DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This office action is in response to the amendments filed on 04/27/2022.
Claims 1-20 are currently pending in this application. Claims 1-3, 5-13 and 15-20 have been amended.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 04/27/2022 was filed.  The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Examiner’s Note
Applicant is suggested to include information described in figures 2A, 2B, 3 and related text (e.g., the clean room of the platform for processing secure transaction data) to the claims to provide the application for a better condition for an allowance.

Response to Arguments
The previous statutory type double patenting rejections (101 double patenting rejections) have been withdrawn in response to the applicant’s amendments/remarks. However, the applicants’ current amendments cause the rejections stated below.
Thus, the applicant’s arguments are not persuasive. Please see amended rejections below for amended claims. This action is final.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(B)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention. 

Claims 1-20 are rejected under 35 U.S.C. 112(b) as being indefinite for failing to particularly point out and distinctly claim the subject matter which applicant regards as the invention. 
Applicants are suggested to review all claims for clarity, capability and compatibility, and some of them (not all because there are too many) are indicated below. Please note that different terms (e.g., a plurality of corresponding computing devices, a corresponding computing device, one or more corresponding computing devices, etc.) are interpreted as different components/entities.

Claim 1 recites (claims 11 and 20 have similar limitations):
“… the protected memory region is protected relative to at least one of an operating system and kernel system …”, however, it is not clear (1) how protection is related the operating system, OS or kernel system (e.g., the OS or kernel is used to protect the protected memory region, etc.); 
“… a secure enclave data processor configured to provide a data receiver configured to separately receive one or more third party data sets from a plurality of corresponding computing devices … digitally signed by a key corresponding a corresponding device …”, however, it is not clear how the secure enclave data processor is configured for a specific function (e.g., the separately receiving) of the data receiver; (2) whether the third party data sets are related to the plurality of corresponding computing devices (note: “third party” is different from the computer implement system or the corresponding computing devices); (3) how to define the corresponding device(s) or not (e.g., what is corresponding to or it is not clear to define a boundary of the claimed limitations); (4) whether “a corresponding device” is a part of the plurality of corresponding devices or not (for examining purpose it is interpreted as not related);
“…configured to: record the one or more third party data sets into a portion of the protected memory region, and to encrypt, using the corresponding key, the portion of the protected memory region …”, however, it is not clear (1) whether “the one or more third party data sets” is digitally signed data sets or not; (2) whether “the corresponding key” is the same as “a key corresponding to a corresponding device” or not (note: if they are not the same, the corresponding key has an antecedent basis issue);
“A computer implemented system for maintaining a secure enclave data processing subsystem … wherein the secure enclave data processing subsystem configured to receive a query data message and to generate …”, however, it is not clear whether the limiting information (e.g., receiving and generating processes) of the secure enclave data processing subsystem is actually limiting to the computer implemented system or not (note: the claim is limiting for the computer implemented system, not limiting the secure enclave data processing subsystem, which is not a part of the computer implemented system) – see also claims 2 and 12.
Claims 2-10 and 12-19 depend from the claim 1 or 11, and are analyzed and rejected accordingly.

Claims 3 and 13 recite “… wherein the data receiver is further configured to generate public/private key pairs each corresponding to a computing device of the one or more corresponding computing devices … and wherein the corresponding key is a private key corresponding to the corresponding computing device”, however, it is not clear (1) to which “the one or more corresponding computing devices” are corresponding to (2) how one of one can be (e.g., a computing device of the one corresponding computing device); (3) “the one or more corresponding computing devices” has an antecedent basis issue (e.g., there is not “a one or more corresponding computing devices” defined before) – it is not clear what the limitations, “… wherein the further comprising generating public/private key pairs …” of the claim 13 mean.
Claim 5 recites “… wherein the corresponding key required to decrypt the protected memory region into an intermediate computer readable memory is not accessible outside the secure enclave data processor”, however, it is not clear (1) how the corresponding key is required to decrypt the protected memory region as the corresponding key is used to encrypt the portion (not all) of the protected memory region as in the claim 1; (2) what “decrypting the protected memory region into an intermediate computer readable memory” means (e.g., decrypting data and saving the decrypted data into a memory, etc.); (3) how “the corresponding key” is not accessible outside the secure enclave data processor because the corresponding key is the key of the corresponding device which is outside of the secure enclave data processor – see also the limitations of claim 15.
 Claim 6 recites “… wherein the key required to decrypt the protected memory region into an intermediate computer readable cache memory is originally generated with a nonce term, and the nonce term is not accessible outside the secure enclave data processor”, however, it is not clear (1) how the key is required to decrypt the protected memory region as the corresponding key is used to encrypt the portion (not all) of the protected memory region as in the claim 1; (2) what “decrypting the protected memory region into an intermediate computer readable cache memory” means (e.g., decrypting data and saving the decrypted data into a memory, etc.); (3) how “the key” or “the nonce term” is not accessible outside the secure enclave data processor because the key is the key used to sign by the corresponding device which is outside of the secure enclave data processor – see also the limitations of claim 16.
Claim 7 recites “… wherein a remote attestation process is periodically conducted by a secure processor …”, it is not clear how “a secure processor” and/or “a remote attestation process” is/are related to the computer implemented system (or the claimed system) – see also the limitations of claim 8.
Claim 9 recites “… the secure processor is configured to provide: a partition controller engine …”, however, it is not clear (1) how “the secure processor” and/or related components (e.g., the partition controller engine, the one or more secure enclave sub processors, etc.) is/are related to the computer implemented system (or the claimed system); (2) “the secure processor” has an antecedent basis issue – see also claim 10.
Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees.  A nonstatutory double patenting rejection is appropriate where the claims at issue are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); and In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on a nonstatutory double patenting ground provided the reference application or patent either is shown to be commonly owned with this application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).
The USPTO internet Web site contains terminal disclaimer forms which may be used.  Please visit http://www.uspto.gov/forms/.  The filing date of the application will determine what form should be used.  A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission.  For more information about eTerminal Disclaimers, refer to http://www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.

Claims 1-20 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-20 of the Patent No. US 10,956,585 B2. Although the claims at issue are not identical, they are not patentably distinct from each other.

A later patent claim is not patentably distinct from an earlier patent claim if the later claim is obvious over, or anticipated by, the earlier claim.  In re Longi, 759 F.2d at 896, 225 USPQ at 651 (affirming a holding of obviousness-type double patenting because the claims at issue were obvious over claims in four prior art patents); In re Berg, 140 F.3d at 1437, 46 USPQ2d at 1233 (Fed. Cir. 1998) (affirming a holding of obviousness-type double patenting where a patent application claim to a genus is anticipated by a patent claim to a species within that genus). “  ELI LILLY AND COMPANY v BARR LABORATORIES, INC., United States Court of Appeals for the Federal Circuit, ON PETITION FOR REHEARING EN BANC (DECIDED:  May 30, 2001).
Current Application No. 17/169221
Reference Patent No. US 10,956,585 B2
Claim 1: A computer implemented system for maintaining a secure enclave data processing subsystem, the system comprising:

a computer readable memory having a protected memory region that is encrypted such that the protected memory region is protected relative to at least one of an operating system and kernel system, the protected memory region including at least a data storage region and a data processing subsystem storage region maintaining the secure enclave data processing subsystem;

a secure enclave data processor configured to provide:
a data receiver configured to separately receive one or more third party data sets from a plurality of corresponding computing devices, each of the one or more third party data sets digitally signed by a key corresponding to a corresponding computing device,

the data receiver configured to: record the one or more third party data sets into a portion of the protected memory region, and to encrypt, using the corresponding key, the portion of the protected memory region subsequent to the recordal 


wherein the secure enclave data processing subsystem is configured to receive a query data message and to generate an output data structure generated by the secure enclave data processing subsystem based on the one or more third party data sets stored in the protected memory region.
Claim 1: A computer implemented system for a trusted execution environment maintaining an isolated data processing subsystem, the system comprising:

a computer readable memory having a protected memory region that is encrypted such that it is inaccessible to both an operating system and kernel system, the protected memory region including at least a data storage region and a data processing subsystem storage region maintaining the isolated data processing subsystem;
a computer readable cache memory; and

a secure enclave data processor configured to provide:
a partner data receiver configured to separately receive one or more data sets from a plurality of corresponding partner computing devices, each of the one or more data sets digitally signed by a private key corresponding to each of the partner computing devices, the partner …;

the partner data receiver configured to: (i) … (ii) record the one or more validated data sets into the loaded portion of the data storage region in the protected memory region, and to (iii) unload and encrypt the portion of the protected memory region subsequent to the recordal;
and
a data processing subsystem interaction engine configured to transmit a query data message to the data processing subsystem and to receive an output data structure generated by the data processing subsystem generated based on the one or more data sets stored in the protected memory region.
Claim 2: The system of claim 1, wherein the secure enclave data processing subsystem maintains a securely stored machine learning data model architecture comprising a series of interconnected computing nodes that operate in concert to generate the output data structure using at least a portion of the one or more third party data sets in the data storage region in the protected memory region as training sets or validation sets representing data from at least two computing devices of the plurality of computing devices.
Claim 2: The system of claim 1, wherein the isolated data processing subsystem maintains an isolated machine learning data model architecture comprising a series of interconnected computing nodes that operate in concert to generate the output data structure … using at least a portion of the one or more validated data sets in the data storage region in the protected memory region as training sets or validation sets representing data from at least two partner computing devices of the plurality of partner computing devices….
Claim 3: The system of claim 1, wherein the data receiver is further configured to generate public/private key pairs each corresponding to a computing device of the one or more corresponding computing devices, and wherein the corresponding key is a private key corresponding to the corresponding computing device.
Claim 3: The system of claim 1, wherein the partner data receiver is further configured to generate public/private key pairs each corresponding to a partner computing device of the one or more corresponding partner computing devices, and to transmit the private key corresponding to corresponding to a partner computing device ...
Claim 4: The system of claim 1, wherein the computer readable memory having the protected memory region is stored on DRAM.
Claim 4: The system of claim 1, wherein the computer readable memory having the protected memory region is stored on DRAM.
Claim 5: The system of claim 1, wherein the corresponding key required to decrypt the protected memory region into an intermediate computer readable memory is not accessible outside the secure enclave data processor.
Claim 5: The system of claim 1, wherein the key required to decrypt the protected memory region into the computer readable cache memory is stored within the secure enclave data processor and not accessible outside the secure enclave data processor.
Claim 6: The system of claim 1, wherein the key required to decrypt the protected memory region into an intermediate computer readable cache memory is originally generated with a nonce term, and the nonce term is not accessible outside the secure enclave data processor.
Claim 6: The system of claim 1, wherein the key required to decrypt the protected memory region into the computer readable cache memory is originally generated with a nonce term, and the nonce term is stored … and not accessible outside the secure enclave data processor.
Claim 7: The system of claim 1, wherein a remote attestation process is periodically conducted by a secure processor, the remote attestation process includes transmitting a remote attestation payload to the secure processor.
Claim 7: The system of claim 1, wherein a remote attestation process is periodically conducted by a secure enclave data processor … the remote attestation process includes transmitting a remote attestation payload to the secure enclave data processor ….
Claim 8: The system of claim 1, wherein a remote attestation process is periodically conducted by a secure processor and the remote attestation process includes the secure processor generating a remote attestation transcript data structure.
Claim 8: The system of claim 1, wherein a remote attestation process is periodically conducted by a secure enclave data processor … the remote attestation process includes the secure enclave data processor generating a remote attestation transcript data structure and ….
Claim 9: The system of claim 2, wherein the secure processor is configured to provide:
a partition controller engine configured to transmit to one or more secure enclave sub processors a partition of the protected memory region;
the one or more secure enclave sub processors configured to process the corresponding partition of the protected memory region using a local copy of the machine learning data model architecture to generate one or more parameter update data structures to be aggregated to refine at least one parameter of the machine learning data model architecture.
Claim 9: The system of claim 2, wherein the secure enclave data processor is configured to provide:
a partition controller engine configured to … to transmit to each of the one or more secure enclave sub processors a partition of the protected memory region;
the one or more secure enclave sub processors configured to process the corresponding partition of the protected memory region using a local copy of the machine learning data model architecture to generate one or more parameter update data structures ….
Claim 10: The system of claim 9, wherein there are at least two secure enclave sub processors, including a first secure enclave sub processor and a second secure enclave sub processor that are configured to transmit one or more parameter update data structures directly between one another to update the corresponding local copy of the machine learning data model architecture.
Claim 10: The system of claim 9, wherein there are at least two secure enclave sub processors, including a first secure enclave sub processor and a second secure enclave sub processors that are configured to transmit one or more parameter update data structures directly between one another to update the corresponding local copy of the machine learning data model architecture.


Claims 11-20 are method claims which have similar limitations with the method and medium claims 11-20 of US 10,956,585 B2 (see the matching above).

Examiner’s Note Regarding Prior-art Rejections
As explained in the 112(b) rejections stated above, the current limitations are in a condition of lack of clarity and/or capability (e.g., the capability issues or omitting necessary components/steps which cause the claimed limitations unclear) for a prior-art examination. However, a potential concept of the application can be found in:
US 2017/0372226 A1 by Costa et al. (e.g., uploading confidential data received from the parties to the protected memory region, having the signed message using a private key, encrypting the confidential data, etc.); 
US 2007/0101434 A1 by Jevans (e.g., recovering encrypted data from a target secure storage device, determining whether access to encrypted data is authorized or not, decrypting a part of the authorization request with an encryption key for an authorized secure storage device, etc.); 
US 2017/0093806 A1 by Phegade et al. (e.g., distributing the private data owned by multiple distrustful entities wherein the encrypted private data is received via the secure channel, etc.).

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
                                                                                                                                                               
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MAUNG T LWIN whose telephone number is (571)270-7845. The examiner can normally be reached Monday - Friday 10:00 am - 6:00 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached on 571-272-3739. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/MAUNG T LWIN/Primary Examiner, Art Unit 2495