Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
Claims 1-15 are pending in this application.
Claim Objections
Claims 1-15 are objected to because of the following informalities: for better clarity, it is suggested that all numbers in the parentheses and corresponding parentheses should be removed Appropriate correction is required.
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 03/20/2025 and 05/19/2025 are in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1-2, 4-7 and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Ronca et al (“Ronca,” US 20150271154) in view of Hamid et al (“Hamid,” US 20130179676) and further in view of Karaoguz et al (“Karaoguz,” US 20060166679).
Regarding claim 1, Ronca discloses a system (600) supportive of data residency requirements, comprising: (Ronca discloses [0056]-[0057] enforcing cryptographic validity based on geo-fence description defining a geographic area [data residency requirements])
obtaining (1103) authorized location information where the HSM is authorized to process the request from a source of the request for access; (Ronca discloses [0020], obtaining (1103) authorized location information where the HSM [0208] is authorized [0046] to process the request from a source of the request for access [0046])
processing (1110) the request for access if the HSM location is within the authorized location information; (Ronca discloses [0054]-[0055], [0186], [0208] processing (1110) the request for access if the HSM location is within the authorized location information)
and rejecting (1108) the request if the HSM location is not within the authorized location information, (Ronca discloses [0057], [0053], [0186], [0208] and rejecting (1108) the request if the HSM location is not within the authorized location information)
Ronca fails to explicitly disclose a Hardware Security Module (HSM) (602) hosted on a cloud environment, the HSM comprising one or more processors and memory coupled to the one or more processors; receiving (1102) a request for access to information over a network.
However in an analogous art, Hamid discloses a Hardware Security Module (HSM) (602) hosted on a cloud environment, the HSM comprising one or more processors and memory coupled to the one or more processors; receiving (1102) a request for access to information over a network, (Hamid discloses [0022] a Hardware Security Module (HSM) (602) hosted on a cloud environment [0043], the HSM [0022] comprising one or more processors [0036] and memory [0036] coupled to the one or more processors [0036];
receiving (1102) [0006]-[0007] a request for access [0036], [0039] to information over a network [0036])
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claim invention to combine the teachings of Hamid with Ronca to include a Hardware Security Module (HSM) (602) hosted on a cloud environment, the HSM comprising one or more processors and memory coupled to the one or more processors; receiving (1102) a request for access to information over a network. One would have been motivated to provide a system for cloud-based hardware security modules including a physical security device with a processor (Hamid, [0004]).
Ronca and Hamid fail to explicitly disclose and a location tracker (604) embedded within or directly connected to the HSM to provide an HSM location; comparing (1106) the HSM location with the authorized location information from the source;
However, in an analogous art, Karaoguz discloses and a location tracker (604) embedded within or directly connected to the HSM to provide an HSM location (Karaoguz discloses [0030], [0041], [0021] describes a GPS receiver of the wireless terminal and a GPS-derived location to a defined geographic boundary using specialized hardware that performs security operations [0026] [location tracker (604) embedded within or directly connected to the HSM to provide an HSM location]; also see [0021], [0023]-[0024]).
comparing (1106) the HSM location with the authorized location information from the source; (Karaoguz discloses comparing (1106) [0021] the HSM location [0041], [0044]] with the authorized location information from the source [0023], [0021])
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Karoguz with Ronca and Hamid to include and a location tracker (604) embedded within or directly connected to the HSM to provide an HSM location; comparing (1106) the HSM location with the authorized location information from the source. One would have been motivated to provide operations related to location/mobility of a wireless terminal (Karaoguz, [0003]).
Regarding claim 2, Ronca, Hamid and Karoguz disclose the system of claim 1.
Karoguz further disclose wherein the location tracker embedded within or directly connected to the HSM is a global navigation satellite system (GNSS) module, (Karaoguz discloses [0021], [0024], [0041], [0026] a GPS receiver with specialized hardware that performs a security operation is used to determine location. A GPS receiver is a GNSS system).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Karoguz with Ronca and Hamid to include and a location tracker (604) embedded within or directly connected to the HSM to provide an HSM location; comparing (1106) the HSM location with the authorized location information from the source. One would have been motivated to provide operations related to location/mobility of a wireless terminal (Karaoguz, [0003]).
Regarding claim 4, Ronca, Hamid and Karoguz disclose the system of claim 1.
Ronca further discloses wherein the system further includes computer instructions which causes the one or more processors to obtain authorized location information by receiving a key from the source, wherein the key contains the authorized location information from the source, (Ronca discloses wherein the system further includes computer instructions which causes the one or more processors [0207] to obtain authorized location information [0020], [0073] by receiving a key [0072] from the source [0046], wherein the key [0072] contains the authorized location information [0020], [0073] from the source [0046]).
Regarding claim 5, Ronca, Hamid and Karoguz disclose the system of claim 1.
Ronca further discloses wherein the system further includes computer instructions, which causes the one or more processors to maintain the HSM location hidden from users (Ronca discloses wherein the system further includes computer instructions, which causes the one or more processors [0207] to maintain the HSM location hidden from users [0094], [0169], [0208])
Regarding claim 6, Ronca, Hamid and Karoguz disclose the system of claim 1.
Ronka further discloses wherein the system further includes computer instructions, which causes the one or more processors to receive a request to generate a key that can only be used in predetermined countries or locations and responding with the transmission of a key that cannot be used outside the predetermined countries or locations, (Ronka discloses wherein the system further includes computer instructions, which causes the one or more processors [0207] to receive a request to generate a key [0072] that can only be used in predetermined countries or locations [0146] and responding with the transmission of a key [0072] that cannot be used outside the predetermined countries or locations [0146])
Regarding claim 7, Ronca, Hamid and Karoguz disclose the system of claim 1.
Ronca further discloses wherein the system further includes computer instructions, which causes the one or more processors to receive a request to process a key containing meta data of the location information where the HSM is authorized and processing the key if the HSM location is within the meta data of the location information where the HSM is authorized, (Ronka discloses wherein the system further includes computer instructions, which causes the one or more processors [0207] to receive a request to process a key [0072] containing meta data [0200] of the location information [0146] where the HSM [0208] is authorized and processing the key [0072] if the HSM location [0208], [0140] is within the meta data [0200[ of the location information [0146] where the HSM [0208] is authorized)
Regarding claim 15, Ronca discloses a system (500) supportive of data residency requirements, comprising: (Ronca discloses [0056]-[0057] enforcing cryptographic validity based on geo-fence description defining a geographic area [data residency requirements])
obtaining (1103) authorized location information where the HSM is authorized to process the request from a source of the request for access; (Ronca discloses [0020], obtaining (1103) authorized location information where the HSM [0208] is authorized [0046] to process the request from a source of the request for access [0046])
processing (1110) the request for access if the HSM location is within the authorized location information; (Ronca discloses [0054]-[0055], [0186], [0208] processing (1110) the request for access if the HSM location is within the authorized location information)
and rejecting (1108) the request if the HSM location is not within the authorized location information, (Ronca discloses [0057], [0053], [0186], [0208] and rejecting (1108) the request if the HSM location is not within the authorized location information)
Ronca fails to explicitly disclose a plurality (504a-f) of Hardware Security Modules (HSMs) hosted on a cloud environment, the plurality of HSMs comprising one or more processors and memory coupled to the one or more processors, wherein the memory includes computer instructions which when executed by the one or more processors causes the one or more processors to perform the operations of: receiving (1102) a request for access to information over a network at one of the HSMs among the plurality of HSMs;
However, in an analogous art, Hamid discloses a plurality (504a-f) of Hardware Security Modules (HSMs) hosted on a cloud environment, the plurality of HSMs comprising one or more processors and memory coupled to the one or more processors, wherein the memory includes computer instructions which when executed by the one or more processors causes the one or more processors to perform the operations of: (Hamid discloses a plurality (504a-f) of Hardware Security Modules (HSMs) [0022] hosted on a cloud environment [0043], the plurality of HSMs [0022] comprising one or more processors [0036] and memory [0036] coupled to the one or more processors [0036], wherein the memory [0036] includes computer instructions which when executed by the one or more processors [0036] causes the one or more processors [0036] to perform the operations of)
receiving (1102) a request for access to information over a network at one of the HSMs among the plurality of HSMs, (Hamid discloses receiving (1102) [0056]-[0057[ a request for access [0036], [0039] to information over a network [0036] at one of the HSMs [0022] among the plurality of HSMs [0022])
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Hamid with Ronca to include a plurality (504a-f) of Hardware Security Modules (HSMs) hosted on a cloud environment, the plurality of HSMs comprising one or more processors and memory coupled to the one or more processors, wherein the memory includes computer instructions which when executed by the one or more processors causes the one or more processors to perform the operations of: receiving (1102) a request for access to information over a network at one of the HSMs among the plurality of HSMs. One would have been motivated to provide a system for cloud-based hardware security modules including a physical security device with a processor (Hamid, [0004]).
However, in an analogous art, Karaoguz discloses and a location tracker (505) embedded within or directly connected to the plurality of HSMs in a protected environment (502) to provide an HSM location;, (Karaoguz discloses and a location tracker (505) embedded within or directly connected to the plurality of HSMs in a protected environment (502) to provide an HSM location; (Karaoguz discloses [0030], [0041] and a GPS-derived location to a defined geographic boundary using specialized hardware [location tracker (604) embedded within or directly connected to the HSM to provide an HSM location]).
comparing (1106) the HSM location with the authorized location information from the source (Karaoguz discloses comparing (1106) [0021] the HSM location [0041] with the authorized location information from the source [0023], [0021])
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Karaoguz with Ronca and Hamid to include and a location tracker (505) embedded within or directly connected to the plurality of HSMs in a protected environment (502) to provide an HSM location; comparing (1106) the HSM location with the authorized location information from the source. One would have been motivated to provide operations related to location/mobility of a wireless terminal (Karaoguz, [0003]).
Claim 3 is rejected under 35 U.S.C. 103 as being unpatentable over Ronca et al (“Ronca,” US 20150271154), Hamid et al (“Hamid,” US 20130179676) in view of Karaoguz et al (“Karaoguz,” US 20060166679) and further in view of O’Loughlin et al (“O’Loughlin,” US 20120102334).
Regarding claim 3, Ronca, Hamid and Karoguz disclose the system of claim 1.
Ronca, Hamid and Karoguz fail to explicitly disclose wherein the system further includes computer instructions which causes the one or more processors to obtain (1103) the authorized location by generating a user interface in response to the receipt of the request which provides an option for a manual input of a location or locations where the HSM is authorized to process the request as the authorized location information.
However, in an analogous art, O’Loughlin discloses wherein the system further includes computer instructions which causes the one or more processors to obtain (1103) the authorized location by generating a user interface in response to the receipt of the request which provides an option for a manual input of a location or locations where the HSM is authorized to process the request as the authorized location information (O’Loughlin discloses [0113], [0130] wherein the system further includes computer instructions which causes the one or more processors [0084] to obtain (1103) the authorized location [0096], [0089] by generating a user interface [0086] in response to the receipt of the request [0349] which provides an option for a manual input [0167] of a location or locations [0089] where the HSM [0085] is authorized to process the request [0349], [0096] as the authorized location information [0096], [0089])
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claim invention to combine the teachings of O’Laughlin with , Ronca, Hamid and Karoguz to include wherein the system further includes computer instructions which causes the one or more processors to obtain (1103) the authorized location by generating a user interface in response to the receipt of the request which provides an option for a manual input of a location or locations where the HSM is authorized to process the request as the authorized location information. One would have been motivated to manage electronic assets (O’Laughlin, [0002]).
Claims 8-9 and 11-13 and rejected under 35 U.S.C. 103 as being unpatentable over Ronca et al (“Ronca,” US 20150271154), in view of Karaoguz et al (“Karaoguz,” US 20060166679) and further in view of Hamid et al (“Hamid,” US 20130179676).
Regarding claim 8, Ronca discloses a method (1100) supportive of data residency requirements at a Hardware Security Module (HSM) hosted on a cloud environment, the method comprising: (Ronca discloses a method (1100) supportive of data residency requirements [0056]-[0057] at a Hardware Security Module (HSM) [0208] hosted on a cloud environment [0213])
obtaining (1103) or receiving authorized location information where the HSM is authorized to process the request from a source of the request for access; (Ronca discloses [0020], obtaining (1103) authorized location information where the HSM [0208] is authorized [0046] to process the request from a source of the request for access [0046])
and processing (1110) the request for access only if the HSM location is within the authorized location information, (Ronca discloses [0054]-[0055], [0186], [0208] processing (1110) the request for access if the HSM location is within the authorized location information)
Ronca fails to explicitly disclose and further having a location tracker embedded within or directly connected to the HSM to provide an HSM location; comparing (1106) the HSM location with the authorized location information from the source.
However, in an analogous art, Karaoguz discloses and further having a location tracker embedded within or directly connected to the HSM to provide an HSM location; (Karaoguz discloses [0030], [0041] and a GPS-derived location to a defined geographic boundary using specialized hardware [location tracker (604) embedded within or directly connected to the HSM to provide an HSM location]).
comparing (1106) the HSM location with the authorized location information from the source, (Karaoguz discloses comparing (1106) [0021] the HSM location [0041] with the authorized location information from the source [0023], [0021])
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Karaoguz with Ronca to include and further having a location tracker embedded within or directly connected to the HSM to provide an HSM location; comparing (1106) the HSM location with the authorized location information from the source. One would have been motivated to provide operations related to location/mobility of a wireless terminal (Karaoguz, [0003]).
Ronca and Karaoguz fail to explicitly disclose receiving (1102) a request for access to information over a network.
However, in an analogous art, Hamid discloses receiving (1102) a request for access to information over a network, (Hamid discloses receiving (1102) [0006]-[0007] a request for access [0036], [0039] to information over a network [0036])
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Hamid with Ronca and Karaoguz to include receiving (1102) a request for access to information over a network. One would have been motivated to provide a system for cloud-based hardware security modules including a physical security device with a processor (Hamid, [0004]).
Regarding claim 9, Ronca, Karaoguz and Hamid disclose the method of claim 8.
Ronca further disclose wherein the method further comprises the step of rejecting (1108) the request if the HSM location is not within the authorized location information, (Ronca discloses [0057], [0053], [0186], [0208] and rejecting (1108) the request if the HSM location is not within the authorized location information)
Regarding claim 11, Ronca, Karaoguz and Hamid disclose the method of claim 8.
Ronca further discloses wherein the method further obtains the authorized location information by receiving a key from the source, wherein the key contains the authorized location information from the source, (Ronca discloses wherein the system further includes computer instructions which causes the one or more processors [0207] to obtain authorized location information [0020], [0073] by receiving a key [0072] from the source [0046], wherein the key [0072] contains the authorized location information [0020], [0073] from the source [0046]).
Regarding claim 12, Ronca, Karaoguz and Hamid disclose the method of claim 8.
Ronca further discloses wherein the method further receives a request to generate a key that can only be used by HSMs in predetermined locations or countries and responding with the transmission of a key that cannot be used with HSMs outside the predetermined locations or countries, (Ronka discloses wherein the system further includes computer instructions, which causes the one or more processors [0207] to receive a request to generate a key [0072] that can only be used in predetermined countries or locations [0146] and responding with the transmission of a key [0072] that cannot be used outside the predetermined countries or locations [0146])
Regarding claim 13, Ronca, Karaoguz and Hamid disclose the method of claim 8.
Ronca further discloses wherein the method further receives a request to generate a key and responding with the transmission of a key that cannot be used outside the country of the HSM location, (Ronka discloses wherein the method further receives a request to generate a key [0072] and responding with the transmission of a key [0072] that cannot be used outside [0019] the country [0032] of the HSM location [0146])
Claim 10 and 14 are rejected under 35 U.S.C. 103 as being unpatentable over Ronca et al (“Ronca,” US 20150271154), Karaoguz et al (“Karaoguz,” US 20060166679) in view of Hamid et al (“Hamid,” US 20130179676) and further in view of and further in view of O’Loughlin et al (“O’Loughlin,” US 20120102334).
Regarding claim 10, Ronca, Karaoguz and Hamid disclose the method of claim 8.
Ronca, Karaoguz and Hamid fail to explicitly disclose wherein the method further obtains the authorized location by generating a user interface in response to the receipt of the request that provides an option for a manual input of a location or locations where the HSM is authorized to process the request as the authorized location information.
However, in an analogous art, O’Loughlin discloses wherein the method further obtains the authorized location by generating a user interface in response to the receipt of the request that provides an option for a manual input of a location or locations where the HSM is authorized to process the request as the authorized location information, (O’Loughlin discloses [0113], [0130] wherein the system further includes computer instructions which causes the one or more processors [0084] to obtain (1103) the authorized location [0096], [0089] by generating a user interface [0086] in response to the receipt of the request [0349] which provides an option for a manual input [0167] of a location or locations [0089] where the HSM [0085] is authorized to process the request [0349], [0096] as the authorized location information [0096], [0089])
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claim invention to combine the teachings of O’Loughlin with Ronca, Karaoguz and Hamid to include wherein the method further obtains the authorized location by generating a user interface in response to the receipt of the request that provides an option for a manual input of a location or locations where the HSM is authorized to process the request as the authorized location information. One would have been motivated to manage electronic assets (O’Laughlin, [0002]).
Regarding claim 14, Ronca, Karaoguz and Hamid disclose the method of claim 12.
Ronca, Karaoguz and Hamid fail to explicitly disclose wherein a customer configuration file (10a) in the secure element (5) includes a set of unique IP addresses and authorized locations specific to each HSM (504a-f) in a configuration (504) of multiple HSMs in a protected environment (502), whereby upon detection of the presence of the secure element, each of the multiple HSMs is automatically configured with a respective set of the unique IP addresses and authorized locations.
However, in an analogous art, O’Loughlin discloses wherein a customer configuration file (10a) in the secure element (5) includes a set of unique IP addresses and authorized locations specific to each HSM (504a-f) in a configuration (504) of multiple HSMs in a protected environment (502), whereby upon detection of the presence of the secure element, each of the multiple HSMs is automatically configured with a respective set of the unique IP addresses and authorized locations, (O’Loughlin discloses wherein a customer configuration file (10a) [0093] in the secure element (5) [0215], [0465] includes a set of unique IP addresses [0099] and authorized locations [0443], [0095]-[0096] specific to each HSM (504a-f) in a configuration (504) [0093] of multiple HSMs [0085] in a protected environment (502), whereby upon detection of the presence of the secure element [0215], [0465], each of the multiple HSMs [0085] is automatically configured [0093] with a respective set of the unique IP addresses [0099] and authorized locations [0443], [0095]-[0096])
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claim invention to combine the teachings of O’Loughlin with Ronca, Karaoguz and Hamid to include wherein a customer configuration file (10a) in the secure element (5) includes a set of unique IP addresses and authorized locations specific to each HSM (504a-f) in a configuration (504) of multiple HSMs in a protected environment (502), whereby upon detection of the presence of the secure element, each of the multiple HSMs is automatically configured with a respective set of the unique IP addresses and authorized locations. One would have been motivated to manage electronic assets (O’Laughlin, [0002]).
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JAMES J WILCOX whose telephone number is (571)270-3774. The examiner can normally be reached M-F: 8 A.M. to 5 P.M..
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu T. Pham can be reached on (571)270-5002. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users.
To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/JAMES J WILCOX/Examiner, Art Unit 2439
/LUU T PHAM/Supervisory Patent Examiner, Art Unit 2439