Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
The Application number 17/316,554 filed on 5/10/2021 has been considered by the Examiner.  Claims 1-17 are pending.
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 5/10/2021 is being considered by the examiner.
Claim Objections
Claim 1 is objected to because of the following informalities:  As per claim 1, there is a typographical error in line 8, “the encrypted encryption key” should be recited as “the encrypted content decryption key”.  Appropriate correction is required.
Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Claim 1, 11 and 13 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-3 and 5 of U.S. Patent No. 10,419,400. Although the claims at issue are not identical, they are not patentably distinct from each other because the limitations recited in the claims 1, 11 and 13 of the instant application are anticipated by the limitations recited in the claims 1-3 and 5 of the U.S. Patent No. 10,419,400.
Claim 1-17 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-17 of U.S. Patent No. 11,032,253. Although the claims at issue are not identical, they are not patentably distinct from each other because the limitations recited in the claims 1-17 of the instant application are anticipated by the limitations recited in the claims 1-17 of U.S. Patent No. 11,032,253.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-9 and 11-17 are rejected under 35 U.S.C. 103 as being unpatentable over Sandler et al. (US 2010/0153717 hereinafter Sandler) in view of Carles et al. (US 2010/0228971 hereinafter Carles).
Regarding claim 1, Sandler discloses a method performed by a first application running in a secure execution environment of a first computing system, the method comprising: 
receiving a service invocation request from a second application running in an execution environment separate from the secure execution environment (FIG. 1-2, ¶ [0046], [0049]-[0051], [0067]; i.e. the media player or software on a content rendering device running in an environment outside of the secure module 30 requests a clear content); 
establishing a communications channel between the first application and a second computing system (FIG. 1-2, ¶ [0046], [0049]-[0051], [0067]; i.e. the secure module establishes a secure authenticated channel (SAC) with a secure module source to securely transfer a content decryption key from the secure module source); 
[[obtaining a license from the second computer system, the license comprising]] an encrypted content decryption key, the encrypted content encryption key being encrypted using, at least in part, at least one shared secret between the first application and the second computing system (FIG. 1-2, ¶ [0046], [0049]-[0051], [0067]; i.e. the secure module establishes a secure authenticated channel (SAC) with a secure module source to securely transfer a content decryption key from the secure module source – it is well known in the art that secret or session key(s) is/are established during the handshake to secure information exchange between the client and a server), wherein the at least one shared secret is not exposed within the first computing system outside the secure execution environment (FIG. 1-2, ¶ [0071]; i.e. the encrypted content is decrypted in the secure module 30; therefore, the content decryption key is not exposed outside the secure module 30);
decrypting the encrypted content decryption key included in the license using, at least in part, the at least one shared secret (FIG. 1 & 2, ¶ [0071]; i.e. the content decryption key is securely transferred from the secure module source via the SAC, in other words, the content decryption key is decrypted using the session key(s) established during the handshake and used to produce clear content for rendering by the content rendering device); 
decrypting a piece of content using the decrypted content decryption key (FIG. 1 & 2, ¶ [0071]; decrypting the encrypted content using the content decryption key; the content decryption key is transmitted securely from the secure module source 10 to the secure module, thus the decryption key is encrypted and decrypted before being used to decrypt the encrypted content); and 
providing the second application with access to the decrypted piece of content (FIG. 1 & 2, ¶ [0071]; i.e. the media player receiving the clear content from the secure module).
Sandler discloses that the secure module 30 enforcing license but does not explicitly disclose obtaining a license from the second computer system, the license comprising an encrypted content decryption key. 
However, Carles discloses obtaining a license from the second computer system, the license comprising an encrypted content decryption key (¶ [0115]-[0116], [0101], [0135]-[0139]; i.e. requesting and receiving a license encrypted using session key Ks, and the license comprises a cryptogram of the control word encrypted by a key KTerm which is encrypted by other keys).
Therefore, it would have obvious to one of ordinary skill in the art before effective filing date of the claimed invention to incorporate the teaching of Carles into Sandler to obtain content decryption key from a license and further secure the license and content decryption key using the session keys or keys derived from the session keys in order to improve the security method further to prevent the "pirating” of multimedia programs by unscrupulous persons (Carles, ¶ [0022]-[0023]).
Regarding claim 2, Sandler in view of Carles discloses the method of claim 1, wherein establishing the communications channel between the first application and the second computing system comprises establishing a communications channel between the first application and the second computing system secured by one or more session keys (Sandler, FIG. 1 & 2, ¶ [0071]).
Regarding claim 3, Sandler in view of Carles discloses the 3. The method of claim 2, wherein the at least one shared secret comprises at least one of the one or more session keys (Sandler, FIG. 1 & 2, ¶ [0071]).
Regarding claim 4, Sandler in view of Carles discloses the method of claim 1, wherein the service invocation request comprises a request for the first application to perform at least one of establishing the communications channel, obtaining the license, decrypting the encrypted content decryption key, decrypting the piece of content, and providing the second application with access to the decrypted piece of content (FIG. 1-2, ¶ [0071]: Carles, ¶ [0026]).
Regarding claim 5, Sandler in view of Carles discloses the method of claim 1, wherein not exposing the at least one shared secret within the first computing system outside the secure execution environment comprises not exposing the at least one shared secret to the second application (Sandler, FIG. 1 & 2, ¶ [0071]).
Regarding claim 6, Sandler in view of Carles discloses the method of claim 1, wherein providing the second application with access to the decrypted piece of content comprises sending the decrypted piece of content to the second application (Sandler, FIG. 1 & 2, ¶ [0071]).
Regarding claim 7, Sandler in view of Carles discloses the method of claim 1, wherein the decrypted content decryption key is not exposed outside the secure execution environment (Sandler, FIG. 1 & 2, ¶ [0071]).
Regarding claim 8, Sandler in view of Carles discloses the method of claim 1, wherein the decrypted content decryption key is not exposed to the second application by the first application (Sandler, FIG. 1 & 2, ¶ [0071]).
Regarding claim 9, Sandler in view of Carles discloses the method of claim 1, wherein the execution environment of the second application comprises an execution environment of the first computing system separate from the secure execution environment (Sandler, FIG. 1 & 2, ¶ [0071]).
Regarding claim 11, Sandler in view of Carles discloses the method of claim 1, wherein the first application comprises a secure key box application (Sandler, FIG. 1 & 2, ¶ [0060]; Carles, ¶ [0080], [0085]).
Regarding claim 12, Sandler in view of Carles discloses the method of claim 1, wherein the service invocation request is received by the first application via an application programming interface of the first application (Sandler, FIG. 1 & 2, ¶ [0071]).
Regarding claim 13, Sandler in view of Carles discloses the method of claim 1, wherein the first application comprises a firmware application executing on a secure processing unit (Sandler, FIG. 1 & 2, ¶ [0072]-[0073]).
Regarding claim 14, Sandler in view of Carles discloses the method of claim 1, wherein the second application comprises a web browser application (Sandler, FIG. 1 & 2, ¶ [0048]).
Regarding claim 15, Sandler in view of Carles discloses the method of claim 1, wherein the second application comprises a media player application (Sandler, FIG. 1 & 2, ¶ [0049]).
Regarding claim 16, Sandler in view of Carles discloses the method of claim 1, wherein the encrypted content decryption key is encrypted using at least one derived key generated based on the at least one shared secret (Carles, ¶ [0095]-[0099]).
Regarding claim 17, Sandler in view of Carles discloses the method of claim 16, wherein decrypting the encrypted content decryption key comprises: generating the at least one derived key based on the at least one shared secret; and decrypting the content decryption key using the generated at least one derived key (Sandler, FIG. 1 & 2, ¶ [0071]; Carles, ¶ [0095]-[0099]).
Claim 10 is rejected under 35 U.S.C. 103 as being unpatentable over Sandler et al. (US 2010/0153717 hereinafter Sandler) in view of Carles et al. (US 2010/0228971 hereinafter Carles) and further in view of Lee et al. (US 7,310,821 hereinafter Lee).
Regarding claim 10, Sandler in view of Carles discloses the method of claim 1.
Sandler in view of Carles does not explicitly disclose wherein the execution environment of the second application is an execution environment of a third computing system.
However, Lee discloses wherein the execution environment of the second application is an execution environment of a third computing system (FIG. 2, col. 12, lines 5-27; i.e. the engine that securely decrypt content can be part of the player or can be a device coupled to the player).
Therefore, it would have obvious to one of ordinary skill in the art before effective filing date of the claimed invention to incorporate the teaching of Lee into Sandler in view of Carles to enforce a Digital Right Management that secures the digital content as well as provides user fair usage of the content (Lee, col. 3, line 45-col. 4, line 10).
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to CHI D NGUY whose telephone number is (571)270-7311. The examiner can normally be reached Monday-Friday 9-5 PT.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Joseph P Hirl can be reached on (571)272-3685. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/C.D.N/Examiner, Art Unit 2435                                                                                                                                                                                                        
/HOSUK SONG/Primary Examiner, Art Unit 2435