DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Information Disclosure Statement
The information disclosure statements (IDS) submitted on 02/10/2022, 03/14/2022 and 05/31/2022 are in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.


Claim(s) 21-25 is/are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter. The claim(s) does/do not fall within at least one of the four categories of patent eligible subject matter because the plain meaning of the term "computer-readable media" in claim 21 is construed to encompass a signal per se. The specification does not provide any definition or disclaiming statements that restricts the plain meaning of the term to non-transitory embodiments.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim(s) 1-3, 14, 17-19 and 21 is/are rejected under 35 U.S.C. 103 as being unpatentable over Durham et al., US-20160092702-A1 (hereinafter “Durham ‘702”) in view of Chhabra et al., US-20190319781-A1 (hereinafter “Chhabra ‘781”).
Per claim 1 (independent):
Durham ‘702 discloses: A processor, comprising:
a register to store an encoded pointer to a memory location in memory, wherein the encoded pointer is to include an encrypted portion 
circuitry to: 
determine a first data encryption factor and a second data encryption factor from the encoded pointer
(FIG. 1, [0017], a processor 102 (a processor) having a set of secure memory access logic 150 and a number of registers 112 … Address encoding logic 152 of the secure memory access logic 150 is invoked when memory is allocated ( e.g., by an operating system, in the heap); FIG. 2, [0036], the address encoding logic 152 encodes the indirect address 204, including metadata 205 (e.g., the range and/or permission information…) … returns an encoded indirect address 206 (an encoded pointer to a memory location, for example, in the heap); FIG. 4, [0041], for securing an indirect address (i.e. further describing the encoding process of FIG. 2) … by the processor 102 executing the address encoding logic 152; [0042], In block 418, the computing device 100 creates the metadata ( e.g., valid range and/or permission data) (a first data encryption factor) and stores the metadata in the unused/non-canonical bits of the indirect address; [0044], In block 420, the computing device 100 determines the adjustment (or "offset") to be applied to the valid range, and stores the adjustment value (a second data encryption factor) in the unused/non-canonical bits of the indirect address; [0046], In block 422, the computing device 100 encrypts a portion of the indirect address, where the portion (an encrypted portion) of the indirect address to be encrypted is determined by the valid range metadata (e.g., exponent/2's power) (the first data encryption factor) and the adjustment value (the second data encryption factor)  … the most significant bits of the used bits/canonical address identified in the valid range metadata are encrypted with a secret key (e.g., the secret key 116), using the valid range metadata (which may or may not include the adjustment value) as a tweak.);
decode the encoded pointer to obtain a memory address of the memory location (FIG. 5, [0052], for decoding an indirect address (the encoded pointer) … by the processor 102 executing the secure mov logic 160 and/or the address decoding logic 162); 

Durham ‘702 does not disclose that the first data encryption factor is determined based on a first data access instruction. Chhabra ‘781 discloses: determine a first data encryption factor based on a first data access instruction (FIG. 5, [0071], At block 540 the data itself may be decrypted according to a data dependent encryption mode … an XTS-AES decryption may be performed, using the physical address of the memory line as the tweak, where the encryption key may be selected from a variety of keys identified by a Key ID, either as part of the address (alias) or other metadata (a first data encryption factor) provided by the processor as part of the memory load (read) operation (a first data access instruction).);
Durham ‘702 does not disclose that how the decoded indirect address is used to reference an encrypted first data element. Chhabra ‘781 discloses: use the memory address to access an encrypted first data element (FIG. 5, [0070], responsive to a read request such as a read instruction to read a particular data portion from the memory. As seen, method 500 begins by receiving a read (access) request (block 510). Responsive to this request, control passes to block 520 where the encrypted data (an encrypted first data element) and a corresponding encrypted MAC may be obtained from the memory); 
decrypt the encrypted first data element using a cryptographic algorithm with first inputs to generate a decrypted first data element, the first inputs including the first data encryption factor based on the first data access instruction (FIG. 5, [0071], At block 540 the data (the encrypted first data element) itself may be decrypted according to a data dependent encryption mode … an XTS-AES decryption (a cryptographic algorithm) may be performed, using the physical address of the memory line as the tweak, where the encryption key may be selected from a variety of keys identified by a Key ID, either as part of the address (alias) or other metadata (the first data encryption factor) provided by the processor as part of the memory load (read) operation (the first data access instruction).).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified Durham ‘702 with the store and access of data in an encrypted format via a cryptographic algorithm requiring the metadata provided as part of the memory load operation based on the memory information as taught by Chhabra ‘781 because it would achieve replay and integrity protection by providing cryptographic mechanisms to encrypt data, and to ensure integrity of the data for replay protection [0020]. Additionally, Chhabra ‘781 is analogous to the claimed invention because it teaches an embodiment of a processor that executes memory encryption operations for confidentiality, integrity, and replay protections [0045].

Per claim 2 (dependent on claim 1):
Durham ‘702 in view of Chhabra ‘781 discloses the elements detailed in the rejection of claim 1 above, incorporated herein by reference.
Durham ‘702 discloses: The processor of Claim 1, wherein the encoded pointer further includes first meta data (FIG. 2, [0036], the address encoding logic 152 encodes the indirect address 204, including metadata 205 (e.g., the range and/or permission information…) … returns an encoded indirect address 206 (the encoded pointer).).

Per claim 3 (dependent on claim 2):
Durham ‘702 in view of Chhabra ‘781 discloses the elements detailed in the rejection of claim 2 above, incorporated herein by reference.
Durham ‘702 discloses: The processor of Claim 2, wherein the first metadata is permissions. (FIG. 2, [0036], the address encoding logic 152 encodes the indirect address 204, including metadata 205 (e.g., the range and/or permission information (permissions) …) … returns an encoded indirect address 206.).

Per claim 14 (dependent on claim 1):
Durham ‘702 in view of Chhabra ‘781 discloses the elements detailed in the rejection of claim 1 above, incorporated herein by reference.
Durham ‘702 discloses: The processor of Claim 1, wherein the memory location is in heap memory or stack memory (FIG. 1, [0017], a processor 102 (a processor) having a set of secure memory access logic 150 and a number of registers 112 … Address encoding logic 152 of the secure memory access logic 150 is invoked when memory is allocated ( e.g., by an operating system, in the heap (heap memory)); FIG. 2, [0036], the address encoding logic 152 encodes the indirect address 204, including metadata 205 (e.g., the range and/or permission information…) … returns an encoded indirect address 206.).

Per claim 17 (dependent on claim 1):
Durham ‘702 in view of Chhabra ‘781 discloses the elements detailed in the rejection of claim 1 above, incorporated herein by reference.
Durham ‘702 does not disclose but Chhabra ‘781 discloses: The processor of Claim 1, wherein the first data access instruction is associated with a read operation for the first encrypted data element (FIG. 5, [0070], responsive to a read request such as a read instruction to read a particular data portion from the memory. As seen, method 500 begins by receiving a read request (block 510; a read operation). Responsive to this request, control passes to block 520 where the encrypted data (the first encrypted data element) and a corresponding encrypted MAC may be obtained from the memory).

Per claim 18 (independent):
The limitations of the claim(s) correspond(s) to features of claim 1 and the claim(s) is/are rejected for the reasons detailed with respect to claim 1.

Per claim 19 (dependent on claim 18):
Durham ‘702 in view of Chhabra ‘781 discloses the elements detailed in the rejection of claim 18 above, incorporated herein by reference.
The limitations of the claim(s) correspond(s) to features of claim and the claim(s) is/are rejected for the reasons detailed with respect to claim 2.

Per claim 21 (independent):
The limitations of the claim(s) correspond(s) to features of claim 1 and the claim(s) is/are rejected for the reasons detailed with respect to claim 1.

Claim(s) 4-5 and 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Durham ‘702 in view of Chhabra ‘781 and Babic et al., US-20210004470-A1 (hereinafter “Babic ‘470”).
Per claim 4 (dependent on claim 2):
Durham ‘702 in view of Chhabra ‘781 discloses the elements detailed in the rejection of claim 2 above, incorporated herein by reference.
Durham ‘702 in view of Chhabra ‘781 does not disclose but Babic ‘470 discloses: The processor of Claim 2, wherein the first metadata is a memory allocation size of a data structure (FIG. 2, [0039], identifies aspects of candidate patch generation for a set of code 210; [0040], memory allocations and deallocations may be tracked in metadata and updated. This metadata may include information such as size of applicable memory regions (a memory allocation size) as well as some content information (such as potential null-termination of strings; a data structure). At runtime, the metadata may be used to track for every pointer, which base pointer and thus which memory allocation, it is pointing to.).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified Durham ‘702 in view of Chhabra ‘781 with the track of every pointer via the metadata including a size of memory region and content information as taught by Babic ‘470 because a system would be less vulnerable to attacks from third parties looking to steal information, slow down processing speeds, or otherwise cause havoc by automatically generating patches based on any of a variety types of data with generates at least some of the program metadata [0038]. Additionally, Babic ‘470 is analogous to the claimed invention because it provides for automatically generating patches for security violations [ABSTRACT].

Per claim 5 (dependent on claim 4):
Durham ‘702 in view of Chhabra ‘781 and Babic ‘470 discloses the elements detailed in the rejection of claim 4 above, incorporated herein by reference.
Durham ‘702 in view of Chhabra ‘781 does not disclose but Babic ‘470 discloses: The processor of Claim 4, wherein the memory address corresponds to a base address of the data structure (FIG. 2, [0039], identifies aspects of candidate patch generation for a set of code 210; [0040] At runtime, the metadata may be used to track for every pointer, which base pointer (a base address) and thus which memory allocation, it is pointing to.).

Per claim 20 (dependent on 19):
Durham ‘702 in view of Chhabra ‘781 discloses the elements detailed in the rejection of claim 19 above, incorporated herein by reference.
The limitations of the claim(s) correspond(s) to features of claim 4 and the claim(s) is/are rejected for the reasons detailed with respect to claim 4.

Claim(s) 9 and 22 is/are rejected under 35 U.S.C. 103 as being unpatentable over Durham ‘702 in view of Chhabra ‘781 as applied to claim 1 and 21 above, and further in view of Durham et al., US- 20190042799-A1 (hereinafter “Durham ‘799”).
Per claim 9 (dependent on claim 1):
Durham ‘702 in view of Chhabra ‘781 discloses the elements detailed in the rejection of claim 1 above, incorporated herein by reference.
Durham ‘702 in view of Chhabra ‘781 does not disclose but Durham ‘799 discloses: The processor of Claim 1, wherein the first data encryption factor and the second data encryption factor are included in a data tweak as one of the first inputs for the cryptographic algorithm to decrypt the encrypted first data element (FIG. 2, [0033], The physical address 208 memory location and the identification tag 204 may be combined to form or define an encryption tweak 212 (a data tweak). An encryption tag 214 may be appended to the identification tag 204 (the first data encryption factor) and the physical address 208 (the second data encryption factor) to identify one or more encryption keys through the key table 156 (shown in FIG. 1).; FIG. 3A, [0039], if the identification tag corresponds to the same encryption tweak (e.g. using XTS mode, XEX-based tweaked-codebook mode with ciphertext stealing) originally used to encrypt the data in memory, then the same identification tag will result in the corresponding tweak value (the data tweak) used to properly decrypt the memory contents (encrypted first data element).).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified Durham ‘702 in view of Chhabra ‘781 with the data tweak including the identification tag and the physical address for decryption of data by applying the data tweak to an encryption/decryption algorithm as taught by Durham ‘799 because it would reduce the likelihood of successful side-channel attacks within a central processing unit (CPU) by using multiple factors as the encryption tweak [0016][0039]. Additionally, Durham ‘799 is analogous to the claimed invention because it teaches a memory address translation method based on memory tags that may be used to secure memory address pointers against attack [0033].

Per claim 22 (dependent on 21):
Durham ‘702 in view of Chhabra ‘781 discloses the elements detailed in the rejection of claim 21 above, incorporated herein by reference.
The limitations of the claim(s) correspond(s) to features of claim 9 and the claim(s) is/are rejected for the reasons detailed with respect to claim 9.

Claim(s) 16 is/are rejected under 35 U.S.C. 103 as being unpatentable over Durham ‘702 in view of Chhabra ‘781 as applied to claim 1 above, and further in view of Yearsley et al., US-8675868-B1 (hereinafter “Yearsley ‘868”).
Per claim 16 (dependent on claim 1):
Durham ‘702 in view of Chhabra ‘781 discloses the elements detailed in the rejection of claim 1 above, incorporated herein by reference.
Durham ‘702 in view of Chhabra ‘781 does not disclose but Yearsley ‘868 discloses: The processor of Claim 1, wherein the circuitry is further to: in response to determining that the decrypted first data element is not a valid result of the cryptographic algorithm, block the first data access instruction (FIG. 6, [Col. 6], ll.52 – [Col. 7], ll.18, a first step (step 301), a read address is received where the read address identifies at least a part of a block in a memory … a block of encrypted information is read from the block in the memory … (step 302), the block of encrypted information is decrypted (the decrypted first data element) … includes an address-dependent value (ADV) portion, and a data portion … (step 303), the read address is used to perform a verification check to confirm that the ADV recovered from the block is related to the read address in a predetermined way … If the verification check fails (not a valid result of the cryptographic algorithm), then (step 304) the processor is prevented from executing code from the data portion (block the first data access instruction).).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified Durham ‘702 in view of Chhabra ‘781 with the verification of decrypted information based on the address-dependent value determining whether the data continues to be read in memory as taught by Yearsley ‘868 because it would prevent certain types of security attacks caused by a hacker executing portions of code (instructions and/or data) that have been moved in memory by the hacker [SUMMARY]. Additionally, Yearsley ‘868is analogous to the claimed invention because it teaches a method of reading a block of encrypted information from a memory [FIG. 6].

Allowable Subject Matter
Claim(s) 6-8, 10-13 and 15 is/are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.

Claim(s) 23-25 is/are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims and if amended to traverse the 101 rejections.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SANGSEOK PARK whose telephone number is (571)272-4332. The examiner can normally be reached Monday-Thursday 7:30-5:30 and Alternate Fridays 8:30-5:30.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, PHILIP CHEA can be reached on (571)272-3951. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/SANGSEOK PARK/Examiner, Art Unit 2499                                                                                                                                                                                                        /PHILIP J CHEA/Supervisory Patent Examiner, Art Unit 2499