Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .


DETAILED ACTION

Claim Status
Claims 1, 2, 4-7, 9-15, 17-23 have been considered and are pending examination. Claim(s) 1, 7, 15 have been amended. Claim(s) 3, 8, 16 have been cancelled. 


Response to Amendment
This Office Action has been issued in response to amendment filed on 02/09/2022.


NOTE
It is noted that any citations to specific, pages, columns, lines, or figures in the
prior art references and any interpretation of the reference should not be considered to
be limiting in any way. A reference is relevant for all it contains and may be relied upon
for all that it would have reasonably suggested to one having ordinary skill in the art. See MPEP 2123.


Claim Rejections - 35 USC § 112 
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claim(s) 7-20, 22, 23 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention.


Claim 7 recites the limitation " disabling write access for the address range associated with PD " (Line(s) 9 ). There is insufficient antecedent basis for this limitation in the claim. For the purposes of prior art rejection, Examiner is interpreting the phrase " disabling write access for the address range associated with PD " as " disabling write access for the address range of the memory mapped file ". Appropriate correction/clarification is required.

Claim 7 recites the limitation " enabling write access for the address range associated with PD " (Line(s) 13 ). There is insufficient antecedent basis for this limitation in the claim. For the purposes of prior art rejection, Examiner is interpreting the phrase " enabling write access for the address range associated with PD " as " enabling write access for the address range of the memory mapped file associated with PD ". Appropriate correction/clarification is required.

As per claim 7 , the limitation " in response to determining that a write to the address range of the memory mapped file is authorized" (in line(s) 12 ) renders the claim  indefinite since it's not clear to examiner if the “response to determining” is responding to a same or different “write” from the previously cited limitation in lines 10, 11 “a write to the address range of the memory mapped file at the file level or the page level”. For the purposes of prior art rejection, examiner is interpreting “ in response to determining that a write to the address range of the memory mapped file is authorized” as “ in response to determining that the write to the address range of the memory mapped file at the file level or the page level is authorized” . Appropriate correction/clarification is required. 

Claim 7 recites the limitation " the authorized write at the file level or the page level;" (Line(s) 14 ). There is insufficient antecedent basis for this limitation in the claim. For the purposes of prior art rejection, Examiner is interpreting the phrase " the authorized write at the file level or the page level;" as " the authorized write to the address range of the memory mapped file at the file level or the page level;". Appropriate correction/clarification is required.

Claim 7 recites the limitation " disabling the write access for the address range associated with PD in response to " (Line(s) 18 ). There is insufficient antecedent basis for this limitation in the claim. For the purposes of prior art rejection, Examiner is interpreting the phrase " disabling the write access for the address range associated with PD in response to " as " disabling the write access for the address range of the memory mapped file associated with PD in response to ". Appropriate correction/clarification is required.

Claim 15 recites the limitation " PD is configurable to control write access to the associated address range " (Line(s) 6 ). There is insufficient antecedent basis for this limitation in the claim. For the purposes of prior art rejection, Examiner is interpreting the phrase " PD is configurable to control write access to the associated address range " as " PD is configurable to control write access to the address range ". Appropriate correction/clarification is required.

Claim 15 recites the limitation " wherein the associated address range comprises" (Line(s) 7 ). There is insufficient antecedent basis for this limitation in the claim. For the purposes of prior art rejection, Examiner is interpreting the phrase " wherein the associated address range comprises " as " wherein the address range comprises ". Appropriate correction/clarification is required.

As per claim 15 , the limitation “the address range associated with the PD” in phrase " disabling write access for the address range associated with the PD; determining that a write to the address range associated with the PD is authorized;  in response to determining that a write to the address range associated with the PD is authorized, enabling write access for the address range associated with the PD for a temporary window of time for the authorized write; executing the authorized write to the  address range associated with the PD; and disabling the write access for the address range associated with the PD in response to executing the authorized write. " (in line(s) 9-17 ) renders the claim  indefinite since it's not clear whether “the address range associated with the PD” limitation is referring to previously cited limitations  “ … the address range based on the buffer association”  or “ … address range comprises at least one of a memory mapped address range at a page level ” or the “ address range associated with a page”.  For the purposes of prior art rejection, examiner is interpreting “the address range associated with the PD” as “the address range with the memory association with the PD based on the buffer association”. Appropriate correction/clarification is required.

As per claim 15 , the limitation " in response to determining that a write to the address range associated with the PD is authorized," (in line(s) 12 ) renders the claim  indefinite since it's not clear to examiner if the “response to determining” is responding to a same or different “write” from the previously cited limitation in lines 10, 11 “a write to the address range associated with the PD”. For the purposes of prior art rejection, examiner is interpreting “ in response to determining that a write to the address range associated with the PD is authorized,” as “ in response to determining that the write to the address range associated with the PD is authorized,” . Appropriate correction/clarification is required. 

Claim(s) 9-14, 22 directly depend from claim 7 and are rejected for the aforementioned reason.
Claim(s) 17-19, 20, 23 directly depend from claim 15 and are rejected for the aforementioned reason.


Examiner Notes

The Examiner notes that amended claim 1 comprises various limitations claimed as alternatives (e.g. “… comprising at least one of: …” ). Amended Claim 1 comprises at least one of: “a protection domain manager configured to …”; “a memory manager configured to …”; “a file manager configured to …” and “a buffer pool manager configured to …” thus, examiner interprets the claim as only requiring one of the above mentioned limitations. 
The  examiner interprets the claim to require either “a protection domain manager configured to …” or “a memory manager configured to …” or “a file manager configured to …” or “a buffer pool manager configured to …”.
For the purposes of prior art rejection, examiner is interpreting “the program code comprising at least one of:” …  “a protection domain manager configured to …”; “a memory manager configured to …”; “a file manager configured to …” and “a buffer pool manager configured to …”  as the program code comprising … “a file manager configured to … authorized write to the address range of the memory mapped file;” 
If applicant’s claim requires all of the above features, Examiner suggest appropriate clarification by amending claim 1  language in line 4 from: “ … the program code comprising at least one of: …”  to: -- … the program code comprising: … --


Response to Arguments

Applicant's arguments regarding amended claim 1, 15 have been carefully and fully considered but they are not persuasive.  

Applicant's arguments regarding amended claim 7 have been fully considered but are moot in view of new grounds of rejection as necessitated by the amendments. Accordingly, this action has been made FINAL.

Applicant argues in essence on page(s) 9-11 taking amended Claim # 1 as exemplary that, Claim 1 has been amended to recite in part: “a protection domain manager configured to manage a set of protection domains that protect at least one of a page stored in local memory, a memory mapped file at a file level, or a memory mapped file at a page level ... 
create a buffer association between a buffer and a buffer PD, wherein the buffer references an address range for a page stored in local memory or an address range at a page level of the memory mapped file stored in persistent memory 
create a buffer memory association between the buffer PD and the address range  referenced by the buffer based on the buffer association, wherein the buffer PD is configurable to control write access to the address range referenced by the buffer for the page stored in local memory or the address range at the page level of the memory mapped file stored in persistent memory based on the referenced address range disable write access for the address range associated with the buffer PD 
enable temporary write access for the address range associated with the buffer PD for a write responsive to an authorized write to the address range for referenced by the buffer and 
disable the temporary write access for the address range associated with the buffer PD for the write after executing the authorized write to the address range referenced by the buffer”. The combination of Clark, Boyd, and Li, fail to teach or suggest at least the above recited features of claim 1. This has not been found persuasive. 

The Examiner respectfully disagrees and points Applicant to the rejection below for details. Amended claim 1 comprises various limitations claimed as alternatives (e.g. “ … comprising at least one of: … ” ) thus,  examiner interprets the claim to require either “a protection domain manager configured to …” or “a memory manager configured to …” or “a file manager configured to …” or “a buffer pool manager configured to …”.
For the purposes of prior art rejection, examiner is interpreting “the program code comprising at least one of:” …  “a protection domain manager configured to …”; “a memory manager configured to …”; “a file manager configured to …” and “a buffer pool manager configured to …”  as the program code comprising … “a file manager configured to … authorized write to the address range of the memory mapped file;” 


Applicant argues in essence on page(s) 12, 13 taking Claim # 15 as exemplary that claim 15 has been amended to recite in part: “creating a buffer association between the buffer and the PD 
creating a memory association between the PD and an address range based on the buffer association, wherein the PD is configurable to control write access to the associated address range and wherein the associated address range comprises at least one of a memory mapped address range at a page level associated with a memory mapped file stored in persistent memory or an address range associated with a page stored in local memory 
disabling write access for the address range associated with the PD 
determining that a write to the address range associated with the PD is authorized 
in response to determining that a write to the address range associated with the PD is authorized, enabling write access for the address range associated with the PD
for a temporary window of time for the authorized write 
executing the authorized write to the address range associated with the PD, and disabling the write access for the address”. The combination of Clark, Boyd, and Li, fail to teach or suggest at least the above recited features of claim 15. This has not been found persuasive. 
The Examiner respectfully disagrees and points Applicant to the rejection below for details. As explained in the rejection below, Boyd Figure 3 element 320, Figure 8, [0010], [0017], [0018], [0052], [0055] discloses processing queue  (i.e. Buffer) comprising entries referencing file names and using data structures to access associated portions of a storage device. Further, the data structures establish association between a file name field and a  protection domain field  for each file in the system. Additionally, Boyd in [0010], [0051], [0052], [0055], [0058], [0082] [0138] discloses mechanism to provide file level protection and access control using data structures including file names, associated key , protection domain, pointers, logical block addresses, length and other parameters to check I/O requests and determining if a submitted request may access the portion of storage corresponding to the file name identified in the I/O request. Regarding “wherein the associated address range comprises at least one of a memory mapped address range at a page level associated with a memory mapped file stored in persistent memory  or an address range associated with a page stored in local memory;” Clark in col 4 ln 13-17, 56-67, col 5 ln 14-16, 62-67, col 6 ln 1-13, 24-42, col 10 ln 4-16, 36-37, col 11 ln1-3, claim 6 discloses program logic configured to create memory mapped files. Files are correlated to a memory space to create memory mapped files which can be portions of virtual memory. Further, memory mapped I/O relies on paging to read contents from disk (e.g. persistent memory) into cache (e.g. local memory) where pages of memory mapped files can be stored either on disk or cache. Lastly, examiner relied on Li for disabling and enabling write accesses associated to a PD as well as determining if write accesses are authorized. Li in Figure A elements 310, [0029], [0030] discloses a normal operation configuration where an active protection key permissions are set to prohibit read/write access to code/data for various protection domains (i.e. secure and switch domains). Further, in [0037] discloses that during domain switch, protection key permissions are set to prohibit read/write access to any protection domain (i.e. to any memory ). Li in [0029], [0036] discloses the determining to switch an active protection key permissions from a current active protection key permissions (i.e. normal operation configuration where read/write of secure code/data in secure domain are not allowed) to a new active protection key permissions (i.e. a secure operation where access to secure code/data in secure domain is allowed) where valid/authorized writes are writes to protection Domains where the protection Key register permissions are set to allow writes for a specific protection domain (see also [0022], [0024], [0026]). Li in [0036] discloses the determining to switch back to normal operation configuration where read/write of secure code/data in secure domain are not allowed.
See below for updated rejection for amended language.


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.



Claim(s) 1, 2, 4, 6, 21 are rejected under 35 U.S.C. 103 as being unpatentable over Clark (U.S. Patent Number 9,003,106) in view of Boyd (U.S. Publication Number 2007/0168567) in further view Li (U.S. Publication Number 2018/0268170)

As per claim 1, Clark teaches “1. A computing device, comprising: one or more processors; and one or more memory devices that store program code configured to be executed by the one or more processors,” Clark col 11 ln 10-29 discloses processor and memory executing program code “the program code comprising at least one of:” “a memory manager configured to memory map a file stored in persistent memory to create the memory mapped file;” Clark col 4 ln 13-17, 56-67, claim 6 discloses program logic configured to create memory mapped files which are persisted in non-volatile storage
	Clark does not explicitly teach .. “at least one of:”
“a protection domain manager configured to manage a set of protection domains that protect at least one of a page stored in local memory, a memory mapped file at a file level, or a memory mapped file at a page level;” 
 “a file manager configured to: create a file association between the memory mapped file and a file protection domain (PD); create a file memory association between the file PD and an address range of the memory mapped file based on the file association, wherein the file PD is configurable to control write access to the address range of the memory mapped file at the file level; disable write access for the file PD at the file level; enable temporary write access for the file PD at the file level for a write to the address range of the memory mapped file responsive to an authorized write to the address range of the memory mapped file; and disable the temporary write access for the file PD at the file level after executing the authorized write to the address range of the memory mapped file; 
“and a buffer pool manager configured to: create a buffer association between a buffer and a buffer PD, wherein the buffer references an address range for a page stored in local memory or an address range at a page level of the memory mapped file stored in persistent memory; create a buffer memory association between the buffer PD and the address range referenced by the buffer based on the buffer association, wherein the buffer PD is configurable to control write access to the address range referenced by the buffer for the page stored in local memory or the address range at the page level of the memory mapped file stored in persistent memory based on the referenced address range; disable write access for the address range associated with the buffer PD; 
enable temporary write access for the address range associated with the buffer PD for a write responsive to an authorized write to the address range referenced by the buffer; and disable the temporary write access for the address range associated with the buffer PD after executing the authorized write to the address range referenced by the buffer.” 
However, Boyd teaches “create a file association between the memory mapped file and a file protection domain (PD);” Boyd Figure 3 element 320, [0010], [0052], [0055] discloses data structure establishing association between a file name field and a  protection domain field  for  each file in the system “create a file memory association between the file PD and an address range of the memory mapped file based on the file association,” Boyd Figure 3 element 320, [0010], [0048], [0052], [0053], [0055], [0064], [0065], [0067] discloses data structure establishing association between block address pointer and size fields and a  protection domain field  for  each file in the system “wherein the file PD is configurable to control write access to the address range of the memory mapped file at the file level;” Boyd [0010], [0019], [0138] discloses protection domain information used to determine if a portion of storage corresponding to a file name I/O request may be accessed. Further,  Boyd in [0010], [0051], [0052], [0055], [0058], [0082] [0138] discloses mechanism to provide file level protection and access control using data structures including file names, associated key , protection domain, pointers, logical block addresses, length and other parameters to check I/O requests and determining if a submitted request may access the portion of storage corresponding to the file name identified in the I/O request.
Clark and Boyd are analogous art because they are from the same field of endeavor namely, memory management.
A person of ordinary skill in the art before the effective filing date of the claimed invention would have recognized, and as taught by Boyd, that using protection data structures and mechanisms improves performance by using a plurality of data structure fields to authenticate access to portions of a storage device and to perform validation checks to maintain levels of security (Boyd [0075], [0108], [0138]). Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to incorporate Boyd’s use of protection data structures and mechanisms in the system of Clark to improve performance by using a plurality of data structure fields to authenticate access to portions of a storage device and to perform validation checks to maintain levels of security.
The combination of Clark and Boyd does not explicitly teach “disable write access for the file PD at the file level; enable temporary write access for the file PD at the file level for a write to the address range of the memory mapped file responsive to an authorized write to the address range of the memory mapped file; and disable the temporary write access for the file PD at the file level after executing the authorized write to the address range of the memory mapped file;”
However, Li teaches “disable write access for the file PD at the file level;” Li Figure A elements 310, [0029], [0030] discloses a normal operation configuration where an active protection key permissions are set to prohibit read/write access to code/data for various protection domains (i.e. secure and switch domains). Further, [0037] discloses that during domain switch, protection key permissions are set to prohibit read/write access to any protection domain (i.e. to any memory) “enable temporary write access for the file PD at the file level for a valid write to the address range of the memory mapped file responsive to an authorized write to the address range of the memory mapped file;” Li [0029], [0036] discloses the determining to switch an active protection key permissions from a current active protection key permissions (i.e. normal operation configuration where read/write of secure code/data in secure domain are not allowed) to a new active protection key permissions (i.e. a secure operation where access to secure code/data in secure domain is allowed) where valid/authorized writes are writes to protection Domains where the protection Key register permissions are set to allow writes for a specific protection domain (see also [0022], [0024], [0026]) “and disable the temporary write access for the file PD at the file level after executing the authorized write to the address range of the memory mapped file;” Li [0036] discloses the determining to switch back to normal operation configuration where read/write of secure code/data in secure domain are not allowed
Clark, Boyd and Li are analogous art because they are from the same field of endeavor namely, memory management.
A person of ordinary skill in the art before the effective filing date of the claimed invention have recognized, and as taught by Li, that code execution with protection domain support improves performance by providing secure switch of permissions and memory isolation mechanisms for managed code execution (Li [0015]). Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to incorporate Li’s execution of code with protection domain support in the system of Clark and Boyd to improve performance by providing secure switch of permissions and memory isolation mechanisms for managed code execution

As per claim 2, the combination of Clark, Boyd and Li teaches “2. The computing device of claim 1, wherein the computing device comprises the file manager” Clark col 4 ln 13-17, 56-67, claim 6 discloses program logic configured to create memory mapped files which are persisted in non-volatile storage “ and the buffer manager,” Clark figure 4 elements 417, col 7 ln 6-20 discloses code handling memory mapped file between page cache and physical memory the address range for the buffer references at least a portion of the memory mapped file,” Boyd [0017]-[0019] discloses processing queue referencing files “and the program code further comprises: at least one of an application, an operating system and an operating system extension configured to determine whether to protect the memory mapped file with a PD at a file-level by the file manager  Boyd [0010], [0012], [0051] discloses the use of the protection data structures and security checks performed for file names obtained from I/O requests or from processing queues “or  a page-level by the buffer manager.” Clark col 1 ln 57-67 discloses page level protection of memory mapped file
The same motivation that was utilized for combining Clark, Boyd and Li as set forth in claim 1 is equally applicable to claim 2.

Referring to claim 4, the combination of Clark, Boyd and Li teaches “4. (Original) The computing device of claim 2, further comprising: an operating system configured to: allocate N PDs as process PDs;”  Boyd [0010], [0019] Discloses PD entries associated with applications “and allocate M PDs as file PDs or buffer PDs.” Boyd [0080],  [0121], claim 10 Discloses PD entries associated with files and queues
The same motivation that was utilized for combining Clark, Boyd and Li as set forth in claim 2 is equally applicable to claim 4.

Referring to claim 6, the combination of Clark, Boyd and Li teaches “6. (Original) The computing device of claim 1, wherein at least one of the file PD and the buffer PD is specified by a protective key” Boyd [0010], [0055] discloses data structure associating file names or file names passed from queues with a key instance and a protection domain “ (PKEY) configured with a write access register for enabling and disabling write access.” Li [0022] discloses protection Key permissions for r/w data access to protection domains  

Referring to claim 21, the combination of Clark, Boyd and Li teaches “21. (New) The computing device of claim 1, wherein deny access to the address range of the memory mapped file based on the disabled write access for the file PD; and deny write access to the address range for the buffer based on the disabled write access for the buffer PD.” Li [0030] discloses protection key register indicates whether to deny read or write access to a particular protection domain based on whether register bits are set (i.e. when bit AD0 is set, read access is prohibited to memory in associated PD and when WD0 is set, write access is prohibited in associated PD)     


Claim(s) 7, 9-13, 14, 22 are rejected under 35 U.S.C. 103 as being unpatentable over Clark (U.S. Patent Number 9,003,106) in view of Tomasov (U.S. Patent Number 8,397,306) in view of Boyd (U.S. Publication Number 2007/0168567) in further view Li (U.S. Publication Number 2018/0268170)

As per claim 7, Clark teaches “7. A method, performed by at least one computing device, for managing a protective domain (PD) for a file, comprising: memory mapping a file stored in persistent memory (PM) to create a memory mapped file;” Clark col 4 ln 13-17, 56-67, claim 6 discloses program logic configured to create memory mapped files which are persisted in non-volatile storage
 Clark does not explicitly teach “creating a file association between the memory mapped file and the PD; and creating a memory association between the PD and an address range of the memory mapped file based on the file association, wherein the PD is configurable to control write access to the address range of the memory mapped file at a file level and a page level; disabling write access for the address range associated with PD, determining that a write to the address range of the memory mapped file at the file level or the page level is authorized; in response to determining that a write to the address range of the memory mapped file is authorized, enabling write access for the address range associated with PD for a temporary window of time for the authorized write at the file level or the page level; executing the authorized write to the address range of the memory mapped file at the file level or the page level; and disabling the write access for the address range associated with PD in response to executing the authorized write.”
However Boyd  teaches “creating a file association between the memory mapped file and the PD;” Boyd Figure 3 element 320, [0010], [0052], [0055] discloses data structure establishing association between a file name field and a  protection domain field  for  each file in the system “and creating a memory association between the PD and an address range of the memory mapped file based on the file association,” Boyd Figure 3 element 320, [0010], [0048], [0052], [0053], [0055], [0064], [0065], [0067] discloses data structure establishing association between block address pointer and size fields and a  protection domain field  for  each file in the system 
Clark and Boyd are analogous art because they are from the same field of endeavor namely, memory management.
A person of ordinary skill in the art before the effective filing date of the claimed invention would have recognized, and as taught by Boyd, that using protection data structures and mechanisms improves performance by using a plurality of data structure fields to authenticate access to portions of a storage device and to perform validation checks to maintain levels of security (Boyd [0075], [0108], [0138]). Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to incorporate Boyd’s use of protection data structures and mechanisms in the system of Clark to improve performance by using a plurality of data structure fields to authenticate access to portions of a storage device and to perform validation checks to maintain levels of security.
The combination of Clark and Boyd does not teach “wherein the PD is configurable to control write access to the address range of the memory mapped file at a file level and a page level, disabling write access for the address range associated with PD, determining that a write to the address range of the memory mapped file at the file level or the page level is authorized; in response to determining that a write to the address range of the memory mapped file is authorized, enabling write access for the address range associated with PD for a temporary window of time for the authorized write at the file level or the page level; executing the authorized write to the address range of the memory mapped file at the file level or the page level; and disabling the write access for the address range associated with PD in response to executing the authorized write.”
However, Tomasov teaches “wherein the PD is configurable to control write access to the address range of the memory mapped file at a file level and a page level.” Tomasov col 2 ln 60-67, col 3 ln 22-67, claim 1, 18 discloses creation and implementation of security domains for software and/or hardware object protection where the protection can be complete (no access at all) or partial ( i.e. read only), where objects are associated with a temporary trusted domain and where the protected objects in the security domain may be of various granularities and types such as a virtual memory page, a physical page, a disk block, a file, a part of a file, a shared memory page, a pagefile page (or a memory mapped file page), an I/O address range, a DMA region, etc.
Clark, Boyd and Tomasov are analogous art because they are from the same field of endeavor namely, memory management.
A person of ordinary skill in the art before the effective filing date of the claimed invention have recognized, and as taught by Tomasov, that using security domains improves performance by encapsulating objects into a trusted domain where validity flags and security rules are used to determine compromised data, detect unauthorized accesses and cure corruptions (Tomasov col 4 ln 9-16,  col 6 ln 18-22, 40-46). Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to incorporate Tomasov’s use of security domains in the system of Clark and Boyd to improve performance by encapsulating objects into a trusted domain where validity flags and security rules are used to determine compromised data, detect unauthorized accesses and cure corruptions.
The combination of Clark, Boyd and Tomasov does not teach “disabling write access for the address range associated with PD, determining that a write to the address range of the memory mapped file at the file level or the page level is authorized; in response to determining that a write to the address range of the memory mapped file is authorized, enabling write access for the address range associated with PD for a temporary window of time for the authorized write at the file level or the page level; executing the authorized write to the address range of the memory mapped file at the file level or the page level; and disabling the write access for the address range associated with PD in response to executing the authorized write.”
However, Li teaches “disabling write access for the address range associated with PD;” Li Figure A elements 310, [0029], [0030] discloses a normal operation configuration where an active protection key permissions are set to prohibit read/write access to code/data for various protection domains (i.e. secure and switch domains). Further, [0037] discloses that during domain switch, protection key permissions are set to prohibit read/write access to any protection domain (i.e. to any memory) “determining that a write to the address range of the memory mapped file at the file level or the page level is authorized; in response to determining that a write to the address range of the memory mapped file is authorized, enabling write access for the address range associated with PD for a temporary window of time for the authorized write at the file level or the page level; executing the authorized write to the address range of the memory mapped file at the file level or the page level;” Li [0029], [0036] discloses the determining to switch an active protection key permissions from a current active protection key permissions (i.e. normal operation configuration where read/write of secure code/data in secure domain are not allowed) to a new active protection key permissions (i.e. a secure operation where access to secure code/data in secure domain is allowed) where valid/authorized writes are writes to protection Domains where the protection Key register permissions are set to allow writes for a specific protection domain (see also [0022], [0024], [0026]) “and disabling the write access for the address range associated with PD in response to executing the authorized write.” Li [0036] discloses the determining to switch back to normal operation configuration where read/write of secure code/data in secure domain are not allowed
Clark, Boyd, Tomasov and Li are analogous art because they are from the same field of endeavor namely, memory management.
A person of ordinary skill in the art before the effective filing date of the claimed invention have recognized, and as taught by Li, that code execution with protection domain support improves performance by providing secure switch of permissions and memory isolation mechanisms for managed code execution (Li [0015]). Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to incorporate Li’s execution of code with protection domain support in the system of Clark, Boyd and Tomasov to improve performance by providing secure switch of permissions and memory isolation mechanisms for managed code execution
 
As per claim 9, the combination of Clark, Boyd, Tomasov and Li teaches “The method of claim 7, further comprising: disabling write access to the address range of the memory mapped file based on the disabled write access for the PD or an unauthorized attempt to write to the address range of the memory mapped file.” Li [0025], [0026] discloses manager configured to set PK register to disallow data access to protection domains
The same motivation that was utilized for combining Clark, Boyd, Tomasov and Li as set forth in claim 7 is equally applicable to claim 9.

As per claim 10, the combination of Clark, Boyd, Tomasov and Li teaches “The method of claim 9, further comprising: creating a file object for the memory mapped file; and storing the file association and the memory association in the file object.” Boyd Figure 3 element 320, Figure 8, [0010], [0017], [0018], [0052], [0055] discloses processing queue  (i.e. Buffer) comprising entries referencing file names and using data structures to access associated portions of a storage device. Further, the data structures establish association between a file name field and a  protection domain field  for each file in the system
The same motivation that was utilized for combining Clark, Boyd, Tomasov and Li as set forth in claim 9 is equally applicable to claim 10.

As per claim 11, the combination of Clark, Boyd, Tomasov and Li teaches “The method of claim 10, wherein the file object is maintained by an application, an operating system or a host operating system (OS) extension in an isolated process comprising the application.” Boyd [0010], [0012], [0051], [0056], [0091] discloses OS use of the protection data structures and security checks performed for file names obtained from I/O requests or from processing queues
The same motivation that was utilized for combining Clark, Boyd, Tomasov and Li as set forth in claim 10 is equally applicable to claim 11.

As per claim 12, the combination of Clark, Boyd, Tomasov and Li teaches “12. The method of claim 11, wherein the authorized write to the address range of the memory mapped file and reading from the address range of the memory mapped file is performed by a user-mode memory copy call.” Li [0030] discloses protection key register protections are modified by user-level code
The same motivation that was utilized for combining Clark, Boyd, Tomasov and Li as set forth in claim 11 is equally applicable to claim 12.

As per claim 13, the combination of Clark, Boyd, Tomasov and Li teaches “The method of claim 12, wherein the memory copy call comprises: reading a page of the memory mapped file to a buffer pool; or writing a page from the buffer pool to the memory mapped file.” Clark Figure 24, col 6 ln 1-12 , col 11 ln 1-6 discloses page in and page out of mmaped files

As per claim 14, the combination of Clark, Boyd, Tomasov and Li teaches “14. (Original) The method of claim 7, wherein the PD is specified by a protective key” Boyd [0010], [0055] discloses data structure associating file names or file names passed from queues with a key instance and a protection domain “(PKEY) configured with a write access register for enabling and disabling write access.” Li [0022] discloses protection Key permissions for r/w data access to protection domains  
The same motivation that was utilized for combining Clark, Boyd, Tomasov and Li as set forth in claim 7 is equally applicable to claim 14.

As per claim 22, the combination of Clark, Boyd, Tomasov and Li teaches “22. (Previously presented) The method of claim 7, further comprising: denying access to the address range of the memory mapped file based on the disabled write access for the PD.” Li [0030] discloses protection key register indicates whether to deny read or write access to a particular protection domain based on whether register bits are set (i.e. when bit AD0 is set, read access is prohibited to memory in associated PD and when WD0 is set, write access is prohibited in associated PD)     
The same motivation that was utilized for combining Clark, Boyd, Tomasov and Li as set forth in claim 7 is equally applicable to claim 22.


Claim(s) 15, 17-20, 23 are rejected under 35 U.S.C. 103 as being unpatentable over Boyd (U.S. Publication Number 2007/0168567) in view of Clark (U.S. Patent Number 9,003,106) and in further view of Li (U.S. Publication Number 2018/0268170)

As per claim 15 , Boyd teaches “15. A method, performed by at least one computing device, for managing a protective domain (PD) for a buffer, comprising: creating a buffer association between the buffer and the PD;” Boyd Figure 3 element 320, Figure 8, [0010], [0017], [0018], [0052], [0055] discloses processing queue  (i.e. Buffer) comprising entries referencing file names and using data structures to access associated portions of a storage device. Further, the data structures establish association between a file name field and a  protection domain field  for each file in the system “creating a memory association between the PD and an address range based on the buffer association,” Boyd Figure 3 element 320, [0010], [0048], [0052], [0053], [0055], [0064], [0065], [0067] discloses data structure establishing association between block address pointer and size fields and a protection domain field  for each file in the system (e.g. referenced files in processing queue) “wherein the PD is configurable to control write access to the associated address range” Boyd [0010], [0019], [0138] discloses protection domain information used to determine if a portion of storage corresponding to a file name I/O request may be accessed. Further,  Boyd in [0010], [0051], [0052], [0055], [0058], [0082] [0138] discloses mechanism to provide file level protection and access control using data structures including file names, associated key , protection domain, pointers, logical block addresses, length and other parameters to check I/O requests and determining if a submitted request may access the portion of storage corresponding to the file name identified in the I/O request.
Boyd does not explicitly teach “wherein the associated address range comprises at least one of a memory mapped address range at a page level associated with a memory mapped file stored in persistent memory  or an address range associated with a page stored in local memory; disabling write access for the address range associated with the PD; determining that a write to the address range associated with the PD is authorized; in response to determining that a write to the address range associated with the PD is authorized, enabling write access for the address range associated with the PD for a temporary window of time for the authorized write; executing the authorized write to the  address range associated with the PD; and disabling the write access for the address range associated with the PD in response to executing the authorized write.”
However Clark teaches “wherein the associated address range comprises at least one of a memory mapped address range at a page level associated with a memory mapped file stored in persistent memory  or an address range associated with a page stored in local memory;” Clark col 4 ln 13-17, 56-67, col 5 ln 14-16, 62-67, col 6 ln 1-13, 24-42, col 10 ln 4-16, 36-37, col 11 ln1-3, claim 6 discloses program logic configured to create memory mapped files. Files are correlated to a memory space to create memory mapped files which can be portions of virtual memory. Further, memory mapped I/O relies on paging to read contents from disk (e.g. persistent memory) into cache (e.g. local memory) where pages of memory mapped files can be stored either on disk or cache.
Boyd and Clark are analogous art because they are from the same field of endeavor namely, memory management.
A person of ordinary skill in the art before the effective filing date of the claimed invention would have recognized, and as taught by Clark, that using an operating system memory mapped file facility improves performance by extending the memory of the server through the use of nonvolatile storage where the nonvolatile storage is used to create a crash consistent storage (Clark col 4 ln 13-32). Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to incorporate Clark’s operating system memory mapped file facility in the system of Boyd to improve performance by extending the memory of the server through the use of nonvolatile storage where the nonvolatile storage is used to create a crash consistent storage
The combination of Boyd and Clark does not explicitly teach “disabling write access for the PD; determining that a write to the memory mapped address range is authorized; in response to determining that a write to the memory mapped address range is authorized, enabling write access for the PD for a temporary window of time for a valid write; executing the authorized write to the memory mapped address range; and 
disabling the write access for the PD in response to executing the authorized write.”
However, Li teaches “disabling write access for the address range associated with the PD;” Li Figure A elements 310, [0029], [0030] discloses a normal operation configuration where an active protection key permissions are set to prohibit read/write access to code/data for various protection domains (i.e. secure and switch domains). Further, [0037] discloses that during domain switch, protection key permissions are set to prohibit read/write access to any protection domain (i.e. to any memory ) “determining that a write to the address range associated with the PD is authorized; in response to determining that a write to the address range associated with the PD is authorized, enabling write access for the address range associated with the PD for a temporary window of time for the authorized write; 
executing the authorized write to the  address range associated with the PD;” Li [0029], [0036] discloses the determining to switch an active protection key permissions from a current active protection key permissions (i.e. normal operation configuration where read/write of secure code/data in secure domain are not allowed) to a new active protection key permissions (i.e. a secure operation where access to secure code/data in secure domain is allowed) where valid/authorized writes are writes to protection Domains where the protection Key register permissions are set to allow writes for a specific protection domain (see also [0022], [0024], [0026]) “and disabling the write access for the address range associated with the PD in response to executing the authorized write.” Li [0036] discloses the determining to switch back to normal operation configuration where read/write of secure code/data in secure domain are not allowed 
Boyd, Clark and Li are analogous art because they are from the same field of endeavor namely, memory management.
A person of ordinary skill in the art before the effective filing date of the claimed invention have recognized, and as taught by Li, that code execution with protection domain support improves performance by providing secure switch of permissions and memory isolation mechanisms for managed code execution (Li [0015]). Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to incorporate Li’s execution of code with protection domain support in the system of Boyd and Clark to improve performance by providing secure switch of permissions and memory isolation mechanisms for managed code execution

As per claim 17 , the combination of Boyd, Clark and Li teaches “The method of claim 15, further comprising: disabling write access to the address range of the memory mapped file based on the disabled write access for the PD or an unauthorized attempt to write to the address range of the memory mapped file.” Li [0025], [0026] discloses manager configured to set PK register to disallow data access to protection domains 
The same motivation that was utilized for combining Boyd, Clark and Li as set forth in claim 15 is equally applicable to claim 17.

As per claim 18 , the combination of Boyd, Clark and Li teaches “The method of claim 17, further comprising: creating a buffer data structure for the buffer; and storing the buffer association and the memory association in the buffer data structure.” Boyd Figure 3 element 320, Figure 8, [0010], [0017], [0018], [0052], [0055] discloses processing queue  (i.e. Buffer) comprising entries referencing file names and using data structures to access associated portions of a storage device. Further, the data structures establish association between a file name field and a  protection domain field  for each file in the system  

As per claim 19 , the combination of Boyd, Clark and Li teaches “19. The method of claim 18, wherein the write to the address range of the memory mapped file and reading from the address range of the memory mapped file is performed by a user-mode memory copy call.” Li [0030] discloses protection key register protections are modified by user-level code 
The same motivation that was utilized for combining Boyd, Clark and Li as set forth in claim 18 is equally applicable to claim 19.

As per claim 20 , the combination of Boyd, Clark and Li teaches “The method of claim 15, wherein the PD is specified by a protective key” Boyd [0010], [0055] discloses data structure associating file names or file names passed from queues with a key instance and a protection domain “ (PKEY) configured with a write access register for enabling and disabling write access.” Li [0022] discloses protection Key permissions for r/w data access to protection domains  
The same motivation that was utilized for combining Boyd, Clark and Li as set forth in claim 15 is equally applicable to claim 20.

As per claim 23 , the combination of Boyd, Clark and Li teaches “23. (New) The method of claim 18, further comprising: denying write access to the buffer data structure address range comprising the memory mapped address range based on the disabled write access for the PD.” Li [0030] discloses protection key register indicates whether to deny read or write access to a particular protection domain based on whether register bits are set (i.e. when bit AD0 is set, read access is prohibited to memory in associated PD and when WD0 is set, write access is prohibited in associated PD)     
The same motivation that was utilized for combining Boyd, Clark and Li as set forth in claim 18 is equally applicable to claim 23.






Allowable Subject Matter

Claim(s) 5 are objected to as being dependent upon a rejected base
claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims. After careful consideration, examination, and search of the claimed invention, prior art was not found to teach the amended limitation to the independent claims "create a second file association between a second memory mapped file and the first PD concurrently with or alternatively to the first file association when a number of memory mapped files exceeds the M allocated PDs;”













Conclusion

The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.

US 20190243780 A1 SCALABLE APPLICATION-CUSTOMIZED MEMORY COMPRESSION, Gopal.

US 20190042733 A1 SECURING UNTRUSTED CODE USING MEMORY PROTECTION KEY AND CONTROL FLOW INTEGRITY, Zhang.

US 6859867 B1 Translation And Protection Table And Method Of Using The Same To Validate Access Requests, Berry.

US 20080222397 A1 Hard Object: Hardware Protection For Software Objects, Wilkerson.
	
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to TAHILBA O PUCHE whose telephone number is (571)272-9163.  The examiner can normally be reached on M-F.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, David Yi can be reached on 07519.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




/TAHILBA O PUCHE/Examiner, Art Unit 2132                                                                                                                                                                                                        05/01/2022

/DAVID YI/Supervisory Patent Examiner, Art Unit 2132