DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
The Appeal filed 02/08/2021 has been received and considered.
Claims 1, 3-10, 13-17 and 20-25 are pending.

EXAMINER’S AMENDMENT
2.	Authorization for this examiner’s amendment was given by Michael Febbo, Registration No.:59205 on 05/06/2021. The application has been amended as follows: 

1. (Currently Amended) A memory system comprising: 
memory elements organized into memory regions; 
a memory controller at a memory interface, the memory controller comprising: 
an encryptor to control a plurality of memory access keys respectively associated with the memory regions, wherein each memory region is allocated to a respective client, and wherein the memory access keys are stored in page table attributes of a page table; 
an access manager configured to: 
receive an access request from a client, wherein the access request includes a client access key to access a memory element corresponding to a virtual address, 
determine, in the page table, a physical address corresponding to the virtual address, 
look up, from a page table attribute associated with the physical address a memory access key associated with the physical address, 
compare the client access key with the memory access key associated with the memory region that includes the memory element, and 

wherein the access manager is further configured to determine that the access request is not valid by identifying a page table miss in the page table[[.]] ;
and wherein the client access key comprises:
 at least one of a process identifier, a thread identifier and an application identifier; and 
a cyclically changing context definition indicating said at least one of the process identifier, the thread identifier and the application identifier is currently associated with a current status of the memory system.

10. (Currently Amended) A method comprising: 
controlling, via a memory controller at a memory interface, a plurality of memory access keys respectively associated with memory regions of the memory system, wherein each SMRH :4821-5623-5459.3-3-Application No.: 15/193,146Docket No.: 90115813(61CT-318727)memory region is allocated to a respective client, and wherein the memory access keys are stored in page table attributes of a page table; 
receiving, via the memory controller, an access request from a client, wherein the access request includes a client access key to access a memory element corresponding to a virtual address; 
determining, in the page table, a physical address corresponding to the virtual address; 
looking up, via the memory controller, from a page table attribute associated with the physical address, a memory access key associated with the physical address; 
comparing the client access key with the memory access key associated with the memory region that includes the memory element; 
determining that the access request is not valid by identifying a page table miss in the page table; 

determining that the memory element is accessible to a new client; and 
updating the memory access key to conform to a new client access key associated with the new client, 
;
and wherein the client access key comprises:
 at least one of a process identifier, a thread identifier and an application identifier; and 
a cyclically changing context definition indicating said at least one of the process identifier, the thread identifier and the application identifier is currently associated with a current status of the memory system.

17. (Currently Amended) A programmable memory controller comprising: 
a non-transitory computer readable medium that stores configuration data for logic to enable the memory controller to: 
control a plurality of memory access keys respectively associated with memory regions of the memory system, wherein each memory region is allocated to a respective client, and wherein the memory access keys are stored in page table attributes of a page table; 
receive an access request from a client, wherein the access request includes a client access key to access a memory element corresponding to a virtual address; 
determine, in the page table, a physical address corresponding to the virtual address; 
look up, from a page table attribute associated with the physical address, a memory access key associated with the physical address; 

provide a response to the access request based on the comparison and a mode of operation, wherein the mode of operation is one of isolation only, encryption and error correction only, or a combination of isolation, encryption and error correction, SMRH :4821-5623-5459.3-5-Application No.: 15/193,146Docket No.: 90115813 (61CT-318727) 
wherein the non-transitory computer readable medium stores configuration data for logic to: 
identify a page table miss in the page table; 
determine that the access request is not valid based on the identified page table miss, and 
wherein the memory controller comprises an encryptor to control a plurality of memory access keys respectively associated with the memory regions[[.]] ;
and wherein the client access key comprises: SMRH :4821-5623-5459.3-6-Application No.: 15/193,146Docket No.: 90115813 (61CT-318727)
at least one of a process identifier, a thread identifier and an application identifier; and 
a cyclically changing context definition indicating said at least one of the process identifier, the thread identifier and the application identifier is currently associated with a current status of the memory system.

23. (Canceled) 
25. (Canceled) 
Allowable Subject Matter
3.	Claims 1, 3-10, 13-17 and 20-22 and 24 are allowed.
The following is an examiner’s statement of reasons for allowance: The claims are allowed over the prior art of record in combination with the Applicant’s arguments of 02/08/2021. After further search and consideration, the prior arts of record either taken alone or in combination neither 
The prior art Kang (US 2015/0089247) of record discloses a security method based on a memory unit for verification of security service commands. The prior art Kaplan (US 2015/0248357) of record discloses an encryption module for cryptographic protection of secure information with memory access in a processing system. The prior art Polozoff (US 2006/0156418) of record discloses a network system that protects memory data objects and prevents unauthorized access to data. The prior art Margalit (US 2014/0032904) of record discloses a method and system for securing private information by encrypting data in memory. The prior art Ylonen (US 2015/0222604) of record discloses automated access management using certificate management and cryptographic keys.
US 20150046702 A1– Embedded encryption and secure memory management unit 
US 20110161620 A1- Implementing shared page tables for sharing memory resources managed by a main operating system with accelerator devices.
However, the prior art fails to anticipate or render the following limitations: “a cyclically changing context definition indicating said at least one of the process identifier, the thread identifier and the application identifier is currently associated with a current status of the memory system” (as recited in claims 1, 10 and 17 as amended above).

Examiner’s note: The claim limitation “memory controller” recited in at least independent claim 1 and 10 is interpreted as a combination of hardware and software device. This interpretation is in view of applicant’s specification. Paragraph [0015] of the applicant’s published specification discloses a “memory controller” as any combination of hardware and programing elements.

. 
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Conclusion 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ZOHA P TAFAGHODI whose telephone number is (571)272-5199.  The examiner can normally be reached on 9AM-5PM EST M-F.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s acting supervisor, Kristine Kincaid can be reached on (571) 272-4063. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



/ZOHA PIYADEHGHIBI TAFAGHODI/Examiner, Art Unit 2437    


/SAMSON B LEMMA/Primary Examiner, Art Unit 2498