DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Continued Examination Under 37 CFR 1.114
A request for continued examination (RCE) under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on May 16, 2022 has been entered.
 Response to Amendments
	This office action is responsive to application 16/598,428 and the RCE filed on May 16, 2022.  Claims 1-2, 7-8, 13-14, and 18 were amended, and claims 1-20 remain pending in the application.
Response to Arguments
	The Examiner has fully considered the Applicant’s arguments filed with the RCE, and the Examiner responds as provided below.
	Regarding the Applicant’s response at page 6 of the Remarks that concerns the § 112(b) rejection, the issue of reciting “aware” remains for dependent claims 2, 8, and 14.  Regarding the use of the forward slash for “encryption/decryption,” the amended claims adequately address the issue and the § 112(b) rejection is withdrawn in this regard.
	Regarding the Applicant’s response at pages 7-10 of the Remarks that concerns the § 103 rejection of independent claim 1, and by inference independent claims 7, 13, and 18, the Applicant’s arguments in conjunction with the claim amendments are persuasive, and consequently the Examiner conducted a new prior art search. The Applicant’s arguments are now moot with respect to the independent claims because the arguments do not apply to one of the references currently used in the rejection of the aforementioned claims as detailed below.
	Regarding the Applicant’s response at page 10 of the Remarks that concerns the § 103 rejection of the dependent claims 2-6, 8-12, 14-17, and 19-20, the argument for patentability rests upon the argument presented for the corresponding independent claims.  Because the independent claims are not patentable over the prior art of record, the dependent claims are similarly not allowable.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Dependent claims 2, 8, and 14, and thus their dependent claims 2-6, 8-12, 14-17, and 19-20, are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.  
Each of the these claims recites the limitation, the DP accelerator is “not aware” of a functionality type of the kernel.  The claims are indefinite under § 112(b) because “aware” may be defined as “having knowledge; conscious; cognizant,” which typically encompasses a human condition.  In contrast, a DP accelerator is a lifeless computer component, and the meaning of “aware” with respect to computer components is not clear.  In other words, what does it mean for a computer component to be “aware?”  
To overcome this rejection, the claim limitation should be reworded to place this limitation within the appropriate context of computers, or alternatively, stated without the use of a negative limitation that relies upon “not.”  For example, computers possess memory, and perhaps the “functionality type of the kernel” is not stored within the memory of the DP accelerator.  Alternatively, it appears the recited phrase associated with “aware” may be removed from these claims without affecting the scope of the claimed invention.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.


Claim 7 is rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter.  The claim does not fall within at least one of the four categories of patent eligible subject matter because the “data processing accelerator” can consist solely of software, and “a memory to store instructions to be executed by the DP accelerator” can consist of a transitory storage.  Thus, claim 7 may claim software per se.  Similarly, claims 8-12 also fail to recite any elements that comprise structure to remove the claims from the purview of software per se, and thus these claims are also rejected under § 101. This § 101 rejection of claims 7-12 can be overcome by amending claim 7 to recite “a non-transitory memory.” 
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The following conventions apply to the mapping of the prior art to the claims:
Italicized text – claim language.
Parenthetical plain text – Examiner’s citation and explanation.
Quotation marks – language quoted from a prior art reference.
Underlining – language quoted from a claim.
Brackets – material altered from either a prior art reference or a claim, which includes the Examiner’s explanation that relates a claim limitation to the quoted material of a reference.
Braces – a limitation taught by another reference, but the limitation is presented with the mapping of the instant reference for context.
Numbered footnote – a first phrase to be moved upwards to the primary reference analysis.
Lettered footnote – a second phrase to be moved after the movement of the first phrase from which it was lifted, or more succinctly, move numbered material first, lettered material last.
A.	Claims 1-3, 7-9, 13-15, and 18-19 are rejected under 35 U.S.C. 103 as being unpatentable over Stufflebeam et al. (US 2011/0225431, “Stufflebeam”) in view of Isaakian et al. (US 2009/0119503, “Isaakian”).
Regarding Claim 1
Stufflebeam discloses
A computer-implemented method (abstract, ¶ [0009], “In accordance with another embodiment of the present disclosure, a method for encryption and decryption of data…”) of a data processing (DP) accelerator encrypting or decrypting input data (Figs. 1 & 2, ¶ [0036], “Encryption accelerator 116 [that acts a data processing (DP) accelerator] may be communicatively coupled to I/O controller 116 and may comprise any system, device, or apparatus configured to encrypt data [as input data] for storage on one or more of storage resources 114, and/or decrypt data [as input data] read from one or more of storage resources 114.”), 
the method comprising: 
receiving, from a host device (Figs. 1 & 2, ¶ [0038], “For example, processor 103 [that acts as a host device] or another component of information handling system 102 may execute application 202, device driver 204, and/or middleware 206 to facilitate encryption and decryption;” and ¶ [0027], “storage resources 114 [as part of the host device] communicatively coupled to I/O controller 108 via respective busses 112, and an encryption accelerator 116.”), 
a command (¶ [0008], “receive a command from the processor [as a host device] to perform an encryption or decryption task upon data associated with an input/output operation, and in response to receiving the command, encrypt or decrypt the data associated with the input/output operation based on a particular one of the plurality of cryptographic functions;”), 
the input data, and…1 (¶¶ [0042]-[0043], “In addition to the foregoing, in connection with an I/O operation, application 202 may instruct encryption accelerator 116 [via a receiv[ed] command] to perform an encryption or decryption task [via the command];” “encryption accelerator 116 may encrypt or decrypt [input] data [that is receiv[ed] and] associated with the I/O operation;” and ¶¶ [0012]-[0013], “…in response to detection of an input/output operation, communicate a command to an encryption [DP] accelerator communicatively coupled to the processor [as the host device] to perform an encryption or decryption task upon data associated with an input/output operation.”); 
a … provided to the DP accelerator (¶ [0027], “storage resources 114 [as part of the host device] communicatively coupled to I/O controller 108 via respective busses 112, and an encryption accelerator 116,” i.e., the “hardware image”/kernel of Isaakian ¶¶ [0030]-[0033] is stored in the “storage resources” and then provided to the “encryption accelerator 116/DP accelerator),
in response to the DP accelerator receiving the command (¶¶ [0008], [0012]-[0013], [0042]-[0043]): 
encrypting by the DP accelerator the input data using {the encryption kernel} (¶ [0038], “…input/output operations involving storage resources 114 (e.g., read and write operations) are encrypted or decrypted by an encryption task executed by encryption [DP] accelerator 116 based on a specified cryptographic function [that is implemented via the encryption kernel as disclosed by Isaakian Fig. 3, ¶¶ [0030]-[0033]] and/or encryption key;” and ¶¶ [0042]-[0043], “In addition to the foregoing, in connection with an I/O operation, application 202 may instruct encryption accelerator 116 to perform an encryption or decryption task…,” and “…encryption [DP] accelerator 116 may encrypt or decrypt [input] data associated with the I/O operation.”), 
in response to the command being “encrypt” (¶ [0008], “receive a command from the processor to perform an encryption or decryption task upon data associated with an input/output operation, and in response to receiving the command, encrypt or decrypt the data associated with the input/output operation based on a particular one of the plurality of cryptographic functions;” and ¶ [0039], “Middleware 206 may serve as an interface between application 202 and cryptoprocessor 110 allowing application 202 to interact with cryptoprocessor 110 (e.g., device driver 204 may provide an application programming interface to application 202 that translates generalized commands or instructions into those that may be recognized by encryption accelerator 116).”); and 
decrypting the input data using the decryption kernel (¶ [0038], “…input/output operations involving storage resources 114 (e.g., read and write operations) are encrypted or decrypted by an encryption [or decryption] task executed by encryption accelerator 116 [that can both encrypt and decrypt] based on a specified cryptographic function [that is implemented via the decryption kernel as disclosed by Isaakian Fig. 3, ¶¶ [0030]-[0033]] and/or encryption key;” and ¶¶ [0042]-[0043], “In addition to the foregoing, in connection with an I/O operation, application 202 may instruct encryption accelerator 116 to perform an encryption or decryption task…,” and “…encryption [DP] accelerator 116 may encrypt or decrypt [input] data associated with the I/O operation.”) 
in response to the command being “decrypt” (¶ [0008], “receive a command from the processor to perform an encryption or decryption task upon data associated with an input/output operation, and in response to receiving the command, encrypt or decrypt the data associated with the input/output operation based on a particular one of the plurality of cryptographic functions;” and ¶ [0039], “Middleware 206 may serve as an interface between application 202 and cryptoprocessor 110 allowing application 202 to interact with cryptoprocessor 110 (e.g., device driver 204 may provide an application programming interface to application 202 that translates generalized commands or instructions into those that may be recognized by encryption accelerator 116).”); and 
transmitting the encrypted, or decrypted, input data to the host device (Fig. 1, ¶ [0043], “After encryption or decryption of data, data may be stored [after its transmit[ssion]] to a storage resource 114,” where the host device comprises the processor 103 and storage, i.e., “storage resource 114”).
Stufflebeam doesn’t disclose
	1 …a kernel, wherein the kernel is an encryption or decryption kernel…a, and wherein a functionality of the DP accelerator is determined by a functionality type of the encryption kernel or the decryption kernel;
Isaakian, however, discloses
	1 …a kernel (Fig. 3, ¶¶ [0030]-[0031], “The programmable hardware component 302 [i.e., the DP accelerator as disclosed by Stufflebeam Figs. 1 & 2, ¶ [0036]] may be any hardware component that is updatable and/or programmable [when it receives a kernel that is a piece of code];” and ¶¶ [0032]-[0033], “The programmable hardware component 302 may operate according to a hardware image [as a kernel]. The hardware image may define the interconnections between and/or among the logic gates of the programmable hardware component 302. The hardware image [or kernel] may be loaded onto the hardware programmable component.”), 
wherein the kernel is an encryption or decryption kernel…a (¶¶ [0025]-[0027], “The encrypted portion 210 may include a hardware image 212 and/or executable code 214. The hardware image 212 may include data indicative of the operation of a programmable hardware component 302 (see FIG. 3), such as a Field Programmable Gate Array (FPGA), for example;” and “The hardware image 212 may define the operation of the FPGA. For example, the hardware image 212 [as the kernel] when loaded [and thereby provided to and] on an FPGA [as a DP accelerator] may enable a cryptographic function, such as the encryption and/or decryption of data;” i.e., the image “loaded” can be an encryption image/kernel or decryption image/kernel), and 
wherein a functionality of the DP accelerator is determined by a functionality type of the encryption kernel or the decryption kernel (¶¶ [0025]-[0027], “For example, the hardware image 212 [as the kernel] when loaded on an FPGA [as a DP accelerator] may enable a cryptographic function, such as the encryption and/or decryption of data,” e.g., when the cryptographic function enables the FPGA to encrypt data, the functionality of the DP accelerator is determined by the functionality type of the encryption kernel);
Regarding the combination of Stufflebeam and Isaakian, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the cryptography system of Stufflebeam to have included the kernel feature of Isaakian. One of ordinary skill in the art would have been motivated to incorporate the kernel feature of Isaakian because Isaakian teaches that “The functionality of the cryptographic device … may be changed to conform with the updated cryptographic algorithms. For example, cryptographic algorithms may be updated to improve security, patch vulnerabilities, improve efficiency, or the like.”  See Isaakian ¶ [0018].
Regarding Claim 2
Stufflebeam in view of Isaakian (“Stufflebeam-Isaakian”) discloses the method of claim 1, and Stufflebeam further discloses
wherein the DP accelerator is a general purpose processor or an artificial intelligence (AI) accelerator (¶ [0012], “communicate a command to an encryption accelerator communicatively coupled to the processor to perform an encryption or decryption task,” and ¶ [0032], “apparatus configured to serve as an interface and/or hub between processor 103 and certain components of information handling system 102 (e.g., cryptoprocessor 110,” i.e., the “processor 103” is distinguished from the “cryptoprocessor 110,” and thus is a general purpose processor) and the DP accelerator is not aware that the type of functionality of the kernel is encryption or decryption (¶ [0012], “…in response to detection of an input/output operation, communicate a command to an encryption accelerator communicatively coupled to the processor to perform an encryption or decryption task upon data associated with an input/output operation,” i.e., the accelerator was “not aware” of the functionality of encryption/decryption until receiving a communication after detection of an operation to that effect),
and the method further comprising exchanging one or more keys with the host device (¶ [0036], “encryption accelerator 116 may serve as a general purpose encryption accelerator that is configured to execute multiple cryptographic functions (e.g., encryption algorithms, algorithm modes, cryptographic hashes, and/or cryptographic sign functions), and/or may be configured to load encryption keys (e.g., encryption keys provided [via exchanging] by a software program [operating within the host device] or other entity or encryption keys stored and/or generated by cryptoprocessor 110) for encryption tasks”).  
Regarding Claim 3
Stufflebeam-Isaakian discloses the method of claim 2, and Stufflebeam further discloses 
further comprising establishing …1 between the host device (Figs. 1 & 2, ¶ [0038]) and the DP accelerator (Figs. 1 & 2, ¶ [0036]) using at least one of the one or more of the keys (¶ [0036]).
Isaakian further discloses
	1 …a secure link… (¶ [0020], “While being transported, the configuration package 106 may be in an unsecured environment,” but “For example, parts of the configuration package 106 may be encrypted [using keys to thereby create a secure link] and/or digitally signed.”)
	Regarding the combination of Stufflebeam and Isaakian, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the encryption system of Stufflebeam to have included the secure link feature of Isaakian. One of ordinary skill in the art would have been motivated to incorporate the secure link feature of Isaakian because Isaakian teaches the desirability of a secure link to address the “unsecured environment.”  See Isaakian ¶ [0020].
Regarding Independent Claim 7
Stufflebeam discloses
A data processing (DP) accelerator (Figs. 1 & 2, ¶ [0036], “Encryption accelerator 116” that acts a data processing (DP) accelerator), comprising: 
a memory to store instructions to be executed by the DP accelerator (¶¶ [0028]-[0029], “In some embodiments, processor 103 may interpret and/or execute program instructions and/or process data stored and/or communicated by one or more of memory system 104, storage medium 106, and/or another component of information handling system 102.”);
an interface to receive (Figs. 1 & 2, ¶ [0036], “Encryption accelerator 116 may be communicatively coupled [via an interface] to I/O controller 116 [to receive] …”) 
a command (¶ [0008], “receive a command from the processor to perform an encryption or decryption task upon data associated with an input/output operation, and in response to receiving the command, encrypt or decrypt the data associated with the input/output operation based on a particular one of the plurality of cryptographic functions;”), 
the input data, and …1 (¶¶ [0042]-[0043], “In addition to the foregoing, in connection with an I/O operation, application 202 may instruct encryption accelerator 116 [via a receiv[ed] command] to perform an encryption or decryption task [via the command];” “encryption accelerator 116 may encrypt or decrypt [input] data [that is receiv[ed] and] associated with the I/O operation;” and ¶¶ [0012]-[0013], “…in response to detection of an input/output operation, communicate a command to an encryption [DP] accelerator communicatively coupled to the processor to perform an encryption or decryption task upon data associated with an input/output operation.”)
from a host device (Figs. 1 & 2, ¶ [0038], “For example, processor 103 [that acts as a host device] or another component of information handling system 102 may execute application 202, device driver 204, and/or middleware 206 to facilitate encryption and decryption;” ¶ [0027], “storage resources 114 [as part of the host device] communicatively coupled to I/O controller 108 via respective busses 112, and an encryption accelerator 116;” ¶¶ [0042]-[0043], “encryption accelerator 116 may encrypt or decrypt [input] data [that is receiv[ed] and] associated with the I/O operation;” and ¶¶ [0012]-[0013], “…in response to detection of an input/output operation, communicate a command to an encryption [DP] accelerator communicatively coupled to the processor [as the host device] to perform an encryption or decryption task upon data associated with an input/output operation.”), 
wherein {the kernel} is provided to the DP accelerator (¶ [0027], “storage resources 114 [as part of the host device] communicatively coupled to I/O controller 108 via respective busses 112, and an encryption accelerator 116,” i.e., the “hardware image”/kernel of Isaakian ¶¶ [0030]-[0033] is stored in the “storage resources” and then provided to the “encryption accelerator 116/DP accelerator),
2 …; and 
a security unit (¶ [0033], “Cryptoprocessor 110 [as the security unit] may be communicatively coupled to I/O controller 110 and may include any system, device, or apparatus configured to carry out cryptographic operations on data communicated via I/O controller 108;” and ¶ [0040], “cryptoprocessor 110 to provide an encryption key stored on cryptoprocessor 110 for the encryption or decryption task”), 
in response to the DP accelerator receiving the command (¶¶ [0008], [0012]-[0013], [0042]-[0043]), 
configured to encrypt the input data using {the encryption kernel} (¶ [0038], “…input/output operations involving storage resources 114 (e.g., read and write operations) are encrypted or decrypted by an encryption task executed by encryption [DP] accelerator 116 based on a specified cryptographic function [that is implemented via the encryption kernel as disclosed by Isaakian Fig. 3, ¶¶ [0030]-[0033]] and/or encryption key;” and ¶¶ [0042]-[0043], “In addition to the foregoing, in connection with an I/O operation, application 202 may instruct encryption accelerator 116 to perform an encryption or decryption task…,” and “…encryption [DP] accelerator 116 may encrypt or decrypt [input] data associated with the I/O operation.”), 
in response to the command being “encrypt” (¶ [0008], “receive a command from the processor to perform an encryption or decryption task upon data associated with an input/output operation, and in response to receiving the command, encrypt or decrypt the data associated with the input/output operation based on a particular one of the plurality of cryptographic functions;” and ¶ [0039], “Middleware 206 may serve as an interface between application 202 and cryptoprocessor 110 allowing application 202 to interact with cryptoprocessor 110 (e.g., device driver 204 may provide an application programming interface to application 202 that translates generalized commands or instructions into those that may be recognized by encryption accelerator 116).”), and
decrypt the input data using the decryption kernel (¶ [0038], “…input/output operations involving storage resources 114 (e.g., read and write operations) are encrypted or decrypted by an encryption [or decryption] task executed by encryption accelerator 116 [that can both encrypt and decrypt] based on a specified cryptographic function [that is implemented via the decryption kernel as disclosed by Isaakian Fig. 3, ¶¶ [0030]-[0033]] and/or encryption key;” and ¶¶ [0042]-[0043], “In addition to the foregoing, in connection with an I/O operation, application 202 may instruct encryption accelerator 116 to perform an encryption or decryption task…,” and “…encryption [DP] accelerator 116 may encrypt or decrypt [input] data associated with the I/O operation.”) 
in response to to the command being “decrypt” (¶ [0008], “receive a command from the processor to perform an encryption or decryption task upon data associated with an input/output operation, and in response to receiving the command, encrypt or decrypt the data associated with the input/output operation based on a particular one of the plurality of cryptographic functions;” and ¶ [0039], “Middleware 206 may serve as an interface between application 202 and cryptoprocessor 110 allowing application 202 to interact with cryptoprocessor 110 (e.g., device driver 204 may provide an application programming interface to application 202 that translates generalized commands or instructions into those that may be recognized by encryption accelerator 116).”), and 
transmit the encrypted or decrypted input data to the host device (Fig. 1, ¶ [0043], “After encryption or decryption of data, data may be stored [after its transmit[ssion]] to a storage resource 114,” where the host device comprises the processor 103 and storage, i.e., “storage resource 114”).
Stufflebeam doesn’t disclose
1 …a kernel, wherein the kernel is an encryption or decryption kernel…,
2 wherein a functionality type of the DP accelerator is determined by a functionality type of the encryption kernel or the decryption kernel;
Isaakian, however, discloses
1 …a kernel (Fig. 3, ¶¶ [0030]-[0031], “The programmable hardware component 302 [i.e., the DP accelerator as disclosed by Stufflebeam Figs. 1 & 2, ¶ [0036]] may be any hardware component that is updatable and/or programmable [when it receives a kernel that is a piece of code];” and ¶¶ [0032]-[0033], “The programmable hardware component 302 may operate according to a hardware image [as a kernel]. The hardware image may define the interconnections between and/or among the logic gates of the programmable hardware component 302. The hardware image [or kernel] may be loaded onto the hardware programmable component.”), 
wherein the kernel is an encryption or decryption kernel (¶¶ [0025]-[0027], “The encrypted portion 210 may include a hardware image 212 and/or executable code 214. The hardware image 212 may include data indicative of the operation of a programmable hardware component 302 (see FIG. 3), such as a Field Programmable Gate Array (FPGA), for example;” and “The hardware image 212 may define the operation of the FPGA. For example, the hardware image 212 [as the kernel] when loaded [and thereby provided to and] on an FPGA [as a DP accelerator] may enable a cryptographic function, such as the encryption and/or decryption of data;” i.e., the image “loaded” can be an encryption image/kernel or decryption image/kernel), and 
2 wherein a functionality type of the DP accelerator is determined by a functionality type of the encryption kernel or the decryption kernel (¶¶ [0025]-[0027], “For example, the hardware image 212 [as the kernel] when loaded on an FPGA [as a DP accelerator] may enable a cryptographic function, such as the encryption and/or decryption of data,” e.g., when the cryptographic function enables the FPGA to encrypt data, the functionality of the DP accelerator is determined by the functionality type of the encryption kernel);
Regarding the combination of Stufflebeam and Isaakian, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the cryptography system of Stufflebeam to have included the kernel feature of Isaakian. One of ordinary skill in the art would have been motivated to incorporate the kernel feature of Isaakian because Isaakian teaches that “The functionality of the cryptographic device … may be changed to conform with the updated cryptographic algorithms. For example, cryptographic algorithms may be updated to improve security, patch vulnerabilities, improve efficiency, or the like.”  See Isaakian ¶ [0018].
Regarding Claim 8
Stufflebeam-Isaakian discloses the DP accelerator of claim 7, and Stufflebeam further discloses
wherein the DP accelerator is a general purpose processor or an artificial intelligence (AI) accelerator (¶ [0012], “communicate a command to an encryption accelerator communicatively coupled to the processor to perform an encryption or decryption task,” and ¶ [0032], “apparatus configured to serve as an interface and/or hub between processor 103 and certain components of information handling system 102 (e.g., cryptoprocessor 110,” i.e., the “processor 103” is distinguished from the “cryptoprocessor 110,” and thus is a general purpose processor) and the DP accelerator is not aware that the type of functionality of the kernel is encryption or decryption (¶ [0012], “…in response to detection of an input/output operation, communicate a command to an encryption accelerator communicatively coupled to the processor to perform an encryption or decryption task upon data associated with an input/output operation,” i.e., the accelerator was “not aware” of the functionality of encryption/decryption until receiving a communication after detection of an operation to that effect),
wherein the security unit (¶¶ [0033], [0040]) comprises a key manager to exchange one or more keys with the host device (¶ [0036], “In some embodiments, encryption accelerator 116 may serve as a general purpose encryption accelerator that is configured to execute multiple cryptographic functions (e.g., encryption algorithms, algorithm modes, cryptographic hashes, and/or cryptographic sign functions), and/or may be configured to load encryption keys (e.g., encryption keys provided by a software program or other entity or encryption keys stored and/or generated by cryptoprocessor 110 [that acts as a key manager, with the cryptoprocessor being part of the host device]”)
Regarding Claim 9
Stufflebeam-Isaakian discloses the DP accelerator of claim 8, and Stufflebeam further discloses
further comprising a channel manager (Fig. 1, ¶ [0027], i.e., the I/O controller that establishes a link between the “encryption accelerator 116” and the “processor 103” that serves as the host device) configured to establish …1 between the host device (Figs. 1 & 2, ¶ [0038]) and the DP accelerator (Figs. 1 & 2, ¶ [0036]) using at least one of the one or more of the keys (¶ [0036]).
Isaakian further discloses
	1 …a secure link… (¶ [0020], “While being transported, the configuration package 106 may be in an unsecured environment,” but “For example, parts of the configuration package 106 may be encrypted [using keys to thereby create a secure link] and/or digitally signed.”)
	Regarding the combination of Stufflebeam and Isaakian, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the encryption system of Stufflebeam to have included the secure link feature of Isaakian. One of ordinary skill in the art would have been motivated to incorporate the secure link feature of Isaakian because Isaakian teaches the desirability of a secure link to address the “unsecured environment.”  See Isaakian ¶ [0020].
Regarding Independent Claim 13 and Dependent Claims 14 and 15
With respect to claims 13-15, a corresponding reasoning as given earlier for claims 1-3 applies, mutatis mutandis, to the subject matter of claims 13-15. Therefore, claims 13-15 are rejected, for similar reasons, under the grounds set forth for claims 1-3.
Regarding Independent Claim 18
With respect to independent claim 18, a corresponding reasoning as given earlier for independent claim 1 applies, mutatis mutandis, to the subject matter of claim 18. Therefore, claim 18 is rejected, for similar reasons, under the grounds set forth for claim 1.  The Examiner notes that one skilled in the art would find the additional elements in claim 18 that are associated with the host device, such as processor and memory device, to be obvious variations with respect to the claimed invention of claim 1.
Regarding Dependent Claim 19
With respect to dependent claim 19, a corresponding reasoning as given earlier for claims 2 and 3 applies, mutatis mutandis, to the subject matter of claim 19. Therefore, claim 19 is rejected, for similar reasons, under the grounds set forth for claims 2 and 3.
B.	Claims 4-6, 10-12, 16-17, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Stufflebeam in view of Isaakian, and further in view of Hunt et al. (US 2018/0285600, “Hunt”).
Regarding Claim 4
Stufflebeam-Isaakian discloses the method of claim 2, and Stufflebeam further discloses 
wherein at least one of the exchanged keys (¶ [0036]) is a …1, and 
the received kernel (of Stufflebeam ¶ [0032]) encrypts, or decrypts, the input data (¶¶ [0038], [0042]-[0043]) using the …2.
Stufflebeam-Isaakian doesn’t disclose
	1, 2 … symmetric key
Hunt, however, discloses
	1, 2 … symmetric key (¶ [0046], “…encryption accelerator 452 may include various multipliers, dividers, modulo operators, shifters, multiplexors, and other components configured to provide hardware-based support for accelerating cryptographic operations such as … symmetric key encryption, symmetric key decryption”)
	Regarding the combination of Stufflebeam and Isaakian, the rationale to combine Stufflebeam and Isaakian for claim 4 is the same as provided for claim 1 due to the overlapping subject matter between claims 1 and 4.
	Regarding the combination of Stufflebeam-Isaakian and Hunt, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the encryption system of Stufflebeam-Isaakian to have included the symmetric key feature of Hunt. One of ordinary skill in the art would have been motivated to incorporate the symmetric key feature of Hunt because Stufflebeam-Isaakian discloses the use of keys for encryption and decryption, and a person skilled in the art would find it “obvious to try” one of either symmetric or asymmetric keys for the encryption system.  See MPEP § 2143(I)(E) – Exemplary Rationales (stating “’Obvious to try’ – choosing from a finite number of identified, predictable solutions, with a reasonable expectation of success”).
Regarding Claim 5
Stufflebeam-Isaakian disclose the method of claim 2, and Stufflebeam further discloses
wherein at least one of the one or more keys (¶ [0036], “…or encryption keys stored and/or generated by cryptoprocessor 110) for encryption tasks.”) is …1
Hunt further discloses
1 …retrieved from, or based on a key retrieved from, a secure storage of a security unit of the DP accelerator (¶ [0047], “Secure key storage 453 may be configured to securely store keys such as public and/or private cryptographic keys,” i.e., the storage disclosed by Stufflebeam is taught as being a secure storage by Hunt).
Regarding the combination of Stufflebeam-Isaakian and Hunt, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the encryption system of Stufflebeam-Isaakian to have included the secure-storage feature of Hunt. One of ordinary skill in the art would have been motivated to incorporate the secure-storage feature of Hunt because Hunt teaches a system that “allow[s a] device to be booted in a secure manner, allowing the device to be securely updated,” which is achieved by implementing security measures, see Hunt ¶ [0042], such as secure storage. 
Regarding Claim 6
Stufflebeam-Isaakian disclose the method of claim 2, and Stufflebeam further discloses
wherein the encryption, or decryption (¶¶ [0038], [0042]-[0043]), is performed by the kernel (of Stufflebeam ¶ [0032]) using a key received from the host device (¶ [0036], “In some embodiments, encryption accelerator 116 may serve as a general purpose encryption accelerator that is configured to execute multiple cryptographic functions (e.g., encryption algorithms, algorithm modes, cryptographic hashes, and/or cryptographic sign functions), and/or may be configured to load encryption keys (e.g., encryption keys provided by a software program or other entity or encryption keys stored and/or generated by cryptoprocessor 110) for encryption tasks,” i.e., a key is “load[ed]” and thus received from the host device that includes the “cryptoprocessor 110”).
Regarding the combination of Stufflebeam and Isaakian, the rationale to combine Stufflebeam and Isaakian for claim 6 is the same as provided for claim 1 due to the overlapping subject matter between claims 1 and 6.
Regarding Dependent Claims 10-12
With respect to dependent claims 10-12, a corresponding reasoning as given earlier for dependent claims 4-6 applies, mutatis mutandis, to the subject matter of claims 10-12. Therefore, claims 10-12 are rejected, for similar reasons, under the grounds set forth for claims 4-6. 
Regarding Dependent Claims 16 and 17
With respect to dependent claims 16 and 17, a corresponding reasoning as given earlier for dependent claims 4 and 5 applies, mutatis mutandis, to the subject matter of claims 16 and 17. Therefore, claims 16 and 17 are rejected, for similar reasons, under the grounds set forth for claims 4 and 5.
Regarding Dependent Claim 20
With respect to dependent claim 20, a corresponding reasoning as given earlier for claim 4 applies, mutatis mutandis, to the subject matter of claim 20. Therefore, claim 20 is rejected, for similar reasons, under the grounds set forth for claim 4.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to D'ARCY WINSTON STRAUB whose telephone number is (303)297-4405. The examiner can normally be reached Monday-Friday 9:00-5:00 Mountain Time.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, ASHOKKUMAR B PATEL can be reached on (571)272-3972. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



/D'Arcy Winston Straub/Examiner, Art Unit 2491