DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Information Disclosure Statement
The information disclosure statements (IDS) submitted on 10/17/2024, 11/20/2024 and 02/11/2025 are in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.
Claim Interpretation
The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.
The following is a quotation of pre-AIA 35 U.S.C. 112, sixth paragraph:
An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.
The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art. The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the description in the specification when 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, is invoked.
As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph:
(A) the claim limitation uses the term “means” or “step” or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function;
(B) the term “means” or “step” or the generic placeholder is modified by functional language, typically, but not always linked by the transition word “for” (e.g., “means for”) or another linking word or phrase, such as “configured to” or “so that”; and
(C) the term “means” or “step” or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function.
Use of the word “means” (or “step”) in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites sufficient structure, material, or acts to entirely perform the recited function.
Absence of the word “means” (or “step”) in a claim creates a rebuttable presumption that the claim limitation is not to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is not interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites function without reciting sufficient structure, material or acts to entirely perform the recited function.
Claim limitations in this application that use the word “means” (or “step”) are being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. Conversely, claim limitations in this application that do not use the word “means” (or “step”) are not being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action.
This application includes one or more claim limitations that do not use the word “means,” but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, because the claim limitation(s) uses a generic placeholder that is coupled with functional language without reciting sufficient structure to perform the recited function and the generic placeholder is not preceded by a structural modifier. Such claim limitation(s) is/are:
“an authentication processing unit”, “a startup processing unit”, and “a restriction processing unit” in claim 1.
Because this/these claim limitation(s) is/are being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, it/they is/are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof.
If applicant does not intend to have this/these limitation(s) interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, applicant may: (1) amend the claim limitation(s) to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph (e.g., by reciting sufficient structure to perform the claimed function); or (2) present a sufficient showing that the claim limitation(s) recite(s) sufficient structure to perform the claimed function so as to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
Claim(s) 1-6 is/are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention.
With respect to claim 1, the Examiner notes that the term “startup program” appears multiple times in the paragraph beginning with “a startup processing unit,” including once as “the unauthorized startup program” and twice as “the startup program.” As written, it is unclear whether these references are intended to refer to the same startup program or to different startup programs under different condition. For purposes of examination, the Examiner interprets the phrase “the unauthorized startup program” as indicating a state or condition of a startup program’s authenticity, rather than a distinct startup program. Under this interpretation, the remaining references to “the startup program” in the same paragraph are construed as referring to the same startup program. Accordingly, the Examiner construes the paragraph as reciting that a startup program acquired from a provider not included in the trust list (implying that the acquired startup program can be unauthorized) is executed, and that even in this case, that startup program is confirmed as valid by the authentication processing unit (though the source of the startup program can be untrustful), so that the chain information is updated to indicate that an unauthorized startup program has been executed, based on the startup program’s untrusted source.
Allowable Subject Matter
Claim(s) 1-6 is/are allowed.
The following is a statement of reasons for the indication of allowable subject matter:
Regarding claim 1, the prior art of record (Callaghan et al., US-20180365424-A1 (hereinafter “Callaghan ‘424”) in view of NELSON et al., US-20210373903-A1 (hereinafter “NELSON ‘903”)) does not disclose: “a startup processing unit that changes the chain information stored in the chain information storage unit to information indicating that the unauthorized startup program has been executed when the startup program acquired from a provider not included in the trust list stored in the trust list storage unit has been executed in secure boot processing for executing the startup program whose validity has been confirmed by the authentication processing unit” in the recited context.
Rather, Callaghan ‘424 discloses that upon booting of the service processor, a secure boot process is performed using secure boot firmware and software (the startup program). A secure trusted dedicated microprocessor serves as a root of trust and records a hash chain of measurements (the chain information) of the operating system, and security-relevant state information. During the boot process, these measurements are captured and stored in protected registers before the execution of the software. The resulting measurement chain provides an accurate record of the software loaded on the service processor. The recorded measurements are later securely transmitted to a verification system as an attestation of the current security state of the service processor. This reference describes reading and verifying “the chain information” during a “secure boot processing”; however, it is silent as to checking the “startup program” against the “trust list” to determine the “validity” of the “startup program” and subsequently updating the “chain information” with an unauthorized status.
To this, NELSON ‘903 adds that during the boot, the BIOS (the startup program) determines whether a configuration change has occurred in a current or prior boot session based on an event log change flag (the chain information). Upon detecting a BIOS configuration change, the BIOS records the changed configuration, and further generates a fingerprint of a BIOS event log and stores both the event log and its fingerprint. If a prior change is indicated, a new event log is appended to the existing log and a new fingerprint is generated – changes the chain information. The event log change flag is reset to reflect whether a BIOS configuration change occurred in the current boot session, thereby enabling tracking of short-term BIOS configuration changes. It teaches changing the “chain information” during a BIOS boot process by adding an event log flag in response to a BIOS configuration change. However, the reference fails to teach acquiring the “startup program” from the “trust list” and confirming the “validity ”of the startup program.
For the reasons described above, the prior art of record does not disclose, with respect to claim(s) 5-6, features corresponding to those of claim 1 in the respective context(s).
Dependent claims 2-4 are allowed in view of their respective dependence from claims.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SANGSEOK PARK whose telephone number is (571)272-4332. The examiner can normally be reached Monday-Friday 7:30-5:30 and Alternate Fridays 9:00 am-5:00 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, PHILIP CHEA can be reached at (571)272-3951. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/SANGSEOK PARK/Primary Examiner, Art Unit 2499