Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION
The present office action is responsive to communications received on 10/28/2020.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 09/28/2020 is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.

Status of Claims
Claims 1-20 are pending.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claim 17 rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as failing to set forth the subject matter which the inventor or a joint inventor, or for applications subject to pre-AIA  35 U.S.C. 112, the applicant regards as the invention. 
Claim 17 recites “The method of claim 1, non-transitory computer-readable storage medium of claim 16”. It is not clear whether claim 17 depends on claim 1 or 16. For the sake of compact prosecution the claim will be treated as dependent on claim 16.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 1, 7-9, 16 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Asanghanwa et al. (US 20200042675 A1) hereinafter referred to as Asanghanwa in view of Yitbarek et al. (US 20200145419 A1) hereinafter referred to as Yitbarek.

With respect to claim 1, discloses: A method, comprising: receiving, by a software trusted client agent (TCA) residing in a host computer system of a computing environment, a software provisioning command from an orchestration system of the computing environment, (applicant specifications ¶12 discloses the provisioning can be interpreted as “software provisioning tasks (e.g., installations and/or updates of workloads)”. Asanghanwa ¶62 discloses secure runtime agent mapped to the TCA receiving instructions from processor 134, illustrated in Fig. 1A, wherein the “secure runtime agent includes functionality to instantiate, validate, and provision the MMA software module with STRONG X.509 identity”).
wherein the software provisioning command identifies a workload to be provisioned to a trusted execution environment (TEE) of the computing environment; (applicant specifications ¶12 discloses a workload can be “a data processing job, file access command, or any other process running within the TEE”. Therefore, interpreted in view of the broad specification’s description; Asanghanwa ¶65-67 disclose the secure agent sends an HSM a processing job as part of the provisioning. The hardware secure module (HSM) is mapped to the TEE).
determining, by the TCA, a validation measure associated with the workload; (Asanghanwa ¶65 discloses the secure agent determines a certificate is needed for validation).
Asanghanwa does not explicitly disclose: and responsive to determining that the validation measure satisfies a predetermined condition, performing the software provisioning operation to deploy the workload at the TEE. 
However, Yitbarek in an analogous art discloses: and responsive to determining that the validation measure satisfies a predetermined condition, performing the software provisioning operation to deploy the workload at the TEE. (Yitbarek ¶38 discloses “provisioning agent 204”, mapped to a trusted agent, which verifies I/O data, mapped to the workload, within a trusted I/O device (TIO), mapped to a TEE. Additionally, Yitbarek ¶119 discloses the trusted agent authenticating I/O data related to TIO device using a predetermined condition which is a matching certificate. The example recited in Yitbarek ¶154 discloses the deployment of a software operation is done by the trusted agent onto the TEE).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Asanghanwa wherein responsive to determining that the validation measure satisfies a predetermined condition, performing the software provisioning operation to deploy the workload at the TEE as disclosed by Yitbarek to verify actions and ensure security is maintained within a trusted execution environment (see Yitbarek ¶39, ¶108 and ¶119).

With respect to claim 7, Asanghanwa in view of Yitbarek: The method of claim 1 further comprising: determining, by the TCA, whether the workload is encrypted using a predetermined encryption key; and responsive to determining that the workload is encrypted using the predetermined encryption key, performing the software provisioning operation to deploy the workload to the TEE. (Yitbarek ¶120 “the trusted agent 1008 and the TIO device 1024 may perform an authenticated Diffie-Hellman key exchange. After performing the key exchange, both the TIO device 1024 and the trusted agent 1008 possess a shared secret key (e.g., a session key or other symmetric encryption key)” wherein key exchange is mapped to the key being a predetermined key when it is used later one in the later steps. Yitbarek ¶122 “the trusted agent 1008 provisions one or more link encryption keys to the trusted TIO devices 1024. The trusted agent 1008 may provision the link encryption keys securely, for example, by wrapping each link encryption key with the secret key shared with the TIO device 1024. The TIO device 1024 may use the link encryption key to protect I/O data transferred between the TIO device 1024 and the host over one or more I/O links (e.g., PCIe links). In some embodiments, in block 1218 the trusted agent 1008 may provision the TIO devices 1024 for end-to-end encryption. In such embodiments, the trusted agent 1008 may provision matching link encryption keys to an endpoint TIO device 1024 and the root port of the computing device 100. In those embodiments, the I/O data is encrypted and/or decrypted at each end of the I/O link (i.e., the root port and the TIO device 1024). The encrypted I/O data may be forwarded by intermediate I/O devices between the root port and the TIO device 1024 without encryption or decryption.” Interpreted that the trusted agent, within a tenant host, determines workload is encrypted using a secret key wherein encrypted data is provisioned on the TIO which is a trusted environment).

With respect to claim 8, Asanghanwa in view of Yitbarek: The method of claim 7, wherein the TCA is to decrypt, using the predetermined private key, the workload before deploying the workload to the TEE. (based on the mapping above of Yitbarek ¶122, the private key is used for decrypting the data in the TIO).

With respect to claim 9, Asanghanwa in view of Yitbarek: The method of claim 1, wherein the TCA is associated with one or more tenants of the computing environment. (Yitbarek ¶36 and Fig. 2 illustrate users’ Hosts, mapped to tenants comprising trusted agents).

With respect to claim 16, Asanghanwa discloses: A non-transitory computer-readable storage medium comprising executable instructions that, when executed by a processing device, cause the processing device to: receive, at a software trusted client agent (TCA) residing in a host computer system of a computing environment, a software provisioning command from an orchestration system of the computing environment, (applicant specifications ¶12 discloses the provisioning can be interpreted as “software provisioning tasks (e.g., installations and/or updates of workloads)”. Asanghanwa ¶62 discloses secure runtime agent mapped to the TCA receiving instructions from processor 134, illustrated in Fig. 1A, wherein the “secure runtime agent includes functionality to instantiate, validate, and provision the MMA software module with STRONG X.509 identity”).
wherein the software provisioning command identifies a workload to be provisioned to a trusted execution environment (TEE) of the computing environment; (applicant specifications ¶12 discloses a workload can be “a data processing job, file access command, or any other process running within the TEE”. Therefore, interpreted in view of the broad specification’s description; Asanghanwa ¶65-67 disclose the secure agent sends an HSM a processing job as part of the provisioning. The hardware secure module (HSM) is mapped to the TEE).
determine a validation measure associated with the workload; (Asanghanwa ¶65 discloses the secure agent determines a certificate is needed for validation).
Asanghanwa does not explicitly disclose: and responsive to determining that the validation measure satisfies a predetermined condition, perform the software provisioning operation to deploy the workload at the TEE.
However, Yitbarek in an analogous art discloses: and responsive to determining that the validation measure satisfies a predetermined condition, perform the software provisioning operation to deploy the workload at the TEE. (Yitbarek ¶38 discloses “provisioning agent 204”, mapped to a trusted agent, which verifies I/O data, mapped to the workload, within a trusted I/O device (TIO), mapped to a TEE. Additionally, Yitbarek ¶119 discloses the trusted agent authenticating I/O data related to TIO device using a predetermined condition which is a matching certificate. The example recited in Yitbarek ¶154 discloses the deployment of a software operation is done by the trusted agent onto the TEE).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Asanghanwa and responsive to determining that the validation measure satisfies a predetermined condition, perform the software provisioning operation to deploy the workload at the TEE as disclosed by Yitbarek to verify actions and ensure security is maintained within a trusted execution environment (see Yitbarek ¶39, ¶108 and ¶119).

With respect to claim 20, Asanghanwa in view of Yitbarek disclose: The non-transitory computer-readable storage medium of claim 16, wherein the processing device is further to: determine whether the workload is encrypted using a predetermined encryption key; and responsive to determining that the workload is encrypted using the predetermined encryption key, perform the software provisioning operation to deploy the workload to the TEE. (Yitbarek ¶120 “the trusted agent 1008 and the TIO device 1024 may perform an authenticated Diffie-Hellman key exchange. After performing the key exchange, both the TIO device 1024 and the trusted agent 1008 possess a shared secret key (e.g., a session key or other symmetric encryption key)” wherein key exchange is mapped to the key being a predetermined key when it is used later one in the later steps. Yitbarek ¶122 “the trusted agent 1008 provisions one or more link encryption keys to the trusted TIO devices 1024. The trusted agent 1008 may provision the link encryption keys securely, for example, by wrapping each link encryption key with the secret key shared with the TIO device 1024. The TIO device 1024 may use the link encryption key to protect I/O data transferred between the TIO device 1024 and the host over one or more I/O links (e.g., PCIe links). In some embodiments, in block 1218 the trusted agent 1008 may provision the TIO devices 1024 for end-to-end encryption. In such embodiments, the trusted agent 1008 may provision matching link encryption keys to an endpoint TIO device 1024 and the root port of the computing device 100. In those embodiments, the I/O data is encrypted and/or decrypted at each end of the I/O link (i.e., the root port and the TIO device 1024). The encrypted I/O data may be forwarded by intermediate I/O devices between the root port and the TIO device 1024 without encryption or decryption.” Interpreted that the trusted agent, within a tenant host, determines workload is encrypted using a secret key wherein encrypted data is provisioned on the TIO which is a trusted environment).

Claims 10-12 and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Asanghanwa et al. (US 20200042675 A1) hereinafter referred to as Asanghanwa in view of Innes et al. (US 20180007059 A1) hereinafter referred to as Innes.

With respect to claim 10, Asanghanwa discloses: A system comprising: a memory; and a processing device operatively coupled to the memory, wherein the processing device is further to: perform, at a host computer system of a computing environment, a provisioning process of a software trusted client agent (TCA) to the host computer system; (applicant specifications ¶12 discloses the provisioning can be interpreted as “software provisioning tasks (e.g., installations and/or updates of workloads)”. Asanghanwa ¶62 discloses secure runtime agent mapped to the TCA receiving instructions from processor 134, illustrated in Fig. 1A, wherein the “secure runtime agent includes functionality to instantiate, validate, and provision the MMA software module with STRONG X.509 identity”).
Asanghanwa does not explicitly disclose: determine a set of signing certificates associated with one or more trusted signing parties for validating signing certificates of workloads being deployed to a trusted execution environment (TEE) of the computing environment; and associate the set of certificates with the TCA.
However, Innes in an analogous art discloses: determine a set of signing certificates associated with one or more trusted signing parties for validating signing certificates of workloads being deployed to a trusted execution environment (TEE) of the computing environment; and associate the set of certificates with the TCA. (Innes ¶180 discloses user authorization using associated certificate, that is associated with user’s client agent, mapped to TCA. Innes ¶187 discloses each TCA has a set of multiple associated signing certificates to use for “pre-establishing trust” pertaining to processed data, mapped to wrokload. Innes ¶188 “using a bootstrap certificate template that may use manual approval by an organization's CA administrator (e.g., a security officer)” wherein a CA can be mapped to a signing party for validating signing certificates).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Asanghanwa determine a set of signing certificates associated with one or more trusted signing parties for validating signing certificates of workloads being deployed to a trusted execution environment (TEE) of the computing environment; and associate the set of certificates with the TCA as disclosed by Innes to use a pre-established trust method to authenticate a certificate (see Innes ¶180 and ¶187-188).

With respect to claim 11, Asanghanwa in view of Innes disclose: The system of claim 10, wherein the processing device is further to: associate one or more provisioning policies with the TCA, (Innes ¶70 discloses “provision, create, and manage virtual machines and their operating environments (e.g., hypervisors, storage resources, services offered by the network elements, etc.) for customers at client computers 411-414, over a network (e.g., the Internet), providing customers with computational resources, data storage services, networking capabilities, and computer platform and application support. Cloud systems also may be configured to provide various specific services, including security systems, development environments, user interfaces, and the like.” Which includes policies for a secure agent).
wherein each provisioning policy is associated with a tenant of the computing environment and determines how to validate signing certificates associated with workloads of the tenant. (Innes ¶168 discloses access control policies are used for authentication and validation wherein ¶177 discloses validating the SAML token of a tenant based using locally stored and trusted signing certificate).

With respect to claim 12, Asanghanwa in view of Innes disclose: The system of claim 10, wherein the TCA is to receive a software provisioning command from an orchestration system, (Asanghanwa ¶62 discloses secure runtime agent mapped to the TCA receiving instructions from processor 134, illustrated in Fig. 1A, wherein the “secure runtime agent includes functionality to instantiate, validate, and provision the MMA software module with STRONG X.509 identity”).
wherein the software provisioning command identifies a workload to be provisioned to the TEE, (applicant specifications ¶12 discloses a workload can be “a data processing job, file access command, or any other process running within the TEE”. Therefore, interpreted in view of the broad specification’s description; Asanghanwa ¶65-67 disclose the secure agent sends an HSM a processing job as part of the provisioning. The hardware secure module (HSM) is mapped to the TEE).
and wherein the TCA is to deploy the workload to the TEE responsive to determining that a signing certificate of the workload matches a second certificate of the set of certificates associated with the TCA. (Innes ¶180 discloses user authorization using certificate associated with user’s client agent, mapped to TCA. Innes ¶187 discloses each user has multiple associated certificates to use for “pre-establishing trust”. Innes ¶188 “using a bootstrap certificate template that may use manual approval by an organization's CA administrator (e.g., a security officer)”).

With respect to claim 15, Asanghanwa in view of Innes disclose: The system of claim 10, wherein the TCA is associated with one or more tenants of the computing environment. (Innes ¶284 discloses trusted agent running in user session, wherein a user is mapped to the tenant).

Claims 2-4 and 17-19 are rejected under 35 U.S.C. 103 as being unpatentable over Asanghanwa in view of Yitbarek as applied to claims 1, 7-9, 16 and 20 above, and further in view of Innes et al. (US 20180007059 A1) hereinafter referred to as Innes.
With respect to claim 2, Asanghanwa in view of Yitbarek disclose: The method of claim 1, 
Asanghanwa in view of Yitbarek do not explicitly disclose: wherein the validation measure is a signing certificate associated with the workload.
However, Innes in an analogous art discloses: wherein the validation measure is a signing certificate associated with the workload. (Innes ¶171 discloses using client agent, mapped to trusted agent, performing validation by verifying a Security Assertion Markup Language (SAML) token, interpreted to be associated with a data processing workload, using an Identity Provider (IdP) wherein the token is checked against the IdP’s signing certificate).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Asanghanwa in view of Yitbarek wherein the validation measure is a signing certificate associated with the workload as disclosed by Innes to ensure secure authentication of an application using a Certification Authority (see Innes ¶169-170).

With respect to claim 3, Asanghanwa in view of Yitbarek disclose: The method of claim 1, 
Yitbarek does not explicitly disclose: wherein determining that the validation measure satisfies the predetermined condition comprises determining that a signing certificate of the workload matches a second signing certificate of a set of approved certificates associated with the TCA.
However, Innes in an analogous art discloses: wherein determining that the validation measure satisfies the predetermined condition comprises determining that a signing certificate of the workload matches a second signing certificate of a set of approved certificates associated with the TCA. (Innes ¶180 discloses user authorization using certificate associated with user’s client agent and data processing, mapped to TCA comprising workload. Innes ¶187 discloses each user has multiple associated certificates to use for “pre-establishing trust”. Innes ¶188 “using a bootstrap certificate template that may use manual approval by an organization's CA administrator (e.g., a security officer)” so a match has to occur).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Asanghanwa in view of Yitbarek wherein determining that the validation measure satisfies the predetermined condition comprises determining that a signing certificate of the workload matches a second signing certificate of a set of approved certificates associated with the TCA as disclosed by Innes to use a pre-established trust method to authenticate a certificate (see Innes ¶180 and ¶187-188).

With respect to claim 4, Asanghanwa in view of Yitbarek and Innes disclose: The method of claim 3, wherein the signing certificate of the workload is associated with at least one of a tenant of the computing environment, an approved repository of the workload, an independent software vendor, or the orchestration system. (Innes ¶180 discloses user authorization using certificate associated with user’s client agent, mapped to TCA. Wherein the user is mapped to the tenant of the computing environment).

With respect to claim 17, Asanghanwa in view of Yitbarek disclose: The method of claim 1, non-transitory computer-readable storage medium of claim 16, 
Asanghanwa in view of Yitbarek do not explicitly disclose: wherein the validation measure is a signing certificate associated with the workload.
However, Innes in an analogous art discloses: wherein the validation measure is a signing certificate associated with the workload. (Innes ¶171 discloses using client agent, mapped to trusted agent, performing validation by verifying a Security Assertion Markup Language (SAML) token, interpreted to be associated with a workload, using an Identity Provider (IdP) wherein the token is checked against the IdP’s signing certificate).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Yitbarek wherein the validation measure is a signing certificate associated with the workload as disclosed by Innes to ensure secure authentication of an application using a Certification Authority (see Innes ¶169-170).

With respect to claim 18, Asanghanwa in view of Yitbarek disclose: The non-transitory computer-readable storage medium of claim 16, 
Yitbarek does not explicitly disclose: wherein to determine that the validation measure satisfies the predetermined condition, the processing device is to determine that a signing certificate of the workload matches a second signing certificate of a set of approved certificates associated with the TCA.
However, Innes in an analogous art discloses: wherein to determine that the validation measure satisfies the predetermined condition, the processing device is to determine that a signing certificate of the workload matches a second signing certificate of a set of approved certificates associated with the TCA. (Innes ¶180 discloses user authorization using certificate associated with user’s client agent, mapped to TCA. Innes ¶187 discloses each user has multiple associated certificates to use for “pre-establishing trust”. Innes ¶188 “using a bootstrap certificate template that may use manual approval by an organization's CA administrator (e.g., a security officer)”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Yitbarek wherein to determine that the validation measure satisfies the predetermined condition, the processing device is to determine that a signing certificate of the workload matches a second signing certificate of a set of approved certificates associated with the TCA as disclosed by Innes to use a pre-established trust method to authenticate a certificate (see Innes ¶180 and ¶187-188).

With respect to claim 19, Asanghanwa in view of Yitbarek and Innes disclose: The non-transitory computer-readable storage medium of claim 18, wherein the signing certificate of the workload is associated with at least one of a tenant of the computing environment, an approved repository of the workload, an independent software vendor, or the orchestration system. (Innes ¶180 discloses user authorization using certificate associated with user’s client agent, wherein the user is mapped to a tenant).

Claims 5-6 are rejected under 35 U.S.C. 103 as being unpatentable over Asanghanwa in view of Yitbarek as applied to claims 1, 7-9, 16 and 20 above, and further in view of Hook et al. (US 20140164776 A1) hereinafter referred to as Hook.

With respect to claim 5, Asanghanwa in view of Yitbarek: The method of claim 1, 
Asanghanwa in view of Yitbarek do not explicitly disclose: wherein the TCA is provisioned by an administration system, and wherein the TCA is associated with a set of approved certificates during the provisioning by the administration system.
However, Hook in an analogous art discloses: wherein the TCA is provisioned by an administration system, and wherein the TCA is associated with a set of approved certificates during the provisioning by the administration system. (Hook ¶458-460 disclose certificate update initiated, mapped to the provisioning. Wherein Hook ¶463-467 disclose administrative system wherein an agent receives new approved certificates by an administrative system during the provisioning/update process).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Asanghanwa in view of Yitbarek wherein the TCA is provisioned by an administration system, and wherein the TCA is associated with a set of approved certificates during the provisioning by the administration system as disclosed by Hook to provide highly secured applications while securely and efficiently managing certificates (see Hook ¶30-31).

With respect to claim 6, Asanghanwa in view of Yitbarek and Hook disclose: The method of claim 5 further comprising at least one of: adding certificates to the set of approved certificates of the TCA; or removing certificates from the set of approved certificates of the TCA. (Hook ¶463-467 disclose revoking a certificate in an administrative system, mapped to removing of certificate from set of approved certificates).

Claim 13 is rejected under 35 U.S.C. 103 as being unpatentable over Asanghanwa in view of Innes as applied to claims 10-12 and 15 above, and further in view of Hook et al. (US 20140164776 A1) hereinafter referred to as Hook.

With respect to claim 13, Asanghanwa in view of Innes disclose: The system of claim 10, 
Asanghanwa in view of Innes do not explicitly disclose: wherein the processing device is further to: add certificates to the set of certificates associated with the TCA; and remove certificates from the set of certificates associated with the TCA.
However, Hook in an analogous art discloses: wherein the processing device is further to: add certificates to the set of certificates associated with the TCA; and remove certificates from the set of certificates associated with the TCA. (Hook ¶463-467 disclose adding or revoking certificates in an administrative system, mapped to adding and removing of certificate from set of approved certificates).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Asanghanwa in view of Innes wherein the processing device is further to add certificates to the set of certificates associated with the TCA; and remove certificates from the set of certificates associated with the TCA as disclosed by Hook to provide highly secured applications while securely and efficiently managing certificates (see Hook ¶30-31).

Claim 14 is rejected under 35 U.S.C. 103 as being unpatentable over Asanghanwa in view of Innes as applied to claims 10-12 and 15 above, and further in view of Yitbarek et al. (US 20200145419 A1) hereinafter referred to as Yitbarek.

With respect to claim 14, Asanghanwa in view of Innes disclose: The system of claim 10, wherein the processing device is further to: 
Asanghanwa in view of Innes do not explicitly disclose: associate one or more predetermined private keys to the TCA, wherein each private key of the one or more predetermined private keys is associated with a tenant of the computing environment and is used to encrypt and decrypt workloads associated with the tenant. 
However, Yitbarek in an analogous art discloses: associate one or more predetermined private keys to the TCA, wherein each private key of the one or more predetermined private keys is associated with a tenant of the computing environment and is used to encrypt and decrypt workloads associated with the tenant. (Yitbarek ¶120 “the trusted agent 1008 and the TIO device 1024 may perform an authenticated Diffie-Hellman key exchange. After performing the key exchange, both the TIO device 1024 and the trusted agent 1008 possess a shared secret key (e.g., a session key or other symmetric encryption key)” wherein key exchange is mapped to the key being a predetermined key when it is used later one in the later steps. Yitbarek ¶122 “the trusted agent 1008 provisions one or more link encryption keys to the trusted TIO devices 1024. The trusted agent 1008 may provision the link encryption keys securely, for example, by wrapping each link encryption key with the secret key shared with the TIO device 1024. The TIO device 1024 may use the link encryption key to protect I/O data transferred between the TIO device 1024 and the host over one or more I/O links (e.g., PCIe links). In some embodiments, in block 1218 the trusted agent 1008 may provision the TIO devices 1024 for end-to-end encryption. In such embodiments, the trusted agent 1008 may provision matching link encryption keys to an endpoint TIO device 1024 and the root port of the computing device 100. In those embodiments, the I/O data is encrypted and/or decrypted at each end of the I/O link (i.e., the root port and the TIO device 1024). The encrypted I/O data may be forwarded by intermediate I/O devices between the root port and the TIO device 1024 without encryption or decryption.” Interpreted that the trusted agent, within a tenant host, determines workload is encrypted using a secret key wherein encrypted data is provisioned on the TIO which is a trusted environment).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Asanghanwa and associate one or more predetermined private keys to the TCA, wherein each private key of the one or more predetermined private keys is associated with a tenant of the computing environment and is used to encrypt and decrypt workloads associated with the tenant as disclosed by Yitbarek to verify actions and ensure security is maintained within a trusted execution environment (see Yitbarek ¶39, ¶108 and ¶119).

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
Herbert et al. (US 20170177417 A1) Abstract and ¶22 disclose provisioning a workload enclave in a trusted execution environment.
Schory et al. (US 20200396259 A1) ¶67 and ¶93 disclose a trusted execution environment and a trusted security agent installed on computing device.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to HANY S GADALLA whose telephone number is (571)272-2322. The examiner can normally be reached Mon to Fri 8:30AM - 5:00PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Carl Colin can be reached on (571) 272-3862. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/H.S.G./Examiner, Art Unit 2493                              
                                                                                                                                                                          /CARL G COLIN/Supervisory Patent Examiner, Art Unit 2493