Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Allowable Subject Matter
Claims 1-20 are allowed.
The following is an Examiner’s Statement of Reasons for Allowance: 
Regarding independent claims 1, 11 and 16, the closest prior art made of record are:
The non-patent literature entitled “GlobalPlatform Technology VPP- Concepts and Interfaces Version 1.0.1” and provided in the IDS, hereafter “VPP- Concepts and Interfaces”, teaches A secure device (see page 19, the penultimate ¶: “Figure 3-1 shows a generic hardware platform for an Integrated TRE. For example, the SoC may be a mobile broadband modem, an application processor, a micro-controller or a dedicated controller (e.g. an NFC controller)”) comprising: 
a secure tamper-resistant platform comprising (see Fig. 3-1 on page 20 reproduced below, Tamper Resistant Element (TRE). And see page 12, last item: “Tamper Resistant Element (TRE). A silicon enclave in a Soc that supports the security and tamper resistance requirements for a Primary Platform”. The Examiner interprets the hardware platform shown in Fig. 3-1 as a secure tamper-resistant platform. 
    PNG
    media_image1.png
    772
    907
    media_image1.png
    Greyscale
): 
a tamper-resistant hardware platform (the Examiner interprets the Tamper Resistant Element (TRE) shown in Fig. 3-1 as a tamper-resistant hardware platform); 
a virtual primary platform (see page 28, section 5 “Virtual Primary Platform”

) operating with a low level operating system performing an abstraction of resources of the hardware platform (see page 36, section 5.8 “Low Level Operating System (LLOS) The Primary Platform embeds a LLOS running in privileged CPU mode”. And see page 13 
“Virtual Primary Platform (VPP): Instance of the Primary Platform at run time that exposes 
as a virtual Primary Platform (VPP) for  a VPP Application. The VPP includes interfaces to services 
and the kernel and supports the virtualization of resources. And see page 17, Fig. 2.1 reproduced below.	

    PNG
    media_image2.png
    808
    1301
    media_image2.png
    Greyscale
	

); and 
a secondary platform operating with a high level operating system providing a further abstraction of resources to applications (see page 29: “The software functions are grouped in three domains:
• The LLOS managing security-related hardware functions and native multiprocessing capabilities.
• The HLOS (acting as a secondary platform) and its accompanying applications.
• The services managing the hardware functions related to communication (defined in section 5.9) and Firmware management (defined in section 5.10)”. And see page 13, Table 1-4: “HLOS: High Level Operating System”. Also see page 17, Fig. 2.1 reproduced above) 

The non-patent literature entitled “GlobalPlatform Technology Virtual Primary Platform- Network Protocol Version 1.0.1” and provided in the IDS, hereafter “VPP- Network Protocol”, teaches in which respective internal hosts are embedded (see page 10, Table 1-2: “Host: Group of Applications or Services sharing the same overall lifecycle; A logical entity that operates one or more Gate(s)”. And see page 19, Fig. 3.3 reproduced below, The Examiner interprets TEE host 1 and TEE host 2 as internal hosts. 
    PNG
    media_image3.png
    488
    1231
    media_image3.png
    Greyscale
); 
a plurality of physical and/or logical input/output interfaces providing external hosts access to the internal hosts (see page 10, Table 1-2: “Gate: An entry point of the Pipe towards a Service/Application that is operated inside a Host”. And see page 17, Fig. 3.1 reproduced below:

    PNG
    media_image4.png
    414
    593
    media_image4.png
    Greyscale
The Examiner interprets ADMINISTRATION GATE, xx GATE and LINK APPLICATION GATE in HOST A of Fig. 3-1 as a plurality of physical and/or logical input/output interfaces providing external hosts access to the internal hosts ), 
wherein the virtual primary platform is configured to set interactions between the external hosts and the internal hosts (see page 16, section 3.1: “A valid network is a collection of at least two Hosts which are logically connected together and physically connected via the Router to which the Host has the static Pipe PIPE00 (see Figure 3-1 ). VNP defines the interface between Hosts. More specifically, the network has three levels:
• a collection of Gates which shall exchange Packets;
• a messaging mechanism which may exchange command, responses and event; and
• a Packet routing principle”); and 
an internal host domain comprising: the internal hosts (see page 10, Table 1-2, “Host Domain: Group of Hosts sharing the same Host Domain Identifier”. And see page 16, section 3.2, “Host Domains - Grouping Hosts (see Figure 3-3) according to functional perimeters which are dependent on a given implementation or defined within this specification (i.e. the TRE Host Domain)”. And see page 19, Fig. 3.3 reproduced above: Figure 3-3 illustrates an example of network supporting the following Host Domain assignments:
• TRE Host Domain for the group of Hosts in the TRE,
• TEE Host Domain for group of Hosts in Trusted Execution Environment,
• MBM Host Domain for the group of Hosts running on the Mobile Broadband Modem,
• REE Host Domain for the group of Hosts on the Rich Execution Environment). 

Hans (US 20160266943) teaches a further set of virtual hosts (see [0065] and Fig. 7: “two runtime execution environments (e.g., a Rich OS and a TEE platform) executing on a single Device Host may share a single physical link and HCI messages from two virtual hosts (e.g., one for the RichOS and another for the TEE platform) may be exchanged between the virtual hosts in the single device and the host controller in the HCI network”) 


Independent claims 1, 11 and 16 are allowable for the following reasons:
1. None of the prior art of record alone or in combination teaches “a further set of virtual hosts each configured to operate as a proxy between an input/output interface and an application, wherein each input/output interface is configured to address only one of the virtual hosts”, a recited feature of claims 1, 11 and 16. 
2. Because Hans is neither from the same field of endeavor as the “VPP- Network Protocol” reference, nor is it reasonably pertinent to the problem faced by the “VPP- Network Protocol” reference, before the effective filing date of the claimed invention, it would not have been obvious to a person of ordinary skill in the art to modify the “VPP- Network Protocol” reference by including the set of virtual hosts taught by Hans in the internal host domain taught by the “VPP- Network Protocol” reference to arrive at the claim limitation “an internal host domain comprising: …a further set of virtual hosts”, as recited by claims 1, 11 and 16. 

Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ZHIMEI ZHU whose telephone number is (571)270-7990. The examiner can normally be reached 10am-6pm Monday-Friday.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached on 571-272-3739. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/ZHIMEI ZHU/               Examiner, Art Unit 2495              
                                                                                                                                                                           /JEFFERY L WILLIAMS/Primary Examiner, Art Unit 2495