Notice of Pre-AIA  or AIA  Status

The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION

All objections and rejections not set forth below have been withdrawn.
Claims 1 – 20 are pending.
Claims 3 – 14 and 16 – 19 are withdrawn from consideration.
Any references to applicant’s specification are made by way of applicant’s U.S. pre-grant printed patent publication.

Continued Examination Under 37 CFR 1.114

A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 11/29/21 has been entered.
 

Claim Rejections - 35 USC § 112

The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 1, 2, 15, and 20 are  rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.

Specifically, regarding claims 1, 15, and 20, the recitation “not visible to the host” renders the scope of the claims indefinite.  
The examiner notes that the term “visible”, as used within the context computer memory, has no standard definition by those having ordinary skill in the art.  Furthermore, the applicant’s disclosure fails to provide a clear and concrete definition of “visible” for ascertaining the scope of the claimed invention.  At most, the applicant’s disclosure characterizes memory as “visible” in the terms of an ability to allocate objects within memory (e.g. Specification, par. 104, 105).  However, the examiner points out that the ability (or otherwise the inability) to allocate objects within memory does not appear to be a definition reasonably commensurate with the plain and ordinary meaning 
Where applicant acts as his or her own lexicographer to specifically define a term of a claim contrary to its ordinary meaning, the written description must clearly redefine the claim term and set forth the uncommon definition so as to put one reasonably skilled in the art on notice that the applicant intended to so redefine that claim term. Process Control Corp. v. HydReclaim Corp., 190 F.3d 1350, 1357, 52 USPQ2d 1029, 1033 (Fed. Cir. 1999). The term “visible” in the noted claims is used by the claim to mean “the ability to allocate objects in memory, but not access the memory directly over MMIO” (see Applicant’s specification, par. 86, “…in other words…”; Applicant’s remarks, 11/29/21, pg. 8)  while the accepted meaning is “able to be seen, perceived, easily noticed” (as admitted by the applicants themselves, see Applicant’s remarks, 11/29/21, pg. 7 – “it would not be contradictory to insert ‘perceivable’ for ‘visible’”). The term is indefinite because the specification does not clearly redefine the term.

Depending claims are rejected by virtue of dependency. 

Claim Rejections - 35 USC § 103

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of 

The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


Claims 1, 2, 15, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Vasiliadis et al. (Vasiliadis), “PixelVault: Using GPUs for Securing Cryptographic Operations”.

Regarding claim 1, Vasiliadis, as best as can be understood in view of the above noted issues of clarity, discloses:
A peripheral device package for use in a host computing device (e.g. Vasiliadis, fig. 1: GPU), the peripheral device package comprising: a plurality of compute elements (e.g. Vasiliadis, fig. 1: multiprocessors N, streaming processors SP); a plurality of resources shared by the plurality of compute elements (e.g. Vasiliadis, fig. 1, fig. 3; sect. 4 – memory, registers, cache, keys, secrets, and sensitive information);
Vasiliadis, discloses a GPU, i.e. “peripheral device package” for use in a host computing device (e.g. Vasiliadis, fig. 1: graphics card and host).  Furthermore, Vasiliadis discloses a set of encrypted keys within memory of the peripheral or GPU 
However, the examiner notes that this feature would have been obvious to one of ordinary skill in the art, at least, for any one of two reasons:
First, the examiner notes that Vasiliadis suggests that encrypted keys can be stored in all kinds of memory, including memory hierarchies that are not accessible by the host computing system, therefore the host would not be able to allocate objects within memory which it cannot access (i.e. memory is “not visible”)  (e.g. Vasiliadis, sect. 4.2, par. 3, 6).  Thus, it would have been obvious to one of ordinary skill in the art, as motivated by the suggestions of Vasiliadis, to recognize that the encrypted keys of Vasiliadis may be stored in memory that “is not visible” to the host.
Second, the examiner notes that Vasiliadis also teaches that the encryption keys may be stored within the registers of the GPU, which are not addressable and accessible by the host (i.e. “not visible”) (e.g. Vasiliadis, sect. 2.2, par. 3; sect. 4, par. 1; sect. 4.4, par. 3).  While, Vasiliadis may not explicitly state that this datastructure of keys is stored along with “metadata” such as identifiers, the examiner notes that this would have been obvious to one of ordinary skill in the art.  This would have been obvious because one of ordinary skill in the art would have been motivated by Vasiliadis’ teachings that the GPU requires an organized manner of key management for identifying stored encryption/decryption keys belonging to a specific user or service (e.g. Vasiliadis, sect. 4.5, par. 3; sect. 7, par. 4; fig. 5; fig. 6).  
Thus, Vasiliadis enables:
a datastructure stored in a hidden memory of the peripheral device package (e.g. Vasiliadis, fig. 3:KeyStore, Registers; sect. 4, par. 1; sect. 4.4, par. 4 – herein, a keystorage structure may be encrypted in memory [i.e. “hidden”] or stored directly within un-addressable memory [i.e. “hidden”]), the data structure holding metadata about ownership of resources of the peripheral device package by a plurality of user runtime processes of the host computing device which use the compute elements (e.g. Vasiliadis, sect. 4.5, par. 3; figs. 3, 5 – keyIDs and index information for identifying the appropriate key, certificate, or sensitive data for an owner process), at least one of the user runtime processes being a secure user runtime process (e.g. fig. 3 – user processes may be for performing a security function, e.g. SSL), wherein the hidden memory is not visible to the host computing system (e.g. Vasiliadis, sect. 4.2, par. 3, 6; see also sect. 2.2, par. 3; sect. 4, par. 1; sect. 4.4, par. 3).  
a command processor configured to use the datastructure, including the metadata, to enforce isolation of the resources used by the secure user runtime process (e.g. Vasiliadis, fig. 1, gpu processor; sect. 1, par. 5, 6; sect. 2.1 – the gpu securely handles keys and secrets within the keystore, such that malicious processes cannot access the key and secrets of another process; e.g. Vasiliadis, sect. 4.5, par. 3; sect. 7, par. 4; fig. 5; fig. 6). 

Regarding claim 2, Vasiliadis discloses:
wherein the command processor receives commands from the user runtime processes via a driver of the peripheral device package, the driver being in the host computing device (e.g. Vasiliadis, fig. 2; sect. 2.3; sect. 5: NVIDIA or CUDA driver), and wherein the command processor receives the commands after specification of resources in the commands made by the driver (e.g. Vasiladis, sect. 2.2, par. 1,2 – herein the host driver continuously communicates commands to the gpu);
and wherein the command processor is configured to return responses to the received commands for authentication by the user runtime process (e.g. Vasiliadis, sect. 2.2: par. 1, 2; fig. 3:response – the gpu responds to the commands of the user runtime process within the host). The examiner notes that the recitation “for authentication by the user runtime process” represents only an intended use recitation, and does not limit the claimed device to any structure or functional limitation of authenticating the response.

Claim 15 is a program claim essentially corresponding to the above limitations, and they are rejected, at least, for the same reasons.  Furthermore because:
Regarding claim 15, Vasiliadis discloses:
A method for a computer-implemented secure user runtime process having instructions for execution on a peripheral device package of an untrusted host computing device, the method for the computer-implemented secure user runtime process comprising: sending commands via the untrusted host to a command processor of the peripheral device package (e.g. Vasiliadis, fig. 3: request), the commands using a datastructure in a hidden memory of the peripheral device package (e.g. Vasiliadis, fig. 3:KeyStore, Registers; sect. 4, par. 1; sect. 4.4, par. 4 – herein, a keystorage structure may be encrypted in memory [i.e. “hidden”] or stored directly within un-addressable to enforce isolation of resources of the peripheral device package used by the secure user runtime process (e.g. Vasiliadis, fig. 1, gpu processor; par. 5, 6 – the gpu securely handles keys and secrets within the keystore, such that malicious processes cannot access the key and secrets of another process) wherein the hidden memory is not visible to the host computing system (e.g. Vasiliadis, sect. 4.2, par. 3, 6; see also sect. 2.2, par. 3; sect. 4, par. 1; sect. 4.4, par. 3).   

Claim 20 is an apparatus claim essentially corresponding to the above limitations of claims 1, 2, and 15, and it is rejected, at least, for the same reasons.  


Response to Arguments

Applicant's arguments filed 11/29/21 have been fully considered but they are not persuasive.

Applicant argues or alleges essentially that:
…
…  The Office Action, on page 3, characterizes ‘visible’ as including “able to be seen, perceived, or noticed easily,” which is compatible with the use of ‘visible’ in the presently pending claims (e.g., in “wherein the hidden memory is not visible to the host computing device,” it would not be contradictory to insert ‘perceivable’ for ‘visible’). Thus, it appears that the Examiner has perfectly understood the claims, and they do not appear to be indefinite.

…
 (Remarks, pg. 7)

Examiner respectfully responds:
The examiner disagrees. 
It is noted for the record that the applicants appear to clearly understand and admit to the definition of “visible” as “able to be seen, perceived, or noticed easily” (“…it would not be contradictory to insert ‘perceivable’ for ‘visible’…”; see Applicant’s remarks, 11/29/21, pg. 7).   
However, the only manner in which the applicants describe “visible” memory is regarding the ability to allocate channels and objects in memory and the inability to access memory directly over MMIO (see Applicant’s specification, par. 85, 86, “…in other words…”).  This subject matter is not at all germane to the definition of “visible”.  
Thus, the applicant’s present argument which suggests that the claims’ usage of term “visible” memory pertains to the plain and ordinary meaning, such as “perceivable”, is clearly mistaken.   


Applicant argues or alleges essentially that:
…
The Office Action incorrectly correlates the “keystore” of the cited reference to the claimed “datastructure.” Specifically, the Office Action alleges that the claimed “datastructure stored in a hidden memory of the peripheral device” is taught by the reference’s keystare. However, page 5 of the reference explicitly contradicts the Office Action’s interpretation of the reference. … Page 5 of the reference describes alternatives to the reference’s structure, which are disparaged as not working, stating:…
…
The Office Action offers an argument to attempt to overcome the reference’s explicit contradiction of the Office Action’s interpretation. The Office Action argues that the keys may be stored in registers of a GPU. However, this argument is not practical (the reference talks at length of the small amount of storage possible in registers).
…
(Remarks, pg. 8, 9)

Examiner respectfully responds:
The examiner disagrees.  Specifically, the prior art does not contradict the examiner’s interpretation, as alleged by the applicant.  Furthermore, contrary to the applicant’s remarks, the prior art does not characterize the alternative embodiments for storing the key datastructure “as not working”.  Rather, the prior art does in fact disclose such embodiments, and simply notes that such disclosed embodiments are less ideal than others.  

Applicant argues or alleges essentially that:
…
The ‘keystore’ of the reference cannot store metadata to enforce isolation of resources, and thus the reference does not teach the independent claims as presently amended.
…


Examiner respectfully responds:
The examiner respectfully disagrees, at least, for the reason that the applicant’s remark is simply an allegation without any supporting evidence or rationale.
Furthermore, the prior art clearly discloses that the keystore or datastructure comprises metadata used to enforce isolation of resources (e.g. Vasiliadis, sect. 4.5, par. 3; figs. 3, 5; sect. 7, par. 4; fig. 5; fig. 6–  keyIDs and index information for identifying the appropriate key, certificate, or sensitive data for an owner process). 


Conclusion

Any inquiry concerning this communication or earlier communications from the examiner should be directed to JEFFERY L WILLIAMS whose telephone number is (571)272-7965.  The examiner can normally be reached on 7:30 am - 4:00 pm.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached on 571-272-3739.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.


/JEFFERY L WILLIAMS/Primary Examiner, Art Unit 2495