Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION
1. 	This Office Action is taken in response to Applicants’ Amendments and Remarks filed on 7/12/2016 regarding application 16/935,925 filed on 7/22/2020.  
2. 	Claims 1-20 are pending for consideration.

3.				Response to Amendments and Remarks 
	Applicants’ amendments and remarks have been fully and carefully considered, with the Examiner’s response set forth below.
	(1) In response to the amendments and remarks, an updated claim analysis has been made. Refer to the corresponding sections of the following Office Action for details.

4.					Examiner’s Note
(1) In the case of amending the Claimed invention, Applicant is respectfully requested to indicate the portion(s) of the specification which dictate(s) the structure relied on for proper interpretation and also to verify and ascertain the metes and bounds of the claimed invention. This will assist in expediting compact prosecution.  MPEP 714.02 recites: “Applicant should also specifically point out the support for any amendments made to the disclosure. See MPEP § 2163.06. An amendment which does not comply with the provisions of 37 CFR 1.121(b), (c), (d), and (h) may be held not fully responsive. See MPEP § 714.”  Amendments not pointing to specific support in the disclosure may be deemed as not complying with provisions of 37 C.F.R.  1.131(b), (c), (d), and (h) and therefore held not fully responsive.  Generic statements such as “Applicants believe no new matter has been introduced” may be deemed insufficient.
(2) Examiner has cited particular columns/paragraph and line numbers in the references applied to the claims above for the convenience of the applicant. Although the specified citations are representative of the teachings of the art and are applied to specific limitations within the individual claim, other passages and figures may apply as well. It is respectfully requested from the applicant in preparing responses, to fully consider the references in entirety as potentially teaching all or part of the claimed invention, as well as the context of the passage as taught by the prior art or disclosed by the Examiner.

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

5.	Claims 1-2, and 7-11 are rejected under 35 U.S.C. 102(a)(1) and 102(a)(2) as being anticipated by Frei et al. (US Patent Application Publication 2017/0195121, hereinafter Frei).
As to claim 1, Frei teaches A resource controller [server, figure 10. 1020] comprising: 
a first interface to communicate with an application executing on a processor coupled to the resource controller [as shown in figure 10, where the first interface is to communicate with a computing deice (1005a, 1005b, or 1005c) via a network (1040)]; 
a second interface to communicate with a system resource [as shown in figure 10, where the first interface is to communicate with one of the system resources (1022, 1024, 1026, 1028, or 1030) via a store (1016)]; and 
a processing device coupled to the first interface and the second interface [server, figure 10. 1020; processor, figure 2, 211], 
wherein the processing device is to: 
receive an application identifier (ID) from the application [identity provider, figure 1, 126; In a networked computing environment, a web application may use a trusted security token service to handle identification and authentication of client users, and to issue security tokens comprising identity claims required by the web application (¶ 0001)]; 
provide a current nonce to the application responsive to the application ID [the corresponding “current nonce” may be the “binding key” – According to another example, the binding key 118 is established during initial authentication. For example, when a client 112 sends an authentication request to the STS 110, the client 112 may include a request for a binding key 118. To provide secure transmission of the binding key 118 to the client 112, the client 112 may send the token binder's 114 public storage key to the STS 110 in the request for the binding key 118, which the STS 110 uses to send the binding key 118 to the client 112 encrypted with the token binder's public storage key that only the token binder 114 can decrypt using the token binder's private storage key. According to another example, the binding key 118 is established prior to authentication. For example, the STS 110 may send an encrypted binding key 118 to the client 112 in response to a request for the binding key 118 … (¶ 0032-0033); as shown in figure 3A, where the nonce generator (202) is used to feed a key generate (204) to produce a key (310); According to an aspect, the authentication client 130 includes at least one processor 212, a volatile memory 216 coupled to the at least one processor 212, and code 218 which is executable by the processor 212 to cause: a nonce generator 202 to generate nonces; a MAC generator 206 to build MACs using keys stored or generated by the token binder 114; an encryptor/decryptor 214 to encrypt and decrypt messages using keys stored or generated by the token binder 114; an authenticator 222 to verify the integrity of a received input message; a concatenator 224 to concatenate MACs, messages, and nonces, and a secure I/O interface 220 to manage communications and route messages to the appropriate authentication client 130 … (¶ 0045-0046); it is noted that based on the broadest, reasonable interpretation set forth by MPEP, a “nonce” is merely a “number.” Therefore, any number, including the “binding key,” may qualify as a nonce as far as claim 1 is concerned]; and 
provide the application access to the system resource responsive to determining that a hash of a current key received from the application equals a current tag [Binding a security token to a client token binder, such as a trusted platform module, is provided. A bound security token can only be used on the client on which it was obtained. A secret binding key (k.sub.bind) is established between the client and an STS. The client derives a key (k.sub.mac) from k.sub.bind, signs a security token request with k.sub.mac, and instructs the STS to bind the requested security token to k.sub.bind. The STS validates the request by deriving k.sub.mac using a client-provided nonce and k.sub.bind to MAC the message and compare the MAC values. If the request is validated, the STS generates a response comprising the requested security token, derives two keys from k.sub.bind: one to sign the response and one to encrypt the response, and sends the response to the client. Only a device comprising k.sub.bind is enabled to use the bound security token, providing increased security (abstract); The STS 110 is operative to authenticate the client user 120, and query the identity store 126 for determining what resources the authenticated user 120 is allowed to access and what operations are allowed to be performed on those resources, for example, based on user roles … Once the response 105 is received and decrypted, the client 112 includes the TGT 104 in a service token request 106, and transmits the service token request 106 to the STS 110 requesting a service token 107 representing the identity of the client user 120 and enabling access to an RP 122 … If the client user 120 is authorized to access the requested RP 122, the STS 110 generates a service token 107, and sends the service token 107 in a response 108 to the client 112, wherein the response 108 comprising the service token 107 is encrypted with the key derived from the binding key 118, and wherein the service token 107 includes information that provides the RP 122 with claims it needs to provide services to the user 120. The client 112 is enabled to make a request 109 to the RP 122 including the security token 107 issued by the STS 110. If the RP 122 understands the security token 107 and finds the claims it needs to authenticate and authorize the user 120, it provides the protected resource to the client 112 (¶ 0036-0040); … According to an example, the key generator 204 is operative to construct a KDF using a keyed-hash message authentication code (HMAC) PRF or a symmetric key cipher (¶ 0043); … While MACs are oftentimes generated with hashes using a hash-based MAC algorithm (HMAC), MACs can be generated using other symmetric key algorithms, such as block ciphers (e.g., AES-CMAC). MAC values are both generated (by the client 112) and verified (by the STS 110) using the same secret key (i.e., the key derived from the binding key 118) (¶ 0047); The authenticator 222 is illustrative of a software module, system, or device operative to verify the integrity of a received input message by comparing a received MAC generated by the STS 110 to a client-side calculated MAC. Since a MAC depends on all the bits in the input message, any alteration (e.g., forgeries, unauthorized alterations) of the input message during transmission would cause the client-side calculated MAC to not match with its original STS-calculated MAC. If the MACs match, the message authenticator 222 is operative to authenticate the input message as coming from the alleged sender (STS 110) (¶ 0049)], wherein the current key is generated by the application based on code of the application and the current nonce [as shown in figure 3A, where a key generator (204) generates keys using nounces provided by the nonce generator (202); According to an aspect, the nonce generator 202 is illustrative of a software module, system, or device that is operative to generate nonce values for key derivation, wherein each nonce value may only be used once with a given key … (¶ 0046)], and wherein the current tag was previously provided from the application to the resource controller [The authenticator 222 is illustrative of a software module, system, or device operative to verify the integrity of a received input message by comparing a received MAC generated by the STS 110 to a client-side calculated MAC. Since a MAC depends on all the bits in the input message, any alteration (e.g., forgeries, unauthorized alterations) of the input message during transmission would cause the client-side calculated MAC to not match with its original STS-calculated MAC. If the MACs match, the message authenticator 222 is operative to authenticate the input message as coming from the alleged sender (STS 110) (¶ 0049)]
As to claim 2, Frei teaches The resource controller of claim 1, wherein the current tag, provided from the application, was hashed using the current key by the application [… According to an example, the key generator 204 is operative to construct a KDF using a keyed-hash message authentication code (HMAC) PRF or a symmetric key cipher (¶ 0043); … While MACs are oftentimes generated with hashes using a hash-based MAC algorithm (HMAC), MACs can be generated using other symmetric key algorithms, such as block ciphers (e.g., AES-CMAC). MAC values are both generated (by the client 112) and verified (by the STS 110) using the same secret key (i.e., the key derived from the binding key 118) (¶ 0047)].
As to claim 7, Frei teaches The resource controller of claim 1, wherein the system resource is a non-volatile memory (NVM) device and the resource controller is a NVM controller [FIG. 8 is a diagram illustrating physical components (i.e., hardware) of a computing device 800 with which examples of the present disclosure are to be practiced. In a basic configuration, the computing device 800 includes at least one processing unit 802 and a system memory 804. According to an aspect, depending on the configuration and type of computing device, the system memory 804 comprises, but is not limited to, volatile storage (e.g., random access memory), non-volatile storage (e.g., read-only memory), flash memory, or any combination of such memories … (¶ 0135)].
As to claim 8, Frei teaches The resource controller of claim 1, wherein the system resource is a cryptographic engine [According to examples, the client 112 comprises an authentication client 130, operative to provide cryptographic operations (e.g., decryption, encryption, random number generation, authentication). Components included in an example authentication client 130 are described below with reference to FIG. 2 (¶ 0027)].
As to claim 9, Frei teaches The resource controller of claim 1, wherein the system resource is a peripheral device [In other examples, the token binder 114 is embodied as a virtual TPM (vTPM), which is illustrative of a hardware system or device physically and operatively attached to a virtual machine or a software module running on a virtual machine operative to provide TPM services to the virtual machine running on top of a hypervisor, which emulates a client's 112 central processing unit (CPU), memory, hard disk, network, and other hardware resources (¶ 0029)].
A s to claim 10, it recites substantially the same limitations as in claim 1, and is rejected for the same reasons set forth in the analysis of claim 1. Refer to "As to claim 1" presented earlier in this Office Action for details.
As to claim 11, it recites substantially the same limitations as in claim 2, and is rejected for the same reasons set forth in the analysis of claim 2. Refer to "As to claim 2" presented earlier in this Office Action for details.
A s to claim 19, it recites substantially the same limitations as in claim 1, and is rejected for the same reasons set forth in the analysis of claim 1. Refer to "As to claim 1" presented earlier in this Office Action for details.
As to claim 20, it recites substantially the same limitations as in claim 2, and is rejected for the same reasons set forth in the analysis of claim 2. Refer to "As to claim 2" presented earlier in this Office Action for details.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

6.	Claims 3-6, and 12-18 are rejected under 103 as being unpatentable over Frei et al. (US Patent Application Publication 2017/0195121, hereinafter Frei), and in view of Yang et al. (US Patent Application Publication 2007/0101412, hereinafter Yang).
As to claim 3, Frei teaches The resource controller of claim 1, further comprising a memory device coupled to the processing device, wherein the processing device is to store a table in the memory device, wherein the table comprises information for each application registered to the resource controller [as shown in figures 5A, 5B, 5C, and 6]. 
Regarding claim 3, Frei does not expressively teaches using a table comprises information for each application registered to the resource controller.
However, figures 5A, 5B, 5C, and 6 provide similar kind of information.
Further, Yang specifically teaches using a table comprises information for each application registered to the resource controller [as shown in figure 4; … As shown in FIG. 4, each server 402 maintains a nonce table 404. Through a sticky load balancer, a client is assigned to the same server. In this way, the nonce table 404 can be maintained in a local memory, such as the random access dynamic memory of the server 402, without system wide sharing. Multiple components on the same client, for example components 1-3 (412, 414, and 416) can get different nonce from the same server. For example, nonce 1, nonce 2, and nonce 3 are created for component 1, component 2, and component 3 of client 1, respectively. Similarly, nonce 4, nonce 5, and nonce 6 are created for component 1, component 2, and component 3 of client 2, respectively. Each nonce count can be incremented independently. As a result, client applications do not need to manage nonce sharing among different components. This mechanism allows more efficient and simpler client implementation (¶ 0031)].
Therefore, it would have been obvious to one having ordinary skill in the art at the time of Applicant’s invention to use a table comprises information for each application registered to the resource controller, as demonstrated by Yang, and to incorporate it into the existing scheme disclosed by Frei, because Yang teaches doing so allows more efficient and simpler client implementation [… As shown in FIG. 4, each server 402 maintains a nonce table 404. Through a sticky load balancer, a client is assigned to the same server. In this way, the nonce table 404 can be maintained in a local memory, such as the random access dynamic memory of the server 402, without system wide sharing. Multiple components on the same client, for example components 1-3 (412, 414, and 416) can get different nonce from the same server. For example, nonce 1, nonce 2, and nonce 3 are created for component 1, component 2, and component 3 of client 1, respectively. Similarly, nonce 4, nonce 5, and nonce 6 are created for component 1, component 2, and component 3 of client 2, respectively. Each nonce count can be incremented independently. As a result, client applications do not need to manage nonce sharing among different components. This mechanism allows more efficient and simpler client implementation (¶ 0031)].
As to claim 4, Frei in view of Yang teaches The resource controller of claim 1, further comprising a memory device coupled to the processing device, wherein the processing device is to: store the application ID, the current nonce, and the current tag in the memory device [Frei -- identity provider, figure 1, 126; figures 5A, 5B, 5C, and 6; In a networked computing environment, a web application may use a trusted security token service to handle identification and authentication of client users, and to issue security tokens comprising identity claims required by the web application (¶ 0001); Yang – figure 4]; mark the application ID, the current nonce, and the current tag as valid [Yang – 3. check the nonce and nonce count. The nonce is verified to be valid and the nonce count has not been repeated … (¶ 0045)]; store the application ID and a new nonce [Frei -- identity provider, figure 1, 126; figures 5A, 5B, 5C, and 6; In a networked computing environment, a web application may use a trusted security token service to handle identification and authentication of client users, and to issue security tokens comprising identity claims required by the web application (¶ 0001); Yang – figure 4]; and mark the application ID and the new nonce as invalid [Yang -- … then, the server creates a new nonce and the new nonce is sent back to the device in a response. The status of the response is set to "invalid_nonce" to indicate a new nonce is included … (¶ 0061-0062)].
As to claim 5, Frei in view of Yang teaches The resource controller of claim 1, further comprising a memory device coupled to the processing device, wherein the processing device is to: store the application ID, the current nonce, the current tag, and a second nonce in the memory device [Frei -- identity provider, figure 1, 126; figures 5A, 5B, 5C, and 6; figure 3B shows two nonces (308 and 322); In a networked computing environment, a web application may use a trusted security token service to handle identification and authentication of client users, and to issue security tokens comprising identity claims required by the web application (¶ 0001); Yang – figure 4 shows a plurality of nonces], wherein the current nonce is an authentication nonce and the second nonce is an encryption nonce or a message authentication code (MAC) nonce [Frei -- When the security token service receives the request, the security token service validates the request by deriving the first key using a client-provided nonce value and the binding key to generate a Message Authentication Code (MAC) of the message and compare the MAC values. If the request is validated and the client is authenticated, the security token service generates a response message comprising the requested security token, derives a second key from the binding key to sign the response message, derives a third key from the binding key to encrypt the response message, and sends the response to the client. As stated above, only a device comprising the binding key is enabled to use the bound security token, providing increased security (¶ 0005); The key generator 204 is further operative to produce a third derived key (k.sub.mac2 324). For example, the key generator 204 applies the PRF 205 to the binding key 118 along with an STS-provided nonce value (nonce.sub.mac2 322), and produces a derived key (k.sub.mac2 324), which can be used as a cryptographic key in subsequent authentication operations … (¶ 0053)]; mark the application ID, the current nonce, the current tag, and the second nonce as valid [Yang – 3. check the nonce and nonce count. The nonce is verified to be valid and the nonce count has not been repeated … (¶ 0045)]; store the application ID, a new authentication nonce, and a third nonce, wherein the third nonce is a new encryption nonce or MAC nonce [Frei -- identity provider, figure 1, 126; figures 5A, 5B, 5C, and 6; figure 3B shows two nonces (308 and 322); In a networked computing environment, a web application may use a trusted security token service to handle identification and authentication of client users, and to issue security tokens comprising identity claims required by the web application (¶ 0001); According to examples, the client 112 comprises an authentication client 130, operative to provide cryptographic operations (e.g., decryption, encryption, random number generation, authentication). Components included in an example authentication client 130 are described below with reference to FIG. 2 (¶ 0027); When the security token service receives the request, the security token service validates the request by deriving the first key using a client-provided nonce value and the binding key to generate a Message Authentication Code (MAC) of the message and compare the MAC values. If the request is validated and the client is authenticated, the security token service generates a response message comprising the requested security token, derives a second key from the binding key to sign the response message, derives a third key from the binding key to encrypt the response message, and sends the response to the client. As stated above, only a device comprising the binding key is enabled to use the bound security token, providing increased security (¶ 0005); Yang – figure 4 shows a plurality of nonces]; and mark the application ID, the new authentication nonce, and the third nonce as invalid [Yang -- … then, the server creates a new nonce and the new nonce is sent back to the device in a response. The status of the response is set to "invalid_nonce" to indicate a new nonce is included … (¶ 0061-0062)].
As to claim 6, Frei in view of Yang teaches The resource controller of claim 1, further comprising a memory device coupled to the processing device, wherein the processing device is to: store the application ID, the current nonce, the current tag, a second nonce, and a third nonce in the memory device, wherein the current nonce is an authentication nonce, the second nonce is an encryption nonce, and the third nonce is a message authentication code (MAC) nonce [Frei -- identity provider, figure 1, 126; figures 5A, 5B, 5C, and 6; figure 3B shows two nonces (308 and 322); In a networked computing environment, a web application may use a trusted security token service to handle identification and authentication of client users, and to issue security tokens comprising identity claims required by the web application (¶ 0001); When the security token service receives the request, the security token service validates the request by deriving the first key using a client-provided nonce value and the binding key to generate a Message Authentication Code (MAC) of the message and compare the MAC values. If the request is validated and the client is authenticated, the security token service generates a response message comprising the requested security token, derives a second key from the binding key to sign the response message, derives a third key from the binding key to encrypt the response message, and sends the response to the client. As stated above, only a device comprising the binding key is enabled to use the bound security token, providing increased security (¶ 0005); The key generator 204 is further operative to produce a third derived key (k.sub.mac2 324). For example, the key generator 204 applies the PRF 205 to the binding key 118 along with an STS-provided nonce value (nonce.sub.mac2 322), and produces a derived key (k.sub.mac2 324), which can be used as a cryptographic key in subsequent authentication operations … (¶ 0053); Yang – figure 4 shows a plurality of nonces]; and mark the application ID, the current nonce, the current tag, the second nonce, and the third nonce as valid [Yang – 3. check the nonce and nonce count. The nonce is verified to be valid and the nonce count has not been repeated … (¶ 0045)].
As to claim 12, it recites substantially the same limitations as in claim 5, and is rejected for the same reasons set forth in the analysis of claim 5. Refer to "As to claim 5" presented earlier in this Office Action for details.
As to claim 13, it recites substantially the same limitations as in claim 5, and is rejected for the same reasons set forth in the analysis of claim 5. Refer to "As to claim 5" presented earlier in this Office Action for details.
As to claim 14, it recites substantially the same limitations as in claim 5, and is rejected for the same reasons set forth in the analysis of claim 5. Refer to "As to claim 5" presented earlier in this Office Action for details.
As to claim 15, it recites substantially the same limitations as in claim 5, and is rejected for the same reasons set forth in the analysis of claim 5. Refer to "As to claim 5" presented earlier in this Office Action for details.
As to claim 16, it recites substantially the same limitations as in claim 5, and is rejected for the same reasons set forth in the analysis of claim 5. Refer to "As to claim 5" presented earlier in this Office Action for details.
As to claim 17, it recites substantially the same limitations as in claim 5, and is rejected for the same reasons set forth in the analysis of claim 5. Refer to "As to claim 5" presented earlier in this Office Action for details.
As to claim 18, it recites substantially the same limitations as in claim 5, and is rejected for the same reasons set forth in the analysis of claim 5. Refer to "As to claim 5" presented earlier in this Office Action for details.

Conclusion
7.	Claims 1-20 are rejected as explained above. 
8. 	THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
9.	Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHENG JEN TSAI whose telephone number is 571-272-4244.  The examiner can normally be reached on Monday-Friday, 9-6.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Charles Rones can be reached on 571-272-4085. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).
/SHENG JEN TSAI/Primary Examiner, Art Unit 2136                                                                                                                                                                                                        
July 13, 2022