DETAILED ACTION
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
This Office Action is in response to the amendment filed on 4/28/2022.
Claims 3, 8, 13 and 15 have been canceled.
Claims 2 and 12 have been amended.
Claims 1-2, 4-7, 9-12,14 and 16-24 are pending for consideration.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Arguments
In view of amendments to claims 2, 4-7, 9-12,14 and 16-24, the 112(b) rejection of claims 2, 4-7, 9-12,14 and 16-24 has been withdrawn.  

Reasons for Allowance
Claims 1-2, 4-7, 9-12,14 and 16-24 are allowed.
The following is an examiner’s statement of reasons for allowance: 

The present invention is directed to a system/method for abstracting an enclave platform.
The closest prior art of record, Martin (US 20150347768) teaches “initializing first and second secure enclaves each comprising a trusted software execution environment that prevents software executing outside the first and second secure enclaves from having access to software and data inside the first and second secure enclaves” (see Abstract).  In addition, Chhabra (US 20170083724) teaches “processors can provide protected regions for selected applications to run. Access to the protected regions from any software that does not reside in the protected regions is prevented. The protected regions provide relatively high security for the software in the protected regions” (see paragraph 0028). 
However, the closest prior art of record fails to anticipate or render obvious the recited steps of 
“sending a vault attestation report of a key vault enclave to a vault client, wherein the vault client is an enclave, and the vault client and key vault enclave are hosted on separate native enclave platforms; receiving, at the key vault enclave, a client attestation report of the vault client; receiving, at the key vault enclave, an indication of a key use policy, wherein the key use policy specifies that one or more keys should never leave the key vault and should never be provided to any vault client; generating a key by the key vault enclave, wherein the key is included among the one or more keys; securely storing the key at the key vault enclave according to the key use policy; receiving, at the key vault enclave, an encrypted data buffer from the vault client in response to the vault attestation report of the key vault enclave being sent to the vault client; decrypting the encrypted data buffer with the key by the key vault enclave; and sending the decrypted data buffer to the vault client by the key vault enclave via a secure communications channel in response to the client attestation report of the vault client being received at the key vault enclave”, as in independent claim 1;  
“receiving, at a key vault enclave, a client attestation report of a vault client, wherein the vault client is an enclave, and wherein the vault client and key vault enclave are hosted on different native enclave platforms; verifying integrity of the client attestation report by verifying a signature of the client attestation report with a public key associated with the native enclave platform of the vault client and not associated with the native enclave platform of the key vault enclave; securely storing a key for an encryption system within the key vault enclave according to a key use policy; sending a vault attestation report of the key vault enclave to the vault client; and performing an operation in the key vault enclave with the key in response to trust in the key vault enclave being established as a result of sending the vault attestation report, said performing the operation comprises: receiving an identifier that identifies a key derivation function from the vault client; and in response to trust in the vault client being established as a result of verifying the integrity of the client attestation report, deriving a new encryption key based on the key using the key derivation function that is identified by the identifier received from the vault client.”, as in independent claim 2; and
“receiving, at a key vault enclave, a client attestation report of a vault client, wherein the vault client is an enclave, and wherein the vault client and key vault enclave are hosted on different native enclave platforms; verifying integrity of the client attestation report by verifying a signature of the client attestation report with a public key associated with the native enclave platform of the vault client and not associated with the native enclave platform of the key vault enclave; securely storing a key for an encryption system within the key vault enclave according to a key use policy in response to receipt of an indication of the key use policy from the vault client, the indication of the key use policy is a data structure specifying the key use policy or an identifier that is usable with a registry of key use policies, the key use policy specifies that the key is not to leave the key vault enclave and is not to be provided to vault clients; sending a vault attestation report of the key vault enclave to the vault client; and performing an operation in the key vault enclave with the key in response to trust in the key vault enclave being established as a result of the vault attestation report being sent to the vault client and further in response to trust in the vault client being established as a result of verifying the integrity of the client attestation report.”, as in independent 12.
These above features, together with the other limitations of the independent claims are novel and non-obvious over the prior art of record.  The dependent claims 4-7, 9-11,14 and 16-24 being definite, enabled by the specification, and further limiting to the independent claims, are also allowable.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure is listed below,
Chakrabarti (US 20180183578) discloses a secure key manager enclave is provided on a host computing system to send an attestation quote to a secure key store system identifying attributes of the key manager enclave and signed by a hardware-based key of the host computing system to attest to trustworthiness of the secure key manager enclave (see Abstract).
Scarlata  (US 20180183580) discloses a secure migration enclave is provided to identify a launch of a particular virtual machine on a host computing system, where the particular virtual machine is launched to include a secure quoting enclave to perform an attestation of one or more aspects of the virtual machine (see Abstract).
MCKEEN (US 20130159726) discloses a technique to enable secure application and data integrity within a computer system. In one embodiment, one or more secure enclaves are established in which an application and data may be stored and executed (see Abstract).
Any inquiry concerning this communication or earlier communications from the examiner should be directed to TRANG T DOAN whose telephone number is (571)272-0740.  The examiner can normally be reached on Monday-Friday 7-4 ET.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn D Feild can be reached on (571)272-2092.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/TRANG T DOAN/Primary Examiner, Art Unit 2431