DETAILED ACTION
	This Office Action is in response to the Arguments/Remarks filed on 09/14/2022.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Arguments
Applicant's arguments filed 09/14/2022 have been fully considered but they are not persuasive. 
Regarding claim 1, on pages 8-11, Applicant argues that Chhabra does not disclose the limitations:
1) sending information of the computation, the sealed data, and integrity information to the trusted execution environment;
2) confirming the sealed data; and
3) verifying integrity of the computation from the integrity information and the computation information.

In response, Examiner respectfully disagrees and submits that Chhabra discloses a secure execution environment (corresponds to the recited ‘trusted execution environment’)(at least figure 1) that combines the hardware security module (HSM) and the trusted execution environment (TEE) to provide the best security characteristics of both environments (at least column 2, lines 31-34.) The secure execution environment comprises at least trusted execution environment (TEE), hardware security module (HSM), and code measurement service (CMS).  In Chhabra, the process of setting up and initiating an execution of a protected function in the secure execution environment includes: 
Upon receiving an attestation request of the code associated with the protected function, a hash is applied to the code to generate a function code measurement (i.e.: integrity information.) The function code measurement is further signed and associated with a session public key to attest that the code is from TEE having the measurement (at least figure 5, column 6, line 43-column 7, line 10.) At least the association information corresponds to the recited “information of the computation.” The signed function code measurement and the session public key are sent to the HSM for authentication and also to request for authentication credentials (sealed data) from the HSM (at least column 7, lines 4-10.) Upon successful verification of the signed function code measurement and the session public key, the HSM generates and sends the authentication credentials (sealed data) to CMS (at least column 7, lines 23-31.) As such, contrasting to the Applicant’s arguments, Chhabra clearly discloses 1) sending function code measurement (integrity information,) signing and association information (information of the computation,) and authentication credentials (sealed data) to the secure execution environment (trusted execution environment.)
	Once the authentication credentials are received at the CMS, the secure execution environment receives a confirmation that the authentication credentials are received and stored at the CMS (at least column 7, lines 23-31.) In a different light, when a secret stored by the HSM is requested, the authentication credentials are sent to the HSM to be authenticated/confirmed (at least column 7, line 66-column 8, line 9.) Therefore, Chhabra clearly discloses 2) confirming the sealed data. 
	Lastly, to verify the code associated with the protected function, a hash is applied to the code to generate a code measurement (at least column 7, lines 54-60.) The code measurement generated is compared to a stored code measurement (integrity information) (at least column 7, lines 54-60.)  If a match is found, then authentication credentials are unsealed (column 7, lines 54-65.) The authentication credentials are then sent to the HSM for authentication (column 7, line 66-column 8, line 9.)  Successful authentication of the authentication credentials implies that the session public key (computation information) associated with the code measurement corresponds to the session private key used by the HSM in generating the authentication credentials. Upon successful authentication of the authentication credentials, secret/key stored at the HSM is obtained, and used by the code to execute the protected function. As such, contrasting to the Applicant’s arguments Chhabra clearly discloses 3) the code (computation) is verified from code measurement (integrity information) and the computation information (association with a session public key.)
	For the above reasons, Applicant’s arguments are not persuasive, and thus, the rejections are maintained.

Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


Claims 1, 4-13, 15-18 and 20 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Chhabra (US Patent 10,601,590 B1-hereinafter Chhabra.)
Regarding claim 1, Chhabra discloses a method for provisioning a computation into a trusted execution environment, comprising: 
verifying the trusted execution environment (at least figure 4, column 6, lines 37-42, at least the hardware security module (HSM), code measurement service (CMS) and protected function are collectively interpreted as corresponding to the recited ‘trusted execution environment’, wherein the protected function’s identity is proven/verified); 
generating integrity information of the computation (at least column 3, lines 37-46, a cryptographic hash of all running codes of protected function is generated); 
generating sealed data (at least column 7, lines 4-5, 11-13, session keys & authentication credential are collectively interpreted as the recited ‘sealed data’); 
sending information of the computation, the sealed data, and integrity information to the trusted execution environment (at least column 3, lines 43-45; column 6, lines 43-57; column 7, lines 5-10, 20-31, 48-60, running code, authentication credential, session key, and stored code measurement are sent to HSM/TEE); 
confirming the sealed data (at least column 7, line 66-column 8, line 9, authentication credential is verified/confirmed); and 
verifying integrity of the computation from the integrity information and the computation information (at least column 7, lines 56-65, integrity of the running code is verified from code measurement generated and the stored code measurement.)

Regarding claim 4, Chhabra discloses the method according to claim 1. Chhabra also discloses the verifying of the trusted execution environment incudes verifying identity of protected function (at least column 2, line 62-column 3, line 1; column 6, lines 37-42, identity of virtual machine, trusted platform module, or trusted hypervisor is verified.) 

Regarding claim 5, Chhabra discloses the method of claim 1. Chhabra also discloses the trusted execution environment verifies the integrity of the computation (at least column 7, lines 56-65, code measurement generated is compared to stored code measurement.)

Regarding claim 6, Chhabra discloses the method according to claim 1. Chhabra also discloses the sealed data is inserted into the computation dynamically (at least column 3, lines 46-52; column 6, line 58-column 7, line 1, session key is inserted into the code measurement.)

Regarding claim 7, Chhabra discloses the method according to claim 1. Chhabra also discloses the sealed data restricts the computation to a particular trusted execution environment (at least column 6, line 58-column 7, line 1, binding code measurement with session key.)

Regarding claim 8, Chhabra discloses the method according to claim 1.  Chhabra also disclose the computation includes additional secrets (at least column 2, lines 62-65; column 8, lines 10-14, custom codes.)

Regarding claim 9, Chhabra discloses the method according to claim 1. Chhabra also discloses the trusted execution environment is in a local infrastructure or a cloud infrastructure (at least column 5, lines 7-16, TEE may be located in a local computing environment.)

Regarding claim 10, Chhabra discloses the method according to claim 1. Chhabra also discloses the computation does not execute unless the authorization and integrity information are verified (at least column 7, line 46-column 8, line 9, if authorization and integrity information are not verified, secret key used to execute protected function will not be retrieved/received.)

Regarding claim 11, Chhabra discloses the method according to claim 9. Chhabra also discloses the authorization and integrity information is verified by a requestor (at least figure 5, column 7, line 32-column 8, line 9, HSM/CMS.)

Regarding claim 12, Chhabra discloses the method according to claim 1. Chhabra also discloses the computation executes in the trusted execution environment (at least column 8, lines 10-17, protected function is executed in the TEE.)

Claim 13 is rejected for the same rationale as claim 1. 
Claim 15 is rejected for the same rationale as claims 5 & 6 above. 
Claim 16 is rejected for the same rationale as claims 8 & 9 above. 
Claim 17 is rejected for the same rationale as claims 10-12 above. 
Claim 18 is rejected for the same rationale as claims 1 & 13 above. 
Claim 20 is rejected for the same rationale as claims 7-12 above.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 2-3, 14 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Chhabra.
Regarding claim 2, Chhabra discloses the method according to claim 1.
Chhabra does not explicitly disclose the sealed data are not generated unless the trusted execution environment is verified.
However, it is obvious if not inherent that the sealed data are not generated unless the trusted execution environment is verified, because Chhabra discloses the authentication credential (sealed data) is generated using a private key of a generated session key-pair (at least column 7, lines 11-17,) and the generated session key-pair is not generated until after the protected function’s (trusted execution environment) 
Identity has been proven (at least column 6, figure 4, lines37-49.)  In other word, if the protected function’s identity is not proven, then the session key-pair would not be generated. As such, it would not be possible to generate the authentication credential.

Regarding claim 3, Chhabra discloses the method according to claim 1. Chhabra does not explicitly disclose at least a part of the computation is encrypted.
However, Chhabra discloses generating a session key-pair, and allowing two parties to use the session key-pair to establish a shared secret.  Then the shared secret is used as key or to derive another key, which is used to encrypt subsequent communications using a symmetric-key cipher (at least 57-67.) As such, it would have been obvious to one of ordinary skill in the art before the effective filing date of claimed invention to use this key to encrypt the computation to enhance the security level of the method.

Claim 14 is rejected for the same rationale as claims 2 & 3 above.
Claim 19 is rejected for the same rationale as claims 2-6 above.

Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to PHY ANH TRAN VU whose telephone number is (571)270-7317. The examiner can normally be reached Monday-Friday 7 am-1 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Taghi T Arani can be reached on (571) 272-3787. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/PHY ANH T VU/Primary Examiner, Art Unit 2438