DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Status of Claims
The following is a non-final office action.
Claims [1-20] are currently pending and have been examined based on their merits.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 1-20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to a judicial exception that is an abstract idea without a practical application or significantly more.
Step 1: Claims 1-10 recite a system, claims 11-15 recite a method (i.e. a process such as an act or series of steps), and claims 16-20 recite a hardware memory device and therefore each claim falls within one of the four statutory categories.
Step 2A prong 1 (Is a judicial exception recited?):
The representative claims 1 recite: receive a message from a supplier, wherein the message identifies a device; and in response to verification of the device against a Purchase Order (PO) of an Original Equipment Manufacturer (OEM), send encrypted material to the supplier, wherein the supplier is configured to generate a Certificate Signing Request (CSR) comprising the encrypted material.
Claim 11: A method, comprising: receiving a message from a supplier, wherein the message identifies a device; and in response to verification of the device against a Purchase Order (PO) of an Original Equipment Manufacturer (OEM), transmitting an OEM’s digital certificate to the supplier, wherein the supplier is configured to generate a Certificate Signing Request (CSR) for the device comprising the OEM’s digital certificate.
Claim 16: send a message to an OEM, wherein the message identifies a device; and receive encrypted material from an Original Equipment Manufacturer (OEM) in response to the OEM’s verification of the device against a Purchase Order (PO).
The claims recite a certain method of organizing human activity. The claims recite a certain method of organizing human activity as the disclosure recites managing personal behavior or relationships or interactions between people. The claims simply recite a series of steps to send a message from an entity such as a supplier to identify a device or item, verify the item against a records such as a purchase order, and send material in response to the verification. Merely verifying the ownership or authenticity of an item and sending information in response is a method of organizing human activity or the interactions between a supplier and a manufacturer when validating items or devices.
Alternatively, the claims recite a mental process. The claims merely recite the process of verifying a device or item against a record such as a purchase order and sending data or material to a user in response to the verification. The claims are found to merely recite a mental process as receiving and verifying information such as comparing an identifier for a device to the records of a purchase order and validating the device can be performed in the human mind or with the use of a simple tool such as pen and paper. The claimed invention is found to be similar to concepts the courts have defined as a mental process including observations, evaluations, judgements, and opinions. As a person would be capable of mentally receiving a message from a supplier including identifier information and compare that information to a purchase order to verify the information and respond with additional information.
Therefore, the claims are found to recite an abstract idea.
Step 2A Prong 2 (Is the exception integrated into a practical application?): The claims additionally recite additional elements, including;
Claim 1: An Information Handling System (IHS), comprising: a processor; and a memory coupled to the processor, the memory having program instructions stored thereon; a Purchase Order (PO) database; and a device.
Claim 11: a Purchase Order (PO) database and a device.
Claim 16: A hardware memory device having program instructions stored thereon that, upon execution by a processor of an Information Handling System (IHS); a Purchase Order (PO) database; and a device.
The additional elements of generic computer elements such as a processor and a database are directed to merely reciting instructions to apply a generic computer and technology to execute the method in the recited claim limitations.
Therefore, the limitations merely amount to adding the words “apply it” (or an equivalent) to the judicial exception, or mere instructions to implement an abstract idea on a computer, or merely uses a computer as a tool to perform an abstract idea, as discussed in MPEP 2106.05(f). Furthermore, a method for transmitting, receiving, and processing information does not amount to improvements to the functioning of a computer, or to any other technology or technical field, as discussed in MPEP 2106.05(a), applying the judicial exception with, or by use of, a particular machine, as discussed in MPEP 2106.05(b), effecting a transformation or reduction of a particular article to a different state or thing, as discussed in MPEP 2106.05(c), or applying or using the judicial exception in some other meaningful way beyond generally linking the use of the judicial exception to a particular technological environment, such that the claim as a whole is more than a drafting effort designed to monopolize the exception, as discussed in MPEP 2106.05(e).
Accordingly, the additional elements do not integrate the abstract idea into a practical application because they do not impose any meaningful limits on practicing the abstract idea. As the additional elements are not significant improvements to the functionality of a generic computer and are directed to merely “apply it” or applying the abstract idea on a computer.
Step 2B (Does the claim recite additional elements that amount to significantly more than the judicial exception?):
As discussed above, the additional imitations amount to adding the words “apply it” (or an equivalent) with the judicial exception, or mere instructions to implement an abstract idea on a computer, and merely uses a computer as a tool to perform an abstract idea of receiving and validating information and sending a response, as discussed in MPEP 2106.05(f). The additional elements of generic computer elements are not directed to an improvement in a technology or technical field. Therefore, the additional elements do not amount to significantly more than the judicial exception.
The dependent claims 2-10, 12-15, and 17-18 further narrow the abstract idea of verifying the received information from a supplier and sending encrypted material in response as recited in the independent claims 1, 11, and 16.
The dependent claims recite the following additional elements:
Claim 19: wherein the processor is part of a heterogenous computing platform selected from the group consisting of: a System-On-Chip (SoC), a Field-Programmable Gate Array (FPGA), and an Application-Specific Integrated Circuit (ASIC).
Claim 20: wherein the heterogenous computing platform comprises a Reduced Instruction Set Computer (RISC) processor coupled to the EC via an interconnect, and wherein the interconnect comprises at least one of: an Advanced Microcontroller Bus Architecture (AMBA) bus, a QuickPath Interconnect (QPI) bus, or a HyperTransport (HT) bus.
However, the additional elements are directed to merely “apply it” or applying generic computer elements to perform the abstract idea.
Therefore, claims 1-20 are rejected under 35 U.S.C. 101.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 1-20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Dellow (US 2014/0090078) in view of Britt (US 2015/0356278).
Claim 1: Dellow discloses an Information Handling System (IHS), comprising: a processor; and a memory coupled to the processor, the memory having program instructions stored thereon that, upon execution, cause the IHS to: receive a message from a supplier, wherein the message identifies a device (Paragraph [0011-0013]; [0027-0028]; [0030-0031]; Fig. 6, methods, devices, systems, and computer program products are provided to facilitate cryptographically secure retrieval of secrete information that is embedded in a device. Upon receiving a request for the embedded secret information, an encrypted secret is provided to the requestor that enables the recovery of the embedded information by only the requestor. The disclosed embodiments provide examples for implementing methods for facilitating the exchange of secret information that resides in a device, such as a chip, system-on chip, and the like. Another set of operations can be carried out to securely provide secret information associated with a device. For example, one or more components of the device that comprise a security system outside of the device manufacturing facility. A message that includes a signed public key and a requester ID is received from a requestor. Next, the public key is verified, and if the determination indicates that the public key is not valid a reset operation is initiated. If the determination indicates a valid public key, the operation continue to determine if the secret information has not been previously exported to the requesting entity. If not a derived secret is created using the requester ID and secret embedded information. The derived secret is encrypted. The encrypted secret is further signed. The signed and encrypted derived secret is outputted. The device is marked to indicate that the embedded secret information has been exported to the particular requestor);
and in response to verification of the device, send encrypted material to the supplier, wherein the supplier is configured to generate a Certificate Signing Request (CSR) for the device comprising the encrypted material (Paragraph [0011-0013]; [0027-0028]; [0030-0031]; Fig. 6, methods, devices, systems, and computer program products are provided to facilitate cryptographically secure retrieval of secrete information that is embedded in a device. Upon receiving a request for the embedded secret information, an encrypted secret is provided to the requestor that enables the recovery of the embedded information by only the requestor. The disclosed embodiments provide examples for implementing methods for facilitating the exchange of secret information that resides in a device, such as a chip, system-on chip, and the like. Another set of operations can be carried out to securely provide secret information associated with a device. For example, one or more components of the device that comprise a security system outside of the device manufacturing facility. A message that includes a signed public key and a requester ID is received from a requestor. Next, the public key is verified, and if the determination indicates that the public key is not valid a reset operation is initiated. If the determination indicates a valid public key, the operation continue to determine if the secret information has not been previously exported to the requesting entity. If not a derived secret is created using the requester ID and secret embedded information. The derived secret is encrypted. The encrypted secret is further signed. The signed and encrypted derived secret is outputted. The device is marked to indicate that the embedded secret information has been exported to the particular requestor).
Dellow discloses a system for delivering encrypted device secret information to a requestor based on a verification process. However, Dellow does not disclose the following claim limitations: and in response to verification of the device against a Purchase Order (PO) database of an Original Equipment Manufacturer (OEM).
In the same field of endeavor of delivering secret information based on verifying ownership of a product Britt teaches and in response to verification of the device against a Purchase Order (PO) database of an Original Equipment Manufacturer (OEM) (Paragraph [0005-0006]; [0027]; [0039]; [0112-0113]; Fig. 3A, systems for delivering content from an internet-connected hosted server system to various client computing devices. The systems described here permit a user to obtain cloud-based access to content that the user has purchased and which she possess in physical form e.g. a CD. To implement such access the physical version of the content in the form of a physical item may be encoded with a unique identifier and an owner of the item can capture the unique identifier. Such capture may occur by exposing the physical item to an electronic device which can read the identifier. The identifying information may then be sent to a networked content previsioning system along with information that identifies the topic of the content. The identification information may include information that identifies the user, such as a user account number, and also information that identifies the particular media item. Information identifying the particular media item may include for example, a unique identifying number that has been encoded in an NFC chip and may additionally include an image of the item captured by a camera, where the image may include graphics from the item for verification by the registration server that may resolve the barcode into metadata that describes the item).
Before the effective filing date of the invention it would have been obvious to one of ordinary skill in the art to modify the system of verifying the ownership of a device and requesting encrypted information based on the identity of the owner and device as disclosed by Dellow with the system of and in response to verification of the device against a Purchase Order (PO) database of an Original Equipment Manufacturer (OEM) as taught by Britt (Britt [0005]). With the motivation of helping to securely disseminate information to verified entities (Britt [0004]).
Claim 2: Modified Dellow discloses the IHS as per claim 1. Dellow further discloses wherein to verify the device against the PO database, the program instructions, upon execution, further cause the IHS to determine the device has not been previously processed (Paragraph [0011-0013]; [0027-0028]; [0030-0031]; Fig. 6, methods, devices, systems, and computer program products are provided to facilitate cryptographically secure retrieval of secrete information that is embedded in a device. Upon receiving a request for the embedded secret information, an encrypted secret is provided to the requestor that enables the recovery of the embedded information by only the requestor. The disclosed embodiments provide examples for implementing methods for facilitating the exchange of secret information that resides in a device, such as a chip, system-on chip, and the like. Another set of operations can be carried out to securely provide secret information associated with a device. For example, one or more components of the device that comprise a security system outside of the device manufacturing facility. A message that includes a signed public key and a requester ID is received from a requestor. Next, the public key is verified, and if the determination indicates that the public key is not valid a reset operation is initiated. If the determination indicates a valid public key, the operation continue to determine if the secret information has not been previously exported to the requesting entity. If not a derived secret is created using the requester ID and secret embedded information. The derived secret is encrypted. The encrypted secret is further signed. The signed and encrypted derived secret is outputted. The device is marked to indicate that the embedded secret information has been exported to the particular requestor).
Claim 3: Modified Dellow discloses the IHS as per claim 1. However, Dellow does not disclose wherein the encrypted material comprises at least one of: a device serial number, a model number, or a PO number.
In the same field of endeavor of delivering secret information based on verifying ownership of a product Britt teaches wherein the encrypted material comprises at least one of: a device serial number, a model number, or a PO number (Paragraph [0005-0006]; [0027]; [0039]; [0112-0113]; Fig. 3A, systems for delivering content from an internet-connected hosted server system to various client computing devices. The systems described here permit a user to obtain cloud-based access to content that the user has purchased and which she possess in physical form e.g. a CD. To implement such access the physical version of the content in the form of a physical item may be encoded with a unique identifier and an owner of the item can capture the unique identifier. Such capture may occur by exposing the physical item to an electronic device which can read the identifier. The identifying information may then be sent to a networked content previsioning system along with information that identifies the topic of the content. The identification information may include information that identifies the user, such as a user account number, and also information that identifies the particular media item. Information identifying the particular media item may include for example, a unique identifying number that has been encoded in an NFC chip and may additionally include an image of the item captured by a camera, where the image may include graphics from the item for verification by the registration server that may resolve the barcode into metadata that describes the item).
Before the effective filing date of the invention it would have been obvious to one of ordinary skill in the art to modify the system of verifying the ownership of a device and requesting encrypted information based on the identity of the owner and device as disclosed by Dellow with the system of and in response to verification of the device against a Purchase Order (PO) database of an Original Equipment Manufacturer (OEM) as taught by Britt (Britt [0005]). With the motivation of helping to securely disseminate information to verified entities (Britt [0004]).
Claim 4: Modified Dellow discloses the IHS as per claim 1. Dellow further discloses wherein the supplier is configured to receive a digital certificate in response to the CSR (Paragraph [0011-0013]; [0027-0028]; [0030-0031]; Fig. 6, methods, devices, systems, and computer program products are provided to facilitate cryptographically secure retrieval of secrete information that is embedded in a device. Upon receiving a request for the embedded secret information, an encrypted secret is provided to the requestor that enables the recovery of the embedded information by only the requestor. The disclosed embodiments provide examples for implementing methods for facilitating the exchange of secret information that resides in a device, such as a chip, system-on chip, and the like. Another set of operations can be carried out to securely provide secret information associated with a device. For example, one or more components of the device that comprise a security system outside of the device manufacturing facility. A message that includes a signed public key and a requester ID is received from a requestor. Next, the public key is verified, and if the determination indicates that the public key is not valid a reset operation is initiated. If the determination indicates a valid public key, the operation continue to determine if the secret information has not been previously exported to the requesting entity. If not a derived secret is created using the requester ID and secret embedded information. The derived secret is encrypted. The encrypted secret is further signed. The signed and encrypted derived secret is outputted. The device is marked to indicate that the embedded secret information has been exported to the particular requestor).
Claim 5: Modified Dellow discloses the IHS as per claim 1. Dellow further discloses wherein the message comprises a message ID indicating an impending digital certificate for the device (Paragraph [0011-0013]; [0027-0028]; [0030-0031]; Fig. 6, methods, devices, systems, and computer program products are provided to facilitate cryptographically secure retrieval of secrete information that is embedded in a device. Upon receiving a request for the embedded secret information, an encrypted secret is provided to the requestor that enables the recovery of the embedded information by only the requestor. The disclosed embodiments provide examples for implementing methods for facilitating the exchange of secret information that resides in a device, such as a chip, system-on chip, and the like. Another set of operations can be carried out to securely provide secret information associated with a device. For example, one or more components of the device that comprise a security system outside of the device manufacturing facility. A message that includes a signed public key and a requester ID is received from a requestor. Next, the public key is verified, and if the determination indicates that the public key is not valid a reset operation is initiated. If the determination indicates a valid public key, the operation continue to determine if the secret information has not been previously exported to the requesting entity. If not a derived secret is created using the requester ID and secret embedded information. The derived secret is encrypted. The encrypted secret is further signed. The signed and encrypted derived secret is outputted. The device is marked to indicate that the embedded secret information has been exported to the particular requestor).
Claim 6: Modified Dellow discloses the IHS as per claim 5. However, Dellow does not disclose wherein attestation of the digital certificate indicates the device was made for the OEM.
In the same field of endeavor of delivering secret information based on verifying ownership of a product Britt teaches wherein attestation of the digital certificate indicates the device was made for the OEM (Paragraph [0005-0006]; [0027]; [0039]; [0112-0113]; Fig. 3A, systems for delivering content from an internet-connected hosted server system to various client computing devices. The systems described here permit a user to obtain cloud-based access to content that the user has purchased and which she possess in physical form e.g. a CD. To implement such access the physical version of the content in the form of a physical item may be encoded with a unique identifier and an owner of the item can capture the unique identifier. Such capture may occur by exposing the physical item to an electronic device which can read the identifier. The identifying information may then be sent to a networked content previsioning system along with information that identifies the topic of the content. The identification information may include information that identifies the user, such as a user account number, and also information that identifies the particular media item. Information identifying the particular media item may include for example, a unique identifying number that has been encoded in an NFC chip and may additionally include an image of the item captured by a camera, where the image may include graphics from the item for verification by the registration server that may resolve the barcode into metadata that describes the item).
Before the effective filing date of the invention it would have been obvious to one of ordinary skill in the art to modify the system of verifying the ownership of a device and requesting encrypted information based on the identity of the owner and device as disclosed by Dellow with the system of and in response to verification of the device against a Purchase Order (PO) database of an Original Equipment Manufacturer (OEM) as taught by Britt (Britt [0005]). With the motivation of helping to securely disseminate information to verified entities (Britt [0004]).
Claim 7: Modified Dellow discloses the IHS as per claim 5. However, Dellow does not disclose wherein attestation of the digital certificate indicates the device was made for a customer of the OEM.
In the same field of endeavor of delivering secret information based on verifying ownership of a product Britt teaches wherein attestation of the digital certificate indicates the device was made for a customer of the OEM (Paragraph [0005-0006]; [0027]; [0039]; [0112-0113]; Fig. 3A, systems for delivering content from an internet-connected hosted server system to various client computing devices. The systems described here permit a user to obtain cloud-based access to content that the user has purchased and which she possess in physical form e.g. a CD. To implement such access the physical version of the content in the form of a physical item may be encoded with a unique identifier and an owner of the item can capture the unique identifier. Such capture may occur by exposing the physical item to an electronic device which can read the identifier. The identifying information may then be sent to a networked content previsioning system along with information that identifies the topic of the content. The identification information may include information that identifies the user, such as a user account number, and also information that identifies the particular media item. Information identifying the particular media item may include for example, a unique identifying number that has been encoded in an NFC chip and may additionally include an image of the item captured by a camera, where the image may include graphics from the item for verification by the registration server that may resolve the barcode into metadata that describes the item).
Before the effective filing date of the invention it would have been obvious to one of ordinary skill in the art to modify the system of verifying the ownership of a device and requesting encrypted information based on the identity of the owner and device as disclosed by Dellow with the system of and in response to verification of the device against a Purchase Order (PO) database of an Original Equipment Manufacturer (OEM) as taught by Britt (Britt [0005]). With the motivation of helping to securely disseminate information to verified entities (Britt [0004]).
Claim 8: Modified Dellow discloses the IHS as per claim 5. Dellow further discloses wherein the digital certificate comprises a Security Protocol and Data Model (SPDM) certificate (Paragraph [0011-0013]; [0027-0028]; [0030-0031]; Fig. 6, methods, devices, systems, and computer program products are provided to facilitate cryptographically secure retrieval of secrete information that is embedded in a device. Upon receiving a request for the embedded secret information, an encrypted secret is provided to the requestor that enables the recovery of the embedded information by only the requestor. The disclosed embodiments provide examples for implementing methods for facilitating the exchange of secret information that resides in a device, such as a chip, system-on chip, and the like. Another set of operations can be carried out to securely provide secret information associated with a device. For example, one or more components of the device that comprise a security system outside of the device manufacturing facility. A message that includes a signed public key and a requester ID is received from a requestor. Next, the public key is verified, and if the determination indicates that the public key is not valid a reset operation is initiated. If the determination indicates a valid public key, the operation continue to determine if the secret information has not been previously exported to the requesting entity. If not a derived secret is created using the requester ID and secret embedded information. The derived secret is encrypted. The encrypted secret is further signed. The signed and encrypted derived secret is outputted. The device is marked to indicate that the embedded secret information has been exported to the particular requestor).
Claim 9: Modified Dellow discloses the IHS as per claim 8. Dellow further discloses wherein the supplier is configured to store the SPDM certificate in slot 0 of the device (Paragraph [0011-0013]; [0027-0028]; [0030-0031]; Fig. 6, methods, devices, systems, and computer program products are provided to facilitate cryptographically secure retrieval of secrete information that is embedded in a device. Upon receiving a request for the embedded secret information, an encrypted secret is provided to the requestor that enables the recovery of the embedded information by only the requestor. The disclosed embodiments provide examples for implementing methods for facilitating the exchange of secret information that resides in a device, such as a chip, system-on chip, and the like. Another set of operations can be carried out to securely provide secret information associated with a device. For example, one or more components of the device that comprise a security system outside of the device manufacturing facility. A message that includes a signed public key and a requester ID is received from a requestor. Next, the public key is verified, and if the determination indicates that the public key is not valid a reset operation is initiated. If the determination indicates a valid public key, the operation continue to determine if the secret information has not been previously exported to the requesting entity. If not a derived secret is created using the requester ID and secret embedded information. The derived secret is encrypted. The encrypted secret is further signed. The signed and encrypted derived secret is outputted. The device is marked to indicate that the embedded secret information has been exported to the particular requestor).
Claim 10: Modified Dellow discloses the IHS as per claim 1. Dellow further discloses wherein the supplier comprises a first supplier and a second supplier, the first supplier produces the device, the second supplier produces a device part, the first supplier is configured to forward the encrypted blob to the second supplier, and the second supplier is configured to generate another CSR for the part (Paragraph [0011-0013]; [0027-0028]; [0030-0031]; Fig. 6, methods, devices, systems, and computer program products are provided to facilitate cryptographically secure retrieval of secrete information that is embedded in a device. Upon receiving a request for the embedded secret information, an encrypted secret is provided to the requestor that enables the recovery of the embedded information by only the requestor. The disclosed embodiments provide examples for implementing methods for facilitating the exchange of secret information that resides in a device, such as a chip, system-on chip, and the like. Another set of operations can be carried out to securely provide secret information associated with a device. For example, one or more components of the device that comprise a security system outside of the device manufacturing facility. A message that includes a signed public key and a requester ID is received from a requestor. Next, the public key is verified, and if the determination indicates that the public key is not valid a reset operation is initiated. If the determination indicates a valid public key, the operation continue to determine if the secret information has not been previously exported to the requesting entity. If not a derived secret is created using the requester ID and secret embedded information. The derived secret is encrypted. The encrypted secret is further signed. The signed and encrypted derived secret is outputted. The device is marked to indicate that the embedded secret information has been exported to the particular requestor).
Claim 11: Dellow discloses a method, comprising: receiving a message from a supplier, wherein the message identifies a device (Paragraph [0011-0013]; [0027-0028]; [0030-0031]; Fig. 6, methods, devices, systems, and computer program products are provided to facilitate cryptographically secure retrieval of secrete information that is embedded in a device. Upon receiving a request for the embedded secret information, an encrypted secret is provided to the requestor that enables the recovery of the embedded information by only the requestor. The disclosed embodiments provide examples for implementing methods for facilitating the exchange of secret information that resides in a device, such as a chip, system-on chip, and the like. Another set of operations can be carried out to securely provide secret information associated with a device. For example, one or more components of the device that comprise a security system outside of the device manufacturing facility. A message that includes a signed public key and a requester ID is received from a requestor. Next, the public key is verified, and if the determination indicates that the public key is not valid a reset operation is initiated. If the determination indicates a valid public key, the operation continue to determine if the secret information has not been previously exported to the requesting entity. If not a derived secret is created using the requester ID and secret embedded information. The derived secret is encrypted. The encrypted secret is further signed. The signed and encrypted derived secret is outputted. The device is marked to indicate that the embedded secret information has been exported to the particular requestor);
transmitting an OEM’s digital certificate to the supplier, wherein the supplier is configured to generate a Certificate Signing Request (CSR) for the device comprising the OEM’s digital certificate (Paragraph [0011-0013]; [0027-0028]; [0030-0031]; Fig. 6, methods, devices, systems, and computer program products are provided to facilitate cryptographically secure retrieval of secrete information that is embedded in a device. Upon receiving a request for the embedded secret information, an encrypted secret is provided to the requestor that enables the recovery of the embedded information by only the requestor. The disclosed embodiments provide examples for implementing methods for facilitating the exchange of secret information that resides in a device, such as a chip, system-on chip, and the like. Another set of operations can be carried out to securely provide secret information associated with a device. For example, one or more components of the device that comprise a security system outside of the device manufacturing facility. A message that includes a signed public key and a requester ID is received from a requestor. Next, the public key is verified, and if the determination indicates that the public key is not valid a reset operation is initiated. If the determination indicates a valid public key, the operation continue to determine if the secret information has not been previously exported to the requesting entity. If not a derived secret is created using the requester ID and secret embedded information. The derived secret is encrypted. The encrypted secret is further signed. The signed and encrypted derived secret is outputted. The device is marked to indicate that the embedded secret information has been exported to the particular requestor).
Dellow discloses a system for delivering encrypted device secret information to a requestor based on a verification process. However, Dellow does not disclose the following claim limitations: and in response to verification of the device against a Purchase Order (PO) database of an Original Equipment Manufacturer (OEM).
In the same field of endeavor of delivering secret information based on verifying ownership of a product Britt teaches and in response to verification of the device against a Purchase Order (PO) database of an Original Equipment Manufacturer (OEM) (Paragraph [0005-0006]; [0027]; [0039]; [0112-0113]; Fig. 3A, systems for delivering content from an internet-connected hosted server system to various client computing devices. The systems described here permit a user to obtain cloud-based access to content that the user has purchased and which she possess in physical form e.g. a CD. To implement such access the physical version of the content in the form of a physical item may be encoded with a unique identifier and an owner of the item can capture the unique identifier. Such capture may occur by exposing the physical item to an electronic device which can read the identifier. The identifying information may then be sent to a networked content previsioning system along with information that identifies the topic of the content. The identification information may include information that identifies the user, such as a user account number, and also information that identifies the particular media item. Information identifying the particular media item may include for example, a unique identifying number that has been encoded in an NFC chip and may additionally include an image of the item captured by a camera, where the image may include graphics from the item for verification by the registration server that may resolve the barcode into metadata that describes the item).
Before the effective filing date of the invention it would have been obvious to one of ordinary skill in the art to modify the system of verifying the ownership of a device and requesting encrypted information based on the identity of the owner and device as disclosed by Dellow with the system of and in response to verification of the device against a Purchase Order (PO) database of an Original Equipment Manufacturer (OEM) as taught by Britt (Britt [0005]). With the motivation of helping to securely disseminate information to verified entities (Britt [0004]).
Claim 12: Modified Dellow discloses the method as per claim 11. Dellow further discloses wherein the message comprises a message ID indicating an impending Security Protocol and Data Model (SPDM) certificate for the device (Paragraph [0011-0013]; [0027-0028]; [0030-0031]; Fig. 6, methods, devices, systems, and computer program products are provided to facilitate cryptographically secure retrieval of secrete information that is embedded in a device. Upon receiving a request for the embedded secret information, an encrypted secret is provided to the requestor that enables the recovery of the embedded information by only the requestor. The disclosed embodiments provide examples for implementing methods for facilitating the exchange of secret information that resides in a device, such as a chip, system-on chip, and the like. Another set of operations can be carried out to securely provide secret information associated with a device. For example, one or more components of the device that comprise a security system outside of the device manufacturing facility. A message that includes a signed public key and a requester ID is received from a requestor. Next, the public key is verified, and if the determination indicates that the public key is not valid a reset operation is initiated. If the determination indicates a valid public key, the operation continue to determine if the secret information has not been previously exported to the requesting entity. If not a derived secret is created using the requester ID and secret embedded information. The derived secret is encrypted. The encrypted secret is further signed. The signed and encrypted derived secret is outputted. The device is marked to indicate that the embedded secret information has been exported to the particular requestor).
Claim 13: Modified Dellow discloses the method as per claim 11. However, Dellow does not disclose wherein the digital certificate comprises at least one of: a device serial number, a model number, or a PO number.
In the same field of endeavor of delivering secret information based on verifying ownership of a product Britt teaches wherein the digital certificate comprises at least one of: a device serial number, a model number, or a PO number (Paragraph [0005-0006]; [0027]; [0039]; [0112-0113]; Fig. 3A, systems for delivering content from an internet-connected hosted server system to various client computing devices. The systems described here permit a user to obtain cloud-based access to content that the user has purchased and which she possess in physical form e.g. a CD. To implement such access the physical version of the content in the form of a physical item may be encoded with a unique identifier and an owner of the item can capture the unique identifier. Such capture may occur by exposing the physical item to an electronic device which can read the identifier. The identifying information may then be sent to a networked content previsioning system along with information that identifies the topic of the content. The identification information may include information that identifies the user, such as a user account number, and also information that identifies the particular media item. Information identifying the particular media item may include for example, a unique identifying number that has been encoded in an NFC chip and may additionally include an image of the item captured by a camera, where the image may include graphics from the item for verification by the registration server that may resolve the barcode into metadata that describes the item).
Before the effective filing date of the invention it would have been obvious to one of ordinary skill in the art to modify the system of verifying the ownership of a device and requesting encrypted information based on the identity of the owner and device as disclosed by Dellow with the system of and in response to verification of the device against a Purchase Order (PO) database of an Original Equipment Manufacturer (OEM) as taught by Britt (Britt [0005]). With the motivation of helping to securely disseminate information to verified entities (Britt [0004]).
Claim 14: Modified Dellow discloses the method as per claim 11. Dellow further discloses wherein the supplier is configured to receive a device’s digital certificate in response to the CSR (Paragraph [0011-0013]; [0027-0028]; [0030-0031]; Fig. 6, methods, devices, systems, and computer program products are provided to facilitate cryptographically secure retrieval of secrete information that is embedded in a device. Upon receiving a request for the embedded secret information, an encrypted secret is provided to the requestor that enables the recovery of the embedded information by only the requestor. The disclosed embodiments provide examples for implementing methods for facilitating the exchange of secret information that resides in a device, such as a chip, system-on chip, and the like. Another set of operations can be carried out to securely provide secret information associated with a device. For example, one or more components of the device that comprise a security system outside of the device manufacturing facility. A message that includes a signed public key and a requester ID is received from a requestor. Next, the public key is verified, and if the determination indicates that the public key is not valid a reset operation is initiated. If the determination indicates a valid public key, the operation continue to determine if the secret information has not been previously exported to the requesting entity. If not a derived secret is created using the requester ID and secret embedded information. The derived secret is encrypted. The encrypted secret is further signed. The signed and encrypted derived secret is outputted. The device is marked to indicate that the embedded secret information has been exported to the particular requestor).
Claim 15: Modified Dellow discloses the method as per claim 11. Dellow further discloses wherein the supplier is configured to store the device’s digital certificate in slot 1 of the device (Paragraph [0011-0013]; [0027-0028]; [0030-0031]; Fig. 6, methods, devices, systems, and computer program products are provided to facilitate cryptographically secure retrieval of secrete information that is embedded in a device. Upon receiving a request for the embedded secret information, an encrypted secret is provided to the requestor that enables the recovery of the embedded information by only the requestor. The disclosed embodiments provide examples for implementing methods for facilitating the exchange of secret information that resides in a device, such as a chip, system-on chip, and the like. Another set of operations can be carried out to securely provide secret information associated with a device. For example, one or more components of the device that comprise a security system outside of the device manufacturing facility. A message that includes a signed public key and a requester ID is received from a requestor. Next, the public key is verified, and if the determination indicates that the public key is not valid a reset operation is initiated. If the determination indicates a valid public key, the operation continue to determine if the secret information has not been previously exported to the requesting entity. If not a derived secret is created using the requester ID and secret embedded information. The derived secret is encrypted. The encrypted secret is further signed. The signed and encrypted derived secret is outputted. The device is marked to indicate that the embedded secret information has been exported to the particular requestor).
Claim 16: Dellow discloses a hardware memory device having program instructions stored thereon that, upon execution by a processor of an Information Handling System (IHS), cause the IHS to: send a message to an OEM, wherein the message identifies a device (Paragraph [0011-0013]; [0027-0028]; [0030-0031]; Fig. 6, methods, devices, systems, and computer program products are provided to facilitate cryptographically secure retrieval of secrete information that is embedded in a device. Upon receiving a request for the embedded secret information, an encrypted secret is provided to the requestor that enables the recovery of the embedded information by only the requestor. The disclosed embodiments provide examples for implementing methods for facilitating the exchange of secret information that resides in a device, such as a chip, system-on chip, and the like. Another set of operations can be carried out to securely provide secret information associated with a device. For example, one or more components of the device that comprise a security system outside of the device manufacturing facility. A message that includes a signed public key and a requester ID is received from a requestor. Next, the public key is verified, and if the determination indicates that the public key is not valid a reset operation is initiated. If the determination indicates a valid public key, the operation continue to determine if the secret information has not been previously exported to the requesting entity. If not a derived secret is created using the requester ID and secret embedded information. The derived secret is encrypted. The encrypted secret is further signed. The signed and encrypted derived secret is outputted. The device is marked to indicate that the embedded secret information has been exported to the particular requestor).
Dellow discloses a system for delivering encrypted device secret information to a requestor based on a verification process. However, Dellow does not disclose the following claim limitations: and receive encrypted material from an Original Equipment Manufacturer (OEM) in response to the OEM’s verification of the device against a Purchase Order (PO) database.
In the same field of endeavor of delivering secret information based on verifying ownership of a product Britt teaches and receive encrypted material from an Original Equipment Manufacturer (OEM) in response to the OEM’s verification of the device against a Purchase Order (PO) database (Paragraph [0005-0006]; [0027]; [0039]; [0112-0113]; Fig. 3A, systems for delivering content from an internet-connected hosted server system to various client computing devices. The systems described here permit a user to obtain cloud-based access to content that the user has purchased and which she possess in physical form e.g. a CD. To implement such access the physical version of the content in the form of a physical item may be encoded with a unique identifier and an owner of the item can capture the unique identifier. Such capture may occur by exposing the physical item to an electronic device which can read the identifier. The identifying information may then be sent to a networked content previsioning system along with information that identifies the topic of the content. The identification information may include information that identifies the user, such as a user account number, and also information that identifies the particular media item. Information identifying the particular media item may include for example, a unique identifying number that has been encoded in an NFC chip and may additionally include an image of the item captured by a camera, where the image may include graphics from the item for verification by the registration server that may resolve the barcode into metadata that describes the item).
Before the effective filing date of the invention it would have been obvious to one of ordinary skill in the art to modify the system of and receive encrypted material from an Original Equipment Manufacturer (OEM) in response to the OEM’s verification of the device against a Purchase Order (PO) database as taught by Britt (Britt [0005]). With the motivation of helping to securely disseminate information to verified entities (Britt [0004]).
Claim 17: Modified Dellow discloses the hardware memory device as per claim 16. Dellow further discloses wherein the encrypted material comprises a digital certificate issued by the OEM (Paragraph [0011-0013]; [0027-0028]; [0030-0031]; Fig. 6, methods, devices, systems, and computer program products are provided to facilitate cryptographically secure retrieval of secrete information that is embedded in a device. Upon receiving a request for the embedded secret information, an encrypted secret is provided to the requestor that enables the recovery of the embedded information by only the requestor. The disclosed embodiments provide examples for implementing methods for facilitating the exchange of secret information that resides in a device, such as a chip, system-on chip, and the like. Another set of operations can be carried out to securely provide secret information associated with a device. For example, one or more components of the device that comprise a security system outside of the device manufacturing facility. A message that includes a signed public key and a requester ID is received from a requestor. Next, the public key is verified, and if the determination indicates that the public key is not valid a reset operation is initiated. If the determination indicates a valid public key, the operation continue to determine if the secret information has not been previously exported to the requesting entity. If not a derived secret is created using the requester ID and secret embedded information. The derived secret is encrypted. The encrypted secret is further signed. The signed and encrypted derived secret is outputted. The device is marked to indicate that the embedded secret information has been exported to the particular requestor).
Claim 18: Modified Dellow discloses the hardware memory device as per claim 16. Dellow further discloses wherein the program instructions, upon execution by the processor, cause the IHS to generate a Certificate Signing Request (CSR) for the device comprising the encrypted material (Paragraph [0011-0013]; [0027-0028]; [0030-0031]; Fig. 6, methods, devices, systems, and computer program products are provided to facilitate cryptographically secure retrieval of secrete information that is embedded in a device. Upon receiving a request for the embedded secret information, an encrypted secret is provided to the requestor that enables the recovery of the embedded information by only the requestor. The disclosed embodiments provide examples for implementing methods for facilitating the exchange of secret information that resides in a device, such as a chip, system-on chip, and the like. Another set of operations can be carried out to securely provide secret information associated with a device. For example, one or more components of the device that comprise a security system outside of the device manufacturing facility. A message that includes a signed public key and a requester ID is received from a requestor. Next, the public key is verified, and if the determination indicates that the public key is not valid a reset operation is initiated. If the determination indicates a valid public key, the operation continue to determine if the secret information has not been previously exported to the requesting entity. If not a derived secret is created using the requester ID and secret embedded information. The derived secret is encrypted. The encrypted secret is further signed. The signed and encrypted derived secret is outputted. The device is marked to indicate that the embedded secret information has been exported to the particular requestor).
Claim 19: Modified Dellow discloses the hardware memory device as per claim 16. Dellow further discloses wherein the processor is part of a heterogenous computing platform selected from the group consisting of: a System-On-Chip (SoC), a Field-Programmable Gate Array (FPGA), and an Application-Specific Integrated Circuit (ASIC) (Paragraph [0011-0013]; [0027-0028]; [0030-0031]; Fig. 6, methods, devices, systems, and computer program products are provided to facilitate cryptographically secure retrieval of secrete information that is embedded in a device. Upon receiving a request for the embedded secret information, an encrypted secret is provided to the requestor that enables the recovery of the embedded information by only the requestor. The disclosed embodiments provide examples for implementing methods for facilitating the exchange of secret information that resides in a device, such as a chip, system-on chip, and the like. Another set of operations can be carried out to securely provide secret information associated with a device. For example, one or more components of the device that comprise a security system outside of the device manufacturing facility. A message that includes a signed public key and a requester ID is received from a requestor. Next, the public key is verified, and if the determination indicates that the public key is not valid a reset operation is initiated. If the determination indicates a valid public key, the operation continue to determine if the secret information has not been previously exported to the requesting entity. If not a derived secret is created using the requester ID and secret embedded information. The derived secret is encrypted. The encrypted secret is further signed. The signed and encrypted derived secret is outputted. The device is marked to indicate that the embedded secret information has been exported to the particular requestor).
Claim 20: Modified Dellow discloses the hardware memory device as per claim 19. However, Dellow does not disclose wherein the heterogenous computing platform comprises a Reduced Instruction Set Computer (RISC) processor coupled to the EC via an interconnect, and wherein the interconnect comprises at least one of: an Advanced Microcontroller Bus Architecture (AMBA) bus, a QuickPath Interconnect (QPI) bus, or a HyperTransport (HT) bus.
In the same field of endeavor of delivering secret information based on verifying ownership of a product Britt teaches wherein the heterogenous computing platform comprises a Reduced Instruction Set Computer (RISC) processor coupled to the EC via an interconnect, and wherein the interconnect comprises at least one of: an Advanced Microcontroller Bus Architecture (AMBA) bus, a QuickPath Interconnect (QPI) bus, or a HyperTransport (HT) bus (Paragraph [0005-0006]; [0027]; [0039]; [0112-0113]; Fig. 3A, systems for delivering content from an internet-connected hosted server system to various client computing devices. The systems described here permit a user to obtain cloud-based access to content that the user has purchased and which she possess in physical form e.g. a CD. To implement such access the physical version of the content in the form of a physical item may be encoded with a unique identifier and an owner of the item can capture the unique identifier. Such capture may occur by exposing the physical item to an electronic device which can read the identifier. The identifying information may then be sent to a networked content previsioning system along with information that identifies the topic of the content. The identification information may include information that identifies the user, such as a user account number, and also information that identifies the particular media item. Information identifying the particular media item may include for example, a unique identifying number that has been encoded in an NFC chip and may additionally include an image of the item captured by a camera, where the image may include graphics from the item for verification by the registration server that may resolve the barcode into metadata that describes the item. Computing devices include a processor, memory, and a low-speed interface connecting to low-speed bus. Each component are interconnected using various busses).
Before the effective filing date of the invention it would have been obvious to one of ordinary skill in the art to modify the system of verifying the ownership of a device and requesting encrypted information based on the identity of the owner and device as disclosed by Dellow with the system of and in response to verification of the device against a Purchase Order (PO) database of an Original Equipment Manufacturer (OEM) as taught by Britt (Britt [0005]). With the motivation of helping to securely disseminate information to verified entities (Britt [0004]).
Therefore, claim 1-10 are rejected under U.S.C. 103.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant’s disclosure.
Gremaud (US 2025/0112791) Deployment of digital security credentials for just-in-time provisioning of networked devices.
Aschauer (US 2021/0351940) Issuing device and method for issuing and requesting device and method for requesting a digital certificate.
Felsher (US 8316237) System and method for secure three-party communications.
Bradley (US 2012/0054493) Secure wireless link between two devices using probes.
Vogler (US 2008/0072066) Method and apparatus for authenticating applications to secure services.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to COREY RUSS whose telephone number is (571)270-5902. The examiner can normally be reached on M-F 7:30-4:30.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynda Jasmin can be reached on 5712726782. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service. Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/COREY RUSS/Primary Examiner, Art Unit 3629