DETAILED ACTION
Notice of Pre-AIA or AIA Status
1. The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
2. Claims 1-20 are pending.
Information Disclosure Statement
3. The information disclosure statement (IDS) submitted on 07/24/2024 is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the Examiner.
Claim Objections
4. Claim 19 is objected to because of the following informalities: Line 15 states “the log” and should be replaced with “the log;”. Appropriate correction is required.
Claim Rejections - 35 USC § 112
5. The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
6. Claims 1-20 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention.
Claim 1 recites the term, “an extended value derived based on extending a prior value in the data structure with a new value from a log recording changed measurements of the kernel information”. It is unclear as to what “a prior value in the data structure” is since there is no calculation or process of obtaining a “prior value” in the claim language. Further clarification is needed.
Claim 16 recites the term, “generate an extended measurement value in the data structure by extending a current measurement value in the data structure with a measurement value in the added entry of the log”. It is unclear as to what “a current measurement value in the data structure” is since there is no calculation or process of obtaining a “current measurement value” in the claim language.
Claim 19 recites the term, “the extended measurement value derived based on extending a current measurement value in the data structure with a measurement value in the added entry of the log”. It is unclear as to what “a current measurement value in the data structure” is since there is no calculation or process of obtaining a “current measurement value” in the claim language.
Claims 2-15, 17, 18 and 20 are further rejected based on their dependencies of claims 1, 16 and 19.
Related Prior Art
7. The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
a. Matthews et al. (US Pub. No. 2025/0039142 A1 hereinafter “Matthews”) discloses a technique includes registering, with a core of an operating system kernel, a hook that corresponds to a file event and associates the file event with an event-driven module of the operating system kernel. The core is associated with an integrity measurement architecture policy. The technique includes, responsive to an occurrence of the file event, triggering execution of the event-driven module to extend a scope of the integrity measurement architecture policy. Executing the module includes the operating system kernel determining a property of a file that is associated with the file event; and filtering a set of rules of an extended integrity measurement policy based on the property. The filtering includes identifying a given rule of the set of rules having a condition that is contingent on the file event being associated with the property. Executing the module includes the operating system kernel identifying an integrity measurement-affiliated action of the given rule and performing the integrity measurement-affiliated action on the file.
b. Gerganov et al. (US Pub. No. 2025/0013483 A1 hereinafter “Gerganov”) discloses a computer system executing a virtual machine (VM) packaging tool can receive a reference to a container comprising one or more applications of a workload and a reference to an operating system (OS) kernel to be included in the workload. The computer system can inject an agent into the container that is configured to request execution of a hardware VM attestation function, combine contents of the container and the OS kernel into an image file, and compute a hash of the image file. The computer system can then generate a firmware for the workload that includes the hash.
c. Ramakrishnan (US Patent No. 12,158,977 hereinafter “Ramakrishnan”) discloses devices and methods to obtain values usable to verify the geographic location of a device. In at least one embodiment, a device comprises a positioning circuit and a cryptoprocessor. The device obtains geographic coordinates of the device's location, using the positioning circuit. The device stores, in the cryptoprocessor, information indicating the state of the device and the geographic coordinates. The device uses the cryptoprocessor to obtain values usable to validate the geographic location of the device.
d. Wilson et al. (US Pub. No. 2008/0015808 A1 hereinafter “Wilson”) discloses methods and systems and methods for measuring the integrity of an operating system's execution and ensuring that the system's code is performing its intended functionality. This includes examining the integrity of the code that the operating system is executing as well as the data that the operating system accesses. Integrity violations can be detected in the dynamic portions of the code being executed.
e. Nevis (US Pub. No. 2022/0006637 A1 hereinafter “Nevis”) discloses an operating system kernel receives a request from an application to access a secret, the application and the operating system kernel executing in a first trust domain; and an attestation-based secrets manager receives the request from the operating system kernel, validates the request using remote attestation, gets the secret from a secure storage in the second trust domain when the request is validated, and sends the secret from the second trust domain to the operating system kernel, the attestation-based secrets manager executing in a second trust domain; wherein the operating system kernel then sends the secret to the application.
Allowable Subject Matter
8. Claims 1-20 would be allowable if rewritten or amended to overcome the rejection(s) under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), 2nd paragraph, set forth in this Office action.
The examiner finds that the prior art of record taken alone or in combination fails to teach and/or fairly suggest a verifier system to determine an integrity of the kernel information using the configuration value and the extended value for attestation of the computing system where the configuration value derived based on applying a function on monitoring configuration information, the monitoring configuration information specifying a configuration for monitoring kernel information associated with a kernel executing on a central processing unit (CPU) of the computing system, and the extended value derived based on extending a prior value in the data structure with a new value from a log recording changed measurements of the kernel information, in combination with other recited limitations in independent claims 1, 16 and 19.
Claims 2-15, 17, 18 and 20 would be allowable based on their dependencies of claims 1, 16 and 19.
Conclusion
The examiner requests, in response to this office action, support be shown for language added to any original claims on amendment and any new claims. That is, indicate support for newly added claim language by specifically pointing to page(s) and line number(s) in the specification and/or drawing figure(s). This will assist the examiner in prosecuting the application. When responding to this office action, applicant is advised to clearly point out the patentable novelty which he or she thinks the claims present, in view of the state of art disclosed by the references cited or the objections made. He or she must also show how the amendments avoid such references or objections. See 37 C.F.R.I .Ill(c).
In amending in reply to a rejection of claims in an application or patent under reexamination, the applicant or patent owner must clearly point out the patentable novelty which he or she thinks the claims present in view the state of the art disclosed by the references cited or the objections made. The applicant or patent owner must also show how the amendments avoid such references or objections.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DAYTON LEWIS-TAYLOR whose telephone number is (571) 2707754. The examiner can normally be reached on Monday through Thursday, 8AM TO 4PM, EASTERN TIME.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Idriss Alrobaye, can be reached on (571) 270-1023. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/Dayton Lewis-Taylor/
Examiner, Art Unit 2181