DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Information Disclosure Statement
The information disclosure statements (IDS) submitted on 2 December 2020 and 16 December 2020 have been considered by the examiner. The examiner further considered the non-patent literature submitted on 2 December 2020, although it was not included in the IDS submitted with it.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-4 and 7-10 are rejected under 35 U.S.C. 103 as being unpatentable over Murray, USPN 2016/0277373, in view of Yearsley et al., USPN 5,386,469.
With regard to claims 1 and 8-10, Murray discloses a method for executing a computer program with an electronic apparatus including a microprocessor (0047), an unencrypted memory (0056, 0059), an encrypted memory (0059) and a hardware security module, wherein, during the execution of the computer program, the transfer of data between the unencrypted memory and the encrypted memory is carried out in entire blocks of a plurality of encrypted and authenticated data (0127, 0061, 0062, Fig. 2A), each datum being composed of one or more blocks of N bytes, where N, is equal to the lowest number of bytes that can be written, independently of the other bytes of the datum, by the microprocessor when it executes a write instruction of its instruction set architecture (inherently how computer data is defined), the method including a) during the transfer of a block of cleartext data from the unencrypted memory to the encrypted memory (0061), converting the block of cleartext data into a block of encrypted and authenticated data (0127), the conversion including encrypting the block of cleartext data to obtain a cryptogram of the block of cleartext data (ciphertext block, 0127), the cryptogram being able to be decrypted solely in its entirety and not datum by datum (0146), computing an authentication code using the data of the block of cleartext data or using the cryptogram of the block of cleartext data (authentication tag, 0127), and grouping, in the same block, the obtained cryptogram, the computed authentication code and metadata to obtain the block of encrypted and authenticated data (0127, 0021), then storing the obtained block of encrypted and authenticated data in the encrypted memory (Fig. 2A and 2B), 4Docket No. 533928US Preliminary Amendment b) during the transfer of a block of encrypted and authenticated data from the encrypted memory to the unencrypted memory verifying the integrity of the block of cleartext data or of the cryptogram of the block of cleartext data using the authentication code contained in the block of encrypted and authenticated data (0146), when the verification fails, inhibiting processing, by the microprocessor, of the data of the block of data (“If the integrity check fails, an error is returned”, 0146), and when the verification succeeds decrypting the cryptogram contained in the block of encrypted and authenticated data to obtain the block of cleartext data (0146), wherein the method includes incorporating, into the metadata of each block of data and for each block of N bytes of each datum of the block of data, a validity indicator associated with the block of N bytes (ACL, 0133), the validity indicator being switchable between an active state (granting user privileges), in which said validity indicator indicates that the block of bytes is valid (for read and write for example, 0133), and an inactive state, in which said validity indicator indicates that the block of bytes is invalid  (for read and write for example, 0133), Murray does not disclose the validity bits as claimed for allowing access to unencrypted blocks while restricting access to encrypted blocks. Further Murray does not disclose storing an obtained block of cleartext data in the unencrypted memory and storing the metadata of the block of encrypted and authenticated data in a register that is not addressable by the microprocessor. Yearsley discloses a method of encrypting blocks of data (column 4 lines 20-66) similar to that of Murray, and further discloses a register that includes enable bits (column 3 line 20) that indicate whether blocks of data are available for use, or if they are inactive (column 3 lines 21-31). It would have been obvious for one of ordinary skill in the art, prior to the instant effective filing date, to use the separate memories of Yearsley to protect the encrypted blocks of Murray and the and enable bit of Yearsley to provide availability of data in the method of Murray for the motivation of improved data security.
With regard to claim 2, Murray in view of Yearsley discloses the method of claim 1, as outlined above, and Murray further discloses the authentication code is computed using validity indicators associated with each group of N bytes of each datum of the block of cleartext data (0128). The motivation to combine remains the same as outlined above.
With regard to claim 3, Murray in view of Yearsley discloses the method of claim 1, as outlined above, and Murray further discloses the cleartext data are encrypted using a cryptographic key and an initialization vector (0114), the cryptographic key used being the same on each transfer of a block of cleartext data from the unencrypted memory to the encrypted memory and the initialization vector being modified on each transfer of a block of cleartext data from the unencrypted memory to the encrypted memory (0114), and the initialization vector used to obtain the cryptogram of the block of data is incorporated into the metadata of the block of encrypted and authenticated data (0132), and during the decryption of the data, the hardware security module extracts from the metadata of the block of encrypted and authenticated data, the initialization vector to be used to carry out the decryption (0130-0139). The motivation to combine remains the same as outlined above.
With regard to claim 4, Murray in view of Yearsley discloses the method of claim 1, as outlined above, but neither reference mentions address size or location. The examiner takes official notice that it is well known in the art to store data at an address where there is sufficient memory available. It would have been obvious for one of ordinary skill in the art, prior to the instant effective filing date, to store data at an address with sufficient space in the method of Murray in view of Yearsley for the motivation of improved data and drive management.
With regard to claim 7, Murray in view of Yearsley discloses the method of claim 1, as outlined above, but neither reference mentions virgin blocks of data. The examiner takes official notice that it is well known in the art to store empty bytes of data at an address where there is no data stored to overwrite any protected data. It would have been obvious for one of ordinary skill in the art, prior to the instant effective filing date, to store empty data at an address where unencrypted data was stored when authorization is not given in the method of Murray in view of Yearsley for the motivation of improved data protection.
Allowable Subject Matter
Claims 5 and 6 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
The following is a statement of reasons for the indication of allowable subject matter: 
With regard to claim 4, Murray in view of Yearsley discloses the method of claim 1, as outlined above, but neither reference mentions the detailed limitations claimed in claim 5. It would not have been obvious for one of ordinary skill in the art, prior to the instant effective filing date, to add these limitations to the method of Murray in view of Yearsley without the benefit of hindsight.
References Cited
Case et al., USPN 2016/0364343, discloses a method of controlling data stored between unencrypted and encrypted memory areas (Fig. 2), and address control (0016), but was not seen as disclosing implementing authentication and metadata in the claimed manner.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JACOB LIPMAN whose telephone number is (571)272-3837. The examiner can normally be reached 5:30AM-6:00PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kambiz Zand can be reached on 571-272-3811. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/JACOB LIPMAN/Primary Examiner, Art Unit 2434