14679145 (P.T.A.B. Sep. 28, 2018)

Ex Parte Zimmer et al

Patent Trial and Appeal BoardSep 28, 2018

14679145 (P.T.A.B. Sep. 28, 2018)

UNITED STA TES p A TENT AND TRADEMARK OFFICE APPLICATION NO. FILING DATE 14/679,145 04/06/2015 47795 7590 10/02/2018 TROP, PRUNER & HU, P.C. 1616 S. VOSS RD., SUITE 750 HOUSTON, TX 77057-2620 FIRST NAMED INVENTOR Vincent J. Zimmer UNITED STATES DEPARTMENT OF COMMERCE United States Patent and Trademark Office Address: COMMISSIONER FOR PATENTS P.O. Box 1450 Alexandria, Virginia 22313-1450 www .uspto.gov ATTORNEY DOCKET NO. ITL.0898C2US (Pl4854C2) CONFIRMATION NO. 7079 EXAMINER PAN, PEILIANG ART UNIT PAPER NUMBER 2492 NOTIFICATION DATE DELIVERY MODE 10/02/2018 ELECTRONIC Please find below and/or attached an Office communication concerning this application or proceeding. The time period for reply, if any, is set in the attached communication. Notice of the Office communication was sent electronically on above-indicated "Notification Date" to the following e-mail address(es): tphpto@tphm.com Inteldocs _ docketing@cpaglobal.com PTOL-90A (Rev. 04/07) UNITED STATES PATENT AND TRADEMARK OFFICE BEFORE THE PATENT TRIAL AND APPEAL BOARD Ex parte VINCENT J. ZIMMER, BRYANT E. BIGBEE, ANDREW J. FISH, and MARKS. DORAN Appeal2018-003181 Application 14/679, 145 1 Technology Center 2400 Before ERIC B. CHEN, MATTHEW R. CLEMENTS, and SCOTT E. BAIN, Administrative Patent Judges. BAIN, Administrative Patent Judge. DECISION ON APPEAL Appellants appeal under 35 U.S.C. Â§ 134(a) from the Examiner's Final Rejection of claims 1-33, which constitute all claims pending in the application. We have jurisdiction under 35 U.S.C. Â§ 6(b ). We AFFIRM-IN-PART. 1 Appellants identify Intel Corporation as the real party in interest. App. Br. 3. Appeal2018-003181 Application 14/679,145 STATEMENT OF THE CASE The Claimed Invention Appellants' invention relates to providing a secure "pre-boot environment" in a computer system. Spec. ,r 2. As the Specification explains, a pre-boot environment starts when a computer system is re- started, includes an initialization process controlled by non-volatile firmware, and ends when the system communicates with the user. Spec. ,r,r 2-5. A pre-boot environment typically includes few or no security measures, e.g., measures to attest the computing platform as "trusted" to the operating system (OS). Id. at ,r 5. In an embodiment disclosed in the Specification, upon entering a pre-boot environment the firmware first determines whether the central processing unit (CPU) is "security enabled," i.e., can accommodate a secure pre-boot mode. Id. at ,r 10. If so, the initialization process adds features to increase the security of the pre-boot environment. Id. at ,r,r 22--40. The features added to the pre-boot environment may generate platform information that confirms the integrity of the platform, e.g., generate an attestation log or root key of the platform. Id. at ,r,r 22-27. Claims 1, 10, 20, and 29 are independent. Claim 1 is illustrative of the invention and the subject matter on appeal, and reads as follows: 1. A method comprising: providing control to firmware responsive to a power-up event in a computer system; establishing a secure pre-boot environment in response to a determination that a processor in said system is security enabled; 2 Appeal2018-003181 Application 14/679,145 generating a digest including information about the computer system in the secure pre-boot environment; and initializing said processor before a trusted operating system is loaded in said system. App. Br. 15 (Claims App.) (emphasis added). The Re} ections on Appeal Claims 1, 10, 19, 20, and 25-33 stand rejected under 35 U.S.C. Â§ I03(a) as being unpatentable over Chen et al. (U.S. 7,779,267 B2; iss. Aug. 17, 2010) ("Chen") and Freeman et al. (U.S. 2002/0174342 Al; publ. Nov. 21, 2002) ("Freeman"). Final Act. (March 30, 2017) 2---6. Claims 2, 7, 8, 11, 16, 21, and 22 stand rejected under 35 U.S.C. Â§ I03(a) as being unpatentable over Chen, Freeman, and Compaq Computer Corporation, Hewlett-Packard Company, IBM Corporation, Intel Corporation, Microsoft Corporation "TCP A PC Specific Implementation Specification," version 1.0, September 9, 2001 ("TCPA"). Final Act. 6-7. Claims 3, 6, 12, and 15 stand rejected under 35 U.S.C. Â§ I03(a) as being unpatentable over Chen, Freeman, TCP A, and Hardy et al. (US 6,219,420 Bl; iss. Apr. 17, 2001) ("Hardy"). Final Act. 7-8. Claims 4, 5, 9, 13, 14, 23, and 24 stand rejected under 35 U.S.C. Â§ I03(a) as being unpatentable over Chen, Freeman, TCPA, and Angelo et al. (US 6,581,162 B 1; iss. June 17, 2003) ("Angelo"). Final Act. 8-9. Claims 17 and 18 stand rejected under 35 U.S.C. Â§ I03(a) as being unpatentable over Chen, Freeman, TCP A, and Karpuszka et al. (US 6,701,480 Bl; iss. Mar. 2, 2004) ("Karpuszka"). Final Act. 9. 3 Appeal2018-003181 Application 14/679,145 ANALYSIS We have reviewed the Examiner's rejections in light of Appellants' arguments presented in this appeal. Arguments which Appellants could have made but did not make in the Briefs are deemed to be waived. See 37 C.F.R. Â§ 4I.37(c)(l)(iv). On the record before us, we are persuaded the Examiner erred in rejecting dependent claims 6 and 15. We are not persuaded of error, however, regarding the remaining claims 1-5, 7-14, and 16-33. As to these remaining claims, we adopt as our own the findings and reasons set forth in the rejections from which the appeal is taken and in the Examiner's Answer, and provide the following discussion for highlighting and emphasis. Obviousness Rejection of Claims 1, 10, 19, 20, and 25-33 over Chen and Freeman Appellants argue the Examiner erred in finding Freeman teaches or suggests "establish[ing] a secure pre-boot environment in response to a determination that a processor ... is security enabled," as recited in claim 1. App. Br. 10; Reply Br. 1. Specifically, Appellants argue the Examiner erred in relying on Figure 2 of Freeman, which Appellants contend does not teach both "establish[ing] a secure pre-boot environment" and making any determination regarding security "enable[ment]." Id. Appellants arguments, however, do not persuade us of error. Figure 2 of Freeman is reproduced below. 4 Appeal2018-003181 Application 14/679,145 Figure 2 is a flow diagram depicting method steps "for setting a secure computer environment." Freeman ,r,r 1, 9. The steps include setting an "S- latch" ("sticky latch") at step 204. As the Examiner finds, Figure 2 teaches using an S-latch to "ensur[e] a secure computing environment." Id. at ,r,r 1, 5, 15 ( emphasis added). The "S-latch" ensures the pre-boot environment does not execute In Circuit Emulator ("ICE") commands unless intended. Id. at ,r 19; Fig. 2. As the Examiner further finds, the step of setting the S-latch (Fig. 2, 205) is a precondition of executing the remaining BIOS code (Fig. 2, 206) and instructions (Fig. 2, 207 or 209). Id. at ,r 19; Fig. 2. Moreover, at the determination step (Fig. 2, 208), the selection of the S-latch will either 5 Appeal2018-003181 Application 14/679,145 preclude or permit executing of ICE commands at steps 207 and 209, respectively. 2 Id. Accordingly, we, like the Examiner, find Freeman teaches a process that is guided both by whether the S-latch is set (Fig. 2, 205) and how the S-latch is set (Fig 2, 208). Id. We, therefore, agree with the Examiner's findings that Freeman teaches both "establish[ing] a secure pre-boot environment" and doing so "in response to a determination that a processor . . . is security enabled," as recited in claim 1. Ans. 4--5. For the foregoing reasons, we are not persuaded the Examiner erred in rejecting claim 1. Appellants' arguments regarding independent claims 10, 20, and 29 are redundant to claim 1, and we are not persuaded of error for the same reasons. Dependent claims 19, 25-28, and 30-33 are not argued separately. Accordingly, we sustain the obviousness rejection of claims 1, 10, 19, 20, and 25-33. Obviousness Rejection of Claims 2, 7, 8, 11, 16, 21, and 22 over Chen, Freeman, and TCP A Appellants do not argue dependent claims 7, 8, 16, and 22 separately from their respective independent claims. App. Br. 12. For the same 2 Freeman teaches setting the S-latch controls the pre-boot environment so as to prevent unintended executing of ICE commands, i.e., renders the system "security enabled" by preventing unwanted access by an ICE unit. Freeman ,r,r 3--4, 16. Confirming the S-latch is set (Fig. 2, 205) as a precondition of commencing the pre-boot environment (Fig. 2, 206) ensures that this control is in place, i.e., it "establish[es] a secure pre-boot environment" because only intended ICE commands (if any) will be executed. Id. 6 Appeal2018-003181 Application 14/679,145 reasons discussed above, we are not persuaded the Examiner erred in rejecting claims 7, 8, 16, and 22. Regarding dependent claims 2, 11, and 21, Appellants argue the Examiner erred in finding Chen, Freeman, and TCP A teach or suggest (i) operations performed "while in the pre-boot environment" and (ii) "releasing [of a] root key to the computer system only while in the secure pre-boot environment." App. Br. 12; Reply Br. 2-3. Appellants contend these limitations are "[not] even mentioned in the Final Rejection." App. Br. 12. Appellants further contend the Examiner does not identify any teaching in Freeman that requires "the secret in the fixed token is stored 'while in the pre-boot environment' or [of] 'releasing the root key to the computer system only while in the secure pre-boot environment."' Reply Br. 2-3. We, however, are not persuaded of error. First, contrary to Appellants' arguments, the record reflects that the Examiner has explained the bases of the rejections and findings as to each limitation. The Examiner finds Chen teaches the claimed "operations" performed "while in the pre-boot environment" and TCP A teaches the claimed "fixed" token. Final Act. 6 ( citing Chen col. 2, 1. 8; col. 7, 1. 59; col. 8, 11. 4--19; TCPA 13, Â§ 1.3.6.1.2). Further, the Examiner finds the combination of Freeman and TCP A, as further discussed below, teaches "releasing the root key to the computer system only while in the secure pre-boot environment." Ans. 6-7. We also are not persuaded by Appellants' argument that the Examiner erred in relying on Freeman. Reply Br. 2-3. Contrary to Appellants' argument, the Examiner relies not on Freeman alone, but on the combination 7 Appeal2018-003181 Application 14/679,145 of Freeman and TCP A as teaching or suggesting the disputed "root key" limitation. Ans. 6-7. Specifically, as the Examiner finds, TCP A teaches releasing of a root key. Id. The Examiner further finds it would have been obvious to perform this release in a secure pre-boot environment because Freeman teaches "performing a task, such as executing BIOS code, only while in the secure pre-boot environment." Id. Thus, the Examiner determined it would have been obvious to release a root key to a secure pre-boot environment because TCP A teaches releasing of a root key when BIOS code is executed, and Freeman teaches executing of BIOS code in a secure pre-boot environment. Id.; see also TCP A Â§ 1 ("Specifically, this document defines: ... How the BIOS, or a component thereof, functions as the Core Root of Trust for Measurement (CRTM)."). Appellants do not identify the alleged error in any of these findings, and we discern none on this record. See In re Keller, 642 F.2d 413,426 (CCPA 1981) ("one cannot show non-obviousness by attacking references individually where, as here, the rejections are based on combinations of references."). Accordingly, we are not persuaded the Examiner erred in rejecting claims 2, 11, and 21. For the foregoing reasons, we sustain the obviousness rejection of claims 2, 7, 8, 11, 16, 21, and 22. Obviousness Rejection of Claims 4, 5, 9, 13, 14, 23, and 24 over Chen, Freeman, TCP A, and Angelo Appellants do not argue dependent claims 4, 9, 13, 23, and 24 separately from their respective independent claims. App. Br. 13-14. For the same reasons discussed above, we are not persuaded the Examiner erred in rejecting claims 4, 9, 13, 23, and 24. 8 Appeal2018-003181 Application 14/679,145 Regarding dependent claims 5 and 14, Appellants argue the Examiner erred in finding Angelo teaches or suggests operations performed via a "system management command." App. Br. 14; Reply Br. 2. Specifically, Appellants contend the Examiner finds Angelo discloses a system management interrupt (SMI), but that claims 5 and 14 have "nothing to do with a [SMI]." App. Br. 14. In the Reply Brief, Appellants concede the claimed system management command may be an SMI, but contend that Angelo fails to teach the system management command secures a base address. Reply Br. 2. We, however, are not persuaded of error. The Examiner relies not on Angelo alone, but on the combination of Freeman and Angelo as teaching or suggesting the limitations of claims 5 and 14. As the Examiner finds, Angelo teaches an SMI for accessing an address space that is separate from ordinary memory, and thus is secure. Ans. 11 ( citing Angelo col. 4, 11. 65-66; col. 8, 11. 11-22); Final Act. 8 (further citing Angelo col. 3, 11. 5-16); see also Angelo col. 10, 11. 33--44 ( summarizing the disclosure). The Examiner further finds it would have been obvious to implement such a secure, system management base address for the secure operations of Freeman's pre-boot environment. Ans. 11. Thus, the Examiner determined it would have been obvious to implement a secure address space that is accessed by an SMI in view of Angelo, and utilized for a pre-boot environment in view of Freeman. Appellants do not identify the alleged error in any of these findings, and we discern none on this record. See In re Keller, 642 F .2d at 426. 9 Appeal2018-003181 Application 14/679,145 Accordingly, we are not persuaded the Examiner erred in rejecting dependent claims 5 and 14. For the foregoing reasons, we sustain the obviousness rejection of claims 4, 5, 9, 13, 14, 23, and 24. Obviousness Rejection of Claims 3, 6, 12, and 15 over Chen, Freeman, TCPA, and Hardy Appellants do not argue dependent claims 3 and 12 separately from their independent claims. App. Br. 13. For the same reasons discussed above, we are not persuaded the Examiner erred in rejecting claims 3 and 12, and we sustain the obviousness rejection of those claims. Regarding dependent claims 6 and 15, Appellants argue the Examiner erred in finding the prior art teaches or suggests a "system management interrupt" in a "virtual machine." App. Br. 13; Reply Br. 2. In the Answer, the Examiner finds "Angelo discloses 'system management interrupt'" and "Chen discloses a 'virtual machine."' Ans. 9. Angelo, however, was not part of the rejection from which Appellants appeal. Final Act. 7-8. The Examiner rejected claims 6 and 15 as obvious over Chen, Freeman, TCP A, and Hardy. Id. Accordingly, because the Examiner now acknowledges reliance on Angelo (rather than Chen, Freeman, TCPA, and/or Hardy) as teaching one of the limitations in claims 6 and 15, we are persuaded of error in the rejection that is before us. See In re Hoch, 428 F.2d 1341, 1342 n.3 (CCPA 1970) (reference relied upon to support a rejection should be "positively include[d] ... in the statement of the rejection."). We, therefore, do not sustain the obviousness rejection of claims 6 and 15 over Chen, Freeman, TCP A, and Hardy. 10 Appeal2018-003181 Application 14/679,145 Obviousness Rejection of Claims 17 and 18 over Chen, Freeman, TCP A, and Karpuszka Appellants do not argue dependent claims 1 7 and 18 separately from the independent claims. App. Br. 14. For the same reasons discussed above, we are not persuaded the Examiner erred in rejecting claims 17 and 18. We, therefore, sustain the obviousness rejection of claims 17 and 18. DECISION We affirm the Examiner's decision rejecting claims 1-5, 7-14, and 16-33. We reverse the Examiner's decision rejecting claims 6 and 15. No time period for taking any subsequent action in connection with this appeal may be extended under 37 C.F.R. Â§ 1.136(a)(l). See 37 C.F.R. Â§ 41.50(Â±). AFFIRMED-IN-PART 11