Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
Claims 1-20 are pending in Instant Application.
Priority
Examiner acknowledges Applicant’s claim to priority benefits of U.S. Patent 12164639 filed 03/21/2022.
Double Patenting
A rejection based on double patenting of the "same invention" type finds its support in the language of 35 U.S.C. 101 which states that "whoever invents or discovers any new and useful process ... may obtain a patent therefor ..." (Emphasis added). Thus, the term "same invention," in this context, means an invention drawn to identical subject matter. See Miller v. Eagle Mfg. Co., 151 U.S. 186 (1894); In re Ockert, 245 F.2d 467, 114 USPQ 330 (CCPA 1957); and In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970).
A statutory type (35 U.S.C. 101) double patenting rejection can be overcome by canceling or amending the conflicting claims so they are no longer coextensive in scope. The filing of a terminal disclaimer cannot overcome a double patenting rejection based upon 35 U.S.C. 101.
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory obviousness-type double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); and In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on a nonstatutory double patenting ground provided the conflicting application or patent either is shown to be commonly owned with this application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement.
Effective January 1, 1994, a registered attorney or agent of record may sign a terminal disclaimer. A terminal disclaimer signed by the assignee must fully comply with 37 CFR 3.73(b).
Claim, 1-20 rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-20 of U.S. Patent No. 12164639. Although the claims at issue are not identical, they are not patentably distinct from each other.
U.S. Patent. 12164639
Instant Application
A computing device quarantine action system, comprising:
a computing device including a plurality of computing device components; and
a Basic Input/Output System (BIOS) subsystem that is included in the computing device, coupled to the plurality of computing device components, and; configured to provide a BIOS that operates to:
determine, during an initialization process, a current computing device component inventory of the plurality of computing device components included in the computing device;
measure, during the initialization process, a current computing device functionality of each of the plurality of computing device components;
identify at least one computing device change between at least one of: a reference computing device component inventory and the current computing device component inventory; and reference computing device functionalities and the current computing device component functionalities determined for each of the plurality of computing device components;
generate, based in the at least one computing device change, a Quarantine Action Metric (QAM); and
perform, based on the QAM, at least one quarantine action associated with the computing device.
1. A computing device quarantine action system, comprising:
a computing device including a plurality of computing device components; and
a Basic Input/Output System (BIOS) subsystem that is included in the computing device, that is coupled to the plurality of computing device components, and that is configured, during an initialization process for the computing device, to:
measure a current computing device component functionality of each of the plurality of computing device components;
identify a computing device component functionality change between a first reference computing device component functionality for a first computing device component included in the plurality of computing device components and a first current computing device component functionality measured for the first computing device component;
identify an action to perform when the computing device component functionality change is identified for the first computing device component; and
perform the action.
3. The system of claim 1, wherein the at least one quarantine action includes: halting the initialization process to prevent transition of the computing device to a runtime state.
2. The system of claim 1, wherein the action includes: halting the initialization process to prevent transition of the computing device to a runtime state.
4. (Original) The system of claim 1, wherein the at least one quarantine action includes: providing, for display on a display device coupled to the computing device, information that describes the at least one computing device change; and requesting authorization to proceed with the initialization process.
3. The system of claim 1, wherein the action includes: providing, for display on a display device coupled to the computing device, information that describes the computing device component functionality change; and requesting authorization to proceed with the initialization process.
5. (Currently Amended) The system of claim 4, wherein the BIOS subsystem is configured to provide the BIOS that operates to: receive the authorization to proceed with the initialization process; and modify, in response to receiving the authorization to proceed with the initialization process, the at least one of the reference computing device component inventory and the reference computing device functionalities to include the at least one of the current computing device component inventory and the current computing device component functionalities that provided the at least one computing device change.
4. The system of claim 3, wherein the BIOS subsystem is configured to: receive the authorization to proceed with the initialization process; and modify, in response to receiving the authorization to proceed with the initialization process, the first reference computing device component functionality to include the first current computing device component functionality.
6. (Original) The system of claim 1, wherein the at least one quarantine action includes: reconfiguring the computing device to provide the computing device in a previous state in which no computing device changes were identified relative to the reference computing device component inventory and the reference computing device functionalities.
5. The system of claim 1, wherein the action includes: reconfiguring the computing device to provide the computing device in a previous state in which no computing device component functionality changes were identified relative to the first reference computing device component functionality.
6. The system of claim 1, wherein the first reference computing device component functionality is identified in a Platform Configuration Register 1 (PCR1) certificate.
7. (Currently Amended) An Information Handling System (IHS), comprising: a processing system; and a memory system that is coupled to the processing system and that includes instructions that, when executed by the processing system, cause the processing system to provide a Basic Input/Output System (BIOS) engine that is configured to provide a BIOS that operates to: determine, during an initialization process, a current computing device component inventory of a plurality of computing device components included in a computing device; measure, during the initialization process, a current computing device functionality of each of the plurality of computing device components; identify at least one computing device change between at least one of: a reference computing device component inventory and the current computing device component inventory; and reference computing device functionalities and the current computing device component functionalities determined for each of the plurality of computing device components; generate, based in the at least one computing device change, a Quarantine Action Metric (QAM); and perform, based on the QAM, at least one quarantine action associated with the computing device.
7. An Information Handling System (IHS), comprising: a processing system; and a memory system that is coupled to the processing system and that includes instructions that, when executed by the processing system, cause the processing system to provide a Basic Input/Output System (BIOS) engine that is configured, during an initialization process for the IHS, to: measure a current component functionality of each of a plurality of components that are coupled to the processing system; identify a component functionality change between a first reference component functionality for a first component included in the plurality of components and a first current component functionality measured for the first component; identify an action to perform when the component functionality change is identified for the first component; and perform the action.
9. (Original) The IHS of claim 7, wherein the at least one quarantine action includes: halting the initialization process to prevent transition of the computing device to a runtime state.
8. The IHS of claim 7, wherein the action includes: halting the initialization process to prevent transition of the IHS to a runtime state.
10. (Original) The IHS of claim 7, wherein the at least one quarantine action includes: providing, for display on a display device coupled to the computing device, information that describes the at least one computing device change; and requesting authorization to proceed with the initialization process.
9. The IHS of claim 7, wherein the action includes: providing, for display on a display device coupled to the processing system, information that describes the component functionality change; and requesting authorization to proceed with the initialization process.
11. (Currently Amended) The IHS of claim 10, wherein the BIOS engine is configured to provide the BIOS that operates to: receive the authorization to proceed with the initialization process; and modify, in response to receiving the authorization to proceed with the initialization process, the at least one of the reference computing device component inventory and the reference computing device functionalities to include the at least one of the current computing device component inventory and the current computing device component functionalities that provided the at least one computing device change.
10. The IHS of claim 9, wherein the BIOS engine is configured to: receive the authorization to proceed with the initialization process; and modify, in response to receiving the authorization to proceed with the initialization process, the first reference component functionality to include the first current component functionality.
12. (Original) The IHS of claim 7, wherein the at least one quarantine action includes: reconfiguring the computing device to provide the computing device in a previous state in which no computing device changes were identified relative to the reference computing device component inventory and the reference computing device functionalities.
11. The IHS of claim 7, wherein the action includes: reconfiguring the IHS to provide the IHS in a previous state in which no component functionality changes were identified relative to the first reference component functionality.
13. (Original) The IHS of claim 7, wherein the reference computing device component inventory is identified in a Platform Certificate Profile (PCP) certificate, and wherein the reference computing device functionalities are identified in a Platform Configuration Register 1 (PCR1) certificate.
12. The IHS of claim 7, wherein the first reference component functionality is identified in a Platform Configuration Register 1 (PCR1) certificate.
13. The IHS of claim 7, wherein the measuring of the current component functionality of each of the plurality of components is performed using a Platform Configuration Register 1 (PCR1) attestation handler immediately prior to a Transient System Load (TSL) phase in the initialization process.
14. A method for performing quarantine actions on a computing device, comprising: determining, by a BIOS during an initialization process, a current computing device component inventory of a plurality of computing device components included in a computing device; measuring, by the BIOS during the initialization process, a current computing device functionality of each of the plurality of computing device components; identifying, by the BIOS, at least one computing device change between at least one of: a reference computing device component inventory and the current computing device component inventory; and reference computing device functionalities and the current computing device component functionalities determined for each of the plurality of computing device components; generating, by the BIOS based in the at least one computing device change, a Quarantine Action Metric (QAM); and performing, by the BIOS based on the QAM, at least one quarantine action associated with the computing device.
14. A method for addressing changes to component functionality in a computing device, comprising: measuring, by a Basic Input/Output System (BIOS) subsystem during an initialization process for a computing device, a current component functionality of each of a plurality of computing device components included in the computing device; identifying, by the BIOS subsystem during the initialization process for the computing device, a computing device component functionality change between a first reference computing device component functionality for a first computing device component included in the plurality of computing device components and a first current computing device component functionality measured for the first computing device component; identifying, by the BIOS subsystem during the initialization process for the computing device, an action to perform when the computing device component functionality change is identified for the first computing device component; and performing, by the BIOS subsystem during the initialization process for the computing device, the action.
16. The method of claim 14, wherein the at least one quarantine action includes: halting the initialization process to prevent transition of the computing device to a runtime state.
15. The method of claim 14, wherein the action includes: halting the initialization process to prevent transition of the computing device to a runtime state.
17. The method of claim 14, wherein the at least one quarantine action includes: providing, for display on a display device coupled to the computing device, information that describes the at least one computing device change; and requesting authorization to proceed with the initialization process.
16. The method of claim 14, wherein the action includes: providing, for display on a display device, information that describes the computing device component functionality change; and requesting authorization to proceed with the initialization process.
18. The method of claim 17, further comprising: receiving, by the BIOS, the authorization to proceed with the initialization process; and modifying, by the BIOS in response to receiving the authorization to proceed with the initialization process, the at least one of the reference computing device component inventory and the reference computing device functionalities to include the at least one of the current computing device component inventory and the current computing device component functionalities that provided the at least one computing device change.
17. The method of claim 16, further comprising: receiving, by the BIOS subsystem during the initialization process for the computing device, the authorization to proceed with the initialization process; and modifying, by the BIOS subsystem during the initialization process for the computing device in response to receiving the authorization to proceed with the initialization process, the first reference computing device component functionality to include the first current computing device component functionality.
19. The method of claim 14, wherein the at least one quarantine action includes: reconfiguring the computing device to provide the computing device in a previous state in which no computing device changes were identified relative to the reference computing device component inventory and the reference computing device functionalities.
18. The method of claim 17, wherein the action includes: reconfiguring the computing device to provide the computing device in a previous state in which no computing device component functionality changes were identified relative to the first reference computing device component functionality
20. The method of claim 14, wherein the reference computing device component inventory is identified in a Platform Certificate Profile (PCP) certificate, and wherein the reference computing device functionalities are identified in a Platform Configuration Register 1 (PCR1) certificate.
19. The method of claim 14, wherein the first reference computing device component functionality is identified in a Platform Configuration Register 1 (PCR1) certificate.
20. The method of claim 14, wherein the measuring of the current computing device component functionality of each of the plurality of computing device components is performed using a Platform Configuration Register 1 (PCR1) attestation handler immediately prior to a Transient System Load (TSL) phase in the initialization process.
Claim Rejections - 35 USC § 101
Claims 1-6 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter.
The language of claims 1-6 raises a question as to whether the claims are directed merely to an abstract idea that is not tied to a technological art, environment or machine which would result in a practical application producing a concrete, useful, and tangible result to form the basis of statutory subject matter under 35 U.S.C. 101.
The applicant claims “a plurality of computing device components” but does not define within the body of the claim the hardware in which the invention runs. Thus, absent recitation of the server or some other hardware, claims 1-8 6re not limited to a tangible embodiment, instead being sufficiently broad to encompass software, per se.
Furthermore in the application in Paragraph 68 of the specification states that “while a simplified example is provided in Figs. 9A and 9B that include only physical computing device components, as discussed above the QAM table 900 may include entries and corresponding QAM bitfield portions for firmware components, secure boot components, and/or any other computing device component for which the measurements discussed above are made.” in which the claims can be considered as software.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1-5, 7-11, 14-18 are rejected under 35 U.S.C. 103 as being unpatentable over Held et al., “hereinafter Held” (U.S. Patent Application: 20130013905) in view of Vora et al., “hereinafter Vora” (U.S. Patent: 11258671).
As per Claim 1, Held discloses a computing device quarantine action system (Held, Para.30, configuring the system (computing platform) to boot in quarantine mode with limited functionality), comprising:
a computing device including a plurality of computing device components (Held, Para.14, system (computing platform) includes a processor complex that includes a processor and off-die non-volatile memory, coupled to the processor, Para.02, Computing devices, personal computers, workstations, and servers (hereinafter "computer" or "computers") typically include a basic input and output system (BIOS) as an interface between computer hardware (e.g., a processor, chipsets, memory, etc.) and an operating system (OS). The BIOS includes firmware and/or software code to initialize and enable low-level hardware services of the computer, such as basic keyboard, video, disk drive, input/output (I/O) port(s), and chipset drivers (e.g., memory controllers) associated with a computer motherboard); and
a Basic Input/Output System (BIOS) subsystem that is included in the computing device, that is coupled to the plurality of computing device components (Held, Para.28, The BIOS 134 is configured to initialize and test the hardware and to load the OS 150. Re-programmability allows the BIOS 134 to be updated (without replacing the EEPROM 114) but also provides an avenue for attack by malicious programs. , Para.02, Computing devices, personal computers, workstations, and servers (hereinafter "computer" or "computers") typically include a basic input and output system (BIOS) as an interface between computer hardware (e.g., a processor, chipsets, memory, etc.) and an operating system (OS). The BIOS includes firmware and/or software code to initialize and enable low-level hardware services of the computer, such as basic keyboard, video, disk drive, input/output (I/O) port(s), and chipset drivers (e.g., memory controllers) associated with a computer motherboard), and that is configured, during an initialization process for the computing device, to:
identify an action to perform when the computing device component functionality change is identified for the first computing device component (Held, Para.16, the initialization firmware may be in the processor ISA or an internal format. If the verification of the initialization firmware and/or the BIOS fails, the system is configured to initiate one or more response(s). Responses include but are not limited to: preventing the initialization firmware and/or BIOS from executing, initiating recovery (e.g., using out-of-band (OOB) communication), reporting the verification failure using a model-specific register (MSR), halting, shutting down, and/or configuring the computing platform for operation in "quarantine mode", allowing the BIOS to execute and an operating system (OS) to boot. In the quarantine mode, some functionality of the system may be made unavailable to the BIOS and OS.); and perform the action (Held, Para.23, MSRs 132, 133 may include a Platform_Update MSR configured to trigger execution of initialization firmware verification module 128 and initialization firmware 130 and their associated verification actions.).
However Held does not disclose measure a current computing device component functionality of each of the plurality of computing device components; identify a computing device component functionality change between a first reference computing device component functionality for a first computing device component included in the plurality of computing device components and a first current computing device component functionality measured for the first computing device component.
Vora discloses measure a current computing device component functionality of each of the plurality of computing device components (Vora, Col.10, Line:41-45, The functionality-management component 154 may be configured to utilize information from the analyses performed by other components, such as a device-usage component to identify a device as the primary device and other devices as secondary devices, Vora, Col.25, Line:60-67, each power component may have a particular battery life or level, representing a current charge of the battery. The battery life or level may be measured in any suitable manner, such as by a percentage of charge remaining, an amount of time remaining, or the like. While the techniques described herein are described with reference to devices powered by batteries, it is to be appreciated that the techniques may also apply to devices that receive constant power. , Col.26, Line:35-52, messages sent by each device indicate a current battery level of the device (also referred to as a “battery level value”), a current connection strength to the WLAN of the device, information identifying the WLAN, information identifying the device, capability data as described herein, and/or the like. With this information, each hub-selection component 512(a)-(c) may determine the device that is to be selected as the hub device… each component is configured to implement a cost function that selects the communication hub based on one or more weighted factors, such as current battery levels, connection strengths, and so forth. In other examples, one of the devices may be designated by the user as the hub and/or one of the device may include additional components and/or functionality and may be designed as the hub based at least in part on those additional components and/or functionality.); identify a computing device component functionality change between a first reference computing device component functionality for a first computing device component included in the plurality of computing device components and a first current computing device component functionality measured for the first computing device component (Vora, Col.10, Line:55-65, the functionality-management component 154 may be configured to maintain a device 102(a)-(d) as the primary device until, for example, a triggering event occurs. The triggering event may include, for example, the passage of a predetermined amount of time, detection of a change in the environment in which the devices 102(a)-(d) are situated, such as the movement of a user within the environment, the detection of a new device in the environment, the removal of a device 102(a)-(d) from the environment, and/or a change in time from a predefined first time period to a second predefined time period, Col.31, Line:3-6, the speechlet may generate a command to cause the voice-enabled devices and/or accessory devices to change from a first state to a second state).
It would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to utilize the teachings as in Held with the teachings as in Vora. The motivation for doing so would have been perform the functionality of wake-word detection. One or more functionalities other than wake-word detection may also be performed by the voice-enabled devices, such as short-range communications and/or detection and communication with one or more devices using protocols such as, for example, Bluetooth and/or ZigBee. These other functionalities may run frequently, such as periodically and/or continuously and as such also utilize computing resources(Vora.2, Col., Line:22-30).
With respect to Claim 7 and 14 are substantially similar to Claim 1 and are rejected in the same manner, the same art and reasoning applying.
As per Claim 2, Held in view of Vora discloses the system of claim 1, wherein the action includes: halting the initialization process to prevent transition of the computing device to a runtime state (Held, Para.19, the responses include, but are not limited to, limiting BIOS (and OS) access to and/or disabling some system technologies (i.e., booting in quarantine mode), updating a model-specific register (e.g., for reporting), initiating recovery (e.g., via out-of-band (OOB) functionality), preventing operation of the BIOS, preventing booting of the OS, halting, shutting down and/or combinations thereof. The particular response(s) may be selected at manufacturing and/or may be selected by updating the processor configuration and/or initialization firmware, as described herein.).
With respect to Claim 8 and 15 are substantially similar to Claim 2 and are rejected in the same manner, the same art and reasoning applying.
As per Claim 3, Held in view of Vora discloses the system of claim 1, wherein the action includes: providing, for display on a display device coupled to the computing device, information that describes the computing device component functionality change; and requesting authorization to proceed with the initialization process (King, Para.37, The user interface component 110 can generate displays, reports, graphs, charts, quotes, tables, and/or the like to convey manufacturing information, cost information, and/or tracking information to the entities. The computation component 112 can perform one or more computational analyses, security analyses, manufacturing analyses, cost analyses, and/or tracking analyses to generate the data conveyed by the user interface component 110.); and requesting authorization to proceed with the initialization process (Held, Para.17, The initialization firmware provenance and authenticity may be guaranteed by the processor complex, and the initialization firmware may run in an isolated execution mode that may include partitioned memory. Unlike a UEFI BIOS, the internal processor initialization/reset and firmware interfaces may not be made generally available. Allowing operation in the quarantine mode provides limited operation when the BIOS verification fails rather than preventing operation entirely.).
With respect to Claim 9 and 16 are substantially similar to Claim 3 and are rejected in the same manner, the same art and reasoning applying.
As per Claim 4, Held in view of Vora discloses the system of claim 3, wherein the BIOS subsystem is configured to: receive the authorization to proceed with the initialization process; and modify, in response to receiving the authorization to proceed with the initialization process, the first reference computing device component functionality to include the first current computing device component functionality (Held, Para.42, Operation 420 includes reading the signed manifest and associated OEM UEFI BIOS firmware volume. Operation 420 may further include verifying the signed manifest (digital signature) with a remote certificate authority (CA). For example, verifying the signed manifest may be performed OOB using the microprocessor subsystem 112 and manageability engine firmware 138., Para.16, The initialization firmware verification module is configured, as part of the processor initialization module, to verify (i.e., attempt to verify or authenticate) the initialization firmware. The processor initialization module and/or the initialization firmware verification module may include microcode, circuitry and/or state information stored in processor volatile and/or non-volatile memory. The initialization firmware is configured to be executed after the initialization firmware verification module and is configured to verify (i.e., attempt to verify) the BIOS. The initialization firmware may be in the processor ISA or an internal format. If the verification of the initialization firmware and/or the BIOS fails, the system is configured to initiate one or more response(s). Responses include but are not limited to: preventing the initialization firmware and/or BIOS from executing, initiating recovery (e.g., using out-of-band (OOB) communication), reporting the verification failure using a model-specific register (MSR), halting, shutting down, and/or configuring the computing platform for operation in "quarantine mode", allowing the BIOS to execute and an operating system (OS) to boot. In the quarantine mode, some functionality of the system may be made unavailable to the BIOS and OS.).
With respect to Claim 10 and 17 are substantially similar to Claim 4 and are rejected in the same manner, the same art and reasoning applying.
As per Claim 5, Held in view of Vora discloses the system of claim 1, wherein the action includes: reconfiguring the computing device to provide the computing device in a previous state in which no computing device component functionality changes were identified relative to the first reference computing device component functionality (Held, Para.23, some of the MSRs 132, 133 may be "immutable" meaning that the contents of the immutable MSRs may not be changed by third party out of band or in-band processor ISA code execution action. For example, the BIOS_VERIFICATION MSR may be immutable. Malware may be unable to change the contents of an immutable MSR so that the immutable MSR may provide a relatively secure channel for reporting the status of, e.g., the BIOS. In one embodiment, MSRs 132, 133 may include a Platform_Update MSR configured to trigger execution of initialization firmware verification module 128 and initialization firmware 130 and their associated verification actions. For example, Platform_Update MSR may trigger execution when written to with a candidate BIOS firmware update.).
With respect to Claim 11 and 18 are substantially similar to Claim 5 and are rejected in the same manner, the same art and reasoning applying.
Claims 6, 12, 19 rejected under 35 U.S.C. 103 as being unpatentable over Held et al., “hereinafter Held” (U.S. Patent Application: 20130013905) in view of Vora et al., “hereinafter Vora” (U.S. Patent: 11258671) and further in view of Block et al., “hereinafter Block” (U.S. Patent Application: 20200099536).
As per Claim 6, Held in view of Vora discloses the system of claim 1,
However Held in view of Vora does not disclose the first reference computing device component functionality is identified in a Platform Configuration Register 1 (PCR1) certificate.
Block teaches the first reference computing device component functionality is identified in a Platform Configuration Register 1 (PCR1) certificate (Block, Para.80, At the master compute node TPM, in operation 405, the following are stored: initial measurements for PCR0, PCR1, PCR4, and PCR6 (PCRs 222 in FIG. 2). Also in operation 405, at the master compute node TPM, the following are stored from manufacturing: node add key blob (the primary AK 228 in FIG. 2); and node add certificate (the provisioned node AK certificate 226 in FIG. 2), Para.26, The TPM has several dedicated registers, which are called platform configuration registers (PCRs), allocated to hold the measurements. Each PCR contains a cryptographic history (in the form of a hash value) of all the measurements extended to the PCR. The extend operation is used by the TPM to add a measurement to a PCR. The TPM ensures that a specific series of measurements, in a specific order, will always produce this same resultant value—the digest value—of the PCR.).
It would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to utilize the teachings as in Held, Vora with the teachings as in Block. The motivation for doing so would have been merging multiple compute nodes with trusted platform modules utilizing provisioned node certificates. In accordance with one or more embodiments, multiple compute nodes are connected so as to be available for merger into a single multi-node system. Each compute node includes a trusted platform module (TPM) provisioned with a platform certificate and a signed attestation key (AK) certificate and is accessible to firmware on the compute node. One of the compute nodes is assigned the role of master compute node (MCN), with the other compute node(s) each assigned the role of slave compute node (SCN). A quote request is sent from the MCN to each SCN under control of firmware on the MCN. In response to receiving the quote request, a quote response is sent from each respective SCN to the MCN under control of firmware on the respective SCN, wherein the quote response includes the AK certificate of the respective SCN's TPM. (Block, Para.8).
With respect to Claim 12 and 19 are substantially similar to Claim 6 and are rejected in the same manner, the same art and reasoning applying.
Allowable Subject Matter
Claim 13, 20 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to NORMIN ABEDIN whose telephone number is (571)270-5970. The examiner can normally be reached Monday to Friday from 10 am to 6 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Vivek Srivastava can be reached at 5712727304. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/NORMIN ABEDIN/Primary Examiner, Art Unit 2449