DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Amendment
Applicant’s amendment filed 30 March 2021 amends claims 8, 20, 22. Applicant’s amendment has been fully considered and entered.
Response to Arguments
Applicant argues, “…Sela does not show or suggest a dedicated sub region within a protected memory region where the dedicated sub region is established by a host.” This argument is not persuasive because Sela discloses a protected memory system wherein non-volatile memory includes separate memory partitions ([0043]) such that a particular host can write and read data to/from a particular partition in a secure manner ([0045]). Therefore, because particular partitions are established specifically for particular hosts, the partitions would be considered to have been established by those particular hosts as claimed. Examiner notes that the claims do not specify how the claimed establishment is performed. Additionally, Sela discloses that the host programs the key that allows the host to access the partition ([0049]).
Applicant's arguments, with respect to claim 5, fail to comply with 37 CFR 1.111(b) because they amount to a general allegation that the claims define a patentable invention without specifically pointing out how the language of the claims patentably distinguishes them from the references.
Applicant argues, “With respect to claim 10, Applicant respectfully asserts that Sela does not show or suggest providing an exclusive and secure access to a sub region within protected memory of a manage memory device, including issuing an authenticated command to the sub region.” This argument is not persuasive because Sela discloses a system that includes a controller ([0048]) such that the controller authenticates partition read/write/erase ([0033]) access requests received from the host such that the requests are signed using keys ([0050]-[0051]) that are shared between the system and the host ([0045]).
Applicant argues, “Claim 20 has been amended to further recite enabling an authenticated command to be issued to a hidden sub region within protected memory, wherein the authenticated command is signed with the device unique key for the one device and the one device is configured to grant access to the hidden sub region within the protected memory in response to receiving the authenticated command.” This argument
Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claims 1, 2, 5, 6, 9-15, 18, 19 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Sela, U.S. Publication No. 2020/0014544. Referring to claim 1, Sela discloses a protected memory system wherein non-volatile memory includes separate memory partitions ([0043]) such that a particular host can write and read data to/from a particular partition in a secure manner ([0045]: particular partition for the host would read on the claimed sub region & [0049]: the host programs the key that allows the host to access the partition), which meets the limitation of an array of non-volatile memory cells including a protected memory region, the protected memory region including a dedicated sub region established by a host. The system includes a controller ([0048]) such that the controller authenticates partition read/write/erase ([0033]: erase operation would read on the claimed wipe) access requests received from the host such that the requests are signed using keys ([0050]-[0051]) that are shared between the system and the host ([0045]: keys reside in both storage device and entity), which meets the limitation of a memory controller configured to wipe the protected memory region or execute other security restricted functions by issuing an authenticated command to the dedicated sub region of the protected region, wherein issuing the authenticated command includes signing the command with a key shared with the host that established the dedicated sub region.
Referring to claim 2, Sela discloses that the memory system partitions are defined by Replay Protected Memory Block (RPMB)([0043]), which meets the limitation of wherein the protected region includes a Replay Protected Memory Block (RPMB).
Referring to claim 5, Sela discloses a host (Figure 1A, element 120) that includes an interface (Figure 1A, 125) that allows for communication with a memory system (Figure 1A, 100: memory system would read on the memory device), which meets the limitation of a host configured to communicate with a memory device. 
Examiner notes that the claimed system only requires the claimed host as being part of the claimed system. The claimed memory device is not specifically listed as being part of the claimed system and therefore does not receive patentable weight. However, Sela would read on the claim limitations if the claims were amended to require the claimed memory device to be part of the claimed system because Sela discloses a protected memory system wherein non-volatile memory includes separate memory partitions ([0043]), which meets the limitation of a memory device that includes an array of non-volatile memory cells including a protected memory region. A particular host can write and read data to/from a particular partition in a secure manner ([0045]: particular partition for the host would read on the claimed sub region and that particular partition would be considered to be dedicated to the host because access is limited to only one host [0047]), which meets the limitation of wherein the host is configured to initiate a dedicated sub region in the protected memory region. The system includes a controller ([0048]) such that the controller authenticates partition read/write/erase ([0033]: erase operation would read on the claimed wipe) access requests received from the host such that the requests are signed using keys ([0050]-[0051]) that are shared between the system and the host ([0045]: keys reside in both storage device and entity), which meets the limitation of a memory controller configured to wipe the protected memory region by issuing an authenticated command to the dedicated sub region, wherein issuing the authenticated command includes signing the command with a key shared with the host that initiated the dedicated sub region.
Referring to claim 6, Sela discloses that the memory system could be implemented in a cell phone ([0002] & [0054] & Figure 1A: memory system includes controller 102 and memory partitions 104), which meets the limitation of wherein the system includes a phone, and the phone includes the non-volatile memory array and the memory controller.
Referring to claim 9, Sela discloses that the memory system partitions are defined by Replay Protected Memory Block (RPMB)([0043]), which meets the limitation of wherein the protected region includes a Replay Protected Memory Block (RPMB).
Referring to claim 10, Sela discloses a protected memory system wherein non-volatile memory includes separate memory partitions ([0043]) such that a particular host can write and read data to/from a particular partition in a secure manner ([0045]). Usage of a particular partition is by only one host ([0047]: particular partition reads on the claimed sub region), which meets the limitation of providing an exclusive and secure access to a sub region within protected memory of a managed memory device. The system includes a controller ([0048]) such that the controller authenticates partition read/write/erase ([0033]) access requests received from the host such that the requests are signed using keys ([0050]-[0051]) that are shared between the system and the host ([0045]: keys reside in both storage device and entity), which meets the limitation of including issuing an authenticated command to the sub region, wherein issuing the authenticated command includes signing the command with a key shared with the host that initiated the sub region. The keys are utilized to verify access requests such that verified requests are granted ([0045]-[0046]), which meets the limitation of wherein the managed memory device is configured to grant access to the sub region within the protected memory in response to receiving the authenticated command.
Referring to claim 11, Sela discloses that the memory system partitions are defined by Replay Protected Memory Block (RPMB)([0043]) such that the system includes a controller ([0048]) that authenticates partition erase operations ([0033]: erase operation would read on the claimed wipe & [0050]-[0051]), which meets the limitation of wiping Replay Protected Memory Block (RPMB) keys and content with the granted access to the sub region within the protected memory. Examiner notes that claimed type of data being wiped from memory has not been given patentable weight because the specific data being wiped is never functionality utilized in the claims and would therefore be considered non-functional descriptive material that is not given patentable weight (See MPEP 2111.04-2111.05).
Referring to claims 12-14, Sela discloses that the keys are utilized to verify access requests such that verified requests are granted ([0045]-[0046]), which meets the limitation of further comprising access sensitive device information using the granted access to the sub region within the protected memory.
Examiner notes that the claimed “sensitive device information” is never functionally utilized outside of merely being accessed. Therefore, the type of sensitive device information (i.e., limitations of claims 13 and 14) does not affect the functional utilization claimed and would be considered non-functional descriptive material that does not receive patentable weight (See MPEP 2111.05).
Referring to claim 15, Sela discloses that the key can be provided by a remote server ([0049]), which meets the limitation of comprising receiving the key for the managed memory device from a secure server. 
Referring to claim 18, Sela discloses that the memory system partitions are defined by Replay Protected Memory Block (RPMB)([0043]), which meets the limitation of wherein the sub region is a dedicated Replay Protected Memory Block (RPMB) sub region. Sela discloses that the read/write commands include parameters such as nonces and counters that ensure replay protection ([0045]) and that the commands are signed using the keys ([0050]-[0051]), which meets the limitation of the authenticated command and parameters of the authenticated command are encapsulated in a write operation directed to the dedicated RPMB sub region.
Referring to claim 19, Sela discloses that the read/write commands are signed using the key ([0050]-[0051]) and that the partitions can be set up so that only one host can read from and write to the partition ([0047]: Examiner notes that the claims do not define what constitutes a “normal” sub region. Therefore, any partition in Sela could be considered a “normal” sub region), which meets the limitation of wherein the authenticated command is sent to a normal sub region using the key.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 3, 7 are rejected under 35 U.S.C. 103 as being unpatentable over Sela, U.S. Publication No. 2020/0014544, in view of Gulati, U.S. Publication No. 2018/0097639. Referring to claims 3, 7, Sela does not disclose that the keys are stored in a database. Gulati discloses storing shared keys in a database ([0064]), which meets the limitation of comprising retrieving the key from a database, a database configured to store a key for each of a plurality of devices. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the keys of Sela to have been stored in a database because Gulati discloses that databases are one of a finite number of possible storage solutions for keys that allow for later retrieval in a manner that can be implemented by one of ordinary skill in the art with a reasonable expectation of success (Gulati: [0064]).
Claims 4, 8, 24 are rejected under 35 U.S.C. 103 as being unpatentable over Sela, U.S. Publication No. 2020/0014544, in view of Krysiak, U.S. Publication No. 2011/0091040. Referring to claim 4, Sela does not disclose that the system keys are generated using a master key. Krysiak discloses individual key generation for mobile terminals wherein the individual keys are generated from a master key ([0013] & [0023]), which meets the limitation of comprising retrieving the key from a master cryptographic key. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the system keys of Sela to have been generated from master keys in the manner described in Krysiak in order to allow for authenticity to be verified as suggested by Krysiak ([0013]).
Referring to claim 8, Sela does not disclose that the system keys are generated using a master key. Krysiak discloses a trust center that generates an individual key from a device serial number, and a master key stored at the trust center ([0013] & [0026]: individual key reads on the claimed unique device key, master key reads on claimed master key and serial number reads on the claimed device id), which meets the limitation of a secure server storing master cryptographic key an algorithm to generate a unique device key using the master key and the device ID. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the system keys of Sela to have been generated from master keys in the manner described in Krysiak in order to allow for authenticity to be verified as suggested by Krysiak ([0013]).
Referring to claim 24, Sela discloses a protected memory system wherein non-volatile memory includes separate memory partitions ([0043]) such that a particular host can write and read data to/from a particular partition in a secure manner ([0045]). Usage of a particular partition is by only one host ([0047]: particular partition reads on the claimed sub region and that particular partition would be considered to be exclusive to the host because access is limited to only one host [0047]), which meets the limitation of enabling an exclusive and secure access to a sub region within protected memory of the one device. The system includes a controller ([0048]) such that the controller authenticates partition read/write/erase ([0033]) access requests received from the host such that the requests are signed using keys ([0050]-[0051]), which meets the limitation of enabling an authenticated command to be issued to the sub region, wherein the authenticated command is signed with the device unique key for the one device. The keys are utilized to verify access requests such that verified requests are granted ([0045]-[0046]), which meets the limitation of the one device is configured to grant access to the sub region within the protected memory in response to receiving the authenticated command.
Sela does not disclose that the system keys are generated using a master key. Krysiak discloses a trust center that generates an individual key from a device serial number, and a master key stored at the trust center ([0013] & [0026]: individual key reads on the claimed unique device key, master key reads on claimed master key and serial number reads on the claimed device id), which meets the limitation of managing device unique keys for a plurality of device, including accessing a device ID for one device of the plurality of devices, accessing a master key, and generating a device unique key for the one device of the plurality of devices using the master key and the device unique ID. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the system keys of Sela to have been generated from master keys in the manner described in Krysiak in order to allow for authenticity to be verified as suggested by Krysiak ([0013]).
Claims 16, 17 are rejected under 35 U.S.C. 103 as being unpatentable over Sela, U.S. Publication No. 2020/0014544, in view of Mo, U.S. Publication No. 2019/0340393. Referring to claim 16, Sela does not disclose that the keys utilized to access the partitions can be removed. Mo discloses a trusted execution environment wherein data access keys can be deleted ([0087]), which meets the limitation of disabling the exclusive and secure access to the sub region using another authenticated command to permanently remove the key. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to allow for the deletion of access keys in Sela in order to prevent attackers from accessing the protected data as suggested by Mo ([0087]).
Referring to claim 17, Sela does not disclose that the keys utilized to access the partitions can be removed. Mo discloses a trusted execution environment wherein data access keys can be deleted ([0087]), which meets the limitation of disabling the exclusive and secure access to the sub region using [an automatic mechanism] to permanently remove the key. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to allow for the deletion of access keys in Sela in order to prevent attackers from accessing the protected data as suggested by Mo ([0087]).
Mo does not specify that the key deletion procedure is automated. However, it is well settled that it is not "invention" to broadly provide a mechanical or automatic means to replace manual activity which has accomplished the same result. In re Venner, 120 USPQ 192. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the key deletion procedure of Mo to be automated because providing an automatic means to replace manual activity is not “invention” when that activity accomplishes the same result.
Claims 20-23 are rejected under 35 U.S.C. 103 as being unpatentable over Sela, U.S. Publication No. 2020/0014544, in view of Thibadeau, U.S. Publication No. 2005/0066191, and further in view of Krysiak, U.S. Publication No. 2011/0091040. Referring to claim 20, Sela discloses a protected memory system wherein non-volatile memory includes separate memory partitions ([0043]) such that a particular host can write and read data to/from a particular partition in a secure manner ([0045]: particular partition reads on the claimed sub region). The system includes a controller ([0048]) such that the controller authenticates partition read/write/erase ([0033]) access requests received from the host such that the requests are signed using keys ([0050]-[0051]), which meets the limitation of enabling an authenticated command to be issued to a [hidden] sub region with protected memory, wherein the authenticated command is signed with the device unique key for the one device. The keys are utilized to verify access requests such that verified requests are granted ([0045]-[0046]), which meets the limitation of the one device is configured to grant access to the [hidden] sub region within the protected memory in response to receiving the authenticated command.
Sela does not disclose that the memory partitions include a hidden partition. Thibadeau discloses a storage system that includes a hidden partition ([0058] & [0070]), which meets the limitation of a hidden sub region with protected memory. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the memory partitions of Sela to have included a hidden partition in order to provide an effective location to conceal secret information as suggested by Thibadeau ([0058]). 
Sela does not disclose that the system keys are generated using a master key. Krysiak discloses a trust center that generates an individual key from a device serial number, and a master key stored at the trust center ([0013] & [0026]: individual key reads on the claimed device unique key, master key reads on claimed master key and serial number reads on the claimed device id), which meets the limitation of accessing a device ID for one device of the plurality of devices, accessing a master key, and generating a device unique key for the one device of the plurality of devices using the master key and the device unique ID. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the system keys of Sela to have been generated from master keys in the manner described in Krysiak in order to allow for authenticity to be verified as suggested by Krysiak ([0013]).
Referring to claim 21, Sela does not disclose that the system keys are generated using a master key. Krysiak discloses a trust center that generates an individual key from a device serial number, and a master key stored at the trust center ([0013] & [0026]: individual key reads on the claimed device unique key, master key reads on claimed master key and serial number reads on the claimed device id). Krysiak discloses that the individual key is stored in the security element of the mobile device ([0023]), which meets the limitation of comprising using the device unique key to initialize the device by storing the device unique key in a protected memory region of the device. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the system keys of Sela to have been generated from master keys in the manner described in Krysiak in order to allow for authenticity to be verified as suggested by Krysiak ([0013]).
Referring to claim 22, Sela discloses that the memory system partitions are defined by Replay Protected Memory Block (RPMB)([0043]), which meets the limitation of wherein the protected region includes a Replay Protected Memory Block (RPMB).
Referring to claim 23, Sela does not disclose that the system keys are generated using a master key. Krysiak discloses a trust center that generates an individual key from a device serial number, and a master key stored at the trust center ([0013] & [0026]: individual key reads on the claimed device unique key, master key reads on claimed master key and serial number reads on the claimed device id). Krysiak discloses that the trust center stores the master key MK in memory of the trust center and that the trust center utilizes the stored master key MK and the serial number to generate the individual key ([0026]: trust center would also store the generation algorithm since the trust center performs the key generation), which meets the limitation of wherein a secure server stores the master key and an algorithm to generate the device unique key using the master key and the device ID. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the system keys of Sela to have been generated from master keys in the manner described in Krysiak in order to allow for authenticity to be verified as suggested by Krysiak ([0013]).
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to BENJAMIN E LANIER whose telephone number is (571)272-3805.  The examiner can normally be reached on M-Th: 6:20-4:50.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kristine Kincaid can be reached on 5712724063.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/BENJAMIN E LANIER/          Primary Examiner, Art Unit 2437