Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
1. Claims 1-20 have been examined.
Response to Arguments
2. Applicant’s arguments, see pages 10-11, filed 08/21/2025, with respect to claim 15 have been fully considered and are persuasive. The 35 USC 103 rejection of claims 15-20 has been withdrawn.
Applicant's arguments filed 08/21/2025, with respect to claims 1 and 8 have been fully considered but they are not persuasive.
Applicant argues the combination of Hayton and Goldman fails to teach “receive an encrypted version of a first set of secrets data corresponding to a target supply chain state of a device” (note Remarks, pages 11-13).
Examiner disagrees. Hayton discloses validating an electronic device through event attestations during the device lifecycle (note Abstract). As noted by Applicant (note Remarks, pages 12-13), Hayton discloses a 3rd party generates keys/identities/other messages, encrypts this data with a transport key and sends it to the device (note paragraphs [0165]-[0166]). Hayton further discloses that when the attestation information in the device is validated, one possible resulting action is enabling the device to access a service (note paragraph [0053]).
Applicant asserts “Determining whether a predetermined action is permitted for an electronic device, as taught by Hayton, does not expressly or inherently require a transition to a target supply chain state of the electronic device” (note Remarks, page 12) and “Hayton neither teaches nor suggests that such encrypted keys, identifiers, or messages correspond to a target supply chain state of a device” (note Remarks, page 13).
Examiner disagrees. Applicant’s Specification identifies one possible “supply chain state of a device” could be an “operational state” (note paragraph [0021]). When the device of Hayton is enabled for access to a service, it is entering an “operational state” (i.e. target supply chain state). The encrypted keys transmitted to the device by a service provider are “an encrypted version of a first set of secrets data” that “correspond” to the target “operational state” of the device during the “Birth” phase of the device (note paragraphs [0143] and [0175]).
Therefore, Hayton teaches “receive an encrypted version of a first set of secrets data corresponding to a target supply chain state of a device” as required by the claims.
Applicant further argues the combination of Hayton and Goldman fails to teach “receive a permission to cause a transition to the target supply chain state” and (note Remarks, pages 13-14).
Examiner disagrees. In paragraph [0178], Hayton discloses a service provider validates the device attestation and if the device is accepted, provides service-specific information to be stored on the device to be used to access the service.
Applicant asserts,” receiving a permission to access a service offered by a service provider is not analogous to receiving a permission to cause a transition to the target supply chain state” (note Remarks, page 14).
Examiner disagrees. As noted above, when a device is enabled to access a service, it has transitioned to an “operational” state. Hayton discloses a device that transitions from a manufacturing state to an operational state during a “Birth” phase (note paragraphs [0075] and [0175]). Therefore, when the service provider validates the attestation of the device and provides permission for the device to access the service, the service provider is providing “permission” for the device to transition to an “operational” state.
Thus, Hayton discloses “receive a permission to cause a transition to the target supply chain state” as required by the claims.
Claim Interpretation
3. For claims 3, 5-7, 10, 12-14, 16 and 18-20, the phrases “is one of”, “at least one of” and “selected from the group consisting of” have been given the broadest, reasonable interpretation of only requiring a single element from the given options in order to satisfy the requirements of the limitation.
4. In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
5. The text of those sections of Title 35, U.S. Code not included in this action can be found in a prior Office action.
Claim Rejections - 35 USC § 103
6. Claims 1, 3-8 and 10-14 are rejected under 35 U.S.C. 103 as being unpatentable over Hayton et al. (U.S. Patent Application Publication 2018/0198604; hereafter “Hayton”), and further in view of Goldman et al. (U.S. Patent Application Publication 2020/0099532; hereafter “Goldman”).
For claims 1 and 8, Hayton teaches a system and method (note Fig. 2) comprising:
a memory (note paragraph [0076], secure memory); and
at least one processor, operatively coupled to the memory (note paragraph [0076], processing circuitry), to:
receive an encrypted version of a first set of secrets data (note paragraphs [0165]-[0166], service encrypts keys/identities/other messages with a transport key and sends it to the device) corresponding to a target supply chain state of a device (note paragraph [0053] validated device are enabled to access services from a service provider; i.e. operational state);
receive a permission to cause a transition to the target supply chain state (note paragraph [0178], step S17, if the service accepts the device, the service provides the device service-specific information to access the server; i.e. operational state); and
in response to receiving the permission to cause the transition to the target supply chain state, cause the transition to the target supply chain state, wherein, to cause the transition to the target supply chain state, the at least one processor is to cause the first set of secrets data to be stored in a protected memory (note paragraph [0178], step S19 device stores any new service-specific keys, identifiers or data).
Hayton teaches:
wherein, to cause the transition to the target supply chain state, the at least one processor is to cause the first set of secrets data to be stored in a protected memory
Goldman teaches:
wherein, to cause the transition to the target supply chain state, the at least one processor is to cause the first set of secrets data to be stored in a protected memory (note paragraph [0065], secret information is sealed in the trusted platform module)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the storing service secrets in a device that is authorized to access a service of Hayton and sealing secrets in a TPM of Goldman. It would have been obvious because combining prior art elements according to known methods would yield the predictable results of storing service secrets in a device that is authorized to access to the service (Hayton) where the secrets are sealed in the device TPM and the device requests authorization to unseal the secrets to use them (Goldman).
For claims 3 and 10, the combination of Hayton and Goldman claims 1 and 8, wherein: the target supply chain state is one of: a manufacturer provisioning state corresponding to a manufacturing stage of a supply chain associated with a manufacturer of the device, a vendor provisioning state corresponding to a vendor stage of the supply chain associated with a vendor in possession of the device, an end-use provisioning state corresponding to an end-use stage of the supply chain, or an operational state corresponding to an operational stage of the supply chain (note paragraph [0053] of Hayton, validated device are enabled to access services from a service provider; i.e. operational state after manufacturing state); and
the first set of secrets data comprises at least one of: a set of manufacturer provisioning secrets, a set of vendor provisioning secrets, a set of end-use provisioning secrets, or a set of operational secrets (note paragraph [0165] of Hayton, secrets are any keys/identities/other data that are used to access the service).
For claims 4 and 11, the combination of Hayton and Goldman teaches claims 1, and 8, wherein the operations further comprise:
receiving a request to perform a cryptographic function utilizing the set of secrets data (note paragraph [0093] of Goldman, client devices sends a request to the TPM to unseal and access secrets); and
generating a response to perform the cryptographic function in satisfaction of the request (note paragraphs [0044] and [0046] of Goldman, secrets stored in TPM may be encryption key for accessing a database, symmetric encryption, decryption, signing or transport layer security).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the storing service secrets in a device that is authorized to access a service of Hayton and sealing secrets in a TPM of Goldman. It would have been obvious because combining prior art elements according to known methods would yield the predictable results of storing service secrets in a device that is authorized to access to the service (Hayton) where the secrets are sealed in the device TPM and the device requests authorization to unseal the secrets to use them (Goldman).
For claims 5 and 12, the combination of Hayton and Goldman teaches claims 4 and 11, wherein: the request comprises a request to perform at least one of: obtaining a single-use ephemeral key, obtaining a proof of origin for a data item, generating a session key to establish a paired device session, creating a digital proof of integrity for verifying a transferred message (note paragraph [0077] of Goldman, client requests TPM to sign a message including a nonce and PCR values verifies integrity of request message), generating a verification code to track supply chain asset security for a supply chain asset, implementing a security posture change, or tracking device trust; and
the response comprises at least one of: the single-use ephemeral key, the proof of origin, the session key, the digital proof of integrity (note paragraph [0077] of Goldman, client requests TPM to sign a message including a nonce and PCR values that verifies integrity request message), the verification code, the security posture change, or a configuration sequence used to track device trust.
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the storing service secrets in a device that is authorized to access a service of Hayton and sealing secrets in a TPM of Goldman. It would have been obvious because combining prior art elements according to known methods would yield the predictable results of storing service secrets in a device that is authorized to access to the service (Hayton) where the secrets are sealed in the device TPM and the device requests authorization to unseal the secrets to use them (Goldman).
For claims 6 and 13, the combination of Hayton and Goldman teaches claims 4, and 11, wherein: the request comprises a request to perform at least one of: creating a proof of origin for a data item (note paragraph [0077] of Goldman, client requests TPM to sign a message including a nonce and PCR values to proof the origin of the request message), retrieving an asymmetric session public key for creating a device pairing session, initializing a primary asymmetric session, verifying the proof of origin, committing the primary asymmetric session, implementing a secondary asymmetric session, or retrieving an asymmetric session public certificate; and
the response comprises at least one of: an authentication signature to perform a digital signing operation to create the proof of origin (note paragraph [0077] of Goldman, client requests TPM to sign a message including a nonce and PCR values to proof the origin of the request message), the asymmetric session public key, a set of data to initialize the primary asymmetric session generated based on the asymmetric session public key, a proof of origin verification generated using asymmetric decryption, a full session key to commit the primary asymmetric session, a secondary system session response and session key, or the asymmetric session public certificate.
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the storing service secrets in a device that is authorized to access a service of Hayton and sealing secrets in a TPM of Goldman. It would have been obvious because combining prior art elements according to known methods would yield the predictable results of storing service secrets in a device that is authorized to access to the service (Hayton) where the secrets are sealed in the device TPM and the device requests authorization to unseal the secrets to use them (Goldman).
For claims 7 and 14, the combination of Hayton and Goldman teaches claims 4, and 11, wherein: the request comprises a request to perform at least one of: retrieving an operational symmetric key (note paragraph [0046] of Goldman, client requests symmetric key from TPM), initializing a roll sequence to roll an old operational symmetric key to a new operational symmetric key, confirming the roll sequence, retrieving a verification code to perform message authentication, verifying the message authentication, committing the message authentication, or retrieving a one-time pad (OTP); and
the response comprises at least one of: the operational symmetric key (note paragraph [0046] of Goldman, client requests symmetric key from TPM), initialization of the roll sequence, confirmation of the roll sequence and deletion of the old operational symmetric key, the verification code, an authentication package to verify the message authentication, a verification package to commit the message authentication, or the OTP.
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the storing service secrets in a device that is authorized to access a service of Hayton and sealing secrets in a TPM of Goldman. It would have been obvious because combining prior art elements according to known methods would yield the predictable results of storing service secrets in a device that is authorized to access to the service (Hayton) where the secrets are sealed in the device TPM and the device requests authorization to unseal the secrets to use them (Goldman).
Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).
The filing of a terminal disclaimer by itself is not a complete reply to a nonstatutory double patenting (NSDP) rejection. A complete reply requires that the terminal disclaimer be accompanied by a reply requesting reconsideration of the prior Office action. Even where the NSDP rejection is provisional the reply must be complete. See MPEP § 804, subsection I.B.1. For a reply to a non-final Office action, see 37 CFR 1.111(a). For a reply to final Office action, see 37 CFR 1.113(c). A request for reconsideration while not provided for in 37 CFR 1.113(c) may be filed after final for consideration. See MPEP §§ 706.07(e) and 714.13.
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The actual filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/apply/applying-online/eterminal-disclaimer.
7. Claims 1-20 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-20 of U.S. Patent No. 12,045,355. Although the claims at issue are not identical, they are not patentably distinct from each other because:
Instant Application
12,045,355
Claims 1, 8 and 15- A system comprising: a memory; and at least one processor, operatively coupled to the memory, to:
receive an encrypted version of a first set of secrets data corresponding to a target supply chain state of a device;
receive a permission to cause a transition to the target supply chain state; and
in response to receiving the permission to cause the transition to the target supply chain state, cause the transition to the target supply chain state, wherein, to cause the transition to the target supply chain state, the at least one processor is to cause the first set of secrets data to be stored in a protected memory.
Claims 1, 8 and 15 - A device comprising: a protected memory; and a processor, operatively coupled to the protected memory, to perform operations comprising:
receiving, from a secrets and service provider system via a brokering agent, an encrypted version of a first set of secrets data corresponding to a target supply chain state of the device associated with a target stage of a supply chain lifecycle of the device; in response to receiving the encrypted version of the first set of secrets data, requesting, from the secrets and service provider system via the brokering agent, a permission to cause a transition to the target supply chain state;
receiving, from the secrets and service provider system via the brokering agent, the permission to cause the transition to the target supply chain state; and
in response to receiving the permission to cause the transition to the target supply chain state, causing the transition to the target supply chain state, including: storing the first set of secrets data in the protected memory; and cryptographically sealing a second set of secrets data in the protected memory, wherein the second set of secrets data corresponds to a previous supply chain state of the device associated with a previous stage of the supply chain lifecycle of the device.
Claims 2, 9 and 15
Claims 1 and 8 - …cryptographically sealing...
Claims 3, 10 and 16
Claims 7, 14 and 16
Claims 4, 11 and 17
Claims 3, 10 and 17
Claims 5, 12 and 18
Claims 4, 11 and 18
Claims 6, 13 and 19
Claims 5, 12 and 19
Claims 7, 14 and 20
Claims 6, 13 and 20
Claims 1-20 of U.S. Patent No. 12,045,355 contain every element of claims 1-20 of the instant application and as such anticipate claim of the instant application.
“A later patent claim is not patentably distinct from an earlier patent claim if the later claim is obvious over, or anticipated by, the earlier claim. In re Longi, 759 F.2d at 896, 225 USPQ at 651 (affirming a holding of obviousness-type double patenting because the claims at issue were obvious over claims in four prior art patents); In re Berg, 140 F.3d at 1437, 46 USPQ2d at 1233 (Fed. Cir. 1998) (affirming a holding of obviousness-type double patenting where a patent application claim to a genus is anticipated by a patent claim to a species within that genus). “ ELI LILLY AND COMPANY v BARR LABORATORIES, INC., United States Court of Appeals for the Federal Circuit, ON PETITION FOR REHEARING EN BANC (DECIDED: May 30, 2001).
Allowable Subject Matter
8. Claims 2, 9 and 15-20 would be allowable with a timely filed terminal disclaimer to overcome the nonstatutory double patenting, set forth in this Office action and to include all of the limitations of the base claim and any intervening claims.
9. The following is a statement of reasons for the indication of allowable subject matter.
For claims 2, 9 and 15, the prior art of record, alone or in combination, fails to teach the following limitations in conjunction with the rest of the claimed limitations:
wherein, to cause the transition to the target supply chain state, the at least one processor is further to cryptographically seal a second set of secrets data maintained in the protected memory, and wherein the second set of secrets data corresponds to a previous supply chain state of the device
Conclusion
10. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
11. Any inquiry concerning this communication or earlier communications from the examiner should be directed to DAVID J PEARSON whose telephone number is (571)272-0711. The examiner can normally be reached 8:30 - 6:00 pm; Monday through Friday.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Catherine Thiaw can be reached at (571)270-1138. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
DAVID J. PEARSON
Primary Examiner
Art Unit 2407
/David J Pearson/Primary Examiner, Art Unit 2407