DETAILED ACTION
Acknowledgements
The amendment filed 04/14/2022 is acknowledged.
Claims 1-20 are pending.
Claims 1-20 have been examined.


Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .


Response to Amendment/Arguments
Claims 1, 11 and 17 are amended.

Regarding applicant’s arguments on Double Patenting Rejection, Applicant asser0ts “withdrawal of the provisional rejections in accordance with applicable rules. See MPEP Section 804.1.B.”.  Examiner respectfully disagrees.
MPEP 804 I B states “A provisional double patenting rejection should continue to be made by the examiner until the rejection has been obviated or is no longer applicable”.
Therefore, the double patenting rejection maintains.

Regarding applicant’s arguments on Claim Rejections - 35 U.S.C. §101, the arguments have been fully considered but they are not persuasive.  
It is the applicant’s position that “claim 1 and the remaining present claims do not recite a mathematical formula, equation, or relationship, … the present claims are not directed to an abstract idea and are patent eligible.” Examiner respectfully disagrees.
The present claims are directed to data decryption.  For example, the independent claim 1 recites “receive encrypted code…; provide the encrypted code…; and obtain a cryptogram…”, claim 11 recites “ receiving…encrypted data and encrypted code…; transferring…the encrypted data and the encrypted code…; decrypting…the encrypted code,…; executing…the decrypted code…; receiving…information decrypted….”, and claim 17 recites “receive encrypted code…; decrypt the encrypted code…; execute the decrypted code to generate a cryptogram…; return the cryptogram….”.  data decryption of cryptographic operation is mathematical calculation within “Mathematical concepts” grouping of abstract ideas.  See 2019 Revised Patent Subject Matter Eligibility Guidance, 84 Fed. Reg. 50, at 52 (Jan. 7, 2019).
 Therefore, the claim is directed to an abstract idea.
Furthermore, applicant recites DDR Holdings case and argues that the present application “allow for improvements to the functioning of computer systems and describe a specific, discrete implementation that provides a technical improvement”. Examiner respectfully disagrees.
The 101 analysis is based on Alice Corporation Pty. Ltd. v. CLS Bank International. Therefore, the arguments of DDR Holdings v. Hotels.com are moot. Moreover, this judicial exception is not integrated into a practical application because, when analyzed under prong two of step 2A of the Alice/Mayo test (See 2019 Revised Patent Subject Matter Eligibility Guidance, 84 Fed. Reg. 50, 54-55 (January 7, 2019)), the additional element(s) of the claim(s) such as the use of computing device, processor, memory, non-transitory computer-readable medium, cryptographic coprocessor, cryptogram, signature, and cryptographic algorithm merely use(s) a computer as a tool to perform an abstract idea. Specifically, conducting data decryption including receiving encrypted data and encrypted code, decrypting the encrypted code, decrypting the encrypted data.  The use of a processor/computer as a tool to implement the abstract idea does not integrate the abstract idea into a practical application because it requires no more than a computer performing functions that correspond to acts required to carry out the abstract idea. The additional elements do not involve improvements to the functioning of a computer, the claims do not apply the abstract idea with, or by use of, a particular machine (MPEP 2106.05(b)), and the claims do not apply or use the abstract idea in some other meaningful way beyond generally linking the use of the abstract idea to a particular technological environment, such that the claim as a whole is more than a drafting effort designed to monopolize the exception (MPEP 2106.05(e) and Vanda Memo). Therefore, the claims do not, for example, purport to improve the functioning of a computer. Nor do they effect an improvement in any other technology or technical field. Accordingly, the additional elements do not impose any meaningful limits on practicing the abstract idea, and the claims are directed to an abstract idea.

Regarding applicant’s arguments on Claim Rejections - 35 U.S.C. §102, the arguments are moot in light of the new ground rejection.

Regarding applicant’s arguments on Claim Rejections - 35 U.S.C. §103, the arguments are moot in light of the new ground rejection.

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159.  See MPEP §§ 706.02(l)(1) - 706.02(l)(3) for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Claims 1, 3-6 , 10-12 and 14-18 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1, 3, 5, 6, 8, 11-13 and 16 of copending Application No. 16/668,973. Although the claims at issue are not identical, they are not patentably distinct from each other.  For example,
Claim 1 of copending Application No. 16/668,973 recites:
A system, comprising:
a first computing device comprising a processor, a memory, and a cryptographic coprocessor, and
machine-readable instructions stored in the memory that, when executed by the processor, cause the computing device to at least:
receive encrypted executable code implementing a cryptographic algorithm from a service executed on a second computing device via a network;
decrypt, by the cryptographic coprocessor, the encrypted executable code;
execute, by the cryptographic coprocessor, the decrypted executable code to generate a cryptogram including information encrypted using the cryptographic algorithm; and
send the cryptogram to the service via the network.
Claim 1 of copending Application No. 16/668,973 differs since it further recites additional claim limitations including a system comprising…a cryptographic coprocessor; decrypt, by the cryptographic coprocessor, the encrypted executable code; and send the cryptogram to the service via the network. However, it would have been obvious to a person of ordinary skill in the art to modify claim 1 of copending Application No. 16/668,973 by removing the cryptographic coprocessor to the system and the limitation directed to send the cryptogram to the service via the network in the claims of the present application since the claims of the present application and the claim recited in copending Application No. 16/668,973 actually perform a similar function.  It is well settled that the omission of an element and its function is an obvious expedient if the remaining elements perform the same function as before.  In re Karlson, 136 USPQ 184 (CCPA 1963).  Also note Ex parte Rainu, 168 USPQ 375 (Bd. App. 1969).  Omission of a reference element whose function is not needed would be obvious to one of ordinary skill in the art.
Similarly, claims 3-6, 10-12 and 14-18 of the present applicant corresponds to the claims 1, 8, 3, 5, 6, 11-12, 16, 13, 1 and 5 of the copending Applications  No.16/668,973 respectively.


Claim Rejections - 35 USC §101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

Claims 1-20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to a judicial exception (i.e., a law of nature, a natural phenomenon, or an abstract idea) without significantly more.
Analysis
In the instant case, claims 1-10 and 17-20 are directed to a system and apparatus, claims 11-16 are directed to a method.  Therefore, these claims fall within the four statutory categories of invention.
The claim(s) recite(s) data decryption.  Specifically, the claims recite “receiving…encrypted data and encrypted code…; transferring… the encrypted data and encrypted code…; decrypting…the encrypted code; executing…the decrypted code..; receiving…information decrypted… ”, which is mathematical calculations within the “Mathematical concepts” grouping of abstract ideas in prong one of step 2A of the Alice/Mayo test (See 2019 Revised Patent Subject Matter Eligibility Guidance, 84 Fed. Reg. 50, 52, 54 (January 7, 2019)) because the claims involve a series of steps for conducting data decryption. Accordingly, the claims recite an abstract idea (See pages 7, 10, Alice Corporation Pty. Ltd. v. CLS Bank International, et al., US Supreme Court, No. 13-298, June 19, 2014; 2019 Revised Patent Subject Matter Eligibility Guidance, 84 Fed. Reg. 50, 53-54 (January 7, 2019)).
This judicial exception is not integrated into a practical application because, when analyzed under prong two of step 2A of the Alice/Mayo test (See 2019 Revised Patent Subject Matter Eligibility Guidance, 84 Fed. Reg. 50, 54-55 (January 7, 2019)), the additional element(s) of the claim(s) such as the use of computing device, processor, memory, non-transitory computer-readable medium, cryptographic coprocessor, cryptogram, signature, and cryptographic algorithm merely use(s) a computer as a tool to perform an abstract idea. Specifically, conducting data decryption including receiving encrypted data and encrypted code, decrypting the encrypted code, and decrypting the encrypted data by executing the decrypted code.  The use of a processor/computer as a tool to implement the abstract idea does not integrate the abstract idea into a practical application because it requires no more than a computer performing functions that correspond to acts required to carry out the abstract idea. The additional elements do not involve improvements to the functioning of a computer, or to any other technology or technical field (MPEP 2106.05(a)), the claims do not apply or use the abstract idea to effect a particular treatment or prophylaxis for a disease or medical condition (Vanda Memo), the claims do not apply the abstract idea with, or by use of, a particular machine (MPEP 2106.05(b)), the claims do not effect a transformation or reduction of a particular article to a different state or thing (MPEP 2106.05(c)), and the claims do not apply or use the abstract idea in some other meaningful way beyond generally linking the use of the abstract idea to a particular technological environment, such that the claim as a whole is more than a drafting effort designed to monopolize the exception (MPEP 2106.05(e) and Vanda Memo). Therefore, the claims do not, for example, purport to improve the functioning of a computer. Nor do they effect an improvement in any other technology or technical field. Accordingly, the additional elements do not impose any meaningful limits on practicing the abstract idea, and the claims are directed to an abstract idea.
The claims do not include additional elements that are sufficient to amount to significantly more than the abstract idea. The claims 1-10, and 17-20 are system and apparatus claims that are used to perform the method claims 11-16 which only involves the use of computers as tools to automate and/or implement the abstract idea. 
Taking the claim elements separately, the independent claims involve performing data decryption including receiving encrypted data and encrypted code, decrypting the encrypted code, and decrypting the encrypted data by executing the decrypted code.  This only uses the processor or computer system to automate or implement the abstract idea of performing data decryption.  Dependent claims 2-3, 9 and 20 describe cryptogram.  Dependent claims 4, 12 and 16 describe obtaining encrypted code.  Dependent claims 5-8, 10 and 19 describe the trusted execution environment.  Dependent claim 13 describes decrypting the encrypted data.  Dependent claim 14 describes decrypting the encrypted code. Dependent claim 15 describes cryptographic coprocessor. Dependent claim18 describes the computing device.  These claims further describe the use of the processor or computer system to automate or implement the abstract idea. Therefore, the use of the computer in each step does no more than employ the computer as a tool to carry out functions corresponding to the acts performed in the abstract idea. Merely applying instructions by reciting the computing structure as a tool to implement the claimed limitations (see MPEP 2106.05(f)) or merely linking the use of the judicial exception to a particular technological environment or field of use (MPEP § 2106.05(h)), does not serve to provide significantly more than the abstract idea. 
Viewed as a whole, the combination of elements recited in the claims simply recite the concept of performing data receiving encrypted data and encrypted code, decrypting the encrypted code, and decrypting the encrypted data by executing the decrypted code.  The claims do not, for example, purport to improve the functioning of the computer itself. Nor do they effect an improvement in any other technology or technical field. 
The use of a computing device, processor, memory, non-transitory computer-readable medium, cryptographic coprocessor, cryptogram, signature, and cryptographic algorithm as tools to implement the abstract idea does not render the claim patent eligible because it does not provide meaningful limitations beyond generally linking the use of an abstract idea to a particular technological environment and requires no more than a computer performing functions that correspond to acts required to carry out the abstract idea. 
Conclusion
The claims as a whole do not amount to significantly more than the abstract idea itself. This is because the claims do not effect an improvement to another technology or technical field; the claims do not amount to an improvement to the functioning of a computer system itself; and the claims do not move beyond a general link of the use of an abstract idea to a particular technological environment.
Accordingly, there are no meaningful limitations in the claims that transform the judicial exception into a patent eligible application such that the claims amount to significantly more than the judicial exception itself.


Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and
103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for
the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale
supporting the rejection, would be the same under either status.

The following is a quotation of pre-AIA  35 U.S.C. 103(a) which forms the basis for all obviousness rejections set forth in this Office action:
(a) A patent may not be obtained through the invention is not identically disclosed or described as set
forth in section 102, if the differences between the subject matter sought to be patented and the prior
art are such that the subject matter as a whole would have been obvious at the time the invention was
made to a person having ordinary skill in the art to which said subject matter pertains. Patentability
shall not be negatived by the manner in which the invention was made.

Claims 1-7, 9-10, 17-18, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over US Grant Application US6378072B1 (“Collins et al.”) in view of US Application Publication US20160381010A1 (“Bhandari et al.”) and in further view of US Application Publication US20130117555A1 (“Yang et al.”).

Regarding claim 1 and 17, Collins et al. teaches:
a computing device comprising a processor and a memory; and (Fig. 1 item 100)
machine-readable instructions stored in the memory that, when executed by the processor, cause the computing device to at least: (Figs. 1-2)
receive encrypted code from a service via a network; (Fig. 1, item 105; col 2 ln 50-53) 
provide the encrypted code to an application executed in a trusted execution environment of the computing device; and (Fig. 1, col 2 ln 54)
decrypt the encrypted code; (Fig. 1, col 2 ln 54-55, col 16 ln 18-20)

Collins et al. does not explicitly disclose:
wherein the code that is encrypted comprises a cryptographic algorithm;
obtain a cryptogram including information encrypted using the cryptographic algorithm from the application, wherein the cryptographic algorithm was received from the service via the network.
return the cryptogram via the interface.
However, Bhandari et al. teaches:
obtain a cryptogram including data. (Fig. 3 item 312, Fig. 4 item 416; ¶¶0025, 0028-0029).
return the cryptogram via the interface. (Fig. 3 item 314; ¶¶0025, 0028-0029)
Therefore, it would have been obvious to one of ordinary skill in the art at the time of the filling
date of the invention to modify the Cryptographic  System of Collins et al. by adding cryptogram generation in accordance with the teaching of Bhandari et al.. This modification allows Collins’ system to support secure payment transactions. (Bhandari et al. ¶¶0003-0004).

Collins et al. and Bhandari et al. do not disclose:
wherein the code that is encrypted comprises a cryptographic algorithm; 
wherein the data is information encrypted using the cryptographic algorithm from the application, wherein the cryptographic algorithm was received from the service via the network. 
However, Yang et al. teaches:
wherein the code that is encrypted comprises a cryptographic algorithm; (abs, ¶¶0008-0009)
wherein the data is information encrypted using the cryptographic algorithm from the application, wherein the cryptographic algorithm was received from the service via the network. (abs, ¶¶0008-0009)
Therefore, it would have been obvious to one of ordinary skill in the art at the time of the filling
date of the invention to modify the combined system of Collins et al. and Bhandari et al. by utilizing transmitted cryptographic algorithm for cryptographic operations in accordance with the teaching of Yang et al.. This modification improves the flexibility of the combined system with cryptographic operation and data security. (Yang et al. ¶¶0005-0007)

Additionally, the limitation “including information encrypted using the cryptographic algorithm from the application,” is not positively recited.  It does not entitle patentable weight.

Regarding claim 2, Collins et al. in view of Bhandari et al., and in further view of Yang et al. discloses all the limitations as described above.  Collins et al. further discloses:
wherein the cryptogram is obtained by another application executed in an untrusted execution environment of the computing device. (Fig. 1, col 3 ln 46-49)

Regarding claim 3, Collins et al. in view of Bhandari et al., and in further view of Yang et al. discloses all the limitations as described above.  Collins et al. further discloses:
wherein the machine-readable instructions further cause the computing device to at least send the cryptogram by the other application to the service via the network. (Fig. 1, col 3 ln 46-50)

Regarding claim 4, Collins et al. in view of Bhandari et al., and in further view of Yang et al. discloses all the limitations as described above.  Collins et al. further discloses:
wherein the encrypted code is provided to the application via an interface between the trusted execution environment of the computing device and an untrusted execution environment of the computing device. (Fig. 1, col 3 ln 43-50)

Regarding claim 5, Collins et al. in view of Bhandari et al., and in further view of Yang et al. discloses all the limitations as described above.  Collins et al. further discloses:
wherein the trusted execution environment includes a cryptographic coprocessor, and the machine-readable instructions further cause the computing device to at least verify, by the cryptographic coprocessor, a signature of the encrypted code and a state of the computing device before decrypting the encrypted code. (Figs. 1, 4 and 6; col 2 ln 60-64, col 8 ln 43-56)

Regarding claims 6 and 18, Collins et al. in view of Bhandari et al. discloses all the limitations as described above.  Collins et al. further discloses:
wherein the trusted execution environment includes a cryptographic coprocessor, and the machine-readable instructions further cause the computing device to at least verify, by the cryptographic coprocessor, a signature of the application. (Figs. 1 and 6; col 2 ln 60-64)

Regarding claim 7, Collins et al. in view of Bhandari et al., and in further view of Yang et al. discloses all the limitations as described above.  Bhandari et al. further discloses:
wherein the trusted execution environment includes a cryptographic coprocessor, and the cryptographic algorithm is not included in a predefined plurality of cryptographic algorithms supported by the cryptographic coprocessor. (¶0023)

Regarding claims 9 and 20, Collins et al. in view of Bhandari et al., and in further view of Yang et al. discloses all the limitations as described above.  Bhandari et al. further discloses:
wherein the cryptogram corresponds to a payment transaction, and the cryptogram includes a limited use payment credential. (Fig. .3 items 310-314; ¶0025)

Regarding claim 10, Collins et al. in view of Bhandari et al., and in further view of Yang et al. discloses all the limitations as described above.  Collins et al. further discloses:
wherein the trusted execution environment stores a key used to decrypt the encrypted code, the key being associated with an entity that operates the service. (Fig. 1, col 2 ln 54-55; col 3 ln 5-7, col 16 ln 18-20)

Claims 8 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over US Grant Application US6378072B1 (“Collins et al.”) in view of US Application Publication US20160381010A1 (“Bhandari et al.”), and in further view of US Application Publication US20130117555A1 (“Yang et al.”) and US Grant Publication US9442752B1 (“Roth et al.”).

Regarding claims 8 and 19, Collins et al. in view of Bhandari et al., and in further view of Yang et al. discloses all the limitations as described above.  Collins et al., Bhandari et al. and Yang et al. do not teach:
wherein the trusted execution environment comprises a secure operating system executed on a secure virtual processor of the processor. 
However, Roth et al. teaches:
wherein the trusted execution environment comprises a secure operating system executed on a secure virtual processor of the processor. (Fig. 1 item 108, col 2 ln 56 – col 3 ln 3)
Therefore, it would have been obvious to one of ordinary skill in the art at the time of the filling
date of the invention to modify the combined system of Collins et al., Bhandari et al. and Yang et al. by adding support for virtual machine in accordance with the teaching of Roth et al.. This modification provides flexibility in customizing the virtual machine to meet the security requirement. (Roth et al. col 1 ln 15-16).

Claims 11-12 and 14-16 are rejected under 35 U.S.C. 103 as being unpatentable over US Grant Application US6378072B1 (“Collins et al.”) in view of US Application Publication US20060078121A1 (“Luk”).

Regarding claims 11, Collins et al. teaches:
receiving, by a first application executed in an untrusted execution environment, encrypted data and encrypted code via a network; (Fig. 1, item 105; col 2 ln 50-53);
transferring, by the first application, the encrypted data and the encrypted code to a second application executed in a trusted execution environment; (Fig. 1, col 2 ln 54)
receiving, by the first application, information decrypted from the encrypted data from the second application. (Fig. 1, col 3 ln 46-49)
Collins et al. does not explicitly disclose:
wherein the code that is encrypted comprises a cryptographic algorithm
decrypting, by the second application, the encrypted code, wherein the code that is decrypted comprises the cryptographic algorithm
executing, by the second application, the decrypted code to decrypt the encrypted data using the cryptographic algorithm; and 
However, Luk discloses:
wherein the code that is encrypted comprises a cryptographic algorithm (Fig. 1 item 120; ¶0015)
decrypting, by the second application, the encrypted code, wherein the code that is decrypted comprises the cryptographic algorithm (Fig. 1 items 131, 130 and 140; ¶0015)
executing, by the second application, the decrypted code to decrypt the encrypted data using the cryptographic algorithm; and (Fig. 1 item 140 and 100-R; ¶0015)
Therefore, it would have been obvious to one of ordinary skill in the art at the time of the filling
date of the invention to modify the Cryptographic  System of Collins et al. by utilizing cryptogram algorithm from sender in accordance with the teaching of Luk. This modification enables Collins’ system to provide flexibility with cryptographic algorithm support. (Luk, ¶0006)

Regarding claim 12, Collins et al. in view of Luk discloses all the limitations as described above. Collins et al. further discloses:
transferring the encrypted code from the second application to a cryptographic coprocessor using an interface; and (Fig. 1 items 110 and 115; col 4 ln 8-9)
verifying a signature of the encrypted code using the cryptographic coprocessor. (Figs. 1 and 6; col 2 ln 60-64).

Regarding claim 14,  Collins et al. in view of Luk discloses all the limitations as described above. Collins et al. further discloses:
wherein decrypting the encrypted code is performed by the cryptographic coprocessor. (Fig. 1, col 2 ln 54-55; col 16 ln 18-20).

Regarding claim 15, Collins et al. in view of Luk discloses all the limitations as described above. Collins et al. further discloses:
wherein the cryptographic coprocessor includes code that implements a predefined plurality of cryptographic algorithms, and the cryptographic algorithm is executed from the predefined plurality of cryptographic algorithms. (col 4 ln 15-17).

Regarding claim 16, Collins et al. in view of Luk discloses all the limitations as described above. Collins et al. further discloses: 
wherein the encrypted code is received from a service operated by an entity, and the first application and the second application are associated with the entity. (Col 3 ln 37-50). 

Claim 13 are rejected under 35 U.S.C. 103 as being unpatentable over US Grant Application US6378072B1 (“Collins et al.”) in view of US Application Publication US20060078121A1 (“Luk”), and in further view of US Application Publication US20080178010A1 (“Vaterlaus et al.”).

Regarding claim 13, Collins et al. in view of Luk discloses all the limitations as described above.  Collins et al. and Luk does not disclose:
wherein executing the decrypted code is not performed by the cryptographic coprocessor.
However, Vaterlaus et al. discloses:
wherein executing the decrypted code is not performed by the cryptographic coprocessor. (Fig. 5 item 90, Fig. 7 item 100; Abs, ¶¶0081, 0085)
Therefore, it would have been obvious to one of ordinary skill in the art at the time of the filling
date of the invention to modify the combined system of Collins et al. and Luk by executing the decrypted code outside of cryptographic coprocessor in accordance with the teaching of Vaterlaus et al.. This modification allows the combined system to decouple cryptographic operations from other application specific operations.  This allows cryptographic operations be shared by multiple applications and users.  (Vaterlaus et al. ¶¶0003-0005)


Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure as the prior art additionally discloses certain parts of the claim features (See “PTO-892 Notice of Reference Cited”).
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Yingying Zhou whose telephone number is (571)272-5308.  The examiner can normally be reached on Monday-Friday 9am-5pm ET.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, John Hayes can be reached on 571-272-6708.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/YINGYING ZHOU/Examiner, Art Unit 3685     

/JOHN W HAYES/Supervisory Patent Examiner, Art Unit 3685