Notice of Pre-AIA  or AIA  Status
	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 

Response to Amendment
This communication is in response to the amendment filed on 09/13/2021. The Examiner acknowledges amended claims 1, 3-7, 9-10, 12-16, and 18-20. Claims 2, 8, 11, and 17 have been canceled. No claims have been added.  Claims 1, 3-7, 9-10, 12-16, and 18-20 are pending and claims 1, 3-7, 9-10, 12-16, and 18-20 are rejected.  Claims 1, 10, and 19 is/are independent. 

Claim 1 interpretation to invoke means-plus-function under 35 U.S.C. § 112(f) is withdrawn.
The rejection(s) of claims under 35 U.S.C. § 101 are withdrawn in view of Applicant's amendments.
Applicant's arguments/amendments have been fully considered, but are not persuasive. Note that this action is made FINAL.
	
	
Response to Arguments
Applicant's arguments filed 09/13/2021 have been fully considered but they are not persuasive. 
Regarding claim 1, Applicant argues (e.g., page 8 of Applicant’s arguments) that the following amended claim limitations are not disclosed in the combination of references cited in the previous office action:  
establish a secured channel between the I/O subsystem circuitry and a trusted application running on the apparatus, wherein to establish the secured channel 
 receive, in response to an establishment of the secured channel, I/O data from the I/O device via an unsecured channel, wherein the I/O data is received via a communication channel between the I/O subsystem circuitry and the I/O device, wherein the communication channel is not encrypted;
 encrypt, in response to a receipt of the I/O data, the I/O data using the security key associated with the trusted application that is to process the I/O data

Applicant argues on page 8 that:
In view of the proposed amendments, Applicant respectfully requests the withdrawal of this rejection of claim 1 and its dependent claims. 
Claims 10 and 19 contain similar limitations as those of claim 1. Accordingly, for at least the reasons set forth above with respect to claim 1, Applicant respectfully requests the withdrawal of the rejection of claims 10 and 19 and their dependent claims.

Examiner respectfully disagrees. Examiner submits that Durham et al. U.S. Publication 20170171194 (hereinafter “Durham”) para. 26 and para. 45 makes clear that the Durham secret key is shared between ICE 128, which discloses the I/O subsystem circuitry, and the authorized software, which discloses the trusted application of claim 1. Furthermore, Case et al. U.S. Publication 20160364343 (hereinafter “Case”) teaches a technique of receiving, from an I/O device, unencrypted data over a communication channel, encrypting the data, and sending the encrypted data to a target destination.
The remaining independent claims recite limitations similar to those of claim 1 and are also not allowable for the same reasons. The dependent claims inherit the limitations of their respective independent claims and also not allowable for the same reasons as discussed with respect to the independent claims.	
Accordingly, Applicant's argument is unpersuasive.

	
	
	
	
	
	

	
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claim 19 is/are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention.
Claim 19 recites “the security key shared with the trusted application” and “a security key associated with the trusted application”. However, it is not clear whether a security key associated with the trusted application is the same as the security key shared with the trusted application recited previously in the claim. Appropriate correction is required.

The following is a quotation of 35 U.S.C. 112(d):
(d) REFERENCE IN DEPENDENT FORMS.—Subject to subsection (e), a claim in dependent form shall contain a reference to a claim previously set forth and then specify a further limitation of the subject matter claimed. A claim in dependent form shall be construed to incorporate by reference all the limitations of the claim to which it refers.

The following is a quotation of pre-AIA  35 U.S.C. 112, fourth paragraph:
Subject to the following paragraph [i.e., the fifth paragraph of pre-AIA  35 U.S.C. 112], a claim in dependent form shall contain a reference to a claim previously set forth and then specify a further limitation of the subject matter claimed. A claim in dependent form shall be construed to incorporate by reference all the limitations of the claim to which it refers.

Claims 3 and 12 are rejected under 35 U.S.C. 112(d) or pre-AIA  35 U.S.C. 112, 4th paragraph, as being of improper dependent form for failing to further limit the subject matter of the claim upon which it depends, or for failing to include all the limitations of the claim upon Claim 3 depends from claim 2 which has been canceled, and claim 12 depends from claim 11 which has been canceled.  For compact prosecution, claim 3 is assumed to depend from claim 1 and claim 12 is assumed to depend from claim 10. Applicant may cancel the claim(s), amend the claim(s) to place the claim(s) in proper dependent form, rewrite the claim(s) in independent form, or present a sufficient showing that the dependent claim(s) complies with the statutory requirements.

Claim Rejections - 35 USC § 103
	
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

	The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
	
	This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective 

	
Claims 1, 3, 6-7, 9-10, 12, and 15-16, 18-19 is/are rejected under 35 U.S.C. 103 as being unpatentable over Durham et al. U.S. Publication 20170171194 (hereinafter “Durham”) in view of Case et al. U.S. Publication 20160364343 (hereinafter “Case”), further in view of Ahmad et al. U.S. Patent No. 9916129 (hereinafter “Ahmad”).

As per claim 1, Durham discloses An apparatus comprising: 
a processor to execute a trusted application; 
an input/output (I/O) device; and 
an I/O subsystem circuitry to: 
establish a secured channel between the I/O subsystem circuitry and a trusted application running on the apparatus, wherein to establish the secured channel comprises to receive a security key shared with the trusted application running on the apparatus; 
(See Durham apparatus is disclosed in figure 1 which includes a combination of the processor (Durham Para. 21, CPU 120) and I/O subsystem circuitry (Durham ICE 128 and para. 77 “circuitry or circuit sets may be arranged”) and I/O device (Durham device 110); apparatus is everything depicted in figure 1 of the reference]
Durham Para. 0018]
‘….Upon accesses to memory via DMA from a device that is in a secure mode [input/output (I/O) device], the ICE [an I/O subsystem circuitry = ICE ]  may fetch the data line stored in memory, identify the aforementioned identifying parameters to select a key[establish a secured channel] and obtain the replay counter, and then encrypt the data for the corresponding device using this key and replay counter. ….. Upon the subsequent read of the data from memory, trusted software may decrypt the data[trusted application running on the compute device], …..’
Durham [0026]
secret key [a security key shared with the trusted application = secret key ] and the KeyID for the secure communications with the device 110 are provided to the authorized software 124. The authorized software 124 uses the secret key and the KeyID for the device 110 to later decrypt data that was securely provided from the device 110. 
Durham [0045]
…, the secure DMA memory operation may be conducted. During the data flow 160A depicted in FIG. 3, data that is encrypted by the ICE 128 with the secret key[a security key shared with the trusted application = secret key ]  is stored inline to the instruction lines 170 (thus, overwriting the DMA transaction data that was previously stored in the instruction lines 170). The ICE 128 encrypts the data from device 110 using the secret key
)

encrypt, in response to a receipt of the I/O data, the I/O data using the security key associated with the trusted application that is to process the I/O data; and 
(See Durham Para. 0018]
‘….identifying parameters to select a key[security key associated with the trusted application; trusted software will use the security key to decrypt] and obtain the replay counter, and then encrypt the data for the corresponding device using this key [encrypt, in response to a receipt of the I/O data, the I/O data using the security key ]and replay counter. …… Upon the subsequent read of the data from memory, trusted software [trusted application ] may decrypt the data.’
)

transmit the encrypted I/O data to the trusted application via the secured channel, 

‘….encrypt the data for the corresponding device using this key ….Upon the subsequent read of the data from memory[transmit the encrypted I/O data to the trusted application via the secured channel]; the encrypted data was written to memory and then subsequently trusted software retrieved the data from memory], trusted software [trusted application ] may decrypt the data.’
)

	However, Durham does not expressly disclose 
receive, in response to an establishment of the secured channel, I/O data from the I/O device via an unsecured channel, wherein the I/O data is received via a communication channel between the I/O subsystem circuitry and the I/O device, wherein the communication channel is not encrypted; 
wherein the secured channel has a data transfer rate that is higher than a data transfer rate of the unsecured channel between the I/O device and the I/O subsystem circuitry.
Case discloses receive, in response to an establishment of the secured channel, I/O data from the I/O device via an unsecured channel, wherein the I/O data is received via a communication channel between the I/O subsystem circuitry and the I/O device, wherein the communication channel is not encrypted; 

(See Case Para. [0068]
‘…..DMA interface 106[the I/O subsystem circuitry] reads data from memory [reads data from memory = via an unsecured channel; the data read from memory is not encrypted yet ]that is un-encrypted [receive, in response to an establishment of the secured channel, I/O data; wherein the communication channel is not encrypted ]which is routed through IEE 112 and then automatically encrypted with a key that is shared at the other end of the I/O channel an I/O buffer 
[from the I/O device; this is an I/O buffer for some I/O device; the unencrypted data is transferred from the I/O device to this I/O buffer which is the memory region, and the DMA interface 106 reads unencrypted data (provided by the I/O device) from the corresponding memory region and encrypts the unencrypted data, then sends the encrypted data to another I/O device; forwarding the encrypted data to the other I/O device discloses the established secured channel]…..’
[0082]
‘In this way an I/O buffer may be realized in the memory to allow AES-CTR streaming of I/O data from one device[ from the I/O device] to another using inline encryption.’
).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified Durham with the technique for establishing the channel before receiving I/O data of Case to include 
receive, in response to an establishment of the secured channel, I/O data from the I/O device via an unsecured channel; 
One of ordinary skill in the art would have made this modification to improve the ability of the system to increase efficiency by setting up the secured channel before receiving the I/O data for encryption. The system (e.g., ICE 128) of the primary reference can be modified to receive unencrypted data from an I/O device, encrypt the data, and forward the encrypted data to a destination via a secured channel as taught in the Case reference. Furthermore, the key is retrieved before the key is needed for encryption, which reduces delay associated with retrieving the key in setting up the channel.
Durham para. 26 and para. 45 makes clear that the Durham secret key is shared between ICE 128, which discloses the I/O subsystem circuitry, and the authorized software, trusted application of claim 1. Furthermore, Case teaches a technique of receiving, from an I/O device, unencrypted data over a communication channel, encrypting the data, and sending the encrypted data to a target destination (para. 68 and 82).

However, the combination of Durham and Case does not expressly disclose wherein the secured channel has a data transfer rate that is higher than a data transfer rate of the unsecured channel between the I/O device and the I/O subsystem circuitry.
Ahmad discloses DMA mode has a higher data transfer rate
(See Ahmad 2:57-3:7
‘an I/O device of a system may receive data from an external source at a first data rate and place the data in a source buffer so it may be accessed by various devices of the system. DMA transfer transactions may attempt to read data from the source buffer at a rate that is faster than the rate at which the data is placed in the source buffer. …., the DMA transfer controller may write data at a faster rate than the data can be removed from the buffer and processed by the I/O device--resulting in an overflow of the destination buffer.’
[The DMA transfer rate according to Ahmad must be higher than the rate between the I/O device and the buffer since the rate from reading the buffer is higher according to Ahmad, otherwise the DMA channel would not be able to handle higher flow of data coming from the higher DMA reading rate from the buffer]
).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Durham and Case with the higher transfer rate of the DMA transfer channel of Ahmad to include wherein the secured channel has a data transfer rate that is higher than a data transfer rate of the unsecured channel between the I/O device and the I/O subsystem.



The combined teaching of Durham, Case, and Ahmad discloses wherein to encrypt the I/O data comprises to encrypt, in response to a receipt of the I/O data, the I/O data using a security key.
Para. [0018]
[for compact prosecution claim 3 is assumed to depend from claim 1]
‘…., identify the aforementioned identifying parameters to select a key[establish a secured channel] ……, and then encrypt the data for the corresponding device using this key [encrypt, in response to a receipt of the I/O data, the I/O data using a security key.]….. Upon the subsequent read of the data from memory, trusted software may decrypt the data, …..’
)

As per claim 6, the rejection of claim 1 is incorporated herein. 
Durham discloses wherein the trusted application running inside a trusted execution environment (TEE) of the apparatus.
(See Durham Para. 18, ‘trusted software may decrypt the data’
 [0063] ‘trusted software in a TEE .’
)

As per claim 7, the rejection of claim 1 is incorporated herein. 
However, Durham does not expressly disclose wherein the secured channel is a full-duplex communication channel.
Case discloses wherein the secured channel is a full-duplex communication channel.
(See Case Para. [0068] ‘IEE 112 can provide an AES-ECB, AES-CTR, or other suitable mode for read-encryption/write-decryption to support I/O encrypted communication’

).
For the reasons discussed with respect to claim 1, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified Durham with the technique for read-encryption/write-decryption of Case to include wherein the secured channel is a full-duplex communication channel.

As per claim 9, the rejection of claim 1 is incorporated herein. 
The combined teaching of Durham, Case, and Ahmad discloses wherein to transmit the encrypted I/0 data comprises to transmit metadata associated with the encrypted I/0 data to the trusted application via the secured channel, wherein the data transfer rate of the secured channel is based on a size of the metadata.
(See Durham Para. 0018]
‘encrypt the data for the corresponding device using this key and replay counter[ metadata = replay counter]. Metadata may then indicate that the data line stored in memory should remain encrypted on a subsequent read. Upon the subsequent read of the data from memory[transmit metadata associated with the encrypted I/0 data], trusted software may decrypt the data, check data integrity, and use the aforementioned counter verify that the data was not replayed [this indicates that the metadata, which is the replay counter, was transmitted]…….’
[For any given duration of time, if there is more metadata then there will be more data transferred which results in a higher effective transfer rate. If there is less metadata than there is less data transferred resulting in a lower effective transfer rate, since the transfer rate is quantity of data transferred per unit of time]


As per claim 10, the claim(s) is/are directed to a method with limitations which correspond to limitations of claim 1, and is/are rejected for the reasons detailed with respect to claim 1.  

As per claim 12, the claim(s) is/are directed to a method with limitations which correspond to limitations of claim 3, and is/are rejected for the reasons detailed with respect to claim 3.  

As per claim 15, the claim(s) is/are directed to a method with limitations which correspond to limitations of claim 6, and is/are rejected for the reasons detailed with respect to claim 6.  

As per claim 16, the claim(s) is/are directed to a method with limitations which correspond to limitations of claim 7, and is/are rejected for the reasons detailed with respect to claim 7.  

As per claim 18, the claim(s) is/are directed to a method with limitations which correspond to limitations of claim 9, and is/are rejected for the reasons detailed with respect to claim 9.  

As per claim 19, the claim(s) is/are directed to one or more non-transitory machine-readable storage media with limitations which correspond to limitations of claim 1, and is/are rejected for the reasons detailed with respect to claim 1.  In addition claim 19 recites and Durham discloses  One or more non-transitory machine-readable storage media comprising a plurality of instructions stored thereon that, in response to being executed, cause a computing device to:
(See Durham Para. [0077] computer systems ……hardware processors may be configured by firmware or software (e.g., instructions, an application portion, or an application) as a component that operates to perform specified operations. In an example, the component may be embodied or programmed by instructions of a machine readable medium[One or more non-transitory machine-readable storage media]. In an example, software, when executed by the underlying hardware of the component, causes the hardware to perform the specified operations[comprising a plurality of instructions stored thereon that, in response to being executed, cause a computing device to:]. 
)

Claims 4-5, 13-14, and 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Durham in view of Case, in view of Ahmad, further in view of Pappachan et al. U.S. Publication 20170024570 (hereinafter “Pappachan”).
As per claim 4, the rejection of claim 1 is incorporated herein. 
Durham discloses 
receive configuration data from the trusted application via the channel; 
configure the secured channel based on the configuration data.
(See Durham Para. [0017] ‘,This replay counter value may be a unique value that originates from authorized TEE software[receive configuration data from the trusted application via the channel] ….. the DMA data is encrypted using the replay counter value (e.g., as an encryption tweak, or as a counter with counter mode[configure the secured channel based on the configuration data).. ‘
)

receive encrypted configuration data from the trusted application via the secured channel; 
decrypt the encrypted configuration data; and 
configure the secured channel based on the decrypted configuration data.

Pappachan discloses receiving data over an encrypted secured channel and decrypting the encrypted data
(See Pappachan Para. [0057] ‘security engine 138 may transmit the data over a protected DMA channel to the TIO software component, and the cryptographic engine 140 will encrypt the data with the key assigned to the DMA channel, which is also known to the TIO software component. Therefore, only the TIO software component may decrypt the value.’
).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Durham, Case, and Ahmad with the technique for receiving data over an encrypted secured channel and decrypting the encrypted data of Pappachan to include 
receive encrypted configuration data from the trusted application via the secured channel; 
decrypt the encrypted configuration data; and 
configure the secured channel based on the decrypted configuration data.
One of ordinary skill in the art would have made this modification to improve the ability of the system to prevent malicious 3rd parties from intercepting communication. The system (e.g., authorized software) of the primary reference can be modified to use a key to encrypt the replay information before transmitting such information, using the technique for transmitting over an encrypted channel as taught in the Pappachan reference.

As per claim 5, the rejection of claim 4 is incorporated herein. 
	However, Durham does not expressly disclose 
wherein to configure the secured channel comprises to configure the secured channel upon a power reset.
Case discloses wherein to configure the secured channel comprises to configure the secured channel upon a power reset.
(See Case Para. 0024]
‘Upon initial configuration out of reset crypto keys and permissions can be established. There may be long term keys which can be restored and ephemeral keys that are lost between power cycle’
).
For the reasons discussed with respect to claim 1, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified Durham with the technique for configuration of the keys used for channels upon reset of Case to include wherein to configure the secured channel comprises to configure the secured channel upon a power reset.

As per claim 13, the claim(s) is/are directed to a method with limitations which correspond to limitations of claim 4, and is/are rejected for the reasons detailed with respect to claim 4.  

As per claim 14, the claim(s) is/are directed to a method with limitations which correspond to limitations of claim 5, and is/are rejected for the reasons detailed with respect to claim 5.  

.  



Conclusion

THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to HOWARD H LOUIE whose telephone number is 571-272-0036.  The examiner can normally be reached on M-F 9 AM-5 PM EST. 
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.  
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jung W. Kim can be reached on 571-272-3804.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR 





/HOWARD H. LOUIE/Examiner, Art Unit 2494                                                                                                                                                                                                        
/THEODORE C PARSONS/Primary Examiner, Art Unit 2494