DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Status
This instant application No. 16/296310 has claims 1-2, 4-9, 11-19, and 22-25 pending.  
Claims 3, 10, and 20-21 have been canceled.

Information Disclosure Statement
As required by M.P.E.P. 609(C), the Applicant’s submission of the Information Disclosure Statements dated [1] 26 April 2021, [2] 11 May 2021, and [3] 1 June 2021 are acknowledged by the Examiner and the cited references have been considered in the examination of the claims now pending. As required by M.P.E.P. 609 C(2), a copy of the PTOL-1449 initialed and dated by the Examiner is attached to the instant Office action.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:

A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

Claim(s) 1, 2, 4-9, 11-16, 18-19 and 22-24 are rejected under 35 U.S.C. 103 as being unpatentable over Farrell et al. (Pub. No. US2009/0217098) in view of Jin et al. (NPL titled “H-SVM: Hardware-Assisted Secure Virtual Machines under a Vulnerable Hypervisor”) in view of McKeen et al. (Pub. No. US2019/0087586) in view of Sell (Pub. No. US2016/0371496).
Regarding claims 1, 8, and 15, Farrell discloses the following: 
A method comprising: 
receiving by an entity that is executing on a host server, a request to dispatch a secure entity; 
(Farrell teaches receiving by a non-trusted entity, e.g. “a control program” such as a hypervisor [0023, 0030], that is executing on a host server [0028-0029], a request to dispatch a secure entity or one of many “proven secure logical partitions” [0029], e.g. “a virtual server dispatched by the control program until the server's time slice has been consumed or until the server wants to perform an operation that the hardware cannot virtualize or for which the control program is to regain control” [0030])
determining, by a secure interface control of the host server, whether the host server is in an auxiliary-secure (AS) debug mode for testing an AS entity, and 
(Farrell teaches determining, by a secure interface control – see protection facilities [0154] and interface [0241] – of the host server [0028-0030], whether the host server is in an auxiliary-secure (AS) debug mode – evidenced by “the case when a possibly erroneous application program is executed in conjunction with a reliable subsystem, provided that the application program needs to access only a portion of the storage accessed by the subsystem” [0169] – and further by a “problem state” determined from an instruction [0170], the AS debug mode is purposed for testing an AS entity [0169-0170], such an “an access key of 9” [0170] corresponding to “bit 9 of the PSW-key mask” [0170])


Farrell does not disclose the following:
a non-trusted entity
Nonetheless, this feature would have been made obvious, as evidenced by Jin.
(Jin discloses a non-trusted entity – cited as “a Vulnerable Hypervisor” [see TITLE of Jin] and “an untrusted hypervisor” [Abstract of Jin])
At a time prior to the effective filing date of Applicant’s claimed invention, it would have been obvious to modify Farrell with the teachings of Jin. 
One of ordinary skill in the art would recognize the desirability of performing the following modification: Apply this attribute of Jin to the entity disclosed by Farrell. 
The motivation would have been to propose and implement “a HW-based approach to protect guest VMs even under an untrusted hypervisor” [Abstract of Jin].

However, Farrell in view of Jin does not disclose the following:
(1)	the determining based on a value of an AS-debug bit;
(2)	based on determining that the host server is in the AS debug mode, loading a secure guest entity state from a state descriptor for the secure entity into an AS entity state in hardware to test, upon dispatch of the secure entity, accesses to pages in a memory that are registered as secure and as belonging to the AS entity.
Nonetheless, this feature would have been made obvious, as evidenced by McKeen.
(1) (McKeen teaches that the determining based on a value/indication of an AS-debug bit [0330])
(2) (McKeen teaches, based on determining that the host server is in the AS debug mode [0122, 0329-0330; TABLE 5-2] evidenced by indication of “debug bit” [0330], “SE-aware debugger is targeting a debug-mode enclave” [0335], loading a secure guest entity state from a state descriptor [0330] for the secure entity/enclave [0330, 0333, 0335], e.g. “Debuggers needing to look at the enclave contents will external access to the enclave contents using the EDBGRD and EDBGWR instructions” [0329]. 
For thorough disclosure of determining the AS debug mode, McKeen cites the following: 
“For debug enclaves, the debug register value is not changed. When RFLAGS.TF is set at the start of an EENTER instruction, there are two cases to be considered: 
1. The debugger is a legacy (non SE-aware) or the enclave is in production (non-debug) mode. 
2. An SE-aware debugger is targeting a debug-mode enclave” [0333-0335].
For evidence of pages in memory registered as secure, McKeen cites the following: 
“Whenever a page of an enclave is removed from the EPC, cryptographic protections are used to protect the confidentiality of the enclave and to detect tampering when the enclave is loaded back into the EPC” [0038]. 
For evidence of pages belonging to the AS entity/bit, McKeen cites the following:
	“The EPC contains a debug bit which indicates that the enclave is a debug enclave” [0330])
At a time prior to the effective filing date of Applicant’s claimed invention, it would have been obvious to modify Farrell in view of Jin with the teachings of McKeen. 
One of ordinary skill in the art would recognize the desirability of performing the following modification: Apply this teaching of McKeen to load state data for a secure entity of Farrell in view of Jin.
The motivation would have been as follows: 
“If a permit is used to launch a debug enclave, permit->Flags[DEBUG] may be set, and only capabilities allowed by debug enclaves may be set in the permit” [0186 – McKeen].
“An enclave can be set as a debug enclave when it is created. The debug enclave will allow external access to the enclave contents using the EDBGRD and EDBGWR instructions” [0329 – McKeen].

However, Farrell in view of Jin in view of McKeen does not disclose the following:
the AS entity state comprising an AS-mode bit and an AS-domain register, wherein, the same test cases used to test data accesses to secure guest storage when the host server is in a secure guest mode are used to test data accesses to secure interface control storage when the host server is in the AS debug mode.
Nonetheless, this feature would have been made obvious, as evidenced by Sell.
(Sell provides evidence of the AS entity state comprising an AS-mode bit [0084, 0088, 0090, 0241; Claim 6 of Sell], e.g. “target PR identifying tag (PRCAT signal)” [0090], and an AS-domain register, e.g. “registers for testing the respective virtual addresses (VA's) in those registers…The PR ID's of those tests (218dx, 218dt) are stored into respective registers that form inputs of the PR constraints enforcing mechanism (218e)” [0085], wherein, the same test cases used to test data accesses to secure guest storage when the host server [0191] is in a secure guest mode, e.g. “when PR mode is active” [0081] are used to test data accesses to secure interface control storage when the host server [0191] is in the AS debug mode – such as a mode where match testing is performed are performed on pages [0143, 0151, 0155])
This teaching of Sell provides supplementary features about an AS entity state and an AS debug mode, and further suggests that these features can be used within the hardware system of Farrell in view of Jin in view of McKeen.
At a time prior to the effective filing date of Applicant’s claimed invention, it would have been obvious to modify Farrell in view of Jin in view of McKeen with the teachings of Sell. 
One of ordinary skill in the art would recognize the desirability of performing the following modification: Rationale G. Teaching, Suggestion, and Motivation. 
The motivation would have been as follows: “the integrity test on the attributes of the at least first protected region includes an integrity test on the attributes as stored in a memory zone that is configured to not be directly accessible to user software and to operating system software of a respective data processing device that is to enforce the attributes” [0241 - Sell].
Regarding claims 2 and 9, Farrell in view of Jin in view of McKeen in view of Sell disclose the following: 
further comprising dispatching the secure entity.
(Farrell teaches a step of dispatching the secure entity, e.g. “proven secure logical partitions” [0029] for “a virtual server dispatched by the control program” [0030])
Regarding claims 4 and 11, Farrell in view of Jin in view of McKeen in view of Sell disclose the following: 
wherein the AS-debug bit is a hardware bit[[s]].
(McKeen teaches AS-debug bit [0329-0330; TABLE 5-2] evidenced by indication of “debug bit” [0330] is a hardware bit [0328, 0330], e.g. a bit for “the Enclave Page Cache (EPC)” [0038])
At a time prior to the effective filing date of Applicant’s claimed invention, it would have been obvious to modify Farrell in view of Jin with the teachings of McKeen. 
One of ordinary skill in the art would recognize the desirability of performing the following modification: Apply this teaching of McKeen to determine that the host server of Farrell in view of Jin is in debug mode. 
McKeen].
Regarding claims 5 and 12, Farrell in view of Jin in view of McKeen in view of Sell disclose the following: 
further comprising: 
based on determining that the host server is not in the AS debug mode, loading the secure guest entity state from the state descriptor for the secure entity into a secure guest entity state in hardware to test, upon dispatch of the secure entity, accesses to pages in memory that are registered as secure.
(McKeen teaches based on determining that the host server/remote platform [0040, 0108] is not in the AS debug mode [0330, 0334] – equivalent to a “production (non-debug) mode” [0334], e.g. “Enclaves which are created with the debug bit clear are production enclaves” [0330], loading the secure guest entity state from the state descriptor for the secure entity [0330, 0334] into a secure guest entity state in hardware to test [0330-0332, 0335], e.g. “When entering a production enclave the debug control register, DR7 is saved in the TCS save area” [0331], upon dispatch of the secure entity, accesses to pages, e.g. enclave memory locations, in memory [0330, 0335] that are registered as secure [0038])
At a time prior to the effective filing date of Applicant’s claimed invention, it would have been obvious to modify Farrell in view of Jin with the teachings of McKeen. 
One of ordinary skill in the art would recognize the desirability of performing the following modification: Apply this teaching of McKeen in accordance with a determination that the host server of Farrell in view of Jin is not in the AS debug mode.
The motivation would have been as follows:
“Enclaves which are created with the debug bit clear are production enclaves” [0330 – McKeen].
“When entering a production enclave the debug control register, DR7 is saved in the TCS save area” [0331 – McKeen
Regarding claims 6 and 13, Farrell in view of Jin in view of McKeen in view of Sell disclose the following: 
wherein the non-trusted entity is a hypervisor and the secure entity is a secure virtual machine (VM).
(Jin discloses that the non-trusted entity is a hypervisor – cited as “a Vulnerable Hypervisor” – and the secure entity is a secure virtual machine (VM) – cited as “Secure Virtual Machines” [see TITLE of Jin])
At a time prior to the effective filing date of Applicant’s claimed invention, it would have been obvious to modify Farrell with the teachings of Jin. 
One of ordinary skill in the art would recognize the desirability of performing the following modification: Use the non-trusted hypervisor of Jin and the secure virtual machine (VM) of Jin as the non-trusted entity and the secure entity of Farrell.
The motivation would have been to provide a scenario where the “hypervisor can still flexibly allocate physical memory pages to virtual machines for efficient resource management” [Abstract – Jin].
Regarding claims 7 and 14, Farrell in view of Jin in view of McKeen in view of Sell disclose the following: 
wherein the secure entity is a test case.
(Farrell teaches that the secure entity or “guest”, e.g. “a guest program in a virtual machine” [0033], is a test case [0204, 0207, 0249], e.g. “disallowed storing causes a protection exception to be recognized, which results in a guest or host program interruption. However, store access to the first 4K-byte block of the guest prefix area is checked on entry to the interpretive-execution mode, and any access exception encountered during this test results in validity interception (e.g., VIR code 0037 hex)” [0204] and “a guest program of the guest image fetches the TPROT instruction for execution, the TPROT instruction specifying a memory location to be tested” [0249])


Regarding claims 16 and 24, Farrell discloses the following: 
A method comprising: 
receiving by an entity that is executing on a host server, a request to dispatch a secure entity; 
(Farrell teaches receiving by a non-trusted entity, e.g. “a control program” such as a hypervisor [0023, 0030], that is executing on a host server [0028-0029], a request to dispatch a secure entity or one of many “proven secure logical partitions” [0029], e.g. “a virtual server dispatched by the control program until the server's time slice has been consumed or until the server wants to perform an operation that the hardware cannot virtualize or for which the control program is to regain control” [0030])
determining, by a secure interface control of the host server, whether the secure entity is in an auxiliary-secure (AS) debug mode for testing an AS entity, 
(Farrell teaches determining, by a secure interface control – see protection facilities [0154] and interface [0241] – of the host server [0028-0030], whether the secure entity is in an auxiliary-secure (AS) mode – evidenced by “the case when a possibly erroneous application program is executed in conjunction with a reliable subsystem, provided that the application program needs to access only a portion of the storage accessed by the subsystem” [0169] – and further by a “problem state” determined from an instruction [0170], the AS mode is purposed for testing an AS entity [0169-0170], such an “an access key of 9” [0170] corresponding to “bit 9 of the PSW-key mask” [0170])

However, Farrell does not disclose the following:
a non-trusted entity
Nonetheless, this feature would have been made obvious, as evidenced by Jin.
(Jin discloses a non-trusted entity – cited as “a Vulnerable Hypervisor” [see TITLE of Jin] and “an untrusted hypervisor” [Abstract of Jin])
At a time prior to the effective filing date of Applicant’s claimed invention, it would have been obvious to modify Farrell with the teachings of Jin. 
One of ordinary skill in the art would recognize the desirability of performing the following modification: Apply this attribute of Jin to the entity disclosed by Farrell. 
The motivation would have been to propose and implement “a HW-based approach to protect guest VMs even under an untrusted hypervisor” [Abstract of Jin].

However, Farrell in view of Jin does not disclose the following:
(1)	the determining based on a value of an AS-debug bit;
(2)	based on determining that the secure entity is in the AS debug mode, loading an AS entity state from the [[a]] state descriptor for the secure entity into an AS entity state in the hardware to test, upon dispatch of the secure entity, access to pages in a memory that are registered as secure and as belonging to the 
Nonetheless, this feature would have been made obvious, as evidenced by McKeen.
(1) (McKeen teaches that the determining based on a value/indication of an AS-debug bit [0330])
(2) (McKeen teaches, based on determining that the host server is in AS debug mode [0122, 0329-0330; TABLE 5-2] evidenced by indication of “debug bit” [0330], “SE-aware debugger is targeting a debug-mode enclave” [0335], loading an AS entity state from a state descriptor [0330] for the secure entity/enclave [0330, 0333, 0335], e.g. “Debuggers needing to look at the enclave contents will load the memory into the EPC.” [0330], into an AS entity state in hardware to test, e.g. “A debug enclave is set up by setting the debug flag in the ECREATE instruction. This bit is stored inside the SECS of the enclave” [0329], upon dispatch/set-up of the secure entity/enclave [0329-0330, 0335], access to pages in a memory, e.g. “access enclave memory locations” that are registered as secure [0038] and as belonging external access to the enclave contents using the EDBGRD and EDBGWR instructions” [0329]. 
For thorough disclosure of determining the AS debug mode, McKeen cites the following: 
“For debug enclaves, the debug register value is not changed. When RFLAGS.TF is set at the start of an EENTER instruction, there are two cases to be considered: 
1. The debugger is a legacy (non SE-aware) or the enclave is in production (non-debug) mode. 
2. An SE-aware debugger is targeting a debug-mode enclave” [0333-0335].
For evidence of pages in memory registered as secure, McKeen cites the following: 
“Whenever a page of an enclave is removed from the EPC, cryptographic protections are used to protect the confidentiality of the enclave and to detect tampering when the enclave is loaded back into the EPC” [0038]. 
For evidence of pages belonging to the AS entity/bit, McKeen cites the following:
	“The EPC contains a debug bit which indicates that the enclave is a debug enclave” [0330])
At a time prior to the effective filing date of Applicant’s claimed invention, it would have been obvious to modify Farrell in view of Jin with the teachings of McKeen. 
One of ordinary skill in the art would recognize the desirability of performing the following modification: Apply this teaching of McKeen to load state data for a secure entity of Farrell in view of Jin.
The motivation would have been as follows: 
“If a permit is used to launch a debug enclave, permit->Flags[DEBUG] may be set, and only capabilities allowed by debug enclaves may be set in the permit” [0186 – McKeen].
“An enclave can be set as a debug enclave when it is created. The debug enclave will allow external access to the enclave contents using the EDBGRD and EDBGWR instructions” [0329 – McKeen].

Farrell in view of Jin in view of McKeen does not disclose the following:
the AS entity state comprising an AS-mode bit and an AS-domain register, wherein, the same test cases used to test data accesses to secure guest storage when the host server is in a secure guest mode are used to test data accesses to secure interface control storage when the host server is in the AS debug mode.
Nonetheless, this feature would have been made obvious, as evidenced by Sell.
(Sell provides evidence of the AS entity state comprising an AS-mode bit [0084, 0088, 0090, 0241; Claim 6 of Sell], e.g. “target PR identifying tag (PRCAT signal)” [0090], and an AS-domain register, e.g. “registers for testing the respective virtual addresses (VA's) in those registers…The PR ID's of those tests (218dx, 218dt) are stored into respective registers that form inputs of the PR constraints enforcing mechanism (218e)” [0085], wherein, the same test cases used to test data accesses to secure guest storage [0113, 0168; TABLE 3] when the host server [0191] is in a secure guest mode, e.g. “when PR mode is active” [0081] are used to test data accesses to secure guest storage when the host server [0191] is in the AS debug mode – such as a mode where match testing is performed are performed on pages [0143, 0151, 0155])
This teaching of Sell provides supplementary features about an AS entity state and an AS debug mode, and further suggests that these features can be used within the hardware system of Farrell in view of Jin in view of McKeen.
At a time prior to the effective filing date of Applicant’s claimed invention, it would have been obvious to modify Farrell in view of Jin in view of McKeen with the teachings of Sell. 
One of ordinary skill in the art would recognize the desirability of performing the following modification: Rationale G. Teaching, Suggestion, and Motivation. 
The motivation would have been as follows: “the integrity test on the attributes of the at least first protected region includes an integrity test on the attributes as stored in a memory zone that is Sell].
Regarding claim 18, it has the same basis of rejection as claims 2 and 9, with teachings of Farrell in view of Jin in view of McKeen in view of Sell.
Regarding claim 19, Farrell in view of Jin in view of McKeen in view of Sell disclose the following: 
wherein the secure guest entity state comprises a domain and a mode bit.
(Farrell teaches that the secure guest entity state comprises a domain or “SIE state-retention assist” [0221], e.g. “ECA.18 and ECB.6 are retainable by the SIE state-retention assist” [0221], and a mode bit, e.g. “a hypervisor sets a state value (ECB.6) for a guest image of a logical partition” [0249] and “ECB.6 is one” [0252])
Regarding claim 22, it has the same basis of rejection as claims 6 and 13, with teachings of Farrell in view of Jin in view of McKeen in view of Sell.
Regarding claim 23, it has the same basis of rejection as claims 7 and 14, with teachings of Farrell in view of Jin in view of McKeen in view of Sell.
Claim(s) 17 and 25 are rejected under 35 U.S.C. 103 as being unpatentable over Farrell in view of Jin in view of McKeen in view of Sell in view of Rozas et al. (Pub. No. US2017/0054557 filed on August 18, 2015; hereinafter Rozas).
Regarding claims 17 and 25, Farrell in view of Jin in view of McKeen in view of Sell does not disclose the following: 
further comprising, based on determining that the secure entity is in an AS mode: 
(1)	determining, by the secure interface control of the host server, whether the secure 
(2)	based on determining that the secure entity is also in the secure guest mode, loading a secure guest entity state from the state descriptor for the secure entity into a secure guest entity state in hardware to test, upon dispatch of the secure entity, accesses to pages in memory that are registered as secure.
Nonetheless, this feature would have been made obvious, as evidenced by Rozas.
(1) (Rozas teaches determining, by the secure interface control, e.g. “a control interface (not shown) of the VMM 140 to issue instructions” [0030], of the host server [0094], whether the secure guest entity, e.g. enclaves mapped to section [0029], is also in a secure guest mode [0029] – see attribute bit [0043], e.g. “guest VM-1 150 through guest VM-N 160 may include secure enclaves, such as SE 155 and SE 165, respectively. The SEs 155, 165 provide a secure place for an application of the VMs 150, 160 to execute code and store data inside the context of an OS process. SE 155, 165 are executed based on memory pages in an EPC section of main memory” [0029])
(2) (Rozas teaches, based on determining that the secure entity is also in the secure guest mode [0029, 0043], loading [0022] a secure guest entity state, e.g. information from a control structure [0020-0021], from the state descriptor for the secure entity, e.g. “the allocation, initialization and control of the control structure on a second platform, referred to as platform B” [0022], into a secure guest entity state in hardware to test [0045], upon dispatch of the secure entity, accesses to pages in memory [0018, 0045] that are registered as secure – see relevant citations below: 
- “Access to memory pages associated with the SEs from applications not resident in the SEs is prevented even if such access is attempted by a privileged application such as BIOS, operating systems or virtual machine monitors” [0018]
- “the controlling enclave 180 may validate that the control structure 210 is not in use and sealed by checking an attribute bit of the structure” [0045])
At a time prior to the effective filing date of Applicant’s claimed invention, it would have been obvious to modify Farrell in view of Jin in view of McKeen in view of Sell with the teachings of Rozas. 
One of ordinary skill in the art would recognize the desirability of performing the following modification: Apply these teachings of Rozas with regards to a secure mode for the secure entity of Farrell in view of Jin in view of McKeen in view of Sell.
The motivation would have been as follows: “Once the control structure 210 and accompanying SE 155 and VM 150 data have been transferred, the control structure 210 can be re-built using the information on processing device” [0046 – Rozas].

Response to Amendment
Applicant’s arguments, see “REMARKS”, filed April 26, 2021, with respect to claims 1-2, 4-9, 11-19, 22-25. Those arguments have been considered but are moot in view of the new ground(s) of rejection for claims 1-2, 4-9, 11-19, 22-25.
Examiner recommends that Applicant further amend the claims to overcome the rejection set forth, along with the prior art of record.

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 

Contact Information
Any inquiry concerning this communication or earlier communications from the examiner should be directed to GILLES R KEPNANG whose telephone number is (571)270-7417.  The examiner can normally be reached on Mon thru Fri (8:00 AM to 5:00 PM).
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, LEWIS BULLOCK can be reached on (571)272-3759.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 

USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/GILLES R KEPNANG/Examiner, Art Unit 2199                                                                                                                                                                                                        August 10, 2021




/LEWIS A BULLOCK  JR/Supervisory Patent Examiner, Art Unit 2199