Allowable Subject Matter
Claims 1-20 are allowed.
The following is an examiner’s statement of reasons for allowance: the present invention features: computing device comprising a memory management unit (MMU) and a multicore processor, the multicore processor comprising: a first processor, the first processor configured to: implement a first set of one or more applications or processes, wherein one of the first set of the one or more applications or processes comprises an egress filter task, and process a first data via the egress filter task.
Related prior art made of record, that teach computing device comprising a memory management unit (MMU) and a multicore processor, include:
M. Böhnert and C. Scholl, "A dynamic virtual memory management under real-time constraints," 2014 IEEE 20th International Conference on Embedded and Real-Time Computing Systems and Applications, Chongqing, 2014, pp. 1-10.
G. Kornaros et al., "Hardware Support for Cost-Effective System-Level Protection in Multi-core SoCs," 2015 Euromicro Conference on Digital System Design, Funchal, 2015, pp. 41-48.
EP003147811A1 (Martinez et al) teaching method for securing program code for mission critical applications, involves determining set of authentication codes, and allowing fragmented authentication code to be distributed in corresponding memory location while allowing to check that the code did not undergo any modification, i.e., ensuring the integrity of the code.

US 2013/0034107 (Leong et al) teaching packet switch appliance including a plurality of ports, and including ingress and egress filtering for facilitating management of data and dynamic filtration of data.
US 2017/0098094 (Winslow et al) teaching methods for configuring and utilizing a configurable data guard implemented on a hardware-based programmable logic device featuring a plurality of arrays of generic comparison operations and a plurality of arrays of generic action operations.
US 8,769,127 (Selimis et al) teaching cross-domain solution collaborate-access-browse and assured file transfer providing for a bi-directional file exchange or allowing high-side user to initiate file transfers from low side to the high side so browser-found data can be manipulated on the high side if needed, the exchanged file containing only the appropriately filtered or classified information. 
US 7,657,522 (Puziacha et al) teaching system and method for providing information navigation and filtration wherein: preliminary relevance of one or more objects associated with an enterprise system is determined based on query terms, the preliminary relevance may be propagated between objects; and data is provided as filtered search results generated according to the ranking/relevance.


(as recited in claim 1) the MMU is configured to allow the egress filter task to write the first data to a first segregated physical memory location; and a second processor, the second processor configured to: implement a second set of one or more applications or processes, wherein the second set of the one or more applications or processes comprises at least one cross domain filter task, and perform filtering on the first data via the at least one cross domain filter task, wherein the MMU is configured to allow the at least one cross domain filter task to read from the first segregated physical memory location and write to a second segregated physical memory location; and a third processor, the third processor configured to: implement a third set of one or more applications or processes, wherein one of the third set of the one or more applications or processes comprises an ingress filter task, and process the first data via the ingress filter task, wherein the MMU is configured to allow the ingress filter task to read the first data from the second segregated physical memory location.

(as recited in claim 8) the MMU is configured to allow the egress filter task to write the first data to a first segregated physical memory location, and perform filtering on the first data via the first filter task; and a second processor, the second processor configured to: implement a second set of one or more applications or processes, wherein the second set of the one or more applications or processes comprises an ingress filter task and a second filter task, perform filtering on the first data via the second filter task, and process the first data via the ingress filter task, wherein the MMU is configured to allow the ingress filter task to read the first data from a second segregated physical memory location.

(as recited in claim 12) the first MMU unit is configured to allow an egress filter task associated with the first processor to write a first data to a first segregated physical memory location, and block one or more applications or processes associated with the first processor other than the egress filter task from accessing the first segregated physical memory location; and a second MMU unit, the second MMU unit configured to: serve a second processor associated with the multicore processor, wherein the second MMU unit is configured to allow an ingress filter task associated with the second processor to read the first data to a second segregated physical memory location, and block one or more applications or processes associated with the second processor other than the ingress filter task from accessing the first segregated physical memory location.

(as recited in claim 17) the egress filter task is configured to write the first data to a first segregated physical memory location, wherein one or more other processes other than the egress filter task are restricted from writing data to the first segregated physical memory location; and perform filtering on the first data via the first filter task; and a second processor, the second processor configured to: implement a second set of one or more applications or processes, wherein the second set of the one or more applications or processes comprises an ingress filter task and a second filter task, process the first data via the ingress filter task, wherein the ingress filter task is configured to read the first data from the first segregated physical memory location, wherein one or more other processes other than the ingress filter task are restricted from reading data from the first segregated physical memory location; and perform filtering on the first data via the second filter task.

Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to PIERRE MICHEL BATAILLE whose telephone number is (571)272-4178.  The examiner can normally be reached on Monday - Thursday 7-6 ET.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Charles Rones can be reached on (571) 272-4085.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.







/PIERRE MICHE BATAILLE/Primary Examiner, Art Unit 2136