DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .


The following is a final office action in response to communications received 02/26/2021. Claims 1, 8, have been amended. Claims 21-26 are added. Therefore, claims 1-11, 21-26 are pending and addressed below.

Response to Amendment
Applicant’s amendments and response to the claims are sufficient to overcome the 35 USC 112(b) as set forth in the previous office action.

Response to Arguments
Applicant’s arguments filed 02/26/2021 have been fully considered but they are moot in view of new grounds of rejections.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having 

Claims 1-11, 21-26 are rejected under 35 U.S.C. 103 as being obvious over sethumadhavan et al (Pub. No. US 2016/0119137) in view of Durham et al (Pub. No. US 2018/0247082).


As per claim 1, Sethumadhavan discloses an apparatus comprising: a core to execute instructions, wherein in response to a first instruction, the core is to obtain a binary of a requester from a source location and store the binary to a destination location, the binary comprising an encrypted image (…when a user downloads an app from the app-store, the app-store encrypts the binary with the Instruction Set Randomization (ISR) key for that device…the gateway sends fetch requests for the corresponding binary as well as the user’s key…which is based on a unique ID…the binary is encrypted with the fetched key and set to the user’s machine…see par. 113-117); and a memory execution circuit coupled to the core, the memory execution circuit, in response to a request from the core and based on the first instruction, to generate at least one integrity value for the binary comprising the encrypted image and store the at least one integrity value in association with the binary (…the app server encrypts the binary with ta symmetric encryption process such as AES…these key-to-address mappings may be encrypted using the public key from user request, package with the binary…when a program is executed, the loader extracts the encrypted key-to-page mapping from the binary and passes this information to the OS…see par. 118, 120-124). Sethumadhavan does not explicitly disclose the at least one integrity value inaccessible to a non-trusted entity. However Durham discloses the at least one integrity value inaccessible to a non-trusted entity (…the memory encryption engine may store alias bits (…e.g. integrity value)…in a separate location…the comparator (integrity verifier) may identify no match…and cause the memory encryption engine or component to flush the cache line…virtual machine monitor has no access to the protected memory…see par. 120-123, 338 and claim language 14). Therefore one ordinary skill in the art would have found it obvious before the effective filling date of the claimed invention to use Durham in Sethumadhavan for including the above limitations because one ordinary skill in the art would recognize it would further utilize components of the processor such as the cores…to maintain the security and integrity of the memory, see Durham, par. 129-130.


As per claim 21, Sethumadhavan discloses a machine-readable medium comprising instructions stored thereon, which if performed by a machine, cause the machine to: receive an encrypted binary image of a requester at a server system, the received encrypted binary image to be temporarily stored at a source location at the server system; load the encrypted binary image from the source location for storage at a destination location at the server system (…when a user downloads an app from the app-store, the app-store encrypts the binary with the Instruction Set Randomization (ISR) key for that device…the gateway sends fetch requests for the corresponding binary as well as the user’s key…which is based on a unique ID…the binary is encrypted with the fetched key and set to the user’s machine…see par. 113-117); generate at least one integrity value for the encrypted binary image at the server system; and store the at least one integrity value in association with the encrypted binary image at the server system (…the app server encrypts the binary with ta symmetric encryption process such as AES…these key-to-address mappings may be encrypted using the public key from user request, package with the the at least one integrity value inaccessible to a non-trusted entity (…the memory encryption engine may store alias bits (…e.g. integrity value)…in a separate location…the comparator (integrity verifier) may identify no match…and cause the memory encryption engine or component to flush the cache line…virtual machine monitor has no access to the protected memory…see par. 120-123, 338 and claim language 14). Therefore one ordinary skill in the art would have found it obvious before the effective filling date of the claimed invention to use Durham in Sethumadhavan for including the above limitations because one ordinary skill in the art would recognize it would further utilize components of the processor such as the cores…to maintain the security and integrity of the memory, see Durham, par. 129-130.


As per claims 2, 22, the combination of Sethumadhavan and Durham discloses wherein the core, in response to the first instruction and after the storage of the binary and the at least one integrity value, is further to generate a cryptographic response using a first key shared between the apparatus and the requester and send the cryptographic response to the requester to enable the requester to validate that the binary was stored to the destination location with the integrity protection (Sethumadhavan: see par. 118).



As per claim 3, the combination of Sethumadhavan and Durham discloses wherein the first instruction comprises a load with integrity instruction, the load with integrity instruction to identify the source location, the destination location and a structure identifier to identify a structure including the first key and the cryptographic response (Sethumadhavan: see par. 115-118). The motivation for claim 3 is the same motivation as in claim 1 above.


As per claim 4, the combination of Sethumadhavan and Durham discloses wherein the first key is wrapped to prevent the non-trusted entity from access to the first key (Durham: see par. 338). The motivation for claim 4 is the same motivation as in claim 1 above.


As per claim 5, the combination of Sethumadhavan and Durham discloses wherein the binary is encrypted using address information associated with the destination location, the apparatus to send the address information to the requester to enable the requester to encrypt the binary to form the encrypted image, the requester comprising a tenant of a multi-tenant computing environment including the apparatus (Sethumadhavan: see par. 118).


As per claim 6, the combination of Sethumadhavan and Durham discloses wherein the apparatus, in response to a request by the requester for integrity protection of the binary, is to send the address information associated with the destination location to the requester, to enable the requester to encrypt the binary using a second key and the address information (Sethumadhavan: see par. 120).


As per claim 7, the combination of Sethumadhavan and Durham discloses comprising a configuration register having a first field to store an integrity indicator which, when in an active state, is to cause the memory execution circuit to operate in an integrity only mode (Durham: see par. 168-169). The motivation for claim 7 is the same motivation as in claim 1 above.


As per claim 8, the combination of Sethumadhavan and Durham discloses wherein the integrity indicator is to be in an active state when the memory execution circuit is to generate the at least one integrity value for the binary and store the at least one integrity value in association with the binary (Durham: see par. 118-119). The motivation for claim 8 is the same motivation as in claim 1 above.


As per claim 9, the combination of Sethumadhavan and Durham discloses wherein after execution of the first instruction, the core is to update the integrity indicator to an inactive state to cause the memory execution circuit to operate in a combined encryption and integrity mode (Durham: see par. 83-84). The motivation for claim 9 is the same motivation as in claim 1 above.


As per claim 10, the combination of Sethumadhavan and Durham discloses wherein in the combined encryption and integrity mode, the memory execution circuit is to access a first portion of the binary from the destination location, generate a generated integrity value for the first portion of the binary, compare the generated integrity value to the at least one integrity value for the binary, and in response to a match, decrypt and provide the first portion of the binary to a key domain associated with the requester for execution (Durham: see par. 84). The motivation for claim 10 is the same motivation as in claim 1 above.


As per claim 11, the combination of Sethumadhavan and Durham discloses wherein the memory execution circuit is to store the at least one integrity value in a metadata field of a data block of the binary (Durham: see par. 188). The motivation for claim 11 is the same motivation as in claim 1 above.


As per claim 23, the combination of Sethumadhavan and Durham discloses instructions to cause the machine to send address information associated with the destination location from the server system to the requester to enable the requester to encrypt a binary image using the address information to form the encrypted binary image (Sethumadhavan: see par. 118).


As per claim 24, the combination of Sethumadhavan and Durham discloses instructions to cause the machine to in response to a request by the requester for integrity protection of the binary image, transmit the address information associated with the destination location from the server system to the requester, to enable the requester to encrypt the binary image using a second key and the address information to form the encrypted binary image (Sethumadhavan: see par. 120).


As per claim 25, the combination of Sethumadhavan and Durham discloses instructions to cause the machine to generate the at least one integrity value for the encrypted binary image at the server system as the encrypted binary image is loaded from the source location to the destination location (Sethumadhavan: see par. 120-124).


As per claim 26, the combination of Sethumadhavan and Durham discloses instructions to cause the machine to store the at least one integrity value in a metadata field of a data block of the encrypted binary image at the server system (Durham: see par. 84). The motivation for claim 21 is the same motivation as in claim 21 above.




Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure (see PTO-form 892).
The following Patents and Papers are cited to further show the state of the art at the time of Applicant’s invention with respect to data integrity and signature verification.

Zaks et al (Pub. No. US 2012/0260106); “System and Method for Binary Layout Randomization”;
-Teaches a system loading a binary into memory pages using contiguous addresses…see par. 32.


Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to GHAZAL B SHEHNI whose telephone number is (571)270-7479.  The examiner can normally be reached on Mon-Fri 9am-5pm PCT.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Shewaye Gelagay can be reached on 5712724219.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/GHAZAL B SHEHNI/Primary Examiner, Art Unit 2436