ETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  
Citation of References
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. The following references are cited but not been replied upon for this office action:
Johnson et al (US20150186680A1). Implementing trusted dynamic launch and trusted platform model using secure enclave.
Molina et al (US20080046581A1). Implementing a mobile TPM to allow use of virtual machine after user verification as owner of the mobile TPM, by generating storage root key after user authentication using a new shared authentication secret.
Status of Claims
The amendment filed 12/1/2020 has been entered. Claims 1, 4, 12, 15-16 have been amended. Claims 21-26 are newly added claims. Claims 1-26 are pending in the application.
The objection of claims 4, 9, 12 and 16 due to informalities has been withdrawn in light of applicant’s amendment to the claims. However new issues have been identified. See Claim Objections below.
Response to Arguments
The Applicant's arguments filed on 12/1/2020 with respect to Claims 1-20 have been fully considered.
Regarding claims 1-14 rejected under 35 USC §101 as being directed to non-statutory subject matter, applicant traversed the rejection (see page 10 of the Remarks). Examiner disagrees and asserts applicant’s amendment failed to overcome the rejection since the claim 1 recites at least one machine accessible storage medium under broadest reasonable interpretation could be signal per se. See the Claim Rejection under the 35 USC §101 below.
Applicant’s arguments, see pages 11-12 of the Remarks filed 12/1/2020, in particular regarding to independent claim 1 (similarly claims 15, 16) rejected under 35 USC §103 as being unpatentable over the combination of reference of record has been fully considered and asserted moot since the argument does not apply to the combined teachings with newly applied prior art. 
Examiner acknowledges applicant amended claim 1 (similarly claims 15, 16) underlined reciting “send attestation data from a secure key manager enclave on a host computing system to a secure key store system, wherein the secure key manager enclave is an encrypted cryptographically secure enclave”. Applicant argued the combination of references of record fails to teach 
“send attestation data from a secure key manager enclave on a host computing system to a secure key store system, wherein the secure key manager enclave is an encrypted 

	Examiner acknowledges applicant’s perspective and agrees that Jahid-Sahita combination does not specifically disclose wherein the secure key manager enclave is an encrypted cryptographically secure enclave, however asserts a newly found prior art Lange teaches the underlined features above, therefore applicant’s argument is moot in view of the claim rejection under 35 USC §103 over combination of Jahid-Sahita and newly applied prior art in current claim rejection presented below.
Claim Objections
Claims 4, 9, 11-12, 15-16, 19, 22-26 are objected to because of the following informalities:  
Claim 1 (similarly claim 15, claim 16) recites “a secure key manager enclave”, “key manager enclave” on lines 6, 8, 11, second line from last and last line. Applicant is suggested to recite “secure key manager enclave” instead of “key manager enclave” for consistency. Also for claims 4, 9, 11, 12, 19 due to same concern.
Claim 22 line 1 (similarly for claims 23-26), “The secure key manager of claim 21” should read as “The secure key manager server of claim 21” since claim 21 recites “A secure key manager server”.
Appropriate correction is required.
Claim Rejections - 35 USC § 112
The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.

The following is a quotation of the first paragraph of pre-AIA  35 U.S.C. 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention.

Claims 25, 26 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement. The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA  35 U.S.C. 112, the inventor(s), at the time the application was filed, had possession of the claimed invention.
Claim 25 recites “The secure key manager of claim 24, wherein generating the root key comprises tying the root key to a hardware root key of the hardware platform”. Examiner acknowledges applicant’s perspective to incorporate the underlined feature above, however upon review of applicant’s specification of instant application, the examiner can’t find the description supporting the above limitation. Applicant is suggested to response with explanation with quotation of paragraph(s) to meet the written description requirement.
Claim 26 recites “The secure key manager of claim 24, wherein the generated root key is hardware agnostic.” Upon review of applicant’s specification of instant application, the examiner can’t find the description supporting the above limitation. Applicant is suggested to response with explanation with quotation of paragraph(s) to meet the written description requirement.

The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claim 22 recites the limitation "the secure memory enclave" in line 2, and “the memory enclave” in line 3.  There is insufficient antecedent basis for this limitation in the claim.

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

Claims 1-14 are rejected under 35 USC §101 because the claimed invention is directed to non-statutory subject matter. The claims are not statutory as they are drawn as a whole to a signal per se. The claims does not fall within at least one of the four categories of patent eligible subject matter because the claim is directed to a "machine accessible storage medium". Absent an explicit definition excluding carrier waves, signals or the like, the claim is broadly interpreted to be a signal per se. In an effort to assist the patent community in overcoming the rejection under 35 U.S.C. § 101, the USPTO suggests the following approach. A claim drawn to such a computer readable medium (or the like) that covers both transitory and non-transitory embodiments maybe amended to narrow the claim to cover only statutory embodiments to avoid a rejection under 35 U.S.C. § 101 by adding the limitation "non-transitory" to the claim. Such an amendment would typically not raise the issue of new matter, even when the specification is silent because the broadest reasonable interpretation relies on the ordinary and customary meaning that includes signals per se.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 1-2, 9, 15-16 are rejected under 35 U.S.C. 103 as being unpatentable over Jahid et al (US20180063103A1, hereinafter, "Jahid"), in view of Lange (US20180139044A1, hereinafter, “Lange”), further in view of Sahita et al (US20090172328A1, hereinafter, “Sahita”).
Regarding claim 1, Jahid teaches: 
At least one machine accessible storage medium having code stored thereon, the code when executed on a machine (Jahid, [0075] a set of instructions recorded on a computer readable storage medium…), causes the machine to: 
send attestation data from a secure key manager enclave on a host computing system to a secure key store system, [wherein the secure key manager enclave is an encrypted cryptographically secure enclave] (limitation in bracket taught by Lange-see below), and wherein the attestation data identifies attributes of the key manager enclave (Jahid, See Fig. 1, Host 130, DCNs (i.e. virtual machines), Key manager 140 (i.e. secure key manager enclave), Key storage 142 or key storage of the host (i.e. secure key store system). And [0005] A key policy (KP) is defined at a manager.  A key policy (i.e. showing trustworthiness of the key manager) may be specific to a particular customer,… may include a key manager specification (e.g., IP address and port of a key manager) (i.e. attributes of the key manager). And [0008] The ticket (i.e. attestation data) acts as a security token in retrieving encryption keys from a key manager. Also [0021] For a host that executes one or more guest virtual machines, some embodiments of the invention provide a method of providing key management and encryption services), at least a portion of the attestation data is signed by a host key rooted in hardware of the host computing system, and the attestation data attests to trustworthiness of the key manager enclave (Jahid, [0008] the key manager from which a particular key should be retrieved is identified in the key policy (i.e. trustworthiness of the key manager). And [0033] Key Manager 140 registers with manager 110 and obtain certificates (e.g., signed by host key) for manager 110, controllers 120A-120N, and hypervisors); 
receive a request, at the secure key manager enclave, to provide a [root] key for a particular virtual machine to be run on the host computing system (Jahid, [0004] For a hypervisor of a host that executes one or more guest virtual machines (i.e. particular virtual machine), some embodiments of the invention provide a method of providing key management and encryption services. The method initially receives an encryption key ticket (i.e. request) at a hypervisor.  The method then uses the encryption key ticket to retrieve an encryption key identified by the ticket from a key manager); (See Sahita for root key below)
access the [root] key based on attestation of the key manager enclave to the key store system (Jahid, [0008] The ticket acts as a security token in retrieving (i.e. access) encryption keys from a key manager. And [0035] key manager 140 is an enterprise key manager (KM) appliance (e.g., a hardware appliance, or software module hardened for security), and it is responsible for storing and managing a large number of keys); 
generate a secure data structure in secure memory of the host computing system to be associated with the particular virtual machine (Jahid, [0050] The process 400 then uses (at 430) the ticket to retrieve an encryption key from a key manager. To retrieve the encryption key, the process in some embodiments sends an encryption key request that includes the ticket to the key manager (i.e. to be associated with the particular virtual machine with the ticket). And [0072] When the encryptor 615 determines that it should encrypt the GVM data message and retrieves a key from a local key storage (i.e. secure data structure) or from a key manager); 
and provision the [root] key in the secure data structure using the key manager enclave, wherein the key manager enclave is to have privileged access to the secure data structure (Jahid, [0004] The method then uses the encryption key ticket to retrieve an encryption key identified by the ticket from a key manager. Also see Fig. 1 for key generator and key storage for the Key manager which are used to retrieve (i.e. provision) the keys, e.g. [0054] The key manager verifies encryption key tickets and generates or retrieves encryption keys based on requests from hypervisors);
While Jahid teaches key manager as key manager enclave for secure key management for execution of data compute nodes (DCNs) but does not explicitly teach wherein the secure key manager enclave is an encrypted cryptographically secure enclave, however in the same field of endeavor Lange teaches:
wherein the secure key manager enclave is an encrypted cryptographically secure enclave (Lange, referring to Fig. 1, and [0043] Each of the management enclaves 106-2-1 through 106-2-m (i.e. secure key manager enclave(s)) encrypt the management key using a machine key unique to the particular machine on which the management enclave is running to create encrypted keys 108-1 through 108-m respectively... management enclaves that run in the key management fabric have the ability to store customer keys in an encrypted form ...),
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Lange in the secure key management system of Jahid by using a management enclave with cryptographically encryption to provide key to enclave. This would have been obvious because the person having ordinary skill in the art would have been motivated to implement encrypted secure enclave as secure key management enclave for secure key management (Lange, [Abstract], [0043-45]).
While the combination of Jahid-Lange discloses providing a key for virtual machine, but does not expressly disclose root key and provision the root key, however in the similar field of endeavor Sahita teaches:
and provision the root key [in the secure data structure] using the key manager enclave (Sahita, [0024] a root key may be derived from the EK for each VM requiring access to the TPM.  Other keys may then be derived (i.e. provision) from the root key for that VM. Also see Fig. 1, PCRs (platform configuration registers, i.e. key manager, i.e. secure key manager enclave in view of Lange), keys for VM1), [wherein the key manager enclave is to have privileged access to the secure data structure] (see Jahid’s teaching above).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Sahita in the secure key management system of Jahid-Lange by deriving root key from the endorsement keys in order for other encryption keys to be derived. This would have been obvious because the person having ordinary skill in the art would have been motivated to learn from Sahita of using root key derived from public/private key pair of each VM requesting to access to TPM (trusted platform model) to be provisioned for enhanced security application (Sahita, [Abstract], [0024]).

Regarding claim 15, Jahid-Lange-Sahita combination teaches a method comprising: method steps substantially similar to the method steps as implemented by the method steps in the machine accessible storage medium of claim 1, therefore is rejected with same reason set forth as rejection of claim 1 above.

Regarding claim 16, Jahid-Lange-Sahita combination teaches a system comprising: 
		at least one processor (Jahid, [0076] When these instructions are executed by one or more processing unit(s)); 
		at least one memory comprising secured memory (Jahid, [0034] the KEK are secured in a password protected read-only file and loaded in to the memory of key manager 140); 
		a virtual machine manager (Jahid, Fig. 1 Manager 110) to: receive an instantiation request to launch a particular virtual machine on a particular one of a plurality of host computing systems (Jahid, [0029] Each of controllers 120A-120N may also be responsible for distributing encryption rules and other information received from manager 110 to a particular hypervisor (e.g., hypervisor 131) (i.e. particular virtual machine) and is called the physical master of the hypervisor); 
		a secure key manager enclave hosted on the particular host computing system (Jahid, Fig. 1 Key manager 140 (i.e. secure key manager enclave)), wherein the secure key manager enclave is to: perform method steps substantially similar to the method steps as implemented by the method steps in the machine accessible storage medium of claim 1, therefore is rejected with same reason set forth as rejection of claim 1 above.

Regarding claim 2, Jahid-Lange-Sahita combination further teaches:
The storage medium of Claim 1, wherein a sealing key is to be derived from the root key and secret data of the particular virtual machine is to be sealed using the sealing key (Sahita, [0092] In block 624, the TPM device driver retains the authentication data for future requests to the TPM for access to the AIK or other information.  The TPM device driver operates on the security agent provided data using the TPM derived keys (i.e. sealing key).  The data is placed in a shared, protected page (i.e. sealed)). 

Regarding claim 9, Jahid-Lange-Sahita combination further teaches:
The storage medium of Claim 1, wherein accessing to the secure data structure is restricted to the key manager enclave (Jahid, [0034] keys stored in key storage 142 are encrypted with a key encryption key (KEK).  … the KEK are secured in a password protected read-only file and loaded in to the memory of key manager 140 during an initial stage with input from a human administrator (i.e. restricted to the key manager)). 

Claim 3 is rejected under 35 U.S.C. 103 as being unpatentable over Jahid-Lange-Sahita combination as applied above to claim 2, further in view of Campagna et al (US20180181756A1, hereinafter, “Campagna”).
Regarding claim 3, Jahid-Lange-Sahita combination teaches: 
The storage medium of Claim 2, 
While the combination of Jahid-Lange-Sahita does not expressly teach the following limitation, however in the same field of endeavor Campagna teaches: 
wherein the root key is to be used in lieu of the host key of the host computing system to derive the sealing key (Campagna, [0032] The service provider computer system 202 maintains a database of public keys 214 that are been assigned to host computer systems, a Merkle tree 216 of hashes cryptographically derived from the database of public keys 214, and a public key 218 at the root of the Merkle tree that acts as the public key of the service provider, See Fig. 13 for VM root and VM keys).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Campagna in the secure key management system of Jahid-Lange-Sahita by using a one-time-use cryptographic keys and hash tree as the public key of the service provider to attest virtual computing services for host computer systems. This would have been obvious because the person having ordinary skill in the art would have been motivated to use the hash tree that link the public key of the host system to the public key of the service provider to sign the virtual computing services as the trusted platform module (Campagna, [Abstract]).

Claims 4-7, 20 are rejected under 35 U.S.C. 103 as being unpatentable over Jahid-Lange-Sahita combination as applied above, further in view of Srivastav et al (US20170222981A1, hereinafter, “Srivastav”).
Regarding claim 4, Jahid-Lange-Sahita combination teaches: 
The storage medium of Claim 1, 
While the combination of Jahid-Lange-Sahita does not expressly teach the following limitation, however in the same field of endeavor Srivastav teaches: 
ATTORNEY'S DOCKET PATENT APPLICATIONP9892045 wherein the request identifies that the root key has been previously generated and the code, when executed, further causes the machine to: send a key request to the secure key store system for the root key; and receive the root key from the secure key store system in response to the key request and based on the attestation of the key manager enclave to the key store system (Srivastav, [0021] Referring now to FIG. 3, …  The registration authority 150 includes an EST server 310 that handles requests from virtual machines for PKI support through the EST protocol.  ... the CA 320 (i.e. secure key store system) may be provided by a customer, and is distinct from the registration authority 150.  The customer-provided CA 320 and the registration authority 150 are presumed to have a pre-established trust relationship.  The CA 320 stores root CA certificates 322 linked to the root CA keys 324). 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Srivastav in the secure key management system of Jahid-Lange-Sahita by storing root CA keys in certificate authority and provides client VM and server VM with signed root CA certificates. This would have been obvious because the person having ordinary skill in the art would have been motivated to use previously stored root keys for VM to be automatically provisioned by the controller to enable the virtual machine to securely communicate with other computing entities (Srivastav, [Abstract]).ATTORNEY'S DOCKET PATENT APPLICATIONP9892045 

Regarding claim 5, Jahid-Lange-Sahita-Srivastav combination further teaches: 
The storage medium of Claim 4, wherein the root key is associated with the particular virtual machine and the key request identifies the particular virtual machine (Srivastav, [0021] The registration authority 150 includes an EST server 310 that handles requests from virtual machines for PKI support through the EST protocol.  The EST server 310 is connected to a root certificate authority (CA) 320 that serves as a trusted third party for the virtual machines.  [0025] … the client virtual machine 330 may validate a TLS connection to the server virtual machine 340 using the mutual certificate based TLS session). 

Regarding claim 6, Jahid-Lange-Sahita-Srivastav combination further teaches: 
The storage medium of Claim 5, wherein the root key was generated and stored on the secure key store system by another secure enclave on another host computing system (Srivastav, [0029] The bootstrapping utility provides queries to obtain the Private Root CA certificate and API-specific CA root certificates via an API.  The administrator provides a web user interface to download the root CA certificate and API-specific certificates.  This mechanism may be used to construct the trust stores 332 and 342 on the client virtual machine 330 and the server virtual machine 340, respectively.  These trust stores provides a means for client and server to trust each others certificates based on their certificate chain for mutual certificate based TLS). 

Regarding claim 7, Jahid-Lange-Sahita-Srivastav combination further teaches: 
The storage medium of Claim 6, wherein the root key was generated in association with an initial instantiation of the virtual machine on the other host computing system (Srivastav, [0029] a bootstrapping utility may, based on the configuration parameters passed, perform the virtual-machine-specific trust store configuration by accessing the Root CA certificate or API specific certificates from an administrator web interface provided for this purpose.  The bootstrapping utility may be included in the virtual machine image 140 or it may be installed by the controller 110 on the virtual machine 330 or 340 during the virtual machine launch process). 

Regarding claim 20, Jahid-Lange-Sahita combination teaches: 
The system of Claim 16, 
While the combination of Jahid-Lange-Sahita does not expressly teach the following limitation(s), however in the same field of endeavor Srivastav teaches: 
further comprising a virtual machine scaling manager to: identify a change in a deployment comprising a first set of virtual machine instances; and send the instantiation request to add the particular instance of the virtual machine to the first set of virtual machine instances and form a second set of virtual machine instances (Srivastav, see Fig. 1 Controller 110 (i.e. virtual machine scaling manager). Also see Fig. 6 step 630, [0039] The controller determines computing resources that will be used to run the virtual machine in step 630. And [0042] the techniques presented herein provide for a service-to-service security model and certificate provisioning mechanism for solutions that need to support a cloud environment (i.e. identify a change in a deployment) where client and service virtual machines are created dynamically and require certificate management.  …  Additionally, this solution does not compromise security of the cryptographic material and does not assume or require a trusted environment to provide automatic scaling. Also [0045] a system is provided for instantiating and provisioning a virtual machine and enabling the virtual machine to obtain cryptographic constructs needed to set up subsequent secure communications channels).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Srivastav in the secure key management system of Jahid-Lange-Sahita by automatically provisioning virtual machines with unique cryptographic constructs. This would have been obvious because the person having ordinary skill in the art would have been motivated to use previously stored root keys for VM to be automatically provisioned by the controller to enable the virtual machine to securely communicate with other computing entities (Srivastav, [Abstract]).

Claim 8 is rejected under 35 U.S.C. 103 as being unpatentable over Jahid-Lange-Sahita-Srivastav as applied above to claim 7, further in view of Chang et al (US20130268643A1, hereinafter, “Chang”).
Regarding claim 8, Jahid-Lange-Sahita-Srivastav combination teaches: 
The storage medium of Claim 7, 
While the combination of Jahid-Lange-Sahita-Srivastav does not expressly teach the following limitation, however in the same field of endeavor Chang teaches: 
wherein the particular virtual machine is launched following a tearing down of the initial instantiation of the particular virtual machine (Chang, [0016] the method may further include storing a VM image of the VM in a cloud storage in the cloud extension, such that the cloud storage is accessible from outside the NVC, shutting down the VM in the NVC, providing an additional NVC with different processing resources at the cloud extension, instantiating the additional NVC, mounting the cloud storage to the additional NVC, and re-launching the VM on the additional NVC). 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Chang in the secure key management system of Jahid-Lange-Sahita-Srivastav by shutting down the VM and re-launching the VM on the additional nested VM container. This would have been obvious because the person having ordinary skill in the art would have been motivated to managing the VM in a cloud extension by shutting down and re-launching the VM on additional NVC to migrate application virtual machine in a network environment (Chang, [Abstract], [0001]).ATTORNEY'S DOCKET PATENT APPLICATIONP9892045 

Claim 10 is rejected under 35 U.S.C. 103 as being unpatentable over Jahid-Lange-Sahita as applied above to claim 1, further in view of Pratt (US9021476B1, hereinafter, “Pratt”).
Regarding claim 10, Jahid-Lange-Sahita combination teaches:
The storage medium of Claim 1, 
While the combination of Jahid-Lange-Sahita does not expressly teach the following limitation, however in the same field of endeavor Pratt teaches: 
wherein the secure data structure comprises a page of encrypted memory of the host computing system (Pratt, Col. 5 lines 25-30, To illustrate using an embodiment where hypervisor 130 is responsible for encrypting the data, if hypervisor 130 instructs host OS 110 to write a page of memory to disk, then hypervisor 130 may encrypt the page of memory to create an encrypted version prior to requesting host OS 110 to write the page of memory to a persistent storage). 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Pratt in the secure key management system of Jahid-Lange-Sahita by having the hypervisor to create encrypted page of memory (encrypted data) to persistent storage. This would have been obvious because the person having ordinary skill in the art would have been motivated to protect the resources bellowing to the hypervisor by encrypting data into secure memory in the persistent storage to ensure the privacy and integrity of hypervisor (Pratt, [Title],  [Abstract]).ATTORNEY'S DOCKET PATENT APPLICATIONP9892045 

Claims 11-12 are rejected under 35 U.S.C. 103 as being unpatentable over Jahid-Lange-Sahita as applied above to claim 1, further in view of Brutch et al (US20090086979A1, hereinafter, “Brutch”).
Regarding claim 11, Jahid-Lange-Sahita combination teaches: 
The storage medium of Claim 1, 
While the combination of Jahid-Lange-Sahita does not expressly teach the following limitation, however in the same field of endeavor Brutch teaches: 
wherein the particular virtual machine comprises an initial instance of the particular virtual machine, and accessing the root key comprises: generating the root key using the key manager enclave; and sending a request to register the root key with the secure key store system as associated with the particular virtual machine (Brutch, [0050] the public portion of a vTPM key includes virtual platform configuration register bindings to the computing environment of the VM, a public key of the instantiated key, and an identifier of the root key as a logical parent key).ATTORNEY'S DOCKET PATENT APPLICATIONP9892 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Brutch in the secure key management system of Jahid-Lange-Sahita by applying register binging to the computing environment of the VM as virtual platform configuration. This would have been obvious because the person having ordinary skill in the art would have been motivated to register the root key as way of crating trusted platform virtualization module to generate, maintain and use hardware trusted platform module keys on behalf of the virtual machines (Brutch, [Abstract]).

Regarding claim 12, Jahid-Lange-Sahita-Brutch combination further teaches: 
The storage medium of Claim 11, wherein the request to register the root key comprises the root key, and registration and storage of the root key with the secure key store system is based on successful attestation of the key manager enclave to the secure key store system (Jahid, [0008] the key manager from which a particular key should be retrieved is identified in the key policy (i.e. attested)). 

Claim 13 is rejected under 35 U.S.C. 103 as being unpatentable over Jahid-Lange-Sahita-Brutch as applied above to claim 11, further in view of Srivastav et al (US20170222981A1, hereinafter, “Srivastav”).
Regarding claim 13, Jahid-Lange-Sahita-Brutch combination teaches: 
The storage medium of Claim 11, 
While the combination of Jahid-Lange-Sahita-Brutch does not expressly teach the following limitation, however in the same field of endeavor Srivastav teaches: 
wherein the root key is to be fetched from the secure key store system in association with launching instances of the particular virtual machine subsequent to registration of the root key (Srivastav, [0017] After a virtual machine 132 is bootstrapped, it communicates securely with the registration authority 150 to request PKI support… The authentication credential allows the virtual machine 132 and registration authority 150 to establish a secure connection over which the virtual machine 132 can request PKI support. And [0021] the public API CA certificates 326 may be signed by one of the root CA keys 324… the certificate authority 320 may support multiple tenants using multiple roots).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Srivastav in the secure key management system of Jahid-Lange-Sahita-Brutch by storing root CA keys in certificate authority and provides client VM and server VM with signed root CA certificates. This would have been obvious because the person having ordinary skill in the art would have been motivated to use previously stored root keys for VM to be automatically provisioned by the controller to enable the virtual machine to securely communicate with other computing entities (Srivastav, [Abstract]).

Claim 14 is rejected under 35 U.S.C. 103 as being unpatentable over Jahid-Lange-Sahita as applied above to claim 1, further in view of Cha et al (US20130080769A1, hereinafter, “Cha”).
Regarding claim 14, Jahid-Lange-Sahita combination teaches:
The storage medium of Claim 1, 
While the combination of Jahid-Lange-Sahita does not expressly teach the following limitation, however in the same field of endeavor Cha teaches: 
wherein a provisioning key is to be derived from the root key, the particular virtual machine is to comprise a secure provisioning enclave, and the secure provisioning enclave is to use the provisioning enclave to obtain another cryptographic key for use by the particular virtual machine (Cha, [0035] Local OpenID methods may also use an authentication assertion key (i.e. provisioning key), which may be used to sign one or more of the authentication assertion message(s) for authentication of the user. Such authentication assertion keys may be derived from the root session key. And [0098] the remote user device may submit secret data, such as a disk encryption credential (e.g., a password) for example, to the virtual machine in the cloud … This credential may be secretly stored on the smart card or other trusted environment (i.e. secure enclave) enabled with local OpenID in such a way that it is transferred to the designated virtual machine).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Cha in the secure key management system of Jahid-Lange-Sahita by using authentication assertion key derived from root session key to establish secure communication. This would have been obvious because the person having ordinary skill in the art would have been motivated to use the authentication key derived from root key to establish secure channel between user equipment and service provider (Cha, [Abstract], [0035], [0098-0099]).ATTORNEY'S DOCKET PATENT APPLICATIONP9892045 

Claims 17-18 are rejected under 35 U.S.C. 103 as being unpatentable over Jahid-Lange-Sahita as applied above to claim 16, further in view of Zhang et al (US20090125974A1, hereinafter, “Zhang”).
Regarding claim 17, Jahid-Lange-Sahita combination teaches: 
The system of Claim 16, 
While the combination of Jahid-Lange-Sahita does not expressly teach the following limitation, however in the same field of endeavor Zhang teaches: 
further comprising the secure key store system, wherein the secure key store system is to maintain a respective root key for each one of a plurality of virtual machines to be launched in the plurality of host computing systems (Zhang, [0026] Upon creation of each VM by the hypervisor 45, the vTPM manager 48 (i.e. secure key store system) creates a vTPM instance 49 and a corresponding Virtualized Core Root of Trust Measurement (vCRTM) instance 52, whereby the vCRTM instances 52 (vCRTM_1, .  . . , vCRT_n), are associated with the vTPM instances 49 (vTPM_1, .  . . , vTPM_n).  For each new VM, the vTPM manager 48 also allocates memory for corresponding vTPM PCRs 53 and a virtualized storage root key (vSRK) 54). 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Zhang in the secure key management system of Jahid-Lange-Sahita by creating virtualized trusted platform module (vTPM) to manage the root keys for corresponding VMs. This would have been obvious because the person having ordinary skill in the art would have been motivated to allow the hypervisor boot each VM with the allocated vCRTM and vTPM as a root-of-trust to enforce trusted computing policies in computing environment (Zhang, [Abstract], [0026-0027]).

Regarding claim 18, Jahid-Lange-Sahita-Zhang combination further teaches: 
The system of Claim 17, wherein the secure key store system is to validate the attestation data and restrict access to the root key if the attestation data cannot be validated (Jahid, see Fig. 5 step 530, and [0057] The process 500 then determines (at 530) whether the ticket (i.e. attestation data) has expired (i.e. not valid) by examining the expiry field of the ticket… If the process determines (at 530) that the ticket has expired (i.e. cannot be validated), it ends the process without sending an encryption key to the requesting host (i.e. restricted access to the root key, or from retrieving stored key)). 

Claim 19 is rejected under 35 U.S.C. 103 as being unpatentable over Jahid-Lange-Sahita-Zhang as applied above to claim 17, further in view of Princen et al (US20160232331A1, hereinafter, “Princen”).
Regarding claim 19, Jahid-Lange-Sahita-Zhang combination teaches: 
The system of Claim 17, 
While the combination of Jahid-Lange-Sahita-Zhang does not expressly teach the following limitation, however in the same field of endeavor Princen teaches: 
wherein the secure key store system is to maintain a positive attestation result for the key manager enclave based on the attestation data and grant the key manager enclave access to a plurality of root keys for a plurality of virtual machine instances, without re-attestation, based on the attestation data (Princen, [0022] the secure player authenticates and securely obtains a secret re-encryption key and uses a new secret re-encryption key for re-encrypting the content. The content might be divided into a plurality of chunks,…The use of significant computational and communication resources, even if the loading occurs in large numbers of pieces, is avoided because decryption might be conducted using the secret re-encryption key SK without having to compute and re-verify (i.e. re-attestation) each chunk separately).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Princen in the secure key management system of Jahid-Lange-Sahita-Zhang by avoiding re-verifying re-encryption content. This would have been obvious because the person having ordinary skill in the art would have been motivated to not compute and re-verify the content to avoid need of significant computational and communication resources (Princen, [0022]).

Claims 21-23 are rejected under 35 U.S.C. 103 as being unpatentable over Lange (US20180139044A1, hereinafter, “Lange”), in view of Jahid et al (US20180063103A1, hereinafter, "Jahid"), further in view of Sahita et al (US20090172328A1, hereinafter, “Sahita”).
Regarding claim 21, Lange teaches: 
A secure key manager server (Lange, referring to Fig. 1 Management Enclave 106), comprising: a hardware platform comprising a processor and a memory (Lange, [0015] The machine 100 is a physical hardware device configured to execute programming instruction.  For example, a machine may include a central processing unit (CPU)); and instructions encoded within the memory to instruct the processor to: 
provision a secure enclave within the memory (Lange, [0015] Data cannot be provided by force into the enclave 102 (i.e. secure enclave), except as illustrated below, where a management enclave 106 (i.e. secure key manager enclave) can provide keys (i.e. provision), such as key 108 into the enclave 102); 
provision a key storage data structure within the secure enclave (Lange, [0043] Each of the management enclaves 106-2-1 through 106-2-m encrypt the management key using a machine key unique to the particular machine on which the management enclave is running to create encrypted keys 108-1 through 108-m respectively... management enclaves that run in the key management fabric have the ability to store customer keys in an encrypted form ... [0045] In one embodiment, the enclave architecture defined by the CPU may offer a privileged instruction available only to a management enclave which permits it to deliver a key directly into the address space of the enclave (i.e. key storage data structure further in view of Jahid below)); 
While Lange teaches providing keys to enclave by the key management enclave in secure key management but does not explicitly teach the following limitation(s) however in the same field of endeavor Jahid teaches:
receive from a requesting virtual machine (VM) a request for a VM [root] key associated with the requesting VM (Jahid, [0004] For a hypervisor of a host that executes one or more guest virtual machines (i.e. particular virtual machine), some embodiments of the invention provide a method of providing key management and encryption services. The method initially receives an encryption key ticket (i.e. request) at a hypervisor.  The method then uses the encryption key ticket to retrieve an encryption key identified by the ticket from a key manager); (See Sahita for root key below)
retrieve the VM [root] key associated with the requesting VM from the key storage data structure (Jahid, [0050] The process 400 then uses (at 430) the ticket to retrieve an encryption key from a key manager. To retrieve the encryption key, the process in some embodiments sends an encryption key request that includes the ticket to the key manager (i.e. to be associated with the particular virtual machine with the ticket). And [0072] When the encryptor 615 determines that it should encrypt the GVM data message and retrieves a key from a local key storage (i.e. secure data structure) or from a key manager); 
and send the VM [root] key to the requesting VM (Jahid, [0059] If the process 500 determines (at 550) that a key storage stores a corresponding key for the key ID of the ticket, it retrieves the key (at 560) and sends the key to the requesting hypervisor at 570). 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Jahid in the secure key management of Lange by providing keys from key manager to virtual machines per request. This would have been obvious because the person having ordinary skill in the art would have been motivated to implementing a key manager with secure key storage structure of Jahid to provide key management and encryption services to virtual machines using secure key management protocol for distributed network encryption (Jahid, [Abstract]).
While the combination of Lange-Jahid does not expressly disclose root key and provision the root key for virtual machines, however in the similar field of endeavor Sahita teaches:
retrieve the VM root key associated with the requesting VM from the [key storage data structure] (Sahita, [0024] a root key may be derived from the EK for each VM requiring access to the TPM.  Other keys may then be derived from the root key for that VM. Also see Fig. 1, PCRs (platform configuration registers, i.e. key manager, i.e. secure key manager enclave in view of Lange), keys for VM1. Also see Jahid above for key storage data structure),
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Sahita in the secure key management system of Lange-Jahid by deriving root key from the endorsement keys in order for other encryption keys to be derived. This would have been obvious because the person having ordinary skill in the art would have been motivated to learn from Sahita of using root key derived from public/private key pair of each VM requesting to access to TPM (trusted platform model) to be provisioned for enhanced security application (Sahita, [Abstract], [0024]).

Regarding Claim 22, Lange-Jahid-Sahita combination further teaches:
The secure key manager of claim 21, wherein the processor includes a secure memory instruction set, wherein provisioning the secure memory enclave comprises allocating the memory enclave via the secure memory instruction set (Lange, [0045] the enclave architecture defined by the CPU may offer a privileged instruction available only to a management enclave which permits it to deliver a key directly into the address space of the enclave).  

Regarding Claim 23, Lange-Jahid-Sahita combination further teaches:
The secure key manager of claim 21, wherein the instructions are further to receive an attestation quote from the requesting VM, and to send the VM root key associated with the requesting VM only after validating the attestation quote (Lange, [0027] The code for each enclave could be provided by the cloud service provider or could be provided by the tenant to the cloud service provider to implement enclaves for the tenant.  In either case, the tenant can verify the VMs by examining an attestation certificate produced by the enclaves running the VMs, including an enclave attestation for each enclave having a fingerprint for the enclave).  

Claim 24 is rejected under 35 U.S.C. 103 as being unpatentable over Lange-Jahid-Sahita combination as applied above, further in view of Shi et al (US20180181426A1, hereinafter, “Shi”).
Regarding Claim 24, Lange-Jahid-Sahita combination teaches:
The secure key manager of claim 21, 
While the combination of Lange-Jahid-Sahita does not specifically teach the following limitation(s), in the same field of endeavor Shi teaches:
wherein the instructions are further to determine that there is not a root key associated with the requesting VM stored in the key storage data structure, generate a root key, and associate the generated root key with the requesting VM (Shi, [0057] if a primary seed is an endorsement primary seed, the root key created by the virtual machine for the vTPM according to the endorsement primary seed is an endorsement key (i.e. root key). And [0059] When a specified application in the virtual machine runs, the specified application specifies in advance attribute information for a root key that is to be created (i.e. requesting VM). And [0061] The virtual machine determines whether a virtual endorsement key has been locally created for the vTPM… or if no virtual endorsement key has been created for the vTPM, the virtual machine creates a virtual endorsement key for the vTPM according to an endorsement primary seed).  
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Shi in the secure key management system of Lange-Jahid-Sahita by generating root key for vTPM according to primary seed by determining whether the root key had been created or not. This would have been obvious because the person having ordinary skill in the art would have been motivated to base on the determination to create endorsement key (root key) for the virtual machine to protect security of the virtual machine (Shi, [Abstract]).

Claim 25 is rejected under 35 U.S.C. 103 as being unpatentable over Lange-Jahid-Sahita-Shi combination as applied above, further in view of Proudler (US20040151319A1, hereinafter, “Proudler”).
Regarding Claim 25, Lange-Jahid-Sahita-Shi combination teaches:
The secure key manager of claim 24, 
While the combination of Lange-Jahid-Sahita-Shi does not specifically teach the following limitation(s), in the same field of endeavor Proudler teaches:
wherein generating the root key comprises tying the root key to a hardware root key of the hardware platform (Proudler, [0012] The TPM makes the dynamic root key available for use only upon authorization by a trustable source (for example, a hardware root-of-trust or another protected process such as a protected compartment OS) that is responsible for ensuring that the process associated with the dynamic root key is protected (which may simply be because the protected process is the only process executing)).  
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Proudler in the secure key management system of Lange-Jahid-Sahita-Shi by making the dynamic root key available for use only upon authorization by a trustable source. This would have been obvious because the person having ordinary skill in the art would have been motivated to provide a key hierarchy by a trusted platform for protecting sensitive data in access control handling of a hierarchy of nodes (Proudler, [Abstract], [0012]).

Claim 26 is rejected under 35 U.S.C. 103 as being unpatentable over Lange-Jahid-Sahita-Shi combination as applied above, further in view of French (US20120131354A1, hereinafter, “French”).
Regarding Claim 26, Lange-Jahid-Sahita-Shi combination teaches:
The secure key manager of claim 24, 
While the combination of Lange-Jahid-Sahita-Shi does not specifically teach the following limitation(s), in the same field of endeavor French teaches:
wherein the generated root key is hardware agnostic (French, [0026] The key management component layer provides a single integrated and automated key management solution allowing the provision of key material to the cryptographic service providers. The key management component is an automated, hardware agnostic…).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of French in the secure key management system of Lange-Jahid-Sahita-Shi by generating key management component that is hardware agnostic. This would have been obvious because the person having ordinary skill in the art would have been motivated to provide cryptographic server to apply encryption policy in provision of cryptographic services with hardware agnostic key management infrastructure in managing keys according to predefined policy (French, [0026], [0032]).
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MICHAEL M LEE whose telephone number is (571)272-1975.  The examiner can normally be reached on M-F: 8:30AM - 5:30PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Shewaye Gelagay can be reached on (571) 272-4219.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/MICHAEL M LEE/Examiner, Art Unit 2436                                                                                                                                                                                                        
/TRONG H NGUYEN/Primary Examiner, Art Unit 2436