Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This action is in reply to papers filed on 01/15/2021. Claims 1-20 are pending. Claims 1 and 14 are independent.

Priority
Acknowledgment is made of applicant’s claim for foreign priority under 35 U.S.C. 119 (a)-(d). This application claims the foreign priority of foreign patent application CN202010058578.8 filed on 01/19/2020. Receipt is acknowledged of certified copies required by 37 CFR 1.55.

Information Disclosure Statement
The information disclosure statements (IDS) submitted on 01/27/2021 and 05/19/2021 are in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statements are being considered by the Examiner.

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

Claim 20 is rejected under 35 U.S.C. 101 because the claimed invention is directed to a non-statutory subject matter. The claim does not fall within at least one of the four categories of patent eligible subject matter because independent claim 20 is directed to a “computer-readable storage medium”. 
Claim 20, in using the term “computer-readable storage medium”, allows it to be interpreted as signals, thus are non-statutory. Based on current USPTO Policy, when a computer readable medium is not specifically defined as non-transitory in the Specification, the broadest reasonable interpretation is used according to MPEP 2111. Thus, the “computer-readable storage medium” as recited in claim 20 may embody signals, i.e. transitory media (See Ex parte Mewherter, Appeal 2012-007692 (PTAB May 8, 2013)).

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.

Claims 1, 2, 11, 13-15, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Nesher et al., US 10,169,574 B2 (hereinafter, “Nesher ‘574”), in view of Wiseman et al., US 2014/0229942 A1 (hereinafter, “Wiseman ‘942”). 

As per claim 1: Nesher ‘574 discloses:
	A processing unit (device 100 for processing instructions and data [Nesher ‘574, Col. 3 line 47-Col. 4 line 2, Col. 10 line 64-Col. 11 line 6; Fig. 1]), comprising: 
a processor adapted to run a program (processor running operations based on stored instructions [Nesher ‘574, Col. 6 lines 48-51, Col. 11 line 50-Col. 12 line 7; Fig. 5, Fig. 6]); 
a memory, coupled to the processor (memory coupled to the processor [Nesher ‘574, Abstract, Col. 3 line 58- Col. 4 line 2, Col. 6 lines 48-51; Fig. 6]) and adapted to provide a plurality of enclaves 5isolated from each other (memory providing a plurality of secure enclaves isolated from each other, where the enclaves may be implemented using trusted software execution environments (TXE) [Nesher ‘574, Col. 1 lines 19-32, Col. 7 lines 50-56, Col. 8 lines 15-29; Fig. 1]), 
wherein the plurality of enclaves comprises a plurality of application enclaves, each of the application enclaves is used for running a respective application program (a plurality of enclaves, such as Trusted Agent TXEs 101, 102, 103, may correspond to the respective software applications 110, 111, 112, where the software applications 110, 111, 112, are executed and run inside the corresponding TXEs [Nesher ‘574, Col. 3 line 47-Col. 4 line 2, Col. 4 lines 22-29; Fig. 1]), 
and the plurality of enclaves (memory providing a plurality of secure enclaves isolated from each other, where the enclaves may be implemented using trusted software execution environments (TXE) [Nesher ‘574, Col. 1 lines 19-32, Col. 7 lines 50-56, Col. 8 lines 15-29; Fig. 1]) further comprises at least one of the following: 
a runtime enclave adapted to provide a storage space required for running an invokable program (a TXE enclave storing invokable services, programs, or functionalities, such as a library of instruction sets that can be called to perform critical functions [Nesher ‘574, Col. 4 lines 22-29, Col. 5 lines 4-16, Col. 5 liens 53-62, Col. 6 lines 52-67, Col. 9 line 66-Col. 10 line 7]); and 
10a crypto enclave adapted to provide a storage space required for running a crypto related program (a TXE enclave storing invokable services, programs, or functionalities that maintains secrets, such as encryption using encryption keys [Nesher ‘574, Col. 4 lines 22-29, Col. 5 lines 36-41, Col. 5 lines 53-62]), 
wherein the runtime enclave (a TXE enclave storing invokable services, programs, or functionalities, such as a library of instruction sets that can be called to perform critical functions [Nesher ‘574, Col. 4 lines 22-29, Col. 5 lines 4-16, Col. 5 liens 53-62, Col. 6 lines 52-67, Col. 9 line 66-Col. 10 line 7]) and the crypto enclave (a TXE enclave storing invokable services, programs, or functionalities that maintains secrets, such as encryption using encryption keys [Nesher ‘574, Col. 4 lines 22-29, Col. 5 lines 36-41, Col. 5 lines 53-62]) (a plurality of enclaves, such as Trusted Agent TXEs 101, 102, 103, may correspond to the respective software applications 110, 111, 112, where the software applications 110, 111, 112, are executed and run inside the corresponding TXEs [Nesher ‘574, Col. 3 line 47-Col. 4 line 2, Col. 4 lines 22-29; Fig. 1]), and each of the application enclaves (TXEs may communicate with each other and exchange data [Nesher ‘574, Col. 6 lines 36-45, Col. 7 lines 12-24]).

As stated above, Nesher ‘574 does not explicitly disclose: “…enclave have at least read/write permission for the plurality of application enclaves, and each of the application enclaves has no read/write permission for the … enclave.”
Wiseman ‘942, however, discloses:
…enclave have at least read/write permission for the plurality of application enclaves, and each of the application enclaves has no read/write permission for the … enclave (software running in high privilege execution environment 112 may be able to affect a low privilege execution environment 120, such through read/write/execute operations, but software running in low privilege execution environment 120 cannot affect any software running in high privilege execution environment 112 [Wiseman ‘942, ¶20; Fig. 1]).

Nesher ‘574 and Wiseman ‘942 are analogous art because they are from the same field of endeavor, namely that of securely managing data using enclaves/trusted execution environments. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Nesher ‘574 and Wiseman ‘942 before them, to modify the method in Nesher ‘574 to include the teachings of Wiseman ‘942, namely to configure the TXE enclaves, as disclosed in Nesher ‘574, such that TXE enclaves containing  invokable services, programs, or functionalities and functionalities that maintains secrets are considered high privileged execution environments, and TXE enclaves containing software applications are considered lower privilege execution environments, as disclosed in Wiseman ‘942, where the high privilege execution environments may be able to affect low privilege execution environments, such through read/write/execute operations, but the low privilege execution environments cannot affect any high privilege execution environments. The motivation for doing so would be to improve protection of software through the segregation of execution environments, where communication between execution environments may be limited to prevent unauthorized access (see Wiseman ‘942, ¶¶2-3, 20).

As per claim 2: Nesher ‘574 in view of Wiseman ‘942 discloses all limitations of claim 1, as stated above, from which claim 2 is dependent upon. Furthermore, Nesher ‘574 discloses:
wherein the invokable program (a TXE enclave storing invokable services, programs, or functionalities, such as a library of instruction sets that can be called to perform critical functions [Nesher ‘574, Col. 4 lines 22-29, Col. 5 lines 4-16, Col. 5 lines 53-62, Col. 6 lines 52-67, Col. 9 line 66-Col. 10 line 7]) is a shared program and/or a generic driver oriented to different application programs (the invokable services, programs, functionalities, or library of instruction sets may be used, communicated to, or shared with other applications in other TXEs [Nesher ‘574, Col. 4 lines 22-50, Col. 5 lines 21-41]).

As per claim 11: Nesher ‘574 in view of Wiseman ‘942 discloses all limitations of claim 1, as stated above, from which claim 11 is dependent upon. Furthermore, Nesher ‘574 discloses:
wherein the memory comprises one or more of 
a read-only memory module, a dynamic and/or static random access memory module, a nonvolatile random access memory module, and a memory mapped-input/output module (memory may comprise of read-only memory and system random access memory [Nesher ‘574, Col. 11 lines-26-49, Col. 14 lines 25-27]).

As per claim 13: Nesher ‘574 in view of Wiseman ‘942 discloses all limitations of claim 1, as stated above, from which claim 13 is dependent upon. Nesher ‘574 does not explicitly disclose the limitations of claim 13. Wiseman ‘942, however, discloses:
wherein the processing unit (the plurality of modules, including the processing module 104, bridging module 106, other modules 110, memory module 108, on the device 100 [Wiseman ‘942, ¶17; Fig. 1]) is integrated into a system on chip (the modules on the device 100 may collectively be embodied as a system-on-chip (SOC) [Wiseman ‘942, ¶¶17, 35; Fig. 1]).

Nesher ‘574 and Wiseman ‘942 are analogous art because they are from the same field of endeavor, namely that of securely managing data using enclaves/trusted execution environments. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Nesher ‘574 and Wiseman ‘942 before them, to modify the method in Nesher ‘574 to include the teachings of Wiseman ‘942, namely to implement the system in Nesher ‘574 as a single system-on-chip, as disclosed in Wiseman ‘942. The motivation for doing so would be to increase the usability and practicability of a system by including the entire system on a single system-on-chip (see Wiseman ‘942, ¶¶17, 35).

As per claim 14: Nesher ‘574 discloses:
A security control method, comprising:
configuring a plurality of enclaves isolated from each other in a memory (memory providing a plurality of secure enclaves isolated from each other, where the enclaves may be implemented using trusted software execution environments (TXE) [Nesher ‘574, Col. 1 lines 19-32, Col. 7 lines 50-56, Col. 8 lines 15-29; Fig. 1]), 
wherein the plurality of enclaves comprises a plurality of application enclaves (a plurality of enclaves, such as Trusted Agent TXEs 101, 102, 103, may correspond to the respective software applications 110, 111, 112, where the software applications 110, 111, 112, are executed and run inside the corresponding TXEs [Nesher ‘574, Col. 3 line 47-Col. 4 line 2, Col. 4 lines 22-29; Fig. 1]), a runtime enclave (a TXE enclave storing invokable services, programs, or functionalities, such as a library of instruction sets that can be called to perform critical functions [Nesher ‘574, Col. 4 lines 22-29, Col. 5 lines 4-16, Col. 5 liens 53-62, Col. 6 lines 52-67, Col. 9 line 66-Col. 10 line 7]), and/or a crypto enclave (a TXE enclave storing invokable services, programs, or functionalities that maintains secrets, such as encryption using encryption keys [Nesher ‘574, Col. 4 lines 22-29, Col. 5 lines 36-41, Col. 5 lines 53-62]);
running a corresponding application program within each of the application enclaves; and running an invokable program within the runtime enclave, and/or running a crypto related program within the crypto enclave (software applications and invokable services, programs, or functionalities may each be run in their corresponding TXE enclaves [Nesher ‘574, Col. 3 line 58-Col. 4 line 2, Col. 4 lines 22-29, Col. 5 lines 4-20]),
wherein the runtime enclave (a TXE enclave storing invokable services, programs, or functionalities, such as a library of instruction sets that can be called to perform critical functions [Nesher ‘574, Col. 4 lines 22-29, Col. 5 lines 4-16, Col. 5 liens 53-62, Col. 6 lines 52-67, Col. 9 line 66-Col. 10 line 7]) and the crypto enclave (a TXE enclave storing invokable services, programs, or functionalities that maintains secrets, such as encryption using encryption keys [Nesher ‘574, Col. 4 lines 22-29, Col. 5 lines 36-41, Col. 5 lines 53-62]) (a plurality of enclaves, such as Trusted Agent TXEs 101, 102, 103, may correspond to the respective software applications 110, 111, 112, where the software applications 110, 111, 112, are executed and run inside the corresponding TXEs [Nesher ‘574, Col. 3 line 47-Col. 4 line 2, Col. 4 lines 22-29; Fig. 1]), and each of the application enclaves and the crypto enclave (TXEs may communicate with each other and exchange data [Nesher ‘574, Col. 6 lines 36-45, Col. 7 lines 12-24]).
	
As stated above, Nesher ‘574 does not explicitly disclose: “…enclave have at least read/write permission for the plurality of application enclaves, and each of the application enclaves has no read/write permission for the … enclave.” 
Wiseman ‘942, however, discloses:
…enclave have at least read/write permission for the plurality of application enclaves, and each of the application enclaves has no read/write permission for the … enclave (software running in high privilege execution environment 112 may be able to affect a low privilege execution environment 120, such through read/write/execute operations, but software running in low privilege execution environment 120 cannot affect any software running in high privilege execution environment 112 [Wiseman ‘942, ¶20; Fig. 1]).

Nesher ‘574 and Wiseman ‘942 are analogous art because they are from the same field of endeavor, namely that of securely managing data using enclaves/trusted execution environments. For the reasons stated in claim 1, prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Nesher ‘574 and Wiseman ‘942 before them, to modify the method in Nesher ‘574 to include the teachings of Wiseman ‘942.

As per claim 15: Nesher ‘574 in view of Wiseman ‘942 discloses all limitations of claim 14, as stated above, from which claim 15 is dependent upon. Furthermore, Nesher ‘574 discloses:
wherein the invokable program (a TXE enclave storing invokable services, programs, or functionalities, such as a library of instruction sets that can be called to perform critical functions [Nesher ‘574, Col. 4 lines 22-29, Col. 5 lines 4-16, Col. 5 lines 53-62, Col. 6 lines 52-67, Col. 9 line 66-Col. 10 line 7]) is a shared program and/or a generic driver oriented to different application programs (the invokable services, programs, functionalities, or library of instruction sets may be used, communicated to, or shared with other applications in other TXEs [Nesher ‘574, Col. 4 lines 22-50, Col. 5 lines 21-41]).

As per claim 20: Nesher ‘574 in view of Wiseman ‘942 discloses all limitations of claim 14, as stated above, from which claim 20 is dependent upon. Furthermore, Nesher ‘574 discloses:
A computer-readable storage medium storing instructions thereon, wherein when the instructions are executed, the steps of the method according to claim 14 are implemented (machine readable media having stored thereon instructions that may be used to program a processing system or other electronic device to perform the methods [Nesher ‘574, Col. 11 lines 7-49]).

Claims 3 and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Nesher ‘574, in view of Wiseman ‘942, and further in view of Sarin, US 2020/0364711 A1 (hereinafter, “Sarin ‘711”).

As per claim 3: Nesher ‘574 in view of Wiseman ‘942 discloses all limitations of claim 1, as stated above, from which claim 3 is dependent upon. Furthermore, Nesher ‘574 discloses:
wherein the processor (a processor executing instructions to perform operations, where the processor may comprise multiple cores [Nesher ‘574, Col. 6 lines 48-51, Col. 11 line 57-Col. 12 line 18; Fig. 6]) (a processor executing instructions to perform operations, where the operations may be services, programs, or functionalities that maintains secrets, such as encryption using encryption keys, within a TXE [Nesher ‘574, Col. 4 lines 22-29, Col. 5 lines 36-41, Col. 5 lines 53-62, Col. 6 lines 48-67]).

As stated above, Nesher ‘574 in view of Wiseman ‘942 does not explicitly disclose: “… comprises a first processor core adapted to run the crypto related program oriented to a cryptographic service within the crypto enclave.”
Sarin ‘711, however, discloses:
… comprises a first processor core (a trusted processor core 32 within processor cores 30 [Sarin ‘711, ¶52]) adapted to run the crypto related program oriented to a cryptographic service within the crypto enclave (a trusted processor core 32 executing applications within the trusted execution environment, where the application may be a cryptogram generation module 36 used to encrypt data [Sarin ‘711, ¶¶52, 55, 64]).

Nesher ‘574 (modified by Wiseman ‘942) and Sarin ‘711 are analogous art because they are from the same field of endeavor, namely that of securely managing data using enclaves/trusted execution environments. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Nesher ‘574 (modified by Wiseman ‘942) and Sarin ‘711 before them, to modify the method in Nesher ‘574 (modified by Wiseman ‘942) to include the teachings of Sarin ‘711, namely to run the secrets-maintaining functionality TXE enclave, as disclosed in Nesher ‘574, using a specific trusted processor core, as disclosed in Sarin ‘711. The motivation for doing so would be to increase the security of sensitive information and applications within a trusted execution environment (TEE) by only allowing trusted processor to process the TEE, where the trusted processor core may include certain mechanisms, such as secure registers, which may store and/or process data and which are not directly accessible by entities outside of the TEE (see Sarin ‘711, ¶52).

As per claim 17: Nesher ‘574 in view of Wiseman ‘942 discloses all limitations of claim 14, as stated above, from which claim 17 is dependent upon. Furthermore, Nesher ‘574 discloses:
wherein in user mode (running programs in a CPU mode that offers certain privileges [Nesher ‘574, Col. 4 lines 3-21]), the crypto related program is run by a (the software applications and services, programs, or functionalities that maintains secrets within the TXE enclaves are run by processors [Nesher ‘574, Col. 3 line 47-Col. 4 line 2, Col. 4 lines 22-29, Col. 6 lines 48-67]).

As stated above, Nesher ‘574 in view of Wiseman ‘942 does not explicitly disclose: “… the crypto related program is run by a first processor core, and each of the application programs is run by a second processor core.”
Sarin ‘711, however, discloses:
… the crypto related program is run by a first processor core (the cryptogram generation module 36 is run by the trusted processor core 32 [Sarin ‘711, ¶52]), 
and each of the application programs is run by a second processor core (application programs are run by the public processor core 31 [Sarin ‘711, ¶52]).

Nesher ‘574 (modified by Wiseman ‘942) and Sarin ‘711 are analogous art because they are from the same field of endeavor, namely that of securely managing data using enclaves/trusted execution environments. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Nesher ‘574 (modified by Wiseman ‘942) and Sarin ‘711 before them, to modify the method in Nesher ‘574 (modified by Wiseman ‘942) to include the teachings of Sarin ‘711, namely to run the secrets-maintaining functionality TXE enclave, as disclosed in Nesher ‘574, using a specific trusted processor core, as disclosed in Sarin ‘711; and to run the software application TXE enclaves, as disclosed in Nesher ‘574, using a specific public processor core, as disclosed in Sarin ‘711. The motivation for doing so would be to increase the security of sensitive information and applications within a trusted execution environment (TEE) by only allowing trusted processor to process the TEE, where the trusted processor core may include certain mechanisms, such as secure registers, which may store and/or process data and which are not directly accessible by entities outside of the TEE, and where public processor cores process information and execute applications that are not otherwise considered to be sensitive enough for handling by trusted processor cores (see Sarin ‘711, ¶52).

Claim 4 is rejected under 35 U.S.C. 103 as being unpatentable over Nesher ‘574, in view of Wiseman ‘942, and further in view of Sarin ‘711 and further in view of Costa, US 2018/0212939 A1 (hereinafter, Costa ‘939).

As per claim 4: Nesher ‘574 in view of Wiseman ‘942, and further in view of Sarin ‘711 discloses all limitations of claims 1 and 3, as stated above, from which claim 4 is dependent upon. Furthermore, Nesher ‘574 discloses:
further comprising (a TXE enclave storing invokable services, programs, or functionalities that maintains secrets, such as encryption using encryption keys, where the TXE enclave may generate a result, such as encrypted data [Nesher ‘574, Col. 4 lines 22-29, Col. 5 lines 36-41, Col. 5 lines 53-62]), wherein (executing the services, programs, or functionalities within the TXE to generate encrypted data, where the encrypted data may be transferred and stored on another TXE containing an application [Nesher ‘574, Col. 5 lines 36-41, Col. 5 lines 53-62, Col. 6 lines 40-45, Col. 6 lines 52-67]).

As stated above, Nesher ‘574 in view of Wiseman ‘942 does not explicitly disclose: “a key management component adapted to provide the cryptographic service to generate an encryption/decryption result, wherein the first processor core is coupled to the key management component and writes the encryption/decryption result into …”.
Costa ‘939, however, discloses:
a key management component adapted to provide (a key vault [Costa ‘939, ¶¶179-180]) the cryptographic service to generate an encryption/decryption result (a key vault securely holds keys, such as keys of an encryption system for generating encrypted and decrypted data [Costa ‘939, ¶¶180, 185, 213]), 
wherein the  writes the encryption/decryption result into … (the key vault generates encrypted and decrypted data using keys, where the encrypted and decrypted data may be sent to and stored on the vault client, and where the vault client 2112 may be implemented as an enclave [Costa ‘939, ¶¶181, 213-214, 217, 222]).
Nesher ‘574 (modified by Wiseman ‘942) and Costa ‘939 are analogous art because they are from the same field of endeavor, namely that of securely managing data using enclaves/trusted execution environments. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Nesher ‘574 (modified by Wiseman ‘942) and Costa ‘939 before them, to modify the method in Nesher ‘574 (modified by Wiseman ‘942) to include the teachings of Costa ‘939, namely to implement a key vault enclave, as disclosed in Costa ‘939, in association with the secret-maintaining functionality TXE enclave, as disclosed in Nesher ‘574, where the key vault securely holds keys, such as keys of an encryption system, for generating encrypted and decrypted data. The motivation for doing so would be to increase the security, usability, and efficiency of data exchanges between enclaves by using a key vault enclave, where a key vault enclave can provide both the encryption and decryption of data, and where the use of cryptographic keys is a common and efficient method of encryption/decryption (see Costa ‘939, ¶¶180, 214, 216).
As stated above, Nesher ‘574 in view of Wiseman ‘942, and further in view of Costa ‘939 does not explicitly disclose: “… wherein the first processor core is coupled to …”.
Sarin ‘711, however, discloses:
… wherein the first processor core is coupled to … (a trusted processor core 32 is coupled to the protected space 39, where the protected space 39 comprises the cryptogram generation module 36 that uses cryptographic keys to perform cryptographic operations [Sarin ‘711, ¶¶28, 52, 54-55, 64]).
Nesher ‘574 (modified by Wiseman ‘942 and Costa ‘939) and Sarin ‘711 are analogous art because they are from the same field of endeavor, namely that of securely managing data using enclaves/trusted execution environments. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Nesher ‘574 (modified by Wiseman ‘942 and Costa ‘939) and Sarin ‘711 before them, to modify the method in Nesher ‘574 (modified by Wiseman ‘942 and Costa ‘939) to include the teachings of Sarin ‘711, namely to run the secrets-maintaining functionality TXE enclave, as disclosed in Nesher ‘574, as well as the key vault enclave, as disclosed in Costa ‘939 using a specific trusted processor core, as disclosed in Sarin ‘711. The motivation for doing so would be to increase the security of sensitive information and applications within a trusted execution environment (TEE) by only allowing trusted processor to process the TEE, where the trusted processor core may include certain mechanisms, such as secure registers, which may store and/or process data and which are not directly accessible by entities outside of the TEE (see Sarin ‘711, ¶52).

Claims 5-7 and 10 are rejected under 35 U.S.C. 103 as being unpatentable over Nesher ‘574, in view of Wiseman ‘942, and further in view of Johnson et al., US 2012/0159184 A1 (hereinafter, “Johnson ‘184”).

As per claim 5: Nesher ‘574 in view of Wiseman ‘942 discloses all limitations of claim 1, as stated above, from which claim 5 is dependent upon. Nesher ‘574 in view of Wiseman ‘942 does not explicitly disclose the limitations of claim 5. Johnson ‘184, however, discloses:
further comprising: 
an address register used for storing address information corresponding to each of the application enclaves (address register containing the addresses of the corresponding enclaves, where the enclaves may contain executable applications [Johnson ‘184, ¶¶37, 323-326]); and 
a permission register used for storing permission information of each of the enclaves (secure enclave range registers (SERR) provide access control to the enclaves [Johnson ‘184, ¶¶46, 48, 168-170]), 
wherein the processor is adapted to control an access operation of each of the enclaves (enclave data is protected using access control mechanisms provided by the processor [Johnson ‘184, ¶¶37-39]) based on 10access permission indicated by the permission information (access control mechanisms for the enclaves is based on access control information provided by the SERR [Johnson ‘184, ¶¶48, 72, 168-170]), and 
the access permission comprises at least read/write permission and execute permission (access control mechanisms comprises read/write/execution permissions [Johnson ‘184, ¶¶99 and the corresponding Table, 107 and the corresponding Table, 138 and the corresponding Table, 174 and the corresponding Table]).

Nesher ‘574 (modified by Wiseman ‘942) and Johnson ‘184 are analogous art because they are from the same field of endeavor, namely that of securely managing data using enclaves/trusted execution environments. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Nesher ‘574 (modified by Wiseman ‘942) and Johnson ‘184 before them, to modify the method in Nesher ‘574 (modified by Wiseman ‘942) to include the teachings of Johnson ‘184, namely to implement an address register for address information for the TXE enclaves and an SERR for storing access control information for the TXE enclaves, as disclosed in Johnson ‘184, where access control mechanisms comprises read/write/execution permissions, for the TXE enclaves, is based on access control information in the SERR. The motivation for doing so would be to provide greater control, and in turn greater security, over specific accesses to enclaves, by implementing data structures that can provide references to the addresses and permissions corresponding to the accesses to the enclaves (see Johnson ‘184, ¶¶46, 48, 324).

As per claim 6: Nesher ‘574 in view of Wiseman ‘942 and further in view of Johnson ‘184 discloses all limitations of claims 1 and 5, as stated above, from which claim 6 is dependent upon. Nesher ‘574 in view of Wiseman ‘942 does not explicitly disclose the limitations of claim 6. Johnson ‘184, however, discloses:
wherein the permission information of the application enclave is configured with no access permission for the application enclaves other than itself (access to data not belonging to the executing enclave is prevented; enclave data is protected by access control mechanisms, where the processor protects this data so that only the enclave which owns that data can access it, and where the enclave comprises executable applications [Johnson ‘184, ¶¶37, 48, 61]).

Nesher ‘574 (modified by Wiseman ‘942) and Johnson ‘184 are analogous art because they are from the same field of endeavor, namely that of securely managing data using enclaves/trusted execution environments. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Nesher ‘574 (modified by Wiseman ‘942) and Johnson ‘184 before them, to modify the method in Nesher ‘574 (modified by Wiseman ‘942) to include the teachings of Johnson ‘184, namely to configured the access control information such that only the TXE enclave, as disclosed in Nesher ‘574, which owns that data can access it and access to data not belonging to the executing TXE enclave is prevented, as disclosed in Johnson ‘184. The motivation for doing so would be to increase the protect of data and applications with an enclave by restricting accesses to the enclave to outside processes, where the enclave is a safe space for an application to execute code and store data without unauthorized tampering (see Johnson ‘184, ¶¶37, 48, 61).

As per claim 7: Nesher ‘574 in view of Wiseman ‘942 and further in view of Johnson ‘184 discloses all limitations of claims 1 and 5, as stated above, from which claim 7 is dependent upon. Furthermore, Johnson ‘184 discloses:
wherein the permission information of the application enclave (access control mechanisms for the enclaves is based on access control information provided by the SERR, where the enclaves may contain executable applications [Johnson ‘184, ¶¶37, 46, 48, 72, 168-170]) is configured with execute permission for the (access control mechanisms comprises read/write/execution permissions [Johnson ‘184, ¶¶99 and the corresponding Table, 107 and the corresponding Table, 138 and the corresponding Table, 174 and the corresponding Table]).
	 
	As stated above, Johnson ‘184 in view of Wiseman ‘942 does not explicitly disclose: “… crypto enclave … runtime enclave … crypto enclave … runtime enclave …”.
	Nesher ‘574, however, discloses:
	“… crypto enclave (a TXE enclave storing invokable services, programs, or functionalities that maintains secrets, such as encryption using encryption keys [Nesher ‘574, Col. 4 lines 22-29, Col. 5 lines 36-41, Col. 5 lines 53-62]) … runtime enclave (a TXE enclave storing invokable services, programs, or functionalities, such as a library of instruction sets that can be called to perform critical functions [Nesher ‘574, Col. 4 lines 22-29, Col. 5 lines 4-16, Col. 5 liens 53-62, Col. 6 lines 52-67, Col. 9 line 66-Col. 10 line 7]) … crypto enclave … runtime enclave …

Nesher ‘574 (modified by Wiseman ‘942) and Johnson ‘184 are analogous art because they are from the same field of endeavor, namely that of securely managing data using enclaves/trusted execution environments. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Nesher ‘574 (modified by Wiseman ‘942) and Johnson ‘184 before them, to modify the method in Nesher ‘574 (modified by Wiseman ‘942) to include the teachings of Johnson ‘184, namely to configure the TXE enclaves, as disclosed in Nesher ‘574, using specific permissions/restrictions within the SERR, as disclosed in Johnson ‘184, where TXE enclaves containing software applications may have execute permissions for the TXE enclaves that contain   invokable services, programs, or functionalities and functionalities that maintains secrets; and the TXE enclaves that contain  invokable services, programs, or functionalities and functionalities that maintains secrets may have read/write/execute permissions for TXE enclaves containing software applications. The motivation for doing so would be to improve the security and integrity of confidential applications and data within an enclave by restricting access, such as through read/write/execute operations, to an enclave to certain processes operating outside of the enclave (see Johnson ‘184, ¶¶37, 48, 174 and the corresponding Table).

As per claim 10: Nesher ‘574 in view of Wiseman ‘942 discloses all limitations of claim 1, as stated above, from which claim 10 is dependent upon. Nesher ‘574 in view of Wiseman ‘942 does not explicitly disclose the limitations of claim 10. Johnson ‘184, however, discloses:
wherein at least one of the enclaves is configured by a corresponding enable tag, wherein the enable tag indicates that the enclave is in an enabled state, a disabled state, or a partially disabled state (the enclave is associated with flags that indicate whether an enclave is enabled/active or disabled/inactive, for example, the ‘EnclaveCTL_MSR’ flag in TABLE 14-1 and the ‘STATE’ flag [Johnson ‘184, ¶¶315 and the corresponding TABLE 14-1, 516 and the corresponding table, 531 and the corresponding table]).
	 
Nesher ‘574 (modified by Wiseman ‘942) and Johnson ‘184 are analogous art because they are from the same field of endeavor, namely that of securely managing data using enclaves/trusted execution environments. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Nesher ‘574 (modified by Wiseman ‘942) and Johnson ‘184 before them, to modify the method in Nesher ‘574 (modified by Wiseman ‘942) to include the teachings of Johnson ‘184, namely to implement flags, such as ‘EnclaveCTL_MSR’ or ‘STATE’, as disclosed in Johnson ‘184 to indicate whether a TXE enclave, as disclosed in Nesher ‘574, is in an enabled/active or disabled/inactive state. The motivation for doing so would be to provide more information and greater clarity regarding the state of an enclave during operations of the system (see Johnson ‘184, ¶¶99, 107, 315 and the corresponding TABLE 14-1).

Claim 8 is rejected under 35 U.S.C. 103 as being unpatentable over Nesher ‘574, in view of Wiseman ‘942, and further in view of Johnson ‘184, and further in view of Goldsmith et al., US 2015/0186272 A1 (hereinafter, “Goldsmith ‘272”).

As per claim 8: Nesher ‘574 in view of Wiseman ‘942 and further in view of Johnson ‘184 discloses all limitations of claims 1 and 5, as stated above, from which claim 8 is dependent upon. Nesher ‘574 in view of Wiseman ‘942 and further in view of Johnson ‘184 does not explicitly disclose the limitations of claim 8. Goldsmith ‘272, however, discloses:
wherein a first application enclave of the plurality of application enclaves shares permission information with a specified second application enclave (a first enclave, the sharing enclave, offering to share a page, specifies the linear address of the page to be shared, the permissions (e.g. read, write, and/or execute), and the identity of the enclave with which the page is to be shared, where a secure enclave may be used by a software application [Goldsmith ‘272, ¶¶30, 39]), such that the second application enclave has temporary access permission for the first application enclave (the specified enclave will have access to the shared page based on the access permissions, until the shared page of the enclave is unshared [Goldsmith ‘272, ¶¶40, 43]).
Nesher ‘574 (modified by Wiseman ‘942 & Johnson ‘184) and Goldsmith ‘272 are analogous art because they are from the same field of endeavor, namely that of securely managing data using enclaves/trusted execution environments. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Nesher ‘574 (modified by Wiseman ‘942 & Johnson ‘184) and Goldsmith ‘272 before them, to modify the method in Nesher ‘574 (modified by Wiseman ‘942 & Johnson ‘184) to include the teachings of Goldsmith ‘272, namely to allow sharing of data, as disclosed in Goldsmith ‘272, between TXE enclaves, as disclosed in Nesher ‘574, such that an application TXE enclave has access to data within another application TXE enclave based on the access permissions, until the date of the enclave is unshared. The motivation for doing so would be to increase the ease and security of sharing and transmitting sensitive information between secure enclaves (see Goldsmith ‘272, ¶¶4, 16, 39).

Claims 9 and 18-19 are rejected under 35 U.S.C. 103 as being unpatentable over Nesher ‘574, in view of Wiseman ‘942, and further in view of Johnson ‘184, and further in view of Leslie-Hurd et al., US 2015/0186659 A1 (hereinafter, “Leslie-Hurd ‘659”), and further in view of Leslie-Hurd et al., US 2015/0186678 A1 (hereinafter, “Leslie-Hurd ‘678”).

As per claim 9: Nesher ‘574 in view of Wiseman ‘942 and further in view of Johnson ‘184 discloses all limitations of claims 1 and 5, as stated above, from which claim 9 is dependent upon. Furthermore, Nesher ‘574 discloses:
wherein the processor (processor [Nesher ‘574, Abstract, Col. 6 lines 48-51]) is adapted to: 
run an operating system (running an operating system [Nesher ‘574, Abstract, Col. 4 lines 3-21, Col. 8 lines 30-39]); 
run one or more of the application program (running software applications; a plurality of enclaves, such as Trusted Agent TXEs 101, 102, 103, may correspond to the respective software applications 110, 111, 112, where the software applications 110, 111, 112, are executed and run inside the corresponding TXEs [Nesher ‘574, Col. 3 line 47-Col. 4 line 2, Col. 4 lines 22-29; Fig. 1]), the invokable program (running services, programs, or functionalities; TXE enclave storing invokable services, programs, or functionalities, such as a library of instruction sets that can be called to perform critical functions [Nesher ‘574, Col. 4 lines 22-29, Col. 5 lines 4-16, Col. 5 liens 53-62, Col. 6 lines 52-67, Col. 9 line 66-Col. 10 line 7]), and the crypto related program (running services, programs, or functionalities that maintains secrets; TXE enclave storing invokable services, programs, or functionalities that maintains secrets, such as encryption using encryption keys [Nesher ‘574, Col. 4 lines 22-29, Col. 5 lines 36-41, Col. 5 lines 53-62]) in user mode (running user programs in the CPU mode corresponding to ring 3 privileges [Nesher ‘574, Col. 3 line 58-Col. 4 line 21]); and 
run a secure monitor (running a trusted manager, where the trusted manager is responsible for controlling the behavior and processing of applications within the enclaves [Nesher ‘574, Col. 2 lines 31-45, Col. 5 line 42-Col. 6 line 11]).

As stated above, Nesher ‘574 in view of Wiseman ‘942 and further in view of Johnson ‘184 does not explicitly disclose: “… run a secure monitor in machine mode to configure the address register and the permission register and …”.
Leslie-Hurd ‘659, however, discloses:
… run a secure monitor in machine mode to configure  … (running a privileged software that updates or restricts the permissions of an enclave in supervisor mode, where the permissions may be stored in a register [Leslie-Hurd ‘659, ¶¶15, 17, 38, 49, 53]),

Nesher ‘574 (modified by Wiseman ‘942 & Johnson ‘184) and Leslie-Hurd ‘659 are analogous art because they are from the same field of endeavor, namely that of securely managing data using enclaves/trusted execution environments. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Nesher ‘574 (modified by Wiseman ‘942 & Johnson ‘184) and Leslie-Hurd ‘659 before them, to modify the method in Nesher ‘574 (modified by Wiseman ‘942 & Johnson ‘184) to include the teachings of Leslie-Hurd ‘659, namely to run the trusted manager, as disclosed in Nesher ‘574, in a supervisor mode, where the trusted manager may be able to updates or restricts the permissions of a TXE enclave, as disclosed in Leslie-Hurd ‘659. The motivation for doing so would be to improve the performance of enclave accesses by providing a dynamic and safe method of modifying the permissions of an enclave as needed (see Leslie-Hurd ‘659, ¶¶17, 38).

As stated above, Nesher ‘574 in view of Wiseman ‘942 and further in view of Johnson ‘184, and further in view of Leslie-Hurd ‘659 does not explicitly disclose: “… configure the address register and …”.
Leslie-Hurd ‘678, however, discloses:
“… configure the address register and … (configuring the address register at a particular privilege level [Leslie-Hurd ‘678, ¶¶33, 35, 37, 41])

Nesher ‘574 (modified by Wiseman ‘942 & Johnson ‘184 & Leslie-Hurd ‘659) and Leslie-Hurd ‘678 are analogous art because they are from the same field of endeavor, namely that of securely managing data using enclaves/trusted execution environments. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Nesher ‘574 (modified by Wiseman ‘942 & Johnson ‘184 & Leslie-Hurd ‘659) and Leslie-Hurd ‘678 before them, to modify the method in Nesher ‘574 (modified by Wiseman ‘942 & Johnson ‘184 & Leslie-Hurd ‘659) to include the teachings of Leslie-Hurd ‘678, namely to run the trusted manager, as disclosed in Nesher ‘574, in a supervisor mode, where the trusted manager may be able to configure the address register, as disclosed in Leslie-Hurd ‘678, containing addresses associated with TXE enclaves, as disclosed in Nesher ‘574. The motivation for doing so would be to improve the performance of enclave accesses by providing a dynamic and safe method of modifying the addresses of an enclave as needed (see Leslie-Hurd ‘678, ¶¶32-33, 35).

As per claim 18: Nesher ‘574 in view of Wiseman ‘942 discloses all limitations of claim 14, as stated above, from which claim 18 is dependent upon. Furthermore, Nesher ‘574 discloses:
wherein the step of configuring a plurality of enclaves isolated from each other in a memory (memory providing a plurality of secure enclaves isolated from each other, where the enclaves may be implemented using trusted software execution environments (TXE) [Nesher ‘574, Col. 1 lines 19-32, Col. 7 lines 50-56, Col. 8 lines 15-29; Fig. 1]) comprises: 
running a secure monitor (running a trusted manager, where the trusted manager is responsible for controlling the behavior and processing of applications within the enclaves [Nesher ‘574, Col. 2 lines 31-45, Col. 5 line 42-Col. 6 line 11]) 



As stated above, Nesher ‘574 does not explicitly disclose: “running … in machine mode, wherein … is adapted to configure address information and permission information corresponding to each of the enclaves, so that the security control method controls an access operation of each of the enclaves based on access permission indicated by the permission information in user mode; and the access permission comprises at least read/write permission and execute permission.”
Wiseman ‘942, however, discloses:

so that the security control method controls an access operation of each of the enclaves based on access permission (a security control method that manages the operations between high privilege execution environments and lower privilege execution environments in a particular mode, the operations may be read/write/execution operations; for example, software running in high privilege execution environment 112 may be able to affect a low privilege execution environment 120, such through read/write/execute operations, but software running in low privilege execution environment 120 cannot affect any software running in high privilege execution environment 112 [Wiseman ‘942, ¶¶20-21; Fig. 1]).

Nesher ‘574 and Wiseman ‘942 are analogous art because they are from the same field of endeavor, namely that of securely managing data using enclaves/trusted execution environments. For the reasons stated in claim 1, prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Nesher ‘574 and Wiseman ‘942 before them, to modify the method in Nesher ‘574 to include the teachings of Wiseman ‘942.

As stated above, Nesher ‘574 in view of Wiseman ‘942 does not explicitly disclose: “running … in machine mode, wherein … is adapted to configure address information and permission information corresponding to each of the enclaves, … access permission indicated by the permission information in …”.
Johnson ‘184, however, discloses:

… access permission indicated by the permission information (access control mechanisms for the enclaves is based on access control information provided by the SERR [Johnson ‘184, ¶¶46, 48, 72, 168-170]) …

Nesher ‘574 (modified by Wiseman ‘942) and Johnson ‘184 are analogous art because they are from the same field of endeavor, namely that of securely managing data using enclaves/trusted execution environments. For the reasons stated in claim 5, prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Nesher ‘574 (modified by Wiseman ‘942) and Johnson ‘184 before them, to modify the method in Nesher ‘574 (modified by Wiseman ‘942) to include the teachings of Johnson ‘184.

As stated above, Nesher ‘574 in view of Wiseman ‘942, and further in view of Johnson ‘184 does not explicitly disclose: “running … in machine mode, wherein … is adapted to configure address information and permission information corresponding to each of the enclaves …”.
Leslie-Hurd ‘659, however, discloses:
running … in machine mode, wherein … is adapted to configure … (running a privileged software that updates or restricts the permissions of an enclave in supervisor mode, where the permissions may be stored in a register [Leslie-Hurd ‘659, ¶¶15, 17, 38, 49, 53]).

Nesher ‘574 (modified by Wiseman ‘942 & Johnson ‘184) and Leslie-Hurd ‘659 are analogous art because they are from the same field of endeavor, namely that of securely managing data using enclaves/trusted execution environments. For the reasons stated in claim 9, prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Nesher ‘574 (modified by Wiseman ‘942 & Johnson ‘184) and Leslie-Hurd ‘659 before them, to modify the method in Nesher ‘574 (modified by Wiseman ‘942 & Johnson ‘184) to include the teachings of Leslie-Hurd ‘659.

As stated above, Nesher ‘574 in view of Wiseman ‘942, and further in view of Johnson ‘184, and further in view of Leslie-Hurd ‘659 does not explicitly disclose: “… configure address information …”.
Leslie-Hurd ‘678, however, discloses:
… configure address information … (configuring the address register at a particular privilege level [Leslie-Hurd ‘678, ¶¶33, 35, 37, 41])

Nesher ‘574 (modified by Wiseman ‘942 & Johnson ‘184 & Leslie-Hurd ‘659) and Leslie-Hurd ‘678 are analogous art because they are from the same field of endeavor, namely that of securely managing data using enclaves/trusted execution environments. For the reasons stated in claim 9, prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Nesher ‘574 (modified by Wiseman ‘942 & Johnson ‘184 & Leslie-Hurd ‘659) and Leslie-Hurd ‘678 before them, to modify the method in Nesher ‘574 (modified by Wiseman ‘942 & Johnson ‘184 & Leslie-Hurd ‘659) to include the teachings of Leslie-Hurd ‘678.

As per claim 19: Nesher ‘574 in view of Wiseman ‘942, and further in view of Johnson ‘184, and further in view of Leslie-Hurd ‘659, and further in view of Leslie-Hurd ‘678 discloses all limitations of claims 14 and 18, as stated above, from which claim 19 is dependent upon. Furthermore, Nesher ‘574 discloses:
(a plurality of enclaves, such as Trusted Agent TXEs 101, 102, 103, may correspond to the respective software applications 110, 111, 112, where the software applications 110, 111, 112, are executed and run inside the corresponding TXEs [Nesher ‘574, Col. 3 line 47-Col. 4 line 2, Col. 4 lines 22-29; Fig. 1]) indicates at least one of the following configurations (TXEs may communicate with each other and exchange data [Nesher ‘574, Col. 6 lines 36-45, Col. 7 lines 12-24]):
(a plurality of enclaves, such as Trusted Agent TXEs 101, 102, 103, may correspond to the respective software applications 110, 111, 112, where the software applications 110, 111, 112, are executed and run inside the corresponding TXEs [Nesher ‘574, Col. 3 line 47-Col. 4 line 2, Col. 4 lines 22-29; Fig. 1]) (a TXE enclave storing invokable services, programs, or functionalities that maintains secrets, such as encryption using encryption keys [Nesher ‘574, Col. 4 lines 22-29, Col. 5 lines 36-41, Col. 5 lines 53-62]) and the runtime enclave (a TXE enclave storing invokable services, programs, or functionalities, such as a library of instruction sets that can be called to perform critical functions [Nesher ‘574, Col. 4 lines 22-29, Col. 5 lines 4-16, Col. 5 liens 53-62, Col. 6 lines 52-67, Col. 9 line 66-Col. 10 line 7]); the crypto enclave and the runtime enclave (running a trusted manager, where the trusted manager is responsible for controlling the behavior and processing of applications within the enclaves [Nesher ‘574, Col. 2 lines 31-45, Col. 5 line 42-Col. 6 line 11]).

As stated above, Nesher ‘574 in view of Leslie-Hurd ‘659, and further in view of Leslie-Hurd ‘678 does not explicitly disclose: “wherein permission information … indicates at least one of the following configurations: the application enclave has no access permission for the application enclaves other than itself; … has execute permission for … have read/write permission and execute permission for the … has no read/write permission for … has no read/write permission … has no execute permission for … has no access permission.”
Wiseman ‘942, however, discloses: 
 … has execute permission for … have read/write permission and execute permission for the … has no read/write permission for … has no read/write permission … has no execute permission for … has no access permission (a security control method that manages the operations between high privilege execution environments and lower privilege execution environments in a particular mode, the operations may be read/write/execution operations; for example, software running in high privilege execution environment 112 may be able to affect a low privilege execution environment 120, such through read/write/execute operations, but software running in low privilege execution environment 120 cannot affect any software running in high privilege execution environment 112 [Wiseman ‘942, ¶¶20-21; Fig. 1])).

Nesher ‘574 (modified by Leslie-Hurd ‘659 & Leslie-Hurd ‘678) and Wiseman ‘942 are analogous art because they are from the same field of endeavor, namely that of securely managing data using enclaves/trusted execution environments. For the reasons stated in claim 1, prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Nesher ‘574 (modified by Leslie-Hurd ‘659 & Leslie-Hurd ‘678) and Wiseman ‘942 before them, to modify the method in Nesher ‘574 (modified by Leslie-Hurd ‘659 & Leslie-Hurd ‘678) to include the teachings of Wiseman ‘942.

As stated above, Nesher ‘574 in view of Wiseman ‘942, and further in view of Leslie-Hurd ‘659, and further in view of Leslie-Hurd ‘678 does not explicitly disclose: “wherein permission information … indicates at least one of the following configurations: the application enclave has no access permission for the application enclaves other than itself; …”.
Johnson ‘184, however, discloses:
wherein permission information (access control mechanisms for the enclaves is based on access control information provided by the SERR [Johnson ‘184, ¶¶48, 72, 168-170]) … indicates at least one of the following configurations (access control mechanisms comprises read/write/execution permissions [Johnson ‘184, ¶¶99 and the corresponding Table, 107 and the corresponding Table, 138 and the corresponding Table, 174 and the corresponding Table]): the application enclave has no access permission for the application enclaves other than itself; … (access to data not belonging to the executing enclave is prevented; enclave data is protected by access control mechanisms, where the processor protects this data so that only the enclave which owns that data can access it, and where the enclave comprises executable applications [Johnson ‘184, ¶¶37, 48, 61]).

Nesher ‘574 (modified by Wiseman ‘942 & Leslie-Hurd ‘659 & Leslie-Hurd ‘678) and Johnson ‘184 are analogous art because they are from the same field of endeavor, namely that of securely managing data using enclaves/trusted execution environments. For the reasons stated in claim 6, prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Nesher ‘574 (modified by Wiseman ‘942 & Leslie-Hurd ‘659 & Leslie-Hurd ‘678) and Johnson ‘184 before them, to modify the method in Nesher ‘574 (modified by Wiseman ‘942 & Leslie-Hurd ‘659 & Leslie-Hurd ‘678) to include the teachings of Johnson ‘184.

Claim 12 is rejected under 35 U.S.C. 103 as being unpatentable over Nesher ‘574, in view of Wiseman ‘942, and further in view of Negi et al., US 2018/0285560 A1 (hereinafter, “Negi ‘560”).

As per claim 12: Nesher ‘574 in view of Wiseman ‘942 discloses all limitations of claim 1, as stated above, from which claim 12 is dependent upon. Nesher ‘574 in view of Wiseman ‘942 does not explicitly disclose the limitations of claim 12. Negi ‘560, however, discloses:
further comprising: 
a direct storage access controller adapted to access the memory (security processor 140 adapted to access the direct memory access (DMA) region 154 of the memory 150 which comprises the enclave 152 [Negi ‘560, ¶24]) in response to a request of the processor (in response to a request, such as the reporting instructing, from the CPU 130 [Negi ‘560, ¶¶27, 34-35]); and/or 
a power management module adapted to provide a supply voltage required for the processing unit to work (power management integrated circuit (PMIC) provides and controls power to the processor for the system to operate [Negi ‘560, ¶42]).

Nesher ‘574 (modified by Wiseman ‘942) and Negi ‘560 are analogous art because they are from the same field of endeavor, namely that of securely managing data using enclaves/trusted execution environments. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Nesher ‘574 (modified by Wiseman ‘942) and Negi ‘560 before them, to modify the method in Nesher ‘574 (modified by Wiseman ‘942) to include the teachings of Negi ‘560, namely to implement a direct storage access to the memory, as disclosed in Negi ‘560, containing the TXE enclaves, as disclosed in Nesher ‘574; also to implement a power management integrated circuit to control power to the processor, as disclosed in Negi ‘560. The motivation for doing so would be to increase the efficiency as well as the security of accesses to the memory; and also to have greater control over the power to enable the processor to enter certain states if necessary (see Negi ‘560, ¶¶24, 29, 42).

Claim 16 is rejected under 35 U.S.C. 103 as being unpatentable over Nesher ‘574, in view of Wiseman ‘942, and further in view of Costa ‘939.

As per claim 16: Nesher ‘574 in view of Wiseman ‘942 discloses all limitations of claim 14, as stated above, from which claim 16 is dependent upon. Furthermore, Nesher ‘574 discloses:
further comprising: 
writing an (executing the services, programs, or functionalities within the TXE to generate encrypted data, where the encrypted data may be transferred and stored on another TXE containing an application [Nesher ‘574, Col. 5 lines 36-41, Col. 5 lines 53-62, Col. 6 lines 40-45, Col. 6 lines 52-67]), wherein the (a TXE enclave storing invokable services, programs, or functionalities that maintains secrets, such as encryption using encryption keys, where the TXE enclave may generate a result, such as encrypted data [Nesher ‘574, Col. 4 lines 22-29, Col. 5 lines 36-41, Col. 5 lines 53-62]).

As stated above, Nesher ‘574 in view of Wiseman ‘942 does not explicitly disclose: “… writing an encryption/decryption result into… , wherein the encryption/decryption result is acquired by the crypto related program running within the crypto enclave.”
Costa ‘939, however, discloses:
… writing an encryption/decryption result into… (the key vault generates encrypted and decrypted data using keys, where the encrypted and decrypted data may be sent to and stored on the vault client, and where the vault client 2112 may be implemented as an enclave [Costa ‘939, ¶¶181, 213-214, 217, 222]), wherein the encryption/decryption result is acquired by the crypto related program running within the crypto enclave (a key vault securely holds keys, such as keys of an encryption system for generating encrypted and decrypted data [Costa ‘939, ¶¶179-180, 185, 213]).

Nesher ‘574 (modified by Wiseman ‘942) and Costa ‘939 are analogous art because they are from the same field of endeavor, namely that of securely managing data using enclaves/trusted execution environments. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Nesher ‘574 (modified by Wiseman ‘942) and Costa ‘939 before them, to modify the method in Nesher ‘574 (modified by Wiseman ‘942) to include the teachings of Costa ‘939, namely to configure the secret-maintaining functionality TXE enclave, as disclosed in Nesher ‘574, to not only generate an encryption result, but also generate a decryption result, as disclosed in Costa ‘939. The motivation for doing so would be to increase the functionality of an enclave that provides cryptographic services, such as key vault enclave, such that the enclave can provide both the encryption and decryption of data, which in turn can improve the security and usability of the system as a whole (see Costa ‘939, ¶¶180, 214, 216).

Conclusion
The prior art made of record and not relied upon is considered pertinent to the Applicant’s disclosure:
Narendra Trivedi et al., US 2017/0185766 A1: using a secure device address map to map addresses for the device and an enclave, where a register filter component may grant access to the device to the enclave.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to ALAN LINGQIAN KONG whose telephone number is (571)272-2646. The examiner can normally be reached Monday-Thursday 8:00am-5:30pm EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, JUNG (JAY) KIM can be reached on (571)272-3804. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/ALAN LINGQIAN KONG/Examiner, Art Unit 2494

/JUNG W KIM/Supervisory Patent Examiner, Art Unit 2494