Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

EXAMINER'S AMENDMENT
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.

Authorization for this examiner’s amendment was given in an interview with Surinder Sachar on 3/23/2021.

The application has been amended as follows:
 
See attachment.

In addition:
	//Begin Amendment
	In claim 1:
		In the second to last paragraph:
Replace “remove the restriction of the execution” with “restrict the execution”.
		
In the last paragraph:
restrict the execution of” with “remove the restriction of the execution of”.

	//End of Amendment

Allowable Subject Matter
Claims 1-12 are allowed.

The following is an examiner’s statement of reasons for allowance were provided in the Office Action mailed 12/8/2020, and are reiterated herein:

	None of the cited prior art of record teach or suggest, in combination with the other recited features:
Summary of prior art:
AAPA
Locked and unlocked modes which may be entered using specific commands [P1].

Kan US 8,583,835
Define command portal address range for receiving vendor-specific commands [C7-8]
Read or write commands to access the portal address range which are accompanied by a signature are interpreted as vendor-specific commands [C7-8]
State transition between authenticated and unauthenticated based on signature [C12, L1-67]
A missing signature causes the access to perform the normal user data command [C13]
Differences:

Signature/password is not formed from a plurality of addresses of a second sequence of commands.

Okaue US 2004/0236918 (IDS) [Fig. 16]
Host transmits command to device
Device computes hash of master key and host ID and returns the host-specific lock key and a random number to the host
Host computes a value using the lock key and the random number
Host transmits a lock or unlock command including the value and the host ID
Device receives the command and reproduces the lock key from the master key and the ID
Device computes a value using the reproduced lock key and the random number
Device executes the command if the password is a match
	Differences:
	Individual random number-generating command versus a plurality of commands in sequence

Nagao US 7,895,406 [IDS]
[C4, L13-32]	Password is preprogrammed in a sector in the memory device
[C4, L26-31]	Password is generally not readable by an external host to prevent leaks
[Fig. 12]		Multiple addresses are provided if the password string is located at multiple addresses
[C2, L27-47]	Separately storing portions of sensitive data improves security by preventing reading of the whole password when a single address is leaked to an attacker
	Differences:


Pfeffer US 2014/0181433
[0023]		A sequence of read or write commands in a certain pattern enables a mode switch
[0024]		E.g., reading may be allowed to all device addresses if a specific set of addresses is specified by a sequence of read commands.

However, none of the cited prior art of record teach or suggest the combination of at least:
determine whether or not a plurality of first commands including addresses have been received from a host device in a first sequence;
after determining that the plurality of the first 10commands have been received in the first sequence, when a plurality of second commands including addresses are received from the host device in a second sequence, store the addresses included in the plurality of the second commands in the memory;
convert into a first password the addresses included in 15the plurality of the second commands stored in the memory; and
performing one of:
not restrict execution of the first commands and the second command from the host device by the memory controller after the memory system is started up, and restrict the execution of 20tttthe first commands and the second commands from the host device by the memory controller after the first password is matched with a predetermined second password;
restrict execution of the first commands and the second command from the host device by the memory controller after the memory system is started up, and remove the restriction of the execution of 20tttthe first commands and the second commands from the host device by the memory controller after the first password is matched with a predetermined second password;

	While the prior art of record discloses various methods of authenticating accesses to a storage device by receiving a command specifying an address, none of the cited prior art of record appear to teach or suggest receiving a first command sequence, determining the sequence has been received, storing the addresses of a second command sequence in memory, converting the addresses included in the second command sequence into a password, and setting or removing a restriction on execution of the first and second commands based on a match between the password and a predetermined password.
	Based on the cited prior art, it was known to transition a storage device between an authenticated mode and unauthenticated mode [Kan]. Further, it was known to maintain secrecy of a password by avoiding direct transmission of the password to the host, e.g. by using a proxy value produced by a hash function and/or encryption (see Okaue, passing encrypted value computed from host ID and master key).
Further, various features regarding vendor-specific commands were known. Some devices provide a restricted or protected memory array which is only accessible via vendor-specific commands [C5, L52-64]. One method of providing vendor-specific commands is to provide a read or write command with address operands within specific address ranges in the device (see Kan, command portal addresses [C7-C8]). Alternatively, an address operand itself may contain dummy data embedded with a vendor-specific command [C7, L4-14]. Validating such commands may include providing a signature or predefined data pattern in the write data to be checked by the device [C12, L1-47], e.g. to set the storage subsystem from a restricted state to an unrestricted state [C12, L56-67].


While Kan describes an authentication method using read or write commands, Kan’s method differs in (1) providing a signature/password in a data buffer rather than an address operand, (2) providing a single read or write command rather than a sequence of commands, and (3) providing the signature/password using address operands of a sequence of commands.
	Okaue describes similar authentication processes in which a password transmitted between a host and a storage subsystem, however Okaue does not specifically disclose providing the password in the address operands of a sequence of commands.
	Boning US 2006/0090053 discloses providing a command sequence including a plurality of addresses and data, where the sequence indicates a special command to be performed, e.g. setting or removing read or write protection for a device [0140-0148]. Further, a password is transmitted using a plurality of commands [0145-0146] as data. Hence, while Boning discloses splitting the transfer of a password over multiple commands having addresses, Boning also differs in that the password is contained in the data corresponding to the address rather than the address operands themselves.
	Accordingly, none of the cited prior art appears to teach or suggest each and every feature claimed. At best, the skilled artisan would likely have been motivated to combine the prior art elements of transmitting sensitive password information, whether in an encrypted form or not [Okaue], for performing a special command such as setting a lock/unlocked mode of the device by targeting specially defined address ranges [Kan], where the password information is provided in data of a plurality of read or write commands transmitted in a sequence [Boning], e.g. to prevent the entire password from being using the address operands of a plurality of commands transmitted in a sequence and converting the received address operands of multiple commands into the password for locking or unlocking the storage device.
	Hence, claim 1 is considered to contain allowable subject matter. Claims 2-12 recite similar subject matter and are treated similarly.

Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to HEWY H LI whose telephone number is (571)272-8714.  The examiner can normally be reached on Mon-Fri 10-6.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Charles Rones can be reached on (571)272-4085.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available 






/HEWY H LI/Examiner, Art Unit 2136                                                                                                                                                                                                        
/CHARLES RONES/Supervisory Patent Examiner, Art Unit 2136