DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

The following is a final office action in response to communications received 11/23/2020. Claims 6-7, 17, 20 have been cancelled. Claims 21-24 have been added. Therefore, claims 1-5, 8-16, 18-19, 21-24 are pending and addressed below.


Response to Arguments
Applicant’s arguments filed 11/23/2020 have been fully considered but they are not persuasive. Applicant argues that (1) Starr does not teach an encrypted data key that uniquely corresponds to a data key obtainable solely from a server that is remote to the MAM, the encrypted data key retained in the nonvolatile non-transient solid state memory device, the data key only capable of being obtained when the encrypted data key is provided to the server and decrypted by the server.

In response to argument (1), Examiner respectfully disagrees. Starr discloses a MAC is an authentication tag derived by applying an authentication scheme together with a secret encryption key…the MAC and moniker, are stored in a MAM associated with a tape cartridge…enabling the encryption engine to decrypt the encrypted data package…see par. 30. Therefore Examiner maintains Starr does teach this limitation.


Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claims 1-5, 8-16, 18-19 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Starr et al (Pub. No. US 2010/0031054).

As per claim 1, Starr discloses a medium auxiliary memory (MAM) comprising: a nonvolatile non-transient solid state memory device; an antenna; a MAM transceiver; a microprocessor (see fig.3A, par. 33); and an encrypted data key that uniquely corresponds to a data key obtainable solely from a server that is remote to the MAM, the encrypted data key retained in the nonvolatile non-transient solid state memory device, the data key only capable of being obtained when the encrypted data key is provided to the server and decrypted by the server (…a MAC is an authentication tag derived by applying an authentication scheme together with a secret encryption key…the MAC and moniker, are stored in a MAM associated with a tape cartridge…enabling the encryption engine to decrypt the encrypted data package…the library can accommodate a graphical user interface and an auxiliary memory device, such as a disc drive or solid state memory device…user data received from the client is encrypted by the encryption engine, a decryption key, such as by a key generator which can be associated with the interface…the graphical user interface is capable of transmitting the moniker associated with a key required to decrypt the encrypted data as inputted by an operator…tape cartridge contains encrypted data stored on the medium and moniker and MAC associated with the encrypted data is stored and maintained on the associated MAM…see par. 30, 34, 36-37).


As per claim 9, Starr discloses a method of decrypting user data using a MAM, the method comprising: providing a storage element with the MAM physically linked to the storage element, the MAM comprising a non-transient solid state memory device, an antenna, a MAM transceiver, and a microprocessor, the storage element is mobile (see fig.3A, par. 33); communicatively linking an external transceiver with the MAM via the antenna, the MAM transceiver and the microprocessor, the external transceiver comprised by a local computing system; obtaining via the external transceiver an encrypted data key from the non-transient solid state memory device; connecting the local computing system to a remote server; sending the encrypted data key to the remote server; requesting a data key that uniquely corresponds to the encrypted data key, the data key only obtainable from the remote server; and receiving at the local computing system the data key from the remote server after the sending step (…a MAC is an 



As per claim 18, Starr discloses a tape cartridge comprising: a medium auxiliary memory (MAM) physically connected to the tape cartridge, the MAM comprising a non-transient memory device, an antenna, a MAM transceiver, a microprocessor and an encrypted data key stored in the non-transient memory device (see par. 33-34), the tape cartridge comprising a tape recording medium possessing encrypted data, the encrypted data only capable of being decrypted by a data key produced by a remote server, the tape cartridge adapted to be loaded in a tape drive, the encrypted data read from the tape cartridge by the tape drive is adapted to be decrypted by a decryption engine when using the data key, the data key adapted to be provided to the decryption engine only after receiving the encrypted data key from the MAM (…a MAC is an authentication tag derived by applying an authentication scheme together with a secret encryption key…the MAC and moniker, are stored in a MAM associated with a tape cartridge…enabling the encryption engine to decrypt the encrypted data package…the library can accommodate a graphical user interface and an auxiliary memory device, such as a disc drive or solid state memory device…user data received from the client is encrypted by the encryption engine, a decryption key, such as by a key generator which can be associated with the interface…the graphical user interface is capable of transmitting the moniker associated with a key required to decrypt the encrypted data as inputted by an operator…tape cartridge contains encrypted data stored on the medium and moniker and MAC associated with the encrypted data is stored and maintained on the associated MAM…see par. 30, 34, 36-38).


As per claim 2, Starr discloses wherein the server is comprised by a cloud system (see par. 6).


As per claim 3, Starr discloses wherein the cloud system possesses a hardened key management system that possesses unique information to regenerate the data key (see par. 36).


As per claim 4, Starr discloses wherein the MAM is comprised by a tape cartridge that possesses a storage tape medium with encrypted user data retained therein, the encrypted user data can only be decrypted by the data key (see par. 44).


As per claim 5, Starr discloses wherein the tape cartridge is disposed in a tape library, the tape library adapted to connect to the server that is remote to the tape library (see par. 47).


As per claim 8, Starr discloses wherein the MAM is a passive radio frequency system that is adapted to become inductively energized via the antenna when in an interrogation zone, the MAM transceiver and the microprocessor are adapted to communicate with an external transceiver and transmit the encrypted data key to the external transceiver, the external transceiver linked with a local computing system adapted to provide the encrypted data key to the server, the server adapted to transmit the data key to the local computing system after being provided the encrypted data key (see par. 40).


As per claim 10, Starr discloses forming a cooperating read/write relationship between the storage element and a storage element drive prior to the obtaining step, and decrypting encrypted data retained by the storage element via the data key after the forming step (see par. 34, 36).


As per claim 11, Starr discloses transmitting the decrypted data to an external user of data that is connected to the local computing system (see par. 37-38).


As per claim 12, Starr discloses wherein the data storage element is a tape cartridge adapted to form a cooperating read/write relationship with a tape drive (see par. 39).

As per claim 13, Starr discloses wherein the requesting a data key step includes sending unique credential information with the encrypted data key to the remote server (see par. 36).


As per claim 14, Starr discloses wherein the tape drive and the tape cartridge are disposed in a tape library and the tape library is remotely linked to the remote server (see par. 47).


As per claim 15, Starr discloses wherein the remote server is a cloud computing system and the cloud computing system possesses a key management system (see par. 36).


As per claim 16, Starr discloses decrypting the encrypted data key at the remote server, performing the decrypting step after the sending step, and transmitting the data key from the remote server after the decrypting step and before the receiving step (see par. 44-45).




As per claim 19, Starr discloses wherein the encrypted data key is adapted to be decrypted at the remote server (see par. 48).



Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 21-24 are rejected under 35 U.S.C. 103 as being unpatentable over Starr et al (Pub. No. US 2010/0031054) in view of Greco et al (Pub. No. US 2008/0273696).

As per claim 21, Starr does not explicitly disclose wherein the encrypted data key is an encrypted version of the data key, the server is configured to generate the encrypted data key by encrypting the data key. However Carlson discloses wherein the encrypted data key is an encrypted version of the data key, the server is configured to generate the encrypted data key by encrypting the data key (…a data key generation functionality for generating a derived data key…which is created from data key…to create an encryption operation…see par. 32). Therefore one ordinary skill in the art would have found it obvious before the effective filling date of the claimed invention to use Greco in Starr for including the above limitations because one ordinary skill in the art would recognize it would further enhance access to the encrypted data in a removable storage medium in a security way, see Greco, par. 5-6.


As per claim 22, the combination of Starr and Greco discloses wherein the data key is obtainable solely from the server after the encrypted data key is decrypted into the data key (…Greco: see par. 28). The motivation for claim 22 is the same motivation as claim 21 above.


As per claim 23, the combination of Starr and Greco discloses changing the encrypted data key into the data key by decrypting the encrypted data key at the remote server (Greco: see par. 70-71). The motivation for claim 23 is the same motivation as claim 21 above.


As per claim 24, the combination of Starr and Greco discloses wherein the data key is configured to be encrypted to generate the encrypted data key at the remote server, the encrypted data key is an encrypted version of the data key (Greco: see par. 70-71). The motivation for claim 24 is the same motivation as claim 21 above.



Conclusion

The prior art made of record and not relied upon is considered pertinent to applicant's disclosure (see PTO-form 892).
The following Patents and Papers are cited to further show the state of the art at the time of Applicant’s invention with respect to tape cartridges containing medium auxiliary memory devices…

Carlson et al (Pub. No. US 2009/0049310); “Efficient Elimination of Access to Data on a Writable Storage Media”;
-Teaches signature the cartridge handling system may perform…encrypting data to be stored on the tape cartridge using the appropriate data key…generating encryption encapsulated data keys (see par. 48, 53).

Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 

Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Shewaye Gelagay can be reached on 5712724219.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/GHAZAL B SHEHNI/Primary Examiner, Art Unit 2436