYERS whose telephone number is (571)272-3639. The examiner can normally be reached telework M-F start 7-8 leave 4-5. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jaweed Abbaszadeh can be reached at 571-270-1640. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /Paul R. MYERS/ Primary Examiner, Art Unit 2176