Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
This Office Action is in response to the Amendment filed on 08/23/2022.
Claims 1-10 and 13-22 have been examined and are pending. This Action is made Non-FINAL.
Election/Restrictions
Applicant elects, Group 1, comprising claims 1-10 and 13-22, for prosecution of this patent application in the reply filed on 08/23/2022 is acknowledged.
Examiner’s interview
On 11/23/2022, DANIEL KLIGLER (Reg. No. 41,120) called and confirmed that Applicant elects, without traverse, Group-1, comprising claims 1-10 and 17-22.
Priority
This application claims priority from Greek Patent Application number 20200100752 filed Dec 28, 2020. 
Information Disclosure Statement
The information disclosure statement (IDS), submitted on 07/08/2021, is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C.
102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1-4 and 13-16 are rejected under 35 U.S.C. 103 as being unpatentable over Ko (US 2022/0006627) and in view of Tanizawa (US 9,356,780).
Regarding claim 1, Ko discloses a secure computing system, comprising: 
a key generation sub-system configured to generate cryptographic keys and corresponding key labels for distribution to computer clusters, each computer cluster including a plurality of respective endpoints (Ko abstract, par.0020 and 0023. Ko teaches that the QKD node apparatus may include a QKD module for generating quantum keys and quantum key IDs, a quantum key synchronization management module for storing the quantum keys and the quantum key IDs as outbound and inbound quantum keys in a distributed manner and sharing the outbound and inbound quantum keys with a second QKD node apparatus. A group key and the IDs of multiple secure applications and when the ID of the secure application connected with the QKD node apparatus is included in the IDs of the multiple secure applications, the quantum key orchestration module may store the group key and a group key ID and delete path information pertaining to the QKD node apparatus and the ID of the secure application connected with the QKD node apparatus from the packet. See also par. 0018); 
a plurality of quantum key distribution (QKD) devices connected via respective optical fiber connections, and configured to securely distribute the generated cryptographic keys among the computer clusters (Ko par.0020, 0023 and 0057. Ko teaches that the QKD node apparatus may include a QKD module for generating quantum keys and quantum key IDs, a quantum key synchronization management module for storing the quantum keys and the quantum key IDs as outbound and inbound quantum keys in a distributed manner and sharing the outbound and inbound quantum keys with a second QKD node apparatus. A group key and the IDs of multiple secure applications and when the ID of the secure application connected with the QKD node apparatus is included in the IDs of the multiple secure applications, the quantum key orchestration module may store the group key and a group key ID and delete path information pertaining to the QKD node apparatus and the ID of the secure application connected with the QKD node apparatus from the packet. the quantum channel generally uses a dedicated optic fiber channel. The QKD entity includes a transmission device for transmitting a photon in which a quantum state is encoded and a reception device for receiving a photon and measuring a quantum state, and a pair comprising a transmission device and a reception device is connected in a P2P manner. See also par. 0083); and 
a key orchestration sub-system (Ko par. 0083) configured to: 
manage caching of the cryptographic keys in advance of receiving key requests from applications running on ones of the endpoints (Ko par. 0102 and 0106. Ko teaches that the input quantum key buffers and store the quantum keys and quantum key IDs delivered from the respective QKD modules. The quantum key synchronization management module 120a, which serves as a sender, reads the quantum key and quantum key ID from the input quantum key buffer 121a and stores the same in the outbound quantum key buffer 125a and the inbound quantum key buffer 127a such that they are neither empty nor overflowing. See also par. 0012, 0101 and 0103); and 
Ko teaches, transmit and receive the encrypted master key therebetween in order to enable the master key to be shared between the secure applications 10a and 10b (Ko par. 0116). However, Ko does not explicitly disclose provide respective ones of the cryptographic keys to the applications to enable secure communication among the applications.
However, in an analogous art, Tanizawa teaches wherein provide respective ones of the cryptographic keys to the applications to enable secure communication among the applications (Tanizawa abstract, claim 8 and col.8; lines 64-67. Tanizawa teaches that a communication system, comprising: a plurality of applications that use an application key, the plurality of applications connected to one or more external devices, the application key being shared with the one or more external devices over one or more links that are encrypted with a link key, the link key being shared by using a quantum key distribution technique; a communication device for providing the application key to the one or more applications, wherein the communication device includes a memory that stores therein a degree of priority and a first requested volume for each of the plurality of applications, the degree of priority being determined in advance based on a user's authority or the type of application. A higher degree of priority is assigned to the application 200 of a user with more authority. This enables assignment of an application key according to the authority of the user possessing the application 200).
Therefore, it would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to combine the teachings of Tanizawa with the method and system of Ko, wherein provide respective ones of the cryptographic keys to the applications to enable secure communication among the applications to provide users with a means for realizing key assignment that satisfies the key rates requested by the plurality of applications (Tanizawa abstract).
Regarding claim 2, Ko and Tanizawa disclose the system according to claim 1, 
Ko further discloses wherein the key orchestration sub- system includes, in each respective computer cluster, a key cache orchestrator and a key exchange orchestrator (Ko abstract and par. 0023. Ko teaches that a quantum key orchestration module for delivering a master key and a master key ID to a secure application connected therewith in response to a request for the master key with the ID of a second secure application and delivering a packet including the master key encrypted with the outbound quantum key shared with the second QKD node apparatus, the master key ID, and a quantum key ID, to the second QKD node apparatus and the quantum key orchestration module may store the group key and a group key ID and delete path information pertaining to the QKD node apparatus and the ID of the secure application connected with the QKD node apparatus from the packet). 
Regarding claim 3, Ko and Tanizawa disclose the system according to claim 2, 
Ko further discloses wherein the key cache orchestrator is configured to: monitor a level of available cryptographic keys in a respective one of the computer clusters; and request the key generation sub-system to generate additional cryptographic keys and corresponding labels responsively to the monitored level (Ko par. 0106. Ko teaches that the quantum key synchronization management module 120a, which serves as a sender, reads the quantum key and quantum key ID from the input quantum key buffer 121a and stores the same in the outbound quantum key buffer 125a and the inbound quantum key buffer 127a such that they are neither empty nor overflowing. See also par. 0109).
Regarding claim 4, Ko and Tanizawa disclose the system according to claim 2, 
Ko further discloses wherein the key exchange orchestrator is configured to manage provision of cached cryptographic keys to applications running on respective ones of the endpoints in the computer clusters responsively to corresponding ones of the labels (Ko par. 0106. Ko teaches that the quantum key synchronization management module 120a, which serves as a sender, reads the quantum key and quantum key ID from the input quantum key buffer 121a and stores the same in the outbound quantum key buffer 125a and the inbound quantum key buffer 127a such that they are neither empty nor overflowing. See also par. 0109).
Regarding claim 13; claim 13 is directed to a secure computing system associated with the system claimed in claim 1. Claim 13 is similar in scope to claim 1, and is therefore rejected under similar rationale.  
Regarding claims 14-16; claims 14-16 are directed to a method associated with the system claimed in claims 1 and 3-4 respectively. Claims 14-16 are similar in scope to claims 1 and 3-4 respectively, and are therefore rejected under similar rationale respectively.
Allowable Subject Matter
Claims 5-10 and 17-22 objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SANCHIT K SARKER whose telephone number is (571)270-7907. The examiner can normally be reached M-F 8:30 AM-5:30 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, FARID HOMAYOUNMEHR can be reached on 571-272-3739. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/SANCHIT K SARKER/Primary Examiner, Art Unit 2495