DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Remarks
In a response filed on July 27, 2021 (the “Response”), Applicant amends claims 11 and 20.
Claims 1-21 are presented for examination.
Response to Arguments
Applicant’s arguments submitted July 27, 2021 have been fully considered, but they are not persuasive.
On page 10, in the Remarks section of the Response, Applicant argues:
“Quotation marks are used ... To enclose direct quotations.”

Examiner agrees with Applicant’s instant argument.  For example, as set forth in the prior art rejections below, quotation marks are used to enclose direct quotations from the prior art of record.
On page 10 of the Response, Applicant also argues:
“in the rejection, quotation marks appear to be used to enclose disputed alleged characterizations rather than direct quotation”

However, Examiner respectfully disagrees with Applicant’s instant argument because no prior art rejection of the instant application includes a parenthetical that uses quotation marks “to enclose disputed alleged characterizations rather than direct quotation.”  For example, Examiner respectfully submits, every parenthetical of the 
Notwithstanding, Examiner notes that the parentheticals of the prior art rejections are not intended to replicate the prior art references in their entirety.  Rather, Examiner further notes, these parentheticals are actually intended to serve as annotations that map (i.e., correlate) a claim limitation to the portion(s) of the prior art reference(s) that the claim limitation reads on.  Accordingly, although every pair of quotation marks within the prior art rejections’ parentheticals includes a direct quotation, some quotation marks may also map a direct quote through the use of a reference character or backslash (“/”).
On pages 10-11, Applicant argues:
“the Office Action...rejection purports to quote directly from paragraphs 62 and 21 of Axnix I []see...the reproduced excerpt...¶ 62 ‘memory controller 218’; ¶ 21 ‘ASIC/system 212 comprises processor 216 and memory 60’...however, neither paragraph 62 nor paragraph 21...contain the language...quoted....”

However, Examiner respectfully disagrees with Applicant’s instant argument because paragraph 21 of Axnix I reads as follows:
“In FIG. 1 a system diagram of a computer system 212 with a crypto unit 50 according to an embodiment of the present invention is depicted.  The computer system 212 comprises the processor 216 and the main memory 60.  The processor 216 is configured to have support, in this embodiment in particular hardware support, for execution of multiple virtual machines 10, 16.  The memory 60 is accessible in pages of equal size, for instance.  It should be noted that the pages having equal size is not obligatory.  In an alternative embodiment the page size can differ, e.g. some pages with 4K size and some with 1 MB size.  The computer system further comprises the crypto unit 50 arranged logically in data transfer between the processor 216 and the memory 60 to encrypt or decrypt, respectively, pages written to or read from the memory 60 by the processor 216 by using an encryption key 30 stored in the crypto unit 50.  The crypto unit 50 may be advantageously configured on a cache level between the processor 216 and the memory 60.”  (Emphasis added.)


In addition, Examiner also disagrees with Applicant’s instant argument because paragraph 62 of Axnix I reads as follows:
“Bus 218 represents one or more of any of several types of bus structures, including a memory bus or memory controller, a peripheral bus, an accelerated graphics port, and a processor or local bus using any of a variety of bus architectures.  By way of example, and not limitation, such architectures include Industry Standard Architecture (ISA) bus, Micro Channel Architecture (MCA) bus, Enhanced ISA (EISA) bus, Video Electronics Standards Association (VESA) local bus, and Peripheral Component Interconnect (PCI) bus.”  (Emphasis added.)

Examiner notes that not only does the cited text include a direct quotation of paragraph 62 (i.e., “memory controller”), but the cited text also maps the direct quotation to the bus 218 that includes the cited “memory controller,” as set forth in paragraph 62.
On page 11, Applicant argues:
“the rejection fails to clearly indicate what element of Axnix I allegedly corresponds to the recited system bus.”

However, Examiner respectfully disagrees with Applicant’s instant argument because: in the very next paragraph at the top of page 12 of the Response, Applicant contradicts its instant argument with the following admission:
“the rejection of claim 1...asserting that element 218 of Axnix I is simultaneously both a system bus and a memory controller, the rejection concurrently asserts that....”

inter alia that Axnix I teaches:
“the first memory controller is connected to the first processor via the system bus (¶ 61 ‘bus 218 [] couples various system components…to processor 216’; ¶ 62 ‘Bus 218 represents…bus structures, including a…memory controller’)....”

Accordingly, Examiner respectfully submits that the standing prior art rejection of the claims clearly indicates that the “bus” element of Axnix I corresponds to the recited system bus.
On page 12, Applicant argues:
“Confusingly, the rejection of claim 1 appears to subsequently assert that element 218 of Axnix I – identified earlier in the rejection as ‘memory controller 218’ (emphasis added) - is also simultaneously ‘bus 218’ (emphasis added) that ‘represents...bus structures, including a...memory controller’.”

However, Examiner respectfully disagrees with Applicant’s instant argument because there is absolutely nothing confusing about the disclosure of paragraph 62 of Axnix I (i.e., “Bus 218 represents…bus structures, including a…memory controller”).
On page 12, Applicant also argues:
“Conflictingly, while asserting that element 218 of Axnix I is simultaneously both a system bus and a memory controller, the rejection concurrently asserts that ‘the exemplary architectures of Axnix I [e.g., PCI] implicitly disclose that Axnix I’s bus and memory controller may be distinct from one another.’  Notably, however, no further support or explanation is provided for this extraordinary assertion that two elements are both the same and distinct – in contravention of MPEP §2112, which requires that, ‘In relying upon the theory of inherency, the examiner must provide a basis in fact and/or technical reasoning to reasonably support the determination that the allegedly inherent characteristic necessarily flows from the teachings of the applied prior art’....”


In addition, Examiner respectfully submits that there is no conflict in paragraph 62 of Axnix I’s disclosure that “[b]us 218 represents…bus structures, including a… memory controller,” nor is there any conflict in the assertion that “Axnix I’s bus and memory controller may be distinct from one another” because paragraph 62 of Axnix I reads as follows:
“Bus 218 represents one or more of any of several types of bus structures, including a memory bus or memory controller, a peripheral bus, an accelerated graphics port, and a processor or local bus using any of a variety of bus architectures.  By way of example, and not limitation, such architectures include Industry Standard Architecture (ISA) bus, Micro Channel Architecture (MCA) bus, Enhanced ISA (EISA) bus, Video Electronics Standards Association (VESA) local bus, and Peripheral Component Interconnect (PCI) bus.”

Therefore, Examiner respectfully submits that there is no conflict in asserting that the exemplary architecture disclosed in paragraph 62 of Axnix I (where bus 218 represents a “bus structure[] including a...memory controller”) “implicitly disclose that Axnix I’s bus and memory controller may be distinct from one another” because: that is the inference that one skilled in the art would reasonably expect from, for example, a PCI bus architecture implementation of Axnix I’s “bus structure[] including a...memory controller.”
Notwithstanding, as set forth in the prior art rejection below, Sela teaches:
“a first memory controller (22, FIGS. 1-2) is distinct from the system bus (¶ 29 ‘the memory controller 22 may contain logic for communicating over the host connection 30’; note: as depicted in FIG. 1, Sela’s memory controller 22 is distinct from both bus 12 and connection 30, which implicitly also reads on the term ‘bus’ [see ¶ 29, 30])....”

On page 12, Applicant further argues:
arguendo that Axnix I teaches a memory bus that includes a memory controller...then it...cannot be said to teach that the first memory controller is distinct from the system bus – it would, on the contrary, teach away from that.”

However, Examiner respectfully disagrees with Applicant’s instant argument because, as stated in item 9 above, there is no conflict in asserting that the exemplary architecture disclosed in paragraph 62 of Axnix I (where bus 218 represents a “bus structure[] including a...memory controller”) “implicitly disclose that Axnix I’s bus and memory controller may be distinct from one another” because: that is the inference that one skilled in the art would reasonably expect from, for example, a PCI bus architecture implementation of Axnix I’s “bus structure[] including a...memory controller.”  Notwithstanding, as set forth in the prior art rejection below, Sela teaches:
“a first memory controller (22, FIGS. 1-2) is distinct from the system bus (¶ 29 ‘the memory controller 22 may contain logic for communicating over the host connection 30’; note: as depicted in FIG. 1, Sela’s memory controller 22 is distinct from both bus 12 and connection 30, which implicitly also reads on the term ‘bus’ [see ¶ 29, 30])....”

On page 12, Applicant moreover argues:
“The rejections motivation to combine Sela with the other references doesn’t make sense.”

However, Examiner respectfully disagrees with Applicant’s instant argument for at least the following reasons.  Examiner’s rationale for combining Sela with the prior art of record is as follows:
“Before the effective filing date of the invention, one of ordinary skill in the art would have recognized the ability to utilize the teachings of Sela (1) for a memory controller that is not a bus and (2) for incorporating a memory cryptography circuit into a memory controller.  The teachings of Sela, when used within the system of Axnix I in view of Jahid’s memory controller, will: (1) detail a topology of the system’s architecture by delineating the difference between the system’s bus and its memory controller; and (2) improve the security of the system’s memory cryptography circuit by ‐claimed invention.”

Accordingly, Examiner’s rationale for combining Sela with the prior art of record’s memory controller is inter alia that Sela’s teachings for a memory controller that is not a bus, will detail a topology of the system’s architecture by delineating the difference between the system’s bus and its memory controller.  Additionally, Examiner’s rational for combining Sela with the prior art of record’s memory controller is also that Sela’s teachings for incorporating a memory cryptography circuit into a memory controller and, thereby, protect the memory cryptography circuit from tampering.
Therefore, Examiner respectfully submits that Examiner’s rationale for combining Sela with the prior art of record actually does make sense because: (1) delineating the difference between the bus of Axnix I and its memory controller, provides an informative detail (i.e., where the bus ends and the memory controller begins) for implementation of the topology of the system’s architecture; and (2) concealing a memory cryptography circuit within a memory controller, may protect the memory cryptography circuit from tampering by enclosing it within the memory controller.
On page 12, Applicant also argues:
“The rejection argues that Sela’s teachings of ‘a memory controller that is not a bus’ should be combined with Axnix I’s alleged teachings of a system bus that comprises a memory controller.  These are contradictory designs....

However, Examiner respectfully disagrees with Applicant’s instant argument because: Axnix I discloses that a system bus that comprises a memory controller, and such disclosure indicates that Axnix’s “bus” and “memory controller” are not the same thing.  not contradictory for a bus to include a memory controller that is not the bus itself because: Axnix’s “bus” and “memory controller” are not the same thing.
In the second to last sentence on page 12, Applicant argues that “Sela does not even mention the term ‘system bus’.”  However, Applicant’s instant argument is nonresponsive because it fails to address Examiner’s actual position.  For example, Examiner’s position is not that Sela mentions the term “system bus.”  Rather, Examiner’s actual position is inter alia that a disclosure of Sela (e.g., connection 30) reads on the “system bus” element of Applicant’s claims.
On page 13, Applicant argues:
“disclosed in paragraphs 61 and 62 of Axnix I, which allegedly teach ‘bus 218 [] couples various system components...to processor 216’ and ‘Bus 218 represents...bus structures, including a...memory controller.”  It seems that the rejection is asserting that Axnix I teaches a bus that includes an unshown and undescribed ‘memory controller’ that connects itself, to a first processor, via itself.  This assertion does not make sense and is not supported by Fig. 13 of Axnix I....”

Examiner respectfully disagrees with Applicant’s instant argument because bus 218 of Axnix I actually is connected to the first processor, as set forth in FIG. 13 of Axnix I.
Ironically, Applicant’s instant argument appears to be the assertion that “does not make sense and is not supported by Fig. 13 of Axnix I” because: Applicant’s instant argument appears to be either that paragraph 62 of Axnix I does not disclose a memory controller or that the memory controller disclosed in paragraph 62 of Axnix I is not connected to processor 216 of Axnix I, neither of which makes sense or finds support in FIG. 13 of Axnix I.
not connected to processor 216 of Axnix I because this connection is explicitly: (1) depicted in FIG. 13 of Axnix I; and (2) discussed in paragraph 61 of Axnix I (e.g., “a bus 218 that couples various system components including system memory 228 to processor 216”).  And Examiner further submits, it is unreasonable to argue that bus 218 of Axnix I cannot also be connected to a memory controller because this interconnection is explicitly disclosed in paragraph 62 of Axnix I (e.g., “[b]us 218 represents…bus structures, including a…memory controller”).
On page 13, Applicant also argues:
“the figure does not show any memory controller connected to a processor via a system bus – let alone claim 1’s recited memory controller.”

However, Examiner respectfully submits that Applicant’s instant argument is nonresponsive because it fails to address Examiner’s actual prior art position.
For example, Examiner’s position is not that “the figure” shows “any memory controller connected to a processor” or “claim 1’s recited memory controller.”  Rather, Examiner’s actual position is inter alia that the disclosure of Axnix I reads on the disputed feature of Applicant’s instant argument because: (1) paragraph 62 of Axnix I discloses that “[b]us 218 represents…bus structures, including a…memory controller”; and (2) paragraph 61 of Axnix I discloses “a bus 218 that couples various system components including system memory 228 to processor 216.”
On page 13, Applicant further argues:
“the figure does not show...claim 1’s recited memory controller, which is distinct from the first RAM and the system bus and that comprises a memory cryptography circuit....”


For example, Examiner’s position is not that “the figure” shows “claim 1’s recited memory controller, which is distinct from the first RAM and the system bus and that comprises a memory cryptography circuit....”  Rather, as set forth in the prior art rejections below, Examiner’s actual position is inter alia that Axnix I teaches:
“the first memory controller is distinct from a first RAM (230, FIG. 13) and from the system bus (¶ 62 “memory controller 218”; ¶ 64 “system memory can include…RAM 230”; note: the exemplary architectures of Axnix I [e.g., PCI] implicitly disclose that Axnix I’s bus and memory controller may be distinct from one another [see ¶ 62])....”

In addition, Examiner’s actual position is also that Sela teaches:
“a first memory controller (22, FIGS. 1-2) is distinct from the system bus (¶ 29 “the memory controller 22 may contain logic for communicating over the host connection 30”; note: as depicted in FIG. 1, Sela’s memory controller 22 is distinct from both bus 12 and connection 30, which implicitly also reads on the term “bus” [see ¶ 29, 30]);
the first memory controller comprises a memory cryptography circuit (¶ 34 “keystore/cryptographic keys are stored…in the memory controller 22…a first-type cryptographic engine/computation algorithm is stored in ROM in the memory controller 22”; note: Sela’s memory cryptography circuit may be the combination of the circuitry storing its “cryptographic keys” and “computation algorithm” [see ¶ 34]).”

On pages 13-14, Applicant argues:
“The rejection of claim 1 asserts that a proposed combination of references would teach the feature of a keystore configured to receive a KID from one of a plurality of KID input paths to the memory cryptography circuit.  The Applicant respectfully submits that cited references do not teach this feature.”

However, Examiner respectfully disagrees with Applicant’s instant argument for at least the following reasons.
inter alia Axnix I teaches: 
“a keystore (68, FIG. 1)...(¶ 23 ‘look-up table 80 is stored in the protected memory 68’...¶ 53 ‘key 32 is loaded from table 80’).”

In addition, as further set forth in the prior art rejections below, Examiner also submits that inter alia Jahid teaches the following feature:
“configured to receive a KID (350, FIG. 3) from one of a plurality of KID inputs to the memory cryptography circuit (¶ 43, 48 ‘ticket…contains an encryption key identifier/KID input’; ¶ 50 ‘receive/send 430 an encryption key request that includes the ticket to the key manager/keystore [i.e., memory cryptography circuit]’; note: it is implicit that KID input 350 is selected from a plurality of possible KID inputs, which each point to a different encryption key [see ¶ 43])....”

And the teachings of Jahid for receiving a KID, when used within the existing system of Axnix I’s keystore, will improve the system by: (1) providing it with a straightforward and thus efficient scheme for identifying a specific key in the keystore and, thereby, (2) enabling the keystore to provide specified keys.
Moreover, Examiner further submits that Nakanishi teaches:
“wherein one of a plurality of KID inputs to a memory cryptography circuit (120, FIG. 2) is one of a plurality of KID input paths (example: 251 and 252, FIG. 2) (¶ 16, 30, 32, 33, 37 ‘paths/communication portions 251, 252...output the inputs/IDs or...the key information inputted’).”

And the foregoing teachings of Nakanishi, when used with the system of Axnix I in view of Jahid’s memory cryptography circuit, will improve the memory cryptography circuit by enabling it to receive the system’s plurality of KID inputs from a plurality of sources.
Hence, Examiner respectfully submits that the limitation of Applicant’s instant argument (i.e., “a keystore configured to receive a KID from one of a plurality of KID 
On page 14, Applicant argues:
“the rejection refers to an alleged disclosure in Jahid of a ‘KID input’ in quotation marks, although Jahid nowhere uses that phrase.”

In response, Examiner notes that Applicant’s instant argument (i.e., “a ‘KID input’ ...Jahid nowhere uses that phrase”) is nonresponsive because it does not address Examiner’s actual position.
To be specific, Examiner’s position is not that Jahid uses the phrase “KID input.”  Rather, Examiner’s position is inter alia (1) that the phrase that paragraph 48 of Jahid actually uses is “an encryption key identifier,” and (2) that the broadest reasonable interpretation of the phrase “KID input” reads on Jahid’s “encryption key identifier.”
Accordingly, as previously state in item 5 above, Examiner again notes that:
“although every pair of quotation marks within the prior art rejections’ parentheticals includes a direct quotation, some quotation marks may also map a direct quote through the use of a reference character or backslash (‘/’).”

On page 14, Applicant also argues:
“the reliance on Jahid appears to misconstrue ‘a plurality of KID inputs to the memory cryptography circuit’ as ‘a plurality of KIDs input to the memory cryptography circuit,’ which are not, in fact, equivalent.”

However, Examiner notes that the limitation upon which Applicant’s instant argument relies (i.e., “a plurality of KID inputs to the memory cryptography circuit”), is merely a fragment of the limitation that is actually rejected as unpatentable over Jahid and, thereby, misconstrues this rejected limitation’s actual feature.
inter alia the limitation “a KID from one of a plurality of KID inputs to [a] memory cryptography circuit,” which Examiner respectfully submits is not equivalent to either of the following limitations of Applicant’s instant argument: “a plurality of KID inputs to the memory cryptography circuit”; and “a plurality of KIDs input to the memory cryptography circuit.”
On page 14, Applicant further argues:
“arbitrator 60...is not the same as a memory cryptography circuit.”

In response, Examiner notes that Applicant’s instant argument is presented without actual support.  However, such conclusory arguments of counsel cannot take the place of factually supported objective evidence.  See MPEP § 2145.
For example, Examiner’s position is inter alia that paragraph 37 of Nakanishi discloses “communications portions 251, 252,” which read on Applicant’s claimed “one of a plurality of KID input paths to a memory cryptography circuit” limitation because: (1) the broadest reasonable interpretation of “a memory cryptography circuit” reads on any circuit of a “cryptographic memory”; and, therefore, (2) Nakanishi’s “communications portions 251, 252” are “one of a plurality of KID inputs to a memory cryptography circuit” since both the management portion 260 and the key information storage portion 120 of Nakanishi represent “circuits” of a cryptographic memory.
On page 14, Applicant moreover argues:
“Nakanishi teaches [] an encryption circuit (e.g., circuit 41 or 42)....”

However, Applicant’s instant argument is nonresponsive because it fails to address Examiner’s actual position.
not that circuit 41 or 42 of Nakanishi reads on the phrase “encryption circuit.”  Rather, as previously stated, Examiner’s actual position is inter alia that both the management portion 260 and the key information storage portion 120 of Nakanishi represent “circuits” of a cryptographic memory.
On page 14, Applicant also argues:
“Nakanishi teaches that an encryption circuit (e.g., circuits 41 or 42) has only one single key information input path (e.g., communication portions 251 or 252), which teaches away from the recited features of claim 1.”

However, Examiner respectfully disagrees with Applicant’s instant argument because it fails to show that Nakanishi’s disclosure actually criticizes, discredits, or otherwise discourages “a plurality of KID input paths.”  See In re Fultoin, 391 F3d 1195 (Fed. Cir. 2004).
Notwithstanding, Examiner respectfully submits that Applicant’s instant argument is nonresponsive because it fails to address Examiner’s actual position.  To be specific, Examiner’s argument is not that “Nakanishi teaches that an encryption circuit (e.g., circuits 41 or 42) has only one single key information input path (e.g., communication portions 251 or 252).”  However, Examiner’s actual position is inter alia that Nakanishi teaches:
“wherein one of a plurality of KID inputs to a memory cryptography circuit (120, FIG. 2) is one of a plurality of KID input paths (example: 251 and 252, FIG. 2) (¶ 16, 30, 32, 33, 37 ‘paths/communication portions 251, 252...output the inputs/IDs or...the key information inputted’).”

On page 14, Applicant argues:
“it cannot be said that the cited references teach a keystore in a memory cryptography circuit in a memory controller, wherein the keystore is configured to received a KID from one of a plurality of KID input paths to the memory cryptography circuit.”



Since Applicant’s argues its remaining claims as per claim 1, Examiner’s rebuttal to Applicant’s foregoing arguments equally applies to Applicant’s remaining arguments.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-4, 6-8, 10, 11, 14-18, 20 and 21 are rejected under 35 U.S.C. 103 as being unpatentable over Axnix et al. (US 2017/0132156 A1, hereinafter Axnix I) in view of Jahid et al. (US 2018/0063103 A1, hereinafter Jahid) further in view of Sela et al. (US 2019/0050602 A1, hereinafter Sela) further in view of in view of Nakanishi et al. (US 2012/0084574 A1, hereinafter Nakanishi).
Regarding claims 1, 14 and 21, Axnix I teaches: an IC system (212, FIG. 1) comprising a first processor (216, FIG. 1), a first memory controller (218, FIG. 13), a system bus, and a first memory (60, FIG. 1 / 228, FIG. 13) (¶ 19, 23, 82 “application-specific integrated circuit”; ¶ 64 “system memory 228”; ¶ 62 “memory controller 218”; ¶ 21 “ASIC/system 212 comprises processor 216 and memory 60”), wherein:
the first memory controller is distinct from a first RAM (230, FIG. 13) and from the system bus (¶ 62 “memory controller 218”; ¶ 64 “system memory can include…RAM 
the first memory controller is connected to the first processor via the system bus (¶ 61 “bus 218 [] couples various system components…to processor 216”; ¶ 62 “Bus 218 represents…bus structures, including a…memory controller”);
the first memory controller is connected to a memory cryptography circuit (¶ 62 “memory controller 218”; note: Axnix I’s memory controller 218 is connected to a memory cryptography circuit 50/68 [see ¶ 21, 27, 62]);
the memory cryptography circuit comprises a keystore (68, FIG. 1) and a first-type cryptographic engine (50, FIG. 1) (¶ 21 “crypto unit 50”; ¶ 23 “look-up table 80 is stored in the protected memory 68”);
the keystore comprises a plurality of storage spaces (80, FIG. 1), each storage space accessible using a corresponding KID (¶ 23 “one or more keys 32 are stored”; ¶ 26 “allocating an identifier 40 and at least one…key 32 for each”); and
the keystore is configured to provide a cryptographic key (32, FIG. 1) stored in a corresponding storage space (¶ 53 “key 32 is loaded from table 80”).
However, Axnix I does not explicitly disclose: wherein the first memory is a RAM; the first memory controller is distinct from the system bus; the first memory controller comprises a memory cryptography circuit; the keystore is configured to receive a KID from one of a plurality of KID input paths to the memory cryptography circuit; accessing, by the keystore, the storage space corresponding to the KID; and the keystore is configured to provide, in response to receiving the KID, a cryptographic key stored in the corresponding storage space.
Jahid teaches:
wherein a first memory is a first RAM (note: Jahid discloses that its RAM can be used for its cryptographic operations [see ¶ 32]),
configured to receive a KID (350, FIG. 3) from one of a plurality of KID inputs to the memory cryptography circuit (¶ 43, 48 “ticket…contains an encryption key identifier/KID input”; ¶ 50 “receive/send 430 an encryption key request that includes the ticket to the key manager/keystore [i.e., memory cryptography circuit]”; note: it is implicit that KID input 350 is selected from a plurality of possible KID inputs, which each point to a different encryption key [see ¶ 43]);
accessing the storage space corresponding to the KID (note: it is implicit that Jahid must access a storage space corresponding to KID 350 in order for Jahid’s “key manager” to provide 440 the key specified by KID 350 [see ¶ 43, 48, 50]); and
configured to provide (440, FIG. 4), in response to receiving (430, FIG. 4) the KID, a cryptographic key stored in the corresponding storage space (¶ 43, 48, 50 “send 430 a encryption key request that includes the ticket/KID to the key manager/keystore”; ¶ 51 “provide/receive 440 the encryption key…from the key manager/ keystore”).
Before the effective filing date of the invention, one of ordinary skill in the art would have recognized the ability to utilize the teachings of Jahid for: (1) using a RAM for cryptographic processing; and (2) providing a cryptographic key in response to receiving its corresponding KID and accessing the cryptographic key’s storage space.  The teachings of Jahid, when respectively used with the existing system of Axnix I’s cryptographic memory and cryptographic key providing functionality, will improve the system by: (1) enabling its cryptographic memory to provide data at faster speeds; and ‐claimed invention.
However, Axnix I in view of Jahid does not explicitly disclose: a first memory controller is distinct from the system bus; the first memory controller comprises a memory cryptography circuit; and wherein one of a plurality of KID inputs to the memory cryptography circuit is one of a plurality of KID input paths.
In an analogous art, Sela teaches:
a first memory controller (22, FIGS. 1-2) is distinct from the system bus (¶ 29 “the memory controller 22 may contain logic for communicating over the host connection 30”; note: as depicted in FIG. 1, Sela’s memory controller 22 is distinct from both bus 12 and connection 30, which implicitly also reads on the term “bus” [see ¶ 29, 30]);
the first memory controller comprises a memory cryptography circuit (¶ 34 “keystore/cryptographic keys are stored…in the memory controller 22…a first-type cryptographic engine/computation algorithm is stored in ROM in the memory controller 22”; note: Sela’s memory cryptography circuit may be the combination of the circuitry storing its “cryptographic keys” and “computation algorithm” [see ¶ 34]).
Before the effective filing date of the invention, one of ordinary skill in the art would have recognized the ability to utilize the teachings of Sela (1) for a memory controller that is not a bus and (2) for incorporating a memory cryptography circuit into a memory controller.  The teachings of Sela, when used within the system of Axnix I in view of Jahid’s memory controller, will: (1) detail a topology of the system’s architecture ‐claimed invention.
However, Axnix I in view of Jahid further in view of Sela does not explicitly disclose, yet Nakanishi teaches: wherein one of a plurality of KID inputs to a memory cryptography circuit (120, FIG. 2) is one of a plurality of KID input paths (example: 251 and 252, FIG. 2) (¶ 16, 30, 32, 33, 37 “paths/communication portions 251, 252...output the inputs/IDs or...the key information inputted”).
Before the effective filing date of the invention, one of ordinary skill in the art would have recognized the ability to utilize the teachings of Nakanishi for: providing one of a plurality of inputs to a memory cryptography circuit, with one of a plurality of input paths to a memory cryptography circuit.  The teachings of Nakanishi, when used with the system of Axnix I in view of Jahid further in view of Sela’s memory cryptography circuit, will improve the memory cryptography circuit by enabling it to receive the system’s plurality of KID inputs from a plurality of sources.  Therefore, examiner concludes that it would have been obvious for one of ordinary skill to arrive at the above-claimed invention.
Regarding claims 2 and 15, Axnix I in view of Jahid further in view of Sela further in view of Nakanishi teaches all of the limitations of claims 1 and 14, as previously stated, and further teaches wherein:

the memory cryptography circuit is configured to:
provide (Jahid: 430, FIG. 4) the first KID (Jahid: 350, FIG. 3) to the keystore (Axnix I: 68, FIG. 1) (Axnix I ¶ 23; Jahid ¶ 43, 48, 50 “send 430 an encryption key request that includes the ticket/KID to the key manager/ keystore”);
provide (Jahid: 420 and 440, FIG. 4), to the first-type cryptographic engine (Axnix I: 50, FIG. 1), the first input block and a first cryptographic key provided (Axnix I: S212, FIG. 12) by the keystore in response to receiving the first KID (Axnix I ¶ 21, 28 “transfer VM specific key 32…to crypto unit 50”; Axnix I ¶ 53 “key 32 of VM 10 loaded is performed”; Jahid ¶ 49 “receive 420 a data message”; Jahid ¶ 51 “receive 440 the encryption key”; note: the key and input block are both provided to crypto-engine for processing [see Jahid ¶ 51]); and
the first-type cryptographic engine is configured to perform (Jahid: 450, FIG. 4) a first-type cryptographic operation on the first input block using the first cryptographic key provided by the keystore (Axnix I ¶ 29, 21 “unit 50 arranged…to encrypt/decrypt”; Jahid ¶ 51).
Before the effective filing date of the invention, one of ordinary skill in the art would have recognized the ability to utilize the teachings of Jahid for having a ‐claimed invention.
Regarding claims 3 and 16, Axnix I in view of Jahid further in view of Sela further in view of Nakanishi teaches all of the limitations of claims 2 and 15, as previously stated, and further teaches wherein:
the first-type cryptographic engine (Axnix I: 50, FIG. 1) is an encryption engine (Axnix I ¶ 29, 21 “unit 50 arranged…to encrypt”; Sela ¶ 34 “a cryptographic engine/ computation algorithm”);
the first-type cryptographic operation is an encryption (Jahid: 450, FIG. 4) of the first input block using the first cryptographic key (Axnix I ¶ 21, 29; Jahid ¶ 51);
the encryption engine outputs a corresponding ciphertext block that is provided to the first RAM (Axnix I ¶ 29, 21 “encrypt…pages written…by using an encryption key stored in unit 50…on a cache/memory”; note: unit 50 must provide its cryptographic result to its cache memory in order to output the result [see Axnix I ¶ 29], and Jahid discloses that its RAM can be the memory used for cryptographic operations [see Jahid ¶ 32]).

the memory cryptography circuit (Axnix I: 50 and 68, FIG. 1) further comprises a decryption engine (Axnix I: 50, FIG. 1)(Axnix I ¶ 29, 21 “unit 50 arranged…to…decrypt”; note: Sela’s memory cryptography circuit may be the combination of the circuitry storing its “cryptographic keys” and “computation algorithm” [see Sela ¶ 34]);
the memory cryptography circuit is configured to receive (Jahid: 420 and 440, FIG. 4) a second input block and a corresponding second KID (Axnix I ¶ 21, 27; Jahid ¶ 49 “receive 420 a data message”; Jahid ¶ 51 “receive 440 the encryption key”; Sela ¶ 34; note: Axnix I discloses more than one KID/a second KID [see Axnix I ¶ 23; FIG. 3], and Jahid may encrypt multiple “data messages”/a second input block [see Jahid ¶ 32]);
the memory cryptography circuit is configured to:
provide (Jahid: 430, FIG. 4) the second KID (Jahid: 350, FIG. 3) to the keystore (Axnix I: 68, FIG. 1) (Jahid ¶ 43, 48, 50 “send 430 an encryption key request that includes the ticket/KID to the key manager/keystore”; note: Axnix I discloses more than one KID/a second KID [see Axnix I ¶ 23; FIG. 3], and Jahid may encrypt multiple “data messages”/a second input block [see Jahid ¶ 32]);
provide (Jahid: 420 and 440, FIG. 4), to the decryption engine, the second input block and a second cryptographic key provided  (Axnix I: S212, FIG. 12) by the keystore in response to receiving the second KID (Axnix I ¶ 21, 28 “transfer VM specific key 32…to crypto unit 50”; Axnix I ¶ 53 “key 32 of VM 10 loaded is performed”; Jahid ¶ 49 “receive 420 a data message”; Jahid ¶ 51 “receive 440 
the decryption engine is configured to perform a decryption operation on the second input block using the second cryptographic key provided by the keystore; and
the decryption engine outputs a corresponding plaintext block (Axnix I ¶ 29, 21 “unit 50 arranged…to…decrypt”; Jahid ¶ 51, 52 “process 400 may also be used to retrieve an encryption key for a data message that must be decrypted”; note: Axnix I discloses more than one KID/a second KID [see Axnix I ¶ 23; FIG. 3], and Jahid may encrypt multiple “data messages”/a second input block [see Jahid ¶ 32]).
Regarding claim 6, Axnix I in view of Jahid further in view of Sela further in view of Nakanishi teaches all of the limitations of claim 2, as previously stated, and further teaches wherein:
the first KID is received (Jahid: 430, FIG. 4) from the first processor (Axnix I ¶ 23; Jahid ¶ 43, 48, 50 “receive/send 430 an encryption key request that includes the ticket/KID by/to the key manager/keystore”);
the first input block is received (Jahid: 420 and 440, FIG. 4) from the first RAM (Axnix I ¶ 21 ”unit 50 arranged logically in data transfer between the processor 216 and memory 60”; Jahid ¶ 49 “receive 420 a data message”; note: Jahid discloses that its “RAM” can be used for its cryptographic operations [see Jahid ¶ 32]),

the first-type cryptographic operation is a decryption of the first input block using the first cryptographic key (Axnix I ¶ 29, 21 “unit 50 arranged…to…decrypt”; Jahid ¶ 51, 52 “process 400 may also be used to retrieve an encryption key for a data message that must be decrypted”);
the decryption engine outputs a corresponding plaintext block (Axnix I ¶ 29, 21 “unit 50 arranged…to…decrypt”; Jahid ¶ 51, 52 “process 400 may also be used to retrieve an encryption key for a data message that must be decrypted”; note: it is implicit that decrypting an encrypted message outputs a plaintext [see Axnix I ¶ 21, 29; Jahid ¶ 51, 52; MPEP § 2144.01]);
the plaintext block is provided to the first processor (Axnix I ¶ 21 “unit 50 arranged logically in data transfer between the processor 216 and memory 60 to…decrypt pages…read from the memory 60 by the processor 216”; note: unit 50 provides its plaintext/decrypted message to processor 216 [see Axnix I ¶ 21]).
Regarding claims 7 and 18, Axnix I in view of Jahid further in view of Sela further in view of Nakanishi teaches all of the limitations of claims 2 and 15, as previously stated, and further teaches wherein:
the memory cryptography circuit further comprises a second-type cryptography engine (Axnix I ¶ 29, 21 “unit 50 arranged…to encrypt/decrypt”; note: encryption is a first-type of cryptographic process and decryption is a second [see Axnix I ¶ 21, 29], 
the memory cryptography circuit is configured to receive (Jahid: 420 and 440, FIG. 4) a second input block and a corresponding second KID (Axnix I ¶ 21, 27; Jahid ¶ 49 “receive 420 a data message”; Jahid ¶ 51 “receive 440 the encryption key”; Sela ¶ 34; note: Axnix I discloses more than one KID/a second KID [see Axnix I ¶ 23; FIG. 3], and Jahid may encrypt multiple “data messages”/a second input block [see Jahid ¶ 32]);  
the memory cryptography circuit is configured to:
provide (Jahid: 430, FIG. 4) the second KID (Jahid: 350, FIG. 3) to the keystore (Axnix I: 68, FIG. 1) (Axnix I ¶ 23; Jahid ¶ 43, 48, 50 “send 430 an encryption key request that includes the ticket/KID to the key manager/ keystore”; note: Axnix I discloses more than one KID/a second KID [see Axnix I ¶ 23; FIG. 3]);
provide (Jahid: 420 and 440, FIG. 4), to the second-type cryptographic engine, the second input block and a second cryptographic key provided (Axnix I: S212, FIG. 12) by the keystore in response to receiving the second KID (Axnix I ¶ 21, 28 “transfer VM specific key 32…to crypto unit 50”; Axnix I ¶ 53 “key 32 of VM 10 loaded is performed”; Jahid ¶ 49 “receive 420 a data message”; Jahid ¶ 51 “receive 440 the encryption key”; note: Jahid may encrypt multiple “data messages”/a second input block [see Jahid ¶ 32], and a key and input block are both provided to crypto-engine for processing [see Jahid ¶ 51]); and
the second-type cryptographic engine is configured to perform a second-type cryptographic operation on the second input  block using the second cryptographic key 
Regarding claim 8, Axnix I in view of Jahid further in view of Sela further in view of Nakanishi teaches all of the limitations of claim 1, as previously stated, and teaches further comprising a KMU (Jahid: 310, FIG. 3), wherein the KMU is configured to manage the keystore (Jahid ¶ 40).
Before the effective filing date of the invention, one of ordinary skill in the art would have recognized the ability to utilize the teachings of Jahid for having a key management unit manage a keystore.  The teachings of Jahid, when used within the system of Axnix I in view of Jahid further in view of Sela further in view of Nakanishi’s IC, will streamline its keystore’s functionality by employing a dedicated unit to automate the management of the keystore’s functions.  Therefore, the examiner concludes that it would have been obvious to one of ordinary skill in the art at the time of the filing of the invention to arrive at the above‐claimed invention.
Regarding claim 10, Axnix I in view of Jahid further in view of Sela further in view of Nakanishi teaches all of the limitations of claim 1, as previously stated, and further teaches wherein:
 29]);
the operation of the PSEs is managed by a PSE manager (Axnix I: 74, FIG. 1) (note: Axnix I’s hypervisor 74 manages the operation of its PSEs 10/16 [see Axnix I ¶ 50, 53]);
each PSE is associated with a corresponding cryptographic key (Axnix I: 32, FIG. 1) (Axnix I ¶ 29); and
the first processor (Axnix I: 216, FIG. 1) is configured to run a first PSE (Axnix I ¶ 25 “PSE/virtual machine 10/16 is executed by processor 216”).
Regarding claims 11 and 20, Axnix I in view of Jahid further in view of Sela further in view of Nakanishi teaches all of the limitations of claims 1 and 14, as previously stated, and further teaches wherein: the memory cryptography circuit further comprises an arbiter (Nakanishi: 60, FIG. 2) configured to multiplex the plurality of KID input paths (Nakanishi: 251 and 252, FIG. 2) to output the KID provided to the keystore (Nakanishi: 120, FIG. 2) (Nakanishi ¶ 16, 30, 32 “output the acquisition request…and the ID…of the key”; ¶ 33 “the ID indicates the key information uniquely”; Nakanishi ¶ 37 “output the IDs…inputted…to the management portion 260/arbitrator 60”; note: arbitrator 60 multiplexes its inputs 251/252 for its arbitration [see Nakanishi ¶ 16, 30, 32, 33, 37]).
Before the effective filing date of the invention, one of ordinary skill in the art at the time of the filing of the invention would have recognized the ability to utilize the teachings of Nakanishi for arbitrating its KID inputs.  The teachings of Nakanishi, when ‐claimed invention.
Claim 5 is rejected under 35 U.S.C. 103 as being unpatentable over Axnix I in view of Jahid further in view of Sela further in view of Nakanishi further in view Axnix et al. (US 2016/0292442 A1, hereinafter Axnix II).
Regarding claim 5, Axnix I in view of Jahid further in view of Sela further in view of Nakanishi teaches all of the limitations of claim 4, as previously stated, and further teaches wherein:
the second input block is received from a RAM (Jahid ¶ 49 “receive 420 a data message”; note: Jahid may process multiple “data messages”/a second input block and Jahid discloses that its “RAM” can be used for its cryptographic operations [see Jahid ¶ 32]),
wherein the RAM is a cache (note: Jahid discloses that its RAM can be used for its cryptographic operations [see Jahid ¶ 32], and data must be provided to the cache memory of Axnix I in order for unit 50 to determine a result [see Axnix I ¶ 29]); and
the second KID is received from a processor, wherein the second KID is a second ID (Jahid ¶ 43, 48, 50 “send 430 an encryption key request that includes the ticket/KID to the key manager/keystore”; note: Axnix I discloses a second ID [see Axnix I ¶ 23; FIG. 3]).
Axnix II teaches: 
a second input block is received from a second cache (¶ 20 “processor units are equipped with processor caches/a second cache”; ¶ 21 “input blocks received from/data transferred between processor cache/a second cache”); and
a second ID is received (S210, FIG. 2) from a second processor (¶ 20 “system 210…includes a number of processor units/a second processor”; ¶ 21 “each processing unit encrypts/decrypts, with the corresponding virtual machine key”; ¶ 27 “key 18 is stored in…table 80”; ¶ 34 “a virtual machine key…stored in a virtual machine key table…is loaded S210”; note: it is implicit that an ID of each virtual machine must be received from “each processing unit” in order to for “the corresponding virtual machine key” 18 to be loaded S210 [see  ¶ 21, 27, 34; MPEP § 2144.01]).
Before the effective filing date of the invention, one of ordinary skill in the art would have recognized the ability to utilize the teachings of Axnix II for having a virtual machine run in the same system as, but on a different processor and corresponding cache from, another virtual machine.  The teachings of Axnix II, when used within the system of Axnix I in view of Jahid further in view of Sela further in view of Nakanishi’s IC, will improve security and provide an additional layer of isolation between the system’s virtual machines by having them run on separate processors that each have their own cache.  Therefore, the examiner concludes that it would have been obvious to one of ordinary skill in the art at the time of the filing of the invention to arrive at the above‐.
Claims 9, 13 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Axnix I in view of Jahid further in view of Sela further in view of Nakanishi further in view of Durham et al. (US 2019/0095350 A1, hereinafter Durham).
Regarding claims 9 and 19, Axnix I in view of Jahid further in view of Sela further in view of Nakanishi teaches all of the limitations of claims 1 and 14, as previously stated, and further teaches wherein:
the system bus (Axnix I: 218, FIG. 13 / Jahid: 805, FIG. 8) interconnects the first processor (Axnix I: 216, FIG. 1), the first memory controller (Axnix I: 218, FIG. 13 / Sela: 22, FIGS. 1-2), and the first cache (Axnix I: 232, FIG. 13) (Axnix I ¶ 61 “bus 218 [] couples various system components including system memory 228 to processor 216”; Axnix I ¶ 62 “Bus 218 represents…bus structures, including a…memory controller”; Axnix I ¶ 64 “System memory 228 can include…cache memory 232”; Sela ¶ 34 “memory controller 22”);
the system bus (Axnix I: 218, FIG. 13 / Jahid: 805, FIG. 8) is configured to carry the KID, and a corresponding data block (Jahid ¶ 43, 48, 49 “carry/receive 420 a data message/data block”; Jahid ¶ 50 “carry/send 430 an encryption key request that includes the ticket/KID; note: it is implicit that the system’s bus is the medium for carrying “data transfers between the processor 216 and memory 60” [see Axnix I ¶ 21, 61, 62; Jahid ¶ 78, 79; MPEP § 2144.01]); and
the first cache is configured to store the KID and the corresponding data block (Axnix I ¶ 29, 21 “encrypt…pages written…by using an encryption key stored in unit 50…on a cache/memory”; Jahid ¶ 43, 48, 49 “receive 420 a data message/data block”; Jahid ¶ 50 “send 430 an encryption key request that includes the ticket/KID; note: unit 
Before the effective filing date of the invention, one of ordinary skill in the art would have recognized the ability to utilize the teachings of Jahid for transmitting/ carrying a data block and KID.  The teachings of Jahid, when used with the system of Axnix I in view of Jahid further in view of Sela further in view of Nakanishi’s cache connected via the system bus, will provide the system with a straightforward and, thus, efficient scheme for transmitting data to the system’s cache for cryptographic processing.  Therefore, the examiner concludes that it would have been obvious to one of ordinary skill in the art at the time of the filing of the invention to arrive at the above‐claimed invention.
However, Axnix I in view of Jahid further in view of Sela further in view of Nakanishi does not explicitly disclose, yet Durham teaches wherein:
a KID is carried together with a corresponding memory address and a corresponding data block (¶ 59 “memory address/page address received in the write request…data line includes encrypted data/data block and…the KID itself”; note: Durham’s write/modify requests may carry a KID together with a corresponding page address and a data block [see ¶ 58, 59]); and
the KID is stored together with the corresponding memory address and the corresponding data block (¶ 59 “memory address/page address received in the write request…data line includes encrypted data/data block and…the KID itself”; note: Durham’s write/modify requests may store/include a KID together with a corresponding page address and a data block [see ¶ 58, 59]).
‐claimed invention.
Regarding claim 13, Axnix I in view of Jahid further in view of Sela further in view of Nakanishi teaches all of the limitations of claim 1, as previously stated, and further teaches: the first RAM (note: Jahid discloses that its RAM can be used for its cryptographic operations [see Jahid ¶ 32]).
However, Axnix I in view of Jahid further in view of Sela further in view of Nakanishi does not explicitly disclose, yet Durham teaches: wherein a first RAM is a NVDIMM RAM (¶ 30, 90 “encryption software can work with NVDIMMs”).
Before the effective filing date of the invention, one of ordinary skill would have recognized the ability to utilize the teachings of Durham for utilizing a NVDIMM RAM.  The teachings of Durham, when used within the system of Axnix I in view of Jahid further in view of Sela further in view of Nakanishi’s first RAM, will enable the system to securely take advantage of the performance benefits of a direct access storage mode by having the system’s RAM operate in a direct access storage mode.  Therefore, the ‐claimed invention.
Claim 12 is rejected under 35 U.S.C. 103 as being unpatentable over Axnix I in view of Jahid further in view of Sela further in view of Nakanishi further in view of Einkauf et al. (US 2016/0323377 A1, hereinafter Einkauf).
Regarding claim 12, Axnix I in view of Jahid further in view of Sela further in view of Nakanishi teaches all of the limitations of claim 1, as previously stated, and further teaches: the first RAM (note: Jahid discloses that its RAM can be used for its cryptographic operations [see Jahid ¶ 32]).
However, Axnix I in view of Jahid further in view of Sela further in view of Nakanishi does not explicitly disclose, yet Durham teaches: wherein a first RAM is a SDRAM (¶ 195 “system memory may be implemented using SDRAM”).
Before the effective filing date of the invention, one of ordinary skill in the art would have recognized the ability to utilize the teachings of Einkauf for utilizing a SDRAM.  The teachings of Einkauf, when used within the system of Axnix I in view of Jahid further in view of Sela further in view of Nakanishi’s first RAM, will reduce the time required to access the system’s cryptographic memory by maximizing the speed of the system’s first RAM.  Therefore, the examiner concludes that it would have been obvious to one of ordinary skill in the art at the time of the filing of the invention to arrive at the above‐claimed invention.

Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
	Any inquiry concerning this communication or earlier communications from the examiner should be directed to Kalish Bell whose telephone number is (571) 272-5294.  The examiner can normally be reached on 9am-5pm, M-F.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool.  To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey L Nickerson can be reached on (469) 295-9235.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.


/Jeffrey Nickerson/Supervisory Patent Examiner, Art Unit 2432                                                                                                                                                                                                        




/KALISH K BELL/Examiner, Art Unit 2432