DETAILED ACTION
Continued Examination under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed 12/22/2020, for application 15/709,288 has been entered.
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This Office Action is in response to the Amendment filed on 12/22/2020. In the instant amendment: Claims 1, 9, 13 and 17 have been amended and claims 1, 13 and 17 are independent claims.  Claims 1-20 have been examined and are pending. 
Examiner’s Notes 
In attempt to promote compact prosecution, the examiner contacted applicant’s representative, Mr. Matthew Gaffney (Reg. No.: 46,717), on April 2, 2021 to discuss possible amendments to move the case forward. However, the applicant and the examiner were unable to reach an agreement. 


Response to Arguments
Applicants’ arguments with respect to amended claims 1, 13, and 17 have been considered but are moot in view of the new ground(s) of rejection. Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically discloses as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


Claims 1, 3-5, 8-11, 15, 17 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Ylonen (“Ylonen,” US 2015/0222604, published Aug. 6, 2015) in view of Thomas et al. (“Thomas,” US 20160357550, published Dec. 8, 2016).  
Regarding claim 1, Ylonen discloses an apparatus, comprising: 
a device including at least one memory adapted to store run-time data for the device, and at least one processor that is adapted to execute processor-executable code that, in response to execution, enables the device to perform actions, including (Ylonen [0110]. A management host (100) comprises one or more processors (101), [ ], main memory (102) (e.g., SDRAM memory) connected to one or more of the processors, a computer-readable non-volatile memory organized into a database, file system and/or registry [ ] and software for managing SSH user authentication keys (or performing other management operations for the hosts) (103).): 
identifying a first enclave to be used for executing a cryptlet binary of a first cryptlet, the first enclave stores an enclave private key, and wherein the first cryptlet is associated with at least the first counterparty (Ylonen FIG. 16, [0222] – [0223]. The virtual machine is provisioned (1601), the virtual machine is booted (1602), the virtual machine connects to the management system (1603) using configured management system address and authentication information (e.g., public key for the management system), and the virtual machine authenticates with the management system (1604). The virtual machine receives credentials for itself from the management system (1605) []; the credentials may be, e.g., a shared secret or a public key for the management system and a private key for the virtual machine). [For “cryplet binary,” see [0231], ‘[i]n an embodiment, the default location is determined based on information read from a host, such as [ ] a hash value of the binary.” See also [0981] for generating a digital signature with VM’s private key.]); 
generating a cryptlet binding that is associated with the first cryptlet, wherein the cryptlet binding includes counterparty information that is associated with at least the first counterparty (Ylonen FIG. 18, [0230] – [0231]. In an embodiment, the default location may be configured in the management system based on the SSH implementation vendor, implementation name (e.g., OpenSSH vs. Tectia SSH), [] , IP address, IP address range, subnet, hash of the SSH client or server binary or some other related file, or any combination of these. In an embodiment, the default location is determined based on information read from a host, such as vendor and version number of the SSH server or SSH client, or a hash value of the binary.); 
providing cryptlet binding information to a cryptlet binding key graph (Ylonen [0229]. FIG. 18 illustrates processing a key request (1800) in an embodiment, taking into account that keys may be stored in non-standard locations as specified in configuration files. A key request may be, e.g., a request to add or remove a public or private key for an account on a host. The location of the user's public or private keys (as the case may be) is determined (1801) (e.g., by reading and parsing an SSH configuration file on/from the host, reading the location from the management system's database where it has been stored previously, e.g., during key discovery, or reading host group specific settings from the management system's database) and the key is created, installed, or removed (as the case may be) at the determined location (1802).).
receiving, from the cryptlet binding key graph (Ylonen [0229], [0522]. The location of the user's public or private keys (as the case may be) is determined (1801) (e.g., by reading and parsing an SSH configuration file on/from the host, reading the location from the management system's database where it has been stored previously, e.g., during key discovery, or reading host group specific settings from the management system's database) and the key is created, installed, or removed (as the case may be) at the determined location (1802).A database (3544) acts as a store of information for the management system and as a communications mechanism connecting various components of the management system.), a location of a first hardware security module (HSM) that stores a key that is associated with the first counterparty (Ylonen [0521]. A TPM (Trusted Platform Module) driver (3543) provides access to a TPM or an HSM (Hardware Security Module) for storing private keys and performing operations on them.).
Ylonen do not explicitly disclose: including execution of smart contract logic associated with a first smart contract having at least one counterparty, wherein the first enclave is a secure environment in which code can be run in an isolated, private environment and for which results of the secure execution are capable of being attested to have run unaltered and in private. 
However, in an analogous art, Thosas discloses an apparatus comprising including execution of smart contract logic associated with a first smart contract having at least one counterparty (Thomas FIG. 1, [0030]. The platform 104 can be configured to execute the software 102. In an aspect, the software 102 can include a smart contract 110. In an aspect, the smart contract 110 can be an implementation of at least a portion of an act associated with an agreement between the first and the second entities 112, 114. The smart contract 110 can include an agreement between the first and the second entities 112, 114 that can involve a transfer of value such as, for example, an asset, a service, refraining from engaging in an allowed activity, or any combination thereof.);  
wherein the first enclave is a secure environment in which code can be run in an isolated, private environment and for which results of the secure execution are capable of being attested to have run unaltered and in private (Thomas [0055]-[0056], [0059], [0081]. In an aspect, the platform 600 can be configured to verify a sequence of instructions of the software 102. In an aspect, the software 102 can include the smart contract 110. In an aspect, the sequence of instructions of the software 102 can be verified by producing a hash of the software 102. The hash of the software 102 can be a way to uniquely identify the code of the software 102. For example, the second entity can be an authentication service that verifies one or more digital signatures or hashes associated with the software 102. At an operation 704, the software can be executed, on a platform, by a technique that isolates the software from a resource of the platform. [T]he technique of the operation 704 can include [ ] using a protection domain of an operating system of the platform, verifying that a programming language of the software is a specific programming language, using an isolated user space of a memory of the platform [ ] checking a machine code (produced in response to the software having been compiled) to verify that the machine code complies with a specific instruction set.). 
Therefore, it would have been obvious to one of ordinary skill in the art on or before the effective filing date of the claimed invention to combine the teachings of Thomas with the teachings of Ylonen to include: including execution of smart contract logic associated with a first smart contract having at least one counterparty, wherein the first enclave is a secure environment in which code can be run in an isolated, private environment and for which results of the secure execution are capable of being attested to have run unaltered and in private, to provide users with a means for verifying the integrity of a smart-contract software code in a secure, protected and isolated environment.  (See Thomas [0081]).  
Regarding claim 3, Ylonen and Thomas disclose the apparatus of claim 1. Ylonen further discloses communicating the cryptlet binary, the cryptlet binding, and the location of the first hardware security module to the first enclave (Ylonen [0229], [0230], [0231], [0521]. The location of the user's public or private keys (as the case may be) is determined (1801) (e.g., by reading and parsing an SSH configuration file on/from the host, reading the location from the management system's database where it has been stored previously. In an embodiment, the default location is determined based on information read from a host, such as vendor and version number of the SSH server or SSH client, or a hash value of the binary. A TPM (Trusted Platform Module) driver (3543) provides access to a TPM or an HSM (Hardware Security Module) for storing private keys and performing operations on them.) [for provisioning a virtual machine]. ). 
Regarding claim 4, Ylonen and Thomas disclose the apparatus of claim 1. Ylonen further discloses wherein the cryptlet binding information is the cryptlet binding (Ylonen [0230]-0231]. (Ylonen FIG. 18, [0230] – [0231]. In an embodiment, the default location may be configured in the management system based on the SSH implementation vendor, implementation name (e.g., OpenSSH vs. Tectia SSH), [] , IP address, IP address range, subnet, hash of the SSH client or server binary or some other related file, or any combination of these. In an embodiment, the default location is determined based on information read from a host, such as vendor and version number of the SSH server or SSH client, or a hash value of the binary.). 
Regarding claim 5, Ylonen and Thomas disclose the apparatus of claim 1. Ylonen further discloses  wherein the HSM is a key vault (Ylonen [0521]. A TPM (Trusted Platform Module) driver (3543) provides access to a TPM or an HSM (Hardware Security Module) for storing private keys and performing operations on them.). 
Regarding claim 7, Ylonen and Thomas disclose the apparatus of claim 1. Ylonen further discloses wherein the enclave is a private, tamper-resistant execution Ylonen [0222] – [0223]. The virtual machine is provisioned (1601), the virtual machine is booted (1602), the virtual machine connects to the management system (1603) using configured management system address and authentication information (e.g., public key for the management system), and the virtual machine authenticates with the management system (1604). The virtual machine receives credentials for itself from the management system (1605) []; the credentials may be, e.g., a shared secret or a public key for the management system and a private key for the virtual machine) [i.e. the VM is operating in a secure environment after authentication and verification].). 
Regarding claim 8, Ylonen and Thomas disclose the apparatus of claim 1. Ylonen further discloses wherein the enclave is at least one of a Virtual Secure Machine or a secure hardware enclave (Ylonen [0222] – [0223]. The virtual machine is provisioned (1601), the virtual machine is booted (1602), the virtual machine connects to the management system (1603) using configured management system address and authentication information (e.g., public key for the management system), and the virtual machine authenticates with the management system (1604). The virtual machine receives credentials for itself from the management system (1605) []; the credentials may be, e.g., a shared secret or a public key for the management system and a private key for the virtual machine) [i.e. the VM is operating in a secure environment after authentication and verification].). 
Regarding claim 9, Ylonen and Thomas disclose the apparatus of claim 1. Ylonen further discloses wherein persistent storage of the key that is associated with the first counterparty is not permitted outside of the first HSM (Ylonen [0806]. At (4309), a TPM or an HSM generates a new private key for a managed host. Advantageously, the private key never leaves the hardware module (and cannot be extracted from the module, ensuring it cannot be copied).).  
Regarding claim 10, Ylonen and Thomas disclose the apparatus of claim 1. Ylonen further discloses wherein the enclave is a hardware enclave, and wherein the enclave private key of the enclave is etched in silicon (Ylonen [0521]. A TPM (Trusted Platform Module) driver (3543) provides access to a TPM or an HSM (Hardware Security Module) for storing private keys and performing operations on them.). 
Regarding claim 11, Ylonen and Thomas disclose the apparatus of claim 1. Ylonen further discloses the actions further including establishing a secure encrypted communication tunnel between the enclave and the HSM (Ylonen [0222], [0239], [0521]. FIG. 21 illustrates renewing a key pair used for public key authentication in an embodiment (renewing is also called rotating a key or recertifying a key in some contexts). [F]inally the old private key and corresponding old public keys are removed A TPM (Trusted Platform Module) driver (3543) provides access to a TPM or an HSM (Hardware Security Module) for storing private keys and performing operations on them. [i.e. in a secure environment with a VM machine, the VM may renew encryption keys].)
Regarding claim 13, claim 13 is directed to a method corresponding to the apparatus of claim 1. Claim 13 is similar in scope to claim 1 and is therefore rejected under similar rationale. 
Regarding claim 15, claim 15 is directed to a method corresponding to the apparatus of claim 11. Claim 15 is similar in scope to claim 11 and is therefore rejected under similar rationale. 
Regarding claim 17, claim 17 is directed to a processor readable storage medium corresponding to the apparatus of claim 1. Claim 17 is similar in scope to claim 1 and is therefore rejected under similar rationale. 
Regarding claim 19, claim 19 is directed to a processor readable storage medium corresponding to the apparatus of claim 11. Claim 19 is similar in scope to claim 11 and is therefore rejected under similar rationale.
Claims 2, 14 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Ylonen (“Ylonen,” US 2015/0222604, published Aug. 6, 2015) in view of Thomas et al. (“Thomas,” US 20160357550, published Dec. 8, 2016) and Basin (“Basin,” US 20170126642, published May 4, 2017). 
Regarding claim 2, Ylonen and Thomas disclose the apparatus of claim 1. Ylonen further discloses: 
the actions further include receiving, from the cryptlet binding key graph, a location of a second hardware security module that stores a key that is associated with the second counterparty (Ylonen [0521]-[0523]. A TPM(Trusted Platform Module) driver (3543) provides access to a TPM or an HSM (Hardware Security Module) for storing private keys and performing operations on them. [T]he database comprises information about credentials to access managed hosts (preferably encrypted using a key that is not stored in the database—the key could be stored in each front-end and back-end), man aged hosts, discovered SSH keys, certificates, Kerberos credentials, configurations, applications, and other information.).    
Ylonen and Thomas do not explicitly disclose: wherein the first cryptlet is further associated with at least a second counterparty; the location of the key that is associated with the first counterparty is on a first network; the location of the key that is associated with the second counterparty is on a second network; and wherein the second network is a private network that is separate from the first network.
However, in an analogous art, Basin discloses wherein the first cryptlet is further associated with at least a second counterparty (Basin [0072]. Another type of key allowed for use may be an X.509 key pair. For example a first user access control information may indicate through a flag or a setting in the access control information that the first user may encrypt and decrypt data using the Smartkey. Access control information for a second user may allow the second user to only decrypt information using the Smartkey.);
 the location of the key that is associated with the first counterparty is on a first network; the location of the key that is associated with the second counterparty is on a second network; and wherein the second network is a private network that is separate from the first network (Basin [0379]. In a fourth embodiment, users, applications and encryption applications may obtain keys from a first on-premise Key Provider operating on a local private network and may obtain encryption keys from an second on-premise Key Provider operating on a different private network not accessible to the local private network of the users, applications and encryption applications obtaining encryption keys from the first on premise Key Provider. In this embodiment, sharing, or brokering of keys may occur through a third Key Provider operating in the cloud which is able to exchange keys with both the first and second on-premise Key Providers.).
Therefore, it would have been obvious to one of ordinary skill in the art on or before the effective filing date of the claimed invention to combine the teachings of Basin with the teachings of Ylonen and Thomas to include: the location of the key that is associated with the first counterparty is on a first network; the location of the key that is associated with the second counterparty is on a second network; and wherein the second network is a private network that is separate from the first network, to provide users with a means for applying keys for a secure communication with counterparties or users on different, separate networks. (See Basin [0379]). 
Regarding claim 14, claim 14 is directed to a method corresponding to the apparatus of claim 2. Claim 14 is similar in scope to claim 2 and is therefore rejected under similar rationale. 
Regarding claim 18, claim 18 is directed to a processor readable storage medium corresponding to the apparatus of claim 2. Claim 18 is similar in scope to claim 2 and is therefore rejected under similar rationale. 
Claim 6 is rejected under 35 U.S.C. 103 as being unpatentable over Ylonen (“Ylonen,” US 2015/0222604, published Aug. 6, 2015) in view of Thomas et al. (“Thomas,” US 20160357550, published Dec. 8, 2016) and Brady et al. (“Brady,” US 20180167217, filed December 14, 2016). 
Regarding claim 6, Ylonen and Thomas disclose the apparatus of claim 1. Ylonen and Thomas do not explicitly disclose: after identifying the first enclave, injecting a cryptlet container into the first enclave. 
However, in an analogous art, Brady discloses: 
after identifying the first enclave, injecting a cryptlet container into the first enclave (Brady FIG. 10, [0085] – [0088]. In Step 1 , the currently nominated system instance controller receives a request to add a new container which will typically come from a load balancer server which is a server that has the role of monitoring the network resources. In Step 2, the system instance controller creates the new container. In Step 3 , the system instance controller takes a fingerprint of , i . e . hashes, the contents of the new container in its initial state , and also hashes some aspect of its own data to provide a permanent record that it was the creator. Is Step 4 , the system instance controller contacts the blockchain subsystem and a new set of transactions is added for this new container. ). 
Therefore, it would have been obvious to one of ordinary skill in the art on or before the effective filing date of the claimed invention to combine the teachings of Brady with the teachings of Ylonen and Thomas to include: after identifying the first enclave, injecting a cryptlet container into the first enclave, to provide users with a means for generating a container for constructing information to be contained in block-chain transaction. (See Brady [0088]). 


Claims 12, 16 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Ylonen (“Ylonen,” US 2015/0222604, published Aug. 6, 2015) in view of  Thomas et al. (“Thomas,” US 20160357550, published Dec. 8, 2016) and Zimmerman et al. .  
Regarding claim 12, Ylonen and Thomas disclose the apparatus of claim 11. Ylonen and Thomas do not explicitly disclose: wherein establishing the secure encrypted communication tunnel includes: deriving a session public/private enclave key pair, including a session enclave private key and a session enclave public key, from the enclave private key and an enclave public key; sending the session enclave public key to the HSM; receiving, from the HSM, a session HSM public key; -33- 9/19/2017 DOCKET NO: 401971-US-NP PATENT APPLICATIONencrypting additional information with the session enclave private key; sending the encrypted additional information to the HSM; receiving further encrypted information from the HSM; and decrypting the further encrypted information with the session enclave private key.
However, in an analogous art, Zimmerman discloses wherein establishing the secure encrypted communication tunnel includes:
deriving a session public/private enclave key pair, including a session enclave private key and a session enclave public key (Zimmerman FIG. 17, [0142]. In one embodiment , the encryption engine 1660 of the IoT service 120 sends a command to the HSM 1630 ( e . g . , which may be such as a CloudHSM offered by Amazon® ) to generate a session public / private key pair.); 
sending the session enclave public key to the HSM; receiving, from the HSM, a session HSM public key (Zimmerman [0143]. In one embodiment , the IoT service 120 transmits its session public key generated using the HSM 1630 to the IoT device 101 at 1701 . The IoT device uses its HSM 1631 to generate its own session public / private key pair and , at 1702 , transmits its public key of the pair to the IoT service 120.); -33- 9/19/2017 
Zimmerman [0165]. IoT service session public key signature (e . g . , signed with the IoT service ' s private key.); 
sending the encrypted additional information to the HSM ( Zimmerman [0169]. Verifies the IoT service session public key signature using the IoT service 's public key from the unique ID. [For HSM, see [0142] – [0143]] ); 
receiving further encrypted information from the HSM; and decrypting the further encrypted information with the session enclave private key (Zimmerman [0132], [0135]. At 150 , the IoT service encrypts the data / commands using the IoT device public key to create an IoT device packet. It then encrypts the IoT device packet using IoT hub's public key to create the IoT hub packet ( e . g . , creating an IoT hub wrapper around the IoT device packet ) . At 1502, the IoT service transmits the IoT hub packet to the IoT hub. At 1503, the IoT hub decrypts the IoT hub packet using the IoT hub's private key to generate the IoT device packet. At 1504 it then transmits the IoT device packet to the IoT device which at 1505, decrypts the IoT device packet using the IoT device private key to generate the data / commands. At 1506, the IoT device processes the data / commands. For example, in one embodiment, the device session keys 1651 on the IoT device 101 include a public key of the IoT service 120 and a private key of the IoT device 101.).  
Therefore, it would have been obvious to one of ordinary skill in the art on or before the effective date of the claimed invention to combine the teachings of Zimmerman with the teachings of Ylonen and Thomas to include: wherein establishing the secure encrypted communication tunnel includes: deriving a session public/private enclave key pair, including a session enclave private key and a session enclave public See Zimmerman [0135]). 
Ylonen, Thomas and Zimmerman do not explicitly disclose: deriving session public/private key pairs from the enclave private kay and an enclave public key. 
However, in an analogous art, Yoneda discloses deriving session public/private key pairs from the enclave private kay and an enclave public key (Yoneda [0112], [0121]. The master key 291 a and public parameter 293 a are information that are used for generating the ID-based encryption private key 293 b, and are the same among all the communication devices 200. The master key 291 a and the public parameter 293 a are information that form a pair in the ID-based encryption system, and are called, for example, a system private key and system public key, or a master private key and master public key. The ID-based encryption private key generation part 210 executes a key generation algorithm of the ID-based encryption system by treating the acquired master key 291 a, device unique ID 291 b, and public parameter 293 a as input values, to generate the ID-based encryption private key 293 b for which the device unique ID 291 b is used as the public key (ID-based encryption public key).). 
Therefore, it would have been obvious to one of ordinary skill in the art on or before the effective date of the claimed invention to combine the teachings of Yoneda from the enclave private kay and an enclave public key, to provider user with a means for deriving session or device based public/private keys from a set of master public/private key. (See Yoneda [0112]). 
Regarding claim 16, claim 16 is directed to a method corresponding to the apparatus of claim 12. Claim 16 is similar in scope to claim 12 and is therefore rejected under similar rationale. 
Regarding claim 20, claim 20 is directed to a processor readable storage medium corresponding to the apparatus of claim 12. Claim 20 is similar in scope to claim 12 and is therefore rejected under similar rationale. 








Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to EDWARD LONG whose telephone number is (571)272-8961. The examiner can normally be reached on Monday to Friday, 9 AM - 6 PM EST (Alternate Fridays).
If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, Luu Pham can be reached on 571 270 5002. The fax phone 
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/EDWARD  LONG/
Examiner, Art Unit 2439


/LUU T PHAM/           Supervisory Patent Examiner, Art Unit 2439