DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


1.	Claims 1-3, 5-7, 12, and 13 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Boivie et al. (US 2016/0171250), “Boivie”.

2.	As per claim 1, Boivie discloses a plurality of cache blocks [paragraph 2]; a plurality of owner indicators, wherein for each cache block of the plurality of cache blocks exists a corresponding owner indicator in the plurality of owner indicators, wherein an owner indicator corresponding to a cache block is capable of identifying an entity that caused the cache block to be fetched to the cache unit [object ID identifying cache lines, paragraphs 30 & 31 of the incorporated application 12/878696]; and a plurality of validity marks, wherein for each cache block of the plurality of cache blocks exists a corresponding validity mark in the plurality of validity marks, wherein a validity mark corresponding to the cache block indicates whether a validation process performed on the cache block upon fetching thereof was successful [integrity checks, paragraphs 10, 37, 40 & 51].

3.	As per claim 2, Boivie discloses wherein a first dataset and a second dataset concurrently reside unencrypted in the plurality of cache blocks, wherein the first dataset is associated with a first entity, wherein the second dataset is associated with a second entity, wherein the second entity is prohibited from accessing the first dataset [protected system, abstract].

4.	As per claim 3, Boivie discloses wherein the first entity is prohibited from accessing the second dataset [protected system, abstract].

5.	As per claim 5, Boivie discloses a key storage retaining a plurality of keys [paragraph 7 of the incorporated application 12/878696], each of which is associated with a different entity, wherein the validation process is performed using a key retained in the key storage, wherein the key is associated with the entity, wherein the key storage and the plurality of cache blocks are retained in a secure storage [validation using encryption keys, paragraphs 61, 62 & 68 of the incorporated application 13/033367].

6.	As per claim 6, Boivie discloses wherein said apparatus further comprising a Security Management Unit (SMU), wherein said SMU is configured to perform the validation process upon fetching of a cache block into the cache unit [paragraphs 50-51].

7.	As per claim 7, Boivie discloses wherein said SMU is further configured to sign a cache block upon cache block eviction from the cache unit to produce a signature, wherein the validation process is based on the signature produced by said SMU upon eviction [paragraph 70].

8.	As per claims 12 and 13, the claims recite the limitations similar in scope as claims 6 and 7.  Thus, the claims are rejected for the same reasons.

Conclusion
A.	Subject Matter Considered Allowable.
	Claims 21-23 are allowable.
The primary reasons for allowance of claim 21 in the instant application is the combination with the inclusion in these claims that “obtaining a first validity mark and a first owner indicator associated with the first cache block; in response to the instruction, when executed, attempting to access a second cache block: obtaining a second validity mark and a second owner indicator associated with the second cache block; determining an access privilege of the instruction to the second cache block based on at least two of the first validity mark, the first owner indicator, the second validity mark and the second owner indicator; and enforcing the access privilege”.  The prior art of record neither anticipates nor renders obvious the above recited combination.  
The primary reasons for allowance of claim 23 in the instant application is the combination with the inclusion in these claims that “in response to determining the second security domain is different than the first security domain: storing, in a secure storage, content of at least a portion the set of registers; storing, in a secure storage, an address of next instruction in the first security domain; and after said storing content and storing the address, modifying the content of the at least a portion of the set of registers; after said modifying, executing the second instruction to set a second state of the processor; obtaining a third instruction for execution from a third cache block; obtaining a third validity mark and a third owner indicator associated with the third cache block; determining a third security domain based on the third validity mark and the third owner indicator; in response to determining the third security domain is the first security domain: restoring, from the secure storage, the content of the at least portion of the set of registers, thereby restoring the first state of the execution unit; and verifying an address of the third instruction matches the address of the next instruction in the first security domain retained in the secure storage; and executing the third instruction on the first state of the execution unit”.  The prior art of record neither anticipates nor renders obvious the above recited combination.  
Claims 4, 8-11, and 14-20 are objected to.
The primary reasons for allowance of claim 4 in the instant application is the combination with the inclusion in these claims that “wherein the first dataset comprises one or more cache blocks comprising program instructions that are to be executed by the first entity, and wherein the first dataset comprises one or more cache blocks comprising data that is written by the first entity”.  The prior art of record neither anticipates nor renders obvious the above recited combination.  
The primary reasons for allowance of claim 8 in the instant application is the combination with the inclusion in these claims that “wherein said apparatus further comprises a Security Management Unit (SMU), wherein said SMU is configured to utilize the plurality of owner indicators and the plurality of validity marks to enforce access privileges to the plurality of cache blocks”.  The prior art of record neither anticipates nor renders obvious the above recited combination.  
The primary reasons for allowance of claim 11 in the instant application is the combination with the inclusion in these claims that “wherein said apparatus further comprising a Security Management Unit (SMU), wherein said SMU is configured to enforce access privileges that couple instructions and data retained in the plurality of cache blocks using the plurality of owner indicators and the plurality of validity marks”.  The prior art of record neither anticipates nor renders obvious the above recited combination.  
The primary reasons for allowance of claim 14 in the instant application is the combination with the inclusion in these claims that “wherein said apparatus further comprising an execution unit, wherein said execution unit comprises a set of registers for retaining values, wherein the set of registers are configured to be used during execution of instructions by said execution unit; wherein said execution unit is configured to receive an instruction, an instruction validity mark, and an instruction owner indicator, wherein the instruction is an instruction to be executed by said execution unit and configured to read from a cache block in the plurality of cache blocks, wherein the instruction validity mark is a validity mark that corresponds the cache block, and wherein the instruction owner indicator is an owner indicator that corresponds the cache block; and wherein said execution unit is configured to erase content in at least a portion of the set of registers based on at least one of the instruction validity mark and the instruction owner indicator”.  The prior art of record neither anticipates nor renders obvious the above recited combination.  
As allowable subject matter has been indicated, applicant's response must either comply with all formal requirements or specifically traverse each requirement not complied with.  See 37 C.F.R. § 1.111(b) and § 707.07(a) of the MPEP.

B.	Claims Rejected
	Claims 1-3, 5-7, 12, and 13 are rejected.

C.	Direction for Future Remarks
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JAE UN YU whose telephone number is (571)272-1133. The examiner can normally be reached M-F 9-5.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Tim Vo can be reached on (571)272-3642. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/JAE U YU/Primary Examiner, Art Unit 2138