Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 08/16/2024 appears to be in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.
Claim Objections
Claims 1, is objected to because of the following informalities: Claim 1 recites “improving data security in a computing,” (lines 1-2), “the rich executing,”(line 21), and “data in the shared;” (line 24). Claim 1 further recites “computing device”, “rich executing environment”, and “shared memory”. Appropriate correction is required. In the following rejection, the examiner construes the claim limitations “improving data security in a computing,”, “the rich executing,”, and “data in the shared;” to mean “improving data security in a computing device,”, “the rich executing environment”, and “data in the shared memory”, respectively, as further recited in claim 1 and as disclosed within the specification.
Claims 8, 9,11-13, 18 and 19 are objected to for intended use recitation (e.g. claim 8, last line, …is adapted to perform the method….” Claim 18, “…the field-programmable gate array is adapted to perform…”). The use of the intended use terms suggests or makes optional the steps following the terms. Language that suggests or makes optional but does not require steps to be performed or does not limit a claim to a particular structure does not limit the scope of a claim or claimed limitations (See MPEP § 2106 and MPEP § 2111.04).
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
Claim 7 is rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention.
Regarding claim 7, the phrase "preferably" renders the claim indefinite because it is unclear whether the limitations following the phrase are part of the claimed invention. See MPEP § 2173.05(d).
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claim 14 is rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter. The claim(s) does/do not fall within at least one of the four categories of patent eligible subject matter because claim 14 recites a computer program, which can be interpreted as software per se.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim(s) 1-19 is/are rejected under 35 U.S.C. 103 as being unpatentable over CHEN (US 20200250302 A1), hereafter CHEN, in view of ROGERS (US 20230297696 A1), hereafter ROGERS.
Regarding claim 1, CHEN teaches:
A computer-implemented method for improving data security in a computing ([0006] "This application provides a computer system, a terminal device, a security control method applied to the computer system and the terminal device, and the like, to improve security of the terminal device or another type of computer system.”), the computing device including a computer system with a processor for executing computer instructions and a physical memory accessible to the processor([0048] “According to a fifth aspect, this application further provides a computer system. A hardware layer of the computer system includes a tracer, a processor, and a memory. The computer system can be logically divided into a first domain and a second domain. The processor is configured to: read a computer readable instruction from the memory, and execute the computer readable instruction, to start the tracer and execute a program in the first domain.”), the computer system being configured as an implementation of a computer architecture suitable for switching between a trusted execution environment for executing a trusted computing process and a rich execution environment for executing a client computing process corresponding to the trusted computing process([0004] “The TEE can ensure that sensitive data is stored, processed, and protected in the trusted environment, and provides a secure execution environment for an authorized trusted application (trusted application, TA). A client application (client application, CA) (also referred to as a normal application) runs in the REE.”, [0097] “When the SMC calling module 220 sends the trigger message to the audit module 240, switching from the REE to the TEE is required.”), wherein an access of the rich execution environment on the trusted execution environment is restricted and/or secured([0004] “The CA accesses the TA by calling an application programming interface (application programming interface, API) of a TEE client in the REE, to use a security function provided by the TEE and the TA.”), wherein the rich execution environment and the trusted execution environment respectively are switchable between a user mode in which execution of one or more selected computer instructions for accessing the physical memory is restricted and/or secured, and a kernel mode in which execution of said computer instructions is unrestricted and/or unsecured([0019] “In some implementations, the first domain and the second domain are respectively an insecure world and a secure world (which may also be construed as a REE and a TEE) that are based on TrustZone.”, [0090] “The terminal device 200 includes two domains: a rich execution environment (rich execution environment, REE) and a trusted execution environment (trusted execution environment, TEE). A Linux® operating system and a TEE-side operating system (for example, an open-source OP-TEE operating system) respectively run in the two domains. The Linux® operating system and the TEE OS each are divided into two states: a user mode and a kernel mode.”), wherein the rich execution environment and the trusted execution environment commonly use a shared memory of the physical memory, the shared memory providing a communication channel including related process data for communication between the client computing process and the trusted computing process([0119] “Specifically, when a CA on the REE side performs cross-domain calling, the CA usually stores, in shared memory, a PID of a process of the CA, an identifier and a parameter of a TA that the CA expects to call, and the like. In this way, a module on the TEE side can obtain, from the shared memory, a value of the PID of the process.”), the method comprising: a) by the computing device, providing a restricted memory, wherein the access to the restricted memory is restricted and/or secured with respect to the processor([0162] “It should be noted that an EL is an abbreviation for an exception level, and is a concept in ARM®. In a manner, the EL0 may be construed as a user mode, the EL1 is construed as a kernel mode, the EL2 is a hypervisor, and an EL3 is a secure mode. The EL2 can control access to physical memory from the EL0 and the EL1. In the foregoing embodiment, it means that a page table is configured at the EL2, so that accessing a physical memory address of the register of the CoreSight 270 from the EL0 and the EL1 is restricted.”); b) by the computer system, upon receiving a computer instruction for switching from the user mode to the kernel mode inside the rich execution ([0014] “The automaton may respond to an external input (for example, an event), to switch from a state to another state.”, [0090] “The Linux® operating system and the TEE OS each are divided into two states: a user mode and a kernel mode.”)
Further regarding claim 1, CHEN teaches the limitations previously demonstrated, but does not appear to explicitly teach the following limitations demonstrated by ROGERS:
to perform the following: α) transferring the related process data ([0089] “In one or more embodiments, the GPU 104 may be required to reset in order to switch the GPU 104 from non-secure to secure mode, or from secure mode to non-secure mode.”, [0150] “For example, the secure processor 146 may cause the GPU 104 to perform a reset. After the GPU 104 is reset, the system 100 may delete, clean, and/or scrub data from GPU memory, such as the memory 334 and/or GPU state data (as described herein). In at least one embodiment, all contents of GPU memory is deleted. In at least one embodiment, the secure processor 146 and/or GPU firmware (e.g., after reset) scrubs and/or deletes the contents of the GPU memory and a GPU copy of the shared cryptographic key(s) 168 to ensure data generated within the composite TEE 150 is not exposed. In at least one embodiment, scrubbing and/or deleting the contents of the GPU memory may include deleting the contents of one or more protected region(s) 336. In at least one embodiment, scrubbing completes before the memory 334 is made visible on the system bus 320.”).
Since CHEN and ROGERS are from the same field of endeavor as both are directed to secure transmission between computing domains, which is within the same field of endeavor as the claimed invention, it would have been obvious to one of ordinary skilled in the art before the effective filing date of the claimed invention to modify and combine the teachings of CHEN and ROGERS by incorporating the teachings of ROGERS into CHEN. The motivation to combine is to improve secure cross-domain transmission and verification thereof. (CHEN [AB]; ROGERS [AB]). This motivation is equally applicable for rejections hereafter.
Regarding claim 2, CHEN-ROGERS teaches:
The method according to claim 1, further comprising: d) by the computer system, upon receiving a computer instruction for switching from the kernel mode of the trusted execution environment to the kernel mode of the rich execution environment, triggering the computing device to perform step α); and e) by the computing device, performing step α)(CHEN [0014] “The automaton may respond to an external input (for example, an event), to switch from a state to another state.”, [0090] “The Linux® operating system and the TEE OS each are divided into two states: a user mode and a kernel mode.”, ROGERS [0089] “In one or more embodiments, the GPU 104 may be required to reset in order to switch the GPU 104 from non-secure to secure mode, or from secure mode to non-secure mode.”, [0150] “For example, the secure processor 146 may cause the GPU 104 to perform a reset. After the GPU 104 is reset, the system 100 may delete, clean, and/or scrub data from GPU memory, such as the memory 334 and/or GPU state data (as described herein). In at least one embodiment, all contents of GPU memory is deleted. In at least one embodiment, the secure processor 146 and/or GPU firmware (e.g., after reset) scrubs and/or deletes the contents of the GPU memory and a GPU copy of the shared cryptographic key(s) 168 to ensure data generated within the composite TEE 150 is not exposed. In at least one embodiment, scrubbing and/or deleting the contents of the GPU memory may include deleting the contents of one or more protected region(s) 336. In at least one embodiment, scrubbing completes before the memory 334 is made visible on the system bus 320.”).
Regarding claim 3, CHEN-ROGERS teaches:
The method according to claim 1, further comprising: f) storing a physical location for localizing the communication channel in the physical memory and clearing the related process data in the shared memory by localizing the communication channel in the physical memory based on the physical location(ROGERS [0055] “For example, the hypervisor 118 may write data through an out of band (OOB) channel to a memory location(s) in a programmable read-only memory (PROM), such as an electrically erasable programmable read-only memory (EEPROM) attached to the GPU 104 (e.g., non-volatile memory).”, [0056] “the hypervisor 118 may again use the communication channel(s) 162 to indicate to the GPU 104 to exit the secure execution mode and/or the confidential compute mode on the next reset (e.g., by writing data in the PROM).”).
Regarding claim 4, CHEN-ROGERS teaches:
The method according to claim 1, further comprising: g) by the computer system, upon receiving a computer instruction for switching from the kernel mode to the user mode inside the rich execution environment, triggering the computing device to perform the following: β) transferring the related process data from the restricted memory into the communication channel of the shared memory by identifying the client computing process in the rich execution environment; and h) by the computing device, performing step β)(CHEN [0004] “A client application (client application, CA) (also referred to as a normal application) runs in the REE. The CA accesses the TA by calling an application programming interface (application programming interface, API) of a TEE client in the REE, to use a security function provided by the TEE and the TA.”, [0119] “Specifically, when a CA on the REE side performs cross-domain calling, the CA usually stores, in shared memory, a PID of a process of the CA, an identifier and a parameter of a TA that the CA expects to call, and the like.”).
Regarding claim 5, CHEN-ROGERS teaches:
The method according to claim 1, further comprising: i) by the computer system, upon receiving a computer instruction for switching from the kernel mode of the rich execution environment to the kernel mode of the trusted execution environment, triggering the computing device to perform the following: β) transferring the related process data from the restricted memory into the communication channel of the shared memory by identifying the client computing process in the rich execution environment; and j) by the computing device, performing step β) (CHEN [0004] “A client application (client application, CA) (also referred to as a normal application) runs in the REE. The CA accesses the TA by calling an application programming interface (application programming interface, API) of a TEE client in the REE, to use a security function provided by the TEE and the TA.”, [0119] “Specifically, when a CA on the REE side performs cross-domain calling, the CA usually stores, in shared memory, a PID of a process of the CA, an identifier and a parameter of a TA that the CA expects to call, and the like.”, [0019] “In some implementations, the first domain and the second domain are respectively an insecure world and a secure world (which may also be construed as a REE and a TEE) that are based on TrustZone” [0075] “Alternatively, the first operating system and the second operating system may be two different states of a same operating system, for example, a user mode and a kernel mode. In other words, the first domain and the second domain are two states of a same operating system.” [0090] “The terminal device 200 includes two domains: a rich execution environment (rich execution environment, REE) and a trusted execution environment (trusted execution environment, TEE).”).
Regarding claim 6, CHEN-ROGERS teaches:
The method according to claim 4, further comprising: k) storing a process identifier for identifying the client computing process in the rich execution environment and identifying the client computing process in the rich execution environment based on the process identifier(CHEN [0119] “Specifically, when a CA on the REE side performs cross-domain calling, the CA usually stores, in shared memory, a PID of a process of the CA, an identifier and a parameter of a TA that the CA expects to call, and the like. In this way, a module on the TEE side can obtain, from the shared memory, a value of the PID of the process. The audit module 240 searches for an automaton instance whose identifier is the value of the PID (S708). If the automaton instance does not exist (S709), the current audit fails. If the automaton instance exists (S709), the audit module 240 determines whether the automaton instance is currently in a state with an attribute “termination” (briefly referred to as a termination state). If yes, the audit succeeds”).
Regarding claim 7, CHEN-ROGERS teaches:
The method according to claim 1, further comprising: l) monitoring an integrity of a computer instruction for triggering the computing device to transfer the related process data into or out of the restricted memory (CHEN [0012] “Data flow: A data flow represents a data read/write procedure of a program, and includes data in the procedure. The data flow may be directly or indirectly represented as a data read/write event sequence of the program. In some embodiments of this application, data included in the read/write event sequence is audited to ensure system security.”, [0018] “A tracer is further deployed in the terminal device, to implement integrity audit on a control flow of the program together with the control flow module and the audit module.”), preferably by calculating a hash of said computer instruction, and transferring the related process data into or out of the restricted memory based on the monitored integrity(CHEN [0027] “The audit module is specifically configured to: obtain the hash value H1; obtain a hash value H2 through calculation based on the random number RX and the text segment included in the second domain; compare H1 with H2; and when H1 is the same as H2 and other to-be-audited information matches the audit rule, determine that the audit succeeds.", [0039] “After the audit method is applied to security control, a next operation is allowed after the audit succeeds.”).
Regarding claim 8, CHEN-ROGERS teaches:
A computing device including a computer system with a processor for executing computer instructions and a physical memory accessible to the processor, the computer system being configured as an implementation of a computer architecture suitable for switching between a trusted execution environment for executing a trusted computing process and a rich execution environment for executing a client computing processwherein the computing device provides a restricted memory, wherein the access to the restricted memory is restricted and/or secured with respect to the processor, and wherein the computing device is adapted to perform the method according to claim 1(CHEN [0006] “This application provides a computer system, a terminal device, a security control method applied to the computer system and the terminal device, and the like, to improve security of the terminal device or another type of computer system.”, [0048] “According to a fifth aspect, this application further provides a computer system. A hardware layer of the computer system includes a tracer, a processor, and a memory. The computer system can be logically divided into a first domain and a second domain. The processor is configured to: read a computer readable instruction from the memory, and execute the computer readable instruction, to start the tracer and execute a program in the first domain. The hardware tracer is configured to: when the program is executed, collect to-be-audited information related to the program.”).
Regarding claim 9, CHEN-ROGERS teaches:
The computing device according to claim 8, wherein hardware of the computing device is adapted to perform one, several or all of the following: α) transferring the related process data from the shared memory into the restricted memory by clearing the related process data in the shared memory; and/or β) transferring the related process data from the restricted memory into the communication channel of the shared memory by identifying the client computing process in the rich execution environment; and/or f) storing a physical location for localizing the communication channel in the physical memory and clearing the related process data in the shared memory by localizing the communication channel in the physical memory based on the physical location(CHEN [0048] “According to a fifth aspect, this application further provides a computer system. A hardware layer of the computer system includes a tracer, a processor, and a memory. The computer system can be logically divided into a first domain and a second domain. The processor is configured to: read a computer readable instruction from the memory, and execute the computer readable instruction, to start the tracer and execute a program in the first domain. The hardware tracer is configured to: when the program is executed, collect to-be-audited information related to the program.”).
Regarding claim 10, CHEN-ROGERS teaches:
The computing device according to claim 8, wherein the computing device includes a field-programmable gate array providing the restricted memory(CHEN [0244] “In the hardware implementation, implementations of this application may be implemented by using at least one of electronic units such as an application-specific integrated circuit (application-specific integrated circuit, ASIC), a digital signal processor (digital signal processor, DSP), a programmable logic device (programmable logic device, PLD), a field programmable gate array (field programmable gate array, FPGA),”).
Regarding claim 11, CHEN-ROGERS teaches:
The computing device according to claim 9, wherein the field-programmable gate array is adapted to perform one, several or all of the steps α), β), f), k), and/or l) (CHEN [0244] “In the hardware implementation, implementations of this application may be implemented by using at least one of electronic units such as an application-specific integrated circuit (application-specific integrated circuit, ASIC), a digital signal processor (digital signal processor, DSP), a programmable logic device (programmable logic device, PLD), a field programmable gate array (field programmable gate array, FPGA),”).
Regarding claim 12, CHEN-ROGERS teaches:
The computing device according to claim 8, wherein software of the computing device is adapted for triggering the computing device to perform the step α) and/or β) (CHEN [0037] “In some implementations, trigger instructions are inserted at a plurality of locations in the program, to trigger the tracer to collect control flow information at a specific location.”).
Regarding claim 13, CHEN-ROGERS teaches:
The computing device according to claim 11, wherein the computer system is adapted for triggering the field-programmable gate array to perform the step α) and/or β)(CHEN [0037] “In some implementations, trigger instructions are inserted at a plurality of locations in the program, to trigger the tracer to collect control flow information at a specific location.”, [0244] “In the hardware implementation, implementations of this application may be implemented by using at least one of electronic units such as an application-specific integrated circuit (application-specific integrated circuit, ASIC), a digital signal processor (digital signal processor, DSP), a programmable logic device (programmable logic device, PLD), a field programmable gate array (field programmable gate array, FPGA)”).
Regarding claim 14, claim 14 recites substantially similar limitations as claim 1, but for recitation in the form of a computer program. Accordingly, claim 14 is rejected for similar reasoning and rationale as claim 1. CHEN-ROGERS further teaches:
A computer program comprising instructions which, when the program is executed by a computing device including a computer system with a processor for executing computer instructions and a physical memory accessible to the processor, the computer system being configured as an implementation of a computer architecture suitable for switching between a trusted execution environment for executing a trusted computing process and a rich execution environment for executing a client computing process corresponding to the trusted computing process, wherein an access of the rich execution environment on the trusted execution environment is restricted and/or secured, wherein the rich execution environment and the trusted execution environment respectively are switchable between a user mode in which execution of one or more selected computer instructions for accessing the physical memory is restricted and/or secured, and a kernel mode in which execution of said computer instructions is unrestricted and/or unsecured, wherein the rich execution environment and the trusted execution environment commonly use a shared memory of the physical memory, the shared memory providing a communication channel including related process data for communication between the client computing process and the trusted computing process, wherein the computing device provides a restricted memory, wherein the access to the restricted memory is restricted and/or secured with respect to the processor, cause the computing device to carry out the method according to claim 1(CHEN [0047] “According to a fourth aspect, this application further provides a computer program product. The computer program product includes a computer readable instruction. When the computer readable instruction is executed by one or more processors, the computer readable instruction is used to implement any one of the foregoing methods.”).
Regarding claim 15, claim 15 recites substantially similar limitations as claim 1, but for recitation in the form of a non-transitory computer-readable medium. Accordingly, claim 15 is rejected for similar reasoning and rationale as claim 1. CHEN-ROGERS further teaches:
A non-transitory computer-readable storage medium having stored thereon the computer program according to claim 14(ROGERS [0210] “The computer-storage media may include both volatile and nonvolatile media and/or removable and non-removable media implemented in any method or technology for storage of information such as computer-readable instructions, data structures, program modules, and/or other data types. For example, the memory 1704 may store computer-readable instructions (e.g., that represent a program(s) and/or a program element(s), such as an operating system. Computer-storage media may include, but is not limited to, RAM, ROM, EEPROM, flash memory or other memory technology, CD-ROM, digital versatile disks (DVD) or other optical disk storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, or any other medium which may be used to store the desired information and which may be accessed by computing device 1700. As used herein, computer storage media does not comprise signals per se.”).
Regarding claim 16, CHEN-ROGERS teaches:
The method according to claim 5, further comprising: k) storing a process identifier for identifying the client computing process in the rich execution environment (CHEN [0119] “Specifically, when a CA on the REE side performs cross-domain calling, the CA usually stores, in shared memory, a PID of a process of the CA, an identifier and a parameter of a TA that the CA expects to call, and the like.”)and identifying the client computing process in the rich execution environment based on the process identifier(CHEN [0078] “The information (referred to as to-be-audited information below) may include one or more types of the following information: control flow information that is related to code running and that is used for control flow audit…a process ID (process identification, PID) that is used to identify the to-be-protected program in parallel audit).
Regarding claim 17, CHEN-ROGERS teaches:
The computing device according to claim 9, wherein the computing device includes a field-programmable gate array providing the restricted memory (CHEN [0244] “In the hardware implementation, implementations of this application may be implemented by using at least one of… a field programmable gate array (field programmable gate array, FPGA)”).
Regarding claim 18, CHEN-ROGERS teaches:
The computing device according to claim 10, wherein the field-programmable gate array is adapted to perform one, several or all of the steps α), β), f), k), and/or l) (CHEN [0244] “In the hardware implementation, implementations of this application may be implemented by using at least one of… a field programmable gate array (field programmable gate array, FPGA)”).
Regarding claim 19, CHEN-ROGERS teaches:
The computing device according to claim 12, wherein the computer system is adapted for triggering the field-programmable gate array to perform the step α) and/or β) (CHEN [0244] “In the hardware implementation, implementations of this application may be implemented by using at least one of… a field programmable gate array (field programmable gate array, FPGA)”, [0037] “In some implementations, trigger instructions are inserted at a plurality of locations in the program, to trigger the tracer to collect control flow information at a specific location.”).
Conclusion
The prior art made of record and not relied upon is considered pertinent to the applicant’s disclosure:
US 20250036750 A1, CRONHOLM; Paul discloses a method prevents fraudulent use by cloning of a trusted application (TA) executable in a secure execution environment (SEE) of a host device (HD). According to the method, the trusted application (TA) starts (310; 406) in a locked mode in which access to protected functionality and data of the trusted application (TA) is prohibited (312). The trusted application performs a handshake procedure (320; 400) with a computerized backend resource (BE) to verify that a current execution state of the trusted application (TA) has not already been occupied by another instance of the trusted application (TA). Only upon successful verification by the handshake procedure (320; 400) will the trusted application (TA) switch (330; 432) to an unlocked mode in which access to the protected functionality and data is permitted (332).
US 20050055524 A1, Gulick, Dale E. discloses a computer system includes a processor which may initialize a secure execution mode by executing a security initialization instruction. Further, the processor may operate in the secure execution mode by executing a secure operating system code segment. The computer system also includes a system memory configured to store data in a plurality of locations. The computer system also includes a memory controller which may selectively clear the data from a programmed range of the memory locations of the system memory when enabled in response to a reset of the processor.
US 20230412388 A1, LEE; Jongin discloses an electronic device for performing hash authentication on a neural network, and an operating method therefor are disclosed. The disclosed electronic device comprises: a processor and a memory having at least one instruction executable by the processor. If at least one instruction is executed by the processor, the processor can be configured to: generate a hash value on the basis of parameters of a neural network used for an application to be executed, determine whether the generated hash value matches the pre-stored reference hash value in the security area of the processor, and approve the loading of the neural network in response to whether the generated hash value matches the reference hash value in the general area of the processor.
US 20230333935 A1, CHEN; Jianguo discloses This application provides a quick start method. When a software fault occurs in a device, a restart request is called through a customized interface that complies with an instruction set specification, to indicate firmware to restart system software; and an image of the system software such as an operating system, a hypervisor, or a Trusted Execution Environment (TEE) is loaded to restart the system software, without resetting hardware. This skips a hardware initialization process, and shortens time required for restarting the device. When a hardware fault occurs in the device, a suspend request is triggered to indicate to freeze a process of system software, and indicate firmware to store a snapshot of status information of a hardware device and perform a hardware reset operation. After the hardware is reset, the hardware device is restored to a status before reset based on the snapshot.
US 20240078307 A1, JANG; Jinsoo discloses an apparatus for reinforcing security of a mobile trusted execution environment, and relates to an apparatus for reinforcing security of a mobile trusted execution environment for constructing a general-purpose trusted execution environment. According to an embodiment of the present invention, a technology available for a general purpose in a mobile device operating on the basis of an ARM architecture has effects of configuring a trusted execution environment for guaranteeing safe execution of an application without depending on an existing commercial security technology, and of configuring a mobile trusted execution environment by using a write area execution prevention function and a debugging watchpoint, which are general-purpose hardware functions.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Kamryn Gillespie whose telephone number is 703-756-5498. The examiner can normally be reached on Monday through Thursday from 9am to 6pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Linglan Edwards can be reached on (571) 270-5440. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/K.J.G./Examiner, Art Unit 2408
/LINGLAN EDWARDS/Supervisory Patent Examiner, Art Unit 2408