DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Amendment
Claims 1-9 and 11-17 are pending. Claims 1, 8, 12 and 16-17 are currently amended. Claim 10 is canceled. 
Applicant’s amendments to the claims will overcome each and every claim objection previously set forth I the Non-Final Office Action mailed 04/14/2022. 

Response to Arguments
Applicant's arguments filed 07/14/2022 have been fully considered but they are not persuasive. 
Applicant argues on pages 6-7 “…In contrast to the Moridi and Poiesz combination, in the claimed embodiment, the decrypted data is provided back to the requester. Hence, any operation performed on that data can be kept confidential (if desired).  Accordingly, at least due to the differences addressed above, the combination of Moridi and Poiesz, does not teach or suggest amended claim 1. Amended independent claims 16 and 17 recite similar distinguishing features as claim 1, and are therefore allowable at least for the reasons claim 1 is allowable. The dependent claims are allowable due at least to their dependence from a respective allowable independent claim,” the examiner respectfully disagrees for the following reasons below:
Moridi discloses receiving a request to perform operation on program using encrypted data stored and verifying the program & data using the data access policy [policy]. Once verified the decryption information is obtained and used by the SEE to decrypt the encrypted data and run the program to obtain the resulting data.  The resulting data is returned/accessed based on the residual policy [characteristics](MORIDI, page 4, paragraphs 0029-0031). The response to the request is based on the data access policy and residual policy, therefore, Moridi teaches the argued claim limitation. 

Applicant argues on pages 7-8 “Baker does not rectify the above identified deficiencies of Moridi and Poiesz with respect to amended claim 1. Therefore, amended claim 1 and its dependent claims, including claims 5-9, are allowable over the combination of Moridi, Poiesz and Baker.,” the examiner has shown how independent claim 1 is not allowed and therefore this argument is considered moot.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-4 and 11-17 are rejected under 35 U.S.C. 103 as being unpatentable over MORIDI (US Pub No. 2021/0320947) in view of Poiesz et al. (US Pub No. 2016/0350561).
Regarding independent claim 1, MORIDI teaches a data processing system comprising: receiving circuitry configured to receive, from a requester, a request to 5use decrypted data obtained by decrypting encrypted data (MORIDI, pages 3-4, paragraph 0026; request to perform operation on program using encrypted data stored); trusted execution circuitry configured to provide a trusted execution environment (MORIDI, page 4, paragraph 0028; provide secure execution environment SEE), wherein the trusted execution circuitry is configured to: a policy (MORIDI, page 4, paragraphs 0027-0028); acquire a key within the trusted execution environment, wherein 10the key is associated with the decrypted or encrypted data (MORIDI, page 4, paragraphs 0029-0030; decryption information to decrypt encrypted data); and provide a response to the request based on the policy and one or more characteristics of the requester (MORIDI, page 4, paragraphs 0029-0031), wherein the trusted execution circuitry is further configured to perform decryption on the encrypted data within the trusted execution environment to provide the decrypted data in the response (MORIDI, page 4, paragraphs 0030-0031 and page 6, paragraph 0040).
MORIDI does not explicitly teach securely store a policy. 
Poiesz teaches securely store a policy (Poiesz, page 4, paragraph 0034; TEE store policy). 
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify MORIDI with the teachings of Poiesz to securely store the policy in the trusted execution environment to provide the advantage of improving storage and preventing tampering to the policy (Poiesz, page 4, paragraph 0034).
	Regarding claim 2, MORIDI in view of Poiesz teaches the system comprising: 15storage circuitry configured to store the encrypted data (MORIDI, page 4, paragraph 0033). 
Regarding claim 3, MORIDI in view of Poiesz teaches the system wherein the trusted execution environment is immutable (MORIDI, page 4, paragraph 0028; SEE is persistent).
Regarding claim 4, MORIDI in view of Poiesz teaches each and every claim limitation of claim 1, however, Poiesz teaches the system wherein the policy is stored securely by storing the policy within the trusted execution environment (Poiesz, page 4, paragraph 0034; TEE store policy). 
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify MORIDI with the teachings of Poiesz to securely store the policy in the trusted execution environment to provide the advantage of improving storage and preventing tampering to the policy (Poiesz, page 4, paragraph 0034).
Regarding claim 11, MORIDI in view of Poiesz teaches the system wherein the request identifies a function to be performed on the decrypted data by the trusted execution circuitry to produce a result (MORIDI, pages 3-4, paragraph 0026; request to perform operation on program using encrypted data stored); and the trusted execution circuitry configured to respond to the request by 25providing the result based on the policy and one or more characteristics of the requester (MORIDI, page 4, paragraphs 0029-0030; resulting data).
Regarding claim 12, MORIDI in view of Poiesz teaches the system wherein the trusted execution circuitry configured to respond to the request by 30providing the result without providing the decrypted data based on the policy and the one or more characteristics of the requester (MORIDI, page 4, paragraphs 0031-0032).
Regarding claim 13, MORIDI in view of Poiesz teaches the system wherein the trusted execution circuitry is configured to accept and respond to the request when the one or more characteristics of the requester correspond with one or more required characteristics specified by the policy (MORIDI, page 4, paragraphs 0027-0030 and page 2, paragraphs 0017-0018; policy and access restriction).
Regarding claim 14, MORIDI in view of Poiesz teaches the system wherein the one or more required characteristics comprise that the requester is a further trusted execution environment (MORIDI, page 2, paragraphs 0017-0018; policy and access restriction).
Regarding claim 15, MORIDI in view of Poiesz teaches the system wherein the one or more required characteristics comprise that attestation of the further trusted execution environment has been performed by the trusted execution environment (MORIDI, page 2, paragraphs 0017-0018; policy and access restriction).
Regarding independent claim 16, MORIDI teaches a computer-implemented data processing method comprising: receiving, from a requester, a request to 5use decrypted data obtained by decrypting encrypted data (MORIDI, pages 3-4, paragraph 0026; request to perform operation on program using encrypted data stored); providing a trusted execution environment (MORIDI, page 4, paragraph 0028; provide secure execution environment SEE), wherein the trusted execution environment: a policy (MORIDI, page 4, paragraphs 0027-0028); acquires a key within the trusted execution environment, wherein 10the key is associated with the decrypted or encrypted data (MORIDI, page 4, paragraphs 0029-0030; decryption information to decrypt encrypted data); and provide a response to the request based on the policy and one or more characteristics of the requester (MORIDI, page 4, paragraphs 0029-0031), wherein decryption on the encrypted data within the trusted execution environment to provide the decrypted data in the response (MORIDI, page 4, paragraphs 0030-0031 and page 6, paragraph 0040).

MORIDI does not explicitly teach securely store a policy. 
Poiesz teaches securely store a policy (Poiesz, page 4, paragraph 0034; TEE store policy). 
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify MORIDI with the teachings of Poiesz to securely store the policy in the trusted execution environment to provide the advantage of improving storage and preventing tampering to the policy (Poiesz, page 4, paragraph 0034).
Regarding independent claim 17, MORIDI teaches a data processing system comprising: means for receiving, from a requester, a request to 5use decrypted data obtained by decrypting encrypted data (MORIDI, pages 3-4, paragraph 0026; request to perform operation on program using encrypted data stored); means for providing a trusted execution environment (MORIDI, page 4, paragraph 0028; provide secure execution environment SEE), a policy (MORIDI, page 4, paragraphs 0027-0028); means for acquiring a key within the trusted execution environment, wherein 10the key is associated with the decrypted or encrypted data (MORIDI, page 4, paragraphs 0029-0030; decryption information to decrypt encrypted data); and means for and providing a response to the request based on the policy and one or more characteristics of the requester (MORIDI, page 4, paragraphs 0029-0031), wherein the trusted execution circuitry is further configured to perform decryption on the encrypted data within the trusted execution environment to provide the decrypted data as part of the response (MORIDI, page 4, paragraphs 0030-0031 and page 6, paragraph 0040).
MORIDI does not explicitly teach means for securely store a policy. 
Poiesz teaches means for securely store a policy (Poiesz, page 4, paragraph 0034; TEE store policy). 
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify MORIDI with the teachings of Poiesz to securely store the policy in the trusted execution environment to provide the advantage of improving storage and preventing tampering to the policy (Poiesz, page 4, paragraph 0034).

Claims 5-9 are rejected under 35 U.S.C. 103 as being unpatentable over MORIDI (US Pub No. 2021/0320947) in view of Poiesz et al. (US Pub No. 2016/0350561) as applied to claims 1-4 and 11-17 above, and further in view of Baker et al. (US Patent No. 10,361,868).
Regarding claim 5, MORIDI in view of Poiesz teaches each and every claim limitation of claim 1. 
MORIDI in view of Poiesz does not explicitly teach the system wherein 25the trusted execution circuitry is configured to obtain attestation of the trusted execution environment. 
Baker teaches wherein 25the trusted execution circuitry is configured to obtain attestation of the trusted execution environment (Baker, column 7, lines 13-54; container get approval to debug and/or inspect content). 
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify MORIDI in view of Poiesz with the Baker to get approval before performing debugging to provide the advantage of improving security associated with the secure container and managing customers abusing or access the services (Baker, column 1, lines 14-38).
Regarding claim 6, MORIDI in view of Poiesz and in further view of Baker teaches each and every claim limitation of claim 5, however Baker teaches the system wherein the trusted execution circuitry is configured to obtain the attestation by 30providing a digitally signed checksum or hash that corresponds with the trusted execution environment to a provider of the data (Baker, column 7, lines 13-54). 
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify MORIDI in view of Poiesz with the Baker to get approval before performing debugging to provide the advantage of improving security associated with the secure container and managing customers abusing or access the services (Baker, column 1, lines 14-38).
Regarding claim 7, MORIDI in view of Poiesz and in further view of Baker teaches the system wherein in response to a failure to obtain the attestation of the trusted execution environment, the trusted execution circuitry is configured to perform an error action (MORIDI, page 4, paragraphs 0027 & 0029). 
Regarding claim 8, MORIDI in view of Poiesz and in further view of Baker teaches the system wherein the error action is to inhibit execution of the trusted execution environment (MORIDI, page 4, paragraphs 0027 & 0029). 
Regarding claim 9, MORIDI in view of Poiesz and in further view of Baker teaches each and every claim limitation of claim 6, however Baker teaches the system wherein the checksum or hash corresponds with the trusted execution environment and a challenge received from the provider of the data (Baker, column 7, lines 13-54); and the digitally signed checksum or hash is signed such that an origin of the checksum or hash can be authenticated (Baker, column 7, lines 13-54). 
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify MORIDI in view of Poiesz with the Baker to get approval before performing debugging to provide the advantage of improving security associated with the secure container and managing customers abusing or access the services (Baker, column 1, lines 14-38).


Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHAQUEAL D WADE whose telephone number is (571)270-0357. The examiner can normally be reached M-F 8:00-5:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kristine Kincaid can be reached on 571-272-4063. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




/SHAQUEAL D WADE-WRIGHT/Primary Examiner, Art Unit 2437