DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This office action is in response to the application filed on 08/05/2020.
 Claims 1-14 are currently pending in this application.

Information Disclosure Statement
The information disclosure statements (IDSs) submitted on 08/05/2020 and 02/04/2021 were filed.  The submissions are in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statements are being considered by the examiner except foreign patent documents and non-patent literature documents, for which eligible (e.g., readable/clear words/fonts) English language translations are not attached.

Examiner’s Note
Applicants are suggested to include information from fig. 1 (e.g., fake enclaves, 130, etc.) into the claims to provide a better condition for an allowance. 

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(B)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention. 

Claims 1-14 are rejected under 35 U.S.C. 112(b) as being indefinite for failing to particularly point out and distinctly claim the subject matter which applicant regards as the invention.

Claims 1 and 8 recite:
“… a hardware security module (HSM) configured to generate … the HSM being physically independent …”, however, it is not clear whether the HSM is a standalone device or not (e.g., does not have any physical connection to others);
“… HSM configured to … remove a root key … a bootstrapping enclave configured to receive the root key from the HSM …”, it is not clear how the bootstrapping enclave receive the root key from the HSM because the root key has been removed by the HSM (or the HSM sends the root key before removing process) – note: the HSM does not have any physical connection to the bootstrapping enclave;
“… KMS enclaves configured to perform an attestation procedure … to receive the root key … and to establish a secure channel …”, however, it is not clear whether claimed functions (e.g., receiving, establishing, etc.) are actually performed or not (e.g., the intended use) – note: the HSM does not have any physical connection to the KMS enclave.
Claims 2-7 and 9-14 depend from the claim 1 or 8, and are analyzed and rejected accordingly.

Claims 2 and 9 recite “… the bootstrapping enclave is configured to transmit the root key only to an attested KMS enclave among one or … KMS enclave(s)”, however, it is not clear (1) whether “an attested KMS” has any relationship with “one KMS enclave” or not (note: “one or more …” is interpreted as “one …”; (2) how to define among one KMS enclave (e.g., the term “among” is followed by at least three entities/items).
Claims 3 and 10 recite “… the attested KMS enclave establishes a secure channel upon performing an attestation procedure with a client and performs a cryptographic operation according to a client’s request received …”, however, it is not clear (1) whether claimed “a secure channel” is the same as “a secure channel” included in the claim 1 or not; (2) how performing attestation with a client is related to establishing the secure channel (e.g., omitting necessary step(s)/component(s) which cause the claimed limitations unclear); (3) whether the cryptographic operation is performed through the secure channel or the client’s request is received through the secure channel.
Claims 4 and 11 recite “… transmit the root key offline to the bootstrapping enclave”, however, it is not clear how the root key is transmitted offline –note: the term “offline” is interpreted as “while not directly connected to a computer”.
Claims 5 and 12 recite “… the one … KMS enclave(s) increase to even more KMS enclaves generated according to a client’s KMS request”, however, it is not clear (1) how to define the boundary of the claimed limitation, “even more”; (2) how the client’s KMS request is related to the security system (e.g., omitting necessary step(s)/component(s) which cause the claimed limitations unclear).
Claims 6 and 13 recite “… the root key is a public key, the HSM further generates, replaces, and manages a private key paired with the public key”, however, it is not clear whether the claimed functions (e.g., generating, replacing and managing) are performed to a single private key or not – see also claim 1 for the root key as a public key.
Claims 7 and 14 recite “… the one … KMS enclave(s) are configured to encrypt data by using the public key and the HSM …”, however, it is not clear whether the one KMS enclave is performing all the claimed functions (e.g., attestation, receiving, establishing and encrypting) or not.

Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention.

Claims 1-14 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Raj et al. (US 2015/0256332 A1).

As per claim 1, Raj teaches a security system [see fig. 4 and abstract], comprising:
a hardware security module (HSM) configured to generate, replace or remove a root key, wherein the HSM being physically independent [figs. 2, 4; par. 0030, lines 1-18; par. 0033, lines 1-13 of Raj teaches a hardware security module (HSM) configured to generate, replace or remove a root key (e.g., provisioning and/or rekeying the shared secret or the shared primary seed), wherein the HSM being physically independent (e.g., the secure hardware or TPM)];
a bootstrapping enclave configured to receive the root key from the HSM [figs. 2, 4; par. 0059, lines 1-9 of Raj teaches a bootstrapping enclave configured to receive the root key from the HSM]; and
one or more key management service (KMS) enclaves configured to perform an attestation procedure with the bootstrapping enclave, to receive the root key from the bootstrapping enclave, and to establish a secure channel with the HSM by using the root key [figs. 2-4; par. 0036, lines 1-13; par. 0039, lines 1-14; par. 0059, lines 1-9 of Raj teaches one or more key management service(KMS) enclaves (e.g., the components of the cTPM) configured to perform an attestation procedure with the bootstrapping enclave (e.g., performing bootstrap processes for the shared key among the server 
 
As per claim 2, Raj teaches the security system of claim 1. 
Raj further teaches wherein the bootstrapping enclave is configured to transmit the root key only to an attested KMS enclave among the one or more KMS enclaves [figs. 2-4; par. 0036, lines 1-13; par. 0059, lines 1-9 of Raj teaches the bootstrapping enclave is configured to transmit the root key (the shared key/secret or the shared primary seed) only to an attested KMS enclave (e.g., the cryptographic engine 103 or the component of the cTPM which receive the root key) among the one or more KMS enclaves (e.g., the components of the cTPM)].

As per claim 3, Raj teaches the security system of claim 2. 
Raj further teaches wherein the attested KMS enclave establishes a secure channel upon performing an attestation procedure with a client and performs a cryptographic operation according to a client's request received through the secure channel [figs. 2-4, 10; par. 0025, lines 1-9; par. 0036, lines 1-13; par. 0037, lines 1-7; par. 0039, lines 1-14; par. 0059, lines 1-9 of Raj teaches the attested KMS enclave establishes a secure channel (e.g., the secure communication with outside of the cTPM or the secure hardware 108) upon performing an attestation procedure with a client (e.g., the computing device) and performs a cryptographic operation (e.g., the 

As per claim 4, Raj teaches the security system of claim 1. 
Raj further teaches wherein the HSM is configured to transmit the root key offline to the bootstrapping enclave [figs. 2, 4; par. 0030, lines 1-24; par. 0059, lines 1-9 of Raj teaches the HSM is configured to transmit the root key (the shared key/secret or the shared primary seed) offline to the bootstrapping enclave (e.g., performing bootstrap processes for the shared key among the server computing system and computing devices with cTPM)].

As per claim 5, Raj teaches the security system of claim 1. 
Raj further teaches wherein the one or more KMS enclaves increase to even more KMS enclaves generated according to a client's KMS request [figs. 2-4; par. 0037, lines 1-7; par. 0045, lines 1-10; par. 0047, lines 1-20 of Raj teaches the one or more KMS enclaves increase to even more KMS enclaves (e.g., the components of the cTPM) generated according to a client's KMS request (e.g., according to the request or command received)].

As per claim 6, Raj teaches the security system of claim 1. 
Raj further teaches wherein when the root key is a public key, the HSM further generates, replaces, and manages a private key paired with the public key 

As per claim 7, Raj teaches the security system of claim 6. 
Raj further teaches wherein the one or more KMS enclaves are configured to encrypt data by using the public key, and the HSM is configured to decrypt encrypted data by using the private key [par. 0036, lines 1-13; par. 0040, lines 1-7; par. 0047, lines 1-20; par. 0099, lines 1-12 of Raj teaches the one or more KMS enclaves are configured to encrypt data by using the public key, and the HSM is configured to decrypt encrypted data by using the private key (e.g., the TPM encrypting or decrypting one of the asymmetric key-pair)].

Claims 8-14 are method claims that correspond to the system claims 1-7, and are analyzed and rejected accordingly. 

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MAUNG T LWIN whose telephone number is (571)270-7845.  The examiner can normally be reached on Monday - Friday 10:00 am - 6:00 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an 
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached on 571-272-3739.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/MAUNG T LWIN/Primary Examiner, Art Unit 2495