DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Allowable Subject Matter
Claims 4,8-11 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 1-3,5-7 and 12-16 are rejected under 35 U.S.C. 103 as being unpatentable over Wang et al. (Wang) (Pub NO. US 2006/0064752) in view of Anson et al. (Anson) (Pub No. US 2014028090)
Regrading Claim 1 Wang teaches: A method for securing [Abstract, A computer security system] an electronic device, [Fig.1, [0006] A computer security system] comprising: a firmware (FW) agent [Fig.1, BIOS. [0012] BIOS (Basic Input/Output System) is a type of firmware ] in the electronic device [Fig.1] generating, during a boot process of the electronic device, [Fig.4, Start and item 100; at block 100, where TPM boot module 30 is enabled] a challenge for an operating system (OS) [[0013] Registration module 40 may be implemented as part of an operating system or another application or platform] agent in the electronic device; [Fig.4, item 108, [0019] At block 108, registration module 40 requests TPM authentication data 62 from the user. The requested authentication data corresponds to a challenge] the OS agent writing a response to the challenge in a mailbox in the electronic device; [[0019]-[0020] At block 110, registration module 40 receives TPM authentication data 62 from the user. At block 114, TPM 16 generates TPM user key 50 based on the TPM authentication data 62. At block 116, registration module 40 sends to BIOS 14 or otherwise causes to be stored in BIOS 14 TPM user key 50 and user identification data 60.] the FW agent checking the response during a subsequent boot process of the electronic device; [[0017], Fig.5, an authentication method using the computer security system 216. [0022] At block 214, TPM boot module 30 requests verification of TPM authentication data 62 by TPM 16 using TPM user key 50. At decisional block 216, a determination is made whether TPM authentication data 62 verification by TPM 16 is successful. ] and the FW agent permitting or preventing completion of the subsequent boot process depending respectively on whether the response is correct or incorrect; [[0022] if TPM authentication data 62 does not correspond to TPM user key 50, the method proceeds to block 202, where TPM boot module 30 may be configured to repeat the boot authentication process. If TPM authentication data 62 corresponds to TPM user key 50 or is otherwise verified by TPM 16, the method proceeds to block 218, where BIOS 14 continues or otherwise initiates the boot process.] wherein the electronic device receives one or more inputs from a user between an end of the boot process and a beginning of the subsequent boot process. [[0017] during a subsequent boot process in response to activation or enablement of TPM boot module 30 and acquisition and/or creation of TPM user key 50, TPM boot module 30 requests and/or otherwise receives user identification data 60] [0021] At block 204, TPM boot module 30 receives user identification data 60 from the user.]
Regrading Claim 1, Wang teaches registration module sends to BIOS or otherwise causes to be stored in BIOS TPM user key and user identification data, wherein storing TPM key corresponds to writing the response to the challenge in a mailbox. Wang does not teach “after the boot process is complete”
However, Anson teaches : after the boot process is complete. [Fig.2, [0033] method 200 for invoking BIOS setup in an information handling system (e.g., information handling system 102) [ [0037] n response to validation of credentials, operating system integration module 112 may set BIOS setup flag 114 to a value indicating that BIOS setup is to be invoked on a subsequent boot of information handling system 102. ]
Therefore, it would have been obvious to one of the ordinary skilled in the art to which this invention pertains before the effective filing date of the invention update the TPM user key and user identification data under the control of operating system in Wang’s system using Anson’s teaching.
A person with ordinary skill in the art would have been motivated to combine Wang and Anson to reduce bootup time and improve user experience. [0004]
Regrading Claim 2 Wang teaches: prior to the OS agent writing the response: the FW agent checking, during the boot process, that a prior response in the mailbox is correct; and the FW agent permitting completion of the boot process.[[0020] At block 116, registration module 40 sends to BIOS 14 or otherwise causes to be stored in BIOS 14 TPM user key 50 and user identification data 60. Fig.5, item 216, [0022] decisional block 216, a determination is made whether TPM authentication data 62 verification by TPM 16 is successful and enable boot process.]
Regarding Claim 3 Wang teaches the FW agent determining that there is no response in the mailbox during another boot process of the electronic device; and the FW agent preventing completion of the other boot process. [Wang: [Fig.5, 216, [0022] If TPM authentication data 62 does not correspond to TPM user key 50, the method proceeds to block 202, where TPM boot module 30 may be configured to repeat the boot authentication process, therefore preventing boot processor until validation of TPM key.]
Wang does not tach after completion of the subsequent boot process.
However, Anson teaches : after completion of the subsequent boot process. [Fig.2, [0033] method 200 for invoking BIOS setup in an information handling system (e.g., information handling system 102) [ [0037] in response to validation of credentials…..]
Therefore, it would have been obvious to one of the ordinary skilled in the art to which this invention pertains before the effective filing date of the invention to run boot authentication process after operating system is booted in Wang’s system using Anson’s teaching.
A person with ordinary skill in the art would have been motivated to combine Wang and Anson to reduce bootup time and improve user experience. [0004]
Regrading Claim 5 Wang teaches: preventing completion of the subsequent boot process: the FW agent receiving a correct passcode; and in response, the FW agent then permitting completion of the boot process. [[Fig.5, item 202, [0022] If TPM authentication data 62 does not correspond to TPM user key 50, the method proceeds to block 202, where TPM boot module 30 may be configured to repeat the boot authentication process. ]
Regrading Claim 6 Wang teaches: the OS agent obtaining the response from a server.[[0012] it should be understood that system 10 may be implemented in any of a variety of types of computing devices or systems including, but not limited to, a personal or desktop computer, personal digital assistant (PDA), notebook or laptop computer, tablet, workstation, and server.]
Regrading Claim 7 the combination Wang and Anson teaches: OS agent writing the response prior to the subsequent boot process starting [WANG: [0019]-[0020] At block 110, registration module 40 receives TPM authentication data 62 from the user. At block 114, TPM 16 generates TPM user key 50 based on the TPM authentication data 62. At block 116, registration module 40 sends to BIOS 14 or otherwise causes to be stored in BIOS 14 TPM user key 50 and user identification data 60.] and: as soon as the OS starts to operate; or upon receiving the response from a server; or at an end of a session; or during a shut-down procedure of the electronic device. [Anson: Fig.2, [0033] method 200 for invoking BIOS setup in an information handling system (e.g., information handling system 102) [ [0037] in response to validation of credentials…..]
Regrading Claim 12 the combination Wang and Anson teaches: prior to the boot process, setting up the electronic device so that a correct response is in the mailbox. [[0019]-[0020] At block 110, registration module 40 receives TPM authentication data 62 from the user. At block 114, TPM 16 generates TPM user key 50 based on the TPM authentication data 62. At block 116, registration module 40 sends to BIOS 14 or otherwise causes to be stored in BIOS 14 TPM user key 50 and user identification data 60.]
Claims 13 and 16 are having similar limitations to that of the apparatus of claim 1. Accordingly, claims 13 and 16 are rejected under a similar rational as that of claim 1 above.
Regrading Claim 14 Wang teaches: the mailbox is a unified extensible firmware interface (UEFI) variable, a file in an extensible firmware interface (EFI) partition, a hardware register, or a trusted platform module (TPM) memory. [[0012] a trusted platform module (TPM) 16; TPM boot module 30 cooperates with TPM 16 to provide a secure boot process for a computer system using cryptographic properties of TPM 16.]
Regrading Claim 15 Wang teaches: obtain the response from a server; or generate the response using a private key of a key pair, for which the FW agent has a public key. [[0012] system 10 may be implemented in any of a variety of types of computing devices or systems including, but not limited to, a personal or desktop computer, personal digital assistant (PDA), notebook or laptop computer, tablet, workstation, and server. [[0019]-[0020] At block 110, registration module 40 receives TPM authentication data 62 from the user. At block 114, TPM 16 generates TPM user key 50 based on the TPM authentication data 62. At block 116, registration module 40 sends to BIOS 14 or otherwise causes to be stored in BIOS 14 TPM user key 50 and user identification data 60.]
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ZAHID CHOUDHURY whose telephone number is (571)270-5153. The examiner can normally be reached Monday-Friday.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Andrew J Jung can be reached at 571-270-3779. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/ZAHID CHOUDHURY/Primary Examiner, Art Unit 2175