DETAILED ACTION
I.	Claims 1-25 have been examined.
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
Information Disclosure Statement
The information disclosure statements (IDS) submitted on 06/05/2019, 06/10/2019, 07/08/2020, 06/10/2021, and 09/23/2021 have been considered by the examiner.
Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claims 1-25 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by United States Patent Application Publication No. US 20190042463 A1 to Shanbhogue et al. hereinafter Shanbhogue.
Regarding claim 1, Shanbhogue teaches a method comprising: 
receiving, by a secure interface control of a computing system (Figure 16, paragraphs 145-147), a request by a requestor to access a page in a memory of the computing system (paragraphs 144 and 145, “DMA request”); 
responsive to determining that the requestor is a non-secure requestor (paragraphs 150 and 151) and responsive to a secure-storage bit being set (Figure 8, paragraph 32, “Secure Extended Page Table (SEPT)”, and paragraphs 35, 36, 83, 84, 87, and 159), 
prohibiting access to the page without performing an authorization check (paragraph 159); 
and responsive to determining that the requestor is a secure requestor (paragraphs 157 and 159), 
performing the authorization check (paragraphs 157 and 159). 
Regarding claim 2, Shanbhogue teaches wherein the authorization check comprises a check to verify that the page belongs to a secure domain that is trying to access the page (paragraphs 32, 35, 40, 79, 134, 137, and 138). 
Regarding claim 3, Shanbhogue teaches wherein the authorization check comprises a check to verify that a mapping by a non-secure entity of the page while the page is resident in memory (paragraphs 3, 31, 36, 37, 48, 49, 74, 81, 90, 94, and 108). 
Regarding claim 4, Shanbhogue teaches responsive to a request from an untrusted entity, marking the page as a secure page (paragraphs 209, 319 and 320). 
Regarding claim 5, Shanbhogue teaches responsive to marking the page as the secure page, preventing access to the secure page by any untrusted entity (paragraphs 3, 106 and 155). 
Regarding claim 6, Shanbhogue teaches prior to marking the page as the secure page and responsive to the request from the untrusted entity, issuing, by the untrusted entity, an import command in preparation for paging-in of the page (paragraphs 35, 39, 61, 82, 145, 150, and 159). 
Regarding claim 7, Shanbhogue teaches responsive to a request from an untrusted entity, registering the page as belonging to an associated secure entity and registering an associated host-virtual address (paragraphs 48, 49, 79, 137, 144, 320, 330, and 340). 
Regarding claim 8, Shanbhogue teaches responsive to registering the page with the associated secure entity and the associated host-virtual address, preventing access to the secure page by another secure entity or if the host virtual address has changed (paragraphs 3, 106 and 155). 
Regarding claim 9, Shanbhogue teaches wherein the secure interface control comprises firmware, hardware, or a combination of firmware and hardware; the untrusted entity comprises a hypervisor; and the secure requestor comprises a virtual machine that is a secure guest hosted by the hypervisor in a secure domain (paragraphs 2, 37, and 43). 
Regarding claim 10, Shanbhogue teaches responsive to the authorization check determining that the secure requestor is authorized, granting the secure requestor access to the page (paragraphs 32, 39, 50, 63, 74, 84, and 89). 
Regarding claim 11, Shanbhogue discloses a system comprising: 
a memory comprising computer readable instructions (Figures 4 and 16, and paragraph 350); 

receiving, by a secure interface control of a computing system (Figure 16, paragraphs 145-147), 
a request by a requestor to access a page in a memory of the computing system (paragraphs 144 and 145, “DMA request”); 
responsive to determining that the requestor is a non-secure requestor (paragraphs 150 and 151) and responsive to a secure-storage bit being set (Figure 8, paragraph 32, “Secure Extended Page Table (SEPT)”, and paragraphs 35, 36, 83, 84, 87, and 159), 
prohibiting access to the page without performing an authorization check (paragraph 159); 
and responsive to determining that the requestor is a secure requestor (paragraphs 157 and 159), 
performing the authorization check (paragraphs 157 and 159). 
Regarding claim 12, Shanbhogue discloses wherein the authorization check comprises a check to verify that the page belongs to a secure domain that is trying to access the page (paragraphs 32, 35, 40, 79, 134, 137, and 138). 
Regarding claim 13, Shanbhogue discloses wherein the authorization check comprises a check to verify that a mapping by a non-secure entity of the page while the page is resident in memory (paragraphs 3, 31, 36, 37, 48, 49, 74, 81, 90, 94, and 108). 
Regarding claim 14, Shanbhogue discloses wherein the method further comprises: responsive to a request from an untrusted entity, marking the page as a secure page (paragraphs 209, 319 and 320). 
Regarding claim 15, Shanbhogue discloses wherein the method further comprises: responsive to marking the page as the secure page, preventing access to the secure page by any untrusted entity (paragraphs 3, 106 and 155). 
Regarding claim 16, Shanbhogue discloses wherein the method further comprises: prior to marking the page as the secure page and responsive to the request from the untrusted entity, issuing, by the untrusted entity, an import command in preparation for paging-in of the page (paragraphs 35, 39, 61, 82, 145, 150, and 159). 
Regarding claim 17, Shanbhogue discloses a computer program product comprising: 
a computer readable storage medium having program instructions embodied therewith, the program instructions executable by a processing device to cause the processing device to perform a method comprising: 
receiving, by a secure interface control of a computing system (Figure 16, paragraphs 145-147), 
a request by a requestor to access a page in a memory of the computing system (paragraphs 144 and 145, “DMA request”); 
responsive to determining that the requestor is a non-secure requestor (paragraphs 150 and 151) and responsive to a secure-storage bit being set (Figure 8, paragraph 32, “Secure Extended Page Table (SEPT)”, and paragraphs 35, 36, 83, 84, 87, and 159), 
prohibiting access to the page without performing an authorization check (paragraph 159); 
and responsive to determining that the requestor is a secure requestor, performing the authorization check (paragraphs 157 and 159). 
Regarding claim 18, Shanbhogue discloses wherein the authorization check comprises a check to verify that the page belongs to a secure domain that is trying to access the page (paragraphs 32, 35, 40, 79, 134, 137, and 138). 
Regarding claim 19, Shanbhogue discloses wherein the authorization check comprises a check to verify that a mapping by a non-secure entity of the page while the page is resident in memory (paragraphs 3, 31, 36, 37, 48, 49, 74, 81, 90, 94, and 108). 
Regarding claim 20, Shanbhogue discloses wherein the method further comprises: responsive to a request from an untrusted entity, marking the page as a secure page (paragraphs 209, 319 and 320); 
responsive to marking the page as the secure page, preventing access to the secure page by any untrusted entity (paragraphs 3, 106 and 155); 
and prior to marking the page as the secure page and responsive to the request from the untrusted entity, issuing, by the untrusted entity, an import command in preparation for paging-in of the page (paragraphs 35, 39, 61, 82, 145, 150, and 159). 
Regarding claim 21, Shanbhogue discloses wherein the method further comprises: responsive to the authorization check determining that the secure requestor is authorized, granting the secure requestor access to the page (paragraphs 32, 39, 50, 63, 74, 84, and 89). 
Regarding claim 22, Shanbhogue teaches a computer-implemented method comprising: 
receiving, by a secure interface control of a computing system (Figure 16, paragraphs 145-147), 

responsive to determining that the requestor is a non-secure requestor (paragraphs 150 and 151) and responsive to a secure-storage bit being set (Figure 8, paragraph 32, “Secure Extended Page Table (SEPT)”, and paragraphs 35, 36, 83, 84, 87, and 159), 
prohibiting access to the page without performing an authorization check (paragraph 159); 
and responsive to determining that the requestor is a secure requestor, performing the authorization check (paragraphs 157 and 159), 
wherein the authorization check comprises a check to verify that the page belongs to a secure domain that is trying to access the page (paragraphs 32, 35, 40, 79, 134, 137, and 138), 
and a check to verify that a non-secure entity has not changed a host mapping of the page while the page is resident in the memory (paragraphs 3, 31, 36, 37, 48, 49, 74, 81, 90, 94, and 108). 
Regarding claim 23, Shanbhogue teaches wherein the secure interface control comprises firmware, hardware, or a combination of firmware and hardware (paragraphs 38, 63, 64, 86, and 313); 
and the secure requestor comprises a virtual machine that is a secure guest hosted by a hypervisor in a secure domain (paragraphs 2, 37, and 43). 
Regarding claim 24, discloses a computer program product comprising: 

receiving, by a secure interface control of a computing system (Figure 16, paragraphs 145-147), 
a request by a requestor to access a page in a memory of the computing system (paragraphs 144 and 145, “DMA request”); 
responsive to determining that the requestor is a non-secure requestor (paragraphs 150 and 151) and responsive to a secure-storage bit being set (Figure 8, paragraph 32, “Secure Extended Page Table (SEPT)”, and paragraphs 35, 36, 83, 84, 87, and 159), 
prohibiting access to the page without performing an authorization check (paragraph 159); 
and responsive to determining that the requestor is a secure requestor, performing the authorization check (paragraphs 157 and 159), 
wherein the authorization check comprises a check to verify that the page belongs to a secure domain that is trying to access the page (paragraphs 32, 35, 40, 79, 134, 137, and 138), 
and a check to verify that a non-secure entity has not changed a host mapping of the page while the page is resident in the memory (paragraphs 3, 31, 36, 37, 48, 49, 74, 81, 90, 94, and 108).                      [The claimed “computer readable storage medium” is defined within paragraph 116 of the Applicant’s Specification “as used herein, is not to be construed as 
Regarding claim 25, Shanbhogue discloses wherein the secure interface control comprises firmware, hardware, or a combination of firmware and hardware (paragraphs 38, 63, 64, 86, and 313); 
and the secure requestor comprises a virtual machine that is a secure guest hosted by a hypervisor in the secure domain (paragraphs 2, 37, and 43).
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. The references cited on form PTO-892 are cited to further show the state of the art with respect to secure storage of a computing system.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JEREMIAH L AVERY whose telephone number is (571)272-8627. The examiner can normally be reached M-F 8:30am -5:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn Feild can be reached on 571-272-2092. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is 



/JEREMIAH L AVERY/Primary Examiner, Art Unit 2431