DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This office action is in response to the amendments filed on March 21, 2022.
Claims 1, 3-6, 8, 11-12, 15-24 have been amended.
Claims 1-24 are pending.

Priority
Applicant’s claim for the benefit of prior-filed application U.S. Provisional Patent Application Serial No. 62/815,554, filed on March 8, 2019, under 35 U.S.C. 119(e) is acknowledged. 

Response to Arguments
The objections to the drawings submitted on June 18, 2019 have been withdrawn as the drawings have been amended.
The claim rejections to Claims 15-19 regarding 35 U.S.C. 101 have been withdrawn as the claims have been amended.
Applicant’s arguments with respect to claims 1-24 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 14-15, 20 are rejected under 35 U.S.C. 103 as being unpatentable over Iwata (JP Patent No. 2007-300370 A) in view of Kameda et al (JP Patent No. 2012-010254 A) hereinafter referred to as “Kameda”.

Regarding Claim 1:
	Iwata discloses the following limitations:
	An apparatus, comprising: a first device comprising circuitry (Claim 1, an information processing apparatus comprising first and second devices connected by a serial bus interface)
	the first device to: using an end-to-end protocol, secure a transaction in a first secure stream (Claim 1, first encryption / decryption means (secure a transaction) provided in any of a plurality of virtual channels (first secure stream) defined in the transaction layer (end-to-end protocol) of the first device)
	(taught by Kameda below)
	wherein the first secure stream is separate from a second secure stream (Claim 1, virtual channels (first secure stream is separate from a second secure stream) provided with the first and second encryption / decryption means respectively in the first and second devices are provided)
	and send the transaction secured in the first secure stream to a second device over a link established between the first device and the second device (Claim 1, selecting and performing communication (send transaction) by encryption of packet data (secured in the first secure stream) between the selected virtual channels (to a second device over a link established between the first device and the second device))
	wherein the transaction is to traverse one or more intermediate devices from the first device to the second device (Claim 1, an information processing (transaction is to traverse) apparatus comprising first and second devices connected by a serial bus interface (one or more intermediate devices))
	(taught by Kameda below)

	Kameda discloses the following limitations not taught by Iwata:
	(secure a transaction) based at least in part on a transaction type of a plurality of transaction types, the first transaction type associated with the transaction (Page 11, Par. 6-7, A communication device that communicates with an opposite device via a network, Encryption means for encrypting (secure a transaction) a predetermined area determined according to the type of data in the packet (based at least in part on a first transaction type of a plurality of transaction types, the first transaction type associated with the transaction)). Iwata does not disclose a securing of transactions based at least in part on a transaction type. Reference Kameda however teaches type-dependent encryption of packets. This encryption is used to create separate channels with different encryption algorithms (Page 12, Par. 2, Construction means for constructing a first encrypted tunnel and a second encrypted tunnel using different encryption algorithms with the opposite device), and Kameda teaches a plurality of data types in the form of control data and user data as exemplary data types (Page 10, Par. 2, identifies the data type such as control data and user data for each data field). Reference Kameda further teaches that such type-dependent encryption can improve efficiency by reducing encryption processing for less important data (Page 11, Par. 2, For example, by applying a cryptographic algorithm having a relatively high cryptographic strength to the SA for communicating control data, it is possible to ensure high security for important control data. On the other hand, with respect to SA for user data communication, the processing amount for encryption can be reduced by applying an encryption algorithm having a relatively low encryption strength and a small processing amount for encryption processing).
	and prior to the transaction being sent to the second device by the first device, encrypt a data portion of the transaction using an encryption key that is associated with the first transaction type and that is assigned to the first secure stream (Page 10, Par. 8, After the encryption process, the eNB 150 transmits the encrypted fragment to the security GW 250 (and prior to the transaction being sent to the second device by the first device, encrypt a data portion of the transaction); Page 7, Par. 10, Each SA is designated with a specific encryption algorithm, an encryption key for performing encrypted communication with the security GW 250 using the encryption algorithm, and an SPI parameter (using an encryption key that is associated with the first transaction type and that is assigned to the first secure stream)). Kameda further teaches using an encryption key associated to an SA, i.e. a communication channel for transmitting the specific packet data type, to perform encryption before transmission. 

	References Iwata and Kameda are considered to be analogous art because they relate to encryption of packets, i.e. transactions, in a communication protocol. Therefore, it would have been
obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to
combine the secure communication protocol of Iwata with the type-dependent encryption of Kameda in order to gain the benefit of additional efficiency in processing the encryption of packets.

Regarding Claim 14:
	The combination of Iwata and Kameda discloses Claim 1.
	Iwata further discloses the following limitation:
	wherein the link between the first device and the second device is established based on a peripheral component interconnect express (PCIe) protocol and the end-to-end protocol (Page 2, Par. 2, in the PCI Express standard (PCIe protocol and the end-to-end protocol), data transmission between devices (link between the first device and the second device) is performed using packets). The disclosure of Iwata in encrypting transactions between devices is directed in particular towards the PCIe protocol. 

Regarding Claim 15:
	Iwata discloses the following limitations:
	One or more non-transitory computer-readable media with instructions stored thereon, wherein the instructions are executable to cause a machine to (Page 3, Par. 4, The CPU 23 is a processor that controls the operation of the PC 11, and executes various programs (operating system, application program) loaded from the HDD 30 to the main memory 25 (One or more non-transitory computer-readable media with instructions stored thereon, wherein the instructions are executable to cause a machine to)). Iwata discloses executing the instructions related to the invention from a non-transitory computer readable media.
	receive, at a first device, a transaction from a second device over a link established between the first device and the second device (Claim 1, selecting and performing communication by encryption of packet data between the selected virtual channels (receive, at a first device, a transaction from a second device over a link established between the first device and the second device)). Iwata discloses transmitting encrypted packets from one device to another device, and therefore likewise teaches the reception of a transaction from the other device (Abstract, An object of the present invention is to provide an information processing apparatus capable of encrypting packet data transmitted and received between devices).
	wherein the transaction is to traverse one or more intermediate devices from the second device to the first device (Claim 1). This limitation of the claim was previously shown to be taught by Iwata in the rejection of Claim 1. 
	determine that the transaction is secured in a first secure stream of a plurality of secure streams according to an end-to-end protocol (Page 5, Par. 4, If it is determined that encryption or decryption processing has been designated for the packet (YES) (determine that the transaction is secured … according to an end-to-end protocol), the CPU 23 encrypts or decrypts the packet with Virtual Channel n in which the encryption / decryption circuit 36 is mounted in step S3 (in a first secure stream of a plurality of secure streams)). Iwata teaches a plurality of secure streams in the form of virtual channels, and a determination is made whether a packet is encrypted or not, i.e. secured. 
	(taught by Kameda below)
	(taught by Kameda below)

	Kameda discloses the following limitations not taught by Iwata:
	wherein the transaction is secured in the first secure stream based, at least in part, on a transaction type of the transaction, wherein the transaction type is one of a plurality of transaction types (Page 11, Par. 6-7). This limitation of the claim was previously shown to be taught by Kameda in the rejection of Claim 1. 
	and use a decryption key to decrypt encrypted data in the transaction, wherein the decryption key is associated with the transaction type of the transaction and is assigned to the first secure stream (Page 3, Par. 11, The decryption processing unit 117 is a functional unit that decrypts a packet received from the transmission side, and decrypts the received packet using an encryption algorithm defined in SA (and use a decryption key to decrypt encrypted data in the transaction); Page 9, Par. 10, At the start of the encrypted communication process, the eNB 150 and the security GW 250 negotiate the exchange of the SA encryption key, and set the SA based on the encryption key (wherein the decryption key is associated with the transaction type of the transaction and is assigned to the first secure stream)). Kameda further discloses decrypting packets received from the transmission, and this decryption is performed according to the specific encryption algorithm/key assigned to the SA, i.e. the communication channel specific to the transaction type. That is, Kameda teaches negotiating cryptographic keys to establish the communication channel, so this decryption key is assigned to the first secure stream according to the transaction type under the broadest reasonable interpretation. 

	Iwata does not disclose a securing of transactions based at least in part on a transaction type. Reference Kameda however teaches type-dependent encryption/decryption of packets. This encryption is used to create separate channels with different encryption algorithms (Page 12, Par. 2, Construction means for constructing a first encrypted tunnel and a second encrypted tunnel using different encryption algorithms with the opposite device), and Kameda teaches a plurality of data types in the form of control data and user data as exemplary data types (Page 10, Par. 2, identifies the data type such as control data and user data for each data field). Reference Kameda further teaches that such type-dependent encryption/decryption can improve efficiency by reducing encryption processing for less important data (Page 11, Par. 2, For example, by applying a cryptographic algorithm having a relatively high cryptographic strength to the SA for communicating control data, it is possible to ensure high security for important control data. On the other hand, with respect to SA for user data communication, the processing amount for encryption can be reduced by applying an encryption algorithm having a relatively low encryption strength and a small processing amount for encryption processing).
	References Iwata and Kameda are considered to be analogous art because they relate to encryption of packets, i.e. transactions, in a communication protocol. Therefore, it would have been
obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to
combine the secure communication protocol of Iwata with the type-dependent decryption of Kameda in order to gain the benefit of additional efficiency in processing the encryption of packets.

Regarding Claim 20:
	Iwata discloses the following limitations:
	A system, comprising: a first endpoint including a transmitter (Claim 1). This limitation of the claim, i.e. a first device for transmitting a packet, was previously shown to be taught by Iwata in the rejection of Claim 1. 
	and a second endpoint including a receiver to receive a transaction from the first endpoint via a link and one or more intermediate devices (Claim 1). This limitation of the claim, i.e. a second device for receiving a packet after traversing one or more intermediate devices, was previously shown to be taught by Iwata in the rejection of Claim 15. 
	(taught by Kameda below)
	 (taught by Kameda below)
	 (taught by Kameda below)
	 (taught by Kameda below)

	Kameda discloses the following limitations not taught by Iwata:
	wherein the first endpoint is to: determine a transaction type of the transaction, wherein the transaction type is one of a plurality of transaction types (Page 7, Par. 8, The data determination unit 154 is, for each piece of input fragment data, each piece of user data having relatively low importance or control data having relatively high importance for using the user data. Judgment is made (wherein the first endpoint is to: determine a transaction type of the transaction, wherein the transaction type is one of a plurality of transaction types)). Kameda teaches determining a transaction type in the example of whether the packet consists of user and control data. 
	insert, in the transaction, secure stream information indicating that the transaction is secured in a first secure stream of a plurality of secure streams (Page 7, Par. 8, The data determination unit 154 adds an identification flag corresponding to the determination result to the fragment and inputs the fragment to the SPD search processing unit 155 (insert, in the transaction, secure stream information indicating that the transaction is secured in a first secure stream of a plurality of secure streams)). Kameda further teaches adding to the packet an identification flag which identifies the data type, which in turn indicates that the packet is secured according to the type (Page 7, Par. 9, The SPD search processing unit 155 searches for and assigns selector information for determining a packet to be encrypted and SPD information for specifying an encryption algorithm based on information such as an identification flag and an IP header attached to an input fragment). 
	wherein the first secure stream is based at least in part on the transaction type of the transaction (Page 11, Par. 6-7). This limitation of the claim was previously shown to be taught by Kameda in the rejection of Claim 1. 
	and prior to the transaction being sent to the second endpoint from the first endpoint, encrypt a data portion of the transaction using an encryption key that is associated with the transaction type and that is assigned to the first secure stream (Page 10, Par. 8, Page 7, Par. 10). This limitation of the claim was previously shown to be taught by Kameda in the rejection of Claim 1. 

	Iwata does not disclose a securing of transactions based at least in part on a transaction type. Reference Kameda however teaches type-dependent encryption/decryption of packets. This encryption is used to create separate channels with different encryption algorithms (Page 12, Par. 2, Construction means for constructing a first encrypted tunnel and a second encrypted tunnel using different encryption algorithms with the opposite device), and Kameda teaches a plurality of data types in the form of control data and user data as exemplary data types (Page 10, Par. 2, identifies the data type such as control data and user data for each data field). Reference Kameda further teaches that such type-dependent encryption/decryption can improve efficiency by reducing encryption processing for less important data (Page 11, Par. 2, For example, by applying a cryptographic algorithm having a relatively high cryptographic strength to the SA for communicating control data, it is possible to ensure high security for important control data. On the other hand, with respect to SA for user data communication, the processing amount for encryption can be reduced by applying an encryption algorithm having a relatively low encryption strength and a small processing amount for encryption processing).
	References Iwata and Kameda are considered to be analogous art because they relate to encryption of packets, i.e. transactions, in a communication protocol. Therefore, it would have been
obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to
combine the secure communication protocol of Iwata with the type-dependent decryption of Kameda in order to gain the benefit of additional efficiency in processing the encryption of packets.

Claims 2-5, 16 are rejected under 35 U.S.C. 103 as being unpatentable over the combination of Iwata/Kameda further in view of Lakshmanamurthy et al. (U.S. Patent No. 2013/0086586 A1) hereinafter referred to as “Lakshmanamurthy”.

Regarding Claim 2:
	The combination of Iwata/Kameda discloses Claim 1.
	Lakshmanamurthy discloses the following limitation not taught by the combination of Iwata/Kameda:
	wherein the first secure stream is based on one of a posted transaction type, a non-posted transaction type, or completion transaction type (Par. [0035-36], each channel may include multiple such transaction queues (first secure stream) for different request types, namely a posted queue, non-posted, and completion (posted transaction type, a non-posted transaction type, or completion transaction type) … each channel may include corresponding request queues for each of the request types). The combination of Iwata and Kameda does not explicitly disclose that the secure stream is based on one of the three types listed. Lakshmanamurthy however teaches that the different transaction types may be split into separate queues/channels, and that this allows for implementing a flow control mechanism for managing requests (Par. [0035], thus each request type includes its own credit counter to maintain a count of credits available). 

	References Iwata, Kameda, and Lakshmanamurthy are considered to be analogous art because they all relate to packet transmission in a communication protocol with Iwata and Lakshmanamurthy both being directed particularly to PCIe, which is relevant to the applicant’s field of invention. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the secure communication protocol of Iwata/Kameda with the separation of channels by transaction type taught by Lakshmanamurthy in order to gain the benefit of introducing a flow control mechanism which manages buffer space for each transaction type. 

Regarding Claim 3:
	The combination of Iwata and Kameda disclose Claim 1.
	Lakshmanamurthy discloses the following limitation not taught by the combination of Iwata and Kameda:
	wherein the second secure stream is based on one of a non-posted transaction type, a completion transaction type, or a combination of a posted transaction type and a completion transaction type (Par. [0046], deadlock avoidance dictates that posted writes and completions (wherein the second secure stream is based on one of … a combination of a posted transaction type and a completion transaction type) be allowed to pass blocked non-posted transactions (non-posted transaction type)). The combination of Iwata and Kameda does not disclose that the secure stream is based on one of the three types listed. Lakshmanamurthy however teaches that the different transaction types may be split into separate queues/channels, and that it is natural to combine posted writes and completions into one stream to respect ordering rules.

	References Iwata, Kameda, and Lakshmanamurthy are considered to be analogous art because they all relate to packet transmission in a communication protocol with Iwata and Lakshmanamurthy both being directed particularly to PCIe, which is relevant to the applicant’s field of invention. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the secure communication protocol of Iwata/Kameda with the separation of channels by transaction type taught by Lakshmanamurthy in order to gain the benefit of introducing a flow control mechanism which manages buffer space for each transaction type while avoiding deadlock by combining posted and completion transaction types.

Regarding Claim 4:
	The combination of Iwata and Kameda disclose Claim 1.
	Lakshmanamurthy discloses the following limitation not taught by the combination of Iwata and Kameda:
	wherein the transaction is one of two or more transactions associated with the first transaction type and secured in the first secure stream based at least in part on the first transaction type, and wherein the two or more transactions are to be received by the second device in a same order that the first device is to send the two or more transactions (Par. [0054], the second transaction is not allowed to pass the first transaction (the transaction is one of two or more transactions associated with the first transaction type and secured in the first secure stream based at least in part on the first transaction type), thus supporting producer-consumer strong ordering model (the two or more transactions are to be received by the second device in a same order that the first device is to send the two or more transactions)). The combination of Iwata and Kameda discloses associating/securing transactions in communication channels according to the transaction type, but does not disclose the order of transactions received. As previously shown however, Lakshmanamurthy teaches the channels being designated a specific transaction type, and the strict ordering rules of PCIe dictate that transactions may not pass transactions of the same type, thus constituting receiving transactions in the same order (e.g. posted transactions).

	References Iwata, Kameda, and Lakshmanamurthy are considered to be analogous art because they all relate to packet transmission in a communication protocol with Iwata and Lakshmanamurthy both being directed particularly to PCIe, which is relevant to the applicant’s field of invention. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the secure communication protocol of Iwata/Kameda with the strict ordering brought about by the separation of channel types taught by Lakshmanamurthy in order to gain the benefit of having transactions obey PCIe ordering requirements, thereby avoiding potential issues such as deadlock.

Regarding Claim 5:
	The combination of Iwata/Kameda/Lakshamanamurthy discloses Claim 4.
	Kameda further discloses the following limitation:
	wherein the second secure stream is based, at least in part, on a second transaction type (Page 12, Par. 2, Construction means for constructing a first encrypted tunnel and a second encrypted tunnel using different encryption algorithms with the opposite device (wherein the second secure stream); Page 11, Par. 6-7, A communication device that communicates with an opposite device via a network, Encryption means for encrypting a predetermined area determined according to the type of data in the packet (is based, at least in part, on a second transaction type)). Kameda teaches multiple encryption channels and performing the encryption according to the data type.
	(taught by Lakshamanamurthy below)
	Lakshmanamurthy discloses the following limitation not taught by the combination of Iwata and Kameda:
	wherein two or more other transactions are associated with the second transaction type and are secured in the second secure stream based at least in part on the second transaction type, wherein the two or more other transactions are to be received by the second device in a same order that the first device is to send the two or more other transactions (Par. [0054], the second transaction is not allowed to pass the first transaction (wherein two or more other transactions are associated with the second transaction type and are secured in the second secure stream based at least in part on the second transaction type), thus supporting producer-consumer strong ordering model (wherein the two or more other transactions are to be received by the second device in a same order that the first device is to send the two or more other transactions)). As previously shown in Claim 4, Lakshmanamurthy teaches the channels being designated a specific transaction type, and the strict ordering rules of PCIe dictate that transactions may not pass transactions of the same type, and this likewise applies to a second secure stream with a second transaction type. 

	The reasons for motivation/combination of references remain the same as in Claim 4.
	
Regarding Claim 16:
	The claim has limitations similar to those treated in the above rejection of Claim 2, and
is met by the references as discussed above.

Claims 6-9, 17-18, 21-23 are rejected under 35 U.S.C. 103 as being unpatentable over the combination of Iwata and Kameda further in view of Liu et al. (U.S. Patent No. 2014/0040618 A1) hereinafter referred to as “Liu”.
Regarding Claim 6:
	The combination of Iwata and Kameda discloses Claim 1.
	Iwata further discloses the following limitations:
	the transaction comprises: encrypted data (Page 5, Par. 1, note that data encryption processing is performed only by the Data field (encrypted data) of the TLP shown in FIG. 5 by the Virtual Channel n in which the encryption / decryption circuit 36 is mounted. Other fields of TLP and Ordered-set / DLLP are not subject to encryption) 
	(taught by Kameda below)
	a header including routing information for the transaction (Page 2, Par. 3, in the PCI Express standard, data transmission between devices is performed using packets). The invention of Iwata is directed to transactions in PCIe which necessarily have a header which includes routing information for the transaction as shown in the documentation for PCIe (Page 73, depending on the type of a packet, the header for that packet will include some of the following types of fields: address/routing information)
	(taught by Liu below)

	Kameda further discloses the following limitation:
	generated by encrypting the data portion of the transaction using the encryption key associated with the first transaction type (Page 12, Par. 4, encrypting a part of the plurality of fragments (generated by encrypting the data portion of the transaction) using an encryption algorithm corresponding to the first encryption tunnel (using the encryption key associated with the first transaction type)). As argued previously in Claim 1, Kameda teaches the creation of secure channels corresponding to different transaction types by negotiating encryption keys and uses these encryption keys to encrypt packets according to transaction type. 

	Liu discloses the following limitation not taught by the combination of Iwata and Kameda:
	and secure stream information including an indication of whether the transaction originated from a trusted entity at the first device (Par. [0043], a receiving device that receives the encrypted MPDUs verifies the identity of the encrypting device (indication of whether the transaction originated from a trusted entity at the first device) based on the message integrity code (secure stream information)). The combination of Iwata and Kameda does not disclose an indication of the transaction coming from a trusted identity. Liu however teaches the inclusion of a message integrity code (MIC) which is attached to the transaction in communication protocols. Liu further teaches that this allows the receiver to verify the identity of the first device (Par. [0043]).
	References Iwata, Kameda, and Liu are considered to be analogous art because they all relate to packet transmission in a communication protocol. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the secure communication protocol of Iwata/Kameda with the message integrity code taught by Liu in order to gain the benefit of additional security by being able to verify the identity of the sender of a transaction.

Regarding Claim 7:
	The combination of Iwata/Kameda/Liu discloses Claim 6.
	Liu further discloses the following limitations:	wherein the first device is further to: compute an integrity code value over at least the secure stream information, the encrypted data, and the header (Par. [0043], the encrypting device generates a message integrity code (MIC) (compute an integrity code value) for each encrypted MPDU (over at least the secure stream information, the encrypted data, and the header))
	and add the integrity code value to the transaction (Par. [0043], the message integrity code (integrity code value) is appended to the encrypted MPDU (add to transaction) when the encrypted MPDU is transmitted)
	wherein the integrity code value is to be computed based, at least in part, on a first encryption counter assigned to the first secure stream (Fig. 7A shows that GCM/MIC module receives an encryption counter from PN (packet number) module; Par. [0111], the GCM module 204 (computed based, at least in part, on a first encryption counter assigned to the first secure stream) includes a MIC module 206 that generates a MIC (integrity code value) shown in FIGS. 7B and 7C). 

	The reasons for motivation/combination of references remain the same as in Claim 6.

Regarding Claim 8:
	The combination of Iwata/Kameda/Liu discloses Claim 6.
	Iwata further discloses the following limitations:
	wherein the first device is further to: insert the header and the secure stream information in the transaction in an unencrypted form (Page 5, Par. 1, other fields of TLP (insert the header and the secure stream information) and Ordered-set / DLLP are not subject to encryption (in an unencrypted form)) 

Regarding Claim 9:
	The combination of Iwata/Kameda/Liu discloses Claim 6.
	Liu further discloses the following limitation:
	wherein the first device is to store the secure stream information in a prefix of a transaction layer packet of the transaction, one of one or more headers of the transaction layer packet, a payload of the transaction layer packet, or a security layer added to the transaction layer packet (Par. [0043], the message integrity code (secure stream information) is appended to the encrypted MPDU (store in a security layer added to the transaction layer packet) when the encrypted MPDU is transmitted)

Regarding Claim 17:
	The claim has limitations similar to those treated in the above rejection of Claim 6, and
is met by the references as discussed above.

Regarding Claim 18:
	The combination of Iwata/Kameda/Liu discloses Claim 17.
	Liu further discloses the following limitations:
	wherein the instructions are executable to cause the machine further to: verify integrity of the transaction by: computing an integrity code value over at least the secure stream information, the header, and the encrypted data (Par. [0043], the encrypting device generates a message integrity code (MIC) (compute an integrity code value) for each encrypted MPDU (over at least the secure stream information, the encrypted data, and the header))
	and comparing the integrity code value to another integrity code value received with the transaction (Par. [0105], The authenticator sends the message integrity code generated by the authenticator to the supplicant in Message 3. When the supplicant determines that the message integrity code generated by the authenticator is the same as the message integrity code generated by the supplicant (comparing the integrity code value to another integrity code value received with the transaction), the supplicant determines that the authenticator is using the same master key as the supplicant to generate the temporal keys)

Regarding Claim 21:
	The claim has limitations similar to those treated in the above rejection of Claim 6, and is met by the references as discussed above.

Regarding Claim 22:
	The claim has limitations similar to those treated in the above rejection of Claims 6 and 18, and is met by the references as discussed above.

Regarding Claim 23:
	The claim has limitations similar to those treated in the above rejection of Claims 6, 8, and 18, and is met by the references as discussed above.


	Claim 10 is rejected under 35 U.S.C. 103 as being unpatentable over the combination of Iwata/Kameda/Liu further in view of Biran et al. (U.S. Patent No. 2009/0006932 A1) hereinafter referred to as “Biran” and further in view of Brownell et al. (U.S. Patent No. 2010/0312928 A1) hereinafter referred to as “Brownell”.

Regarding Claim 10:
	The combination of Iwata/Kameda/Liu discloses Claim 6.
	Biran discloses the following limitations not taught by the combination of Iwata/Kameda/Liu:
	wherein the secure stream information comprises: a trusted bit indicating whether the transaction originated from the trusted entity at the first device (Par. [0042], a transaction initiator or sending device constructs, creates or generates a TLP according the modified PCIe protocol and indicates the presence of an application-specific packet digest (whether the transaction originated from the trusted entity at the first device), for example, using an indication bit (trusted bit indicating) or flag or parameter in the TLP header). The combination of Iwata/Kameda/Liu does not disclose a bit indicating whether the transaction originates from a trusted entity. Biran however teaches that an indication bit can be used to indicate the presence of a packet digest, which checks for data integrity. “digest may include, for example, a portion or content of a PCIe TLP that is optionally appended to the TLP; a TLP portion or TLP content that is used, in whole or in part, for ECRC, CRC, or other data protection mechanisms or data checking mechanisms or data integrity mechanisms or data verification mechanisms” (Par. [0036]). Biran further teaches that “usage of TLP digest for carrying and transferring application-specific data saves data credits” (Par. [0061]) and that usage of the indication bit allows for “more optimal utilization of digest resources without compromising data integrity”.
	and a counter bit indicating whether the transaction includes a counter value (Par. [0042], a transaction initiator or sending device constructs, creates or generates a TLP according the modified PCIe protocol and indicates the presence of an application-specific packet digest (counter value), for example, using an indication bit (counter bit) or flag or parameter in the TLP header). Likewise, Biran discloses an indication bit which may be used for indicating a counter.
	(taught by Brownell below)

	Brownell discloses the following limitation not taught by either the combination of Iwata/Kameda/Liu or Biran:
	representing a number of posted transactions sent by the first device to the second device since a last non-posted transaction or a last completion transaction was sent by the first device to the second device (Par. [0022], alternatively, the counter may count a number of packets (number of posted transactions) that have been processed by the priority receiver 202 (sent by the first device to the second device) since the arrival of a low priority packet (since a last non-posted transaction or a last completion transaction was sent by the first device to the second device)… in other words, upon the arrival of a lower-priority packet, the counter 224 may begin counting the number of posted packets 210 received by the priority receiver 202). The combination of Iwata/Kameda/Liu/Biran does not disclose a counter value representing number of posted transactions since the last non-posted or completion transaction sent. Brownell however teaches a counter for posted transactions since the last non-posted/completion transaction. Brownell further teaches that such a counter can be used to prevent packet starvation, by keeping track of the processing of higher/lower priority packets consumption so that both types are serviced (Par. [0009], starvation of the lower-priority packet stream is avoided while ensuring that the posted packets are processed ahead of the lower-priority packets).
	References Iwata, Kameda, Liu, Biran, and Brownell are considered to be analogous art because they all relate to packet transmission in a communication protocol with Biran and Brownell both being directed particularly to PCIe, which is relevant to the applicant’s field of invention. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the secure communication protocol of Iwata/Kameda/Liu with the packet digest indicator bit taught by Biran in order to gain the benefit of optimizing packet flow by reducing data bandwidth required while maintaining data integrity. 
Additionally, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to further combine the secure communication protocol of Iwata/Kameda/Liu/Biran with the packet counter taught by Brownell in order to gain the benefit of a tracking mechanism which helps to prevent packet starvation.

	Claim 11 is rejected under 35 U.S.C. 103 as being unpatentable over the combination of Iwata and Kameda further in view of Brownell and Liu.
Regarding Claim 11:
	The combination of Iwata and Kameda discloses Claim 1.
	Brownell discloses the following limitations not taught by the combination of Iwata and Kameda:
	wherein, based on the first transaction type of the transaction being a non-posted transaction type or a completion transaction type (Par. [0032], therefore, if the counter 224 has previously been started and is currently tracking the delay-reference of the lower-priority packet based on the first transaction type of the transaction being a non-posted transaction type or a completion transaction type))
	(taught by Liu below)
	wherein the value of the first counter represents a number of posted transactions sent by the first device to the second device since a last non-posted transaction or a last completion transaction was sent by the first device to the second device (Par. [0022], alternatively, the counter (value of the first counter) may count a number of packets (number of posted transactions) that have been processed by the priority receiver 202 (sent by the first device to the second device) since the arrival of a low priority packet (since a last non-posted transaction or a last completion transaction was sent by the first device to the second device)… in other words, upon the arrival of a lower-priority packet, the counter 224 may begin counting the number of posted packets 210 received by the priority receiver 202). The combination of Iwata and Kameda does not disclose a counter value representing number of posted transactions since the last non-posted or completion transaction sent. Brownell however teaches a counter for posted transactions since the last non-posted/completion transaction. Brownell further teaches that such a counter can be used to prevent packet starvation, by keeping track of the processing of higher/lower priority packets consumption so that both types are serviced (Par. [0009], starvation of the lower-priority packet stream is avoided while ensuring that the posted packets are processed ahead of the lower-priority packets).

	Liu discloses the following limitation not taught by the combination of Iwata and Kameda or Brownell:
	the first device is further to: obtain a value of a first counter; and insert the value of the first counter in the transaction (Par. [0112], the packet number fields include the packet number (insert value of the first counter in the transaction) generated by the PN counter module 202 (obtain a value of a first counter)). The combination of Iwata and Kameda does not disclose a counter for packets. Brownell discloses a counter for packets, but the counter is not inserted into the packet itself. Liu however teaches that the header of each transaction contains fields related to the packet number and Liu uses this counter in order to detect replay attacks, (Par. [0119], if the encrypted MPDUs received do not have increasing packet numbers, the encrypting device declares a replay attack). 

References Iwata, Kameda, Liu, and Brownell are considered to be analogous art because they all relate to packet transmission in a communication protocol with Brownell being directed particularly to PCIe, which is relevant to the applicant’s field of invention. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the secure communication protocol of Iwata/Kameda with the packet counter taught by Brownell in order to gain the benefit of a tracking mechanism which helps to prevent packet starvation.
Additionally, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to further combine the secure communication protocol of Iwata/Kameda/Brownell with the insertion of the packet counter into the transaction of Liu in order to gain the benefit of being able to detect replay attacks.

	Claim 12 is rejected under 35 U.S.C. 103 as being unpatentable over the combination of Iwata and Kameda further in view of Brownell.
Regarding Claim 12:
	The combination of Iwata and Kameda discloses Claim 1.
	Brownell discloses the following limitation not taught by the combination of Iwata and Kameda:
	wherein, based on the first transaction type of the transaction being a posted transaction type, the first device is further to: increment a first counter that represents a number of posted transactions sent by the first device to the second device since a last non-posted transaction or a last completion transaction was sent by the first device to the second device (Par. [0028], after the priority receiver 202 receives a posted packet 210 at block 406 (based on the first transaction type of the transaction being a posted transaction type), process flow may advance to block 408, wherein the counter 224 may be incremented (increment a first counter); Par. [0022], alternatively, the counter may count a number of packets (number of posted transactions) that have been processed by the priority receiver 202 (sent by the first device to the second device) since the arrival of a low priority packet (since a last non-posted transaction or a last completion transaction was sent by the first device to the second device)). 

The limitations of this claim have similar content to that of Claims 10 and 11, so the same rationale may be used to justify the obviousness of combining references Iwata and Kameda with Brownell.

	Claim 13 is rejected under 35 U.S.C. 103 as being unpatentable over the combination of Iwata and Kameda further in view of Biran and further in view of Buer et al (U.S. Patent No. 2004/0128553 A1) hereinafter referred to as Buer.
Regarding Claim 13:
	The combination of Iwata and Kameda discloses Claim 1.
	Biran discloses the following limitation not taught by the combination of Iwata and Kameda:
	wherein the transaction is to include an indication (Par. [0042], a transaction initiator or sending device constructs, creates or generates a TLP according the modified PCIe protocol and indicates the presence of an application-specific packet digest, for example, using an indication bit (transaction is to include an indication) or flag or parameter in the TLP header). The combination of Iwata and Kameda does not explicitly teach the usage of indicators within a transaction. Biran however teaches that indication of application specific data may be inserted within a transaction in order to “reduce application-specific data payload usage” (Par. [0059]). 
	(taught by Buer below)

	Buer discloses the following limitation not taught by either the combination of Iwata and Kameda or Biran:
of whether the end-to-end protocol is operating in a restricted ordering mode or an explicit counter mode (Par. [0142], in strict ordering mode, the ISU can accept 4 requests from each DRU channel, but it will always process them in strict order (restricted ordering mode) according to the LDU_TAG. In source ordering mode (explicit counter mode), the ISU processes the data from each DRU channel independently in a round robin fashion). The combination of Iwata/Kameda/Liu does not teach the concept of a restricted ordering mode vs. an explicit counter mode beyond the inherent relaxed ordering bit of a transaction in PCIe. Buer however teaches that an application may operate in strict ordering mode (restricted ordering mode) or source ordering mode (explicit counter mode) on the application level. Buer further teaches that these modes allow the system to “distribute packets for maximum crypto unit usage” (Par. [0127]). 

References Iwata, Kameda, Biran, and Buer are considered to be analogous art because they all relate to packet transmission in a communication protocol. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the secure communication protocol of Iwata/Kameda with the application-specific packet digest indicator taught by Biran in order to gain the benefit of reducing bandwidth usage.
Additionally, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to further combine the secure communication protocol of Iwata/Kameda/Biran with the operational modes of Buer in order to gain the benefit of optimizing packet distribution.

Claim 19 is rejected under 35 U.S.C. 103 as being unpatentable over the combination of Iwata and Kameda further in view of Gustafsson et al (U.S. Patent No. 9,363,684) hereinafter referred to as “Gustafsson” and further in view of Hongyan et al (CN 101640629 B) hereinafter referred to as “Hongyan” and further in view of Brownell.
Regarding Claim 19:
	The combination of Iwata and Kameda discloses Claim 15.
	Gustafsson discloses the following limitations not taught by the combination of Iwata and Kameda:
	(taught by Brownell below)
	obtain a value of a first counter from the transaction (Abstract, retrieving (503, 504) a first sequence number (obtain a value of a first counter) from a first data packet (from the transaction))
decrement a value of a second counter in the first device by the value of the first counter (Abstract, a second sequence number (second counter) from a second data packet … calculating (505) a difference (∆) between the sequence numbers (decrement a value of a second counter in the first device by the value of the first counter))
and based on determining that the value of the second counter is less than zero (Abstract, determining (506) a number (k) of lost IP packets). The combination of Iwata and Kameda does not disclose a subtraction of transaction counters. Gustafsson however teaches that two packet number counters can be maintained such that taking the difference between the two counters determines the number of lost packets sent during communication. 
(taught by Hongyan below)
(taught by Brownell below)

Hongyan discloses the following limitation not taught by either the combination of Iwata/Kameda or Gustafsson:
terminate a session associated with the transaction (Abstract, an upper-layer application terminates links with bad quality (terminate a session associated with the transaction) in time and then the link communication quality can be improved). The combination of Iwata/Kameda and Gustafsson do not disclose termination of the transaction session. Hongyan however teaches that a transaction session can be terminated if there is a determination of packet loss, towards which the system of Gustafsson is directed, and that this termination can be used to improve communication quality. 

	Brownell discloses the following limitations:
	wherein, based on the transaction type of the transaction being a non-posted transaction type or a completion transaction type, wherein the instructions are executable to cause the machine further to (Par. [0032], therefore, if the counter 224 has previously been started and is currently tracking the delay-reference of the lower-priority packet (based on the transaction type of the transaction being a non-posted transaction type or a completion transaction type))
	wherein the value of the first counter represents a number of posted transactions sent by the second device to the first device since a last non-posted transaction or a last completion transaction was sent by the second device to the first device, and the value of the second counter represents a number of posted transactions received by the first device from the second device since a last non-posted transaction or a last completion transaction was received by the first device from the second device (Par. [0022], alternatively, the counter (value of the first counter) may count a number of packets (number of posted transactions) that have been processed by the priority receiver 202 (sent by the second device to the first device) since the arrival of a low priority packet (since a last non-posted transaction or a last completion transaction was sent by the second device to the first device)… in other words, upon the arrival of a lower-priority packet, the counter 224 may begin counting the number of posted packets 210 received by the priority receiver 202). As shown previously, Gustafsson discloses the usage of two packet counters in order to track packet loss. Brownell however teaches that a counter can be configured to track the number of posted transactions since the last non-posted/completion transaction. Brownell further teaches that such a counter can be used to prevent packet starvation, by keeping track of the processing of higher/lower priority packets consumption so that both types are serviced (Par. [0009], starvation of the lower-priority packet stream is avoided while ensuring that the posted packets are processed ahead of the lower-priority packets).

	References Iwata, Kameda, Gustafsson, Hongyan, and Brownell are considered to be analogous art because they all relate to packet transmission in a communication protocol. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the secure communication protocol of Iwata/Kameda with the packet counters taught by Gustafsson in order to gain the benefit of tracking packet loss.
	Additionally, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to further combine the secure communication protocol of Iwata/Kameda/Gustafsson with the session termination of Hongyan in order to improve quality of communicating data.
	Additionally, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to further combine the secure communication protocol of Iwata/Kameda/Gustafsson/Hongyan with the counting mechanism of Brownell in order to gain the benefit of a tracking mechanism which helps to prevent packet starvation.

	Claim 24 is rejected under 35 U.S.C. 103 as being unpatentable over the combination of Iwata/Kameda/Liu further in view of Lakshmanamurthy.
Regarding Claim 24:
	The combination of Iwata/Kameda/Liu disclose Claim 21.
	Lakshmanamurthy discloses the following limitations not taught by the combination of Iwata/Kameda/Liu:
	wherein a first intermediate device of the one or more intermediate devices is to: receive the transaction; and based on determining that the transaction is secured in the first secure stream, determine whether to reorder the transaction for transmission based on restricted ordering rules, wherein the restricted ordering rules comprise: not allowing a posted transaction to pass another posted transaction; not allowing a non-posted transaction to pass a non-posted transaction not allowing a non-posted transaction to pass a posted transaction; not allowing a completion transaction to pass a posted transaction; and not allowing a completion transaction to pass a completion transaction (Table 2). The combination of Iwata/Kameda/Liu does not disclose specific modified ordering rules beyond those required from PCIe. Lakshmanamurthy however teaches that the rules may be modified to appear as 
    PNG
    media_image1.png
    614
    1294
    media_image1.png
    Greyscale
presented in Figure 1 above. In particular, the ordering rules of Claim 24 match that of the table for which option ‘a’ is taken for each cell. Lakshmanamurthy teaches that this option corresponds to the relaxed/ID ordering bit not being set. Since the relaxed/ID ordering bit can be globally not set across a channel by choice of allowance (Par. [0048-50], a fabric arbiter may allow a relaxed order completion to pass a write request), the transaction ordering rules match that of Claim 24. Lakshmanamurthy further teaches that these ordering rules have the benefit of being simplified while having the basis of “producer-consumer requirements and deadlock avoidance” (Par. [0044]). 

	References Iwata, Kameda, Liu, and Lakshmanamurthy are considered to be analogous art because they all relate to packet transmission in a communication protocol with Iwata and Lakshmanamurthy both being directed particularly to PCIe, which is relevant to the applicant’s field of invention. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the secure communication protocol of Iwata/Kameda/Liu with the strict ordering taught by Lakshmanamurthy in order to gain the benefit of having simplified transaction ordering rules while meeting producer-consumer requirements and avoiding deadlock.

Related Art
	The following prior art made of record and cited on PTO-892, but not relied upon, is considered pertinent to applicant’s disclosure: 
Chen (U.S. Patent No. 2017/0213054) – Includes a method of computing a message authentication code (MAC) and inserting the code into the transaction
Winslow et al (U.S. Patent No. 9,596,075 B2) – Includes a method for encryption of serial communication through block ciphering

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ETHAN V VO whose telephone number is (571)272-2505. The examiner can normally be reached M-F 8am-5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn Feild can be reached on (571)272-2092. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




/ETHAN V VO/Examiner, Art Unit 4122                                                                                                                                                                                                        /LYNN D FEILD/Supervisory Patent Examiner, Art Unit 2431