DETAILED ACTION

Examiner’s Amendment
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.

	Authorization for this Examiner’s Amendment was given in a telephone interview with Ankur Garg (Reg. No. 62,463) on 23 April 2021.
This application has been amended as follows:
IN THE CLAIMS
Replace the following claims listed as follows.

1.	(Examiner Amended)  A method of granting a first attenuated capability, the method comprising:
providing, by a first server to a different second server, a first capability associated with [[to]] a resource located on the first server; 
creating the first attenuated capability by an agent of the first server instantiated on the second server, which executes , and wherein the secure enclave is protected from processes executing outside of the secure enclave; 
transmitting, by the second server to a separate third server, the first attenuated capability [[to]] associated with the resource; and 
transmitting, by the third server to the first server, the first attenuated capability so as to access the associated resource by the third server.  

8.	(Examiner Amended)  The method of claim 1, further comprising
	creating a second attenuated capability by a[[n]] separate second agent of the first server instantiated on the third server, which executes separate second secure enclave of a separate second memory of the third server, wherein the second attenuated capability is an attenuated version of the first attenuated capability, and wherein the second secure enclave is protected from processes executing outside the second secure enclave;
	transmitting, by the third server to a separate fourth server, the second attenuated capability [[to]] associated with the resource; and
	transmitting, by the fourth server to the first server, the second attenuated capability so as to access the associated resource by the fourth server.

9.	(Examiner Amended)  A non-transitory computer readable storage medium comprising instructions to be executed in a physical processor of a computer system, the instructions when executed in the physical processor cause the computer system to carry out a method of granting a first attenuated capability, the method comprising: 
providing, by a first server to a different second server, a first capability associated with [[to]] a resource located on the first server; 
creating the first attenuated capability by an agent of the first server instantiated on the second server, which executes , and wherein the secure enclave is protected from processes executing outside of the secure enclave; 
transmitting, by the second server to a separate third server, the first attenuated capability [[to]] associated with the resource; and 
transmitting, by the third server to the first server, the first attenuated capability so as to access the associated resource by the third server.  

10.	(Examiner Amended)  The non-transitory computer readable storage medium of claim 9, wherein the first attenuated capability is an encrypted attenuated capability, the method further comprising encrypting the first attenuated capability, by the agent, using an encryption key of the first server.

11.	(Examiner Amended)  The non-transitory computer readable storage medium of claim 10, the method further comprising, validating by the first server the first attenuated capability by using the encryption key.

12.	(Examiner Amended)  The non-transitory computer readable storage medium of claim 9, wherein the resource is a region of memory, a file, a network socket, a region of storage, an interrupt vector, or space of a field-programmable gate array (FPGA).

13.	(Examiner Amended)  The non-transitory computer readable storage medium of claim 9, wherein the agent is instantiated on the second server upon boot up of both the first server and the second server.

14.	(Examiner Amended)  The non-transitory computer readable storage medium of claim 9, wherein data within the secure enclave cannot be accessed by an operating system of the second server.

15.	(Examiner Amended)  The non-transitory computer readable storage medium of claim 9, wherein the creating does not use a processor of the first server.

16.	(Examiner Amended)  The non-transitory computer readable storage medium of claim 9, the method further comprising
	creating a second attenuated capability by a[[n]] separate second agent of the first server instantiated on the third server, which executes separate second secure enclave of a separate second memory of the third server, wherein the second attenuated capability is an attenuated version of the first attenuated capability, and wherein the second secure enclave is protected from processes executing outside the second secure enclave;
	transmitting, by the third server to a separate fourth server, the second attenuated capability [[to]] associated with the resource; and
	transmitting, by the fourth server to the first server, the second attenuated capability so as to access the associated resource by the fourth server.

17.	(Examiner Amended)  A computer system configured to grant a first attenuated capability comprising: 
a first server; 
a second server different from the first server; 
a resource located on the first server; 
a memory of the second server; and 
a physical processor, wherein the physical processor is programmed to carry out a method of granting [[a]] the first attenuated capability, the method comprising:  
providing, by the first server to the second server, a first capability associated with [[to]] the resource located on the first server; 
creating the first attenuated capability by an agent of the first server instantiated on the second server, which executes , and wherein the secure enclave is protected from processes executing outside of the secure enclave; 
transmitting, by the second server to a separate third server, the first attenuated capability [[to]] associated with the the resource; and 
	transmitting, by the third server to the first server, the first attenuated capability so as to access the associated resource by the third server.



Allow Subject Matter

Claims 1 – 20 are allowed.
The following is an examiner’s statement of reasons for allowance:
The above mentioned claims are allowable over prior arts because the CPA (Cited Prior Art) of record fails to teach or render obvious the claimed limitations in combination with the specific added limitations recited in each of the independent claims 1, 9 & 17 (& associated dependent claims).
The present invention is directed to a method for granting a first attenuated capability. The closest prior art(s) include(s) (a) U.S. PG-PUB: 2006/0117090, by Schellingerhout, teaches distributing the digital content and associated digital rights (permissions / capabilities) from a server of a digital content provider and also provides converting digital rights (for example) from an unlimited digital right into limited digital rights (i.e. attenuated capability) such that a proprietor device has a larger degree of freedom in handling and distributing the contents and rights (permissions / capabilities) over the network and (b) U.S. Patent 10,325,118, by Chhabra at al., teaches to allow the protected portion of an application to be distributed in the clear such that before an secure enclave is built, the enclave code and data is free for inspection and analysis and the protected portion is loaded into the enclave where its resource data is measured and protected against all external software access – as such, the system prevents all other software from accessing the resource located inside the enclave and any attempt to modify an enclave’s contents can be detected, prevented or aborted.
As such, no singular art disclosing nor motivation to combine has been found to anticipate or render obvious the claimed invention in such particular details of doing so in the context of recited limitations such as providing, by a first server to a different second server, a first capability associated with a resource located on the first server; creating the first attenuated capability by an agent of the first server instantiated on the second server, which executes within a secure enclave of a memory of the second server, wherein the first attenuated capability is an attenuated version of the first capability, and wherein the secure enclave is protected from processes executing outside of the secure enclave; transmitting, by the second server to a separate third server, the first attenuated capability associated with the resource; and transmitting, by the third server to the first server, the first attenuated capability so as to access the associated resource by the third server.  

Any inquiry concerning this communication or earlier communications from the examiner should be directed to LONGBIT CHAI whose telephone number is (571)272-3788.  The examiner can normally be reached on Monday - Friday 9:00am-5:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn D. Feild can be reached on 571-272-2092.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

           /LONGBIT CHAI/Primary Examiner, Art Unit 2431                                                                                                                                                                                                                 (No. #2289 - 2021)