Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 
DETAILED ACTION
This Office Action is in response to the application 16/182,583 filed on 11/06/2018.
Claims 1-21 have been examined and are pending in this application.
Information Disclosure Statement
The information disclosure statement (IDS), submitted on 11/06/2018, is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.
Examiner’s notes
Regarding claim 1, claim 1 recites “a computer program product…...” and “wherein the computer program product comprises a computer 4readable storage medium;” The specification explicitly defines as to what type of computer readable storage medium is claimed.  In [par. 94; lines 13-17], the specification discloses “A computer readable storage medium, as used herein, is not to be construed as being transitory signals per se, such as radio waves or other freely propagating electromagnetic waves, electromagnetic waves propagating through a waveguide or other transmission media (e.g., light pulses passing through a fiber-optic cable), or electrical signals transmitted through a wire”. Therefore, the claims are not directed to non-statutory subject matter. Therefore, the claim is statutory and require no further amendment from the applicant for the purposes of 101.
Claim Objections
Claims 1, 8 and 15 are objected to because of the following informalities:  
Regarding claims 1 and 15; claims 1 and 15 recite the limitations “controlling storage units……” However, the pre-amble of the claim only discloses “at least one storage unit”. The Examiner respectfully suggests that the preamble of the claims to include “at least one storage unit of a plurality of storage units” and the body of the claims be amended to “controlling said plurality of storage units…”
Regarding claims 1, 8 and 15; claims 1, 8 and 15 recites the limitations “…in response to received command determining.” The Examiner respectfully suggests that the claims be amended to “in response to said determining if the received command is within the restricted command set ……..”
Appropriate correction(s) is required.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if 
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent may not be obtained though the invention is not identically disclosed or described as set forth in section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are such that the subject matter as a whole would have been obvious at the time the invention was made to a person having ordinary skill in the art to which said subject matter pertains.  Patentability shall not be negatived by the manner in which the invention was made.
Claims 1-4, 8-11 and 15-18 are rejected under 35 U.S.C. 103 as being unpatentable over Cocotis (US 2016/0269367) and in view of Carloganu (US 6,226,749).
Regarding claim 1, Cocotis discloses a computer program product for use with a data storage system having a storage2 and at least one storage unit (Cocotis Fig. 8 (144)) controlled by the storage controller (Cocotis Fig. 8 (142)), wherein the storage 3controller has a processor (Cocotis Fig. 8 (810), and wherein the computer program product comprises a computer 4readable storage medium having program instructions embodied therewith (Cocotis par. 0065 and Fig. 8 (814, 816)), the program 5instructions executable by a processor of the storage controller to cause storage controller 6processor operations (Cocotis par. 0065), the storage processor operations comprising: 
controlling storage units (remote device) to perform Input/Output (I/O) operations requested by a host (administrator device) (Cocotis abstract,  par.0062 and Fig.8 (140, 801 and 802). Cocotis teaches that a remote device includes a storage controller device that can receive a "secure hide" command from an administrator device and the storage controller device executes the secure command. The remote device includes an input device and an output device); 
 8receiving a command from the host (Cocotis abstract and par. 0070. Cocotis teaches that a remote device includes a storage controller device that can receive a "secure hide" command from an administrator device); 
Cocotis discloses receiving, determining and executing command (Cocotis abstract and par. 0004) however, Cocotis does not explicitly disclose 9determining if the received command is within a restricted command set; in response to received command determining, selectively decrypting the received 11command and selectively executing a decrypted command.  
However, in an analogous art, Carloganu discloses determining if the received command is within a restricted command set (secured command) (Carloganu col.3; lines 40-67; col.4; lines 1-12 and Fig. 4. Carloganu teaches that providing in the secure processor a set of command primitives for functional control of the set of secure resources; defining a secured command format for the commands including at least a command sequence ID, a command code, and a set of command data items; storing in the secure processor a command set up table including for each of the commands in the set of commands a command type flag having a first value if the command is a secured command and a second value if the command is a non-secured command; looking up each command in the command set up table when the command is received by the secure processor and determines that the command is a secured command. See also col.4; lines 22-29 and lines 44-48 and col. 14; lines 20-32); 
(Carloganu col. 3; lines 62-63; col.4; lines 1-8; col. 9; lines 7-14 and Figs.4 and 5. Carloganu teaches that looking up each command in the command set up table when the command is received by the secure processor. If determines that the command is a secured command, then testing the authenticity of the secured command based on the value of at least one element of the secured command using the command authentication means. The Seq_ID serves both authenticity and sequence verification based on decrypting the command and then running a Verify Seq_ID routine and in such an embodiment a decryption of the secured command is performed before the Verify Seq_ID routine and Verify CMD_Auth routine are executed).
selectively executing a decrypted command (Carloganu col. 3; lines 62-63; col.4; lines 1-12; col. 9; lines 12-14 and Figs.4 and 5. Carloganu teaches that looking up each command in the command set up table when the command is received by the secure processor. If determines that the command is a secured command, then testing the authenticity of the secured command based on the value of at least one element of the secured command using the command authentication means. Executing the set of command primitives associated with the secured command using the command execution means, if and only if the secured command passes both testing (the authenticity of the secured command and regularity). A decryption of the secured command is performed before the Verify Seq_ID routine and Verify CMD_Auth routine are executed).  
Therefore, it would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify the storage controller of Cocotis using the secure processor taught in Carloganu in order to secure data processing (Carloganu abstract).
Regarding claim 2, Cocotis and Carloganu disclose the computer program product of claim 1, 
Carloganu further discloses wherein selectively decrypting the received 2command includes decrypting the received command if the received command is determined to 3be within the restricted command set (secured command) (Carloganu col. 3; lines 62-63; col.4; lines 1-8; col. 9; lines 7-14 and Figs.4 and 5. Carloganu teaches that looking up each command in the command set up table when the command is received by the secure processor. If determines that the command is a secured command, then testing the authenticity of the secured command based on the value of at least one element of the secured command using the command authentication means. The Seq_ID serves both authenticity and sequence verification based on decrypting the command and then running a Verify Seq_ID routine and In such an embodiment a decryption of the secured command is performed before the Verify Seq_ID routine and Verify CMD_Auth routine are executed) and bypassing decrypting the received command if the 4received command is determined to be outside the restricted command set (Carloganu col. 3; lines 62-63; col.4; lines 1-8; col. 9; lines 7-14; col. 14; lines 20-32 and Figs.4 and 5. Carloganu teaches that looking up each command in the command set up table when the command is received by the secure processor. If determines that the command is a non-secured command, then executing a set of command primitives associated with the command using the command execution means. If the command flag value designates a non-secured command, the command will be executed by command processor without verification of either the authenticity or the sequence ID of the command. See also col.4; lines 44-48).  
Therefore, it would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify the storage controller of Cocotis using the secure processor taught in Carloganu in order to secure data processing using a command look up table to determine the authenticity of a command and only executes the associated command if the command passes authenticity test (Carloganu abstract).
Regarding claim 3, Cocotis and Carloganu disclose the computer program product of claim 2, 
Carloganu further discloses wherein the storage controller processor 2operations further comprise: 3checking integrity of received command decrypting using an integrity pass/fail test (Carloganu col. 3; lines 62-63; col.4; lines 1-8; col. 9; lines 7-14 and Figs.4 and 5. Carloganu teaches that looking up each command in the command set up table when the command is received by the secure processor. If determines that the command is a secured command, then testing the authenticity of the secured command based on the value of at least one element of the secured command using the command authentication means. The Seq_ID serves both authenticity and sequence verification based on decrypting the command and then running a Verify Seq_ID routine and In such an embodiment a decryption of the secured command is performed before the Verify Seq_ID routine and Verify CMD_Auth routine are executed); and  4wherein selectively executing the decrypted command includes executing the decrypted 5command if the decrypted command passes the (Carloganu col. 3; lines 62-63; col.4; lines 1-12; col. 9; lines 12-14 and Figs.4 and 5. Carloganu teaches that executing the set of command primitives associated with the secured command using the command execution means, if and only if the secured command passes both testing (the authenticity of the secured command and regularity). A decryption of the secured command is performed before the Verify Seq_ID routine and Verify CMD_Auth routine are executed).  
Therefore, it would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify the storage controller of Cocotis using the secure processor taught in Carloganu in order to secure data processing using a command look up table to determine the authenticity of a command and only executes the associated command if the command passes authenticity test (Carloganu abstract).
Regarding claim 4, Cocotis and Carloganu disclose the computer program product of claim 1, 
Cocotis further discloses wherein the storage controller processor 2operations further comprise: 3receiving an unencrypted command (command) (Cocotis abstract and par. 0070. Cocotis teaches that a remote device includes a storage controller device that can receive a "secure hide" command from an administrator device); 
Carloganu further discloses wherein selectively executing the received unencrypted command (command) if the received unencrypted 5command is determined to be outside the restricted command set (non-secured command) (Carloganu col.14; lines 20-32. Carloganu teaches that utilizes a command set up table in the security module. This command set up table has a flag for each command or group of commands in the predefined set of security module commands. If the command flag value designates a non-secured command, the command will be executed by command processor without verification of either the authenticity or the sequence ID of the command).
Therefore, it would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify the storage controller of Cocotis using the secure processor taught in Carloganu in order to secure data processing using a command look up table to determine the authenticity of a command and only executes the associated command if the command passes authenticity test (Carloganu abstract). 
Regarding claims 8-11; claims 8-11 are directed to a method associated with the computer program product claimed in claims 1-4 respectively. Claims 8-11 are similar in scope to claims 1-4 respectively, and are therefore rejected under similar rationale respectively.  Cocotis also teaches the additional limitations of claim 8 as follows:
A storage controller (Cocotis par. 0062 and Fig. 8 (142)). 
Regarding claims 15-18; claims 15-18 are directed to a system associated with the computer program product claimed in claims 1-4 respectively. Claims 15-18 are similar in scope to claims 1-4 respectively, and are therefore rejected under similar rationale respectively.  Cocotis also teaches the additional limitations of claim 15 as follows:
host having a processor (Cocotis par. 0021 and Fig.1);
 (Cocotis par. 0062 and Fig. 8 (810, 142 and 144)). 
Allowable Subject Matter
Claims 5-7, 12-14 and 19-21 objected to as being dependent upon a rejected base claim, but would be allowable if rewritten to overcome the claim objections set forth in this office action and to include all of the limitations of the base claim and any intervening claims.
1 Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SANCHIT K SARKER whose telephone number is (571)270-7907.  The examiner can normally be reached on M-F 8:30 AM-5:30 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, FARID HOMAYOUNMEHR can be reached on 571-272-3739.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.






/SANCHIT K SARKER/Examiner, Art Unit 2495