Notice of Pre-AIA  or AIA  Status
1.	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Arguments
2.	Applicant’s arguments filed on 05/16/2022, with respect to 35 U.S.C 101 rejection claims 1-20 have been fully considered and are persuasive.  The 101 rejection claims 1-20 has been withdrawn. 

3.	Applicant’s arguments filed on 05/16/2022, with respect to the 35 U.S.C. 103 rejections of claims 1-3, 7-8, 11-13, and 15-17 as being unpatentable over U.S. Publication No. 20190156301 (hereinafter “Bentov”) in view of  U.S. Publication No. 20200259799 (hereinafter “Li’), claims 4-5, 14, and 18-19 are rejected as being unpatentable over Bentov in view of Li and further in view of U.S. Publication No. 20180004930 (hereinafter “Csinger’), claims 6 and 20 are rejected as being unpatentable over Bentov in view of Li and further in view of U.S. Publication No. 20190243963 (hereinafter “Soriente”), claims 9-10 are rejected as being unpatentable over Bentov in view of Li and further in view of U.S. Publication No. 20180375852 (hereinafter “Thom’’) have been fully considered. However, upon further consideration, a new ground(s) of rejection is made in view of amended claims.




Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp. 
Claims 1-20 are provisionally rejected on the ground of nonstatutory double
patenting as being unpatentable over claims 1-20 of co-pending Application No.
16/885,786. Although the claims at issue are not identical, they are not patentably
distinct from each other because both the instant Application claim 1 and co-assigned
Application claim 1 are almost the same in scope.

Instant App Claim 1 and associated claims 2-20
App’ ‘786 claim 1 and associated claims 1-20
1. (Currently Amended) A method comprising: establishing, by a processor, a trusted execution environment in a computing device, wherein the trusted execution environment uses memory encryption and comprises executable code; providing, by the processor, attestation data to a set of computing devices, the attestation data representing the executable code in the trusted execution environment; receiving, by the processor, cryptographic key data from the set of computing devices; and causing, by the processor, the executable code to execute in the trusted execution environment and to initiate an communal operation for the set of computing devices, wherein the communal operation has multiple participant devices including the set of computing devices, and the communal operation requires using the cryptographic key data from the set of computing devices in order to be executed.
1. A method comprising: transmitting, by a processor of a data distribution device, attestation data to a first computing device; establishing a trusted execution environment in the data distribution device, wherein the trusted execution environment comprises an encrypted storage area; loading data of the first computing device into the trusted execution environment in the data distribution device, wherein the data of the first computing device comprises protected content and comprises executable code to control access to the protected content; receiving, by the data distribution device, data of a second computing device; and causing the executable code to execute in the trusted execution environment to analyze the data of the second computing device and to provide the second computing device access to the protected content.


The instant application claims and App’ 786 claims are directed towards a method and system of using a trusted execution environment to distribute and attest data. One of ordinary skill in the art would understand from the teachings found in App‘786 would not be significantly different from those found in the Instant application relates to protecting the data in a trusted execution environment by attesting data. This is a provisional non-statutory double patenting rejection because the patentably indistinct claims have not in fact been patented. Therefore, it would have been obvious to one of ordinary skill in the art to modify instant Application claims 1-20 with the additional limitation of so to obtain Patented App‘786 claims 1-20 as claimed. 
Allowance of application claim 1 would result in an unjustified time-wise extension of the monopoly granted for the invention defined by co-pending Application claim 1. 
Therefore, the provisional obviousness-type double patenting is appropriate because the conflicting claims have not in fact been patented. Application claim 1corresponds to co-pending application claim 1.


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
4. 	Claims 1-3, 7, 8, 11-13 and 15-17 are rejected under 35 U.S.C. 103 as being unpatentable over U.S. Publication No. 20190156301 hereinafter Bentov in view of U.S. Publication No. 20200259799 hereinafter Li, and further in view of U.S. Publication No. 20190036957 hereinafter Smith.

As per claim 1, Bentov discloses:
A method (para 0006 “Illustrative embodiments of the invention provide techniques for real-time cryptocurrency exchange using trusted hardware.”) comprising:
establishing, by a processor, a trusted execution environment in a computing device (para 0010 “In some embodiments, the processing platform comprises a plurality of processing devices each comprising a trusted execution environment, such as a secure enclave implemented using software guard extensions (SGX) functionality of a corresponding processor. The processing devices of the processing platform share a symmetric secret key or other type of cryptographic key that is secured within their respective trusted execution environments.”),
wherein the trusted execution environment uses memory encryption and comprises executable code (para 0054 “During execution, enclave code and data reside in a region of protected memory called the enclave page cache (EPC). When enclave code and data is resident on-chip, it is guarded by CPU access controls; when it is flushed to DRAM or disk, it is encrypted. A memory encryption engine encrypts and decrypts cache lines in the EPC as they are written to and fetched from DRAM.”);
providing, by the processor, attestation data to a set of computing devices (para 0056 “A third-party attestation service, e.g., as provided by the Intel Attestation Service (IAS), can certify that these signed statements originate from authentic CPUs conforming to the SGX specification.”), 

Bentov does not disclose:
attestation data representing the executable code in the trusted execution environment
receiving, by the processor, cryptographic key data from the set of computing devices; and
causing, by the processor, an executable code to execute in the trusted execution environment and to initiate an communal operation for the set of computing devices, wherein the communal operation has multiple participant devices including the set of computing devices, and the communal operation requires the cryptographic key data from the set of computing devices in order to be executed

Li discloses:
attestation data representing the executable code in the trusted execution
environment (para 0029 “Intel SGX protects an application's secrets from malicious software by creating isolated memory regions of code and data called enclaves. These non-addressable memory pages are reserved from the system's physical RAM and then encrypted, allowing the application to access its secrets without fear of exposure. With Intel SGX, secrets remain secret even if the application, operating system, BIOS, or VMM are compromised. Intel SGX applications can be built to include a trusted part and an untrusted part. When an application needs to work with a secret, it creates an enclave that is placed in trusted memory. It then calls a trusted function to enter the enclave, where it is given a view of its secrets in clear text. .” para 0040 “Remote attestation or service provider server 202 can be responsible for providing services to or running applications on a host machine. Before providing services, service provider server 202 needs to perform remote attestation on the software or applications running on the host machine. More specifically, remote attestation server 202 can be responsible for verifying that software (or applications) running on a host are running on a trusted platform (e.g., an SGX-enabled platform) and for verifying the software's integrity and identity. In some embodiments, these verification operations can be enabled by the remote attestation mechanism provided by Intel SGX. Remote attestation server 202 can also generate a number of encryption keys (e.g., symmetric keys) that can be distributed to the host computer after the successful attestation of the trusted platform as well as the application running on the platform.”)
receiving, by the processor, cryptographic key data from the set of computing devices (para 0003 “During operation, a server computer can distribute at least one symmetric encryption key among the plurality of host computers to enable the plurality of host computers to communicate securely with each other using the distributed symmetric encryption key.” Paragraph 0056 “Upon receiving encrypted information from SGX enclave 402, SmartNIC module 404 performs a decryption operation using the previously received s-n key to obtain the set of ephemeral keys and the mapping table (operation 420). This operation ends the key-provisioning operation. More specifically, after receiving the set of ephemeral keys and the key-host mapping table, each host can now communicate with other hosts securely using the set of received ephemeral keys. As one can see from FIG. 4, the secrecy or security of the ephemeral keys is protected by the SGX module embedded in the host CPU, as well as by the ATF module embedded in the SmartNIC of the host. Such hardware-assist key-provisioning can provide a much higher level of security than conventional key-provisioning schemes.” Para 0068 “ More specifically, each host within the network group can be SGX-enabled, and the local SP server can use the SGX remote attestation mechanism to build a trusted channel to the SGX enclave of each host and can send the in-group keys to the SGX enclave of each host..”); 
and causing, by the processor, an executable code to execute in the trusted execution environment and to initiate an operation using the cryptographic key data (Para 0058 “During operation, SGX enclave 502 of the first client can communicate with SGX enclave 512 of the second client by sending an encrypted packet to SmartNIC module 506 using the s-n key (operation 522). For example, an application running in SGX enclave 502 can communicate with an application running in SGX enclave 512. SmartNIC module 506 can decrypt the packet, identify the second client as the recipient of the packet, and look up in the host-key mapping table to obtain the corresponding ephemeral key (operation 524). SmartNIC module 506 can then encrypt the packet using the corresponding ephemeral key and send the encrypted packet to SmartNIC module 516 (operation 526). SmartNIC module 516 can then decrypt the packet using the corresponding ephemeral key (operation 528). More specifically, SmartNIC module 516 can also perform a table lookup to find the corresponding ephemeral key based on the identity of the sender of the packet.” Para 0069 “When a first host (e.g., host 614) in a first network group (e.g., network group 610) communicates with a second host (e.g., host 624) in a second network group (e.g., network group 620), host 614 can send a packet to gateway host 616 using the in-group key of network group 610. Gateway host 616 receives the packet via SmartNIC interface 615 and decrypts the packet using the in-group key of network group 610. In response to determining that the packet is destined to the second network group, gateway host 616 encrypts the packet using the inter- group key maintained by SmartNIC interface 617 and sends the encrypted packet to gateway host 626 via SmartNIC interface 617.”)
Therefore, it would have been obvious to one of ordinary skill in the art
before the effective filing date of the claimed invention to modify the method to
 provide techniques for real-time cryptocurrency exchange using trusted hardware of Bentov to include the method of attestation data representing the executable code in the trusted execution environment, receiving cryptographic key data from the set of computing devices and causing an executable code to execute in the trusted execution environment and to initiate an operation using the cryptographic key data, as taught by Li.
The motivation would have been to securely execute information in a trusted execution environment to protect data associated with a computing device.

Bentov in view of Li does not disclose:
to initiate an communal operation for the set of computing devices, wherein the communal operation has multiple participant devices including the set of computing devices, and the communal operation requires the cryptographic key data from the set of computing devices in order to be executed 

	Smith discloses:
to initiate an communal operation for the set of computing devices, wherein the communal operation has multiple participant devices including the set of computing devices, and the communal operation requires the cryptographic key data from the set of computing devices in order to be executed (para 0022 “As noted above, in a centralized trust topology such as PBFT, transaction processing is distributed but trust management is centralized in a centralized trust authority that provisions whitelist information and enforces whitelist compliance to enable the processing nodes in the computing environment to trust each other. For example, the centralized trust authority can provision a whitelist to processing nodes participating in the centralized trust topology. In some examples, the whitelist identifies valid (and invalid) processing nodes that may be trusted (or not trusted) in the centralized trust topology, as well as whitelist measurements that processing nodes (e.g., peers) in the topology are to use to perform peer attestations/verifications. In this way, the centralized trust topology restricts blockchain access to only trusted processing nodes. Because access is restricted to trusted participants, centralized trust topologies can use relatively simple validation procedures to add transactions to the blockchain, thereby supporting a high transaction processing throughput (e.g., a high rate of clearing transactions.) A centralized trust topology may also rely on the processing nodes each implementing a trusted execution environment (TEE) to, for example, store the cryptographic keys, whitelist, etc., governing access to and/or processing of data to be read from and/or written to the private blockchain of the centralized trust topology.”)
Therefore, it would have been obvious to one of ordinary skill in the art
before the effective filing date of the claimed invention to modify the method to provide techniques for real-time cryptocurrency exchange using trusted hardware of Bentov in view of Li to include the method to initiate an communal operation for the set of computing devices, wherein the communal operation has multiple participant devices including the set of computing devices, and the communal operation requires the cryptographic key data from the set of computing devices in order to be executed , as taught by Smith.
The motivation would have been to securely execute a communal operation in a trusted execution environment to protect data associated with participant devices.

As per claim 2, Bentov in view of Li and Smith discloses:
The method of claim 1, wherein receiving the cryptographic key data comprises receiving cryptographic key data from each of the computing devices in the set, and wherein the cryptographic key data of each computing device remains hidden from all other computing devices in the set (Li Fig. 2, element ATF, para 0039 “For example, SmartNIC modules 212, 214, and 216 can include ATF units 222, 224, and 226, respectively. The embedded ATF units can store initial encryption keys (e.g., a private key of the public/private key pair) used for initial communication between hosts or between a host and a service provider (SP) server.” Also see paragraphs 0068 and 0069, the motivation would have been to secure store the keys in a secure manner).

As per claim 3, Bentov in view of Li and Smith discloses:
The method of claim 1, wherein the executable code executed in the trusted execution environment performs the operation, and wherein the operation comprises executing a cryptographic function that uses the cryptographic key data (Bentov para 0036, 0082, 0088, and 0158).
As per claim 7, Bentov in view of Li and Smith discloses:
The method of claim 1, wherein the computing device comprises the processor and wherein the processor provides local attestation to a process executing on the computing device and provides remote attestation to a process executing on each of the computing devices of the set (Bentov para 0107, 0108, and 0111).

As per claim 8, Bentov in view of Li and Smith discloses:
The method of claim 1, wherein the executable code enforces a particular order the computing device receives the cryptographic key data from the computing devices in the set (Li para 0057, 0058, and 0069, The motivation would have been increase the security of the cryptographic key by using specific order to reception).

As per claim 11, the implementation of the method of claim 1 will execute the system of claim 11. The claim is analyzed with respect to claim 1. 

As per claim 12, the claim is analyzed with respect to claim 2.

As per claim 13, the claim is analyzed with respect to claim 3. 

As per claim 15, the implementation of the method of claim 1 will execute the non-transitory machine-readable storage medium (Bentov paragraph 0061) of claim 11. The claim is analyzed with respect to claim 1. 

As per claim 16, Bentov in view of Li and Smith discloses:
The non-transitory machine-readable storage medium of claim 15, wherein the attestation data from the second computing device comprises integrity data of the trusted execution environment (Li para 0040 and 0057-0061, the motivation would have been to properly verify attestation data between devices).

As per claim 17, the claim is analyzed with respect to claim 2.

5. 	Claims 4, 5, 14, 18, and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Bentov in view of Li, and further in view of Smith, and further in view of U.S. Publication No. 20180004930 hereinafter Csinger.

As per claim 4, Bentov in view of Li and Smith discloses:
The method of claim 1, provides the decryption key as input to the operation (Li para 0053 “SmartNIC module 404 can obtain the s-n key by decrypting the message using its own private key. The s-n key can be a symmetric key, thus enabling more efficient secure communication between SGX enclave 402 and SmartNIC module 404. In other words, the first communication between SGX enclave 402 and SmartNIC module 404 can be protected using the asymmetric key provided by the ATF module, and subsequent communications can be protected by the s-n symmetric key in order to increase efficiency.” Para 0056 “Upon receiving encrypted information from SGX enclave 402, SmartNIC module 404 performs a decryption operation using the previously received s-n key to obtain the set of ephemeral keys and the mapping table (operation 420). This operation ends the key-provisioning operation.” The motivation would have been to secure store the keys in a secure manner)

Bentov in view of Li and Smith does not disclose:
wherein a cryptographic key data comprise key fragments, and wherein an executable code executed in the trusted execution environment combines the key fragments into a decryption key 

Csinger discloses:
wherein a cryptographic key data comprise key fragments, and wherein an executable code executed in the trusted execution environment combines the key fragments into a decryption key (para 0257 “In this embodiment, block 706 then directs the processor 210 of the user device 202 to divide the symmetric encryption key K into portions or shares, and to divide the shares among other devices of the plurality of user devices 200, according to an appropriate secret- sharing scheme as mentioned above. More particularly, in this embodiment block 706 directs the processor 210 to share the random symmetric encryption key K among the plurality of user devices 200 using an m of n secret sharing method implementing Shamir's Secret Sharing Scheme (SSSS), also known as an (m,n) threshold scheme, and improvements thereto.” Para 0258 “Generally, the SSSS method uses polynomial interpolation invented by Adi Shamir (1979) and is known as a perfect secret sharing scheme (PSS). Using an implementation of SSSS, the conspiracy's key (in this case the private symmetric key K) can be split into n shares where only m shares are needed to reconstruct the private key (for example, in a 3-of-7 implementation, the key would be divided into shares distributed to seven of the user devices 200, but only three of those shares would be required to reconstruct the key K which is required to decrypt the legacy credential.”)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method to provide techniques for real-time cryptocurrency exchange using trusted hardware of Bentov in view of Li and Smith to include wherein a cryptographic key data comprise key fragments, and wherein an executable code executed in the trusted execution environment combines the key fragments into a decryption key, as taught by Csinger.
The motivation would have been to heighten the security of the correct decryption key for operation. 

As per claim 5, Bentov in view of Li and Smith discloses: 
The method of claim 1, wherein the cryptographic key data (Bentov para 0094) 

Bentov in view of Li and Smith does not disclose: 
cryptographic key data comprises key shares and the operation is enabled when a minimum threshold number of cryptographic key shares are used 

Csinger discloses: 
cryptographic key data comprises key shares and the operation is enabled
when a minimum threshold number of cryptographic key shares are used (para 0257 “More particularly, in this embodiment block 706 directs the processor 210 to share the random symmetric encryption key K among the plurality of user devices 200 using an m of n secret sharing method implementing Shamir's Secret Sharing Scheme (SSSS), also known as an (m,n) threshold scheme, and improvements thereto.” Para 0259 “Advantages of this approach tend to include the following: (1) Secure: SSSS is information-theoretically secure; (2) Minimal: No share exceeds the size of the original secret; (3) Extensible: When m is fixed, the total number of conspiring devices, n can be dynamically increased/decreased without affecting the other shares—this means that new devices can be added incrementally to a Conspiracy without affecting existing members.”)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method to provide techniques for real-time cryptocurrency exchange using trusted hardware of Bentov in view of Li and Smith to include cryptographic key data comprises key shares and the operation is enabled when a minimum threshold number of cryptographic key shares are used, as taught by Csinger.
The motivation would have been to heighten the security of the access to key share for operation.

As per claim 14, the claim is analyzed with respect to claim 4.

As per claim 18, the claim is analyzed with respect to claim 4.

As per claim 19, the claim is analyzed with respect to claim 5.

6. 	Claims 6 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Bentov in view of Li, and further in view of Smith, and further in view of U.S. Publication No. 20190243963 hereinafter Soriente.

As per claim 6, Bentov in view of Li and Smith discloses:
The method of claim 1, further comprising: inspecting, by the computing device (Bentov para 0008-0010) 

Bentov in view of Li and Smith does not disclose: 
source code associated with the executable code in the trusted execution environment; generating executable code in view of the source code; calculating validation data in view of the generated executable code; performing local attestation of the executable code in the trusted execution environment by comparing the attestation data and the validation data; and responsive to the local attestation, providing the cryptographic key data of the computing device to the trusted execution environment in the computing device 

Soriente discloses:
source code associated with the executable code in the trusted execution environment (para 0043 “The method Includes executing a proxied attestation procedure with a client to enable the client to attest that an enclave management layer (EML) application provided by the cloud computing system runs on a TEE- enabled platform. The method also includes receiving, by the cloud computing system from the client, application code corresponding to the TEE-based application and receiving, by the EML application from the client, application parameters corresponding to the TEE-based application.” para 0076 “As discussed herein, an enclave is an application binary. The application source code is programmed in such a way that it will be compiled to an enclave. The term “application,” whether application service or application enclave, denotes “user application,” which serves a specific functionality and is deployed on the cloud platform to provide certain services to the users. A (user) application enclave contains the sensitive part of an application service, for example, generating password for users, depending on what kind of service. The EML enclave serves the purpose of assisting the cloud to manage the lifecycle of a provisioned (user) application enclave, no matter what (user) application services it supports.”);
generating executable code in view of the source code (para 0031
“Embodiments of the present invention can be employed in environments in which a cloud provider manages a set of Intel SGX-enabled platforms and in which application owners can upload code to be executed on such platforms. In different environments, the entire application code can be executed in enclaves or application owners may split the application code into sensitive code to be run in an enclave and non-sensitive code that can run as a standard application.” Para 0049 “ In the model of the system depicted in FIG. 1, application owners (i.e. independent software vendors (ISVs)) entrust the cloud provider with the application code and entrust the EML with the secret material that the application needs to run (i.e. an application secret key). When a new application must be provisioned, the EML acts on behalf of the application owner and ensures that (1) the deployment of the new enclave does not violate the policy defined by the application owner, (ii) the application code runs in an enclave on an SGX- enabled platform, and (iii) the enclave is provisioned with the appropriate secret key, if required.”);
calculating validation data in view of the generated executable code;
performing local attestation of the executable code in the trusted execution environment by comparing the attestation data and the validation data; and responsive to the local attestation, providing the cryptographic key data of the computing device to the trusted execution environment in the computing device (para 0078 “According to one or more embodiments of the invention, the cloud provider C can create a new enclave e on an SGX platform, load the code b.sub.a, and then contact the EML enclave that is acting as master to trigger the attestation and provisioning of the enclave by using a process represented by the following pseudocode.” Para 0079 “FIG. 5 is a flow diagram illustrating a process according to an embodiment of the invention for creating a new enclave on an SGX platform, loading code corresponding to an application, and triggering the attestation and provisioning of the new enclave. At 502, the EML receives a request for deployment of an application (with application ID a) from the cloud of a newly instantiated enclave with endpoint e. At 504, the EML retrieves the expected measurement value mr.sub.a of the requested application enclave. At 506, a new enclave instance is started and the EML executes a proxied attestation with the new application enclave according to a proxied attestation protocol using the endpoint e of the application enclave to be attested (the new application enclave) and the expected enclave measurement value mr.sub.a of the new application enclave. At 506, the EML also acquires a session key k.sub.a,EML between the EML and the new application enclave. At 508, the EML checks whether the attestation was successful by evaluating the received session key k.sub.a,EML. If the session key k.sub.a,EML is null, the attestation was not successful and the process terminates with an error code at 516. If the session key k.sub.a,EML is not null, the process proceeds to 510 where the EML derives the hash h.sub.a of the session key k.sub.a,EML and an enclave identifier of the new application enclave eid. The enclave identifier eid is composed of the application ID a, the expected measurement value mr.sub.a of the new application enclave, and the hash h.sub.a of the session key k.sub.a,EML. The process then proceeds to 512 where the EML writes to the BSL the enclave identifier eid, the session key k.sub.a,EML, and an initial enclave state attested att. At 514, the EML sends an acknowledgement to the cloud provider C that the new application enclave has been successfully provisioned. The acknowledgment includes the identifier eid of the new application enclave.” Also see Fig 9 and para 0095-0098)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method to provide techniques for real-time cryptocurrency exchange using trusted hardware of Bentov in view of Li and Smith to include source code associated with the executable code in the trusted execution environment; generating executable code in view of the source code; calculating validation data in view of the generated executable code; performing local attestation of the executable code in the trusted execution environment by comparing the attestation data and the validation data; and responsive to the local attestation, providing the cryptographic key data of the computing device to the trusted execution environment in the computing device, as taught by Soriente. 
The motivation would have been to heighten the security of the access to key share for operation. 

As per claim 20, the claim is analyzed with respect to claim 6.

13.	Claims 9 and 10 are rejected under 35 U.S.C. 103 as being unpatentable over Bentov in view of Li and Smith and further in view of U.S. Publication No. 20180375852 hereinafter Thom. 

As per claim 9, Bentov in view of Li and Smith discloses: 
The method of claim 1, wherein the computing device (Bentov para 0008 and 0008) 

Bentov in view of Li and Smith does not disclose: 
computing device is physically transported after loading the data of the computing device and before receiving the data of the set of computing devices Thom discloses: computing device is physically transported after loading the data of the computing device and before receiving the data of the set of computing devices (para 0019 “FIG. 1 illustrates an example block diagram 100 of a device 104 with an embedded certificate authority 108. The block diagram 100 further includes a device manufacturer 102. The device manufacturer 102 manufacturers one or more internet of things (loT) devices. Example loT devices include smart appliances (e.g., refrigerators, stoves, ovens, scales, washers, dryers, toasters, blenders coffee makers, juices), smart light bulbs, smart electrical plugs, entertainment systems, smart doorbells, printers, etc.” para 0021 “When the device manufacturer 102 manufactures the devices, the device manufacturer 102 issues a manufacturer certificate and a device certificate and installs an embedded certificate authority in each device. For example, the device manufacturer 102 issues a manufacturer certificate 110 and a device certificate 112 to the device 104, and installs an embedded certificate authority 108 in the device 104. The issued manufacturer certificate 110 and the device certificate 112 are stored in a non-volatile storage of the device. The manufacturer certificate 110, the device certificate 112, and the embedded certificate authority are accessible by and managed in the trusted execution environment (TEE) 106 (or the trusted computing manager 126) of the device 104. The manufacturer certificate 110 and the device certificate 112 are associated with public keys (not shown) used to identify and verify the certificates and any chained certificates. Furthermore, the manufacturer certificate 110 and the device certificate 112 may be X.509 certificates.” Para 0056 “FIG. 6 illustrates example operations 600 for generating a compound certificate in a device embedded with a certificate authority. A storing operation 602 stores a manufacturer certificate in a secure  memory of the device. The secure memory is accessible by a trusted computing manager. The trusted computing manager encompasses a trusted platform module (TPM) executed in a stand-alone chip, a trusted execution environment (TEE) that operates a trusted computing module, etc. A storing operation 604 stores a device certificate in the secure memory of the device. It should be understood that the storing operations 602 and 604 may occur when the device is manufactured. As such the device contains (e.g., stores) the manufacturer certificate and the device certificate.”)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method to provide techniques for real-time cryptocurrency exchange using trusted hardware of Bentov in view of Li and Smith to include computing device is physically transported after loading the data of the computing device and before receiving the data of the set of computing devices, as taught by Thom.
The motivation would have been to store pertinent and relevant data in a device before a device physically transported.

As per claim 10, Bentov in view of Li and Smith discloses:
The method of claim 9, wherein the computing device (Bentov para 0008 and 0008)

Bentov in view of Li and Smith does not disclose:
computing device comprises a communication channel with a first computing device in the set before the physical transporting and comprises a communication channel with a second computing device in the set after the physical transporting Thom discloses: computing device comprises a communication channel with a first computing device in the set before the physical transporting (para 0050 “FIG. 5 illustrates another example block diagram 500 of a device 510 with an embedded certificate authority 520. The device 510 is manufactured by a device manufacturer 502, and the device manufacturer issues (e.g., through a certificate authority (CA) of the device manufacturer 502 or through an employed CA) a manufacturer certificate 522 to the device 510 when the device 510 is manufactured. The manufacturer certificate 522 is issued with a public key (not shown) and includes device manufacturer 502 identifying information. The manufacturer certificate 522 may be signed by a key of the device manufacturer 502. The device 510 further includes a device certificate 528, which includes certified device information, such as, for example, device type, processor type, etc. The device certificate 528 may also certify a version of a trusted execution environment (TEE) 512 executable on the device. For example, the processor executable instructions for the TEE 512 are stored in read only memory (ROM) (not shown) or write once, read many (WORM) memory. Thus, the instructions for the TEE 512 are immutable and certified by the device certificate 528. The device certificate 528 is chained to, or signed by, the manufacturer certificate 522.”)
and comprises a communication channel with a second computing device in the set after the physical transporting (para 0052 “An external device 504 is attempting communication with the device 510. The external device 504 may be, for example, a provisioning service or a user device, such as a mobile phone, laptop, desktop, etc. The provisioning service is a server configured to provision devices, such as the device 510. Provisioning a device includes, for example, providing software/firmware updates, configuration information, user applications, etc. to the device 510. The provisioning service may be attempting to communicate with the device 510 to provide such updates or data. If the external device 504 is a user device, then the external device 504 may be attempting to communicate with the device 510 to retrieve user data from the device 510, provide user data to the device 510, etc. The external device 504 includes a client process 506 and a server process 508, but it should be understood that other configurations may be employed.”)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method to provide techniques for real-time cryptocurrency exchange using trusted hardware of Bentov in view of Li and Smith to include computing device comprises a communication channel with a first computing device in the set before the physical transporting and comprises a communication channel with a second computing device in the set after the physical transporting, as taught by Thom.
The motivation would have been to connect securely to a device before and after a device physically transported.

	
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to GARY S GRACIA whose telephone number is (571)270-5192. The examiner can normally be reached Monday-Friday 9am-6pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ashok Patel can be reached on 5712723972. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/GARY S GRACIA/Primary Examiner, Art Unit 2499