DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
1.	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
	2.	Claims 1-20 are pending in the application.

Claim Rejections - 35 USC § 103
3.	In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

4.	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


5.	Claim s 11-12 is/are rejected under 35 U.S.C. 103 as being unpatentable over AKDEMIR et al, US 20130326207 A1 (hereinafter AKDEMIR), in view of Oxford, US 20160125187 A1.
	AKDEMIR teaches:

having the non-volatile memory with an in-system program loaded on the non- volatile memory (e.g., fig., 2, ROM 200 storing boot function, security functions, and mapping);  
reading the in-system program to provide base firmware code, a function pointer structure and security firmware code structure (e.g., [0016] the processor 150 executes (reads) the plurality of different programs;  [0033] the process is a boot function which is executed (read) by the processor 150 [0031] the boot functions 210 use the security functions by requesting the security functions 215-230 using the callback mechanism; [0036] using the mapping 140 to locate the security function requested by the process); and  
executing the base firmware code (e.g.,[0033] the process is a boot function which is executed by the processor 150), wherein security functions of the security firmware code are called by the base firmware code through information recorded in the function pointer structure (e.g., [0031] the boot functions 210 use the security functions by requesting the security functions 215-230 using the callback mechanism; [0036] using the mapping 140 to locate the security function requested by the process) and thereby the non-volatile memory switches to a higher security level (e.g., [0019] The boot functions 120 include functions for initiating the apparatus 100 and the security functions 130 extends to the plurality of programs that use the security functions 130 to verify and authenticate themselves and other programs; [0034] trusted boot functions 120 that use the security functions 130 to establish a trusted boot) .  AKDEMIR does not teach downloading the in-system program to a data register to provide base firmware 
claim 12, AKDEMIR teaches the security firmware code is compatible with multiple projects (e.g., [0019] the boot functions 120 are initialization functions that load drivers, programs (e.g., operating system) and other data  and uses the security functions 130 to verify that the boot functions 120 and the apparatus 100 are valid and secure). The combination of AKDEMIR and Oxford does not teach the security firmware code using an application programming interface.  Official Notice is taken that the use of an application programming interface is well known in the art.  It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have the security firmware code using an application programming interface because it would allow multiple applications interact with and obtain data from one another.

6.	Claim s 1-2 is/are rejected under 35 U.S.C. 103 as being unpatentable over AKDEMIR et al, US 20130326207 A1 (hereinafter AKDEMIR), in view of Oxford, US 20160125187 A1, and further in view of MURALI et al., US 20190129638 A1 (hereinafter MURALI). 

Claim 1. A data storage device (e.g., fig. 1. Storage device 100), comprising:  
a non-volatile memory (e.g., fig. 1, ROM 110; fig., 2, ROM 200); and  
a memory controller (e.g., fig. 1, processor 150), operating the non-volatile memory as requested by a process (e.g., receiving request for a security function in the ROM from a process), 
wherein:  
an in-system program is loaded into the non-volatile memory(e.g., fig., 2, ROM 200 storing boot functions, security functions, and mapping);  
the memory controller reads the in-system program to provide base firmware code, a function pointer structure and security firmware code structure (e.g.,[0016] the processor 150 executes (reads) the plurality of different programs; [0033] a boot function which is executed (read) by the processor 150;  [0031] the boot functions 210 use the security functions by requesting the security functions 215-230 using the callback mechanism; [0036] the processor 150 uses the mapping 140 to locate the security function requested by the process); and  
the memory controller executes the base firmware code (e.g., [0033] the process is a boot function which is executed by the processor 150; [0016] executing the plurality of different programs using the processor 150), and security functions of the security firmware code are called by the base firmware code through information recorded in the function pointer structure (e.g., [0031] the boot functions 210 use the security functions by requesting the security functions 215-230 using the callback mechanism; [0036] using the mapping 140 to locate the security function requested by the process) and boot functions 120 include functions for initiating the apparatus 100 and the security functions 130 extends to the plurality of programs that use the security functions 130 to verify and authenticate themselves and other programs; [0034] trusted boot functions 120 that use the security functions 130 to establish a trusted boot) .  AKDEMIR does not teach downloading the in-system program to a data register to provide base firmware code, a function pointer structure and security firmware code on the data register.  Oxford teaches downloading a program to a data register (e.g., fig. 3, downloading secure code to RAM 306).  It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to download the program to a data register to provide base firmware code, a function pointer structure and security firmware code on the data register because it would increase the speed of data processing. 
The combination of AKDEMIR and Oxford does not teach a host.  MURALI teaches a host (e.g., [0015] connection to external resources such as host servers).  It would have been obvious to one of ordinary skill in the art before the effective filing dated of the claimed invention to include a host server because it would allow expansion of storage and processing capability.
Claim 2,  AKDEMIR teaches the security firmware code is compatible with multiple projects (e.g., [0019] the boot functions 120 are initialization functions that load drivers, programs (e.g., operating system) and other data  and uses the security functions 130 to verify that the boot functions 120 and the apparatus 100 are valid and secure). The combination of AKDEMIR, Oxford, and MURALI does not teach the .

Allowable Subject Matter
7.	Claims 3-10 and 13-20 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.

8.	The following is an examiner’s statement of reasons for allowance: None of the prior art of record teaches the combination of the function pointer structure includes a first table and a second table;  the first table lists base function addresses;  the second tale lists security function addresses;  the base firmware code calls security functions of the security firmware code through the second table; and  the security firmware code calls base functions of the base firmware code through the first table as recited in claims 3 and 13.  
.Claims 4-10 and 14-20 either direct or indirect depend on claims 3 and 13 and have the same reasons for allowance as discussed above.

Conclusion
9.	Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DENISE TRAN whose telephone number is (571)272-4189.  The examiner can normally be reached on M, Thurs, 8am-4pm an alternated F 9. am-5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, David Yi can be reached on (571)270-7519.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.





Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for 





/DENISE TRAN/Primary Examiner, Art Unit 2138