DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This Office Action is in response to the application 16/600273 filed on 10/11/2019.
Claims 1-20 have been examined and are pending in this application.

Specification Objections
The disclosure is objected to as the specification does not include the section “Brief Summary of the invention.”  See MPEP 6.01 and 37 CFR 1.77(b) for detail. 

Claim Objections
Claim 18 is objected to because of the following informalities:  
 Regarding claim 18; Claim 18 should end with period, but it is missing a “.”.  Appropriate correction(s) is required.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person.


Claims 1-3, 5-10, 13-17 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Tamura et al. (“Tamura,” US 2017/0357817), published on December 14, 2017, in view of Poon et al. (“Poon,” US 2018/0063105), published on March 1, 2018.

Regarding claim 1: Tamura discloses a method comprising:
receiving an encrypted file system key associated with a first secure enclave (Tamura: ¶0020 a computing device may encrypt metadata of a file system with a metadata encryption key that is stored with the file system [...] the metadata encryption key is wrapped (i.e., encrypted) prior to storage by a secure circuit (referred to below as a secure enclave processor (SEP)) included in the computing device; ¶0022 provides the metadata encryption key via a secure connection to a memory controller of the memory storing the file system);
receiving a request from a second secure enclave to access a file system associated with the encrypted file system key (Tamura: ¶0020 when a processor distinct from the secure circuit (e.g., a central processing unit (CPU)) later requests access to the file system; ¶0050 SEP 170 receives a request from CPU 120 to provide a wrapped metadata encryption key 166);
in response to receiving the request, decrypting the encrypted file system key with a cryptographic key associated with an enclave manager to obtain a file system key (Tamura: ¶0032 SEP 170 is configured to unwrap [decrypt] a metadata encryption key 116 in response to a request from CPU 120 (or more specifically the operating system executing on CPU 120) to access file system 112 [...] SEP 170 is configured to unwrap a key 166 with another encryption key (e.g., a "master key") derived from entropy supplied by the user (e.g., a user supplied credential) and/or entropy supplied by hardware in computing device 10; ¶0043 SEP 170 provides the decrypted key 166 to NVM controller 160).
Tamura does not explicitly disclose encrypting, by a processing device, the file system key based on another cryptographic key associated with the second secure enclave to generate a re-encrypted file system key and providing the re-encrypted file system key to the second secure enclave.
However, Poon discloses encrypting, by a processing device, the file system key based on another cryptographic key associated with the second secure enclave to generate a re-encrypted file system key (Poon: ¶0125 the key generation unit 910 may generate a re-encryption key using at least one of the [...] the recipient's identity, the tag attached to the encrypted content key, and the recipient's public key); and
providing the re-encrypted file system key to the second secure enclave (Poon: ¶0125 the encrypted content key may be transformed to a transformation key in the key computation unit 914 using the re-encryption key [...] the key management unit 912 may further transmit the transformation key to the communication unit 834 to make the transformation key available to the recipient).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate teaching of Poon with the system and method of Tamura to include encrypting the file system key based on another cryptographic key associated with the second secure enclave to generate a re-encrypted file system key to provide users with a means for embedding an enciphered key within enciphered data may allow for secure data sharing between a sender and a recipient (Poon: ¶0036).

Regarding claim 2: Tamura in view of Poon discloses the method of claim 1.
Poon further discloses wherein the re-encrypted file system key is used to utilize the file system at the second secure enclave (Poon: ¶0126 the recipient may receive the encrypted data and the transformation key by using the encryption application to read the encrypted data and the transformation key into the user device (e.g., the recipient's device 808 ofFIG.8)).
The motivation is the same that of claim 1 above.

Regarding claim 3: Tamura in view of Poon discloses the method of claim 1.
Poon further discloses verifying a signature of the second secure enclave in response to receiving the request, wherein the decrypting of the encrypted file system key is further in response to verifying the signature of the second secure enclave (Poon: ¶0075 keys may be exchanged securely using an authentication process 380. The authentication process 380 may be a two-way authentication process [...] the two-way authentication process may involve a digital signature. The authentication process 380 may be employed to verify the request of the recipient 350 to receive the message and the request of the sender 310 to send the access token to the recipient 350. The authentication process 380 may verify the request of the recipient 350 by checking that the recipient's signature is correct using the recipient's public key).
The motivation is the same that of claim 1 above.

Regarding claim 5: Tamura in view of Poon discloses the method of claim 1.
Poon further discloses signing the re-encrypted file system key with a particular key that is associated with the enclave manager, wherein re-encrypted file system key that is signed is provided to the second secure enclave (Poon: ¶0083 the server 620 may authenticate that the re-encryption key 624 generated by data owner 510 by verifying the digital signature of the data owner 510 using the data owner's public key 512. The data owner 510 may generate and send the re-encryption key 624 to the server 620, and the server 620 may verify digital signature of the data owner 510).
The motivation is the same that of claim 1 above.

Regarding claim 6: Tamura in view of Poon discloses the method of claim 1.
Tamura further discloses wherein the encrypted file system key associated with the first secure enclave corresponds to a particular file system key that is derived based on a first secure enclave key of the first secure enclave (Tamura: ¶0020 a computing device may encrypt metadata of a file system with a metadata encryption key that is stored with the file system [...] the metadata encryption key is wrapped (i.e., encrypted) prior to storage by a secure circuit (referred to below as a secure enclave processor (SEP))).

Regarding claim 7: Tamura in view of Poon discloses the method of claim 6.
Tamura further discloses wherein the particular file system key is an internal cryptographic key of a processor that is providing the first secure enclave and is not accessible by the second secure enclave (Tamura: ¶0032 secure enclave processor (SEP) 170 is a secure circuit configured to provide unwrapped metadata encryption keys 116 to NVM controller 160 [...] the term "secure circuit" refers to a circuit that protects an isolated, internal resource from being directly accessed by an external circuit such as processor 120 and peripherals 130).

Regarding claim 8: Tamura discloses a system comprising:
a memory (Tamura: fig. 1); and
a processing device, operatively coupled with the memory (Tamura: fig. 1), to:
receive an encrypted file system key associated with a first secure enclave (Tamura: ¶0020 a computing device may encrypt metadata of a file system with a metadata encryption key that is stored with the file system [...] the metadata encryption key is wrapped (i.e., encrypted) prior to storage by a secure circuit (referred to below as a secure enclave processor (SEP)) included in the computing device; ¶0022 provides the metadata encryption key via a secure connection to a memory controller of the memory storing the file system);
receive a request from a second secure enclave to access a file system associated with the encrypted file system key (Tamura: ¶0020 when a processor distinct from the secure circuit (e.g., a central processing unit (CPU)) later requests access to the file system; ¶0050 SEP 170 receives a request from CPU 120 to provide a wrapped metadata encryption key 166);
in response to receiving the request, decrypt the encrypted file system key with a cryptographic key associated with an enclave manager to obtain a file system key (Tamura: ¶0032 SEP 170 is configured to unwrap [decrypt] a metadata encryption key 116 in response to a request from CPU 120 (or more specifically the operating system executing on CPU 120) to access file system 112 [...] SEP 170 is configured to unwrap a key 166 with another encryption key (e.g., a "master key") derived from entropy supplied by the user (e.g., a user supplied credential) and/or entropy supplied by hardware in computing device 10; ¶0043 SEP 170 provides the decrypted key 166 to NVM controller 160).
Tamura does not explicitly disclose encrypt the file system key based on another cryptographic key associated with the second secure enclave to generate a re-encrypted file system key and provide the re-encrypted file system key to the second secure enclave.
However, Poon discloses encrypt the file system key based on another cryptographic key associated with the second secure enclave to generate a re-encrypted file system key (Poon: ¶0125 the key generation unit 910 may generate a re-encryption key using at least one of the [...] the recipient's identity, the tag attached to the encrypted content key, and the recipient's public key); and
provide the re-encrypted file system key to the second secure enclave (Poon: ¶0125 the encrypted content key may be transformed to a transformation key in the key computation unit 914 using the re-encryption key [...] the key management unit 912 may further transmit the transformation key to the communication unit 834 to make the transformation key available to the recipient).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate teaching of Poon with the system and method of Tamura to include encrypting the file system key based on another cryptographic key associated with the second secure enclave to generate a re-encrypted file system key to provide users with a means for embedding an enciphered key within enciphered data may allow for secure data sharing between a sender and a recipient (Poon: ¶0036).

Regarding claim 9: Tamura in view of Poon discloses the system of claim 8.
Poon further discloses wherein the re-encrypted file system key is used to utilize the file system at the second secure enclave (Poon: ¶0126 the recipient may receive the encrypted data and the transformation key by using the encryption application to read the encrypted data and the transformation key into the user device (e.g., the recipient's device 808 ofFIG.8)).
The motivation is the same that of claim 8 above.

Regarding claim 10: Tamura in view of Poon discloses the system of claim 8.
Poon further discloses verify a signature of the second secure enclave in response to receiving the request, wherein the decrypting of the encrypted file system key is further in response to verifying the signature of the second secure enclave (Poon: ¶0075 keys may be exchanged securely using an authentication process 380. The authentication process 380 may be a two-way authentication process [...] the two-way authentication process may involve a digital signature. The authentication process 380 may be employed to verify the request of the recipient 350 to receive the message and the request of the sender 310 to send the access token to the recipient 350. The authentication process 380 may verify the request of the recipient 350 by checking that the recipient's signature is correct using the recipient's public key).
The motivation is the same that of claim 8 above.

Regarding claim 13: Tamura in view of Poon discloses the system of claim 8.
Tamura further discloses wherein the encrypted file system key associated with the first secure enclave corresponds to a particular file system key that is derived based on a first secure enclave key of the first secure enclave (Tamura: ¶0020 a computing device may encrypt metadata of a file system with a metadata encryption key that is stored with the file system [...] the metadata encryption key is wrapped (i.e., encrypted) prior to storage by a secure circuit (referred to below as a secure enclave processor (SEP))).

Regarding claim 14: Tamura in view of Poon discloses the system of claim 13.
Tamura further discloses wherein the particular file system key is an internal cryptographic key of a processor that is providing the first secure enclave and is not accessible by the second secure enclave (Tamura: ¶0032 secure enclave processor (SEP) 170 is a secure circuit configured to provide unwrapped metadata encryption keys 116 to NVM controller 160 [...] the term "secure circuit" refers to a circuit that protects an isolated, internal resource from being directly accessed by an external circuit such as processor 120 and peripherals 130).

Regarding claim 15: Tamura discloses a non-transitory computer readable medium comprising data that, when accessed by a processing device, cause the processing device to perform operations comprising:
receiving an encrypted file system key associated with a first secure enclave (Tamura: ¶0020 a computing device may encrypt metadata of a file system with a metadata encryption key that is stored with the file system [...] the metadata encryption key is wrapped (i.e., encrypted) prior to storage by a secure circuit (referred to below as a secure enclave processor (SEP)) included in the computing device; ¶0022 provides the metadata encryption key via a secure connection to a memory controller of the memory storing the file system);
receiving a request from a second secure enclave to access a file system associated with the encrypted file system key (Tamura: ¶0020 when a processor distinct from the secure circuit (e.g., a central processing unit (CPU)) later requests access to the file system; ¶0050 SEP 170 receives a request from CPU 120 to provide a wrapped metadata encryption key 166);
in response to receiving the request, decrypting the encrypted file system key with a cryptographic key associated with an enclave manager to obtain a file system key (Tamura: ¶0032 SEP 170 is configured to unwrap [decrypt] a metadata encryption key 116 in response to a request from CPU 120 (or more specifically the operating system executing on CPU 120) to access file system 112 [...] SEP 170 is configured to unwrap a key 166 with another encryption key (e.g., a "master key") derived from entropy supplied by the user (e.g., a user supplied credential) and/or entropy supplied by hardware in computing device 10; ¶0043 SEP 170 provides the decrypted key 166 to NVM controller 160).
Tamura does not explicitly disclose encrypting the file system key based on another cryptographic key associated with the second secure enclave to generate a re-encrypted file system key and providing the re-encrypted file system key to the second secure enclave.
However, Poon discloses encrypting the file system key based on another cryptographic key associated with the second secure enclave to generate a re-encrypted file system key (Poon: ¶0125 the key generation unit 910 may generate a re-encryption key using at least one of the [...] the recipient's identity, the tag attached to the encrypted content key, and the recipient's public key); and
providing the re-encrypted file system key to the second secure enclave (Poon: ¶0125 the encrypted content key may be transformed to a transformation key in the key computation unit 914 using the re-encryption key [...] the key management unit 912 may further transmit the transformation key to the communication unit 834 to make the transformation key available to the recipient).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate teaching of Poon with the system and method of Tamura to include encrypting the file system key based on another cryptographic key associated with the second secure enclave to generate a re-encrypted file system key to provide users with a means for embedding an enciphered key within enciphered data may allow for secure data sharing between a sender and a recipient (Poon: ¶0036).

Regarding claim 16: Tamura in view of Poon discloses the non-transitory computer readable medium of claim 15.
Poon further discloses wherein the re-encrypted file system key is used to utilize the file system at the second secure enclave (Poon: ¶0126 the recipient may receive the encrypted data and the transformation key by using the encryption application to read the encrypted data and the transformation key into the user device (e.g., the recipient's device 808 ofFIG.8)).
The motivation is the same that of claim 15 above.

Regarding claim 17: Tamura in view of Poon discloses the non-transitory computer readable medium of claim 15.
Poon further discloses verifying a signature of the second secure enclave in response to receiving the request, wherein the decrypting of the encrypted file system key is further in response to verifying the signature of the second secure enclave (Poon: ¶0075 keys may be exchanged securely using an authentication process 380. The authentication process 380 may be a two-way authentication process [...] the two-way authentication process may involve a digital signature. The authentication process 380 may be employed to verify the request of the recipient 350 to receive the message and the request of the sender 310 to send the access token to the recipient 350. The authentication process 380 may verify the request of the recipient 350 by checking that the recipient's signature is correct using the recipient's public key).
The motivation is the same that of claim 15 above.

Regarding claim 20: Tamura in view of Poon discloses the non-transitory computer readable medium of claim 15.
Tamura further discloses wherein the encrypted file system key associated with the first secure enclave corresponds to a particular file system key that is derived based on a first secure enclave key of the first secure enclave (Tamura: ¶0020 a computing device may encrypt metadata of a file system with a metadata encryption key that is stored with the file system [...] the metadata encryption key is wrapped (i.e., encrypted) prior to storage by a secure circuit (referred to below as a secure enclave processor (SEP))).


Claims 4, 11-12 and 18-19 are rejected under 35 U.S.C. 103 as being unpatentable over Tamura et al. (“Tamura,” US 2017/0357817), published on December 14, 2017, in view of Poon et al. (“Poon,” US 2018/0063105), published on March 1, 2018, and Levy et al. (“Levy,” US 2018/0167220), published on June 14, 2018.

Regarding claim 4: Tamura in view of Poon discloses the method of claim 1.
Tamura in view of Poon does not explicitly disclose receiving a policy associated with the encrypted file system key and determining whether the second secure enclave satisfies one or more conditions associated with the policy, wherein the decrypting of the encrypted file system key is further in response to determining that the second secure enclave satisfies the one or more conditions.
However, Levy discloses receiving a policy associated with the encrypted file system key (Levy: ¶0076 the key usage enforcement component 702 may receive cryptographic keys 718 (e.g., from a key management system) and one or more policies 720 to configure the key usage enforcement component to utilize the cryptographic keys 718 in compliance with the one or more policies 720); and
determining whether the second secure enclave satisfies one or more conditions associated with the policy, wherein the decrypting of the encrypted file system key is further in response to determining that the second secure enclave satisfies the one or more conditions (Levy: ¶0061 determining the usage amount such as by analyzing one or more usage logs and in particular analyzing records of key usage logs associated with the cryptographic key. The determined 512 updated usage amount for the cryptographic key may be used to determine 514 whether to perform a key rotation process; ¶0062 if, however, it is determined 514 to perform the key rotation process, the process 500 may include determining 516 a set of records to be re-encrypted for compliance with one or more key usage limits).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate teaching of Levy with the system and method of Tamura and Poon to include determining whether the second secure enclave satisfies one or more conditions associated with the policy to provide users with a means for providing policies whose enforcement constrains use of the cryptographic key (Levy: ¶0034).

Regarding claim 11: Tamura in view of Poon discloses the system of claim 8.
Tamura in view of Poon does not explicitly disclose receive a policy associated with the encrypted file system key and determine whether the second secure enclave satisfies one or more conditions associated with the policy, wherein the decrypting of the encrypted file system key is further in response to determining that the second secure enclave satisfies the one or more conditions.
However, Levy discloses receive a policy associated with the encrypted file system key (Levy: ¶0076 the key usage enforcement component 702 may receive cryptographic keys 718 (e.g., from a key management system) and one or more policies 720 to configure the key usage enforcement component to utilize the cryptographic keys 718 in compliance with the one or more policies 720); and
determine whether the second secure enclave satisfies one or more conditions associated with the policy, wherein the decrypting of the encrypted file system key is further in response to determining that the second secure enclave satisfies the one or more conditions (Levy: ¶0061 determining the usage amount such as by analyzing one or more usage logs and in particular analyzing records of key usage logs associated with the cryptographic key. The determined 512 updated usage amount for the cryptographic key may be used to determine 514 whether to perform a key rotation process; ¶0062 if, however, it is determined 514 to perform the key rotation process, the process 500 may include determining 516 a set of records to be re-encrypted for compliance with one or more key usage limits).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate teaching of Levy with the system and method of Tamura and Poon to include determining whether the second secure enclave satisfies one or more conditions associated with the policy to provide users with a means for providing policies whose enforcement constrains use of the cryptographic key (Levy: ¶0034).

Regarding claim 12: Tamura in view of Poon and Levy discloses the system of claim 11.
Levy further discloses wherein the one or more conditions are associated with an identification of an application provided by the second secure enclave (Levy: ¶0028 a system configured to access and provide ciphertexts is configured with a trusted platform module (TPM) or other cryptographic module that is operable to generate attestations to the state of a computing environment in which the system operates. The attestations may be or may be otherwise based at least in part on cryptographic hashes of executable and/or other code used by the system, such as application code, firmware code, and/or operating system code).
The motivation is the same that of claim 11 above.

Regarding claim 18: Tamura in view of Poon discloses the non-transitory computer readable medium of claim 15.
Tamura in view of Poon does not explicitly disclose receiving a policy associated with the encrypted file system key and determining whether the second secure enclave satisfies one or more conditions associated with the policy, wherein the decrypting of the encrypted file system key is further in response to determining that the second secure enclave satisfies the one or more conditions.
However, Levy discloses receiving a policy associated with the encrypted file system key (Levy: ¶0076 the key usage enforcement component 702 may receive cryptographic keys 718 (e.g., from a key management system) and one or more policies 720 to configure the key usage enforcement component to utilize the cryptographic keys 718 in compliance with the one or more policies 720); and
determining whether the second secure enclave satisfies one or more conditions associated with the policy, wherein the decrypting of the encrypted file system key is further in response to determining that the second secure enclave satisfies the one or more conditions (Levy: ¶0061 determining the usage amount such as by analyzing one or more usage logs and in particular analyzing records of key usage logs associated with the cryptographic key. The determined 512 updated usage amount for the cryptographic key may be used to determine 514 whether to perform a key rotation process; ¶0062 if, however, it is determined 514 to perform the key rotation process, the process 500 may include determining 516 a set of records to be re-encrypted for compliance with one or more key usage limits).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate teaching of Levy with the system and method of Tamura and Poon to include determining whether the second secure enclave satisfies one or more conditions associated with the policy to provide users with a means for providing policies whose enforcement constrains use of the cryptographic key (Levy: ¶0034). 

Regarding claim 19: Tamura in view of Poon and Levy discloses the non-transitory computer readable medium of claim 18.
Levy further discloses wherein the one or more conditions are associated with an identification of an application provided by the second secure enclave (Levy: ¶0028 a system configured to access and provide ciphertexts is configured with a trusted platform module (TPM) or other cryptographic module that is operable to generate attestations to the state of a computing environment in which the system operates. The attestations may be or may be otherwise based at least in part on cryptographic hashes of executable and/or other code used by the system, such as application code, firmware code, and/or operating system code).
The motivation is the same that of claim 18 above.


Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Fahimeh Mohammadi whose telephone number is (571)270-7857.  The examiner can normally be reached on Monday - Friday 9:00 - 5:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu Pham can be reached on 5712705002.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/FAHIMEH MOHAMMADI/    Examiner, Art Unit 2439