Ex Parte Jeansonne et alDownload PDFPatent Trial and Appeal BoardNov 14, 201714112569 (P.T.A.B. Nov. 14, 2017) Copy Citation United States Patent and Trademark Office UNITED STATES DEPARTMENT OF COMMERCE United States Patent and Trademark Office Address: COMMISSIONER FOR PATENTS P.O.Box 1450 Alexandria, Virginia 22313-1450 www.uspto.gov APPLICATION NO. FILING DATE FIRST NAMED INVENTOR ATTORNEY DOCKET NO. CONFIRMATION NO. 14/112,569 10/18/2013 Jeff Jeansonne 83698754 2522 22879 HP Tnr 7590 11/16/2017 EXAMINER 3390 E. Harmony Road Mail Stop 35 TRAORE, FATOUMATA FORT COLLINS, CO 80528-9544 ART UNIT PAPER NUMBER 2436 NOTIFICATION DATE DELIVERY MODE 11/16/2017 ELECTRONIC Please find below and/or attached an Office communication concerning this application or proceeding. The time period for reply, if any, is set in the attached communication. Notice of the Office communication was sent electronically on above-indicated "Notification Date" to the following e-mail address(es): ipa.mail@hp.com barbl@hp.com y vonne.bailey @ hp. com PTOL-90A (Rev. 04/07) UNITED STATES PATENT AND TRADEMARK OFFICE BEFORE THE PATENT TRIAL AND APPEAL BOARD Ex parte JEFF JEANSONNE, MONJI G. JABORI, and VALIALI Appeal 2017-007706 Application 14/11255691 Technology Center 2400 Before TERRENCE W. McMILLIN, KARA L. SZPONDOWSKI, and SCOTT B. HOWARD, Administrative Patent Judges. McMILLIN, Administrative Patent Judge. DECISION ON APPEAL This is a decision on appeal under 35 U.S.C. § 134(a) of the Final Rejection of claims 1 and 3—13. Final Act. 1. We have jurisdiction under 35 U.S.C. § 6(b). We AFFIRM. 1 According to Appellants, the real party in interest is Hewlett-Packard Development Company, L.P. App. Br. 1. Appeal 2017-007706 Application 14/112,569 THE CLAIMED INVENTION The present invention relates to a core root of trust for measurement (CRTM) as an extension of normal basic input/output system (BIOS) that is used to measure integrity value of other entities. Spec. 1,3,4. Independent claim 1 is directed to a computing system; independent claim 9 is directed to a method; and independent claim 12 is directed to a non- transitory computer readable medium. App. Br. 12—14. Claim 1 recites 1. A computing system comprising: a non-volatile memory including a portion that is a core root of trust for measurement (CRTM); an embedded controller to verify the provider of the CRTM; and a host processor to execute the CRTM upon verification of the authenticity to measure other parts of the BIOS code, wherein the CRTM is stored on an immutable portion of the non-volatile memory, the immutable portion being prevented from being erased or written on by the host processor, and wherein the embedded controller is separate from the host processor and operates based on a boot loader in a read-only memory. REJECTION ON APPEAL Claims 1 and 3—13 stand rejected under 35 U.S.C. § 103(a) as being unpatentable over Springfield et al. (US 2011/0154010 Al, published June 23, 2011) (“Springfield”), Schaefer et al. (US 2012/0096450 Al, published Apr. 19, 2012) (“Schaefer”), and Jansen et al. (US 2008/0288783 Al, published Nov. 20, 2008) (“Jansen”). Final Act. 3. 2 Appeal 2017-007706 Application 14/112,569 Claims 1 and 3—13 stand rejected under 35 U.S.C. § 103(a) as being unpatentable over Springfield, Schaefer, and Grobman et al. (US 2010/0082960 Al, published Apr. 1, 2010) (“Grobman”). Final Act. 11. ANALYSIS Claims 1 and 5—13 Claim 1 recites “wherein the embedded controller is separate from the host processor and operates based on a boot loader in a read-only memory’'' (emphasis added). Appellants contend Jansen does not teach the “use of the loader 112 for the verifier 108,” or “that the verifier 108 operates in any manner based on the loader 112.” App. Br. 9-10 (emphases added); see also Reply Br. 2. The Examiner finds Jansen teaches the embedded controller operating based on a boot loader in a read-only memory. Final Act. 5 (citing Jansen Fig. 1, 145). We agree with the Examiner. Appellants’ Specification provides broad examples that the “embedded controller may operate based on a boot loader in a read only memory,” and a “boot loader can be firmware that determines the operation of the embedded controller” to “allow[] the embedded controller to reliably determine the provider of the CRTM.” Spec. 115 (emphases added). Appellants do not explicitly define how an embedded controller operates based on a boot loader. Instead, the claimed embedded controller operating based on a boot loader in a read only memory, in light of Appellants’ Specification, broadly encompasses the boot loader somehow determining the operation of the embedded controller. 3 Appeal 2017-007706 Application 14/112,569 As cited by the Examiner (Final Act. 5), Figure 1 of Jansen shows a loader 112 and a verifier 108, where the “loader 112 computes an Operating System (OS)-hash of an OS to be loaded on computing-platform 102.” Jansen 126. As further cited by the Examiner (Final Act. 5), Jansen discloses: [a]fter verifying that the . . . OS-hash and hash of each precedent application stored in the ME correspond to authentic application, at step 308 verifier 108 computes the second precedent application-hash corresponding to . . . the OS-hash[, and the verifier 108 does this in order to verify the] . . . operational state of computing-platform 102. Jansen 145. In other words, Jansen teaches the loader 112 computing an OS-hash, and the verifier 108 using and verifying the OS-hash. As such, consistent with examples provided in Appellants’ Specification of the loader determining the operation of the controller, Jansen’s loader 112, computing a hash that is utilized and verified by the verifier 108, determines operation of the verifier 108. Appellants have not provided persuasive evidence that the boot loader somehow determining operation of the embedded controller, as required by claim 1, is not taught or otherwise suggested by Jansen’s loader 112 computing a hash that is then utilized and verified by verifier 108. The Examiner further and alternatively finds that Grobman teaches an embedded controller operating based on a boot loader in a read-only memory. Final Act. 13 (citing Grobman Fig. 2,126); Ans. 11—12 (citing Grobman Fig. 2, || 16—17, 26, 36-40). Appellants argue, for the first time in the Reply Brief, that “there is no teaching or suggestion in Grobman that the management engine 250 ‘operates based on a boot loader,’ as recited in the pending claims.” Reply Br. 4. 4 Appeal 2017-007706 Application 14/112,569 We note this argument regarding Grobman in the Reply Brief is untimely. 37 C.F.R. § 41.41(b)(2) (2012) (“Any argument raised in the reply brief which was not raised in the appeal brief. . . will not be considered by the Board for purposes of the present appeal, unless good cause is shown.”). Here, no good cause having been shown by Appellants, we disregard the discussion of Grobman in the Reply Brief. However, even if we consider Appellants’ arguments with regards to Grobman, we are still not persuaded of the Examiner’s error. The Examiner finds that Grobman teaches the loader 244 invokes execution of the operating system, and the management engine 250 measures and verifies the integrity of executable components. Ans. 12 (citing Grobman || 26, 38—39); see also Final Act. 13. As such, consistent with examples provided in Appellants’ Specification of the loader determining the operation of the controller, as discussed supra, Grobman’s loader 244 determines operation of the operating system and thereby determines operation of the management engine 250. Appellants have not provided evidence or argument to rebut the Examiner’s finding, or otherwise explained why Grobman’s management engine 250 does not operate based on a boot loader, as required by claim 1. Accordingly, we sustain the 35 U.S.C. § 103(a) rejections of claim 1, as well as the rejections of claims 5—13, not separately argued. See App. Br. 10. Claims 3 and 4 Appellants contend “Schaefer fails to teach or suggest any embedded controller, let alone ‘a read only memory for boot code on board the 5 Appeal 2017-007706 Application 14/112,569 embedded controller executed by the embedded controller during boot, ’ as recited in claim 3.” App. Br. 10. Appellants further contend “since Schaefer fails to teach or suggest an embedded controller, it necessarily fails to teach or suggest that ‘the embedded controller is not programmable’” and the cited portions of Springfield “fail to teach or even suggest that an ‘embedded controller is not programmable,’ as recited in claim 4.” App. Br. 10—11. Appellants do not provide any further explanation beyond the quoted denials. Id. With respect to these additional limitations in claims 3 and 4, Appellants have failed to rebut the Examiner’s findings. To show error in the Examiner’s position, Appellants must explain why the relied-upon disclosure does not disclose the claimed feature, rather than merely alleging that the feature is not shown. See 37 C.F.R. § 41.37(c)(l)(iv) (“A statement which merely points out what a claim recites will not be considered an argument for separate patentability of the claim.”); In re Lovin, 652 F.3d 1349, 1356 (Fed. Cir. 2011); cf. In re Baxter Travenol Labs, 952 F.2d 388, 391 (Fed. Cir. 1991) (“It is not the function of this court to examine the claims in greater detail than argued by an appellant[.]”). Accordingly, we sustain the 35 U.S.C. § 103(a) rejections of claims 3 and 4. DECISION The rejections of claims 1 and 3—13 are affirmed. No time period for taking any subsequent action in connection with this appeal may be extended under 37 C.F.R. § 1.136(a)(l)(iv). AFFIRMED 6 Copy with citationCopy as parenthetical citation