DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim 1 has been cancelled.
Claims 2-21 have been examined.

Priority
Acknowledgement is made of the applicant’s claim to priority as a continuation of parent application 15/594122, now, U.S Patent No. 10970401.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 04/05/2021 is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Claims 2-8 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-7 of U.S. Patent No. 10970401. Although the claims at issue are not identical, they are not patentably distinct from each other because: 
Instant application
U.S. Patent No. 10970401
2. (New) A data processing system with a trusted execution environment, the data processing system comprising: 

















a secure module configured to couple to a host processor and a resource via a system bus, the secure module configured to respond to commands posted by the host processor in a secure mode and a non-secure mode, 







the secure module comprising: an internal memory to store a plurality of cryptographic keys identified by the commands and to store a respective rule corresponding to each of the plurality of cryptographic keys, the respective rule defining permissions as to a public address space associated with a non-secure area of the resource and a secure address space associated with a secure area of the resource; 
a memory access circuit configured to, for a respective command, read data from the resource using a source address identified by the respective command and write processed data to the resource using a destination address identified by the respective command; and 
a cryptography engine configured to, for a given command, process the read data using a respective cryptographic key identified by the respective command.














3. (New) The data processing system of claim 2, further comprising cross-domain rules associated with respective ones of the commands posted by the host processor in the non-secure mode, the cross-domain rules allowing for reading data from one of the public address space or the secure address space and writing resulting data to another one of the public address space or the secure address space.

4. (New) The data processing system of claim 3, wherein a cross-domain rule of the cross- domain rules allows for reading the data from the public address space and writing the resulting data to the secure address space in response to receiving a decryption command.

5. (New) The data processing system of claim 3, wherein a cross-domain rule of the cross- domain rules allows for reading the data from the secure address space and writing the resulting data to the public address space in response to receiving an encryption command.

6. (New) The data processing system of claim 2, wherein the respective rule corresponding to each of the plurality of cryptographic keys constrains access to the public address space when the host processor is in the non-secure mode.

7. (New) The data processing system of claim 2, wherein the respective rule includes a flag identifying one of the secure address space or the public address space where source data is located, and wherein the respective rule constrains read access to the one of the secure address space or the public address space identified by the flag.

8. (New) The data processing system of claim 2, wherein the resource is part of a plurality of resources comprising a system memory and a secure peripheral.
1. A data processing system with a trusted execution environment, the data processing system comprising: a host processor configured to operate in a secure mode associated with the trusted execution environment and a non-secure mode; a system bus operationally coupled with the host processor; a resource connected to the system bus, wherein the resource is partitioned into a secure area and a non-secure area, wherein the secure area is accessible using a first set of addresses within a secure address space of the secure area, and wherein the non-secure area is accessible by the host processor operating in the secure mode and the non-secure mode using a second set of addresses within a public address space of the non-secure area; and 
a secure module connected to the system bus, the secure module being configured to respond to tokens posted by the host processor in the secure mode, wherein a given token of the tokens identifies: a respective secure asset of a plurality of secure assets; respective source addresses within the secure address space of the secure area of the resource; and respective destination addresses within the public address space of the non-secure area of the resource, 
the secure module including: an internal memory storing the plurality of secure assets identifiable by the tokens; 








a memory access circuit configured to, for the given token, read data from the resource connected to the system bus using the respective source addresses and write processed data to the resource connected to the system bus using the respective destination addresses; and 

a cryptography engine configured to, for a given token, process the read data using the respective secure asset, the secure module being further configured to respond to tokens posted by the host processor in the non-secure mode, the internal memory of the secure module storing a respective rule with each secure asset of the plurality of secure assets, the respective rule defining permissions as to the public address space and the secure address space where the memory access circuit is authorized to read data and write data, and the secure module ignores tokens that do not satisfy the permissions defined in the respective rule.

2. The data processing system of claim 1, further comprising cross-domain rules for tokens posted by the host processor in the non-secure mode, the cross-domain rules allowing for reading data from one of the public address space or the secure address space and writing resulting data to an other of the public address space or the secure address space.


3. The data processing system of claim 2, wherein a cross-domain rule of the cross-domain rules allows for reading the data from the public address space and writing the resulting data to the secure address space in response to a decryption token.

4. The data processing system of claim 2, wherein a cross-domain rule of the cross-domain rules allows for reading the data from the secure address space and writing the resulting data to the public address space in response to an encryption token.


5. The data processing system of claim 1, wherein all rules for the plurality of secure assets, in the non-secure mode, constrain access to the public address space.


6. The data processing system of claim 1, wherein the respective rule includes a flag identifying one of the secure address space or the public address space, indicating where source data is located, and the respective rule constrains read access to the one of the secure address space or the public address space identified by the flag.

7. The data processing system of claim 1, wherein the resource is part of a plurality of resources that comprise a system memory area and a secure peripheral.


Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure: 
US 20090259857 to Gehrmann: A mobile UE includes a CPU, a secure DMA module, a secure cryptographic module, secure memory, and non-secure memory. The secure cryptographic module and secure memory allow access only by secure processes, including the secure DMA module. The CPU manages cryptographic keys and initializes DMA transfers in secure mode. The CPU executes the DMA transfers in non-secure mode. A first DMA transfer moves data encrypted in a first security domain to the secure cryptographic module, and moves clear text data to the secure memory. A second DMA transfer moves the clear text data to the secure cryptographic module, and data encrypted in a second security domain out of the secure cryptographic module. The data encrypted in the second security domain are transmitted to an external device. The secure memory protects the clear text data from being copied; only encrypted data is accessible by non-secure processes.
US 20060242066 to Jogand-Coulomb: In some mobile storage devices, content protection is afforded by dividing the memory into separate areas where access to protected areas requires prior authentication. While such feature does provide some protection, it does not protect against a user who obtained a password by illicit means. Thus, another aspect of the invention is based on the recognition that a mechanism or structure may be provided to divide a memory into partitions and so that at least some data in the partitions can be encrypted with a key, so that in addition to authentication that is required for accessing some of the partitions, access to one or more keys may be required to decrypt the encrypted data in such partitions. In some applications, it may be more convenient to the user to be able to log in the memory system using one application, and then be able to use different applications to access protected content without having to log in again. In such event, all of the content that the user wishes to access in this manner may be associated with a first account, so that all such content can be accessed via different applications (e.g. music player, email, cellular communication etc.) without having to log in multiple times. Then a different set of authentication information may then be used for logging in to access protected content that is in an account different from the first account, even where the different accounts are for the same user or entity.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to MADHURI R HERZOG whose telephone number is (571)270-3359. The examiner can normally be reached 8:30AM-5:00PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Taghi Arani can be reached on (571)272-3787. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

MADHURI R. HERZOG
Primary Examiner
Art Unit 2438



/MADHURI R HERZOG/Primary Examiner, Art Unit 2438