DETAILED ACTION
This Final Office Action is in response to amendment filed on 0/15/2021.
Claims 1-2, 4-12, 14, 17-22 and 24-25 have been amended. Claims 3, 13 and 23 have been canceled. Claims 1-2, 4-12, 14-22 and 24-25 remain pending in the application. 

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Drawings
The drawings filed on 09/28/2018 are accepted.

Information Disclosure Statement
The information disclosure statements (IDS) submitted on 01/15/2021 have been considered. The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly an initialed and dated copy of Applicant's IDS form 1449 filed 01/15/2021 are attached to the instant Office action. 

Response to Amendment 
Claim amendments has overcome the USC 112(b) rejections previously set forth in the Non-Final Office Action mailed on 10/22/2020. 
Response to Arguments 
Applicant's arguments filed 0/15/2021 have been fully considered but they are not persuasive.
Applicant stated “The Office Action concedes that Pohlack does not disclose a previous version of these limitations, and instead relies upon the Lutas reference. However, the cited portions of the Lutas reference merely disclose determining whether software is attempting to execute code from a page marked as non-executable, and does not disclose determining whether a code page associated with a memory allocation includes executable code, much less also determining whether a code page indicated by the memory allocation is writeable or causing the memory allocation to abort based on a determination that the code page is writeable. For at least these reasons, Applicant asserts that independent Claim 1 is allowable over the cited references. The other independent claims recite limitations similar, but not identical, to those recited in independent Claim 1. Therefore, these claims are also allowable, for example, for the same reasons as identified above.”
Examiner respectfully disagrees. Examiner submits that the above argued limitation, as drafted, is disclosed by Pohlack-Lutas. Particularly, Pohlack explicitly discloses in in Col. 9 line 5-9 and Figure 3 (330) determining whether executable code pages, e.g. read instruction, associated with a memory location, targeting the same page in the memory map, except that Pohlack does not disclose determining whether such executable code page is writable in a memory page, 
as described in the instant application Page 6, line 7-11 “At a user level, the systems and methods described herein determine whether a memory allocation related system call includes writable code or any code, such as a WRPKRU instruction, capable of altering the protection key associated with a shared memory page. If the10 memory allocation related system call is writable or includes instructions capable of altering the protection key associated with a shared memory page, the system call is permitted to fail.”, where WRPKRU instruction is a write instruction, and subsequently abort the request and execution. 
Lutas explicitly discloses in [0032-0033] that if there is an attempt to execute a code, i.e. to write in a memory page, i.e. instruction to write in a memory page, where the page is marked is non-writable, then the processor would abort/suspend such attempt/request to call a memory page and perform such writable code execution. This is consistent with the above excerpt of the instant application and the claim limitation, as drafted, where the writable code page alters sensitive information, therefore any attempt to perform a write code page results into aborting the process.  
Therefore, the combination of Pohlack-Lutas discloses the aforementioned limitations of the independent claims.

	Applicant further stated “Applicant respectfully reminds the Examiner that to establish a prima facie case of obviousness, three basic criteria must be met…Third, the prior art reference (or references when combined) must teach or suggest all of the claim limitations. It is respectfully submitted that the rejected claims are patentable over the art of record based on at least the third criterion of obviousness: none of the references alone or in combination teach, suggest, or disclose each claim limitation of the independent claims. Specifically, it has not been shown how La Frese, Lutas, Sotka, or Koufaty resolve at least the deficiencies of Pohlack discussed above. Indeed, Applicant asserts that nothing in these references (or in any other reference) provides such features.”
	Examiner respectfully disagrees and asserts that the above prior arts resolve the deficiencies of Pohlack as cited below. Please see detailed rejection below.

Claim Interpretation
The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof. 

The following is a quotation of pre-AIA  35 U.S.C. 112, sixth paragraph:
An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.

The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art. The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the 
As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph:
(A)    the claim limitation uses the term “means” or “step” or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function; 
(B)    the term “means” or “step” or the generic placeholder is modified by functional language, typically, but not always linked by the transition word “for” (e.g., “means for”) or another linking word or phrase, such as “configured to” or “so that”; and 
(C)    the term “means” or “step” or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function. 
Use of the word “means” (or “step”) in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites sufficient structure, material, or acts to entirely perform the recited function. 
Absence of the word “means” (or “step”) in a claim creates a rebuttable presumption that the claim limitation is not to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is not 
Claim limitations in this application that use the word “means” (or “step”) are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. Conversely, claim limitations in this application that do not use the word “means” (or “step”) are not being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action.
Such claim limitation is: “means for determining…” and “means for selectively rendering unsuccessful a cache line flush” in claim 25.
Structure, i.e. control circuit, and functions of the aforementioned limitation is disclosed in page 6 line 18-25 of the specification of the instant application. 

Claim Objections
Claim 24 is objected to because of the following informalities:  
Claim 23 is cancelled, however, claim 24 is still recited to be dependent on claim 23. For examination purpose, claim 24 is interpreted to be dependent on claim 21, similar to the amended dependency of claim 14.
Appropriate correction is required.
	
	

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claims 1, 9, 11, 19, 21 and 25 are rejected under 35 U.S.C. 103 as being unpatentable over Pohlack (US 9436603 B1), hereinafter Pohlack in view of Lutas (US 20160210069 A1), hereinafter Lutas
Regarding claim 1 (currently amended). Pohlack teaches A side-channel attack protection system (Pohlack Col.2 line 36-40 “…systems and methods described herein may be used to detect, prevent, mitigate, and/or curtail timing side-channel attacks in virtualized computing systems and/or in local (single) systems in which physical memory pages are shared between processes, applications, and/or users”, Col. 17 line 50-55 and Figure 7 illustrating the computer system performing the mitigation technique), comprising: 
control circuitry (Pohlack Col 2, lines 60 to Col 3, line 12, teaches the security component or an interrupt handler inspects the program… take action to mitigate or curtail the attack. In Col 5, line 66 to Col 6, line 37, it discusses the functions “an executing program (e.g., a security component …”, where the processor that’s executing the security component is read as the control circuit);  
memory circuitry coupled to the control circuitry (Pohlack illustrates in Figure 7 system memory 720 corresponding to memory circuitry coupled to the processor executing the security component); 
a storage device that includes instructions (Pohlack illustrates in Figure 7 a program instructions 725 that includes instructions corresponding to memory circuity), 
when executed by the control circuitry, cause the control circuitry to: selectively render unsuccessful a cache line flush (CLFLUSH) instruction on one or more shared memory pages by performing operations (Pohlack Col.  2 line 41-49 “performance monitors (e.g., hardware performance counters or other performance monitoring mechanisms) to detect the execution of cache line flush type instructions (such as the CLFLUSH instruction of the x86 instruction set) in the context of shared physical pages and timing side-channel attacks, and may take action to mitigate or curtail those attacks and/or to prevent subsequent attacks on a target process or application.”, once it is determined of likely attack, action includes replacing the cache line flush type instruction, therefore rendering it unsuccessful, Col. 3 line 10-15 “…the actions taken by the security component may include replacing the cache line flush type instructions of the suspected attacking process or application with trap type instructions…”, Figure 2 (240) and Col. 7 line 49-65 discloses that the system selectively taking action to replace cash flush type (CLFLUSH)  instruction as disclosed in Col. 3 line 10-15 depending on the determination in Figure 2 (240) and described in detail in Figure 3 (360, 370) and Col. 11 line 1-15, where actions to render cash flush instruction are selective, where the processor executing the security component to perform the above function is interpreted as the control circuit).
comprising: determining whether one or more code pages associated with a memory allocation related system call request includes executable code (Pohlack illustrates in Figure 3 (330) determining whether there is a request for an executable read instruction, Col. 9 line 5-9 “…if the detected cache line flush type instructions are followed by reads of the same locations (shown as the positive exit from 330)… if it is determined that frequent and/or repeated cache line flush type instructions target the same page in the memory map (shown as the positive exit from 340)”); 

Pohlack discloses in Figure 3 triggering an action (360) in response to an executable code/program instructions (330, 340).
Pohlack does not disclose writable executable code. Emphasis in Italic.
Lutas from analogues field of invention teaches responsive to a determination that a code page associated with the memory allocation related system call includes executable code, determining whether the code page is writable; and responsive to a determination that the code page is writeable, causing the memory allocation related system call request to abort (Lutas [0032] “when a software object executing within a VM attempts to write data to a memory page marked as non -writable, or to execute code from a memory page marked as non -executable, processor 12 may intercept the attempt, suspend the current execution, and switch to executing hypervisor 50.”, i.e. in response to executable code attempting to execute/write to/from memory page, cause the system/processor to suspend/abort the execution).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Pohlack to incorporate the teaching of Lutas to utilize the above features, with the motivation of protecting virtual machines from security threats , as recognized by (Lutas [0032]).

Regarding claim 11 (currently amended). Pohlack teaches A side-channel attack protection method (Pohlack Col.2 line 36-40 “…systems and methods described herein may be used to detect, prevent, mitigate, and/or curtail timing side-channel attacks in virtualized computing systems and/or in local (single) systems in which physical memory pages are shared between processes, applications, and/or users”, Col. 17 line 50-55 and Figure 7 illustrating the computer system performing the mitigation technique), comprising: 
determining, by control circuitry, whether a memory page access request attempts to access one or more shared memory pages (Pohlack Col.  2 line 41-49 “performance monitors (e.g., hardware performance counters or other performance monitoring mechanisms) to detect the execution of cache line flush type instructions (such as the CLFLUSH instruction of the x86 instruction set) in the context of shared physical pages…”, Col 2, lines 60 to Col 3, line 12, Pohlack teaches the security component or an interrupt handler inspects the program… take action to mitigate or curtail the attack. In Col 5, line 66 to Col 6, line 37, it discusses the functions “an executing program (e.g., a security component …”, where the processor that’s executing the security component is read as the control circuit); and 
responsive to a determination that the memory page access request accesses a shared memory page, selectively rendering unsuccessful a cache line flush (CLFLUSH) instruction on at least one of the one or more shared memory pages (Pohlack Col.  2 line 41-49 “performance monitors (e.g., hardware performance counters or other performance monitoring mechanisms) to detect the execution of cache line flush type instructions (such as the CLFLUSH instruction of the x86 instruction set) in the context of shared physical pages and timing side-channel attacks, and may take action to mitigate or curtail those attacks and/or to prevent subsequent attacks on a target process or application.”, once it is determined of likely attack, action includes replacing the cache line flush type instruction, therefore rendering it unsuccessful, Col. 3 line 10-15 “…the actions taken by the security component may include replacing the cache line flush type instructions of the suspected attacking process or application with trap type instructions…”, Figure 2 (240) and Col. 7 line 49-65 discloses that the system selectively taking action to replace cash flush type (CLFLUSH)  instruction as disclosed in Col. 3 line 10-15 depending on the determination in Figure 2 (240) and described in detail in Figure 3 (360, 370) and Col. 11 line 1-15, where actions to render cash flush instruction are selective)
by: determining whether one or more code pages associated with a memory allocation related system call request includes executable code (Pohlack illustrates in Figure 3 (330) determining whether there is a request for an executable read instruction, Col. 9 line 5-9 “…if the detected cache line flush type instructions are followed by reads of the same locations (shown as the positive exit from 330)… if it is determined that frequent and/or repeated cache line flush type instructions target the same page in the memory map (shown as the positive exit from 340)”); 
Pohlack discloses in Figure 3 triggering an action (360) in response to an executable code/program instructions (330, 340).
Pohlack does not disclose writable executable code. Emphasis in Italic.


responsive to a determination that a code page associated with the memory allocation related system call includes executable code, determining whether the code page is writable; and responsive to a determination that the code page is writeable, causing the memory allocation related system call request to abort (Lutas [0032] “when a software object executing within a VM attempts to write data to a memory page marked as non -writable, or to execute code from a memory page marked as non -executable, processor 12 may intercept the attempt, suspend the current execution, and switch to executing hypervisor 50.”, i.e. in response to executable code attempting to execute/write to/from memory page, cause the system/processor to suspend/abort the execution).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Pohlack to incorporate the teaching of Lutas to utilize the above features, with the motivation of protecting virtual machines from security threats , as recognized by (Lutas [0032]).
 
Regarding claim 9 (currently amended). Pohlack teaches The side channel-attack protection system of claim 1 wherein the instructions that cause the control circuitry to selectively render unsuccessful the cache line flush (CLFLUSH) instruction based on code included in the shared memory page further cause the control circuitry to perform operations comprising:  
Pohlack discloses in Figure 3 triggering an action (360) in response to an executable code/program instructions (330, 340).
Emphasis in Italic
Lutas discloses responsive to a determination that the one or more code pages associated with the received memory allocation related system call request do not include , causing the memory allocation related system call request to proceed (Lutas [0032] “when a software object executing within a VM attempts to write data to a memory page marked as non -writable, or to execute code from a memory page marked as non -executable, processor 12 may intercept the attempt, suspend the current execution, and switch to executing hypervisor 50.”, i.e. in response to executable code attempting to execute/write to/from memory page, cause the system/processor to suspend/abort the execution, examiner submits  that the conditional statement, “when a software object executing within a VM attempts to write data to a memory page marked as non -writable, or to execute code… processor 12 may intercept the attempt, suspend the current execution” indicates the alternate path, i.e. when attempting to NOT write or when there is no executable instruction to write to a page marked as non-writable, the process will proceed).  
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Pohlack to incorporate the teaching of Lutas to utilize the above features, with the motivation of protecting virtual machines from security threats , as recognized by (Lutas [0032]).

Regarding claim 19, claim 19 recites similar limitations to claim 9, therefore, the same rational and motivation applied to claim 9 is also applied to claim 19.

Regarding claims 21 and 25, claims 21 and 25 recite similar limitations to claim 1, therefore, the same rational and motivation applied to claim 1 is also applied to claims 21 and 25.

Claims 2, 12 and 22 are rejected under 35 U.S.C. 103 as being unpatentable over Pohlack-Lutas in view of La (US 20090037662 A1), hereinafter La.

Regarding claim 2 (currently amended). Pohlack-Lutas teaches The side-channel attack protection system of claim 1: wherein the memory circuitry includes memory pages associated with two or more virtual machines (Pohlack Col. 4 line 59-65 “systems that implement virtualization include a same page sharing feature…In such systems, sharing of physical pages may not only be happening within one virtual machine, but may be propagated throughout the whole system.”); 
wherein the instructions cause all or a portion of the control circuitry to provide virtual machine manager (VMM) circuitry to: detect duplicate memory pages associated with the two or more virtual machines; provide a single shared memory page shared by the two or more virtual machines, the single shared memory page including (Pohlack Col. 4 line 61-66 “…the hypervisor may scan the contents of physical memory pages, and whenever it finds the same pages, it may merge them into a single copy maintained under the root”); and 
Pohlack does not disclose the remaining limitations.
La discloses associate an executable only identifier with the single shared memory page to selectively disable [[the]] a READ permission of the single shared memory page (La [0012] “…instructions executable by the processor and configured for performing a selective read caching function which enables and disables read caching for individual regions of the backstore depending on whether or not read caching has provided any recent benefit.”, examiner submits that the system of La identifies executable instruction that selectively disable read caching).
 It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Pohlack-Lutas to incorporate the teaching of La to utilize the above feature, with the motivation of improving performance by using an autonomic algorithm, as recognized by (La, Abstract).
 
Regarding claims 12 and 22, claims 12 and 22 recite similar limitations to claim 2, therefore, the same rational and motivation applied to claim 2 is also applied to claims 12 and 22.

Claims 4-8, 14-18 and 24 are rejected under 35 U.S.C. 103 as being unpatentable over Pohlack-Lutas in view of Sotka (US 20110239291 A1), hereinafter Sotka.

Regarding claim 4 (currently amended). Pohlack-Lutas teaches The side channel-attack protection system of claim 1 wherein the instructions that cause the control circuitry to selectively render unsuccessful the cache line flush (CLFLUSH) instruction based on code included in the shared memory page further cause the control circuitry to perform operations comprising: 
While Pohlack discloses in e.g. Figure 3 the determination of the instruction includes executing code such as flushing the cash line and followed by loading instruction targeting the page of a memory map, however, Pohlack-Lutas does not disclose that the instruction includes changing protection key and accordingly abort executing the instructions. Emphasis in Italic. 
Sotka teaches determining whether any of the one or more include instructions capable of changing a protection key associated with a shared page; and responsive to a determination that a code page  includes instructions capable of changing a protection key associated with a shared page,  causing the memory allocation related system call request to abort (Sotka discloses the concept that implementing the process of determining when there is an instruction attempting to change a privilege/right/permission by the process of a virtual machine, and in response, terminate/abort the process, [0032] “…a virtual machine process watchdog application 312 observes network requests within the virtual machine and terminates the virtual machine process if it detects an attempt to change privileges in the browser or in the virtual machine operating system.”, where the privilege/right/permission corresponds to protection key, consistent with the specification of the instant application in Page 7 line 24-25 where the protection key is a flag that limits the ability of the user to read data).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Pohlack to incorporate the teaching of Sotka to utilize the above features, with the motivation of detecting and thwarting attacks, as recognized by (Sotka Abstract).

Regarding claims 14 and 24, claims 14 and 24 recite similar limitations to claim 4, therefore, the same rational and motivation applied to claim 4 is also applied to claims 14 and 24.

Regarding claim 5 (currently amended). Pohlack-Lutas-Sotka teaches The side channel-attack protection system of claim 4 wherein the instructions that cause the control circuitry to selectively render unsuccessful the cache line flush (CLFLUSH) instruction based on code included in the shared memory page further cause the control circuitry to perform operations comprising: 
determining whether the memory allocation related system call request maps a page from a storage device to memory; responsive to a determination that the memory allocation related system call request maps a page from a storage device to memory, causing the memory allocation related system call request to proceed (Pohlack discloses in Col. 10 line 33-52 the concept of determining cache line flush  instruction/request, in response, map a page from memory to cache, i.e. read or load, such that information is reloaded back to cache, therefore, allowing the process of performing the cache line flush request and immediately followed by the load request back in the memory map to proceed, as a result, the attacker would not be able to infer any timing information, “…the security component may be configured to insert a replacement patch (e.g., binary code) that includes the detected cache line flush type instructions but in which a read or load type instruction has been added immediately (or shortly) following each of the detected cache line flush type instructions to reload the flushed information back into the cache, or to insert a replacement patch (e.g., binary code) for each of the detected cache line flush type instructions that calls a sub-function that includes the detected cache line flush type instruction along with a read or load type instruction that immediately (or shortly) follows the cache line flush type instruction and reloads the flushed information back into the cache…the suspected attacker may not observe any timing differences between accesses made prior executing a cache line flush type instruction and subsequent to executing the cache line flush type instruction, again resulting in closing the potential timing side-channel.”).  

Regarding claim 15, recite similar limitations to claim 5, therefore, the same rational and motivation applied to claim 5 is also applied to claim 15.

Regarding claim 6 (currently amended). Pohlack-Lutas-Sotka teaches The side channel-attack protection system of claim 5 wherein the instructions that cause the  perform operations comprising: 
determining whether the memory allocation related system call request includes only a memory page allocation request; responsive to a determination that the memory allocation related system call request includes only a memory page allocation request, causing the memory allocation related system call request to abort (Pohlack discloses in Figure 3 (340) that when the particular cache line flush request/instruction is frequently targeted to the same/only page in the memory, this results into performing an action to curtail/limit/suspend the attack, which includes an action to replace the cash line flush instruction targeting the same page, as disclosed in , Col. 3 line 10-15 and Col. 7 line 49-65, which is interpreted as aborting the cache line request, where the memory allocation request is request directed to a memory page in the memory map).  

Regarding claim 16, recite similar limitations to claim 6, therefore, the same rational and motivation applied to claim 6 is also applied to claim 16.

Regarding claim 7 (currently amended). Pohlack-Lutas-Sotka teaches The side channel-attack protection system of claim 4 wherein the instructions that cause the control circuitry to selectively render unsuccessful the cache line flush (CLFLUSH) instruction based on code included in the shared memory page further cause the control circuitry to perform operations comprising: 
however, Pohlack-Lutas does not disclose that if instruction includes changing protection key and if so, abort executing the instructions. Emphasis in Italic. 
Sotka teaches responsive to a determination that one or more do not include instructions capable of changing a protection key associated with a shared page, causing the memory allocation related system call request to proceed (Sotka discloses the concept that implementing the process of determining when there is an instruction attempting to change a privilege/right/permission by the process of a virtual machine, and in response, terminate/abort the process, [0032] “…a virtual machine process watchdog application 312 observes network requests within the virtual machine and terminates the virtual machine process if it detects an attempt to change privileges in the browser or in the virtual machine operating system.”, where the privilege/right/permission corresponds to protection key, consistent with the specification of the instant application in Page 7 line 24-25 where the protection key limits the ability of the user to read data, examiner submits that the conditional statement “terminates…if it detects an attempt to change privileges” indicates the alternate path, i.e. if NOT detected, then, (do not terminate)/proceed).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Pohlack to incorporate the teaching Sotka to utilize the above features, with the motivation of detecting and thwarting attacks, as recognized by (Sotka Abstract).

Regarding claim 17, recite similar limitations to claim 7, therefore, the same rational and motivation applied to claim 7 is also applied to claim 17.

Regarding claim 8 (currently amended). Pohlack-Lutas The side channel-attack protection system of claim 1 wherein the instructions that cause the control circuitry to selectively render unsuccessful the cache line flush (CLFLUSH) instruction based on code included in the shared memory page present in the system memory further cause the control circuitry to perform operations comprising: 
Pohlack discloses in Figure 3 triggering an action (360) in response to an code/program instructions (330, 340).
Pohlack does not disclose non executable code. Emphasis in Italic.
Lutas from analogues field of invention teaches responsive to a determination that the one or more code pages associated with the received memory allocation related system call request do not include causing the memory allocation related system call request to proceed (Lutas [0032] “…when a software object executing within a VM attempts to write data to a memory page marked as non -writable, or to execute code from a memory page marked as non-executable, processor 12 may intercept the attempt, suspend the current execution, and switch to executing hypervisor 50.”, i.e. in response to executable code attempting to execute/write to/from memory page, cause the system/processor to suspend/abort the execution, examiner submit that the conditional statement, i.e. “when…execute code… from a memory page marked as non-executable…suspend” indicates that the alternative path, that is non executable from memory page marked as non-executable is not suspended).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Pohlack to incorporate the teaching of Lutas to utilize the above features, with the motivation of protecting virtual machines from security threats, as recognized by (Lutas [0032]).
 
Regarding claim 18, recite similar limitations to claim 8, therefore, the same rational and motivation applied to claim 8 is also applied to claim 18.
 
Claims 10 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Pohlack-Lutas-Sotka and further in view of Koufaty et. al. (US 20160110298 A1), hereinafter Koufaty.
 
Regarding claim 10 (currently amended). Pohlack- Lutas-Sotka The side-channel attack protection system of claim 4 wherein the instructions that cause the control circuitry to determine whether any of the one or more perform operations comprising: 
Pohlack does not disclose the remaining limitations.
determining whether any of the one or more executable code pages include [a WRPKRU] instruction capable of changing the protection key associated with the shared page (Sotka discloses the concept that implementing the process of determining when there is an instruction attempting to change a privilege/right/permission by the process of a virtual machine, and in response, terminate/abort the process, [0032] “…a virtual machine process watchdog application 312 observes network requests within the virtual machine and terminates the virtual machine process if it detects an attempt to change privileges in the browser or in the virtual machine operating system.”, where the privilege/right/permission corresponds to protection key, consistent with the specification of the instant application in Page 7 line 24-25 where the protection key limits the ability of the user to read data).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Pohlack to incorporate the teaching of Sotka to utilize the above features, with the motivation of detecting and thwarting attacks, as recognized by (Sotka Abstract).
  Pohlack-Lutas-Sotka does not disclose WRPKRU instruction.
Koufaty discloses the concept of WRPKRU instructions (Koufaty discloses in [0041] “user permission register write (WRPKRU) instruction that may allow the user application program to write to the user permission register 204. By allowing the user application to directly manipulate the permissions stored in the user permission register 204, the performance overhead of changing the set of permissions through protection keys (e.g., by going through the operating system) may be reduced significantly, allowing for much broader use of the protection keys.”).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Pohlack-Lutas-Sotka to incorporate the teaching of Koufaty to utilizing WRPKRU, with the motivation of reducing performance overhead, as recognized by (Koufaty [0042]).

Regarding claim 20, recite similar limitations to claim 10, therefore, the same rational and motivation applied to claim 10 is also applied to claim 20.

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to BASSAM A NOAMAN whose telephone number is (571)272-2705.  The examiner can normally be reached on Monday-Friday 8:30 AM-5:00PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni A. Shiferaw can be reached on (571) 272-3867.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/BASSAM A NOAMAN/Examiner, Art Unit 2497                                                                                                                                                                                                        /ELENI A SHIFERAW/Supervisory Patent Examiner, Art Unit 2497