Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . This is in reply to papers filed on 03/30/2021. Claims 1-25 are pending. Claims 1, 10, 19-20, and 25 is/are independent.

	Information Disclosure Statement
	The information disclosure statement(s) (IDS) submitted on 06/05/2019, 06/10/2019, 07/08/2020, and 03/30/2021 is/are in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement(s) is/are being considered by the examiner.
	
Allowable Subject Matter
Claims 20 and 25 are allowable.
Claims 21-24 would be allowable if rewritten to overcome the rejection(s) under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), 2nd paragraph, set forth in this Office action.
The following is a statement of reasons for the indication of allowable subject matter:  

The prior art of record (in particular, Maeng et al. Korean Publication No. KR 2013-0000253 A, machine translation, published on 2-Jan-2013 (hereinafter “Maeng”), Camiel U.S. Publication 20070277160 (hereinafter "Camiel"), Chen U.S. Publication 20090113110 (hereinafter "Chen"), Noel U.S. Publication 20190068557 (hereinafter "Noel"), and Micheloni U.S. Publication 20160064096 (hereinafter "Micheloni")) does not expressly disclose all the limitations recited in independent claims and the combination of their features thereon. With respect to independent claims 20 and 25 the closest prior art does not disclose at least the following limitations in the recited context:

responsive to a secure entity accessing a page that has been paged-in by a untrusted entity of a computing system but is not yet secure, presenting, by a hardware control of the 



Rather, Maeng discloses that generally a hypervisor is denied access to memory areas used by a virtual machine. However, in certain circumstances, the hypervisor may be allowed access, and if access is allowed to the hypervisor, a page is encrypted before granting access to the hypervisor [Maeng page 6, para. 4, page 6, para. 6, and page 6, para. 5]. 
However, Maeng does not disclose at least the features of claims 20 and 25 quoted above.  
To this, Camiel adds locking memory when access to multiple memory locations is required and subsequently unlocking [Camiel, para. 53, 102]. Chen adds computing hash over encrypted page contents [Chen, para. 169]. Noel adds after encrypting a VM page, marking the page as invalid in a page table [Noel, para. 32]. Micheloni adds sending busy signal when the memory is busy and waiting [Micheloni, para. 35].
However, the combination of Maeng, Camiel, Chen, Noel, and Micheloni does not teach at least the features of claims 20 and 25 quoted above.  

None of the prior art of record, either taken by itself or in any combination, would have anticipated or made obvious the invention of the present application at or before the time it was filed.
For the reasons described above, the prior art of record does not disclose, with respect to independent claims 20 and 25, features corresponding to those of independent claims 20 and 25 in their respective contexts. Therefore, the independent claims 20 and 25 is/are allowable.

Dependent claims 21-24 would be allowable in view of their respective dependence from independent claims 20 and 25.
Claim Interpretation
	The claimed computer program product in claims 19 and 25 involve computer readable storage media. The claimed computer readable storage medium is treated as a statutory type of computer readable media based on the disclosure in para. 111 of the specification of the instant application.  Specifically, the disclosure at para. 111 points out that the computer readable storage medium, as used herein, “is not to be construed as being transitory signals per se, such as radio waves or other freely propagating electromagnetic waves, electromagnetic waves propagating through a waveguide or other transmission media (e.g., light pulses passing through a fiber-optic cable), or electrical signals transmitted through a wire.” 
	
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 21-24 is/are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention.
Claims 21-24 recites “the secure page”. However, there is no antecedent basis for the secure page. Appropriate correction is required.


Claim Rejections - 35 USC § 102
	The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention.

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.


Claim(s) 1-2, 4, 9-11, 13, and 18-19 is/are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Maeng et al. Korean Publication No. KR 2013-0000253 A, machine translation, published on 2-Jan-2013 (hereinafter “Maeng”) 
As per claim 1, Maeng discloses 
a computer-implemented method comprising: 
presenting, by a hardware control of a computing system, an exception to an untrusted entity when the untrusted entity accesses a secure page stored in a memory of the computing system, the exception preventing the untrusted entity from accessing the secure page; 

(See Maeng 
[the scenario according to the disclosure of the Maeng reference:
when the hypervisor accesses the memory page the 1st time, the hypervisor is rejected. (E.g., Maeng page 6, paragraph 4 ‘the hypervisor is in principle denied access to the memory area already used by the virtual machine ‘)However, when the situation changes and the hypervisor request access to the memory page during one of those situations described in the reference, the hypervisor is granted access to the memory page and the memory page is 
]
Maeng page 7, bottom paragraph ‘, the memory management unit 20[hardware control] is implemented as hardware to block arbitrary and malicious access by the hypervisor. ’
Maeng page 5, para. 8 ‘and at least one hardware processor.’[
Maeng Page 4, para. 4 ‘1 is a diagram illustrating a hierarchical memory structure in a virtualization environment ……. The hypervisor also manages a page table that stores mapping information between guest physical memory and machine memory installed in a real machine. ‘[a memory of the computing system]
Maeng page 6, para. 3 ‘4 is a flowchart illustrating a method of controlling memory access when an exception occurs in a virtualization’ [a computer-implemented method comprising: ]
Maeng Page 5, para. 6 ‘As a result, if the page [accesses a secure page stored in a memory ] is already occupied by a specific virtual machine, the process proceeds to step 257 and denies the memory access by the hypervisor. If the page is not occupied by any virtual machine, step 253 is reached.’
Maeng Page 6, para. 4 ‘….. the hypervisor is in principle denied access to the memory area already used by the virtual machine [presenting, by a hardware control of a computing system, an exception to an untrusted entity when the untrusted entity accesses a secure page stored in a memory ….. the exception preventing the untrusted entity from accessing the secure page; untrusted entity= hypervisor; exception = hypervisor is in principle denied access to the memory area already used]……. …….’
)

in response to the exception, issuing, by the untrusted entity, an export call routine; and executing, by a secure interface control of the computing system, the export call routine.
(See 
Maeng Page 6, para. 4 ‘ In step 410, the virtual system preconfigures an exception situation in which the hypervisor should allow access to the memory area used by the virtual machine. Although ….. The hypervisor is in principle denied access to the memory area already used by the virtual machine …..situations in which the visor should be allowed to access areas of memory that are already occupied, …….’[There are certain situations which allows the Maeng hypervisor access to the memory page …. The memory page is encrypted before allowing the hypervisor access]
Maeng Page 6, para. 5 ‘These exceptions can be caused by a lack of memory in the virtual machine or hypervisor, when a virtual machine loaded in memory is paused or shut down and saved to disk, or when the virtual machine .. reassignment,’
Maeng page 6 para. 6 ‘In operation 420, the memory region access request by the hypervisor is generated,[ in response to the exception, issuing, by the untrusted entity, an export call routine; export call routine= memory region access request, which is a request to encrypt the target page ] and in operation 430, it is determined whether an exception set[in this Maeng reference the exception means that the hypervisor is allowed access] in operation 410 occurs. At this time, if a set exception occurs, the memory manager encrypts a memory area [executing, by a secure interface control of the computing system, the export call routine; secure interface control = memory manager; export call routine =  encrypts a memory area for hypervisor access] used by the virtual machine. This is to protect the hypervisor from reading the actual data even if the hypervisor accesses the memory area. ‘
)

As per claim 2, the rejection of claim 1 is incorporated herein. 
wherein the export call routine comprises: encrypting, by the secure interface control, the secure page.
(See 
Maeng page 6 para. 6 ‘ At this time, if a set exception occurs, the memory manager encrypts a memory area’
Maeng Page 5, para. 6 ‘As a result, if the page [accesses a secure page stored in a memory ] is already occupied by a specific virtual machine, the process proceeds to step 257 and denies the memory access by the hypervisor. If the page is not occupied by any virtual machine, step 253 is reached.’
)

As per claim 4, the rejection of claim 2 is incorporated herein. 
Maeng discloses wherein the export call routine comprises: prior to the encrypting, registering, by the secure interface control, the secure page to the secure interface control in a zone-security table.
(See Maeng Para. page 5, para. 2
‘In operation 220, the memory manager determines whether the corresponding memory area is occupied by the virtual machine according to the access request of operation 210. In the present embodiment, each memory area constituting the memory, when used by the virtual
machine, may be occupied in a specific table (eg, a machine to address (M2A) table). Will be recorded [registering, by the secure interface control, the secure page]. Therefore, in step 220, by querying the specific table, it is possible to know which virtual machine is occupied by the memory area requested by the hypervisor.’
Maeng Page 5, para. 6 ‘As a result, if the page [secure page  ] is already occupied by a specific virtual machine, the process proceeds to step 257 and denies the memory access by the hypervisor. If the page is not occupied by any virtual machine, step 253 is reached.’)

As per claim 9, the rejection of claim 1 is incorporated herein. 
Maeng discloses wherein the secure interface control comprises firmware, hardware, or a combination of firmware and hardware; and the untrusted entity comprises a hypervisor.
(See Maeng page 7, bottom paragraph ‘FIG. 5 is a block diagram illustrating an entire virtualization system including an apparatus 500 for controlling memory access …….The apparatus 500 for controlling memory access is divided into a hypervisor 10 and a memory manager. 20). Of these, the memory management unit 20 is implemented as hardware to block arbitrary and malicious access by the hypervisor. ’
Maeng Page 6, para. 4 ‘Although ….. the hypervisor is in principle denied access to the memory area already used by the virtual machine [untrusted entity= hypervisor]……. …….’
)

As per claim 10, the claim(s) is/are directed to a system with limitations which correspond to limitations of claim 1, and is/are rejected for the reasons detailed with respect to claim 1.  In addition, claim 10 recites, and
Maeng discloses A system comprising: a memory comprising computer readable instructions; and a processing device for executing the computer readable instructions for performing a method comprising: 
(See Maeng
page 3 para. 2 ‘ a computer-readable recording medium having recorded thereon a program for executing a method for controlling memory access in the virtualization system described above in a computer.’[A system]
Maeng page 5, para. 8 ‘and at least one hardware processor.’[and a processing device for executing the computer readable instructions]
computer readable instructions ] on a computer readable recording medium[a memory]. …..Examples of the computer-readable recording medium include a ROM, a RAM,[ a memory]  .’
)

As per claim 11, the claim(s) is/are directed to a system with limitations which correspond to limitations of claim 2, and is/are rejected for the reasons detailed with respect to claim 2.  


As per claim 13, the claim(s) is/are directed to a system with limitations which correspond to limitations of claim 4, and is/are rejected for the reasons detailed with respect to claim 4.  

As per claim 18, the claim(s) is/are directed to a system with limitations which correspond to limitations of claim 9, and is/are rejected for the reasons detailed with respect to claim 9.  

As per claim 19, the claim(s) is/are directed to a system with limitations which correspond to limitations of claim 1, and is/are rejected for the reasons detailed with respect to claim 1.  




Claim Rejections - 35 USC § 103
	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

	The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
	
	This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.

Claims 3 and 12 is/are rejected under 35 U.S.C. 103 as being unpatentable over Maeng in view of Camiel et al. U.S. Publication 20070277160 (hereinafter “Camiel”).
As per claim 3, the rejection of claim 2 is incorporated herein. 
wherein the export call routine comprises: prior to the encrypting, locking, by the secure interface control, the secure page; and subsequent to the encrypting, unlocking, by the secure interface control, the secure page.
Camiel discloses locking memory when access to multiple memory locations is required and subsequently unlocking
(See Camiel Para. 
[0102] ‘ it is possible to lock and unlock a page in main memory. Locking a page is necessary when certain operations require several memory locations to be available..’
[0053] ‘B) Random Access Memory or RAM used by JVM during VM operation. Virtual memory is mapped to RAM when accessed by VM’
).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified Maeng with the technique for locking memory when access to multiple memory locations is required and subsequently unlocking of Camiel to include wherein the export call routine comprises: 
prior to the encrypting, locking, by the secure interface control, the secure page; and subsequent to the encrypting, unlocking, by the secure interface control, the secure page.
One of ordinary skill in the art would have made this modification to improve the ability of the system to encrypt page data while locking the page to avoid modifications to the page before or during encrypting. The memory manager of the primary reference can be modified to lock the page before encrypting and unlocking the page after encrypting.

As per claim 12, the claim(s) is/are directed to a system with limitations which correspond to limitations of claim 3, and is/are rejected for the reasons detailed with respect to claim 3	
Claims 5 and 14 is/are rejected under 35 U.S.C. 103 as being unpatentable over Maeng in view of Chen et al. U.S. Publication 20090113110 (hereinafter “Chen”).
As per claim 5, the rejection of claim 2 is incorporated herein. 
	However, Maeng does not expressly disclose 
wherein the export call routine comprises: capturing, by the secure interface control, a hash of encrypted contents of the secure page.
Chen discloses 
capturing, by the secure interface control, a hash of encrypted contents of the secure page.
(See Chen Para. [0169] ‘…. encrypts the page contents, and computes a secure hash H over the encrypted contents. ’.).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified Maeng with the technique for hashing encrypted contents of a page of Chen to include wherein the export call routine comprises: capturing, by the secure interface control, a hash of encrypted contents of the secure page.
One of ordinary skill in the art would have made this modification to improve the ability of the system to ensure that the contents of the encrypted page are not maliciously modified. The memory manager of the primary reference can be modified to ash the encrypted contents of the page as taught in the Chen reference.

As per claim 14, the claim(s) is/are directed to a system with limitations which correspond to limitations of claim 5, and is/are rejected for the reasons detailed with respect to claim 5.  

Claims 6-7 and 15-16 is/are rejected under 35 U.S.C. 103 as being unpatentable over Maeng in view of Noel et al. U.S. Publication 20190068557 (hereinafter “Noel”).
As per claim 6, the rejection of claim 2 is incorporated herein. 
	However, Maeng does not expressly disclose wherein the export call routine comprises: subsequent to the encrypting, marking, by the secure interface control, a host absolute page as non-secure.
Noel discloses subsequent to the encrypting, marking, by the secure interface control, a host absolute page as non-secure.
(See Noel Para. [0032] ‘(1) Cause the access modifier 210 of the hypervisor to protect the encrypted VM page 270 from VM access. This is also referred to as disabling VM access. Protecting the page 270 from VM access may include marking the page invalid in an extended page table (EPT) maintained by the source host machine 200.’[The invalid page is not secure page]
).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified Maeng with the technique for marking a page in a table of Noel to include wherein the export call routine comprises: subsequent to the encrypting, marking, by the secure interface control, a host absolute page as non-secure.
One of ordinary skill in the art would have made this modification to improve the ability of the system to keep track of the status of the page in memory. The memory manager of the primary reference can be modified to perform marking of a page in the table as taught in the Noel reference.

As per claim 7, the rejection of claim 2 is incorporated herein. 
wherein the export call routine comprises: subsequent to the encrypting, registering, by the secure interface control, the host absolute page as non-secure in a zone-security table.
Noel discloses subsequent to the encrypting, registering, by the secure interface control, the host absolute page as non-secure in a zone-security table.
(See Noel Para. 
[0031]
‘Hypervisor 205 may perform a migration process using active page copying for an encrypted VM..: ‘
[0032] ‘(1) Cause the access modifier 210 of the hypervisor to protect the encrypted VM page 270 from VM access. This is also referred to as disabling VM access. Protecting the page 270 from VM access may include marking the page invalid in an extended page table (EPT) maintained by the source host machine 200.’[The invalid page is not secure page]
).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified Maeng with the technique for marking a page in a table of Noel to include wherein the export call routine comprises: subsequent to the encrypting, registering, by the secure interface control, the host absolute page as non-secure in a zone-security table.
One of ordinary skill in the art would have made this modification to improve the ability of the system to keep track of the status of the page in memory. The memory manager of the primary reference can be modified to perform marking of a page in the table as taught in the Noel reference. Note that the primary reference also discloses (e.g., Maeng Page 6, para. 5) that migration is one of the reasons for encrypting a page for hypervisor access.


As per claim 16, the claim(s) is/are directed to a system with limitations which correspond to limitations of claim 7, and is/are rejected for the reasons detailed with respect to claim 9.  



Claims 8 and 17 is/are rejected under 35 U.S.C. 103 as being unpatentable over Maeng in view of Camiel, further in view of Micheloni et al. U.S. Publication 20160064096 (hereinafter “Micheloni”).
As per claim 8, the rejection of claim 3 is incorporated herein. 
However, Maeng does not expressly disclose 
prior to locking the secure page, determining whether the secure page is locked; responsive to determining that the secure page is locked, generating a busy indicator to the untrusted entity; and waiting a delay period.
Camiel discloses 
prior to locking the secure page, determining whether the secure page is locked;
(See Camiel Para. 
[0102] ‘ it is possible to lock and unlock a page in main memory. Locking a page is necessary when certain operations require several memory locations to be available..’
[0053] ‘B) Random Access Memory or RAM used by JVM during VM operation. Virtual memory is mapped to RAM when accessed by VM’
[if there is no determination of whether the page is already locked, then the page could end up being locked twice by different processes/components which cannot happen and if it does will result in undesirable state of the memory page.]
).
	However, the combination of Maeng and Camiel does not expressly disclose
responsive to determining that the secure page is locked, generating a busy indicator to the untrusted entity; and waiting a delay period.
Micheloni discloses sending busy signal when the memory is busy and waiting
(See Micheloni Para. [0035] ‘ ……. generate a busy signal 55 that indicates the time required for completing the programming operation (e.g., a page programming operation)’.).
responsive to determining that the secure page is locked, generating a busy indicator to the untrusted entity; and waiting a delay period.
One of ordinary skill in the art would have made this modification to improve the ability of the system to send notification to a party requesting access to memory indicating a busy state of the memory and waiting until the memory is available. The memory manager of the primary reference can be modified to perform the technique for sending busy signal when the memory is busy and waiting as taught in the Micheloni reference.

As per claim 17, the claim(s) is/are directed to a system with limitations which correspond to limitations of claim 8, and is/are rejected for the reasons detailed with respect to claim 8.  



Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to HOWARD H LOUIE whose telephone number is 571-272-0036.  The examiner can normally be reached on Monday-Friday 9 AM-5 PM EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jung W. Kim can be reached on 571-272-3804.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/HOWARD H. LOUIE/Examiner, Art Unit 2494                                                                                                                                                                                                        
/JUNG W KIM/Supervisory Patent Examiner, Art Unit 2494