DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
1. This is in response to the communications filed on 28 July 2025.
2. Claims 11-26 are pending in the application.
3. Claims 11-26 have been rejected.
4. Claims 1-10 have been cancelled in a preliminary amendment.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
5. Claims 11-26 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter. The claim(s) does/do not fall within at least one of the four categories of patent eligible subject matter because independent claim 11 is directed towards a zero-trust remote attestation service deployment system based on a confidential virtual machine that comprises a trusted execution environment, a key management component and an application service virtual machine. However, after a review of the applicant’s specification the examiner has not found support for any of a trusted execution environment, a key management component or the application service virtual machine being hardware. Since the system claim does not contain any hardware elements this renders the claim non-statutory. Dependent claims 12-26 recite similar subject matter and therefore are non-statutory as well.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
6. Claims 11-26 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention.
It is unclear to the examiner what is sought to be protected. The claims are directed toa system comprising components (with no structure) and a method with steps reciting steps. It is of utmost importance that patents issue with definite claims that clearly and precisely inform persons skilled in the art of the boundaries of protected subject matter.
Allowable Subject Matter
7. Claims 11-26 are allowed over the prior art.
The following is an examiner’s statement of reasons for allowance:
The closest prior art to the instant application are Lopez Pascual US 2023/0168911 A1 (hereinafter Lopez) and Toy US 2020/0019425 A1. Lopez is directed towards computer security, and more specifically relates to customizing the hardware initialization code that a virtual machine executes when it is booting [0001]. Lopez teaches a zero-trust infrastructure [0016]. Lopez teaches a trusted execution environment (TEE) [0021]. Lopez teaches a virtual machine identifier and cryptographic data such as encryption key decryption key, seed, salt and nonce [0040]. Toy is directed towards a mechanism to verify whether all network, hardware and software layers are ready to provide services [0024]. Toy teaches communication links between different application components and verify a list of participating devices for a particular service [0025]. However, the prior art does not disclose, teach or fairly suggest the limitations of “verifying trustworthiness of the key management component running in the TEE”, “upon successful verification, generating a key tkey, and associating the key tkey with an access key of the zero-trust application service”, “upon restart of a virtual machine, requesting, by a virtual machine agent, a key from the key management component using the virtual machine unique identifier uuid and a hardware report R1 comprising a virtual machine measurement value vm-hash and a virtual machine public key P2”, “verifying, by the key management component, trustworthiness of the hardware report R1 and the virtual machine; upon successful verification, obtaining the corresponding tkey using the sealed key K and the unique identifier uuid in the request, and encrypting the tkey using the virtual machine public key P2 to generate p-tkey for returning to the virtual machine agent”, “decrypting, by the virtual machine agent using a virtual machine private key S2, the p-tkey to obtain the key tkey” and “obtaining, by the virtual machine agent using the key tkey, the access key, to enable the zero-trust application service”, as recited by independent claim 11.
Any claims not directly addressed are allowed on the virtue of their dependency.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee. Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”
Relevant Prior Art
8. The following references have been considered relevant by the examiner:
A. Kar et al US 2025/0094601 A1 directed to a system and method of securing and virtualizing firmware trusted platform modules (TPMs) for virtualizing a hardware security module (HSM) for a host within a network fabric [abstract].
B. Tamir et al US 2024/0086550 A1 directed to security in cloud computing and, more specifically, to enabling zero-trust deployment in cloud computing [0001].
C. Mitchell US 2025/0365144 A1 directed to facilitating multi-party control of protected cryptographic keys in cloud-based service architectures [abstract].
Conclusion
9. Any inquiry concerning this communication or earlier communications from the examiner should be directed to ARAVIND K MOORTHY whose telephone number is (571)272-3793. The examiner can normally be reached M-F 4:30-3:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Catherine Thiaw can be reached at 571-270-1138. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/ARAVIND K MOORTHY/Primary Examiner, Art Unit 2407