Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .  Claims 1, 9 and 14 are amended.  Claims 2, 4 and 13 are canceled.  Claims 1, 9 and 14 are amended.   Claims 1, 3, 5-12 and 14-16 are pending.

Response to Arguments
2.	Applicant's arguments filed on 12/3/2020 have been fully considered but they are not persuasive.  In Fig. 2 and Fig. 3, Dekker illustrated the different elements of the amended feature including the hardware modules.  Dekker also mentions the use of a mixture of software and hardware for shielding keys and cryptographic operations (see paragraph 0014). Fig. 2 illustrated a data bus interface with the hardware device. Thus, the second interface dedicated to the structure of the hardware device would have been obvious in order to achieve the mixture of software and hardware for shielding the keys and the cryptographic operations.  

Claim Rejections - 35 USC § 103
3.	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

 	Claims 1, 3, 5-12 and 14-16 are rejected under 35 U.S.C. 103 as being unpatentable over Dekker et al. (U.S. Patent Application Publication No. 2017/0118018, hereinafter Dekker).
With respect to claim 1, Dekker discloses a data processing device, comprising: at least one computing device; a memory device; a hardware security module; and at least one cryptography (e.g. Dekker, paragraph 0030, “Fig. 3 shows a chip 300 for performing cryptographic operations…the chip comprises an interface module 310, a key storage module 320, a rule storage module 330 and a cryptographic module 340…”; paragraph 0031, “The interface module 310 effectively controls operations involving the key storage module 320, the rule storage module 330 and the cryptographic module 340…”); and 
 	A first data bus for exchanging data among the at least one computing device, the memory device, the hardware security module, and the at least one cryptography module, wherein the at least one cryptography module includes a first data interface for exchanging data via the first data bus, wherein the at least one cryptography module includes a second data interface for directly exchanging data with the hardware security module (e.g. Dekker, Fig. 2, bus (16bits), Custom Hardware, also see paragraph 0008, customer hardware modules in the secured processor module 210; paragraph 0014, “a mixture of software and hardware shielding keys and cryptographic operations”; Paragraph 0015, “there is provided a chip for performing cryptographic operations. The chip comprises a key storage module…an interface module (first interface) and a cryptographic module”).
 	Although Dekker does not explicitly mention a second interface, Dekker discloses a customer hardware module in the secured processor module interface the data bus (see Fig. 2 and paragraph 0008).  Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to provide a separate interface module dedicated to the structure of the hardware device in order to achieve the mixture of software and hardware for shielding keys and cryptographic operations (paragraph 0014).

With respect to claim 5, Dekker discloses the data processing device as recited in claim 1, wherein the at least one cryptography module includes at least one of the following components: a primary cryptography unit for carrying out at least one first cryptographic function, a processing unit, a key memory device for at least temporarily storing cryptographic keys, an interrupt request control unit, a rule monitoring unit, a control register, a status register, and data buffers (e.g. Dekker, paragraph 0030).

 	With respect to claim 6, Dekker does not explicitly mention the data processing device as recited in claim 5, wherein the processing unit includes a comparator unit for carrying out at least one second cryptographic function (e.g. Dekker, paragraph 0033).   

 	With respect to claim 7, Dekker discloses the data processing device as recited in claim 5, wherein the first cryptographic function includes at least one of the following elements: 
 	a) AES algorithm, b) CMAC, Cipher-Based Message Authentication Code, c) ECB, Electronic code book mode, d) CBC, Cipher block chaining mode, e) CTR, Counter mode, f) OFB, Output feedback mode, g) CFB, Cipher feedback mode, and h) GCM, Galois counter mode (e.g. Dekker, paragraph 0047). 

	With respect to claim 9, Dekker discloses a method for operating a data processing device, the data processing device (100) including at least one computing device, a memory device, a hardware security module, and at least one cryptography module, the method comprising: carrying out, by the cryptography module, at least one first cryptographic function (e.g. Dekker, paragraph 0030, “Fig. 3 shows a chip 300 for performing cryptographic operations…the chip comprises an interface module 310, a key storage module 320, a rule storage module 330 and a cryptographic module 340…”; paragraph 0031, “The interface module 310 effectively controls operations involving the key storage module 320, the rule storage module 330 and the cryptographic module 340…”).

 	With respect to claim 12, Dekker discloses the method as recited in claim 9, wherein the first cryptographic function includes at least one of the following elements:
a) AES algorithm, b)  CMAC, Cipher-Based Message Authentication Code, c)  ECB, Electronic code book mode, d)  CBC, Cipher block chaining mode, e)  CTR, Counter mode, f)  OFB, Output feedback mode, g)  CFB, Cipher feedback mode, and h)  GCM, Galois counter mode (e.g. Dekker, paragraph 0047).

With respect to claim 14, Dekker discloses a control unit, comprising: at least one data processing device that includes: at least one computing device; a memory device; a hardware security module; and at least one cryptography module (e.g. Dekker, paragraph 0030, “Fig. 3 shows a chip 300 for performing cryptographic operations…the chip comprises an interface module 310, a key storage module 320, a rule storage module 330 and a cryptographic module 340…”; paragraph 0031, “The interface module 310 effectively controls operations involving the key storage module 320, the rule storage module 330 and the cryptographic module 340…”). . 

With respect to claim 15, Dekker discloses the data processing device as recited in claim 1, wherein the data processing device is for a control unit (e.g. Dekker, paragraph 0032).

 With respect to claim 16, Dekker discloses the method as recited in claim 9, wherein the data processing device is for a control unit (e.g. Dekker, paragraph 0032).
	
 				Claim Rejections - 35 USC § 103
4.	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
 	Claims 10 and 11 are rejected under 35 U.S.C. 103 as being unpatentable over Dekker. 
With respect to claim 10, Dekker does not explicitly disclose the method as recited in claim 9, wherein the cryptography module carries out the first cryptographic function in parallel to an operation of the hardware security module. 
 	However, Dekker discloses the cryptographic module is operatively coupled to the interface module so as to be able to respond as necessary to rule execution requests received by the interface module (e.g. Dekker, paragraph 0033).  
 	Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to derive the claimed feature to ensure rules received and followed before the cryptographic operation is executed.

With respect to claim 11, Dekker does not explicitly mentions the method as recited in claim 9, wherein the cryptography module carries out the first cryptographic function independently of the hardware security module.
However, Dekker mentions where the rules may not applied (e.g. Dekker, paragraphs  0047, identify cryptographic algorithms; paragraph 0050, rules data does not include information concerning key values or memory content).
 Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to derive the claimed feature where cryptographic operation is predetermined and where rules are not applied or data is not available.

5.	Claims 3 and 8 are rejected under 35 U.S.C. 103 as being unpatentable over Dekker in view of Chhabra et al. (U.S. Patent Application Publication No. 2016/0380985, hereinafter Chhabra).
 	With respect to claim 3, Dekker discloses the data processing device as recited in claim 1, wherein the at least one cryptography module includes hardware circuitry (e.g. Dekker, Fig. 2, paragraph 0008 and 0014), but does not explicitly mention wherein the at least one cryptography module is externally to the hardware security module.  
 	However, Chhabra mentions memory controller, cryptographic module and trusted entity may be disposed in whole or in part external to the processor (e.g. Chhabra, paragraph 0020).  It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to derive the claimed feature of at least one cryptography module external to the hardware security module to protect the integrity of the cryptography module.

 	With respect to claim 8,  Dekker does not explicitly mention the data processing device as recited in claim 1, further comprising a second data bus via which the hardware security module exchanges data with the at least one cryptography module.
 	However, Chhabra mentions memory controller, cryptographic module and trusted entity may be disposed in whole or in part external to the processor (e.g. Chhabra, paragraph 0020).  It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to derive the claimed feature in order to interface with the external module.
Conclusion
6.	THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of 
 	Any inquiry concerning this communication or earlier communications from the examiner should be directed to TONGOC TRAN whose telephone number is (571)272-3843.  The examiner can normally be reached on 9-5 Monday - Friday.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kambiz Zand can be reached on (571) 272-3811.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-


/TONGOC TRAN/Primary Examiner, Art Unit 2434