DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Status of Claims
Claims 1-20 are pending.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on April 27, 2021 is/are in compliance with the provisional of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.


Claims 16-20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter.  The claim(s) does/do not fall within at least one of the four categories of patent eligible subject matter because the claims recite “One or more computer-readable media with code store therein, …”
The United States Patent and Trademark Office (USPTO) is obliged to give claims their broadest reasonable interpretation consistent with the specification during proceedings before the USPTO. See In re ZIetz, 893 F.2d 319 (Fed. Cir. 1989) (during patent examination the pending claims must be 
Applicant’s specification recites at paragraph [0149] “One or more aspects of at least one embodiment may be implemented by representative instructions stored on a machine readable medium which represents various logic within the processor, which when read by a machine causes the machine to fabricate logic to perform the one or more of the techniques described herein. Such representations, known as "IP cores" may be stored on a tangible, machine readable medium and supplied to various customers or manufacturing facilities to load into the fabrication machines that actually make the logic or processor”, paragraph [0151] “Accordingly, embodiments of the present disclosure also include non-transitory, tangible machine readable media containing instructions or containing design data, such as Hardware Description Language (HDL), which defines structures, circuits, apparatuses, processors and/or system features described herein. Such embodiments may also be referred to as program products”
Although the specification does mention “non-transitory, tangible machine readable media”, it does not define “computer-readable media” to be non-transitory nor does it exclude it from being transitory.
When the broadest reasonable interpretation of a claim covers transmission media or signal per se, the claim must be rejected under 35 US.C. § 101 as covering non-statutory subject matter. See In re Nuijten, 500 F.3d 1346, 1356-57 (Fed. Cir. 2007) (transitory embodiments are not directed to statutory subject matter) and Interim Examination Instructions for Evaluating Subject Matter Eligibility Under 35 Us. C. § 101, Aug. 24, 2009; p. 2.
The USPTO recognizes that applicants may have claims directed to computer readable media that cover signals per se, which the USPTO must reject under 35 U.S.C. § 101 as covering both non-statutory subject matter and statutory subject matter. In an effort to assist the patent community in overcoming a rejection or potential rejection under 35 US.C. § 101 in this situation, the USPTO suggests the following approach. A claim drawn to such a computer readable medium that covers both transitory and non-transitory embodiments may be amended to narrow the claim to cover only statutory embodiments to avoid a rejection under 35 USC. § 101 by adding the limitation "non-transitory" to the claim. Cf Animals - Patentability, 1077 Off. Gaz. Pat. Office 24 (April 21, 1987) (suggesting that applicants add the limitation "non-human" to a claim covering a multicellular organism to avoid a rejection under 35 US.C. § 101). Such an amendment would typically not raise the issue of new matter, even when the specification is silent because the broadest reasonable interpretation relies on the ordinary and customary meaning that includes signals per se. The limited situations in which such an amendment could raise issues of new matter occur, for example, when the specification does not support a non-transitory embodiment because a signal per se is the only viable embodiment such that the amended claim is impermissibly broadened beyond the supporting disclosure. See, e.g., Gentry Gallery, Inc. v. Berkline Corp., 134F.3d 1473 (Fed. Cir. 1998)

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Durham et al. (US 2016/0092702) (hereinafter Durham1) (published March 31, 2016) in view of Durham et al. (US 2019/0042799) (hereinafter Durham2) (published February 7, 2019).
Regarding Claims 1, 11, and 16, taking claim 1 as exemplary, Durham1 discloses a processor unit, comprising: a first memory element to store an encoded pointer to a memory location,
““indirect address” may refer to, among other things, an address of a memory location at which other data or instructions are stored, e.g., a register acting as a pointer. As such, the indirect address 114 may be embodied as, for example, a data pointer (which refers to a location of data), a code pointer (which refers to a location of executable code), an instruction pointer, or a stack pointer. Indirect addresses may be referred to by other terminology, such as “pointer,” “address pointer,” or “pointer address.”” (Durham1 [0019])

“The indirect address 114 and the secret key 116 are stored in registers 112” (Durham1 [0029])

“the instruction pointer may itself be represented as an encoded pointer (e.g., range-based)” (Durham1 [0051])

wherein the encoded pointer comprises first context information and a slice of a memory address of the memory location,
“The secure memory access logic 150 utilizes metadata about an indirect address 114, which is encoded into unused bits of the indirect address 114 (e.g., non-canonical bits of a 64-bit address, or a range of addresses set aside, e.g., by the operating system, such that the corresponding high order bits of the address range may be used to store the metadata), in order to secure and/or provide access control to memory locations pointed to by the indirect address 114” (Durham1 [0017])

“As used herein, “metadata” may refer to, among other things, information about or relating to an indirect address 114, such as a valid data range, a valid code range, pointer access permissions, etc.” (Durham1 [0019])

circuitry to: decode the encoded pointer to obtain the memory address of the memory location;
“the address decoding logic 162 decodes the previously-encoded indirect address 114. To do this, the decrypting logic 164 decrypts the encrypted portion of the indirect address 114 (and in some embodiments, the encrypted adjustment) using the secret key 116 and the tweak, as described further below” (Durham1 [0024])



use the memory address obtained by decoding the encoded pointer to access data at the memory location; and
“If the indirect address 114 decodes successfully, the memory access operation completes successfully” (Durham1 [0025])

But does not explicitly state wherein the first context information includes an identification of a data key; and encrypted data and decrypt the encrypted data based on the data key.
Durham2 discloses wherein the first context information includes an identification of a data key; and
“wherein the memory address pointer translates to a physical memory address pointer, wherein the physical memory address pointer includes an encryption tag that identifies an encryption key for encrypting the data referenced by the memory address pointer” (Durham2 [0123])

encrypted data and decrypt the encrypted data based on the data key.
“When reading memory, if the identification tag corresponds to the same encryption tweak (e.g. using XTS mode, XEX-based tweaked-codebook mode with ciphertext stealing) originally used to encrypt the data in memory, then the same identification tag will result in the corresponding tweak value used to properly decrypt the memory contents and/or verify its integrity using a MAC” (Durham2 [0039])

It would have been obvious before the effective filing date of the invention to one of ordinary skill in the art to combine the storing of the identification of a key in the pointer and decoding encrypted data using the identified key in Durham2 with Durham1 to yield the predictable results of having an extra layer of protection by further having the data being pointed to encrypted.
Claims 11 and 16 have similar limitations to claim 1 and is rejected for similar reasons.

Regarding Claims 2, 12, and 17, Durham1 further discloses wherein the encoded pointer has a length of at least 128 bits.


Regarding Claims 3, 13, and 18, Durham1 further discloses wherein the first context information is plaintext within the encoded pointer and the encoded pointer further comprises encrypted second context information.
“In some embodiments, the most significant bits of the used bits/canonical address identified in the valid range metadata are encrypted with a secret key (e.g., the secret key 116), using the valid range metadata (which may or may not include the adjustment value) as a tweak. In the illustrated embodiments, the valid range metadata (e.g., exponent/2's power) would not be encrypted because the processor uses the valid range metadata plaintext to determine the number of bits to decrypt” (Durham1 [0046])

Regarding Claims 4, 14, and 19, Durham1 further discloses wherein the encrypted second context information is encrypted in a block of the encoded pointer that further comprises an encrypted portion of the memory address.
“In block 422, the computing device 100 encrypts a portion of the indirect address, where the portion of the indirect address to be encrypted is determined by the valid range metadata (e.g., exponent/2's power) and the adjustment value. The valid range metadata determines the number of the most significant address bits of the encoded address that are to be encrypted (e.g., down to a minimum number so some address bits will always be encrypted)” (Durham1 [0046])

Regarding Claims 5, 15, and 20, Durham1 further discloses the circuitry to decrypt the encrypted data based further on a first tweak, the first tweak including one or more bits derived, at least in part, from the first context information and the second context information.
“Other data values that may be used as tweaks include: data stored in the unused bits of the indirect address, the upper limit on the buffer size, an exponent of a two's power boundary selected as the upper limit on the buffer size, an adjustment value applied to the two's power boundary, a code block identifier, instruction pointer data, permission information encoded in the metadata, and/or version number (useful when 

“In this way, code and data can be associated, and access controlled, such that an adversary coming from a different code block will not be able to access data of the protected block using the encrypted pointers, because the encrypted pointers will not decode properly if the wrong code block identifier is used as a tweak” (Durham1 [0051])

Regarding Claim 6, Durham2 further discloses wherein the first context information comprises a message authentication code calculated based on at least a portion of the memory address.
“An alternative to memory tagging is to authenticate pointer data using a cryptographic MAC embedded in the pointer” (Durham2 [0087])

Regarding Claim 7, Durham1 further discloses wherein the first context information comprises permission bits indicating a level of access authorized for the memory location.
“As described in more detail below, the address encoding logic 152 and the address decoding logic 162 each operate on an indirect address 114 using metadata (e.g., valid range and/or permission metadata) and a secret key 116, in order to secure the indirect address 114 at the memory allocation/access level” (Durham1 [0020])

Regarding Claim 8, Durham2 further discloses wherein the first context information comprises type bits indicating a class of the encrypted data in the memory location.
“wherein the one or more memory tags include an identification tag to identify a type, a function, a memory location, or a use for a data object” (Durham2 [0106])

Regarding Claim 9, Durham1 further discloses wherein the first context information comprises version bits representing a deterministically different value associated with the encoded pointer.
“Other data values that may be used as tweaks include: data stored in the unused bits of the indirect address, the upper limit on the buffer size, an exponent of a two's power boundary selected as the upper limit on the buffer size, an adjustment value applied to the two's power boundary, a code block identifier, instruction pointer data, permission information encoded in the metadata, and/or version number (useful when reassigning/revoking pointers that were previously assigned to a program, version may be maintained by the processor in a register)” (Durham1 [0046])

Regarding Claim 10, Durham2 further discloses wherein the first context information comprises a lookup tag to index to an entry of a table, wherein the entry comprises second context information.
“An encryption tag 214 may be appended to the identification tag 204 and the physical address 208 to identify one or more encryption keys through the key table 156 (shown in FIG. 1), according to an embodiment” (Durham2 [0033])


Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SIDNEY LI whose telephone number is (571)270-5967. The examiner can normally be reached Monday to Friday 10:00 AM to 6:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Charles Rones can be reached on (571) 272-4085. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/SIDNEY LI/Examiner, Art Unit 2136                                                                                                                                                                                                        

/EDWARD J DUDEK  JR/Primary Examiner, Art Unit 2136