PROCESSING UNIT, ELECTRONIC DEVICE, AND SECURITY CONTROL METHOD

DETAILED ACTION Response to Arguments Applicant's arguments ("REMARKS") filed 24 July 2025 have been fully considered, and they are not persuasive as to the previous grounds of rejection. No claims were amended. Claims 1 and 11 are independent. Claims 1-20 are currently pending. Re: Claim Rejections Under 35 U.S.C. §103 Applicant’s amendment and arguments, indicated on pp.8-13 of the REMARKS, in response to the rejection of the claims under 35 U.S.C. §103 with respect to Xing et al., US 2014/0189246 A1 (hereinafter, “Xing ‘246”), and Xing et al., US 2016/0283747 A1 (hereinafter, “Xing ‘747”) have been fully considered, and they are not persuasive as to the previous grounds of rejection. On p.9 of the REMARKS, Applicant argues that Xing ‘246 fails to teach or suggest that the processor is adapted to start a secure monitor because the secure enclave unit does not initiate, monitor, or validate enclave behavior independently. The Examiner respectfully disagrees. Xing ‘246 discloses a processor 110 comprising a plurality of units, such as a secure enclave unit 117 (i.e., a secure monitor) (Xing ‘246, ¶¶17, 24-25; Figs.1-2), where the processor 110 uses the processor control unit 115 to control the operations of the secure enclave unit 117 (Xing ‘246, ¶22). Thus, Xing ‘246 discloses a processor adapted to start a secure monitor. Moreover, Xing ‘246 discloses that the secure enclave unit 117 is configured for ‘creating and maintaining a secured, protected, or isolated environment, such as a secure enclave as described herein, in which an application or other software may run, execute, be loaded, or otherwise be present within an information processing system’ (Xing ‘246, ¶24), where the secure enclave unit 117 maintains the integrity of the secure enclave using various component within the secure enclave unit 117 by performing attestation and validation (Xing ‘246, ¶¶27-28, 32, 35; Fig.2). Thus, Xing ‘246 discloses a secure enclave unit 117 that initiates, monitors, or validates enclave behavior. Furthermore, the Examiner requests clarification regarding Applicant’s use of the terms ‘adapted to’ and ‘independently’ within Applicant’s arguments. Specifically, Examiner requests further clarification of the term ‘adapted to’ to explain to relationship between ‘the processor’ and ‘secure monitor’. Applicant states on p.9 of the REMARKS that ‘the secure enclave unit (117) [disclosed in Xing ‘246] does not initiate, monitor, or validate enclave behavior independently’, implying that the “secure monitor” of claim 1 performs these operations ‘independently’. Claim 1, however, does not support this argument. In fact, as the Applicant pointed out above and as recited in the claims, a processor is used and ‘adapted to’ start a secure monitor. Examiner notes that the features upon which applicant relies are not recited in the rejected claim(s). Although the claims are interpreted in light of the specification, limitations from the specification are not read into the claims. See In re Van Geuns, 988 F.2d 1181, 26 USPQ2d 1057 (Fed. Cir. 1993). Next, on p.9 of the REMARKS, Applicant argues that the primary reference Xing ‘246 ‘does not distinguish between crypto enclaves, runtime enclaves, or application enclaves’. Xing ‘246 discloses the creation a plurality of secure enclaves, where certain enclaves are initialized and loaded with an application (i.e., application enclaves), and where certain enclaves are initialized and executed with shared linked library files (i.e., runtime enclaves) (Xing ‘246, ¶¶24, 28-29, 37-39, 42). According to the definition of a runtime enclave provided in the Specification of the present application, a runtime enclave is ‘used to store shared information (such as a shared program and/or a generic driver) that can be invoked by different application programs … the shared information includes, for example, a shared library … the shared library includes, for example, a public runtime library …’ (Specification [114]). Thus, the primary reference Xing ‘246 discloses at least “… establish and set one or more of … a runtime enclave; establish a plurality of application enclaves …”, as recited in claim 1. Furthermore, as stated in the Office Action of 28 April 2025, the primary reference Xing ‘246 does not explicitly disclose the limitation “… establish and set one or more of a crypto enclave …”. The secondary reference Xing ‘747, however, discloses establishing a secure enclave, where cryptographic operations may be performed in the secure enclave (Xing ‘747, ¶¶Abstract, 26, 73). One cannot show nonobviousness by attacking references individually where the rejections are based on combinations of references. See In re Keller, 642 F.2d 413, 208 USPQ 871 (CCPA 1981); In re Merck & Co., 800 F.2d 1091, 231 USPQ 375 (Fed. Cir. 1986). Xing ‘246 and Xing ‘747 are analogous art because they are from the same field of endeavor, namely that of establishing enclaves to perform secure operations with the enclaves. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings Xing ‘246 and Xing ‘747 before them, to modify the method in Xing ‘246 to include the teachings of Xing ‘747, namely to modify the enclave creation process of Xing ‘246 such that a specific crypto enclave for performing cryptographic operations if also created, as disclosed in Xing ‘747. A motivation for doing so would be to protect cryptographic keys within an isolated environment such that cryptographic operations may be securely performed using said keys (see Xing ‘747, ¶¶1-5). Next, on pp.9-10 of the REMARKS, Applicant argues that Xing ‘246 fails to describe checking a to-be-started application program to ensure secure execution because ‘Xing '246 nowhere describes that the measurement is used to conditionally allow or deny execution of application program’, citing to paragraphs [0014]-[0016] of the Specification. The Examiner respectfully disagrees. To the extent that Applicant's argument is based on the notion that the claims require ‘the measurement is used to conditionally allow or deny execution of application program’, Examiner notes that the features upon which applicant relies are not recited in the rejected claim(s). Although the claims are interpreted in light of the specification, limitations from the specification are not read into the claims. See In re Van Geuns, 988 F.2d 1181, 26 USPQ2d 1057 (Fed. Cir. 1993). Claim 1, as presented, only recites “check a to-be-started application program to ensure that the application program can be run securely”. Xing ‘246 discloses a secure enclave unit 117 is configured for ‘creating and maintaining a secured, protected, or isolated environment, such as a secure enclave as described herein, in which an application or other software may run, execute, be loaded, or otherwise be present within an information processing system’ (Xing ‘246, ¶24). Furthermore, Xing ‘246 discloses verifying and attesting to-be-executed applications, by using measurements, and various components within the secure enclave unit, to ensure the secure execution of applications (Xing ‘246, ¶¶27-28, 35, 47-49). Thus, Xing ‘246 discloses “check a to-be-started application program to ensure that the application program can be run securely”, as recited in claim 1. Lastly, Applicant argues, on pp.10-11, that the secondary reference Xing ‘747 does not disclose ‘that the processor (110) is adapted to start a secure monitor’, ‘categorization of enclaves into distinct types, such as, crypto, runtime, and application enclaves’, and ‘the processor is adapted to check a to-be-started application program to ensure secure execution’. These arguments, however, have already been addressed with respect to the primary reference Xing ‘246, as stated above. One cannot show nonobviousness by attacking references individually where the rejections are based on combinations of references. See In re Keller, 642 F.2d 413, 208 USPQ 871 (CCPA 1981); In re Merck & Co., 800 F.2d 1091, 231 USPQ 375 (Fed. Cir. 1986). Xing ‘246 and Xing ‘747 are analogous art because they are from the same field of endeavor, namely that of establishing enclaves to perform secure operations with the enclaves. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings Xing ‘246 and Xing ‘747 before them, to modify the method in Xing ‘246 to include the teachings of Xing ‘747, namely to modify the enclave creation process of Xing ‘246 such that a specific crypto enclave for performing cryptographic operations if also created, as disclosed in Xing ‘747. A motivation for doing so would be to protect cryptographic keys within an isolated environment such that cryptographic operations may be securely performed using said keys (see Xing ‘747, ¶¶1-5). Thus, for the reasons stated above, the rejection of the independent claims under 35 U.S.C. 103 as being unpatentable over Xing ‘246 and Xing ‘747 is maintained. The corresponding dependent claims are rejected for at least the same reasons due to their dependency on their respective independent claims. See Claim Rejections – 35 USC §103 below for further details. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows: 1. Determining the scope and contents of the prior art. 2. Ascertaining the differences between the prior art and the claims at issue. 3. Resolving the level of ordinary skill in the pertinent art. 4. Considering objective evidence present in the application indicating obviousness or nonobviousness. This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary. Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention. Claims 1-2, 4-5, 8, 11-12, 14-15, and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Xing et al., US 2014/0189246 A1 (hereinafter, “Xing ‘246”), in view of Xing et al., US 2016/0283747 A1 (hereinafter, “Xing ‘747”). As per claim 1: Xing ‘246 discloses: A processing unit, comprising: a processor (system 100 comprising a processor 110 configured to perform operations [Xing ‘246, ¶¶15-17, 22; Fig.1]) adapted to: start a secure monitor (secure enclave unit 117, where the secure enclave unit is configured to maintain a secured, protected, or isolated environment, such as a secure enclave, in which an application or other software may run, execute, or be loaded [Xing ‘246, ¶¶17, 24-25, 27; Figs.1-2]); establish and set one or more of a (creating a plurality of secure enclaves, where some secure enclaves may be initialized and loaded with an application, and where some enclaves may be initialized and loaded with shared linked library files (i.e., a runtime enclave) [Xing ‘246, ¶¶24, 28-29, 37-39, 42]); and check a to-be-started application program to ensure that the application program can be run securely (verifying and attesting to-be-executed applications, by using measurements, to ensure the secure execution of applications [Xing ‘246, ¶¶27-28, 32, 35, 47-49; Fig.2]). As stated above, Xing ‘246 does not explicitly disclose the limitation “… establish and set one or more of a crypto enclave …”. Xing ‘747, however, discloses: … establish and set one or more of a crypto enclave (establishing a secure enclave, where cryptographic operations may be performed in the secure enclave [Xing ‘747, ¶¶Abstract, 26, 73]) … Xing ‘246 and Xing ‘747 are analogous art because they are from the same field of endeavor, namely that of establishing enclaves to perform secure operations with the enclaves. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings Xing ‘246 and Xing ‘747 before them, to modify the method in Xing ‘246 to include the teachings of Xing ‘747, namely to modify the enclave creation process of Xing ‘246 such that a specific crypto enclave for performing cryptographic operations if also created, as disclosed in Xing ‘747. A motivation for doing so would be to protect cryptographic keys within an isolated environment such that cryptographic operations may be securely performed using said keys (see Xing ‘747, ¶¶1-5). As per claim 2: Xing ‘246 in view of Xing ‘747 discloses all limitations of claim 1, as stated above, from which claim 2 is dependent upon. Furthermore, Xing ‘246 discloses: wherein the processor (system 100 comprising a processor 110 configured to perform operations [Xing ‘246, ¶¶15-17; Fig.1]) is adapted to establish the (creating a plurality of secure enclaves, where secure enclaves are allocated in memory based on an enclave page cache 220 (EPC), and where access control logic 214, range register(s) 216, and EPC map (EPCM) 218 may be used to prevent access to a page within EPC 220 except by an application running on processor 110 within the secure enclave to which the page is allocated [Xing ‘246, ¶¶27-28, 30-31, 37]). As stated above, Xing ‘246 does not explicitly disclose the limitation “… establish the crypto enclave within a storage address range based on …”. Xing ‘747, however, discloses: … establish the crypto enclave (establishing a secure enclave, where cryptographic operations may be performed in the secure enclave [Xing ‘747, ¶¶Abstract, 26, 73]) within a storage address range based on (establishing the secure crypto enclave by allocating a memory address range based on an EPC, where pages within the EPC may have specific access policies associated with read/write controls [Xing ‘747, ¶¶19, 35, 80, 83-84, 87]) Xing ‘246 and Xing ‘747 are analogous art because they are from the same field of endeavor, namely that of establishing enclaves to perform secure operations with the enclaves. For the reasons stated in claim 1, prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings Xing ‘246 and Xing ‘747 before them, to modify the method in Xing ‘246 to include the teachings of Xing ‘747. As per claim 4: Xing ‘246 in view of Xing ‘747 discloses all limitations of claim 1, as stated above, from which claim 4 is dependent upon. Furthermore, Xing ‘246 discloses: wherein the processor is adapted to establish the plurality of application enclaves within a storage (creating a plurality of secure enclaves, where some secure enclaves may be initialized and loaded with an application [Xing ‘246, ¶¶24, 28-29, 37-39, 42]) (creating a plurality of secure enclaves, where secure enclaves are allocated in memory based on an enclave page cache 220 (EPC), and where access control logic 214, range register(s) 216, and EPC map (EPCM) 218 may be used to prevent access to a page within EPC 220 except by an application running on processor 110 within the secure enclave to which the page is allocated [Xing ‘246, ¶¶27-28, 30-31, 37]), and wherein the processor is further adapted to (system 100 comprising a processor 110 configured to perform operations [Xing ‘246, ¶¶15-17; Fig.1]): write a specified application program into a corresponding application enclave (secure enclaves may be initialized and loaded with an application [Xing ‘246, ¶¶24, 28-29, 37-39, 42]); and configure a storage (under the broadest reasonable interpretation “A, B, and/or C” may be interpreted as “A, B, and C OR A, B, or C”; EPC 220 may include any number of pages for any number of different enclaves. For each enclave, one or more pages may be allocated to store a secure enclave control structure (an SECS); Pages in EPC 220 may be allocated to an enclave, for example by using an EADD instruction; Access control logic 214, range register(s) 216, and EPC map (EPCM) 218 may be used to prevent access to a page within EPC 220 except by an application running on processor 110 within the secure enclave to which the page is allocated; pages in EPC 220 may be allocated to the secure enclave, where these pages may be pages storing or to store an application. Each time a page is added, a measurement of the enclave, stored in a measurement register, is extended with the measurement of the new page [Xing ‘246, ¶¶27, 30-31, 37]). As stated above, Xing ‘246 does not explicitly disclose the limitation “… establish … enclaves within a storage address range based on … and configure a storage address range …”. Xing ‘747, however, discloses: … establish … enclaves within a storage address range based on … and configure a storage address range (establishing an enclave by allocating a memory address range based on an EPC, where pages within the EPC may have specific access policies associated with read/write controls [Xing ‘747, ¶¶19, 35, 83-84, 87]) … Xing ‘246 and Xing ‘747 are analogous art because they are from the same field of endeavor, namely that of establishing enclaves to perform secure operations with the enclaves. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings Xing ‘246 and Xing ‘747 before them, to modify the method in Xing ‘246 to include the teachings of Xing ‘747, namely to modify the enclave creation process of Xing ‘246 such that a specific address range is used for establishing the enclave in memory, as disclosed in Xing ‘747. A motivation for doing so would be to prevent overwriting or ‘paging out’ storage locations by specifically defining the address range (see Xing ‘747, ¶¶83-84, 87). As per claim 5: Xing ‘246 in view of Xing ‘747 discloses all limitations of claims 1 and 4, as stated above, from which claim 5 is dependent upon. Furthermore, Xing ‘246 discloses: wherein to write the specified application program into the corresponding application enclave (secure enclaves may be initialized and loaded with an application [Xing ‘246, ¶¶24, 28-29, 37-39, 42]), the processor (system 100 comprising a processor 110 configured to perform operations [Xing ‘246, ¶¶15-17; Fig.1]) is adapted to write all/a part of executable code and data corresponding to the application program stored in a non-volatile storage apparatus (under the broadest reasonable interpretation “/” may be interpreted as “or”; an application may comprise executable code and data, where secure enclaves may be initialized and loaded with an application from a non-volatile information storage device on system 100 [Xing ‘246, ¶¶15-16, 24, 28-30; Fig.1; Fig.3]). As per claim 8: Xing ‘246 discloses: wherein to check the to-be-started application program (verifying and attesting to-be-executed applications, by using measurements, to ensure the secure execution of applications [Xing ‘246, ¶¶28, 35, 47-49]), the processor is adapted to perform calculation on the to-be-started application program based on a hash (HASH) algorithm to acquire a check value (acquiring a measurement value based on a hash operation of the to-be-executed applications within the enclave [Xing ‘246, ¶¶28, 31-32, 34]). As per claims 11-12, 14-15, and 18: Claims 11-12, 14-15, and 18 define a method that recites substantially similar subject matter as the apparatus of claims 1-2, 4-5, and 8, respectively. Specifically, claims 11-12, 14-15, and 18 are directed to a secure boot method that may be performed by the processing unit of claims 1-2, 4-5, and 8, respectively. Thus, the rejection of claims 1-2, 4-5, and 8 is equally applicable to claims 11-12, 14-15, and 18, respectively. Claims 3 and 13 are rejected under 35 U.S.C. 103 as being unpatentable over Xing ‘246, in view of Xing ‘747, and further in view of Thakkar et al., US 2020/0372153 A1 (hereinafter, “Thakkar ‘153”). As per claim 3: Xing ‘246 in view of Xing ‘747 discloses all limitations of claim 1, as stated above, from which claim 3 is dependent upon. Furthermore, Xing ‘246 discloses: wherein the processor (system 100 comprising a processor 110 configured to perform operations [Xing ‘246, ¶¶15-17; Fig.1]) is further adapted to: (under the broadest reasonable interpretation “A, B, and/or C” may be interpreted as “A, B, and C OR A, B, or C”; EPC 220 may include any number of pages for any number of different enclaves. For each enclave, one or more pages may be allocated to store a secure enclave control structure (an SECS); Pages in EPC 220 may be allocated to an enclave, for example by using an EADD instruction; Access control logic 214, range register(s) 216, and EPC map (EPCM) 218 may be used to prevent access to a page within EPC 220 except by an application running on processor 110 within the secure enclave to which the page is allocated; pages in EPC 220 may be allocated to the secure enclave, where these pages may be pages storing or to store an application. Each time a page is added, a measurement of the enclave, stored in a measurement register, is extended with the measurement of the new page [Xing ‘246, ¶¶27, 30-31, 37]). As stated above, Xing ‘246 does not explicitly disclose the limitations “… write security information into the crypto enclave, wherein the security information comprises a driver and a library function stored in a non-volatile storage apparatus; and configure a storage address range … corresponding to the crypto enclave …”. Xing ‘747, however, discloses: … write security information into the crypto enclave, wherein the security information comprises (establishing a secure enclave, where cryptographic operations may be performed in the secure enclave, and where cryptographic information, such as cryptographic keys, may be written into the enclave [Xing ‘747, ¶¶Abstract, 26, 73]) storage apparatus (cryptographic information may be from non-volatile storage 130 [Xing ‘747, ¶32; Fig.1]); and configure a storage address range (establishing an enclave by allocating a memory address range based on an EPC, where pages within the EPC may have specific access policies associated with read/write controls [Xing ‘747, ¶¶19, 35, 83-84, 87]) … Xing ‘246 and Xing ‘747 are analogous art because they are from the same field of endeavor, namely that of establishing enclaves to perform secure operations with the enclaves. For the reasons stated in claims 1 and 4, prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings Xing ‘246 and Xing ‘747 before them, to modify the method in Xing ‘246 to include the teachings of Xing ‘747. As stated above, Xing ‘246 in view of Xing ‘747 does not explicitly disclose the limitations “… write … information into the … enclave … a driver and a library function …”. Thakkar ‘153, however, discloses: … write … information into the … enclave … a driver and a library function (establishing one or more isolated containers, where the isolated containers may comprise device drivers and libraries [Thakkar ‘153, ¶¶40, 55]) … Xing ‘246 (modified by Xing ‘747) and Thakkar ‘153 are analogous art because they are from the same field of endeavor, namely that of establishing enclaves to protect data within the enclaves. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings Xing ‘246 (modified by Xing ‘747) and Thakkar ‘153 before them, to modify the method in Xing ‘246 (modified by Xing ‘747) to include the teachings of Thakkar ‘153, namely to modify the enclave creation process of Xing ‘246 such that a specific crypto enclave for performing cryptographic operations if also created, as disclosed in Xing ‘747, and where libraries and drivers may also be stored in the crypto enclave, as disclosed in Thakkar ‘153. A motivation for doing so would be to not only provide protection to computing systems by providing an isolated environment for potential malicious content, but also to ensure that each isolated container is able to perform various functions within by utilizing drivers and libraries in isolation (see Thakkar ‘153, ¶¶4, 40, 55). As per claim 13: Claim 13 defines a method that recites substantially similar subject matter as the apparatus of claim 3. Specifically, claim 13 is directed to a secure boot method that may be performed by the processing unit of claim 3. Thus, the rejection of claim 3 is equally applicable to claim 13. Claims 6 and 16 are rejected under 35 U.S.C. 103 as being unpatentable over Xing ‘246, in view of Xing ‘747, and further in view of Winberg et al., US 2013/0342544 A1 (hereinafter, “Winberg ‘544”). As per claim 6: Xing ‘246 in view of Xing ‘747 discloses all limitations of claim 1, as stated above, from which claim 6 is dependent upon. Xing ‘246 and Xing ‘747 do not appear to explicitly disclose the limitations of claim 6. Winberg ‘544, however, discloses: wherein the processor (processor 238 [Winberg ‘544, ¶¶13, 17-20]) is further adapted to locate the to-be started application program based on a boot sequence indicated by boot sequence information (initiate a boot sequence to locate and load to-be started applications, computer programs and, processes [Winberg ‘544, ¶¶35-36]). Xing ‘246 (modified by Xing ‘747) and Winberg ‘544 are analogous art because they are from the same field of endeavor, namely that of securely initiating devices with respect to loading applications on the device. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings Xing ‘246 (modified by Xing ‘747) and Winberg ‘544 before them, to modify the method in Xing ‘246 (modified by Xing ‘747) to include the teachings of Winberg ‘544, namely to implement a boot sequence, as disclosed in Winberg ‘544, to facilitate the application loading process of Xing ‘246, where the applications of Xing ‘246 may be located and loaded based on the boot sequence. A motivation for doing so would be to implement a secure boot process of a device by using a boot sequence to ensure that all essential applications and processes are located and executed (see Winberg ‘544, ¶¶35-36). As per claim 16: Claim 16 defines a method that recites substantially similar subject matter as the apparatus of claim 6. Specifically, claim 16 is directed to a secure boot method that may be performed by the processing unit of claim 6. Thus, the rejection of claim 6 is equally applicable to claim 16. Claims 7 and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Xing ‘246, in view of Xing ‘747, and further in view of Winberg ‘544, and further in view of Mersh, US 2014/0372738 A1 (hereinafter, “Mersh ‘738”). As per claim 7: Xing ‘246 in view of Xing ‘747, and further in view of Winberg ‘544 discloses all limitations of claims 1 and 6, as stated above, from which claim 7 is dependent upon. Xing ‘246 in view of Xing ‘747 do not appear to explicitly disclose the limitations of claim 7. Winberg ‘544, however, discloses: wherein the boot sequence information is (the boot sequence is stored in a memory, where the boot sequence is executed from the memory by a processor [Winberg ‘544, ¶¶13, 34]). Xing ‘246 (modified by Xing ‘747) and Winberg ‘544 are analogous art because they are from the same field of endeavor, namely that of securely initiating devices with respect to loading applications on the device. For the reasons stated in claim 6, prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings Xing ‘246 (modified by Xing ‘747) and Winberg ‘544 before them, to modify the method in Xing ‘246 (modified by Xing ‘747) to include the teachings of Winberg ‘544. As stated above, Xing ‘246 in view of Xing ‘747 and further in view of Winberg ‘544 does not explicitly disclose the limitation “… boot sequence information is copied by the secure monitor into a boot sequence register … to facilitate invocation.” Mersh ‘738, however, discloses: … boot sequence information is copied by the secure monitor into a boot sequence register … to facilitate invocation (boot up code is copied by a ROM into a secure register, where the processor will access the secure register to execute the boot up code [Mersh ‘738, ¶¶66, 69, 74]). Xing ‘246 (modified by Xing ‘747 and Winberg ‘544) and Mersh ‘738 are analogous art because they are from the same field of endeavor, namely that of securely initiating devices. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings Xing ‘246 (modified by Xing ‘747 and Winberg ‘544) and Mersh ‘738 before them, to modify the method in Xing ‘246 (modified by Xing ‘747 and Winberg ‘544) to include the teachings of Mersh ‘738, namely to implement a boot sequence, as disclosed in Winberg ‘544, to facilitate the application loading process of Xing ‘246, where the applications of Xing ‘246 may be located and loaded based on the boot sequence, and where the boot sequence may be stored in a secure register to facilitate invocation by a processor, as disclosed in Mersh ‘738. A motivation for doing so would be to increase the protection of the boot up code by storing the boot up code in a dedicated and secure register where it may be accessed by the processor (see Mersh ‘738, ¶¶66, 69, 74). As per claim 17: Claim 17 defines a method that recites substantially similar subject matter as the apparatus of claim 7. Specifically, claim 17 is directed to a secure boot method that may be performed by the processing unit of claim 7. Thus, the rejection of claim 7 is equally applicable to claim 17. Claims 9-10 and 19-20 are rejected under 35 U.S.C. 103 as being unpatentable over Xing ‘246, in view of Xing ‘747, and further in view of Negi et al., US 2018/0285560 A1 (hereinafter, “Negi ‘560”). As per claim 9: Xing ‘246, in view of Xing ‘747 discloses all limitations of claims 1 and 8, as stated above, from which claim 9 is dependent upon. Xing ‘246, in view of Xing ‘747 does not explicitly disclose the limitations of claim 9. Negi ‘560, however, discloses: wherein the processor is further adapted to: compare the check value with an expected hash value to determine if the application program can be run securely (determine a hash value measurement of an application within an enclave, where the measurement is compared with a whitelist measurement, and where a match between the measurements indicates that the application within the enclave is secure [Negi ‘560, ¶¶2, 10-11, 19, 31, 51, 68]). Xing ‘246 (modified by Xing ‘747) and Negi ‘560 are analogous art because they are from the same field of endeavor, namely that of establishing enclaves to protect data within the enclaves. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings Xing ‘246 (modified by Xing ‘747) and Negi ‘560 before them, to modify the method in Xing ‘246 (modified by Xing ‘747) to include the teachings of Negi ‘560, namely to modify the application verification and attestation process of Xing ‘246 such that the hash-based measurements of Xing ‘246 are used to perform the verification/attestation process by comparing the hash-based measurements with expected whitelisted hash-based measurements, as disclosed in Negi ‘560. A motivation for doing so would be provide a secure method of verifying and attesting applications within enclaves by comparing hash values which are unique to each application within the corresponding enclaves (see Negi ‘560, ¶¶26, 31). As per claim 10: Xing ‘246, in view of Xing ‘747, and further in view of Negi ‘560 discloses all limitations of claims 1 and 8-9, as stated above, from which claim 10 is dependent upon. Xing ‘246, in view of Xing ‘747 does not explicitly disclose the limitations of claim 9. Negi ‘560, however, discloses: wherein the processor is further adapted to: determine that the application program can be run securely when the check value is consistent with the expected hash value (determine a hash value measurement of an application within an enclave, where the measurement is compared with a whitelist measurement, and where a match between the measurements indicates that the application within the enclave is secure [Negi ‘560, ¶¶2, 10-11, 19, 31, 51, 68]). Xing ‘246 (modified by Xing ‘747) and Negi ‘560 are analogous art because they are from the same field of endeavor, namely that of establishing enclaves to protect data within the enclaves. For the reasons stated in claim 8, prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings Xing ‘246 (modified by Xing ‘747) and Negi ‘560 before them, to modify the method in Xing ‘246 (modified by Xing ‘747) to include the teachings of Negi ‘560. As per claims 19-20: Claims 19-20 define a method that recites substantially similar subject matter as the apparatus of claims 9-10, respectively. Specifically, claims 19-20 are directed to a secure boot method that may be performed by the processing unit of claims 9-10, respectively. Thus, the rejection of claims 9-10 is equally applicable to claims 19-20, respectively. Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Shanahan, US 20170286668 A1: The computing device loads an application image to a memory range within a predefined virtual address range and creates a secure enclave with the predefined virtual address range assigned to the secure enclave. The computing device validates control flow integrity of the secure enclave. Nesher et al., US 20160171248 A1: creating a first trusted execution environment (TXE), in protected non-privileged user address space of the memory, which makes a first measurement for at least one of first data and first executable code and which encrypts the first measurement. Shanahan et al., US 10511598 B2: dynamic loading of integrity protected modules into a secure enclave include a computing device having a processor with secure enclave support. The computing device divides an executable image into multiple chunks, hashes each of the chunks with corresponding attributes that affect security to generate a corresponding hash value. THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to ALAN L KONG whose telephone number is (571)272-2646. The examiner can normally be reached Monday-Thursday 9:00am-7:00pm EST. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, JUNG (JAY) KIM can be reached on (571)272-3804. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /ALAN L KONG/Examiner, Art Unit 2494 /THEODORE C PARSONS/Primary Examiner, Art Unit 2494