Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Office Action is in response to the reply filed on 5/5/2021. Claims 1-20 are pending. This Office Action is Final.
 
Response to Arguments
A) Applicant’s argue Gorancic fails to disclose, teach or even suggest “wherein the Secure Object is protected from the other software on the data processing system when the Secure Object is executing on the first processor and when the Secure Object is executing on the second processor,” regarding claim 1.  Examiner respectfully disagrees.
Examiner submits that Gorancic teaches “wherein the Secure Object is protected from the other software on the data processing system when the Secure Object is executing on the first processor and when the Secure Object is executing on the second processor.”  Gorancic, Paragraph 0036 recites “The new QX block, which originally was stored encrypted inside the host executables, is transferred to the token, decrypted, its integrity verified, stored in memory and then finally it is invoked. This dynamic, runtime approach to applet management has several important advantages.”  Applicant’s arguments are concerned with code being changed during execution. Gorancic, teaches an integrity check of the executable, which means that if the code is changed or tampered with during an execution, the code when passed would eventually fail the 
	
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


Claims 1, 3, 6, 8-10, 12, 15 and 17-19 is/are rejected under 35 U.S.C. 103 as being unpatentable over Gorancic et al. (US 20060130128) in view of  Yi (US 20160162171) and Suzuki et al. (US 20080295120). (Examiner Note

As per claim 1, Gorancic teaches a method for providing support for Secure Objects on a data processing system comprising: providing a Secure Object comprising code and data that is protected from the other software on the data processing system on a first processor which is a first type of processor,  beginning execution of the Secure Object on the first processor; responsive to a portion of the Secure Object being needed  (Gorancic, Claim 24 recites “A method of executing one or more blocks of protected software code within a machine code program in a plural processor environment, each block of protected software code having a function call with arguments that are encrypted executable machine code, the method comprising: (a) executing at least portions of the machine code program in a first processor; and (b) upon reaching a function call for a block of protected software code, decrypting and executing the associated protected software code in a second processor.”);
wherein the Secure Object is protected from the other software on the data processing system when the Secure Object is executing on the first processor and when the Secure Object is executing on the second processor.  (Gorancic, Paragraph 0036 recites “The new QX block, which originally was stored encrypted inside the host executables, is transferred to the token, decrypted, its integrity verified, stored in memory and then finally it is invoked. This dynamic, runtime approach to applet management has several important advantages.”).  
But fails to teach wherein the data processing system has a plurality of processors of different types; returning information by the second processor to the first processor.
However, in an analogous art Yi teaches wherein the data processing system has a plurality of processors of different types; returning information by the second processor to the first processor; (Yi, Paragraph 0040 recites “All code executions are completed by CPU. In the second thread, GPU is called to complete drawing only when drawing commands need to be executed by CPU. After calling the GPU, CPU enters an idle state. GPU returns after the drawing is completed. CPU is reactivated from the idle state and continues execution.”).
It would have been obvious to a person of ordinary skill in the art, at the earliest effective filing date to use Yi’s method, apparatus and storage medium for processing html5 canvas application with Gorancic’s Process for compiling and executing software applications in a multi-processor environment because it offers the advantage of having the flexibility of using different types of processors to perform additional functions.
And fails to teach by the first processor calling the second processor in a special interprocessor call to allow access of protected information by the second processor from the first processor.
However, in an analogous art Suzuki teaches by the first processor calling the second processor in a special interprocessor call to allow access of protected information by the second processor from the first processor (Suzuki, Paragraph 0013 recites “An asynchronous remote procedure calling method according to one aspect of the present invention is applicable in a shared-memory multiprocessor having processors that are capable inter-processor communication using a bus, share a memory and each have an address space that is respectively independent in the memory, whereby a first processor of the shared-memory multiprocessor makes an asynchronous remote procedure call to a second processor thereof. The asynchronous remote procedure calling method includes generating by the first processor and in the address space controlled by the first processor, procedure control information for controlling a procedure to be executed by the second processor; setting, by the first processor, a procedure status included in the procedure control information as "being executed"; making the asynchronous remote procedure call by the first processor notifying the second processor of an address of the procedure control information; initiating and executing, by the second processor, the procedure in the address space controlled by the second processor and specified by the asynchronous remote procedure call; notifying the first processor of completion of the procedure by the second processor returning the address of the procedure control information to the first processor; and changing, by the first processor, the procedure status, at the address returned by the second processor, to "finished".”).
It would have been obvious to a person of ordinary skill in the art, at the earliest effective filing date to use Suzuki’s asynchronous remote procedure calling method and computer product in shared-memory multiprocessor with Gorancic’s Process for compiling and executing software applications in a multi-processor environment because it offers the advantage of having a secure means for processors to communicate with each other.

As per claim 3, Gorancic in combination with Yi and Suzuki teaches the method according to claim 1, Gorancic further teaches in which the special call passes a Secure Object ID from the first processor to the second processor which the second processor uses to access a protected region in system memory, and wherein the Secure Object is protected on each of the different processors including the first processor and the second processor (Gorancic, Claim 24 recites “A method of executing one or more blocks of protected software code within a machine code program in a plural processor environment, each block of protected software code having a function call with arguments that are encrypted executable machine code, the method comprising: (a) executing at least portions of the machine code program in a first processor; and (b) upon reaching a function call for a block of protected software code, decrypting and executing the associated protected software code in a second processor.”).
And Yi teaches retrieving, by the first processor, the information from system memory (Yi, Paragraph 0040 recites “All code executions are completed by CPU. In the second thread, GPU is called to complete drawing only when drawing commands need to be executed by CPU. After calling the GPU, CPU enters an idle state. GPU returns after the drawing is completed. CPU is reactivated from the idle state and continues execution.”).
It would have been obvious to a person of ordinary skill in the art, at the earliest effective filing date to use Yi’s method, apparatus and storage medium for processing html5 canvas application with Gorancic’s Process for compiling and executing software applications in a multi-processor environment because it offers the advantage of having the flexibility of using different types of processors to perform additional functions.

As per claim 6, Gorancic in combination with Yi and Suzuki teaches the method according to claim 1, Yi further teaches wherein the special call includes an indication of the particular processor that is being called, an indication of the specific function that is being requested and the data that should be processed (Yi, Paragraph 0040 recites “All code executions are completed by CPU. In the second thread, GPU is called to complete drawing only when drawing commands need to be executed by CPU. After calling the GPU, CPU enters an idle state. GPU returns after the drawing is completed. CPU is reactivated from the idle state and continues execution.”).
It would have been obvious to a person of ordinary skill in the art, at the earliest effective filing date to use Yi’s method, apparatus and storage medium for processing html5 canvas application with Gorancic’s Process for compiling and executing software applications in a multi-processor environment because it offers the advantage of having the flexibility of using different types of processors to perform additional functions.

As per claim 8, Gorancic in combination with Yi and Suzuki teaches the method according to claim 1, Yi further teaches wherein the second type of processor is one of a Central Processing Unit, a Graphical Processing Unit, a Tensor Processing Unit, a Field Programmable Gate Array, an Artificial Neural Network, a Quantum Processor and a Cryptographic Processor (Yi, Paragraph 0040 recites “All code executions are completed by CPU. In the second thread, GPU is called to complete drawing only when drawing commands need to be executed by CPU. After calling the GPU, CPU enters an idle state. GPU returns after the drawing is completed. CPU is reactivated from the idle state and continues execution.”).
It would have been obvious to a person of ordinary skill in the art, at the earliest effective filing date to use Yi’s method, apparatus and storage medium for processing html5 canvas application with Gorancic’s Process for compiling and executing software applications in a multi-processor environment because it offers the advantage of having the flexibility of using different types of processors to perform additional functions.

As per claim 9, Gorancic in combination with Yi and Suzuki teaches the method according to claim 1, Yi further teaches wherein the second type of processor is a specialized processor and the first type of processor is a CPU (Central Processing Unit) (Yi, Paragraph 0040 recites “All code executions are completed by CPU. In the second thread, GPU is called to complete drawing only when drawing commands need to be executed by CPU. After calling the GPU, CPU enters an idle state. GPU returns after the drawing is completed. CPU is reactivated from the idle state and continues execution.”).
It would have been obvious to a person of ordinary skill in the art, at the earliest effective filing date to use Yi’s method, apparatus and storage medium for processing html5 canvas application with Gorancic’s Process for compiling and executing software applications in a multi-processor environment because it offers the advantage of having the flexibility of using different types of processors to perform additional functions.

Regarding claims 10 and 19, claims 10 and 19 are directed to a computer readable medium and an apparatus associated with the method of claim 1. Claims 19 and 20 are of similar scope to claim 1, and are therefore rejected under similar rationale.

Regarding claim 12, claim 12 is directed to a similar computer readable medium associated with the method of claim 3 respectively. Claim 12 is similar in scope to claim 3, respectively, and are therefore rejected under similar rationale. 


Regarding claim 15, claim 15 is directed to a similar computer readable medium associated with the method of claim 6 respectively. Claim 15 is similar in scope to claim 6, respectively, and are therefore rejected under similar rationale. 

Regarding claim 17, claim 17 is directed to a similar computer readable medium associated with the method of claim 8 respectively. Claim 17 is similar in scope to claim 8, respectively, and are therefore rejected under similar rationale. 

Regarding claim 18, claim 18 is directed to a similar computer readable medium associated with the method of claim 9 respectively. Claim 18 is similar in scope to claim 9 respectively, and are therefore rejected under similar rationale. 

Claims 2, 4, 11, 13 and 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Gorancic et al. (US 20060130128) in view of  Yi (US 20160162171) and Suzuki et al. (US 20080295120) and in further view of Dellow et al. (US 2014/0053278). (Examiner Note:  Claims 4 and 13 were listed under the improper section in the previous office action.  The claims are properly listed in this section, and of note, this is not a New rejection, just fixing a minor error).

As per claim 2, Gorancic in combination with Yi and Suzuki teaches the method according to claim 1, Gorancic further teaches wherein the Secure Object comprising code and data begins execution on the first type of processor and makes a call to and (Gorancic, Claim 24 recites “A method of executing one or more blocks of protected software code within a machine code program in a plural processor environment, each block of protected software code having a function call with arguments that are encrypted executable machine code, the method comprising: (a) executing at least portions of the machine code program in a first processor; and (b) upon reaching a function call for a block of protected software code, decrypting and executing the associated protected software code in a second processor.”).
 But fails to teach in which the special call passes a crypto key and an integrity value from the first processor to the second processor which the second processor uses to access a cryptographically protected region in system memory, wherein the second processor securely processing the information passed and protecting the information from other processing on the data processing system. in which the special call passes a crypto key and an integrity value from the first processor to the second processor which the second processor uses to access a cryptographically protected region in system memory, protecting the information from other processing on the data processing system.
However, in an analogous art Dellow teaches in which the special call passes a crypto key and an integrity value from the first processor to the second processor which the second processor uses to access a cryptographically protected region in system memory, wherein the second processor securely processing the information passed and protecting the information from other processing on the data processing system. in (Dellow, Paragraph 0054 recites “In one example, the security CPU-A includes a variant module 800, a key generator 805 and a filter 115. The key generator 805 generates keys 820 such as the key 820 displayed in FIG. 8. The key includes access rights 824, which include a designation of access to a specific, secure region of memory, such as Region 1 or Region 2 in the DRAM 115. Such designation of access may also include the right to write decrypted data to Region 1 or Region 2. A key table 828, which may also be stored in the DRAM 115 or other memory, provides links between keys 820 and corresponding access rights accessible by the security CPU-A. Once the security CPU-A generates a key and provides access to the security CPU-B or the host processor, then the security CPU-B (or the host processor) may access the region of memory containing the decrypted content. In the case of generation of a root key, the security CPU-B (or the host processor) may be able to decrypt a system or software file and write the decrypted file to the protected region of memory from where it may be executed.” It is implied that when there is a protected region of memory, then there would be a unprotected region as well.).
It would have been obvious to a person of ordinary skill in the art, at the earliest effective filing date to use Dellow’s data and key separation using a secure central processing unit with Gorancic’s Process for compiling and executing software applications in a multi-processor environment because it offers the advantage of ensuring that protected code be executed securely.

As per claim 4, Gorancic in combination with Yi, Suzuki and Dellow teaches the method according to claim 2, Gorancic further teaches wherein the second processor performs the processing requested in the special call, storing encrypted information resulting from the processing in system memory (Gorancic, Claim 24 recites “A method of executing one or more blocks of protected software code within a machine code program in a plural processor environment, each block of protected software code having a function call with arguments that are encrypted executable machine code, the method comprising: (a) executing at least portions of the machine code program in a first processor; and (b) upon reaching a function call for a block of protected software code, decrypting and executing the associated protected software code in a second processor.”).


Regarding claim 11, claim 11 is directed to a similar computer readable medium associated with the method of claim 2 respectively. Claim 11 is similar in scope to claim 2, respectively, and are therefore rejected under similar rationale. 

Regarding claim 13, claim 13 is directed to a similar computer readable medium associated with the method of claim 4 respectively. Claim 13 is similar in scope to claim 4, respectively, and are therefore rejected under similar rationale. 


As per claim 20, Gorancic in combination with Yi and Suzuki teaches the Secure Objects apparatus according to claim 19, Gorancic further teaches in which the special call passes a Secure Object ID from the first processor to the second processor which the second processor uses to access a protected region in system memory, and wherein the Secure Object is protected on each of the different processors including the first processor and the second processor (Gorancic, Claim 24 recites “A method of executing one or more blocks of protected software code within a machine code program in a plural processor environment, each block of protected software code having a function call with arguments that are encrypted executable machine code, the method comprising: (a) executing at least portions of the machine code program in a first processor; and (b) upon reaching a function call for a block of protected software code, decrypting and executing the associated protected software code in a second processor.”)
But fails to teach wherein the system memory includes unprotected memory and cryptographically-protected system memory, wherein a Secure Object's private information is cryptographically protected in the cryptographically-protected memory and the private information is available only in unencrypted form to a processor that has the Secure Object's crypto key, and wherein the Secure Object utilizes unprotected memory for communications buffers to communicate with other entities, and wherein the first processor calling the second processor in a special interprocessor call to allow access of protected information by the second processor from the first processor.
However, in an analogous art Dellow teaches wherein the system memory includes unprotected memory and cryptographically-protected system memory, wherein a Secure Object's private information is cryptographically protected in the cryptographically-protected memory and the private information is available only in unencrypted form to a processor that has the Secure Object's crypto key, and wherein the Secure Object utilizes unprotected memory for communications buffers to communicate with other entities, and wherein the first processor calling the second processor in a special interprocessor call to allow access of protected information by the second processor from the first processor (Dellow, Paragraph 0054 recites “In one example, the security CPU-A includes a variant module 800, a key generator 805 and a filter 115. The key generator 805 generates keys 820 such as the key 820 displayed in FIG. 8. The key includes access rights 824, which include a designation of access to a specific, secure region of memory, such as Region 1 or Region 2 in the DRAM 115. Such designation of access may also include the right to write decrypted data to Region 1 or Region 2. A key table 828, which may also be stored in the DRAM 115 or other memory, provides links between keys 820 and corresponding access rights accessible by the security CPU-A. Once the security CPU-A generates a key and provides access to the security CPU-B or the host processor, then the security CPU-B (or the host processor) may access the region of memory containing the decrypted content. In the case of generation of a root key, the security CPU-B (or the host processor) may be able to decrypt a system or software file and write the decrypted file to the protected region of memory from where it may be executed.” It is implied that when there is a protected region of memory, then there would be a unprotected region as well.).
It would have been obvious to a person of ordinary skill in the art, at the earliest effective filing date to use Dellow’s data and key separation using a secure central processing unit with Gorancic’s Process for compiling and executing software applications in a multi-processor environment because it offers the advantage of ensuring that protected code be executed securely.

Claims 5 and 14 is/are rejected under 35 U.S.C. 103 as being unpatentable over Gorancic et al. (US 20060130128), Yi (US 20160162171), Suzuki et al. (US 20080295120) Dellow et al. (US 2014/0053278) and in further view of Gidley et al. (US 2018/0373849).

As per claim 5, Gorancic in combination with Yi, Suzuki and Dellow teaches the method according to claim 2, but fails to teach wherein the return includes an integrity value for the Secure Object. 
(Gidley, Paragraph 0215 recites “At a step 656, the controller application 232 may use at least some of the metadata 228 accessed at the step 654 along with data provided by the protected code 216 in the request received by the controller application 232 at the step 306 in order to perform integrity verification. For example, at least part of the data provided by the protected code 216 in the request received by the controller application 232 at the step 306 may comprise one or more values (e.g. the above-mentioned modification data) derived from (or based on) the current protected code 216 (or the current code 215 or the current webpage 214) at the client system 210, and the metadata 228 obtained at the step 654 may comprise one or more expected integrity values--the controller application 232 may, therefore compare the one or more values received in the request with the one or more expected integrity values--if the one or more values received in the request match (or equal) the one or more expected integrity values, then the controller application 232 may determine that the protected code 216 (or the code 215 or the webpage 214) has not been tampered with; otherwise, the controller application 232 may determine that an attack is being (or has been) performed and that the protected code 216 (or the code 215 or the webpage 214) has been tampered with. It will be appreciated that the controller application 232 may perform other processing using the one or more values received in the request and the expected integrity values to in order to carry out integrity verification.”).
It would have been obvious to a person of ordinary skill in the art, at the earliest effective filing date to use Gidley’s securing webpages, webapps and applications with Gorancic’s Process for compiling and executing software applications in a multi-

Regarding claim 14, claim 14 is directed to a similar computer readable medium associated with the method of claim 5 respectively. Claim 14 is similar in scope to claim 5, respectively, and are therefore rejected under similar rationale. 

Claims 7 and 16 is/are rejected under 35 U.S.C. 103 as being unpatentable over Gorancic et al. (US 20060130128), Yi (US 20160162171) and Suzuki et al. (US 20080295120) and in further view of Tamasi et al. (US 2013/0067240).

As per claim 7, Gorancic in combination with Yi and Suzuki teaches the method according to claim 1, but fails to teach wherein the data processing system is an artificial intelligence system. 
	However, in an analogous art Tamasi teaches wherein the data processing system is an artificial intelligence system (Tamasi, Paragraph 0033 recites “In one exemplary embodiment, a portion of the Application 210 run as a Binary 218 by the Secure Service 206 in the Secure OS 204 can be a portion of a video game's artificial intelligence (AI). As discussed, the Binary 218 will only execute if a software application license validation process is successful. Therefore, if any calls to the Secure Service 206 were removed in an attempt to circumvent the license validation, the video game would run, but without the proper AI (receiving only the selected garbage data rather than a response from the Binary 218). Without AI, the game would be likely unplayable as the AI can form a key component of the gameplay.”).
It would have been obvious to a person of ordinary skill in the art, at the earliest effective filing date to use Tamasi’s content protection via online servers and code execution in a secure operating system with Gorancic’s Process for compiling and executing software applications in a multi-processor environment because it offers the advantage of protecting against tampering of an AI system.

Regarding claim 16, claim 16 is directed to a similar computer readable medium associated with the method of claim 7 respectively. Claim 16 is similar in scope to claim 7, respectively, and are therefore rejected under similar rationale. 

Conclusion
	THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to RODERICK TOLENTINO whose telephone number is (571)272-2661.  The examiner can normally be reached on Mon- Fri 8am-4pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu Pham can be reached on 571-270-5002.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.



RODERICK . TOLENTINO
Examiner
Art Unit 2439



/RODERICK TOLENTINO/Primary Examiner, Art Unit 2439