DETAILED ACTION
This action responds to Application number 16/777956, filed 01/31/2020.
Claims 1-20 are presented for examination.
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 01/31/2020 is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Claim Objections
Claim 18 is objected to because of the following informalities: The language “control circuit is enable access to secure content” (lines 1-2) is non-idiomatic English, and appears to be a typographical error.  Examiner interprets it to mean “control circuit is to enable access to secure content” [emphasis added].

Appropriate correction is required.

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.

Claims 15, 16, 17, 18, and 19-20 rejected on the ground of nonstatutory double patenting as being unpatentable over claims 27, 28, 29, 27, and 27, respectively, of U.S. Patent No. 10592435 in view of Thom et al (US 2014/0137178 A1).

	Re claims 15, 16, 17, 18, and 19-20, the instant claims disclose the same functional limitations disclosed in the methods of claims 27, 28, 29, 27, and 27, respectively, of Patent No. 10592435 as applied to a System-on-chip (SoC).  Re claim 15, the only significant differences are the inclusion of several structural limitations necessary to perform those functional limitations, as disclosed by Thom.

Thom discloses the following:
A system on chip (SoC) comprising: a semiconductor device comprising: (¶ 83).  The computing device can be an on-chip system (system on chip) which is a semiconductor device;
at least one core to execute instructions (¶ 17).  The trusted platform module comprises a processor or other component to execute the processing functionality (instructions);
at least one cache memory (¶ 86).  The volatile memory may be used to temporarily store data, and can thus be considered a “cache”;
a non-volatile random access memory (Fig. 1, nonvolatile storage 120; ¶ 86).  The nonvolatile storage can be flash (non-volatile random access memory);
 to store a table of monotonic counters, wherein the monotonic counters include an identifier field, a value field and a status field; and (Figs. 2-3; ¶ 21-22 and 24).  The protected objects, which are typically associated with a single monotonic counter, can be considered “monotonic counter” entries; (¶ 22).  They can be stored in a table (¶ 24) in non-volatile memory (Fig. 1).  The protected objects contain cryptographic keys (identifier field), confidential data (value field), and are associated with a monotonic counter (status field) (¶ 21);
a control circuit coupled to the non-volatile random access memory, the control circuit to: (Fig. 1, trusted platform module 106).  The TPM is a control circuit coupled to the nonvolatile storage;

It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention (AIA ) to integrate the structures of Thom into the methods of the Patent No. 10592435, because the structures of Thom would enable a hardware system to perform the methods described in Patent No. 10592435.

Appropriate correction is required.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-2, 4-5, 7, 9-11, and 13-14 are rejected under 35 U.S.C. 103 as being unpatentable over Thom et al (US 2014/0137178 A1) in view of Nemiroff et al (US 2008/0320263 A1).

Re claim 1, Thom discloses the following:
An apparatus comprising: at least one core to execute instructions, (¶ 17).  The trusted platform module comprises a processor (core) or other component to execute the processing functionality (instructions);
a first at least one cache memory […] the first memory comprising a non-volatile random access memory (Fig. 1, nonvolatile storage 120; ¶ 86).  The nonvolatile storage can be flash (non-volatile random access memory);
 the first memory to store a first entry comprising a monotonic counter, the first entry including a value field and a status field (Figs. 2-3; ¶ 21-22 and 24).  The protected objects, which are typically associated with a single monotonic counter, can be considered “monotonic counter” entries; (¶ 22).  They can be stored in a table (¶ 24) in non-volatile memory (Fig. 1).  The protected objects contain cryptographic keys (identifier field), confidential data (value field), and are associated with a monotonic counter (status field) (¶ 21);
a control circuit coupled to the first memory, wherein the control circuit is to enable access to the first entry when the apparatus is in a secure mode and otherwise prevent access to the first entry (¶ 53-56).  The trusted platform module (control circuit) performs secure functions.  When the updated monotonic counter is less than a threshold difference, the mode is secure, and the secure data can be output (¶ 53-56); otherwise, access to the entry is prevented.

Thom discloses that the computing device may be an on-chip system (¶ 83), but does not specifically disclose a semiconductor die.

	Nemiroff discloses the at least one core formed on a semiconductor die; […] a first memory formed on the semiconductor die (¶ 15-16).  The processor is formed on a semiconductor die; additionally, other components such as the chipset may be integrated onto a single die. 

While Nemiroff does not explicitly disclose whether the memory is integrated on the same die as the processor, it does disclose integrating a coupled chipset into the same die as the memory, and further discloses that memory, including non-volatile random access memory, can be coupled to the processor similarly to the chipset. Accordingly, it would have been obvious to one having ordinary skill in the art that other coupled components, such as memory, could similarly be integrated onto the same die; furthermore, this would be obvious as a mere integration of parts (see MPEP § 2144.04(V)(B)).

	Re claim 2, Thom and Nemiroff disclose the apparatus of claim 1, and Thom further discloses that the control circuit is to update a value stored in the value field responsive to a first user-level monotonic counter instruction (¶ 19 and 21).  The information, including confidential data (value field) can be written/modified in response to a monotonic write/modify request (user-level monotonic counter instruction).
 
	Re claim 4, Thom and Nemiroff disclose the apparatus of claim 1, and Thom further discloses that the control circuit is to cause the value field to be set to a first value received from a second computing system responsive to a second user-level monotonic counter instruction, wherein the first value comprises a consumption level for a secure content (¶ 19 and 21).  In response to a secure write command using monotonic counter (second user-level monotonic counter instruction), the data (value field) is set to a first value (the confidential data).  The confidential data takes up a certain amount of space, and thus it comprises a consumption level for a secure content.

Re claim 5, Thom and Nemiroff disclose the apparatus if claim 4, and Thom further discloses that the apparatus is to prevent access to the secure content if the first value at least meets a policy threshold (¶ 53-56).  When the updated monotonic counter associated with data (first value) meets a policy threshold, access is prevented.

	Re claim 7, Thom and Nemiroff disclose the apparatus of claim 1, and Thom further discloses that the control circuit comprises a policy manager to enable access to a secure content if a value stored in the value field is less than a policy threshold, and otherwise prevent access to the secure content (¶ 4 and 53-54).  The trusted platform module (control circuit) manages policies (comprises a policy manager) and allows access to secure content if values are less than a policy threshold, and otherwise prevent access to the secure content.
	
	Re claim 9, Thom and Nemiroff disclose the apparatus of claim 1, and Thom further discloses that the apparatus is to execute in a trusted execution environment (Fig. 1, trusted platform module 106).

	Nemiroff discloses a trusted computing base including the monotonic counter is wholly included in the semiconductor die (¶ 15).  The chipset, which includes the security platform an monotonic counter (collectively a trusted computing base), may be integrated into the same die as the processor.

	It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention (AIA ) to combine Thom and Nemiroff, for the reasons noted in claim 1 above.

	Re claim 10, Thom and Nemiroff disclose the apparatus of claim 10, and Nemiroff further discloses that the at least one core comprises the control circuit (¶ 15).  The processor (core) may be integrated with the chipset, which can include a controller.

It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention (AIA ) to combine Thom and Nemiroff, for the reasons noted in claim 1 above.

Re claim 11, Thom discloses the following:
A system comprising: a processor comprising: at least one core to execute instructions (¶ 17).  The trusted platform module comprises a processor or other component to execute the processing functionality (instructions);
at least one cache memory (¶ 86).  The volatile memory may be used to temporarily store data, and can thus be considered a “cache”;
a non-volatile random access memory (Fig. 1, nonvolatile storage 120; ¶ 86).  The nonvolatile storage can be flash (non-volatile random access memory);
 to store a table of monotonic counters, wherein the monotonic counters include an identifier field, a value field and a status field (Figs. 2-3; ¶ 21-22 and 24).  The protected objects, which are typically associated with a single monotonic counter, can be considered “monotonic counter” entries; (¶ 22).  They can be stored in a table (¶ 24) in non-volatile memory (Fig. 1).  The protected objects contain cryptographic keys (identifier field), confidential data (value field), and are associated with a monotonic counter (status field) (¶ 21);
logic, responsive to a request by a first application, to […] update a first monotonic counter of the table of monotonic counters and provide an updated value of the first monotonic counter to the first application (Fig. 9; ¶ 37 and 75-77).  The process of Fig. 9 discloses receiving a request, determining whether the request should be allowed based on conditions including monotonic counter states, and updating monotonic counter values (¶ 75-77).  Furthermore, the access program (first application) increments the counter, so it has access to the updated value of the monotonic counter (¶ 37);
wherein the first application is to allow secure content associated with the first monotonic counter to be output via a display when the updated value of the first monotonic counter is less than a threshold (¶ 16 and 53-56).  When the updated monotonic counter is less than a threshold difference, the secure data can be output (¶ 53-56).  The output can be displayed (output via a display) (¶ 16);
a storage to store the secure content; and (¶ 17 and 21).  The secure content can be stored in storage of the trusted platform module.  Additionally, when data is stored external to the TPM, it can be stored in a secure manner using an encrypted key (¶ 21);
the display to output the secure content (¶ 16).  See above.

Thom does not specifically disclose atomically updating a monotonic counter.

Nemiroff discloses the following:
a non-volatile random access memory to store a table of monotonic counters, wherein the monotonic counters include an identifier field, a value field and a status field (Fig. 4; ¶ 31).  The anti-replay table (table of monotonic counters) is stored in non-volatile memory (non-volatile random access memory).  The blob (monotonic counter) includes a root anti-replay table blob (value field), integrity check value (identifier field), and a monotonic counter (status field);
logic, responsive to a request by a first application, to atomically update a first monotonic counter of the table of monotonic counters (Abstract; ¶ 39).  The monotonic counter is atomically updated in response to a request to do so.

It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention (AIA ) to modify the monotonic counter-based secure storage system of Thom to implement atomic updates to the monotonic counter, as in Nemiroff, because Nemiroff suggests that atomically updating the monotonic counters would ensure that the changes either all happen, or none do, allowing for system recovery in the situation where power is interrupted during the atomic operations (¶ 39).

Re claim 13, Thom and Nemiroff disclose the system of claim 11, and Thom further discloses that the threshold is based on a license associated with the secure content (¶ 20).  The policy threshold is based on policy sessions (licenses) associated with the content.

Re claim 14, Thom and Nemiroff disclose the system of claim 11, and Thom further discloses that the logic is to […] update the first monotonic counter and provide the updated value to the first application when the first application is of a first privilege level and the at least one core is in the first privilege level (¶ 18).  The data is accessed, and the monotonic counter updated, if the requesting application has a matching permission (first privilege level) to a policy in the TPM (at least one core is in the first privilege level).

Nemiroff further discloses atomically updating the first monotonic counter (Abstract; ¶ 39).  See claim 11 above.

It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention (AIA ) to combine Thom and Nemiroff, for the reasons noted in claim 11 above.

Claim 3 is rejected under 35 U.S.C. 103 as being unpatentable over Thom in view of Nemiroff, further in view of Forehand et al (US 2006/0198515 A1).

Re claim 3, Thom and Nemiroff disclose the apparatus of claim 2, and Nemiroff further discloses that the status field comprises […] a second indicator to indicate whether a backup storage for the monotonic counter is corrupt (¶ 36).  The status indicator (second indicator) indicates that the data blob and the anti-replay table blob in the temporary storage region (one of which is the backup, and both of which contain a monotonic counter) is no longer valid (corrupt).

Thom and Nemiroff do not specifically disclose a rollover indicator.

Forehand discloses that the status field comprises a rollover indicator to indicate whether the value stored in the value field has rolled over (¶ 60).  The montonic counter is divided into a LSH and an MSH portion (status field).  The MSH portion stores an indication of whether the LSH portion (value) has rolled over.

It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention (AIA ) to modify the monotonic counter systems of Thom (combined with Nemiroff) to use a rollover indicator, because it would be applying a similar technique to improve a similar apparatus in the same way.  Thom (combined with Nemiroff) discloses using monotonic counters to secure data.  Forehand discloses a similar monotonic counter-based security system, which has been improved in a similar way to the claimed invention, to use a rollover counter.  It would have been obvious to add the rollover counter of Forehand to the monotonic counter security system of Thom (combined with Nemiroff), because it would yield the predictable improvement of allowing the monotonic counter comparison to be used even after a rollover has occurred, thus increasing the amount of time that the counter can be maintained.

Claim 6 is rejected under 35 U.S.C. 103 as being unpatentable over Thom in view of Nemiroff, further in view of Sarangdhar et al (US 2013/0159727 A1).

	Re claim 6, Thom and Nemiroff discloses the apparatus of claim 2, but does not specifically disclose an address field.  

Sarangdhar discloses that the first entry further comprises an address field, wherein the control circuit is to access the first entry when the first user-level monotonic counter instruction includes an identifier corresponding to an address stored in the address field (¶ 58).  The monotonic counter (first entry) further includes an address field; if the address field matches a request to the counter, then access to the monotonic counter (first entry) is granted.

It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention (AIA ) to modify the monotonic counter secure memory of Thom (combined with Nemiroff) to utilize an address field, as in Sarangdhar, because Sarangdhar suggests that this would yield the improvement of ensuring that requests do not inadvertently access unrelated counters (¶ 58).

Claims 8 and 12 are rejected under 35 U.S.C. 103 as being unpatentable over Thom in view of Nemiroff, further in view of Nemazie et al (US 2014/0082374 A1).

Re claim 8, Thom and Nemiroff disclose the apparatus of claim 1, but do not specifically disclose that the NVRAM is a spin torque transfer memory.

Nemazie discloses that the non-volatile random access memory comprises a spin torque transfer memory (¶ 18).  The NVRAM is an STTMRAM.

It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention (AIA ) to modify the non-volatile memory of Thom (combined with Nemiroff) to utilize an STTMRAM, as in Nemazie, because Nemazie suggests that this would yield a combination of the access speed comparable to RAM, with the reliability of being non-volatile (¶ 18).

Re claim 12, Thom and Nemiroff disclose the system of claim 11, and Thom further discloses that the at least one core comprises the logic (¶ 17).  The trusted platform module is the logic, and it can include a processor (core).

Thom and Nemiroff do not specifically disclose a STTMRAM.

Nemazie discloses that the non-volatile random access memory comprises a spin torque transfer memory (¶ 18).  The NVRAM is an STTMRAM.

It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention (AIA ) to combine Thom, Nemiroff, and Nemazie, for the reasons noted in claim 8 above.

Claim 15-16 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Thom.

Re claim 15, Thom discloses the following:
A system on chip (SoC) comprising: a semiconductor device comprising: (¶ 83).  The computing device can be an on-chip system (system on chip) which is a semiconductor device;
at least one core to execute instructions (¶ 17).  The trusted platform module comprises a processor or other component to execute the processing functionality (instructions);
at least one cache memory (¶ 86).  The volatile memory may be used to temporarily store data, and can thus be considered a “cache”;
a non-volatile random access memory (Fig. 1, nonvolatile storage 120; ¶ 86).  The nonvolatile storage can be flash (non-volatile random access memory);
 to store a table of monotonic counters, wherein the monotonic counters include an identifier field, a value field and a status field; and (Figs. 2-3; ¶ 21-22 and 24).  The protected objects, which are typically associated with a single monotonic counter, can be considered “monotonic counter” entries; (¶ 22).  They can be stored in a table (¶ 24) in non-volatile memory (Fig. 1).  The protected objects contain cryptographic keys (identifier field), confidential data (value field), and are associated with a monotonic counter (status field) (¶ 21);
a control circuit coupled to the non-volatile random access memory, the control circuit to: (Fig. 1, trusted platform module 106).  The TPM is a control circuit coupled to the nonvolatile storage;
responsive to receipt of a request from a requester to update a first monotonic counter of the plurality of monotonic counters, determine whether the SoC is in a first security mode (Fig. 9; ¶ 37 and 75-77).  The process of Fig. 9 discloses receiving a request, determining whether the request should be allowed based on conditions including monotonic counter states (determining if the SoC is in a first security mode) and updating monotonic counter values (¶ 75-77).  Furthermore, the access program (first application) increments the counter, so it has access to the updated value of the monotonic counter;
when it is determined that the SoC is in the first security mode, access the first monotonic counter using an identifier associated with the request (Fig. 9, steps 902-906; ¶ 36).  When the conditions are satisfied (SoC is in the first security mode), access is allowed to the monotonic counter using an identifier of the monotonic counter (¶ 36);
increment a value of the first monotonic counter; and (¶ 37).  When access is allowed, the TPM increments the monotonic counter;
output the value of the first monotonic counter to the requestor (¶ 53-56).  When the updated monotonic counter is less than a threshold difference, the secure data can be output (¶ 53-56) to the requestor. 

While Thom discloses all the limitations of claim 15, does not specifically state whether all elements appear in the same embodiment.  Accordingly, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention (AIA ) to combine the limitations into the same embodiment, because it would be obvious to make the embodiments integral (MPEP § 2144.04(V)(B)).

Re claim 16, Thom discloses the SoC of claim 15, and further discloses that the control circuit is to prevent the access to the first monotonic counter when the SoC is not in the first security mode (Fig. 9, steps 902, 904, 910).  When the condition is not satisfied (not in the first security mode), access is denied.

Re claim 18, Thom discloses the SoC of claim 15, and further discloses that the control circuit is enable access to secure content if the value of the first monotonic counter has not met a policy threshold, and otherwise to prevent the access to the secure content (¶ 53-56).  When the updated monotonic counter is less than a threshold difference, the secure data can be output; if it is not less than the threshold, then access is prevented.

Claim 17 is rejected under 35 U.S.C. 103 as being unpatentable over Thom in view of Forehand.

Re claim 17, Thom discloses the SoC of claim 15; however, it does not specifically disclose a rollover indicator.
Forehand discloses that the control circuit is to: determine, after the increment to the value of the first monotonic counter, whether the value of the first monotonic counter has rolled over; and responsive to the rollover of the value of the first monotonic counter, set a rollover indicator in the status field indicated in the first monotonic counter (¶ 60).  The montonic counter is divided into a LSH and an MSH portion (status field).  The MSH portion stores an indication of whether the LSH portion (value) has rolled over; when the LSH portion rolls over, the MSH portion is incremented.

It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention (AIA ) to modify the monotonic counter system of Thom to use a rollover indicator, because it would be applying a similar technique to improve a similar apparatus in the same way.  Thom discloses using monotonic counters to secure data.  Forehand discloses a similar monotonic counter-based security system, which has been improved in a similar way to the claimed invention, to use a rollover counter.  It would have been obvious to add the rollover counter of Forehand to the monotonic counter security system of Thom, because it would yield the predictable improvement of allowing the monotonic counter comparison to be used even after a rollover has occurred, thus increasing the amount of time that the counter can be maintained.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Lewis (US 2015/0074427 A1) (Discloses encrypting and sending a value of the monotonic counter, but not the monotonic counter construct itself).

Any inquiry concerning this communication or earlier communications from the examiner should be directed to CRAIG S GOLDSCHMIDT whose telephone number is (571)270-3489. The examiner can normally be reached M-F 10-6.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, David Yi can be reached on 5712707519. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/CRAIG S GOLDSCHMIDT/Primary Examiner, Art Unit 2132