DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This Office Action is in response to Application No. 16/297,162 filed on 03/08/2019.
Claims 1-20 have been examined and are pending in this application.
Information Disclosure Statement
The information disclosure statements (IDS), submitted on 03/08/2019, 09/12/2019, and 10/08/2020, are in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statements are being considered by the examiner.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
Claim(s) 1-3, 5, 7-12, 14-17, and 19-20 are rejected under 35 U.S.C. 103 as being unpatentable over Beekman et al. (“Improving Cloud Security using Secure Enclaves”, UC Berkley Electronic Thesis and Dissertations, Jan. 1, 2016.) in view of Yi et al. (US 2015/0310427; Hereinafter “Yi”).
Regarding claim 1, Beekman teaches a method to verify compositions in a trusted execution environment (TEE) on an authoring device (Beekman: Fig. 5.1, Section 5.1, The mechanisms described below allow a service to prove to a user what service code will execute on the server enclave.), comprising: 
receiving, at the authoring device, a composition generated on a rich execution environment (REE) on an untrusted computing platform, the composition being generated for utilization on a runtime device (Beekman: Fig. 5.1, Section 5.5, For each service, some entity or a group of entities known as the policy administrator is in charge of verifying the policy for an enclave identity. The policy administrator maintains a private key for each service policy. After verification, the policy administrator signs the enclave code indicating that the policy was met. For example, the EFF could establish a service that audits code for privacy violations and certify complying code by signing it.);  
responsive to the received user input approval, signing the composition using a private key to verify that the composition is trusted (Beekman: Fig. 5.1, Section 5.1, . The policy administrator maintains a private key for each service policy. After verification, the policy administrator signs the enclave code indicating that the policy was met. For example, the EFF could establish a service that audits code for privacy violations and certify complying code by signing it.); and 
delivering the signed composition to a runtime TEE operating on the runtime device where the composition is utilized (Beekman: Fig. 5.1, Section 5.1, The mechanisms described below allow a service to prove to a user what service code will execute on the server enclave.).
Beekman does not explicitly teach using a trusted peripheral device that supports a user interface and is associated with the TEE on the authoring device to expose the composition on the user interface to a user for review; at the trusted peripheral device, receiving user input approving the composition as being trusted.
In an analogous art, Yi teaches a system and method wherein using a trusted peripheral device that supports a user interface and is associated with the TEE on the authoring device to expose the composition on the user interface to a user for review (Yi: Fig. 2, Fig. 3a-3b, Fig. 9a-9b, Para. [0041], Para. [0042], The TEE 130 includes the trusted OS 134 supporting the TEE and the trusted App 132 executed by the trusted OS. The TEE 130 denotes hardware-based Trusted Execution Environment (TEE) technology for logically separating a mobile CPU (AP) of a client terminal such as a smart device into a normal zone (normal world) and a TEE, and for restricting access to the TEE. The TEE and the normal world 110 are logically separated and are implemented to be inaccessible to each other except for the predefined interface 120 and a shared memory, thus enabling communication only via the predefined interface and prohibiting other access. Para. [0044], Since the TEE 130 is logically, completely separated and independently runs in this way, financial information may be securely stored and processed upon performing financial transactions or e-commerce and m-commerce using the client terminal 10. The TEE-based trusted App 132 may implement security authentication and security log-in, generate a transaction-signing OTP proposed in the present invention, and encrypt and store information requiring security, such as certificates. Para. [0045], In particular, the TEE-based trusted App 132 implements a trusted User Interface (Trusted UI) to realize security authentication or security log-in, thus enabling a secure transaction-signing OTP to be generated in the TEE, and securely processing information requiring security, such as a certificate.); at the trusted peripheral device, receiving user input approving the composition as being trusted (Yi: Para. [0069], For example, when the user checks the transaction information and approves the generation of an OTP, the trusted App may automatically generate a transaction-signing OTP at step 560. The client terminal 10 may generate a transaction-signing OTP using part or all of the transaction information received from the push system 50 upon generating the transaction-signing OTP. Para. [0084]-[0087])
It would have been obvious to a person having ordinary skill in the art, before the effective filing date of the claimed invention, to combine the teachings of Yi with the system and method of Beekman to include using a trusted peripheral device that supports a user interface and is associated with the TEE on the authoring device to expose the composition on the user interface to a user for review; at the trusted peripheral device, receiving user input approving the composition as being trusted because this functionality provides enhanced security by preventing screen capture or recording of credentials while providing user approved actions via the trusted user interface (Yi: Para. [0087]). 
Regarding claim 2, Beekman and Yi teaches the method of claim 1, in which the composition is any one of code, data, or policies (Beekman: Fig. 5.1, Section 5.5, For each service, some entity or a group of entities known as the policy administrator is in charge of verifying the policy for an enclave identity. The policy administrator maintains a private key for each service policy. After verification, the policy administrator signs the enclave code indicating that the policy was met. For example, the EFF could establish a service that audits code for privacy violations and certify complying code by signing it.).
Regarding claim 3, Beekman and Yi teaches the method of claim 1, further comprising transforming the composition into human-consumable form and exposing the composition in human-consumable form on the trusted peripheral device (Beekman: Fig. 5.1, Section 5.5, For each service, some entity or a group of entities known as the policy administrator is in charge of verifying the policy for an enclave identity. The policy administrator maintains a private key for each service policy. After verification, the policy administrator signs the enclave code indicating that the policy was met. For example, the EFF could establish a service that audits code for privacy violations and certify complying code by signing it. Sec. 5.1, To address this challenge, we provide several flexible mechanisms to enable users to verify that the service code will meet their needs (x5.5). One option is that the user may rely on a cryptographically signed statement from the secure service developer naming both the service identity and the (user comprehensible) promised behavior. Section 5.5, For each service, some entity or a group of entities known as the policy administrator is in charge of verifying the policy for an enclave identity. The policy administrator maintains a private key for each service policy. After verification, the policy administrator signs the enclave code indicating that the policy was met.).
Regarding claim 5, Beekman and Yi teaches the method of claim 1, further comprising transforming the composition into machine-consumable form for delivery to and ingestion by the runtime device (Beekman: Fig. 5.1, Sec. 5.5, The policy administrator maintains a private key for each service policy. After verification, the policy administrator signs the enclave code indicating that the policy was met. For example, the EFF could establish a service that audits code for privacy violations and certify complying code by signing it. When a system runs such a signed enclave, it will issue attestation statements of the form A(Isigner : Ienclave;Kserver). [code is transformed via signing and signed code is machine readable by system running the signed enclave]).
Regarding claim 7, Beekman and Yi teaches the method of claim 1, in which the trusted peripheral device includes a security device unique to an authorized user to approve the composition, and the security device includes a fingerprint scanner, retina scanner, keypad for a personal identification number (PIN), near-field communication (NFC) receiver, or a keyboard for an alpha-numeric password (Yi: Para. [0052], The trusted UI 136 is used for an OTP PIN number entry screen and an OTP generation result screen, so that even OTP generation values may be securely protected from a risk of hacking via a trusted UI screen after the PIN number has been authenticated. Para. [0085], In the present embodiment, the trusted UI is used for an OTP Personal Identification Number (PIN) input screen 920 and an OTP generation result screen 930. After the PIN has been authenticated, even an OTP generation value may be securely protected from a risk of hacking via the trusted UI screen.).
Regarding claim 8, Beekman and Yi teaches the method of claim 1, in which the trusted peripheral device is configured with limited functionality of outputting the composition and receiving approval or denial input from a user, wherein limited functionality includes prohibiting editing, augmenting, or modification of compositions (Yi; Fig. 9a-9b, Para. [0086], When a trusted UI 136 is executed and the trusted screen is executed, all operations in the normal world are temporarily stopped, and an application in the TEE based on a separate OS (that is, a trusted OS) runs, and thus an attacker's access itself is blocked. In this case, with the exception of a keypad for entry, even hardware control keys such as a home button or a back button are not operated, thereby preventing hardware-based data transmission caused by a capture or recording. The trusted UI may be implemented such that, in order to return to the normal world, only a SW back button provided by the trusted UI may be used. Para. [0081]-[0085], Para. [0087]).
Regarding claim 9, Beekman and Yi teaches the method of claim 1, in which the private key is associated with a trusted platform module (TPM) of the TEE, and the private key is unique to the TPM (Beekman: Sec. 4.5, A small untrusted driver program provides the secure enclave with TCP and Redis connectivity, and relays TPM commands. Our test setup hosts the service on a dual-core Intel Core i5-6200U with hyper-threading and a 128MB EPC size.3 All requests where performed over a 1Gbit network connection. The TPM used is an Intel Platform Trust Technology TPM. Sec. 4.4, For an RSA EK, this means encrypting some key with the EK, for an EC EK, this means performing EC Diffie-Hellman. The exchanged symmetric key is then used to encrypt and MAC TPM commands.).
Regarding claims 10-12, claims 10-12 are rejected under the same rational as claims 1-3, respectively. 
Regarding claim 14, claim 14 is rejected under the same rational as claim 5.
Regarding claims 15-17, claims 15-17 are rejected under the same rational as claims 1-3, respectively. 
Regarding claim 19, claim 19 is rejected under the same rational as claim 8.
Regarding claim 20, claim 20 is rejected under the same rational as claim 8.

Claim(s) 4, 13, and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Beekman et al. (“Improving Cloud Security using Secure Enclaves”, UC Berkley Electronic Thesis and Dissertations, Jan. 1, 2016.) in view of Yi et al. (US 2015/0310427; Hereinafter “Yi”) and further in view of Couillard et al. (US 2019/0272162; Hereinafter “Couillard”) and further in view of Qureshi (US 2015/0199515).
Regarding claim 4, Beekman and Yi teaches the method of claim 1.  Beekman and Yi does not explicitly teach further comprising: forwarding the composition to a remote service, wherein the remote service is configured with a decompiler to transform 
In an analogous art, Couillard teaches further comprising: forwarding the composition to a remote service, wherein the remote service is configured to transform the composition into human-consumable form; (Couillard: Para. [0073], The systems and methods described herein provide, in accordance with different embodiments, different examples in which a computer readable code (e.g. source code) can be compiled, assembled and/or stored in a secure digital processing environment so to preserve the integrity and security of the source code, and so to produce computer executable code in that secure environment that can then be deployed for execution or implementation on a distinct (e.g. remote or distributed) digital processing environment. Para. [0081], In general, given source code 14 (e.g. source code version) will be compiled by a secure compiler 16 to produce a series of unique machine readable code instances 18.); and receiving the transformed composition from the remote service for exposure on the trusted peripheral device (Couillard: Para. [0073], The systems and methods described herein provide, in accordance with different embodiments, different examples in which a computer readable code (e.g. source code) can be compiled, assembled and/or stored in a secure digital processing environment so to preserve the integrity and security of the source code, and so to produce computer executable code in that secure environment that can then be deployed for execution or implementation on a distinct (e.g. remote or distributed) digital processing environment. Para. [0082], Once a particular instance is ready for deployment (i.e. at t=T), a deployment engine or appliance 20, which may take the form of and/or include a network security appliance, a hardware security module (HSM), network-attached HSM and/or other like appliances, will deploy the instance via a (secure) network interface to a target runtime environment 22, for instance within a cloud or network-based environment 24.)
It would have been obvious to a person having ordinary skill in the art, before the effective filing date of the claimed invention, to combine the teachings of Couillard with the system and method of Beekman and Yi to include further comprising: forwarding the composition to a remote service, wherein the remote service is configured to transform the composition into human-consumable form; and receiving the transformed (Couillard: Para. [0081]). 
Beekman, Couillard, and Yi does not explicitly teach wherein the remote service is configured with a decompiler to transform the composition into human-consumable form.  
In an analogous art, Qureshi teaches wherein the remote service is configured with a decompiler to transform the composition into human-consumable form (Qureshi: Para. [0118], As seen in FIG. 8, the method may begin in step 805, in which the application may be decompiled into decompiled code. For example, in step 805, the application store may decompile the application to be analyzed into decompiled code. In some instances, to decompile the application, the application store may utilize and/or invoke one or more functions that may be provided via an application management framework and/or via one or more application programming interfaces (APIs) to decompile an application. Additionally or alternatively, the application store software may include a decompiler (and/or may access an external decompiler) that may be used in step 805 in translating program code associated with the application into the decompiled code (which may, e.g., include human-readable source code or substantially human-readable source code). In one or more arrangements, in decompiling the application, the application store may generate source code for the application that may be expressed in one or more programming languages that the application store is able to parse (e.g., Java, C++, etc.).)
It would have been obvious to a person having ordinary skill in the art, before the effective filing date of the claimed invention, to combine the teachings of Qureshi with the system and method of Beekman, Yi, and Couillard to include wherein the remote service is configured with a decompiler to transform the composition into human-consumable form because this functionality of decompilation is simply opposite of compiling code and would be readily implementable by a person having ordinary skill in (Qureshi: Para. [0118]). 
Regarding claim 13, Claim 13 is rejected under the same rational as claim 4.
Regarding claim 18, Claim 18 is rejected under the same rational as claim 4.

Claim(s) 6 is rejected under 35 U.S.C. 103 as being unpatentable over Beekman et al. (“Improving Cloud Security using Secure Enclaves”, UC Berkley Electronic Thesis and Dissertations, Jan. 1, 2016.) in view of Yi et al. (US 2015/0310427; Hereinafter “Yi”) and further in view of Couillard et al. (US 2019/0272162; Hereinafter “Couillard”) .
Regarding claim 6, Beekman and Yi teaches the method of claim 1.  Beekman and Yi does not explicitly teach further comprising: forwarding the composition to a remote service, wherein the remote service is configured with a compiler to transform the composition into machine-consumable form; and receiving the transformed composition from the remote service for delivery to and ingestion by the runtime device. 
In an analogous art, Couillard teaches further comprising: forwarding the composition to a remote service, wherein the remote service is configured with a compiler to transform the composition into machine-consumable form (Couillard: Para. [0073], The systems and methods described herein provide, in accordance with different embodiments, different examples in which a computer readable code (e.g. source code) can be compiled, assembled and/or stored in a secure digital processing environment so to preserve the integrity and security of the source code, and so to produce computer executable code in that secure environment that can then be deployed for execution or implementation on a distinct (e.g. remote or distributed) digital processing environment. Para. [0081], In general, given source code 14 (e.g. source code version) will be compiled by a secure compiler 16 to produce a series of unique machine readable code instances 18.); and receiving the transformed composition from the remote service for delivery to and ingestion by the runtime device (Couillard: Para. [0073], The systems and methods described herein provide, in accordance with different embodiments, different examples in which a computer readable code (e.g. source code) can be compiled, assembled and/or stored in a secure digital processing environment so to preserve the integrity and security of the source code, and so to produce computer executable code in that secure environment that can then be deployed for execution or implementation on a distinct (e.g. remote or distributed) digital processing environment. Para. [0082], Once a particular instance is ready for deployment (i.e. at t=T), a deployment engine or appliance 20, which may take the form of and/or include a network security appliance, a hardware security module (HSM), network-attached HSM and/or other like appliances, will deploy the instance via a (secure) network interface to a target runtime environment 22, for instance within a cloud or network-based environment 24.)
It would have been obvious to a person having ordinary skill in the art, before the effective filing date of the claimed invention, to combine the teachings of Couillard with the system and method of Beekman and Yi to include further comprising: forwarding the composition to a remote service, wherein the remote service is configured with a compiler to transform the composition into machine-consumable form; and receiving the transformed composition from the remote service for delivery to and ingestion by the runtime device because this functionality provides enhanced security against adversaries such as potential reverse engineering attacks of compiled code when transmitting data from a remote location (Couillard: Para. [0081]). 
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Nelson Giddins whose telephone number is (571)272-7993.  The examiner can normally be reached on Monday - Friday, 9:00 AM - 5:00 PM.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kristine Kincaid can be reached at (571) 272-4063.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for 

/NELSON S. GIDDINS/            Primary Examiner, Art Unit 2437