Vipat, Harshawardhan et al.Download PDFPatent Trials and Appeals BoardAug 24, 20202019001347 (P.T.A.B. Aug. 24, 2020) Copy Citation UNITED STATES PATENT AND TRADEMARK OFFICE UNITED STATES DEPARTMENT OF COMMERCE United States Patent and Trademark Office Address: COMMISSIONER FOR PATENTS P.O. Box 1450 Alexandria, Virginia 22313-1450 www.uspto.gov APPLICATION NO. FILING DATE FIRST NAMED INVENTOR ATTORNEY DOCKET NO. CONFIRMATION NO. 14/998,060 12/24/2015 Harshawardhan Vipat P87221 2550 88032 7590 08/24/2020 Jordan IP Law, LLC 12501 Prosperity Drive, Suite 401 Silver Spring, MD 20904 EXAMINER CHIANG, JASON ART UNIT PAPER NUMBER 2431 NOTIFICATION DATE DELIVERY MODE 08/24/2020 ELECTRONIC Please find below and/or attached an Office communication concerning this application or proceeding. The time period for reply, if any, is set in the attached communication. Notice of the Office communication was sent electronically on above-indicated "Notification Date" to the following e-mail address(es): admin@jordaniplaw.com info@jordaniplaw.com PTOL-90A (Rev. 04/07) UNITED STATES PATENT AND TRADEMARK OFFICE BEFORE THE PATENT TRIAL AND APPEAL BOARD Ex parte HARSHAWARDHAN VIPAT, MANOHAR R. CASTELINO, DONGSHENG ZHANG, and KUO-LANG TSENG Appeal 2019-001347 Application 14/998,060 Technology Center 2400 Before JOHNNY A. KUMAR, JENNIFER S. BISK, and JOHN A. EVANS, Administrative Patent Judges. BISK, Administrative Patent Judge. DECISION ON APPEAL1 STATEMENT OF THE CASE Pursuant to 35 U.S.C. § 134(a), Appellant2 appeals from the Examiner’s decision to reject claims 1–25. See Final Act. 1. We have jurisdiction under 35 U.S.C. § 6(b). We REVERSE. 1 Throughout this Decision we have considered the Specification filed December 24, 2015 (“Spec.”), the Final Office Action mailed March 8, 2018 (“Final Act.”), the Appeal Brief filed July 25, 2018 (“Appeal Br.”), the Examiner’s Answer mailed October 1, 2018 (“Ans.”), and the Reply Brief filed November 30, 2018 (“Reply Br.”). 2 We use the term “Appellant” to refer to “applicant” as defined in 37 C.F.R. § 1.42. Appellant identifies the real party in interest as Intel Corporation. Appeal Br. 3. Appeal 2019-001347 Application 14/998,060 2 CLAIMED SUBJECT MATTER The claims are directed to data security, specifically kernel runtime integrity using processor assists. Claim 1, reproduced below, is illustrative of the claimed subject matter: 1. A system comprising: a system processor; and a hypervisor, implemented at least partly in one or more of configurable logic or fixed functionality logic hardware, including an extension monitor engine to: locate operating system (OS) kernel information and user mode code in physical memory based on state information stored in a processor data structure, wherein the kernel information is to include kernel code, kernel page table mappings, and kernel read only data; specify permissions for the kernel information and the user mode code in an extended page table; and switch, in accordance with the permissions, between view instances of the extended page table in response to one or more hardware virtualization exceptions, wherein the extension monitor engine operates in a special privilege mode that is more restrictive than a kernel mode and does not require modification to the operating system. Appeal Br. 19 (Claims App.) (emphasis added). Appeal 2019-001347 Application 14/998,060 3 REFERENCES The prior art relied upon by the Examiner is: Name Reference Date Anderson US 2006/0130060 A1 June 15, 2006 Mo US 2010/0037243 A1 Feb. 11, 2010 Hakewill US 2012/0079479 A1 Mar. 29, 2012 Aasheim US 2012/0317568 A1 Dec. 13, 2012 Heo US 2013/0132695 A1 May 23, 2013 Wang US 2015/0269031 A1 Sept. 24, 2015 REJECTIONS Claims 1, 8, 9, 16, 17, and 24 are rejected under 35 U.S.C. § 103 as being unpatentable over Heo and Hakewill. Final Act. 2–6. Claims 2, 10, 18, and 25 are rejected under 35 U.S.C. § 103 as being unpatentable over Heo, Hakewill, and Wang. Final Act. 6–7. Claims 3, 11, and 19 are rejected under 35 U.S.C. § 103 as being unpatentable over Heo, Hakewill, and Aasheim. Final Act. 7–8. Claims 4, 12, and 20 are rejected under 35 U.S.C. § 103 as being unpatentable over Heo, Hakewill, and Mo. Final Act. 8–9. Claims 5–7, 13–15, and 21–23 are rejected under 35 U.S.C. § 103 as being unpatentable over Heo, Hakewill, and Anderson. Final Act. 9–12. OPINION We review the appealed rejections for error based upon the issues identified by Appellant, and in light of the arguments and evidence produced thereon. Ex parte Frye, 94 USPQ2d 1072, 1075 (BPAI 2010) (precedential). To the extent Appellant has not advanced separate, substantive arguments for particular claims, or other issues, such arguments are waived. 37 C.F.R. § 41.37(c)(1)(iv) (2017). Appeal 2019-001347 Application 14/998,060 4 We have considered all of Appellant’s arguments and any evidence presented. We highlight and address specific findings and arguments for emphasis in our analysis below. Rejection of Claims 1, 8, 9, 16, 17, and 24 under 35 U.S.C. § 103 The Examiner rejects claims 1, 8, 9, 16, 17, and 24 as obvious over Heo and Hakewill. Final Act. 2–6. In particular, the Examiner points to Heo as teaching or suggesting “wherein the extension monitor engine operates in a special privilege mode that is more restrictive than a kernel mode and does not require modification to the operating system” (“the special privilege mode limitation”) as recited by claim 1. Final Act. 4–5 (quoting Heo ¶¶ 12, 39, 42, 71). Independent claims 9, 17, and 24 recite substantively similar limitations. Appeal Br. 20–22 (Claims App.). Appellant argues that neither Heo nor Hakewill teaches or suggests the special privilege mode limitation. Appeal Br. 11–14. According to Appellant, “both Heo and Hakewill only disclose guest kernel, root kernel and root user privilege modes,” but not a special privilege mode that is more restrictive than a kernel mode. Id. at 12. In particular, Appellant notes that Heo discloses three “privilege layers that define virtualization modes, and determines read/write privileges for a currently operating process based on which of the three virtualization modes a process is executed by/in.” Id. at 12–13 (citing Heo ¶¶ 27–31, 39–52). The Examiner responds that “Heo discloses that in the case of systems only having the privileged mode and the unprivileged mode, the VMM [(“Virtual Machine Monitor”)] is executed in the privileged mode” and “if a process that is currently being executed by a processor is a VMM, that is, in the VMM mode, the VMM must be able to read and write data from and to Appeal 2019-001347 Application 14/998,060 5 all the VMM domain, the VM kernel domain and the VM user domain.” Ans. 13 (citing Heo ¶ 12). The Examiner adds that “[d]ata can be read from and written to the VMM domain in the privileged mode, and an access to the VMM domain is not permitted in the unprivileged mode.” Id. (citing Heo ¶¶ 39–42). We agree with Appellant that the Examiner does not sufficiently explain, nor is it clear from the cited portions of Heo, that the VMM “operates in a special privilege mode that is more restrictive than a kernel mode” as recited by claim 1. The Specification describes “kernel mode level 120” as operating at a privileged level (referred to as “Ring 0” level), which allows only approved code to have access to certain memory. Spec. ¶¶ 10– 11. In contrast, the Specification describes a special privilege mode that operates at a higher security level (referred to as “Ring -1”) than kernel mode allowing a security program to monitor and control access by the kernel to key resources, such as certain memory. Id. Fig. 2C, ¶¶ 8–9, 14–15. The Examiner does not explain how Heo, which discloses its VMM operating in a typical kernel mode (see Heo ¶¶ 12, 39, 42), teaches or suggests a privilege mode that is more restrictive than a kernel mode. See Final Act. 4; Ans. 12–14. Nor do we see any such teaching in the cited portions of Heo. See Heo ¶¶ 12, 27–31, 39–52, 71. Accordingly, we are not persuaded that the Examiner has sufficiently shown that the combination of Heo and Hakewill teaches or suggests the special privilege mode limitation. We, therefore, do not sustain the Examiner’s rejection of independent claims 8 and 16, which depend from claims 1 and 9. Appeal 2019-001347 Application 14/998,060 6 Rejections of Claims 2–7, 10–15, 18–23, and 25 under 35 U.S.C. § 103 The Examiner rejects claims 2–7, 10–15, 18–23, and 25, which are dependent from claims 1, 9, 17, and 24, as obvious over Heo and Hakewill additionally combined with either Wang, Aasheim, Mo, or Anderson. Final Act. 6–8. The Examiner relies on the combination of Heo and Hakewill for the inherited limitations. Id. Accordingly, these rejections suffer from the same deficiency as described above for the independent claims. We, therefore, do not sustain the Examiner’s rejections of claims 2–7, 10–15, 18– 23, and 25. CONCLUSION We reverse the Examiner’s rejections. DECISION SUMMARY Claims Rejected 35 U.S.C. § Reference(s)/Basis Affirmed Reversed 1, 8, 9, 16, 17, 24 103 Heo, Hakewill 1, 8, 9, 16, 17, 24 2, 10, 18, 25 103 Heo, Hakewill, Wang 2, 10, 18, 25 3, 11, 19 103 Heo, Hakewill, Aasheim 3, 11, 19 4, 12, 20 103 Heo, Hakewill, Mo 4, 12, 20 5–7, 13– 15, 21–23 103 Heo, Hakewill, Anderson 5–7, 13– 15, 21–23 Overall Outcome 1–25 REVERSED Copy with citationCopy as parenthetical citation
