DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
1.  This is in response to the communications filed on 23 February 2022.
2.  Claims 1-20 are pending in the application.
3.  Claims 1-14, 19 and 20 have been rejected.
4.  Claims 15-18 have been objected to.
5.  Claims 21-60 have been cancelled in a preliminary amendment.
Information Disclosure Statement
6.  The examiner has considered the information disclosure statement (IDS) filed on 09 October 2020, 27 January 2021, 28 September 2021, 06 January 2022 and 23 February 2022.
Specification
7.  The abstract of the disclosure does not commence on a separate sheet in accordance with 37 CFR 1.52(b)(4) and 1.72(b). A new abstract of the disclosure is required and must be presented on a separate sheet, apart from any other text.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
8.  Claims 1, 2, 4, 5, 7 and 9 is/are rejected under 35 U.S.C. 103 as being unpatentable over Takehara US 2018/0059917 A1 in view of Willhite et al US 2015/0200949 A1 (hereinafter Willhite).
As to claim 1, Takehara discloses a method of authentication for an enclave entity with a second entity, the method comprising: 
receiving, by one or more processors of a host computing device, a request and an assertion of identity for the second entity (i.e. authentication included in the request) [0061], the assertion including identity information for the second identity (i.e. user ID) [0061]; 
using, by the one or more processors, an assertion verifier entity to determine whether the assertion is valid (i.e. verify the token) [0061]; 
when the assertion is valid, extracting, by the one or more processors, the identity information (i.e. extract the user ID) [0066]. 
Takehara does not teach the enclave. Takehara does not teach authenticating the second entity using, by the one or more processors, an access control list for the enclave entity to determine whether the identity information meets expectations of the access control list.  Takehara does not teach when the identity information meets the expectations of the access control list, completing, by the one or more processors, the request.  
Willhite teaches an enclave [0027].  Willhite teaches the second entity using, by the one or more processors, an access control list for the enclave entity to determine whether the identity information meets expectations of the access control list (i.e. ACL for an enclave) [0027].  Willhite teaches when the identity information meets the expectations of the access control list, completing, by the one or more processors, the request (i.e. packet is admitted or refused) [0024].  
Therefore, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains to have modified the Takehara-Willhite combination so that the second entity using, by the one or more processors, an access control list for the enclave entity to determine whether the identity information met expectations of the access control list.  When the identity information met the expectations of the access control list, completing, by the one or more processors, the request.  
It would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains to have modified the Takehara-Willhite combination by the teaching of Willhite because it helps filter incoming network traffic [0004].
As to claim 2, Takehara teaches the method of claim 1, wherein the second entity is a non-enclave entity (i.e. none of the devices are enclave entities) [0028].  
As to claim 4, Takehara teaches the method of claim 1, wherein when the assertion is not valid, denying the request (i.e. no match) [0057].  
As to claim 5, Willhite teaches the method of claim 1, wherein when the identity information does not meet the expectations of the access control list, denying the request (i.e. refused admission) [0024]. 
As to claim 7, Takehara teaches the method of claim 1, wherein the assertion verifier includes instructions for verifying assertions and extracting identities out of verified assertions (i.e. extract the user ID) [0066].  
As to claim 9, Willhite teaches the method of claim 1, further comprising, using an identity access control list evaluator to determine whether the identity information meets expectations of the access control list, wherein the identity access control list evaluator includes instructions for operating on a set of identities possessed by an entity and evaluating that set of identities against an access-control policy (i.e. compare characteristics to master ACL) [0021].  
9.  Claim 3 is/are rejected under 35 U.S.C. 103 as being unpatentable over Takehara US 2018/0059917 A1 and Willhite et al US 2015/0200949 A1 (hereinafter Willhite) as applied to claim 1 above, and further in view of Narendra Trivedi et al US 2017/0185766 A1 (hereinafter Narendra Trivedi).
As to claim 3, the Takehara-Willhite combination does not teach the method of claim 1, wherein the second entity is a second enclave entity.  
Narendra Trivedi teaches that the second entity is a second enclave entity (i.e. second enclave device) [0024].
Therefore, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains to have modified the Takehara-Willhite combination so that the second entity would have been a second enclave entity.
It would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains to have modified the Takehara-Willhite combination by the teaching of Narendra Trivedi because it helps preserve security of the enclave [0002].
10.  Claim 6 is/are rejected under 35 U.S.C. 103 as being unpatentable over Takehara US 2018/0059917 A1 and Willhite et al US 2015/0200949 A1 (hereinafter Willhite) as applied to claim 1 above, and further in view of Hofmann et al US 2008/0091948 A1 (hereinafter Hofmann).
As to claim 6, the Takehara-Willhite combination does not teach using an assertion generator of the enclave entity to generate a second assertion including identity information for the enclave entity.  The Takehara-Willhite combination does not teach sending the second assertion to the second entity for verification.  
Hofmann teaches using an assertion generator of the enclave entity to generate a second assertion including identity information for the enclave entity (i.e. creating second assertion) [0039].  Hofmann teaches sending the second assertion to the second entity for verification [0049].  
Therefore, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains to have modified the Takehara-Willhite combination so that an assertion generator of the enclave entity would have been used to generate a second assertion including identity information for the enclave entity.  The second assertion would have been sent to the second entity for verification.  
It would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains to have modified the Takehara-Willhite combination by the teaching of Hofmann because it efficiently enables login of a sender computing system user at a receiver computing system in a mediated communication scenario [0006].
11.  Claims 8 and 10 is/are rejected under 35 U.S.C. 103 as being unpatentable over Takehara US 2018/0059917 A1 and Willhite et al US 2015/0200949 A1 (hereinafter Willhite) as applied to claims 1 and 9 above, and further in view of Osborn U.S. Patent No. 9,615,253 B1.
As to claim 8, the Takehara-Willhite combination does not teach the method of claim 1, wherein the assertion verifier provides a Boolean response that indicates whether the assertion is valid.  
Osborn teaches that the assertion verifier provides a Boolean response that indicates whether the assertion is valid (i.e. successful authentication includes a Boolean value) [column 18 line 56 to column 19 line 7].  
Therefore, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains to have modified the Takehara-Willhite combination so that the assertion verifier provides a Boolean response that indicates whether the assertion is valid.  
It would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains to have modified the Takehara-Willhite combination by the teaching of Osborn because it helps reduce load and effectively increase the capacity [column 3, lines 29-55].
As to claim 10, the Takehara-Willhite combination does not teach the method of claim 9, wherein the identity access control list evaluator provides a Boolean response that indicates whether the identity information meets the expectations of the access control list match.  
Osborn teaches that the identity access control list evaluator provides a Boolean response that indicates whether the identity information meets the expectations of the access control list match.
Therefore, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains to have modified the Takehara-Willhite combination so that the identity access control list evaluator would have provided a Boolean response that indicated whether the identity information met the expectations of the access control list match.  
It would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains to have modified the Takehara-Willhite combination by the teaching of Osborn because it helps reduce load and effectively increase the capacity [column 3, lines 29-55].
12.  Claim 11 is/are rejected under 35 U.S.C. 103 as being unpatentable over Takehara US 2018/0059917 A1, Willhite et al US 2015/0200949 A1 (hereinafter Willhite) and Osborn U.S. Patent No. 9,615,253 B1 as applied to claim 10 above, and further in view of Ferraiolo et al US 2019/0258811 A1 (hereinafter Ferraiolo).
As to claim 11, the Takehara-Willhite-Osborn combination does not teach the method of claim 10, wherein the access control list includes expressions of enclave identity expectations, and the identity expectations are used to determine whether the identity information meets expectations of the access control list.  
Ferraiolo teaches that the access control list includes expressions of enclave identity expectations, and the identity expectations are used to determine whether the identity information meets expectations of the access control list (i.e. ACL mechanisms includes expression) [0107].
Therefore, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains to have modified the Takehara-Willhite-Osborn combination so that the access control list would have included expressions of enclave identity expectations, and the identity expectations would have been used to determine whether the identity information met expectations of the access control list.
It would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains to have modified the Takehara-Willhite-Osborn combination by the teaching of Ferraiolo because it helps manage and enforce an attributed based access control policy [0003].
13.  Claim 12 is/are rejected under 35 U.S.C. 103 as being unpatentable over Takehara US 2018/0059917 A1, Willhite et al US 2015/0200949 A1 (hereinafter Willhite) and Osborn U.S. Patent No. 9,615,253 B1 as applied to claim 10 above, and further in view of Bhuiyan et al US 2017/0264643 A1 (hereinafter Bhuiyan).
As to claim 12, the Takehara-Willhite-Osborn combination does not teach the method of claim 10, where the enclave identity expectations are configured as predicates that include two or more identity expectations via one or more logical operations.  
Bhuiyan teaches that the enclave identity expectations are configured as predicates that include two or more identity expectations via one or more logical operations (i.e. using Boolean true or false) [0061].
Therefore, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains to have modified the Takehara-Willhite-Osborn combination so that the enclave identity expectations would have been configured as predicates that include two or more identity expectations via one or more logical operations.
It would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains to have modified the Takehara-Willhite-Osborn combination by the teaching of Bhuiyan because it provides the use of reader-friendly policy statements [0002].
14.  Claim 13 is/are rejected under 35 U.S.C. 103 as being unpatentable over Takehara US 2018/0059917 A1, Willhite et al US 2015/0200949 A1 (hereinafter Willhite) and Osborn U.S. Patent No. 9,615,253 B1 as applied to claim 10 above, and further in view of Hyde et al U.S. Patent No. 9,779,352 B1 (hereinafter Hyde).
As to claim 13, the Takehara-Willhite-Osborn combination does not teach the method of claim 10, wherein each identity expectation includes a reference identity and a match specification, and wherein at least one reference identity and at least one match specification are used to determine whether the identity information meets expectations of the access control list.  
Hyde teaches that each identity expectation includes a reference identity (i.e. comparing identity sense signals to reference data) and a match specification (i.e. a threshold), and wherein at least one reference identity and at least one match specification are used to determine whether the identity information meets expectations (i.e. based on the threshold) of the access control list [column 25 line 21 to column 26 line 3].
Therefore, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains to have modified the Takehara-Willhite-Osborn combination so that each identity expectation would have included a reference identity and a match specification, and wherein at least one reference identity and at least one match specification would have been used to determine whether the identity information met expectations of the access control list.
It would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains to have modified the Takehara-Willhite-Osborn combination by the teaching of Hyde because it provides a threshold for comparing authentication data [column 25, lines 21-67].
15.  Claim 14 is/are rejected under 35 U.S.C. 103 as being unpatentable over Takehara US 2018/0059917 A1 and Willhite et al US 2015/0200949 A1 (hereinafter Willhite) as applied to claim 1 above, and further in view of Brenner et al U.S. Patent No. 8,155,036 B1 (hereinafter Brenner).
As to claim 14, the Takehara-Willhite combination does not teach the method of claim 1, wherein the enclave entity includes an enclave server including instructions configured to receive and complete the request and wherein the enclave server is used to complete the request.  
Brenner teaches that the enclave entity includes an enclave server including instructions configured to receive and complete the request and wherein the enclave server is used to complete the request (i.e. enclave server that handles requests) [column 3, lines 37-51].
Therefore, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains to have modified the Takehara-Willhite combination so that the enclave entity would have included an enclave server including instructions configured to receive and complete the request and wherein the enclave server would have been used to complete the request.
It would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains to have modified the Takehara-Willhite combination by the teaching of Brenner because it provides a portable multi-level security communications system that provides a communications backbone for IP based data at multiple levels of security [column 1, lines 30-40].
16.  Claim 19 is/are rejected under 35 U.S.C. 103 as being unpatentable over Takehara US 2018/0059917 A1 and Willhite et al US 2015/0200949 A1 (hereinafter Willhite) as applied to claim 1 above, and further in view of Sood et al US 2018/0114013 A1 (hereinafter Sood).
As to claim 19, the Takehara-Willhite combination does not teach the method of claim 1, wherein the enclave entity and the second entity are located in local memory of the host computing device.  
Sood teaches that the enclave entity and the second entity are located in local memory of the host computing device (i.e. local memory of host) [0082, 0090].  
Therefore, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains to have modified the Takehara-Willhite combination so that the enclave entity and the second entity would have been located in local memory of the host computing device.  
It would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains to have modified the Takehara-Willhite combination by the teaching of Sood because it helps facilitate network virtualization, enabling service providers to manage various aspects of their network services [0004].
17.  Claim 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Takehara US 2018/0059917 A1 and Willhite et al US 2015/0200949 A1 (hereinafter Willhite) as applied to claim 1 above, and further in view of Dewangan et al US 2015/0131919 A1 (hereinafter Dewangan).
As to claim 20, the Takehara-Willhite combination does not teach the method of claim 1, wherein the second entity is located in local memory of a second host computing device, the second host computing device being different from the host computing device.
Dewangan teaches that the second entity is located in local memory of a second host computing device, the second host computing device being different from the host computing device (i.e. local memory of a host device) [0032].
Therefore, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains to have modified the Takehara-Willhite combination so that the second entity would have been located in local memory of a second host computing device, the second host computing device would have been different from the host computing device.
It would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains to have modified the Takehara-Willhite combination by the teaching of Dewangan because by having the local memory it provides for a single hardware solution capable of decompressing texture compressed with different algorithms [0006].
Allowable Subject Matter
18.  Claims 15-18 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
As to claim 15, the prior art does not disclose, teach or fairly suggest the method of claim 1, wherein the identity information includes an identity description that classifies the identity of the assertion an identity type supported by the enclave entity and identifies an authority responsible for handling identities of that identity type.  
Any claims not directly addressed are objected to on the virtue of their dependency.
Relevant Prior Art
19.  The following references have been considered relevant by the examiner:
A.  Bowman et al US 2019/0058577 A1 directed to techniques for securely provisioning a set of enclaves [abstract].
B.  Kakumani et al US 2019/0149531 A1 directed to methods for composable user journeys for user authentication via an identity experience framework [abstract].
C.  Mortensen et al US 2019/0310862 A1 directed to locally attesting an operational condition of a computer system during powering on the computer system [abstract].
Conclusion
20.	Any inquiry concerning this communication or earlier communications from the examiner should be directed to ARAVIND K MOORTHY whose telephone number is (571)272-3793. The examiner can normally be reached M-F 5:00-3:30.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Saleh Najjar can be reached on 571-272-4006. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/ARAVIND K MOORTHY/            Primary Examiner, Art Unit 2492