DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application is being examined under the pre-AIA  first to invent provisions. 
2.	This Office Action is the first on the merit of the instant application filled on September 01, 2021, in which claims 1-20 are presented for examination.

Status of Claims
3.	Claims 1-20 is pending. Claims 1, 10, and 19 are in independent forms.  
Drawings
4.	The drawings filed on September 01, 2021 are accepted by the examiner. 
Double Patenting
5.	A rejection based on double patenting of the “same invention” type finds its support in the language of 35 U.S.C. 101 which states that “whoever invents or discovers any new and useful process... may obtain a patent therefor...” (Emphasis added). Thus, the term “same invention,” in this context, means an invention drawn to identical subject matter. See Miller v. Eagle Mfg. Co., 151 U.S. 186 (1894); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Ockert, 245 F.2d 467, 114 USPQ 330 (CCPA 1957).
A statutory type (35 U.S.C. 101) double patenting rejection can be overcome by canceling or amending the claims that are directed to the same invention so they are no longer coextensive in scope. The filing of a terminal disclaimer cannot overcome a double patenting rejection based upon 35 U.S.C. 101.

6.	Claims 1-20 are rejected based on statuary type double patenting of the “same invention” type claims 1-20 of U.S. Patent 11,138,320 B2. The subject matter claimed in the instant application is fully disclosed in the referenced U.S. Patent, as follows in Table below.
Instant Application 17/464,163
U.S. Patent 11,138,320 B2
1. A processing device comprising: a key ownership table (KOT) that is protected against software access; and a processing core that is to execute a trust domain resource manager (TDRM), wherein the TDRM is to: create a trust domain (TD) and a randomly-generated encryption key corresponding to the TD, the randomly-generated encryption key identified by a guest key identifier (GKID) and protected against software access from at least one of the TDRM, a virtual machine manager (VMM), or other TDs; reference the KOT to obtain at least one unassigned host key identifier (HKID) corresponding to the randomly-generated encryption key, the HKID utilized to encrypt a TD memory; assign the HKID to the TD by marking the HKID in the KOT as assigned; and configure the randomly-generated encryption key on the processing device by associating the randomly-generated encryption key with the HKID, wherein the assigned HKID and the configured randomly-generated encryption key allow the TD memory to be accessible by the TD.  

2. The processing device of claim 1, wherein responsive to determining that a number of unassigned HKIDs in the KOT are below a threshold, the TDRM is to: reclaim the HKID from the TD by marking the HKID in the KOT as reclaimed; responsive to reclaiming the HKID, clear a memory cache on the processing device to delete data encrypted with the HKID from the memory cache; and mark the HKID as unassigned in the KOT.  

3. The processing device of claim 2, wherein the TDRM to reclaim the HKID from the TD further comprises the TDRM to decouple the HKID from the TD.  

4. The processing device of claim 2, wherein responsive to reclaiming the HKID from the TD, the TDRM is to revive the TD by: assigning an unassigned HKID from the KOT to the TD; and configuring the randomly-generated encryption key on the processing device by associating the randomly-generated encryption key with the assigned HKID, wherein the assigned HKID and the configured randomly-generated encryption key allow the TD memory to be accessible by the TD.  

5. The processing device of claim 1, wherein responsive to marking the HKID in the KOT as assigned, the TDRM is to remove the HKID from the list of HKIDs assignable by the TDRM to other TDs.  

6. The processing device of claim 1, wherein the randomly-generated encryption key comprises an ephemeral random encryption key generated by the TD to be used exclusively by the TD.  

7. The processing device of claim 1, wherein configuring the randomly-generated encryption key on the processing device further comprises encrypting the TD memory by an encryption engine using the randomly-generated encryption key.  

8. The processing device of claim 1, wherein the unassigned HKID comprises a host key ID designated for TD private memory encryption keys.  

9. The processing device of claim 1, wherein the assigned HKID is stored in an access- controlled TD control structure (TDCS).  

10. A method comprising: creating, by a trust domain resource manager (TDRM) executing on a processing device to manage a trust domain (TD), a TD and a randomly-generated encryption key corresponding to the TD, the randomly-generated encryption key identified by a guest Atty. Docket. No. 42AB3247-US-C153key identifier (GKID) and protected against software access from at least one of the TDRM, a virtual machine manager (VMM), or other TDs; referencing, by the TDRM, a key ownership table (KOT) that is protected against software access to obtain at least one unassigned host key identifier (HKID) corresponding to the randomly-generated encryption key, the HKID utilized to encrypt a TD memory, wherein the KOT is stored on the processing device; assigning the HKID to the TD by marking the HKID in the KOT as assigned; and configuring the randomly-generated encryption key on the processing device by associating the randomly-generated encryption key with the HKID, wherein the assigned HKID and the configured randomly-generated encryption key allow the TD memory to be accessible by the TD.  
11. The method of claim 10, wherein responsive to determining that a number of unassigned HKIDs in the KOT are below a threshold, further comprising: reclaiming, by the TDRM, the HKID from the TD by marking the HKID in the KOT as reclaimed; responsive to reclaiming the HKID, clearing a memory cache on the processing device to delete data encrypted with the HKID from the memory cache; and marking the HKID as unassigned in the KOT.  

12. The method of claim 11, wherein reclaiming the HKID from the TD further comprises decoupling the HKID from the TD.  

13. The method of claim 11, wherein responsive to reclaiming the HKID from the TD, further comprising: reviving, by the TDRM, the TD by: assigning an unassigned HKID from the KOT to the TD; and configuring the randomly-generated encryption key on the processing device by associating the randomly-generated encryption key with the assigned HKID, wherein the Atty. Docket. No. 42AB3247-US-C154assigned HKID and the configured randomly-generated encryption key allow the TD memory to be accessible by the TD.  

14. The method of claim 10, wherein responsive to marking the HKID in the KOT as assigned, further comprising: removing, by the TDRM, the HKID from the list of HKIDs assignable by the TDRM to other TDs.  

15. The method of claim 10, wherein the randomly-generated encryption key comprises an ephemeral random encryption key generated by the TD to be used exclusively by the TD.  

16. The method of claim 10, wherein configuring the randomly-generated encryption key on the processing device further comprises encrypting the TD memory by an encryption engine using the randomly-generated encryption key.  

17. The method of claim 10, wherein the unassigned HKID comprises a host key ID designated for TD private memory encryption keys.  

18. The method of claim 10, wherein the assigned HKID is stored in an access-controlled TD control structure (TDCS).  

19. A system comprising: a memory device to store instructions; and a processing device operably coupled to the memory device, the processing device comprising: a key ownership table (KOT) that is protected against software access; and a processing core that is to execute a trust domain resource manager (TDRM), wherein the TDRM is to: create a trust domain (TD) and a randomly-generated encryption key corresponding to the TD, the randomly-generated encryption key identified by a Atty. Docket. No. 42AB3247-US-C155guest key identifier (GKID) and protected against software access from at least one of the TDRM, a virtual machine manager (VMM), or other TDs; reference the KOT to obtain at least one unassigned host key identifier (HKID) corresponding to the randomly-generated encryption key, the HKID utilized to encrypt a TD memory; assign the HKID to the TD by marking the HKID in the KOT as assigned; and configure the randomly-generated encryption key on the processing device by associating the randomly-generated encryption key with the HKID, wherein the assigned HKID and the configured randomly-generated encryption key allow the TD memory to be accessible by the TD.  

20. The system of claim 19, wherein responsive to reclaiming the HKID from the TD, the TDRM is to revive the TD by: assigning an unassigned HKID from the KOT to the TD; and configuring the randomly-generated encryption key on the processing device by associating the randomly-generated encryption key with the assigned HKID, wherein the assigned HKID and the configured randomly-generated encryption key allow the TD memory to be accessible by the TD.

1. A processing device comprising: a key ownership table (KOT) that is protected against software access; and a processing core that is to execute a trust domain resource manager (TDRM), wherein the TDRM is to: create a trust domain (TD) and a randomly-generated encryption key corresponding to the TD, the randomly-generated encryption key identified by a guest key identifier (GKID) and protected against software access from at least one of the TDRM, a virtual machine manager (VMM), or other TDs; reference the KOT to obtain at least one unassigned host key identifier (HKID) corresponding to the randomly-generated encryption key, the HKID utilized to encrypt a TD memory; assign the HKID to the TD by marking the HKID in the KOT as assigned; and configure the randomly-generated encryption key on the processing device by associating the randomly-generated encryption key with the HKID, wherein the assigned HKID and the configured randomly-generated encryption key allow the TD memory to be accessible by the TD.  

2. The processing device of claim 1, wherein responsive to determining that a number of unassigned HKIDs in the KOT are below a threshold, the TDRM is to: reclaim the HKID from the TD by marking the HKID in the KOT as reclaimed;  Client Ref. No. AB3247-US51 Atty. Ref.: 27517.1135 (L1135)responsive to reclaiming the HKID, clear a memory cache on the processing device to delete data encrypted with the HKID from the memory cache; and mark the HKID as unassigned in the KOT.  

3. The processing device of claim 2, wherein the TDRM to reclaim the HKID from the TD further comprises the TDRM to decouple the HKID from the TD.  

4. The processing device of claim 2, wherein responsive to reclaiming the HKID from the TD, the TDRM is to revive the TD by: assigning an unassigned HKID from the KOT to the TD; and configuring the randomly-generated encryption key on the processing device by associating the randomly-generated encryption key with the assigned HKID, wherein the assigned HKID and the configured randomly-generated encryption key allow the TD memory to be accessible by the TD.  

5. The processing device of claim 1, wherein responsive to marking the HKID in the KOT as assigned, the TDRM is to remove the HKID from the list of HKIDs assignable by the TDRM to other TDs.  

6. The processing device of claim 1, wherein the randomly-generated encryption key comprises an ephemeral random encryption key generated by the TD to be used exclusively by the TD.  

7. The processing device of claim 1, wherein configuring the randomly-generated encryption key on the processing device further comprises encrypting the TD memory by an encryption engine using the randomly-generated encryption key.  

8. The processing device of claim 1, wherein the unassigned HKID comprises a host key ID designated for TD private memory encryption keys.  

9. The processing device of claim 1, wherein the assigned HKID is stored in an access- controlled TD control structure (TDCS).  

10. A method comprising: creating, by a trust domain resource manager (TDRM) executing on a processing device to manage a trust domain (TD), a TD and a randomly-generated encryption key corresponding to the TD, the randomly-generated encryption key identified by a guest key identifier (GKID) and protected against software access from at least one of the TDRM, a virtual machine manager (VMM), or other TDs; referencing, by the TDRM, a key ownership table (KOT) that is protected against software access to obtain at least one unassigned host key identifier (HKID) corresponding to the randomly-generated encryption key, the HKID utilized to encrypt a TD memory, wherein the KOT is stored on the processing device; assigning the HKID to the TD by marking the HKID in the KOT as assigned; and configuring the randomly-generated encryption key on the processing device by associating the randomly-generated encryption key with the HKID, wherein the assigned Client Ref. No. AB3247-US53 Atty. Ref.: 27517.1135 (L1135)HKID and the configured randomly-generated encryption key allow the TD memory to be accessible by the TD.  
11. The method of claim 10, wherein responsive to determining that a number of unassigned HKIDs in the KOT are below a threshold, further comprising: reclaiming, by the TDRM, the HKID from the TD by marking the HKID in the KOT as reclaimed; responsive to reclaiming the HKID, clearing a memory cache on the processing device to delete data encrypted with the HKID from the memory cache; and marking the HKID as unassigned in the KOT.  

12. The method of claim 11, wherein reclaiming the HKID from the TD further comprises decoupling the HKID from the TD.  

13. The method of claim 11, wherein responsive to reclaiming the HKID from the TD, further comprising: reviving, by the TDRM, the TD by: assigning an unassigned HKID from the KOT to the TD; and configuring the randomly-generated encryption key on the processing device by associating the randomly-generated encryption key with the assigned HKID, wherein the assigned HKID and the configured randomly-generated encryption key allow the TD memory to be accessible by the TD.  

14. The method of claim 10, wherein responsive to marking the HKID in the KOT as assigned, further comprising: removing, by the TDRM, the HKID from the list of HKIDs assignable by the TDRM to other TDs.  

15. The method of claim 10, wherein the randomly-generated encryption key comprises an ephemeral random encryption key generated by the TD to be used exclusively by the TD.  

16. The method of claim 10, wherein configuring the randomly-generated encryption key on the processing device further comprises encrypting the TD memory by an encryption engine using the randomly-generated encryption key.  

17. The method of claim 10, wherein the unassigned HKID comprises a host key ID designated for TD private memory encryption keys.  

18. The method of claim 10, wherein the assigned HKID is stored in an access-controlled TD control structure (TDCS).  

19. A system comprising: a memory device to store instructions; and a processing device operably coupled to the memory device, the processing device comprising: a key ownership table (KOT) that is protected against software access; and  Client Ref. No. AB3247-US55 Atty. Ref.: 27517.1135 (L1135)a processing core that is to execute a trust domain resource manager (TDRM), wherein the TDRM is to: create a trust domain (TD) and a randomly-generated encryption key corresponding to the TD, the randomly-generated encryption key identified by a guest key identifier (GKID) and protected against software access from at least one of the TDRM, a virtual machine manager (VMM), or other TDs; reference the KOT to obtain at least one unassigned host key identifier (HKID) corresponding to the randomly-generated encryption key, the HKID utilized to encrypt a TD memory; assign the HKID to the TD by marking the HKID in the KOT as assigned; and configure the randomly-generated encryption key on the processing device by associating the randomly-generated encryption key with the HKID, wherein the assigned HKID and the configured randomly-generated encryption key allow the TD memory to be accessible by the TD.  

20. The system of claim 19, wherein responsive to reclaiming the HKID from the TD, the TDRM is to revive the TD by: assigning an unassigned HKID from the KOT to the TD; and configuring the randomly-generated encryption key on the processing device by associating the randomly-generated encryption key with the assigned HKID, wherein the assigned HKID and the configured randomly-generated encryption key allow the TD memory to be accessible by the TD.




7.	This is a statutory type double patenting rejection because the conflicting claims are the "same invention". 

8.	The pertinent prior art made of record but not relied upon in the rejections:
	A.	US 20180247082 A1
	B.	US 20170132158 A1
	C.	US 6754820 B1
	d. 	US 20170244557



Conclusion
11.	Any inquiry concerning this communication or earlier communications from the examiner should be directed to SAMUEL AMBAYE whose telephone number is (571)270-7635. The examiner can normally be reached M-F 9:00 AM - 6:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey Pwu can be reached on (571) 272-6798. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/SAMUEL AMBAYE/Examiner, Art Unit 2433         

/JEFFREY C PWU/Supervisory Patent Examiner, Art Unit 2433