DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Election/Restrictions
Applicant’s election without traverse of Group I (Claims 1-11, 17-21) in the reply filed on 11/14/2025 is acknowledged.
Claims 12-16 withdrawn from further consideration pursuant to 37 CFR 1.142(b) as being drawn to a nonelected (Group II), there being no allowable generic or linking claim. Election was made without traverse in the reply filed on 11/14/2025.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
Claims 5, 7-8, 9-11, 21 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention.
Claims 5, 7-8, 9, 21 recites “…the vRoT applications…” There is insufficient antecedent basis for this limitation in the claim. The independent claims recite vRoT application as a single application. Appropriate correction is required.
Allowable Subject Matter
Claim 6 is objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
Claims 7-8 (dependent on objected claim 6), claims 9, 10-11 (dependent on claim 9) would be allowable if rewritten to overcome the rejection(s) under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), 2nd paragraph, set forth in this Office action and to include all of the limitations of the base claim and any intervening claims.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1-5, 17-21 are rejected under 35 U.S.C. 103 as being unpatentable over Robertson et al (Pub. No. US 2021/0240485) in view of Savage et al (Pub. No. US 2025/0247376).
As per claim 1, Robertson discloses a system comprising: a plurality of application processors (APs); a plurality of flash memory devices associated with the plurality of APs (…the computer system includes multiple central processing units (CPUs) and memory devices (such as flash memory devices) that connected to (CPUs)…see par. 27-28); a plurality of multiplexers, each to selectively couple a flash memory device of the plurality of flash memory devices to an AP of the plurality of APs (see fig.2, MUX 242 and 270); and a controller operatively coupled to the plurality of multiplexers, wherein the controller is to provide a trusted execution environment to execute a virtual root of trust (vRoT) application for each respective AP of the plurality of APs, wherein each vRoT application is to access a corresponding one or more of the plurality of flash memory devices via a corresponding one or more of the plurality of multiplexers (see fig.2, par. 36-37). Robertson discloses execute a root of trust application…but does not explicitly disclose a virtual root of trust. However Savage disclose executing a virtual root of trust (…the remote access controller provides virtual RoT functionality, see fig.1, par. 47-49). Therefore one ordinary skill in the art would have found it obvious before the effective filling date of the claimed invention to use Savage in Robertson for including the above limitations because one ordinary skill in the art would recognize using a virtual RoT may further enhance a greater security against introduction of non-authorized hardware or software, than would an IHS without the virtual RoT service…see Savage, par. 23).
As per claim 17, Robertson discloses a method of operating a distributed computing system comprising a plurality of application processors (APs), a plurality of flash memory devices (…the computer system includes multiple central processing units (CPUs) and memory devices (such as flash memory devices) that connected to (CPUs)…see par. 27-28), a plurality of multiplexers, each to selectively couple a flash memory device of the plurality of flash memory devices to an AP of the plurality of APs (see fig.2, MUX 242 and 270), and a controller coupled to the plurality of multiplexers, wherein the method comprises: providing, by the controller, a trusted execution environment to execute a virtual root of trust (vRoT) application for each respective AP of the plurality of APs; and accessing, by each vRoT application, a corresponding one or more of the plurality of flash memory devices via a corresponding one or more of the plurality of multiplexers (see fig.2, par. 36-37). Robertson discloses execute a root of trust application…but does not explicitly disclose a virtual root of trust. However Savage disclose executing a virtual root of trust (…the remote access controller provides virtual RoT functionality, see fig.1, par. 47-49). Therefore one ordinary skill in the art would have found it obvious before the effective filling date of the claimed invention to use Savage in Robertson for including the above limitations because one ordinary skill in the art would recognize using a virtual RoT may further enhance a greater security against introduction of non-authorized hardware or software, than would an IHS without the virtual RoT service…see Savage, par. 23).
As per claims 2, 18, the combination of Robertson and Savage discloses wherein a first multiplexer of the plurality of multiplexers is to selectively couple, to a first flash memory device of the plurality of flash memory devices, one of a first AP of the plurality of APs or the controller executing a first vRoT application, wherein the first vRoT application is to at least one of: update secure data located in the first flash memory device; or cause, using the secure data, at least one security operation to be performed on behalf of the first AP (Savage: see par. 55-56). The motivation for claims 2, 18 is the same motivation as in claims 1, 17 above.
As per claims 3, 19, the combination of Robertson and Savage discloses wherein the secure data comprises at least one of firmware or configuration data, and wherein the security operation is one of a secure boot of the first AP, an attestation of the first AP (Savage: see par. 76), secure recovery of firmware or configuration data from the first AP, installing a debug token or debug firmware on the first AP, or a secure update to firmware of at least some of the plurality of flash memory devices. The motivation for claims 3, 19 is the same motivation as in claims 1, 17 above.
As per claims 4, 20, the combination of Robertson and Savage discloses wherein the controller is further to perform a security- related update to a first vRoT application comprising at least one of: distribute a new or updated security policy to the first vRoT application that is associated with a first flash memory device (Savage: see par. 56-57); or enforce the new or updated security policy associated with a first AP, which is selectively coupled to the first flash memory device via a first multiplexer of the plurality of multiplexers. The motivation for claims 4, 20 is the same motivation as in claims 1, 17 above.
As per claims 5, 21, the combination of Robertson and Savage discloses wherein the controller comprises a baseboard management controller and wherein the vRoT applications are instantiated as one or more trusted virtual machines (Savage: see par. 18). The motivation for claims 5, 21 is the same motivation as in claims 1, 17 above.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure (see PTO-form 892).
The following Patents and Papers are cited to further show the state of the art at the time of Applicant’s invention with respect to virtualized root of trust (vRoT) in a distributed computing system.
Smith et al (Pub. No. US 2022/0358220); “Using Secure Enclaves and Dynamic Measurements”;
-Teaches enabling the dynamic root of trust measurement process and the use of this root of trust to access memory pages where virtual memory management and virtual machines are loaded…see par. 19.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to GHAZAL B SHEHNI whose telephone number is (571)270-7479. The examiner can normally be reached Mon-Fri 9am-5pm PCT.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Philip Chea can be reached at 5712723951. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/GHAZAL B SHEHNI/Primary Examiner, Art Unit 2499