DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claims status
Claims 1, 3, 5, 6, 8, 9 and 11 are amended. Claims 2, 4, 7, 10, and 12-25 are cancelled.  Claims 26-39 are newly added, per Applicant’s amendment filled on May 10, 2021.
Response to Arguments
Applicant should submit an argument under the heading “Remarks” pointing out disagreements with the examiner’s contentions.  Applicant must also discuss the references applied against the claims, explaining how the claims avoid the references or distinguish from them. 
Claims remain rejected based on rationale set forth below.

Claim Objections
Claim 3 is objected to because of the following informalities:  it references to a currently cancelled claim 2.  For the purpose of performing action on the on the merit, the examiner assumed that claim 3 relies on claim 1 (Currently Amended).
Claim 5 is objected to because of the following informalities:  the phrase “more” is duplicate.  Appropriate correction is required.
Claim 8 is objected to because of the following informalities:  A singular form of the Word .  Appropriate correction is required.
Claim 26 is objected to because of the following informalities:  The word “ circuitry” spelled incorrectly.  It should be spelled circuitry.  Appropriate correction is required.

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

Claim 33 is rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter. The claim does not fall within at least one of the four categories of patent eligible subject matter because the under broadest reasonable interpretation of the phrase “computer-readable storage media:…” is not directed to process, machine or manufacture, or composition of matter.  The claim is directed to a signal per se because the BRI of machine readable media can encompass non-statutory transitory forms of signal transmission, such as a propagating electrical or electromagnetic signal per se.

Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.

Claims 1, 5,  11, 26, 28 32 , 33, 35 and 39 are rejected under 35 U.S.C. 102 (a)(1) as being anticipated by Smith et al. (US 9215249 B2, hereafter Smith.)
Regarding to claim 1, (Currently Amended) Smith teaches An apparatus ([ Col 18, lines  60-63]  service provider device (i.e. apparatus)) comprises: a manageability controller circuitry coupled to or hosted by one or more processors, ([Col 5, lines 21-22] manageability engine technology, a security co-processor, manageability engine (i.e. manageability controller circuitry)) 
the manageability controller circuitry comprising: a remote communicator circuitry to receive a secret key from a network source; and ([Col 6, lines 54-68] TTIM 308 when executed by processor 304 may cause client 101 to transmit a trusted task initiation signal (TTIS, not shown) from client 101 to service provider 102.sub.n, e.g., from Comms 307 to Comms 313. (i.e. communication circuitry); [Col 9, lines 39-42] The TTIS may include a copy of the policy generated by the client (i.e. network source) for the data/code in question. The TTIS may also include one or more key exchange keys, encryption keys, a private client ID, combinations thereof. (receive secret key))
a local authenticator circuitry to (i) authenticate a secure enclave of the apparatus, 
wherein the secure enclave is isolated from untrusted software of the apparatus, and ([Col 14, lines 63-67, Col 15, lines 1, 2] Service provider 102.sub.n also instantiates containers/realms within its TEE for each of the encrypted data compartments. For example, service provider 102.sub.n may schedule compartment data and execution data within respective isolated execution environments (e.g., the restricted realm, sensitive, realm, unclassified realm, etc.) with its TEE.)
(ii) securely provision a first session key derived from the secret key to the secure enclave in response to authentication of the secure enclave, ([Col 11, lines 40-45] The discussion of FIG. 5 therefore focuses on the generation and management of encryption keys that may be used to protect the data/code that is the subject of a trusted task, as well as the communicative exchanges that may occur between a client and service provider.; [Col 11, lines 45-67; col 12, lines 1-26] discloses derivation of session key (first session key) from exchanged secret key and provision of session key to a TEE (securely provision secret enclave)) 
wherien the local authenticator circuitry is further to securely provision a second session key derived from the secret key to the secure enclave in response to a determination that the first session key has expired.  ([Col 14, lines 31-35] In either case, a Sigma session may be made more temporal by appending a counter value to the basename (e.g., SessionID=CMAC(basename, counter). //Examiner remark: since the session key are temporal (set expiration time), it will generate second 

Regarding to claims  26 and 33,  they are rejected on same rational as claim  1.

Regarding to claim 5, (Currently Amended) Smith teaches the apparatusne or more more processors, ([Col 18, lines 60-63] Another exemplary service provider device includes any or all of the foregoing components, wherein the TEE is provided using at least one of virtualization technology, hardware security module technology (processor), and secure enclave technology. ) 
wherein the secure enclave to perform a cryptographic operation with the session key in response to the secure provisioning of the first or second session keys.  ([Col 11, lines 40-45] The discussion of FIG. 5 therefore focuses on the generation and management of encryption keys that may be used to protect the data/code that is the subject of a trusted task, as well as the communicative exchanges that may occur between a client and service provider.  {Col 11, lines 46-67], Col 12, lines 1-17] discloses generation and use of session key ( first session key) )

Regarding to claims 28 and 35, they are rejected on the same rational as claim 5.

Regarding to claim 11, (Currently Amended) Smith teaches the apparatus 
wherein the untrusted software comprises one or more of a pre-boot firmware environment, an operating system, or a hypervisor.  ([Col 4, lines 45-46]  a TEE is a secure environment that runs alongside (isolated) an operating system and which provides secure services to that operating system)

Regarding to claims 32 and 39, they are rejected on the same rational as claim 11.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 3, 6, 8, 9, 27, 29, 30, 31, 34, 36, 37 and 38 are rejected under 35 U.S.C. 103 as being unpatentable.
Claims 3, 27 and 34 are rejected under 35 U.S.C. 103 as being unpatentable over Smith et al. Smith), and in further view of Hu et al. ( "Certificate Revocation Guard (CRG): An Efficient Mechanism for Checking Certificate Revocation," 2016 IEEE 41st Conference on Local Computer Networks (LCN), Dubai, 2016, pp. 527-530, doi: 10.1109/LCN.2016.84., hereinafter, Hu).
Regarding to claim 3, (Currently Amended) Smith teaches The apparatus the manageability controller circuitry further comprises a revocation manager circuitry to determine whether the first session key has expired in response to the secure provisioning of the first session key to the secure enclave; and ([Col 14, lines 31-35] In either case, a Sigma session may be made more temporal by appending a counter value to the basename (e.g., SessionID=CMAC(basename, counter). //Examiner remark: since the session key are temporal (set expiration time), it will generate second session key after first session expires.)
wherein to determine whether the secret key has been revoked comprises to communicate with the network source via a network interface that is isolated from the untrusted software
Smith doesn’t explicitly teach the revocation manager circuitry is further to determine whether the secret key has been revoked by the network source; wherein to securely provision the second session key comprises to securely provision the second session key in response to a determination that the  

Hu from analogues endeavor teaches the revocation manager circuitry is further to determine whether the secret key has been revoked by the network source, ([Page 528, Fig 1 description] Basic overview of our proposed approach in which CRG intercepts the SSL/TLS Certificate message (Step 3) and consults the certificate revocation status with the revocation manager (Step 4). (i.e. since the session key are configured to a particular session, and subsequent session key negotiation occurs while a certificate/key is revoked, it will be intercepted by CRG.  )
wherein to securely provision the second session key comprises to securely provision the second session key in response to a determination that the secret key has not been revoked, ([Page 528, Fig 1 description] Furthermore, a new session key will be allowed only when there is a valid certificate/secret key)
Therefore, it would have been obvious to a person having ordinary skills in the art, before the effective filing date of the claimed invention, to incorporate the teaching of Hu into the teachings of Smith to improve monitoring of certificate/key revocation in the network, as taught by Hu [Page 529, Col 1, Sec. A Data Collection].  The combining of the teachings would have yielded predictable results to one of ordinary skills in the art. 

Regarding to claims 27 and 34, they are rejected on the same rational as claim 3.

Claims 6, 29 and 36 are rejected under 35 U.S.C. 103 as being unpatentable over Smith et al. (US 9215249 B2, hereafter Smith), and in further view of Vij et al. (US 20160381005 A1, hereinafter Vij)

Regarding to claim 6, (Currently Amended) Smith teaches The apparatus circuitry comprises a coprocessor having a network interface associated with the network source, ([Col 5, lines 21-22]  see manageability engine technology, a security co-processor, manageability engine (i.e. manageability controller circuitry);  [Col 5, lines 56-57] a communications interface (“Comms,” i.e., Comms 307/313) 
Smith doesn’t explicitly teach wherein the network interface is isolated from the untrusted software.  
Vij from analogues endeavor teaches wherein the network interface is isolated from the untrusted software.  ([0019] the security engine 132 is also capable of communicating using the communication circuitry 130 or a dedicated communication circuit independently of the state of the computing device 100 (e.g., independently of the state of the main processor 120), also known as “out-of-band” communication.)
Therefore, it would have been obvious to a person having ordinary skills in the art, before the effective filing date of the claimed invention, to incorporate the teaching of  Vij to the teachings of Smith the TTE use a sideband channel for more secure communication.  The combining of the teachings would have yielded predictable results to one of ordinary skills in the art. 

Regarding to claims 29 and 36, they are rejected on the same rational as claim 6. 

Claims 8 and 9 are rejected under 35 U.S.C. 103 as being unpatentable over Smith et al. (US 9215249 B2, hereafter Smith), and in further view of Elnekaveh et el. (US 20180365406 A1, Hereinafter, Elnekaveh)

Regarding to claim 8, (Currently Amended) The apparatus - Smith doesn’t explicitly teach further comprising a peripheral devicefirst or second session keys.  
ELNEKAVEH from analogues endeavor teaches further comprising a peripheral devicefirst or second session keys.  ([0019] With a shared secret between the secure processor and the peripheral device, a secure channel ( i.e. encrypted data) may be implemented and established between the secure processor and the peripheral device with reduced hardware and software complexity.)
Therefore, it would have been obvious to a person having ordinary skills in the art, before the effective filing date of the claimed invention, to incorporate the teaching of Elnekaveh to Smith to provide a secure peripheral device verification so it won’t be exploited by an attacker, as taught by Elnekaveh [0003].  The combining of the teachings would have yielded predictable results to one of ordinary skills in the art. 


Regarding to claim 9, (Currently Amended) The apparatus Smith doesn’t explicitly teach wherein the local authenticator circuitry is further to securely provision the first or second session keys to the peripheral device in response to the authentication of the secure enclave, wherein the session key is encrypted with the secret key, and wherein the secret key is pre-provisioned to the peripheral device, wherein the local authenticator circuitry is further to securely provision the first or second session keys to the peripheral device via a secure sideband channel in response to the authentication of the secure enclave.  

Elnekaveh teaches wherein the local authenticator circuitry is further to securely provision the first or second session keys to the peripheral device in response to the authentication of the secure enclave, wherein the session key is encrypted with the secret key, and wherein the secret key is pre-provisioned to the peripheral device, ([0018] During manufacturing time, if no keys were previously exchanged with a peripheral device, a secure processer may auto-provision a shared secret or exchange asymmetric keys with one or more peripheral devices.  [0019] With a shared secret between the secure processor and the peripheral device, a secure channel (i.e. encrypted communication with a session key derived of shared secret key) may be implemented and established between the secure processor and the peripheral device with reduced hardware and software complexity)
wherein the local authenticator circuitry is further to securely provision the first or second session keys to the peripheral device via a secure sideband channel in response to the authentication of the secure enclave.  (0030]With a shared secret between the secure processor 207 and the peripheral device 260, a secure channel 262 may be implemented and established between the secure processor 207 and the peripheral device 260 with reduced hardware or software complexity.)
Elnekaveh to Smith to provide a secure peripheral device verification so it won’t be exploited by an attacker, as taught by Elnekaveh [0003].  The combining of the teachings would have yielded predictable results to one of ordinary skills in the art. 

Claims 30, 31, 37 and 38 are rejected under 35 U.S.C. 103 as being unpatentable over Smith et al. (US 9215249 B2, hereafter Smith), and in further view of Vij et al. (US 20160381005 A1, hereinafter Vij), and in further view of  Elnekaveh et el. (US 20180365406 A1, Hereinafter, Elnekaveh)


Regarding to claim 30, (New) The method of claim 29, the combination of Smith and Vij don’t explicitly teach further comprising performing, by the manageability controller circuitry, the cryptographic operation to receive encrypted data from the peripheral device, wherein the encrypted data is encrypted with the first or second session keys.  
ELNEKAVEH from analogues endeavor teaches further comprising performing, by the manageability controller circuitry, the cryptographic operation to receive encrypted data from the peripheral device, wherein the encrypted data is encrypted with the first or second session keys.   ([0019] With a shared secret between the secure processor and the peripheral device, a secure channel ( i.e. encrypted data) may be implemented and established between the secure processor and the peripheral device with reduced hardware and software complexity.)
Therefore, it would have been obvious to a person having ordinary skills in the art, before the Elnekaveh to Smith and Vij to provide a secure peripheral device verification so it won’t be exploited by an attacker, as taught by Elnekaveh [0003].  The combining of the teachings would have yielded predictable results to one of ordinary skills in the art. 

Regarding to claim  37, it is rejected on same rational as claim  30.

Regarding to claim 31, (New) The method of claim 30, the combination of Smith and Vij don’t explicitly teach  further comprising: securely provisioning, by the manageability controller circuitry, the first or second session keys to the peripheral device in response to the authentication of the secure enclave, wherein the session key is encrypted with the secret key, and wherein the secret key is pre-provisioned to the peripheral device; and securely provisioning, by the manageability controller circuitry, the first or second session keys to the peripheral device via a secure sideband channel in response to the authentication of the secure enclave.  
ELNEKAVEH from analogues endeavor teaches further comprising: securely provisioning, by the manageability controller circuitry, the first or second session keys to the peripheral device in response to the authentication of the secure enclave, wherein the session key is encrypted with the secret key, and wherein the secret key is pre-provisioned to the peripheral device;  and ([0018] During manufacturing time, if no keys were previously exchanged with a peripheral device, a secure processer may auto-provision a shared secret or exchange asymmetric keys with one or more peripheral devices.  [0019] With a shared secret between the secure processor and the peripheral device, a secure channel (i.e. encrypted communication with a session key derived of shared secret 
and securely provisioning, by the manageability controller circuitry, the first or second session keys to the peripheral device via a secure sideband channel in response to the authentication of the secure enclave.  ([0030]With a shared secret between the secure processor 207 and the peripheral device 260, a secure channel 262 may be implemented and established between the secure processor 207 and the peripheral device 260 with reduced hardware or software complexity.)

Therefore, it would have been obvious to a person having ordinary skills in the art, before the effective filing date of the claimed invention, to incorporate the teaching of Elnekaveh to Smith and Vij to provide a secure peripheral device verification so it won’t be exploited by an attacker, as taught by Elnekaveh [0003].  The combining of the teachings would have yielded predictable results to one of ordinary skills in the art. 

Regarding to claim  38, it is rejected on same rational as claim  31.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
US-20170104597-A1 - Technologies For End-To-End Biometric-Based Authentication And Platform Locality Assertion
US-20150347768-A1 - Policy-Based Trusted Inspection Of Rights Managed Content
US-20150113241-A1 - Establishing Physical Locality Between Secure Execution Environments
US-10469265-B2 - Technologies For Secure Inter-Enclave Communications
THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SOLOMON AREGA whose telephone number is (571)272-0122. The examiner can normally be reached on Monday - Friday from 8:30 AM to 5:00 PM (EDT).
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn Feild, can be reached at telephone number (571)272-0122. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://portal.uspto.gov/external/portal. Should you have questions about access to the Private PAIR 
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

/SOLOMON AREGA/Examiner, Art Unit 4164      
                                                                                                                                                                                 /SHIN-HON (ERIC) CHEN/Primary Examiner, Art Unit 2431