Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
1. This Office Action is responsive to the communication filed 12/12/2024.
Allowable Subject Matter
2. Claims 9-18 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
Claim Rejections – 35 USC 103
3. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
4. Claims 1-8 and 19-20 are rejected under 35 U.S.C. 103 as being unpatentable over Wentz et al (US 2022/0198018) in view of Graf et al (US 2021/0117556), further in view of Trimberger et al (US 7,117,372).
Regarding claim 1, Wentz et al teaches a computer-implemented method of protecting a hardware design against confidentiality and integrity attacks (par [0100], lines 14-17, “integrity protection for the pk_2”), the computer-implemented method comprising:
providing, by one or more processors, a bootable image (BI) to a tenant computing entity (par [0018], line 9 & par [0071], lines 11-12, “presented with a ticket alongside a boot image”);
receiving, by the one or more processors, a certificate chain originating from the tenant computing entity via the BI (fig. 3, ‘328 & par [0078], lines 22-30, which discloses a new bootloader certificate being provided); and
validating, by the one or more processors, the certificate chain with a certificate authority (fig. 1 and 3-4 & par [0078], lines 22-30, which disclose a certificate authority verifying each bootloader certificate).
Wentz et al does not explicitly teach providing, by the one or more processors, a design rule data object to the tenant computing entity via the BI; receiving, by the one or more processors, a secure design rule result data object and an encrypted bitstream; determining, by the one or more processors, a match of the secure design rule result data object with the design rule data object; and programming, by the one or more processors, a cloud programmable logic instance with a decryption of the encrypted bitstream based at least in part on the match.
However, Graf et al teaches providing, by the one or more processors, a design rule data object to the tenant computing entity via the BI (par [0047], lines 14-17 & par [0050], lines 24-30, which disclose providing verification of FPGA design trust during BIOS and ensuring design rule compliance);
receiving, by the one or more processors, a secure design rule result data object and an encrypted bitstream (par [0004], lines 4-10, “bitstream design file…bitstream encryption”); and
determining, by the one or more processors, a match of the secure design rule result data object with the design rule data object (par [0039], lines 12-15, which discloses determining if bitstream design data matches place-list design information).
It would have been obvious to one of ordinary skill in the art before the effective date of the claimed invention to combine the disclosure of Graf et al within the teachings of Wentz et al would provide the predictive result of improving secure computing environment data verification by implementing third-party trust and integrity data checks (as disclosed in par [0048], lines 1-10 of Graf et al) because this feature would add an extra-layer of verification and stronger trustworthiness assessment of certificate data analyzed for validation by a certificate authority.
Wentz et al and Graf et al do not explicitly teach programming, by the one or more processors, a cloud programmable logic instance with a decryption of the encrypted bitstream based at least in part on the match.
However, Trimberger et al teaches programming, by the one or more processors, a cloud programmable logic instance with a decryption of the encrypted bitstream based at least in part on the match (col. 22, lines 33-35, “PLD …decrypting an encrypted bitstream”).
It would have been obvious to one of ordinary skill in the art before the effective date of the claimed invention to combine the disclosure of Trimberger et al within the teachings of Wentz et al and Graf et al would provide the predictive result of preventing an attacker from fraudulent access to contents in an unencrypted bitstream by preventing design relocation using cipher block chaining (as disclosed in col. 10, lines 50-60 of Trimberger et al) because incorporating prevention of design relocation eliminates a potential attacker from accessing secure content stored in portions of a FPGA via adjusting portions of design data to unencrypted bitstreams to learn content of the design that were stored in an encrypted bitstream.
Regarding claim 2, Wentz et al does not explicitly teach wherein the BI comprises an executable and one or more design compiling and design checking tools.
Graf et al further teaches wherein the BI comprises an executable (par [0047], lines 15-18) and one or more design compiling and design checking tools (Abstract, lines 5-8, which discloses a utility/tool for providing trust assessment and design verification).
It would have been obvious to one of ordinary skill in the art before the effective date of the claimed invention to combine the disclosure of Graf et al within the teachings of Wentz et al according to the motivation disclosed regarding claim 1.
Regarding claim 3, Wentz et al, Graf et al, and Trimberger et al teach the limitations of claim 1.
Wentz et al further teaches wherein the tenant computing entity comprises a tenant-side root of trust (par [0005], lines 1-10).
Regarding claim 4, Wentz et al, Graf et al, and Trimberger et al teach the limitations of claim 1.
Wentz et al further teaches wherein the BI comprises a plurality of acceptable hash states that are associated with the TSRoT (par [0021], lines 18-21).
Regarding claim 5, Wentz et al, Graf et al, and Trimberger et al teach the limitations of claim 1.
Wentz et al further teaches wherein the TSRoT is configured to terminate execution of the BI based at least in part on the TSRoT comprising a hash state that is not in the plurality of acceptable hash states (par [0078], lines 1-20, which discloses replacing a bootloader upon determining an outdated bootloader hash).
Regarding claim 6, Wentz et al, Graf et al, and Trimberger et al teach the limitations of claim 1.
Wentz et al further teaches wherein the cloud programmable logic instance comprises a cloud field-programmable gate array (par [0106], lines 2-11).
Regarding claim 7, Wentz et al, Graf et al, and Trimberger et al teach the limitations of claim 1.
Wentz et al further teaches receiving a TSRoT certificate (par [0066], lines 15-25, “digital certificate…secure root of trust”) and a BI certificate (par [0023], lines 1-6, “certificates signed by BL_1”); and validating the TSRoT certificate and the BI certificate with a certificate authority (par [0023], lines 1-6 & par [0066], lines 15-25, which disclose a certificate authority certifying each certificate instance).
Regarding claim 8, Wentz et al, Graf et al, and Trimberger et al teach the limitations of claim 1.
Wentz et al further teaches generating the design rule data object by:
generating an encrypted design rule (EDR) nonce (par [0032], lines 6-8); and symmetrically encrypting a design rule with the EDR nonce (par [0057]).
Regarding claim 19, Wentz et al teaches a system comprising:
one or more processors (fig. 8, ‘804) and
at least one memory storing processor-executable instructions (fig. 8, ‘828/’820) that, when executed by any of the one or more processors, causes the one or more processors to perform operations comprising:
providing a bootable image (BI) to a tenant computing entity (par [0018], line 9 & par [0071], lines 11-12, “presented with a ticket alongside a boot image”);
receiving a certificate chain originating from the tenant computing entity via the BI (fig. 3, ‘328 & par [0078], lines 22-30, which discloses a new bootloader certificate being provided); and
validating the certificate chain with a certificate authority (fig. 1 and 3-4 & par [0078], lines 22-30, which disclose a certificate authority verifying each bootloader certificate).
Wentz et al does not explicitly teach providing a design rule data object to the tenant computing entity via the BI; receiving a secure design rule result data object and an encrypted bitstream; determining a match of the secure design rule result data object with the design rule data object; and programming a cloud programmable logic instance with a decryption of the encrypted bitstream based at least in part on the match.
However, Graf et al teaches providing a design rule data object to the tenant computing entity via the BI (par [0047], lines 14-17 & par [0050], lines 24-30, which disclose providing verification of FPGA design trust during BIOS and ensuring design rule compliance);
receiving a secure design rule result data object and an encrypted bitstream (par [0004], lines 4-10, “bitstream design file…bitstream encryption”); and
determining a match of the secure design rule result data object with the design rule data object (par [0039], lines 12-15, which discloses determining if bitstream design data matches place-list design information).
It would have been obvious to one of ordinary skill in the art before the effective date of the claimed invention to combine the disclosure of Graf et al within the teachings of Wentz et al would provide the predictive result of improving secure computing environment data verification by implementing third-party trust and integrity data checks (as disclosed in par [0048], lines 1-10 of Graf et al) because this feature would add an extra-layer of verification and stronger trustworthiness assessment of certificate data analyzed for validation by a certificate authority.
Wentz et al and Graf et al do not explicitly teach programming a cloud programmable logic instance with a decryption of the encrypted bitstream based at least in part on the match.
However, Trimberger et al teaches programming a cloud programmable logic instance with a decryption of the encrypted bitstream based at least in part on the match (col. 22, lines 33-35, “PLD …decrypting an encrypted bitstream”).
It would have been obvious to one of ordinary skill in the art before the effective date of the claimed invention to combine the disclosure of Trimberger et al within the teachings of Wentz et al and Graf et al would provide the predictive result of preventing an attacker from fraudulent access to contents in an unencrypted bitstream by preventing design relocation using cipher block chaining (as disclosed in col. 10, lines 50-60 of Trimberger et al) because incorporating prevention of design relocation eliminates a potential attacker from accessing secure content stored in portions of a FPGA via adjusting portions of design data to unencrypted bitstreams to learn content of the design that were stored in an encrypted bitstream.
Regarding claim 20, Wentz et al teaches one or more non-transitory computer-readable storage media including instructions (‘828/’820) that, when executed by one or more processors (fig. 8, ‘804), cause the one or more processors to perform operations comprising:
providing a bootable image (BI) to a tenant computing entity (par [0018], line 9 & par [0071], lines 11-12, “presented with a ticket alongside a boot image”);
receiving a certificate chain originating from the tenant computing entity via the BI (fig. 3, ‘328 & par [0078], lines 22-30, which discloses a new bootloader certificate being provided); and
validating the certificate chain with a certificate authority (fig. 1 and 3-4 & par [0078], lines 22-30, which disclose a certificate authority verifying each bootloader certificate).
Wentz et al does not explicitly teach providing a design rule data object to the tenant computing entity via the BI; receiving a secure design rule result data object and an encrypted bitstream; determining a match of the secure design rule result data object with the design rule data object; and programming a cloud programmable logic instance with a decryption of the encrypted bitstream based at least in part on the match.
However, Graf et al teaches providing a design rule data object to the tenant computing entity via the BI (par [0047], lines 14-17 & par [0050], lines 24-30, which disclose providing verification of FPGA design trust during BIOS and ensuring design rule compliance);
receiving a secure design rule result data object and an encrypted bitstream (par [0004], lines 4-10, “bitstream design file…bitstream encryption”); and
determining a match of the secure design rule result data object with the design rule data object (par [0039], lines 12-15, which discloses determining if bitstream design data matches place-list design information).
It would have been obvious to one of ordinary skill in the art before the effective date of the claimed invention to combine the disclosure of Graf et al within the teachings of Wentz et al would provide the predictive result of improving secure computing environment data verification by implementing third-party trust and integrity data checks (as disclosed in par [0048], lines 1-10 of Graf et al) because this feature would add an extra-layer of verification and stronger trustworthiness assessment of certificate data analyzed for validation by a certificate authority.
Wentz et al and Graf et al do not explicitly teach programming a cloud programmable logic instance with a decryption of the encrypted bitstream based at least in part on the match.
However, Trimberger et al teaches programming a cloud programmable logic instance with a decryption of the encrypted bitstream based at least in part on the match (col. 22, lines 33-35, “PLD …decrypting an encrypted bitstream”).
It would have been obvious to one of ordinary skill in the art before the effective date of the claimed invention to combine the disclosure of Trimberger et al within the teachings of Wentz et al and Graf et al would provide the predictive result of preventing an attacker from fraudulent access to contents in an unencrypted bitstream by preventing design relocation using cipher block chaining (as disclosed in col. 10, lines 50-60 of Trimberger et al) because incorporating prevention of design relocation eliminates a potential attacker from accessing secure content stored in portions of a FPGA via adjusting portions of design data to unencrypted bitstreams to learn content of the design that were stored in an encrypted bitstream.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Randy A. Scott whose telephone number is (571) 272-3797. The examiner can normally be reached on Monday-Thursday 7:30 am-5:00 pm, second Fridays 7:30 am-4pm.
If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, Luu Pham can be reached on (571) 270-5002. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/RANDY A SCOTT/Primary Examiner, Art Unit 2439
20260512