DETAILED ACTION
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
This Office Action is in response to the amendment filed on 5/10/2022.
Claims 2, 4-5, 7, 10, 12-25, 28 and 35 have been canceled.
Claims 1, 3, 26-27, 33-34 and 36-41 have been amended.
Claims 1, 3, 6, 8-9, 11, 26-27, 29-34 and 36-41 are pending for consideration.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Arguments
The claim objections of claims 33-34 and 36-39 have been withdrawn as the claims have been amended as suggested.
The rejection of claims 1, 3, 6, 8-9, 11, 26-27, 29-34 and 36-41 under § 112 (a) and § 112(b) have been withdrawn in view of the amendment filed on 5/10/2022.
Applicant’s arguments (i.e., “monitoring a master key for revocation from the network source, wherein the master key includes the secret key, and wherein monitoring includes determining whether the secret key has been removed by the network source”) with respect to claim(s) 1, 3, 6, 8-9, 11, 26-27, 29-34 and 36-41 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 11, 26, 32 , 33 and 39-40 are rejected under 35 U.S.C. 103 as being unpatentable over Smith et al. (US 9215249 B2, hereafter Smith) in view of Hitchcock et al. (US 9141769) (hereinafter Hitchcock).

Regarding to claim 1, Smith teaches an apparatus ([ Col 18, lines  60-63]  service provider device (i.e. apparatus)) comprising: 
a manageability controller circuitry coupled to or hosted by one or more processors, ([Col 5, lines 21-22] manageability engine technology, a security co-processor, manageability engine (i.e. manageability controller circuitry)) 
the manageability controller circuitry comprising: a remote communicator circuitry to receive a secret key from a network source; and ([Col 6, lines 54-68] TTIM 308 when executed by processor 304 may cause client 101 to transmit a trusted task initiation signal (TTIS, not shown) from client 101 to service provider 102.sub.n, e.g., from Comms 307 to Comms 313. (i.e. communication circuitry); [Col 9, lines 39-42] The TTIS may include a copy of the policy generated by the client (i.e. network source) for the data/code in question. The TTIS may also include one or more key exchange keys, encryption keys, a private client ID, combinations thereof. (receive secret key))
a local authenticator circuitry to (i) authenticate a secure enclave of the apparatus, ([Col 13, lines 60 – 65, Col 14, lines 1 -2] The exchange of key exchange keys between client 101 and service provider 102.sub.n may be based on the trust each node's TEE has in the client policy describing the desired TEE environment and the attestation proof describing the TEE capabilities of service provider 102.sub.n. ( i.e. authentication secure enclave)
wherein the secure enclave is isolated from untrusted software of the apparatus, and ([Col 14, lines 63-67, Col 15, lines 1, 2] Service provider 102.sub.n also instantiates containers/realms within its TEE for each of the encrypted data compartments. For example, service provider 102.sub.n may schedule compartment data and execution data within respective isolated execution environments (e.g., the restricted realm, sensitive, realm, unclassified realm, etc.) with its TEE.) 
(ii) securely provision a first session key derived from the secret key to the secure enclave in response to authentication of the secure enclave, ([Col 11, lines 40-45] The discussion of FIG. 5 therefore focuses on the generation and management of encryption keys that may be used to protect the data/code that is the subject of a trusted task, as well as the communicative exchanges that may occur between a client and service provider.; [Col 11, lines 45-67; col 12, lines 1-26] discloses derivation of session key (first session key) from exchanged secret key and provision of session key to a TEE (securely provision secret enclave)) 
wherein the local authenticator circuitry is further to securely provision a second session key derived from the secret key to the secure enclave in response to a determination that the first session key has expired.  ([Col 14, lines 31-35] In either case, a Sigma session may be made more temporal by appending a counter value to the basename (e.g., SessionID=CMAC(basename, counter). //Examiner remark: since the session key are temporal (set expiration time), it will generate second session key after first session expires.)
wherein the secure enclave comprises a trusted execution environment established with secure enclave support of the one or more processors ([col 7, lines 34-39; col 9, lines 47-53; and col 15, lines 11-16] the sealed compartment keys may only be used by service provider 102.sub.n when the TEE matches measurements contained in the attestation proof. Sealed key unwrap may be supported by a hardware security module, such as a trusted platform module.)
wherein the secure enclave facilitates a cryptographic operation with the first or second session keys in response to the secure provisioning of the first or second session keys ([col 10, lines 45-67; and col 11, lines 10-15; and col 15, lines 29-34] service provider will instantiate a container/realm for the classified data, and a container/realm for the uncontrolled data, and populate each of such containers/realm with the relevant data. If the data/code received by the service provider is encrypted, the service provider may decrypt such data/code when it is instantiated in the appropriate container. That is, top-secret data/code may be decrypted when it is instantiated in a compartment within the service provider's TEE for top-secret information. Likewise, sensitive data/code may be decrypted when it is instantiated in a compartment within the service provider's TEE for sensitive data)
Smith teaches the manageability controller circuitry but does not explicitly disclose the following limitation which is disclosed by Hitchcock, a revocation manager circuitry to monitor a master key for revocation from the network source, wherein the master key includes the secret key, and wherein to monitor includes to determine whether the secret key has been removed by the network source (Hitchcock: see figure 1; column 8 lines 65-67, “the customer client device 160 may forward revocation data to the provider computing environment 110, for example, to define instructions, conditions, or a timeframe related to determining whether a customer's secret key material should be revoked (or are valid) for use”//Notes: the revocation data is used to monitor the secret key material; and column 14 lines 55-61, “the revocator 138 of the trusted execution environment 130 may perform a revocation check call to determine whether a specified customer key is still active and valid for use, as discussed above. If the revocation check call identifies that a specified customer key has been revoked, the revocator 138 revokes the secret customer key for use by the trusted execution environment 130.”).  Therefore, it would have been obvious to a person having ordinary skills in the art, before the effective filing date of the claimed invention, to incorporate the teaching of Hitchcock into the teachings of Smith to provide both digital and physical protection for digital key materials from unauthorized use and access, as taught by Hitchcock [col. 1 lines 18-20].  The combining of the teachings would have yielded predictable results to one of ordinary skills in the art.

Regarding to claims  26, 33 and 40,  they are rejected on same rational as claim  1.

Regarding to claim 11, Smith as modified further teaches the apparatus of claim 1, wherein to authenticate the secure enclave comprises to perform a local attestation to verify an identity of the secure enclave, ([Col 4, line 66, Col 5, lines 1-4]  the TTEMs described herein may permit a service provider to receive a trusted task request from a client, attest the service providers secure execution capabilities to the client, receive data and/or code to be operated on from the client, provision such data and/or code in a trusted execution environment) wherein the untrusted software comprises one or more of a pre-boot firmware environment, an operating system, or a hypervisor.  ([Col 4, lines 45-46]  a TEE is a secure environment that runs alongside (isolated) an operating system and which provides secure services to that operating system)

Regarding to claims 32 and 39, they are rejected on the same rational as claim 11.

Claims 3, 27, 34 and 41 are rejected under 35 U.S.C. 103 as being unpatentable over Smith in view of Hitchcock, and in further view of Hu et al. ( "Certificate Revocation Guard (CRG): An Efficient Mechanism for Checking Certificate Revocation," 2016 IEEE 41st Conference on Local Computer Networks (LCN), Dubai, 2016, pp. 527-530, doi: 10.1109/LCN.2016.84., hereinafter, Hu).

Regarding to claim 3, Smith in view of Hitchcock teaches The apparatus the revocation manager circuitry to determine whether the first session key has expired in response to the secure provisioning of the first session key to the secure enclave; ([Col 14, lines 31-35] In either case, a Sigma session may be made more temporal by appending a counter value to the basename (e.g., SessionID=CMAC(basename, counter). //Examiner remark: since the session key are temporal (set expiration time), it will generate second session key after first session expires.)
wherein to determine whether the secret key has been revoked comprises to communicate with the network source via a network interface that is isolated from the untrusted software
Smith in view of Hitchcock doesn’t explicitly teach wherein to securely provision the second session key comprises to securely provision the second session key in response to a determination that the secret key has not been revoked, 
Hu from analogues endeavor teaches wherein to securely provision the second session key comprises to securely provision the second session key in response to a determination that the secret key has not been revoked, ([Page 528, Fig 1 description] Furthermore, a new session key will be allowed only when there is a valid certificate/secret key)
Therefore, it would have been obvious to a person having ordinary skills in the art, before the effective filing date of the claimed invention, to incorporate the teaching of Hu into the teachings of Smith in view of Hitchcock to improve monitoring of certificate/key revocation in the network, as taught by Hu [Page 529, Col 1, Sec. A Data Collection].  The combining of the teachings would have yielded predictable results to one of ordinary skills in the art.

Regarding to claims 27, 34 and 41, they are rejected on the same rational as claim 3.

Claims 6, 29 and 36 are rejected under 35 U.S.C. 103 as being unpatentable over Smith in view of Hitchcock, and in further view of Vij et al. (US 20160381005 A1, hereinafter Vij)

Regarding to claim 6, Smith in view of Hitchcock teaches The apparatus of claim 1, wherein the manageability controller circuitry comprises a coprocessor having a network interface associated with the network source, ([Col 5, lines 21-22]  see manageability engine technology, a security co-processor, manageability engine (i.e. manageability controller circuitry);  [Col 5, lines 56-57] a communications interface (“Comms,” i.e., Comms 307/313) 
Smith in view of Hitchcock doesn’t explicitly teach wherein the network interface is isolated from the untrusted software.  
Vij from analogues endeavor teaches wherein the network interface is isolated from the untrusted software.  ([0019] the security engine 132 is also capable of communicating using the communication circuitry 130 or a dedicated communication circuit independently of the state of the computing device 100 (e.g., independently of the state of the main processor 120), also known as “out-of-band” communication.)
Therefore, it would have been obvious to a person having ordinary skills in the art, before the effective filing date of the claimed invention, to incorporate the teaching of  Vij to the teachings of Smith in view of Hitchcock the TTE use a sideband channel for more secure communication.  The combining of the teachings would have yielded predictable results to one of ordinary skills in the art. 

Regarding to claims 29 and 36, they are rejected on the same rational as claim 6.

Claims 8 and 9 are rejected under 35 U.S.C. 103 as being unpatentable over Smith in view of Hitchcock, and in further view of Elnekaveh et el. (US 20180365406 A1, Hereinafter, Elnekaveh)

Regarding to claim 8, The apparatus of claim 1, Smith in view of Hitchcock doesn’t explicitly teach further comprising a peripheral device to perform the cryptographic operation to receive encrypted data from the peripheral device, wherein the encrypted data is encrypted with the first or second session
ELNEKAVEH from analogues endeavor teaches further comprising a peripheral device to perform the cryptographic operation to receive encrypted data from the peripheral device, wherein the encrypted data is encrypted with the first or second session keys.  ([0019] With a shared secret between the secure processor and the peripheral device, a secure channel ( i.e. encrypted data) may be implemented and established between the secure processor and the peripheral device with reduced hardware and software complexity.)
Therefore, it would have been obvious to a person having ordinary skills in the art, before the effective filing date of the claimed invention, to incorporate the teaching of Elnekaveh to Smith in view of Hitchcock to provide a secure peripheral device verification so it won’t be exploited by an attacker, as taught by Elnekaveh [0003].  The combining of the teachings would have yielded predictable results to one of ordinary skills in the art.

Regarding to claim 9, The apparatus of claim 8, Smith in view of Hitchcock doesn’t explicitly teach wherein the local authenticator circuitry is further to securely provision the first or second session key to the peripheral device in response to the authentication of the secure enclave, wherein the session key is encrypted with the secret key, and wherein the secret key is pre-provisioned to the peripheral device, wherein the local authenticator circuitry is further to securely provision the first or second session  key to the peripheral device via a secure sideband channel in response to the authentication of the secure enclave.  
Elnekaveh teaches wherein the local authenticator circuitry is further to securely provision the first or second session key to the peripheral device in response to the authentication of the secure enclave, wherein the session key is encrypted with the secret key, and wherein the secret key is pre-provisioned to the peripheral device, ([0018] During manufacturing time, if no keys were previously exchanged with a peripheral device, a secure processer may auto-provision a shared secret or exchange asymmetric keys with one or more peripheral devices.  [0019] With a shared secret between the secure processor and the peripheral device, a secure channel (i.e. encrypted communication with a session key derived of shared secret key) may be implemented and established between the secure processor and the peripheral device with reduced hardware and software complexity)
wherein the local authenticator circuitry is further to securely provision the first or second session key to the peripheral device via a secure sideband channel in response to the authentication of the secure enclave.  (0030]With a shared secret between the secure processor 207 and the peripheral device 260, a secure channel 262 may be implemented and established between the secure processor 207 and the peripheral device 260 with reduced hardware or software complexity.)
Therefore, it would have been obvious to a person having ordinary skills in the art, before the effective filing date of the claimed invention, to incorporate the teaching of Elnekaveh to Smith in view of Hitchcock to provide a secure peripheral device verification so it won’t be exploited by an attacker, as taught by Elnekaveh [0003].  The combining of the teachings would have yielded predictable results to one of ordinary skills in the art.

Claims 30, 31, 37 and 38 are rejected under 35 U.S.C. 103 as being unpatentable over Smith in view of Hitchcock, and in further view of Vij et al. (US 20160381005 A1, hereinafter Vij), and in further view of  Elnekaveh et el. (US 20180365406 A1, Hereinafter, Elnekaveh)

Regarding to claim 30, The method of claim 29, the combination of Smith in view of Hitchcock and Vij don’t explicitly teach further comprising performing, by the manageability controller circuitry, the cryptographic operation to receive encrypted data from the peripheral device, wherein the encrypted data is encrypted with the first or second session keys.  
ELNEKAVEH from analogues endeavor teaches further comprising performing, by the manageability controller circuitry, the cryptographic operation to receive encrypted data from the peripheral device, wherein the encrypted data is encrypted with the first or second session keys.   ([0019] With a shared secret between the secure processor and the peripheral device, a secure channel ( i.e. encrypted data) may be implemented and established between the secure processor and the peripheral device with reduced hardware and software complexity.)
Therefore, it would have been obvious to a person having ordinary skills in the art, before the effective filing date of the claimed invention, to incorporate the teaching of Elnekaveh to Smith in view of Hitchcock and Vij to provide a secure peripheral device verification so it won’t be exploited by an attacker, as taught by Elnekaveh [0003].  The combining of the teachings would have yielded predictable results to one of ordinary skills in the art.

Regarding to claim  37, it is rejected on same rational as claim  30.

Regarding to claim 31, The method of claim 30, the combination of Smith in view of Hitchcock and Vij don’t explicitly teach  further comprising: securely provisioning, by the manageability controller circuitry, the first or second session keys to the peripheral device in response to the authentication of the secure enclave, wherein the session key is encrypted with the secret key, and wherein the secret key is pre-provisioned to the peripheral device; and securely provisioning, by the manageability controller circuitry, the first or second session keys to the peripheral device via a secure sideband channel in response to the authentication of the secure enclave.  
ELNEKAVEH from analogues endeavor teaches further comprising: securely provisioning, by the manageability controller circuitry, the first or second session keys to the peripheral device in response to the authentication of the secure enclave, wherein the session key is encrypted with the secret key, and wherein the secret key is pre-provisioned to the peripheral device;  and ([0018] During manufacturing time, if no keys were previously exchanged with a peripheral device, a secure processer may auto-provision a shared secret or exchange asymmetric keys with one or more peripheral devices.  [0019] With a shared secret between the secure processor and the peripheral device, a secure channel (i.e. encrypted communication with a session key derived of shared secret key) may be implemented and established between the secure processor and the peripheral device with reduced hardware and software complexity)
and securely provisioning, by the manageability controller circuitry, the first or second session keys to the peripheral device via a secure sideband channel in response to the authentication of the secure enclave.  ([0030]With a shared secret between the secure processor 207 and the peripheral device 260, a secure channel 262 may be implemented and established between the secure processor 207 and the peripheral device 260 with reduced hardware or software complexity.)
Therefore, it would have been obvious to a person having ordinary skills in the art, before the effective filing date of the claimed invention, to incorporate the teaching of Elnekaveh to Smith in view of Hitchcock and Vij to provide a secure peripheral device verification so it won’t be exploited by an attacker, as taught by Elnekaveh [0003].  The combining of the teachings would have yielded predictable results to one of ordinary skills in the art.

Regarding to claim  38, it is rejected on same rational as claim  31.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
US-10515317 - Machine Learning Algorithm for user engagement based on confidential data statistical information
US-10469265 – Technologies for secure inter0enclave communications
US-20170104597 - TECHNOLOGIES FOR END-TO-END BIOMETRIC-BASED AUTHENTICATION AND PLATFORM LOCALITY ASSERTION
US-10469265-B2 - Technologies For Secure Inter-Enclave Communications
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to TRANG T DOAN whose telephone number is (571)272-0740. The examiner can normally be reached Monday-Friday 7-4 ET.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn D Feild can be reached on (571)272-2092. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/TRANG T DOAN/Primary Examiner, Art Unit 2431