EXAMINER'S AMENDMENT
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.

Authorization for this examiner’s amendment was given in an interview with Mark Friedman on 26 April 2021.

Pursuant to MPEP 606.01, the title has been changed to read:
--VIRTUAL MACHINE ALLOCATION AND MIGRATION BETWEEN HARDWARE DEVICES BY DESTROYING AND GENERATING ENCLAVES USING TRANSMITTED DATAFILES AND CRYPTOGRAPHIC KEYS--

Please amend claims 1, 10, and 18 as follows:
1. (Currently Amended) A virtual machine allocation and migration improvement method comprising:
initiating, by a processor of a first hardware device executing an original CPU instruction set, a migration process for migrating database files of a virtual machine from said first hardware device to a second hardware device
transmitting, by said processor in response to said initiating, a checkpoint and restart command to a first hypervisor of said first hardware device; 
receiving, by said processor from a first enclave within a first virtual address space of a memory structure of said first hardware device, a request for a cryptographic key from a memory encryption engine of said processor, wherein said first enclave stores sensitive data within a namespace stored within said first enclave; 
transmitting, by said processor in response to said receiving said request, said cryptographic key from said memory encryption engine to said first enclave; 
encrypting, by said processor via usage of said cryptographic key, said first enclave resulting in a first encrypted enclave; 
generating, by said processor executing said first encrypted enclave from an enclave page cache, a datafile comprising said database files; 
loading, by said processor via an untrusted host operating system, associated enclave pages into said enclave page cache; 
removing by said processor, said associated enclave pages from said enclave page cache; 
reloading, by said processor, said associated enclave pages into said enclave page cache; 
detecting, by said processor via a cryptographic protection mechanism of a memory encryption engine, unauthorized tampering during said reloading; 
protecting, by said processor via usage of hardware enforced access control mechanisms executed by said processor, said datafile within said enclave page cache during said unauthorized tampering; 
executing, by said processor, an un-enclave process for said first encrypted enclave with respect to said memory structure, wherein said executing said un-enclave process comprises: 
disconnecting, by said processor, said first encrypted enclave from said first hardware device; 
destroying, by said processor, said first encrypted enclave; and 
executing, by said processor in response to enabling said checkpoint and restart command with respect to said sensitive data, checkpoint and restart code for restarting said first hardware device; 
determining, by said processor, that a new CPU instruction set is required for executing a transfer process and providing a secure location for executing associated code and storing said datafile within a process of said untrusted host operating system; 
transmitting via said transfer process using said new CPU instruction set, by said processor via a guard mechanism, said datafile and said cryptographic key to said second hardware device, wherein said second hardware device differs from said first hardware device; 
generating, by said processor with respect to said datafile and said cryptographic key, a second enclave within a second virtual address space of said second hardware device; 
executing, by said processor, bootstrap operational code for said second enclave with respect to execution of said cryptographic key within said second enclave and said datafile; 
transmitting, by said processor to a hypervisor of said second hardware device, a notification indicating said second enclave; 
migrating, by said processor in response to said executing said bootstrap operational code and said transmitting said notification, said virtual machine from said first hardware device to said second hardware device; and 
restarting, by said processor, said second hardware device.

10. (Currently Amended) A computer program product, comprising a computer readable hardware storage device storing a computer readable program code, said computer readable program code comprising an algorithm that when executed by a processor of a first hardware device implements a virtual machine allocation and migration improvement method, said method comprising: 
initiating, by said processor executing an original CPU instruction set, a migration process for migrating database files of a virtual machine from said first hardware device to a second hardware device
transmitting, by said processor in response to said initiating, a checkpoint and restart command to a first hypervisor of said first hardware device; 
receiving, by said processor from a first enclave within a first virtual address space of a memory structure of said first hardware device, a request for a cryptographic key from a memory encryption engine of said processor, wherein said first enclave stores sensitive data within a namespace stored within said first enclave; 
transmitting, by said processor in response to said receiving said request, said cryptographic key from said memory encryption engine to said first enclave; 
encrypting, by said processor via usage of said cryptographic key, said first enclave resulting in a first encrypted enclave; 
generating, by said processor executing said first encrypted enclave from an enclave page cache, a datafile comprising said database files; 
loading, by said processor via an untrusted host operating system, associated enclave pages into said enclave page cache; 
removing by said processor, said associated enclave pages from said enclave page cache; reloading, by said processor, said associated enclave pages into said enclave page cache; 
detecting, by said processor via a cryptographic protection mechanism of a memory encryption engine, unauthorized tampering during said reloading; 
protecting, by said processor via usage of hardware enforced access control mechanisms executed by said processor, said datafile within said enclave page cache during said unauthorized tampering; 
executing, by said processor, an un-enclave process for said first encrypted enclave with respect to said memory structure, wherein said executing said un-enclave process comprises: 
disconnecting, by said processor, said first encrypted enclave from said first hardware device; 
destroying, by said processor, said first encrypted enclave; and 
executing, by said processor in response to enabling said checkpoint and restart command with respect to said sensitive data, checkpoint and restart code for restarting said first hardware device; 
determining, by said processor, that a new CPU instruction set is required for executing a transfer process and providing a secure location for executing associated code and storing said datafile within a process of said untrusted host operating system; 
transmitting via said transfer process using said new CPU instruction set, by said processor via a guard mechanism, said datafile and said cryptographic key to said second hardware device, wherein said second hardware device differs from said first hardware device; 
generating, by said processor with respect to said datafile and said cryptographic key, a second enclave within a second virtual address space of said second hardware device; 
executing, by said processor, bootstrap operational code for said second enclave with respect to execution of said cryptographic key within said second enclave and said datafile; 
transmitting, by said processor to a hypervisor of said second hardware device, a notification indicating said second enclave; 
migrating, by said processor in response to said executing said bootstrap operational code and said transmitting said notification, said virtual machine from said first hardware device to said second hardware device; and 
restarting, by said processor, said second hardware device.

18. (Currently Amended) A first hardware device comprising a processor coupled to a computer-readable memory unit, said memory unit comprising instructions that when executed by the computer processor implements a virtual machine allocation and migration improvement method comprising: 
initiating, by said processor executing an original CPU instruction set, a migration process for migrating database files of a virtual machine from said first hardware device to a second hardware device
transmitting, by said processor in response to said initiating, a checkpoint and restart command to a first hypervisor of said first hardware device; 
receiving, by said processor from a first enclave within a first virtual address space of a memory structure of said first hardware device, a request for a cryptographic key from a memory encryption engine of said processor, wherein said first enclave stores sensitive data within a namespace stored within said first enclave; 
transmitting, by said processor in response to said receiving said request, said cryptographic key from said memory encryption engine to said first enclave; 
encrypting, by said processor via usage of said cryptographic key, said first enclave resulting in a first encrypted enclave; 
generating, by said processor executing said first encrypted enclave from an enclave page cache, a datafile comprising said database files; 
loading, by said processor via an untrusted host operating system, associated enclave pages into said enclave page cache;
removing by said processor, said associated enclave pages from said enclave page cache;
reloading, by said processor, said associated enclave pages into said enclave page cache;
detecting, by said processor via a cryptographic protection mechanism of a memory encryption engine, unauthorized tampering during said reloading; 
protecting, by said processor via usage of hardware enforced access control mechanisms executed by said processor, said datafile within said enclave page cache during said unauthorized tampering; 
executing, by said processor, an un-enclave process for said first encrypted enclave with respect to said memory structure, wherein said executing said un-enclave process comprises: 
disconnecting, by said processor, said first encrypted enclave from said first hardware device; 
destroying, by said processor, said first encrypted enclave; and 
executing, by said processor in response to enabling said checkpoint and restart command with respect to said sensitive data, checkpoint and restart code for restarting said first hardware device; 
determining, by said processor, that a new CPU instruction set is required for executing a transfer process and providing a secure location for executing associated code and storing said datafile within a process of said untrusted host operating system;
transmitting via said transfer process using said new CPU instruction set, by said processor via a guard mechanism, said datafile and said cryptographic key to said second hardware device, wherein said second hardware device differs from said first hardware device; 
generating, by said processor with respect to said datafile and said cryptographic key, a second enclave within a second virtual address space of said second hardware device; 
executing, by said processor, bootstrap operational code for said second enclave with respect to execution of said cryptographic key within said second enclave and said datafile;
transmitting, by said processor to a hypervisor of said second hardware device, a notification indicating said second enclave; 
migrating, by said processor in response to said executing said bootstrap operational code and said transmitting said notification, said virtual machine from said first hardware device to said second hardware device; and 
restarting, by said processor, said second hardware device.

Reasons for Allowance
The following is an examiner’s statement of reasons for allowance: 
The closest prior art, Chakrabarti et al. Pub. No.: US 2018/0183578 A1 discloses a virtual machine migration between multiple physical servers by migrating database files between the servers, deriving a sealing key for an enclave, tearing down an enclave at an originating server, and generating a second enclave at a new server.
Martin et al. Pub. No.: US 2015/0347768 A1 discloses secure enclaves created within virtual address spaces of memory.
Grobman et al. Pub. No.: 2017/0039368 A1 discloses executing a bootstrap code to boot a secure enclave.

However, none of the prior art alone or in combination anticipates or renders obvious the limitations set forth in the independent claims, including initiation of a virtual machine migration process that encrypts a first enclave, generates a datafile, destroys the first enclave, transmits the datafile and a cryptographic key to a migration target, generates a second enclave with respect to the datafile and key, and migrates the virtual machine to the migration target, while detecting unauthorized tampering of enclave pages during page reloading, and protecting a datafile during the tampering. Since none of the prior art alone or in combination anticipates or renders obvious the limitations set forth in the independent claims, the claims are allowable over the prior art.

Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MICHAEL W AYERS whose telephone number is (571)272-6420.  The examiner can normally be reached on M-F 8:30-5 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Meng-Ai An can be reached on 5712723756.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/MICHAEL W AYERS/             Examiner, Art Unit 2195