DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application is being examined under the pre-AIA  first to invent provisions.
Claims 25, 39, 73, and 77 are amended in response to the last office action. Claims 25, 39, and 55-80 are pending. Moyer et al were cited, previously.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all obviousness rejections set forth in this Office action:
(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are such that the subject matter as a whole would have been obvious at the time the invention was made to a person having ordinary skill in the art to which said subject matter pertains.  Patentability shall not be negatived by the manner in which the invention was made.

Claims 25, 39, and 55-80 is/are rejected under 35 U.S.C. 103(a) as being unpatentable over Moyer et al [US 2004/0243823 A1] in view of Susumu et al [KR 97-004513 B1].
	As to claims 25 and 39, Moyer et al teach a system, comprising:
a processor [e.g., “master 12 and master 14 may be processors” in paragraph 0016];
a direct memory access (DMA) subsystem [e.g., “memory controller 32” receiving state information 60 related to DMA operation for accessing non-volatile memory 36 from a DMA circuitry in paragraphs 0027, 0016] coupled to the processor, wherein the DMA subsystem includes a DMA channel [e.g., “Access control circuitry 42 provides access allowed indicators 68 (which may include one or more indicators) to memory access circuitry 44” in paragraph 0014; “In operation, masters 12 and 14 request use of system interconnect 22 to request access to other slaves 20, to peripherals 18, or to non-volatile memory 36 via memory controller 32” in paragraph 0019];
an L3 interconnect [e.g., SYSTEM INTERCONNECT 22, MEMORY CONTROLLER 32 in fig. 1] coupled to the DMA subsystem; and 
a component [e.g., one of Ref. Nos. 12-20 in fig. 1; “particular master” in paragraph 0025; one of “any number of masters as needed” in paragraph 0016; or one of “various places” sending state information 60 which includes DMA operation in paragraph 0027] coupled to the L3 interconnect and configured to communicate, via the L3 interconnect, to the DMA subsystem a request to configure the DMA channel [e.g., “A method and apparatus for determining access protection (96) includes receiving a plurality of access requests (84) corresponding to a plurality of masters (12, 14)” in Abstract; “In operation, masters 12 and 14 request use of system interconnect 22 to request access to other slaves 20, to peripherals 18, or to non-volatile memory 36 via memory controller 32.  A requesting master can provide an access request, via system interconnect 22, to memory controller 32.  The access request can be, for example, a read request or a write request for either data or instructions.  Memory controller 32, in response to a read access request, provides the requested information (data or instructions) back to the requesting master via system interconnect 22, assuming the requesting master has sufficient access permissions” in paragraph 0019], 
wherein the DMA subsystem configured to:
determine that a security violation has occurred [e.g. “If, however, the state information 60 indicates that the read access permission of master 12 should be modified (e.g. denied rather than allowed), then access modification circuitry 40 may modify the read access permission (and provide it as part of modified access permissions 66) so that the requested read access would be denied rather than allowed” in paragraph 0030];
determine whether the request is a privilege access or a secure user access [e.g., “For example, a secure master may have limited accessibility or may execute instructions that are completely controlled by the manufacturer of the master or SoC (i.e. the software running on the secure master can be considered as trusted or secure software)” in paragraph 0011; “Therefore, one embodiment of the present invention allows the contents of slaves or peripherals, such as, for example, a non-volatile memory, to be secured in a manner which allows program execution to proceed from the non-volatile memory when operating in a secured state, but to prevent unauthorized accesses from occurring when operating in a less-secured state. … Also, as will be described further below, state information may include any type of information relating to the state of the data processing system, such as, for example, information relating to enablement of debug mode, execution of programs from unsecured or unverified memory regions, reprogramming of portions of nonvolatile memories, etc.” in paragraph 0012; “That is, for example, depending on the state of data processing system 10 at a particular point of operation, each of master 12 and 14 may either be a secured or an unsecured master” in paragraph 0016; “The access request can be, for example, a read request or a write request for either data or instructions.  Memory controller 32, in response to a read access request, provides the requested information (data or instructions) back to the requesting master via system interconnect 22, assuming the requesting master has sufficient access permissions” in paragraph 0019; “Each master, such as masters 12 and 14, may have corresponding access permissions that may be used to determine whether a particular access request to non-volatile memory 36 is allowable.  For example, a particular master may have different access permissions for a write access or a read access to non-volatile memory 36” in paragraph 0020; DETERMINING ACCESS PERMISSION 86, BASED ON THE STATE INFORMATION, SELECTIVELY MODIFYING THE ACCESS PERMISSION 90 in fig. 3];
set the DMA channel as a privilege channel or as a user channel in response to determining that the request is the privilege access [e.g., “For example, a secure master may have limited accessibility or may execute instructions that are completely controlled by the manufacturer of the master or SoC (i.e. the software running on the secure master can be considered as trusted or secure software)” in paragraph 0011; “The access request can be, for example, a read request or a write request for either data or instructions.  Memory controller 32, in response to a read access request, provides the requested information (data or instructions) back to the requesting master via system interconnect 22, assuming the requesting master has sufficient access permissions” in paragraph 0019; “That is, modified access permissions 66 may include permissions from access protection control register 38 that are not currently being modified.  Note also that modified access permissions 66 may provide broader (or less restrictive) access to memory 36 for a particular master or may restrict access to memory 36 for a particular master” in paragraph 0025]; and
set the DMA channel as a public privilege channel, a public user channel, or as a secure user channel, but not as a secure privilege channel, in response to determining that the request is the secure user access [e.g., “For example, a secure master may have limited accessibility or may execute instructions that are completely controlled by the manufacturer of the master or SoC (i.e. the software running on the secure master can be considered as trusted or secure software).  However, an unsecure master may be a general applications processor that may be receive and execute third-party software (e.g. user developed software) or any other untrusted software (where the contents and the function of the software are generally unknown)” in paragraph 0011; “The access request can be, for example, a read request or a write request for either data or instructions.  Memory controller 32, in response to a read access request, provides the requested information (data or instructions) back to the requesting master via system interconnect 22, assuming the requesting master has sufficient access permissions” in paragraph 0019; “That is, modified access permissions 66 may include permissions from access protection control register 38 that are not currently being modified.  Note also that modified access permissions 66 may provide broader (or less restrictive) access to memory 36 for a particular master or may restrict access to memory 36 for a particular master” in paragraph 0025].
Though Moyer et al teach the DMA subsystem is configured to determine that the security violation has occurred, Moyer et al do not explicitly teach, however Susumu et al teach asserting, to the processor or to the component, a security violation signal in response to determining that the security violation has occurred [e.g., CPU receiving access violation signal AV from access level determining circuit 13 is supplied to CPU and RAM 11 in figs. 1, 2; “When the address in the address space of the built-in RAM 11 is output on the 21 and the high level matching signal C is output from the address comparison circuit 17, the output of the AND gate G1 becomes high level. As a result, the output of the AND gate G2, which receives the inverted signal of the bit S/U state as an input, changes to a high level. This output signal is supplied to the exception processing circuit 8 of the CPU as an access violation signal AV. As a result, the CPU knows that the built-in RAM has been improperly accessed. For example, the micro ROM 1 calls a trap routine for controlling the micro address generation circuit 4 and shifting to the corresponding exception processing. For example, a program for recovering data by the vector address method can be read from an external memory, and an exception or the like can be executed to return to the state before access” in page 11-3].  Therefore, it would have been obvious to one of ordinary skill in the art at the time of the invention to modify to implement Susumu et al’s teaching above in order to increase reliability by notifying the processor of the security violation as taught in addition to setting the channel to deny accessing of Moyer et al.
As to claim 55, the combination of Moyer et al and Susumu et al teaches wherein the privilege channel enables operating system accesses [e.g., “For example, a secure master may have limited accessibility or may execute instructions that are completely controlled by the manufacturer of the master or SoC (i.e. the software running on the secure master can be considered as trusted or secure software)” in paragraph 0011, “The access request can be, for example, a read request or a write request for either data or instructions.  Memory controller 32, in response to a read access request, provides the requested information (data or instructions) back to the requesting master via system interconnect 22, assuming the requesting master has sufficient access permissions” in paragraph 0019 of Moyer et al]; and wherein the secure user channel and the secure privilege channel enable accesses governed by hardware-based monitoring and control [e.g., “The state information may relate to, for example, debug operation, operation from unsecured or unverified memories, memory programming, direct memory access (DMA) operation, boot operation, software security verification, security level, security monitor operation, operating mode, fault monitor, external bus operation etc.” in paragraph 0027, “For example, in response to a fault monitor detecting a fault within any portion of data processing system 10, access permissions of control register 38 may be modified to restrict access upon the fault detection.  In this example, a signal from the fault monitor may be provided to access modification circuitry 40 via state information 60” in paragraph 0036 of Moyer et al].
As to claim 56, the combination teaches to determine whether the request is a public user access; and set the DMA channel as a public user data access channel, but not as a secure channel, not as the privilege channel, and not as an instruction channel, in response to determining that the request is the public user access wherein the privilege channel enables operating system accesses [e.g., “However, an unsecure master may be a general applications processor that may be receive and execute third-party software (e.g. user developed software) or any other untrusted software (where the contents and the function of the software are generally unknown)” in paragraph 0011, “Therefore, one embodiment of the present invention allows the contents of slaves or peripherals, such as, for example, a non-volatile memory, to be secured in a manner which allows program execution to proceed from the non-volatile memory when operating in a secured state, but to prevent unauthorized accesses from occurring when operating in a less-secured state. … Also, as will be described further below, state information may include any type of information relating to the state of the data processing system, such as, for example, information relating to enablement of debug mode, execution of programs from unsecured or unverified memory regions, reprogramming of portions of nonvolatile memories, etc.” in paragraph 0012, “That is, for example, depending on the state of data processing system 10 at a particular point of operation, each of master 12 and 14 may either be a secured or an unsecured master” in paragraph 0016 of Moyer et al].
As to claim 57, the combination teaches wherein the DMA subsystem is further configured to set the DMA channel as a data access channel but not as an instruction channel in response to determining that the request is the public user access [e.g., “However, an unsecure master may be a general applications processor that may be receive and execute third-party software (e.g. user developed software) or any other untrusted software (where the contents and the function of the software are generally unknown)” in paragraph 0011, “Therefore, one embodiment of the present invention allows the contents of slaves or peripherals, such as, for example, a non-volatile memory, to be secured in a manner which allows program execution to proceed from the non-volatile memory when operating in a secured state, but to prevent unauthorized accesses from occurring when operating in a less-secured state. … Also, as will be described further below, state information may include any type of information relating to the state of the data processing system, such as, for example, information relating to enablement of debug mode, execution of programs from unsecured or unverified memory regions, reprogramming of portions of nonvolatile memories, etc.” in paragraph 0012, “The access request can be, for example, a read request or a write request for either data or instructions.  Memory controller 32, in response to a read access request, provides the requested information (data or instructions) back to the requesting master via system interconnect 22, assuming the requesting master has sufficient access permissions” in paragraph 0019 of Moyer et al].
As to claim 58, the combination teaches to determine whether the request is a secure access or a public access; set the DMA channel as a secure channel or as a public channel in response to determining that the request is the secure access; and set the DMA channel as a public channel but not as the secure channel in response to determining that the request is the public access wherein the privilege channel enables operating system accesses [e.g., “For example, a secure master may have limited accessibility or may execute instructions that are completely controlled by the manufacturer of the master or SoC (i.e. the software running on the secure master can be considered as trusted or secure software).  However, an unsecure master may be a general applications processor that may be receive and execute third-party software (e.g. user developed software) or any other untrusted software (where the contents and the function of the software are generally unknown)” in paragraph 0011, “Therefore, one embodiment of the present invention allows the contents of slaves or peripherals, such as, for example, a non-volatile memory, to be secured in a manner which allows program execution to proceed from the non-volatile memory when operating in a secured state, but to prevent unauthorized accesses from occurring when operating in a less-secured state. … Also, as will be described further below, state information may include any type of information relating to the state of the data processing system, such as, for example, information relating to enablement of debug mode, execution of programs from unsecured or unverified memory regions, reprogramming of portions of nonvolatile memories, etc.” in paragraph 0012, “That is, for example, depending on the state of data processing system 10 at a particular point of operation, each of master 12 and 14 may either be a secured or an unsecured master” in paragraph 0016, “The access request can be, for example, a read request or a write request for either data or instructions.  Memory controller 32, in response to a read access request, provides the requested information (data or instructions) back to the requesting master via system interconnect 22, assuming the requesting master has sufficient access permissions” in paragraph 0019, “That is, modified access permissions 66 may include permissions from access protection control register 38 that are not currently being modified.  Note also that modified access permissions 66 may provide broader (or less restrictive) access to memory 36 for a particular master or may restrict access to memory 36 for a particular master” in paragraph 0025 of Moyer et al].
As to claim 59, the combination teaches wherein the DMA subsystem is further configured to set the DMA channel as a public channel or as a secure user data access channel, but not as the secure privilege channel and not as a secure instruction channel, in response to determining that the request is the secure user access [e.g., “For example, a secure master may have limited accessibility or may execute instructions that are completely controlled by the manufacturer of the master or SoC (i.e. the software running on the secure master can be considered as trusted or secure software).  However, an unsecure master may be a general applications processor that may be receive and execute third-party software (e.g. user developed software) or any other untrusted software (where the contents and the function of the software are generally unknown)” in paragraph 0011, “The access request can be, for example, a read request or a write request for either data or instructions.  Memory controller 32, in response to a read access request, provides the requested information (data or instructions) back to the requesting master via system interconnect 22, assuming the requesting master has sufficient access permissions” in paragraph 0019, “That is, modified access permissions 66 may include permissions from access protection control register 38 that are not currently being modified.  Note also that modified access permissions 66 may provide broader (or less restrictive) access to memory 36 for a particular master or may restrict access to memory 36 for a particular master” in paragraph 0025 of Moyer et al].
As to claim 60, the combination teaches wherein the DMA subsystem is further configured to determine whether the request is a secure privilege access; and set the DMA channel as a public channel, as a secure channel, as the user channel, as the privilege channel, as a data access channel, or as an instruction channel in response to determining that the request is the secure privilege access [e.g., “For example, a secure master may have limited accessibility or may execute instructions that are completely controlled by the manufacturer of the master or SoC (i.e. the software running on the secure master can be considered as trusted or secure software)” in paragraph 0011, “Therefore, one embodiment of the present invention allows the contents of slaves or peripherals, such as, for example, a non-volatile memory, to be secured in a manner which allows program execution to proceed from the non-volatile memory when operating in a secured state, but to prevent unauthorized accesses from occurring when operating in a less-secured state. … Also, as will be described further below, state information may include any type of information relating to the state of the data processing system, such as, for example, information relating to enablement of debug mode, execution of programs from unsecured or unverified memory regions, reprogramming of portions of nonvolatile memories, etc.” in paragraph 0012, “That is, for example, depending on the state of data processing system 10 at a particular point of operation, each of master 12 and 14 may either be a secured or an unsecured master” in paragraph 0016, “The access request can be, for example, a read request or a write request for either data or instructions.  Memory controller 32, in response to a read access request, provides the requested information (data or instructions) back to the requesting master via system interconnect 22, assuming the requesting master has sufficient access permissions” in paragraph 0019, “That is, modified access permissions 66 may include permissions from access protection control register 38 that are not currently being modified.  Note also that modified access permissions 66 may provide broader (or less restrictive) access to memory 36 for a particular master or may restrict access to memory 36 for a particular master” in paragraph 0025 of Moyer et al].
As to claim 61, the combination teaches wherein the DMA subsystem is further configured to: determine whether the request is a public privilege access; and set the DMA channel as the public user channel or as a public privilege data access channel, but not as a secure channel and not as a public privilege instruction channel, in response to determining that the request is the public privilege access [e.g., “For example, a secure master may have limited accessibility or may execute instructions that are completely controlled by the manufacturer of the master or SoC (i.e. the software running on the secure master can be considered as trusted or secure software).  However, an unsecure master may be a general applications processor that may be receive and execute third-party software (e.g. user developed software) or any other untrusted software (where the contents and the function of the software are generally unknown)” in paragraph 0011, “Therefore, one embodiment of the present invention allows the contents of slaves or peripherals, such as, for example, a non-volatile memory, to be secured in a manner which allows program execution to proceed from the non-volatile memory when operating in a secured state, but to prevent unauthorized accesses from occurring when operating in a less-secured state. … Also, as will be described further below, state information may include any type of information relating to the state of the data processing system, such as, for example, information relating to enablement of debug mode, execution of programs from unsecured or unverified memory regions, reprogramming of portions of nonvolatile memories, etc.” in paragraph 0012, “That is, for example, depending on the state of data processing system 10 at a particular point of operation, each of master 12 and 14 may either be a secured or an unsecured master” in paragraph 0016, “The access request can be, for example, a read request or a write request for either data or instructions.  Memory controller 32, in response to a read access request, provides the requested information (data or instructions) back to the requesting master via system interconnect 22, assuming the requesting master has sufficient access permissions” in paragraph 0019, “That is, modified access permissions 66 may include permissions from access protection control register 38 that are not currently being modified.  Note also that modified access permissions 66 may provide broader (or less restrictive) access to memory 36 for a particular master or may restrict access to memory 36 for a particular master” in paragraph 0025 of Moyer et al].
As to claim 62, the combination teaches wherein the DMA subsystem is further configured to: determine whether the request is a functional access or a debug access; set the DMA channel as a functional channel or as a debug channel in response to determining that the request is the functional access; and set the DMA channel as the functional channel but not as the debug channel in response to determining that the request is the debug access [e.g., “For example, a secure master may have limited accessibility or may execute instructions that are completely controlled by the manufacturer of the master or SoC (i.e. the software running on the secure master can be considered as trusted or secure software).  However, an unsecure master may be a general applications processor that may be receive and execute third-party software (e.g. user developed software) or any other untrusted software (where the contents and the function of the software are generally unknown)” in paragraph 0011, “The state information may relate to, for example, debug operation, operation from unsecured or unverified memories, memory programming, direct memory access (DMA) operation, boot operation, software security verification, security level, security monitor operation, operating mode, fault monitor, external bus operation etc.” in paragraph 0027, “The access request can be, for example, a read request or a write request for either data or instructions.  Memory controller 32, in response to a read access request, provides the requested information (data or instructions) back to the requesting master via system interconnect 22, assuming the requesting master has sufficient access permissions” in paragraph 0019, “That is, modified access permissions 66 may include permissions from access protection control register 38 that are not currently being modified.  Note also that modified access permissions 66 may provide broader (or less restrictive) access to memory 36 for a particular master or may restrict access to memory 36 for a particular master” in paragraph 0025 of Moyer et al].
As to claim 63, the combination teaches wherein the DMA subsystem is further configured to: determine whether the request is a secure privilege access; and set the DMA channel as the secure privilege channel or as a secure instruction channel only if the request is the secure privilege access [e.g., “For example, a secure master may have limited accessibility or may execute instructions that are completely controlled by the manufacturer of the master or SoC (i.e. the software running on the secure master can be considered as trusted or secure software).  However, an unsecure master may be a general applications processor that may be receive and execute third-party software (e.g. user developed software) or any other untrusted software (where the contents and the function of the software are generally unknown)” in paragraph 0011, “Therefore, one embodiment of the present invention allows the contents of slaves or peripherals, such as, for example, a non-volatile memory, to be secured in a manner which allows program execution to proceed from the non-volatile memory when operating in a secured state, but to prevent unauthorized accesses from occurring when operating in a less-secured state. … Also, as will be described further below, state information may include any type of information relating to the state of the data processing system, such as, for example, information relating to enablement of debug mode, execution of programs from unsecured or unverified memory regions, reprogramming of portions of nonvolatile memories, etc.” in paragraph 0012, “That is, for example, depending on the state of data processing system 10 at a particular point of operation, each of master 12 and 14 may either be a secured or an unsecured master” in paragraph 0016, “The access request can be, for example, a read request or a write request for either data or instructions.  Memory controller 32, in response to a read access request, provides the requested information (data or instructions) back to the requesting master via system interconnect 22, assuming the requesting master has sufficient access permissions” in paragraph 0019, “That is, modified access permissions 66 may include permissions from access protection control register 38 that are not currently being modified.  Note also that modified access permissions 66 may provide broader (or less restrictive) access to memory 36 for a particular master or may restrict access to memory 36 for a particular master” in paragraph 0025 of Moyer et al].
As to claim 64, the combination teaches wherein the DMA subsystem is further configured to: determine whether the request is a secure access; and set the DMA channel as a secure user data access channel or as a public privilege instruction channel only if the request is the secure access [e.g., “For example, a secure master may have limited accessibility or may execute instructions that are completely controlled by the manufacturer of the master or SoC (i.e. the software running on the secure master can be considered as trusted or secure software).  However, an unsecure master may be a general applications processor that may be receive and execute third-party software (e.g. user developed software) or any other untrusted software (where the contents and the function of the software are generally unknown)” in paragraph 0011, “Therefore, one embodiment of the present invention allows the contents of slaves or peripherals, such as, for example, a non-volatile memory, to be secured in a manner which allows program execution to proceed from the non-volatile memory when operating in a secured state, but to prevent unauthorized accesses from occurring when operating in a less-secured state. … Also, as will be described further below, state information may include any type of information relating to the state of the data processing system, such as, for example, information relating to enablement of debug mode, execution of programs from unsecured or unverified memory regions, reprogramming of portions of nonvolatile memories, etc.” in paragraph 0012, “That is, for example, depending on the state of data processing system 10 at a particular point of operation, each of master 12 and 14 may either be a secured or an unsecured master” in paragraph 0016, “The access request can be, for example, a read request or a write request for either data or instructions.  Memory controller 32, in response to a read access request, provides the requested information (data or instructions) back to the requesting master via system interconnect 22, assuming the requesting master has sufficient access permissions” in paragraph 0019, “That is, modified access permissions 66 may include permissions from access protection control register 38 that are not currently being modified.  Note also that modified access permissions 66 may provide broader (or less restrictive) access to memory 36 for a particular master or may restrict access to memory 36 for a particular master” in paragraph 0025 of Moyer et al].
As to claim 65, the combination teaches wherein the DMA subsystem is further configured to: determine whether the request is a secure access; determine whether the request is a privilege access; and set the DMA channel as a public privilege data access channel or as a public user instruction channel only if the request is the secure access or the privilege access [e.g., “For example, a secure master may have limited accessibility or may execute instructions that are completely controlled by the manufacturer of the master or SoC (i.e. the software running on the secure master can be considered as trusted or secure software).  However, an unsecure master may be a general applications processor that may be receive and execute third-party software (e.g. user developed software) or any other untrusted software (where the contents and the function of the software are generally unknown)” in paragraph 0011, “Therefore, one embodiment of the present invention allows the contents of slaves or peripherals, such as, for example, a non-volatile memory, to be secured in a manner which allows program execution to proceed from the non-volatile memory when operating in a secured state, but to prevent unauthorized accesses from occurring when operating in a less-secured state. … Also, as will be described further below, state information may include any type of information relating to the state of the data processing system, such as, for example, information relating to enablement of debug mode, execution of programs from unsecured or unverified memory regions, reprogramming of portions of nonvolatile memories, etc.” in paragraph 0012, “That is, for example, depending on the state of data processing system 10 at a particular point of operation, each of master 12 and 14 may either be a secured or an unsecured master” in paragraph 0016, “The access request can be, for example, a read request or a write request for either data or instructions.  Memory controller 32, in response to a read access request, provides the requested information (data or instructions) back to the requesting master via system interconnect 22, assuming the requesting master has sufficient access permissions” in paragraph 0019, “That is, modified access permissions 66 may include permissions from access protection control register 38 that are not currently being modified.  Note also that modified access permissions 66 may provide broader (or less restrictive) access to memory 36 for a particular master or may restrict access to memory 36 for a particular master” in paragraph 0025 of Moyer et al].
As to claim 66, the combination teaches wherein the DMA subsystem is further configured to set the DMA channel as a public user data access channel regardless of whether the request is a secure access or a public access and regardless of whether the request is the privilege access or a user access [e.g., “For example, a secure master may have limited accessibility or may execute instructions that are completely controlled by the manufacturer of the master or SoC (i.e. the software running on the secure master can be considered as trusted or secure software).  However, an unsecure master may be a general applications processor that may be receive and execute third-party software (e.g. user developed software) or any other untrusted software (where the contents and the function of the software are generally unknown)” in paragraph 0011, “Therefore, one embodiment of the present invention allows the contents of slaves or peripherals, such as, for example, a non-volatile memory, to be secured in a manner which allows program execution to proceed from the non-volatile memory when operating in a secured state, but to prevent unauthorized accesses from occurring when operating in a less-secured state. … Also, as will be described further below, state information may include any type of information relating to the state of the data processing system, such as, for example, information relating to enablement of debug mode, execution of programs from unsecured or unverified memory regions, reprogramming of portions of nonvolatile memories, etc.” in paragraph 0012, “The access request can be, for example, a read request or a write request for either data or instructions.  Memory controller 32, in response to a read access request, provides the requested information (data or instructions) back to the requesting master via system interconnect 22, assuming the requesting master has sufficient access permissions” in paragraph 0019, “That is, modified access permissions 66 may include permissions from access protection control register 38 that are not currently being modified.  Note also that modified access permissions 66 may provide broader (or less restrictive) access to memory 36 for a particular master or may restrict access to memory 36 for a particular master” in paragraph 0025 of Moyer et al].
As to claim 67, the combination teaches receiving a third request to configure the DMA channel: determining that the third request is a public user access; and setting the DMA channel as a public user data access channel, but not as a secure channel, not as the privilege channel, and not as an instruction channel, in response to determining that the third request is the public user access [e.g., “For example, a secure master may have limited accessibility or may execute instructions that are completely controlled by the manufacturer of the master or SoC (i.e. the software running on the secure master can be considered as trusted or secure software).  However, an unsecure master may be a general applications processor that may be receive and execute third-party software (e.g. user developed software) or any other untrusted software (where the contents and the function of the software are generally unknown)” in paragraph 0011, “Therefore, one embodiment of the present invention allows the contents of slaves or peripherals, such as, for example, a non-volatile memory, to be secured in a manner which allows program execution to proceed from the non-volatile memory when operating in a secured state, but to prevent unauthorized accesses from occurring when operating in a less-secured state. … Also, as will be described further below, state information may include any type of information relating to the state of the data processing system, such as, for example, information relating to enablement of debug mode, execution of programs from unsecured or unverified memory regions, reprogramming of portions of nonvolatile memories, etc.” in paragraph 0012, “That is, for example, depending on the state of data processing system 10 at a particular point of operation, each of master 12 and 14 may either be a secured or an unsecured master” in paragraph 0016, “The access request can be, for example, a read request or a write request for either data or instructions.  Memory controller 32, in response to a read access request, provides the requested information (data or instructions) back to the requesting master via system interconnect 22, assuming the requesting master has sufficient access permissions” in paragraph 0019, “That is, modified access permissions 66 may include permissions from access protection control register 38 that are not currently being modified.  Note also that modified access permissions 66 may provide broader (or less restrictive) access to memory 36 for a particular master or may restrict access to memory 36 for a particular master” in paragraph 0025 of Moyer et al].
As to claim 68, the combination teaches setting the DMA channel as a data access channel but not as an instruction channel in response to determining that the third request is the public user access [e.g., “However, an unsecure master may be a general applications processor that may be receive and execute third-party software (e.g. user developed software) or any other untrusted software (where the contents and the function of the software are generally unknown)” in paragraph 0011, “Therefore, one embodiment of the present invention allows the contents of slaves or peripherals, such as, for example, a non-volatile memory, to be secured in a manner which allows program execution to proceed from the non-volatile memory when operating in a secured state, but to prevent unauthorized accesses from occurring when operating in a less-secured state. … Also, as will be described further below, state information may include any type of information relating to the state of the data processing system, such as, for example, information relating to enablement of debug mode, execution of programs from unsecured or unverified memory regions, reprogramming of portions of nonvolatile memories, etc.” in paragraph 0012, “The access request can be, for example, a read request or a write request for either data or instructions.  Memory controller 32, in response to a read access request, provides the requested information (data or instructions) back to the requesting master via system interconnect 22, assuming the requesting master has sufficient access permissions” in paragraph 0019 of Moyer et al].
As to claim 69, the combination teaches receiving a third request to configure the DMA channel: determining that the third request is a secure access or a public access; setting the DMA channel as a secure channel or as a public channel in response to determining that the third request is the secure access; and setting the DMA channel as the public channel but not as the secure channel in response to determining that the third request is the public access [e.g., “For example, a secure master may have limited accessibility or may execute instructions that are completely controlled by the manufacturer of the master or SoC (i.e. the software running on the secure master can be considered as trusted or secure software).  However, an unsecure master may be a general applications processor that may be receive and execute third-party software (e.g. user developed software) or any other untrusted software (where the contents and the function of the software are generally unknown)” in paragraph 0011, “Therefore, one embodiment of the present invention allows the contents of slaves or peripherals, such as, for example, a non-volatile memory, to be secured in a manner which allows program execution to proceed from the non-volatile memory when operating in a secured state, but to prevent unauthorized accesses from occurring when operating in a less-secured state. … Also, as will be described further below, state information may include any type of information relating to the state of the data processing system, such as, for example, information relating to enablement of debug mode, execution of programs from unsecured or unverified memory regions, reprogramming of portions of nonvolatile memories, etc.” in paragraph 0012, “That is, for example, depending on the state of data processing system 10 at a particular point of operation, each of master 12 and 14 may either be a secured or an unsecured master” in paragraph 0016, “The access request can be, for example, a read request or a write request for either data or instructions.  Memory controller 32, in response to a read access request, provides the requested information (data or instructions) back to the requesting master via system interconnect 22, assuming the requesting master has sufficient access permissions” in paragraph 0019, “That is, modified access permissions 66 may include permissions from access protection control register 38 that are not currently being modified.  Note also that modified access permissions 66 may provide broader (or less restrictive) access to memory 36 for a particular master or may restrict access to memory 36 for a particular master” in paragraph 0025 of Moyer et al].
As to claim 70, the combination teaches setting the DMA channel as a public channel or as a secure user data access channel, but not as the secure privilege channel and not as a secure instruction channel, in response to determining that the request is the secure user access [e.g., “For example, a secure master may have limited accessibility or may execute instructions that are completely controlled by the manufacturer of the master or SoC (i.e. the software running on the secure master can be considered as trusted or secure software).  However, an unsecure master may be a general applications processor that may be receive and execute third-party software (e.g. user developed software) or any other untrusted software (where the contents and the function of the software are generally unknown)” in paragraph 0011, “The access request can be, for example, a read request or a write request for either data or instructions.  Memory controller 32, in response to a read access request, provides the requested information (data or instructions) back to the requesting master via system interconnect 22, assuming the requesting master has sufficient access permissions” in paragraph 0019, “That is, modified access permissions 66 may include permissions from access protection control register 38 that are not currently being modified.  Note also that modified access permissions 66 may provide broader (or less restrictive) access to memory 36 for a particular master or may restrict access to memory 36 for a particular master” in paragraph 0025 of Moyer et al].
As to claim 71, the combination teaches receiving a third request to configure the DMA channel: determining that the third request is a secure privilege access; and setting the DMA channel as a public channel, as a secure channel, as the user channel, as the privilege channel, as a data access channel, or as an instruction channel in response to determining that the third request is the secure privilege access [e.g., “For example, a secure master may have limited accessibility or may execute instructions that are completely controlled by the manufacturer of the master or SoC (i.e. the software running on the secure master can be considered as trusted or secure software)” in paragraph 0011, “Therefore, one embodiment of the present invention allows the contents of slaves or peripherals, such as, for example, a non-volatile memory, to be secured in a manner which allows program execution to proceed from the non-volatile memory when operating in a secured state, but to prevent unauthorized accesses from occurring when operating in a less-secured state. … Also, as will be described further below, state information may include any type of information relating to the state of the data processing system, such as, for example, information relating to enablement of debug mode, execution of programs from unsecured or unverified memory regions, reprogramming of portions of nonvolatile memories, etc.” in paragraph 0012, “That is, for example, depending on the state of data processing system 10 at a particular point of operation, each of master 12 and 14 may either be a secured or an unsecured master” in paragraph 0016; “The access request can be, for example, a read request or a write request for either data or instructions.  Memory controller 32, in response to a read access request, provides the requested information (data or instructions) back to the requesting master via system interconnect 22, assuming the requesting master has sufficient access permissions” in paragraph 0019, “That is, modified access permissions 66 may include permissions from access protection control register 38 that are not currently being modified.  Note also that modified access permissions 66 may provide broader (or less restrictive) access to memory 36 for a particular master or may restrict access to memory 36 for a particular master” in paragraph 0025 of Moyer et al].
As to claim 72, the combination teaches receiving a third request to configure the DMA channel: determining that the third request is a public privilege access; and setting the DMA channel as the public user channel or as a public privilege data access channel, but not as a secure channel and not as a public privilege instruction channel, in response to determining that the third request is the public privilege access [e.g., “For example, a secure master may have limited accessibility or may execute instructions that are completely controlled by the manufacturer of the master or SoC (i.e. the software running on the secure master can be considered as trusted or secure software).  However, an unsecure master may be a general applications processor that may be receive and execute third-party software (e.g. user developed software) or any other untrusted software (where the contents and the function of the software are generally unknown)” in paragraph 0011, “Therefore, one embodiment of the present invention allows the contents of slaves or peripherals, such as, for example, a non-volatile memory, to be secured in a manner which allows program execution to proceed from the non-volatile memory when operating in a secured state, but to prevent unauthorized accesses from occurring when operating in a less-secured state. … Also, as will be described further below, state information may include any type of information relating to the state of the data processing system, such as, for example, information relating to enablement of debug mode, execution of programs from unsecured or unverified memory regions, reprogramming of portions of nonvolatile memories, etc.” in paragraph 0012, “That is, for example, depending on the state of data processing system 10 at a particular point of operation, each of master 12 and 14 may either be a secured or an unsecured master” in paragraph 0016, “The access request can be, for example, a read request or a write request for either data or instructions.  Memory controller 32, in response to a read access request, provides the requested information (data or instructions) back to the requesting master via system interconnect 22, assuming the requesting master has sufficient access permissions” in paragraph 0019, “That is, modified access permissions 66 may include permissions from access protection control register 38 that are not currently being modified.  Note also that modified access permissions 66 may provide broader (or less restrictive) access to memory 36 for a particular master or may restrict access to memory 36 for a particular master” in paragraph 0025 of Moyer et al].
As to claims 73 and 77, Moyer et al teach a system, comprising
a processor [e.g., “master 12 and master 14 may be processors” in paragraph 0016];
a direct memory access (DMA) subsystem [e.g., “memory controller 32” receiving state information 60 related to DMA operation for accessing non-volatile memory 36 from a DMA circuitry in paragraphs 0027, 0016] coupled to the processor, wherein the DMA subsystem includes a DMA channel [e.g., “Access control circuitry 42 provides access allowed indicators 68 (which may include one or more indicators) to memory access circuitry 44” in paragraph 0014; “In operation, masters 12 and 14 request use of system interconnect 22 to request access to other slaves 20, to peripherals 18, or to non-volatile memory 36 via memory controller 32” in paragraph 0019];
an L3 interconnect [e.g., SYSTEM INTERCONNECT 22, MEMORY CONTROLLER 32 in fig. 1] coupled to the DMA subsystem; and 
a component [e.g., one of Ref. Nos. 12-20 in fig. 1; “particular master” in paragraph 0025; one of “any number of masters as needed” in paragraph 0016; or one of “various places” sending state information 60 which includes DMA operation in paragraph 0027] coupled to the L3 interconnect and configured to communicate, via the L3 interconnect, to the DMA subsystem a request to configure the DMA channel [e.g., “A method and apparatus for determining access protection (96) includes receiving a plurality of access requests (84) corresponding to a plurality of masters (12, 14)” in Abstract; “In operation, masters 12 and 14 request use of system interconnect 22 to request access to other slaves 20, to peripherals 18, or to non-volatile memory 36 via memory controller 32.  A requesting master can provide an access request, via system interconnect 22, to memory controller 32.  The access request can be, for example, a read request or a write request for either data or instructions.  Memory controller 32, in response to a read access request, provides the requested information (data or instructions) back to the requesting master via system interconnect 22, assuming the requesting master has sufficient access permissions” in paragraph 0019], 
wherein the DMA subsystem configured to:
determine that a security violation has occurred [e.g. “If, however, the state information 60 indicates that the read access permission of master 12 should be modified (e.g. denied rather than allowed), then access modification circuitry 40 may modify the read access permission (and provide it as part of modified access permissions 66) so that the requested read access would be denied rather than allowed” in paragraph 0030];
determine whether the request is a secure privilege access, a secure user access, or a public privilege access [e.g., “For example, a secure master may have limited accessibility or may execute instructions that are completely controlled by the manufacturer of the master or SoC (i.e. the software running on the secure master can be considered as trusted or secure software)” in paragraph 0011; “Therefore, one embodiment of the present invention allows the contents of slaves or peripherals, such as, for example, a non-volatile memory, to be secured in a manner which allows program execution to proceed from the non-volatile memory when operating in a secured state, but to prevent unauthorized accesses from occurring when operating in a less-secured state. … Also, as will be described further below, state information may include any type of information relating to the state of the data processing system, such as, for example, information relating to enablement of debug mode, execution of programs from unsecured or unverified memory regions, reprogramming of portions of nonvolatile memories, etc.” in paragraph 0012; “That is, for example, depending on the state of data processing system 10 at a particular point of operation, each of master 12 and 14 may either be a secured or an unsecured master” in paragraph 0016; “The access request can be, for example, a read request or a write request for either data or instructions.  Memory controller 32, in response to a read access request, provides the requested information (data or instructions) back to the requesting master via system interconnect 22, assuming the requesting master has sufficient access permissions” in paragraph 0019; “Each master, such as masters 12 and 14, may have corresponding access permissions that may be used to determine whether a particular access request to non-volatile memory 36 is allowable.  For example, a particular master may have different access permissions for a write access or a read access to non-volatile memory 36” in paragraph 0020; DETERMINING ACCESS PERMISSION 86, BASED ON THE STATE INFORMATION, SELECTIVELY MODIFYING THE ACCESS PERMISSION 90 in fig. 3];
set the DMA channel as a secure privilege channel or as a secure instruction channel only if the request is the secure privilege access [e.g., “For example, a secure master may have limited accessibility or may execute instructions that are completely controlled by the manufacturer of the master or SoC (i.e. the software running on the secure master can be considered as trusted or secure software)” in paragraph 0011; “Therefore, one embodiment of the present invention allows the contents of slaves or peripherals, such as, for example, a non-volatile memory, to be secured in a manner which allows program execution to proceed from the non-volatile memory when operating in a secured state, but to prevent unauthorized accesses from occurring when operating in a less-secured state. … Also, as will be described further below, state information may include any type of information relating to the state of the data processing system, such as, for example, information relating to enablement of debug mode, execution of programs from unsecured or unverified memory regions, reprogramming of portions of nonvolatile memories, etc.” in paragraph 0012; “That is, for example, depending on the state of data processing system 10 at a particular point of operation, each of master 12 and 14 may either be a secured or an unsecured master” in paragraph 0016; “The access request can be, for example, a read request or a write request for either data or instructions.  Memory controller 32, in response to a read access request, provides the requested information (data or instructions) back to the requesting master via system interconnect 22, assuming the requesting master has sufficient access permissions” in paragraph 0019; “That is, modified access permissions 66 may include permissions from access protection control register 38 that are not currently being modified.  Note also that modified access permissions 66 may provide broader (or less restrictive) access to memory 36 for a particular master or may restrict access to memory 36 for a particular master” in paragraph 0025]; 
set the DMA channel as a secure user data access channel or as a public privilege instruction channel only if the request is the secure privilege access or the secure user access [e.g., “For example, a secure master may have limited accessibility or may execute instructions that are completely controlled by the manufacturer of the master or SoC (i.e. the software running on the secure master can be considered as trusted or secure software).  However, an unsecure master may be a general applications processor that may be receive and execute third-party software (e.g. user developed software) or any other untrusted software (where the contents and the function of the software are generally unknown)” in paragraph 0011; “Therefore, one embodiment of the present invention allows the contents of slaves or peripherals, such as, for example, a non-volatile memory, to be secured in a manner which allows program execution to proceed from the non-volatile memory when operating in a secured state, but to prevent unauthorized accesses from occurring when operating in a less-secured state. … Also, as will be described further below, state information may include any type of information relating to the state of the data processing system, such as, for example, information relating to enablement of debug mode, execution of programs from unsecured or unverified memory regions, reprogramming of portions of nonvolatile memories, etc.” in paragraph 0012; “That is, for example, depending on the state of data processing system 10 at a particular point of operation, each of master 12 and 14 may either be a secured or an unsecured master” in paragraph 0016; “The access request can be, for example, a read request or a write request for either data or instructions.  Memory controller 32, in response to a read access request, provides the requested information (data or instructions) back to the requesting master via system interconnect 22, assuming the requesting master has sufficient access permissions” in paragraph 0019; “That is, modified access permissions 66 may include permissions from access protection control register 38 that are not currently being modified.  Note also that modified access permissions 66 may provide broader (or less restrictive) access to memory 36 for a particular master or may restrict access to memory 36 for a particular master” in paragraph 0025];
set the DMA channel as a public privilege data access channel or as a public user instruction channel only if the request is the secure privilege access, the secure user access, or the public privilege access [e.g., “For example, a secure master may have limited accessibility or may execute instructions that are completely controlled by the manufacturer of the master or SoC (i.e. the software running on the secure master can be considered as trusted or secure software).  However, an unsecure master may be a general applications processor that may be receive and execute third-party software (e.g. user developed software) or any other untrusted software (where the contents and the function of the software are generally unknown)” in paragraph 0011; “Therefore, one embodiment of the present invention allows the contents of slaves or peripherals, such as, for example, a non-volatile memory, to be secured in a manner which allows program execution to proceed from the non-volatile memory when operating in a secured state, but to prevent unauthorized accesses from occurring when operating in a less-secured state. … Also, as will be described further below, state information may include any type of information relating to the state of the data processing system, such as, for example, information relating to enablement of debug mode, execution of programs from unsecured or unverified memory regions, reprogramming of portions of nonvolatile memories, etc.” in paragraph 0012; “That is, for example, depending on the state of data processing system 10 at a particular point of operation, each of master 12 and 14 may either be a secured or an unsecured master” in paragraph 0016; “The access request can be, for example, a read request or a write request for either data or instructions.  Memory controller 32, in response to a read access request, provides the requested information (data or instructions) back to the requesting master via system interconnect 22, assuming the requesting master has sufficient access permissions” in paragraph 0019; “That is, modified access permissions 66 may include permissions from access protection control register 38 that are not currently being modified.  Note also that modified access permissions 66 may provide broader (or less restrictive) access to memory 36 for a particular master or may restrict access to memory 36 for a particular master” in paragraph 0025].
Though Moyer et al teach the DMA subsystem is configured to determine that the security violation has occurred, Moyer et al do not explicitly teach, however Susumu et al teach asserting, to the processor or to the component, a security violation signal in response to determining that the security violation has occurred [e.g., CPU receiving access violation signal AV from access level determining circuit 13 is supplied to CPU and RAM 11 in figs. 1, 2; “When the address in the address space of the built-in RAM 11 is output on the 21 and the high level matching signal C is output from the address comparison circuit 17, the output of the AND gate G1 becomes high level. As a result, the output of the AND gate G2, which receives the inverted signal of the bit S/U state as an input, changes to a high level. This output signal is supplied to the exception processing circuit 8 of the CPU as an access violation signal AV. As a result, the CPU knows that the built-in RAM has been improperly accessed. For example, the micro ROM 1 calls a trap routine for controlling the micro address generation circuit 4 and shifting to the corresponding exception processing. For example, a program for recovering data by the vector address method can be read from an external memory, and an exception or the like can be executed to return to the state before access” in page 11-3].  Therefore, it would have been obvious to one of ordinary skill in the art at the time of the invention to modify to implement Susumu et al’s teaching above in order to increase reliability by notifying the processor of the security violation as taught in addition to setting the channel to deny accessing of Moyer et al.
As to claim 74, the combination teaches wherein the secure privilege channel, the public privilege instruction channel, and the public privilege data access channel enable operating system accesses, and wherein the secure privilege channel, the secure instruction channel, and secure user data access channel enable accesses governed by hardware-based monitoring and control [e.g., “For example, a secure master may have limited accessibility or may execute instructions that are completely controlled by the manufacturer of the master or SoC (i.e. the software running on the secure master can be considered as trusted or secure software)” in paragraph 0011, “Therefore, one embodiment of the present invention allows the contents of slaves or peripherals, such as, for example, a non-volatile memory, to be secured in a manner which allows program execution to proceed from the non-volatile memory when operating in a secured state, but to prevent unauthorized accesses from occurring when operating in a less-secured state. … Also, as will be described further below, state information may include any type of information relating to the state of the data processing system, such as, for example, information relating to enablement of debug mode, execution of programs from unsecured or unverified memory regions, reprogramming of portions of nonvolatile memories, etc.” in paragraph 0012, “That is, for example, depending on the state of data processing system 10 at a particular point of operation, each of master 12 and 14 may either be a secured or an unsecured master” in paragraph 0016, “The access request can be, for example, a read request or a write request for either data or instructions.  Memory controller 32, in response to a read access request, provides the requested information (data or instructions) back to the requesting master via system interconnect 22, assuming the requesting master has sufficient access permissions” in paragraph 0019; “The state information may relate to, for example, debug operation, operation from unsecured or unverified memories, memory programming, direct memory access (DMA) operation, boot operation, software security verification, security level, security monitor operation, operating mode, fault monitor, external bus operation etc.” in paragraph 0027, “For example, in response to a fault monitor detecting a fault within any portion of data processing system 10, access permissions of control register 38 may be modified to restrict access upon the fault detection.  In this example, a signal from the fault monitor may be provided to access modification circuitry 40 via state information 60” in paragraph 0036 of Moyer et al].
As to claim 75, the combination teaches wherein the DMA subsystem is further configured to set the DMA channel as a public user data access channel regardless of whether the request is the secure privilege access, the secure user access, the public privilege access, or a public user access [e.g., “For example, a secure master may have limited accessibility or may execute instructions that are completely controlled by the manufacturer of the master or SoC (i.e. the software running on the secure master can be considered as trusted or secure software).  However, an unsecure master may be a general applications processor that may be receive and execute third-party software (e.g. user developed software) or any other untrusted software (where the contents and the function of the software are generally unknown)” in paragraph 0011, “Therefore, one embodiment of the present invention allows the contents of slaves or peripherals, such as, for example, a non-volatile memory, to be secured in a manner which allows program execution to proceed from the non-volatile memory when operating in a secured state, but to prevent unauthorized accesses from occurring when operating in a less-secured state. … Also, as will be described further below, state information may include any type of information relating to the state of the data processing system, such as, for example, information relating to enablement of debug mode, execution of programs from unsecured or unverified memory regions, reprogramming of portions of nonvolatile memories, etc.” in paragraph 0012, “The access request can be, for example, a read request or a write request for either data or instructions.  Memory controller 32, in response to a read access request, provides the requested information (data or instructions) back to the requesting master via system interconnect 22, assuming the requesting master has sufficient access permissions” in paragraph 0019, “That is, modified access permissions 66 may include permissions from access protection control register 38 that are not currently being modified.  Note also that modified access permissions 66 may provide broader (or less restrictive) access to memory 36 for a particular master or may restrict access to memory 36 for a particular master” in paragraph 0025 of Moyer et al].
As to claim 76, the combination teaches wherein the DMA subsystem is further configured to: determine whether the request is a functional access or a debug access; set the DMA channel as a functional channel or as a debug channel in response to determining that the request is the functional access; and set the DMA channel as the functional channel but not as the debug channel in response to determining that the request is the debug access [e.g., “For example, a secure master may have limited accessibility or may execute instructions that are completely controlled by the manufacturer of the master or SoC (i.e. the software running on the secure master can be considered as trusted or secure software).  However, an unsecure master may be a general applications processor that may be receive and execute third-party software (e.g. user developed software) or any other untrusted software (where the contents and the function of the software are generally unknown)” in paragraph 0011, “The state information may relate to, for example, debug operation, operation from unsecured or unverified memories, memory programming, direct memory access (DMA) operation, boot operation, software security verification, security level, security monitor operation, operating mode, fault monitor, external bus operation etc.” in paragraph 0027, “The access request can be, for example, a read request or a write request for either data or instructions.  Memory controller 32, in response to a read access request, provides the requested information (data or instructions) back to the requesting master via system interconnect 22, assuming the requesting master has sufficient access permissions” in paragraph 0019, “That is, modified access permissions 66 may include permissions from access protection control register 38 that are not currently being modified.  Note also that modified access permissions 66 may provide broader (or less restrictive) access to memory 36 for a particular master or may restrict access to memory 36 for a particular master” in paragraph 0025 of Moyer et al].
As to claim 78, the combination teaches wherein the secure privilege channel, the public privilege instruction channel, and the public privilege data access channel enable operating system accesses, and wherein the secure privilege channel, the secure instruction channel, and secure user data access channel enable accesses governed by hardware-based monitoring and control [e.g., “For example, a secure master may have limited accessibility or may execute instructions that are completely controlled by the manufacturer of the master or SoC (i.e. the software running on the secure master can be considered as trusted or secure software)” in paragraph 0011, “Therefore, one embodiment of the present invention allows the contents of slaves or peripherals, such as, for example, a non-volatile memory, to be secured in a manner which allows program execution to proceed from the non-volatile memory when operating in a secured state, but to prevent unauthorized accesses from occurring when operating in a less-secured state. … Also, as will be described further below, state information may include any type of information relating to the state of the data processing system, such as, for example, information relating to enablement of debug mode, execution of programs from unsecured or unverified memory regions, reprogramming of portions of nonvolatile memories, etc.” in paragraph 0012; “That is, for example, depending on the state of data processing system 10 at a particular point of operation, each of master 12 and 14 may either be a secured or an unsecured master” in paragraph 0016, “The access request can be, for example, a read request or a write request for either data or instructions.  Memory controller 32, in response to a read access request, provides the requested information (data or instructions) back to the requesting master via system interconnect 22, assuming the requesting master has sufficient access permissions” in paragraph 0019, “The state information may relate to, for example, debug operation, operation from unsecured or unverified memories, memory programming, direct memory access (DMA) operation, boot operation, software security verification, security level, security monitor operation, operating mode, fault monitor, external bus operation etc.” in paragraph 0027, “For example, in response to a fault monitor detecting a fault within any portion of data processing system 10, access permissions of control register 38 may be modified to restrict access upon the fault detection.  In this example, a signal from the fault monitor may be provided to access modification circuitry 40 via state information 60” in paragraph 0036 of Moyer et al].
As to claim 79, the combination teaches setting the DMA channel as a public user data access channel regardless of whether the request is the secure privilege access, the secure user access, the public privilege access, or a public user access [e.g., “For example, a secure master may have limited accessibility or may execute instructions that are completely controlled by the manufacturer of the master or SoC (i.e. the software running on the secure master can be considered as trusted or secure software).  However, an unsecure master may be a general applications processor that may be receive and execute third-party software (e.g. user developed software) or any other untrusted software (where the contents and the function of the software are generally unknown)” in paragraph 0011, “Therefore, one embodiment of the present invention allows the contents of slaves or peripherals, such as, for example, a non-volatile memory, to be secured in a manner which allows program execution to proceed from the non-volatile memory when operating in a secured state, but to prevent unauthorized accesses from occurring when operating in a less-secured state. … Also, as will be described further below, state information may include any type of information relating to the state of the data processing system, such as, for example, information relating to enablement of debug mode, execution of programs from unsecured or unverified memory regions, reprogramming of portions of nonvolatile memories, etc.” in paragraph 0012, “The access request can be, for example, a read request or a write request for either data or instructions.  Memory controller 32, in response to a read access request, provides the requested information (data or instructions) back to the requesting master via system interconnect 22, assuming the requesting master has sufficient access permissions” in paragraph 0019, “That is, modified access permissions 66 may include permissions from access protection control register 38 that are not currently being modified.  Note also that modified access permissions 66 may provide broader (or less restrictive) access to memory 36 for a particular master or may restrict access to memory 36 for a particular master” in paragraph 0025 of Moyer et al].
As to claim 80, the combination teaches determining whether the request is a functional access or a debug access; setting the DMA channel as a functional channel or as a debug channel in response to determining that the request is the functional access; and setting the DMA channel as the functional channel but not as the debug channel in response to determining that the request is the debug access [e.g., “For example, a secure master may have limited accessibility or may execute instructions that are completely controlled by the manufacturer of the master or SoC (i.e. the software running on the secure master can be considered as trusted or secure software).  However, an unsecure master may be a general applications processor that may be receive and execute third-party software (e.g. user developed software) or any other untrusted software (where the contents and the function of the software are generally unknown)” in paragraph 0011, “The state information may relate to, for example, debug operation, operation from unsecured or unverified memories, memory programming, direct memory access (DMA) operation, boot operation, software security verification, security level, security monitor operation, operating mode, fault monitor, external bus operation etc.” in paragraph 0027, “The access request can be, for example, a read request or a write request for either data or instructions.  Memory controller 32, in response to a read access request, provides the requested information (data or instructions) back to the requesting master via system interconnect 22, assuming the requesting master has sufficient access permissions” in paragraph 0019, “That is, modified access permissions 66 may include permissions from access protection control register 38 that are not currently being modified.  Note also that modified access permissions 66 may provide broader (or less restrictive) access to memory 36 for a particular master or may restrict access to memory 36 for a particular master” in paragraph 0025 of Moyer et al].
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ILWOO PARK whose telephone number is (571) 272-4155.  The examiner can normally be reached on M-F, 9 AM-5 PM EST. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Dr. Henry Tsai can be reached on (571) 272-4176.  The fax phone number for the organization where this application or proceeding is assigned is (571) 273-8300. lnformation regarding the status of an application may be obtained from the Patent Application lnformation Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).

/ILWOO PARK/Primary Examiner, Art Unit 2184                                                                                                                                                                                                        6/30/2022