Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
             DETAILED ACTION
This office action is in response to the communication filed on 11/05/2019. Claims 1-20 are pending in the application. Claims 7-12 and 19-20 are objected. Claims 1-6 and 13-18 have been rejected. 
    Information Disclosure Statement
The information disclosure statement (IDS) submitted on 11/05/2019 is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claim 18 is rejected under 35 U.S.C. 102(a)(2) as being anticipated by US 2019/0245682 A1 (hereinafter Alwen)
Regarding claim 18, Alwen teaches an operating method of a storage device (note figure 4.420: secure platform) comprising a plurality of ranges configured to 
when a first user accesses the storage device, encrypting a plurality of data encryption keys (DEKs) respectively corresponding to the ranges in a first manner and storing the DEKs encrypted in the first manner in a first slot of the plurality of slots (note para. [0004], [0009]; see also para. [0030], [0077]: encrypting the encryption key associated with second device; selecting different ciphering suites/ schemes for encryption by different devices);
when a second user accesses the storage device, allocating a second slot of the plurality of slots to the second user (note para, [0054],[0077]: storage of different keys associated with different users in different pool/ areas of the storage) ; and
encrypting a DEK corresponding to one range of the plurality of ranges from among the plurality of DEKs in a second manner, different from the first manner, and storing the DEK encrypted in the second manner in the second slot (note para. [0009], [0041], [0054]. [0077]: selecting different ciphering suites/ schemes for encryption by different devices)

      			    Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


The factual inquiries for establishing a background for determining obviousness under pre-AIA  35 U.S.C. 103(a) are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 1-2 and 13-16 are rejected under 35 U.S.C. 103 as being unpatentable over US 9,031,233 B2 (hereinafter Kang et al) in view of Alwen.
Regarding claim 1, Kang et al teaches a storage device (note figure 1.10: storage medium), comprising: 
a nonvolatile memory device (note figure 1.200: non-volatile memory); and
a controller (note figure 1.100: controller)  configured to manage a data encryption key (DEK) (note column 2, starts at line 58),
wherein the DEK is used to encrypt data to be written in a storage space of the nonvolatile memory device by a first user and to decrypt data read from the storage space (note column 2, starts at line 59), wherein the controller is further configured to:
grant a user authority to access the storage space by encrypting the DEK (note column 2, starts at line 1; and column 4, starts at line 30);
grant the user to access the encrypted DEK (note column 3, starts at line 7; and column 4, starts at line 30); and

Kang et al  fails to teach expressly granting a second user authority to access the storage space by encrypting the DEK based on a Diffie-Hellman (DH) algorithm; granting the second user authority to access the encrypted DEK; and decrypting the encrypted DEK based on the DH algorithm.
However, Alwen teaches granting a second user authority to access the storage space by encrypting the DEK based on a Diffie-Hellman (DH) algorithm (note para. [0007], [0030], [0041]); granting the second user authority to access the encrypted DEK (note para. [0030], [0041] –[0042]); and decrypting the encrypted DEK based on the DH algorithm (note para. [0030], [0041] –[0042])
Alwen and  Kang et al  are analogous art because they are from the same field of endeavor of  securing access to sensitive/ cryptographic data. Therefore, at the time of effective filing date of the claimed invention, it would have been obvious to a person of ordinary skill in art to modify Kang et al   method to further include the features of granting a second user authority to access the storage space by encrypting the DEK based on a Diffie-Hellman (DH) algorithm; granting the second user authority to access the encrypted DEK; and decrypting the encrypted DEK based on the DH algorithm taught by Alwen since such arrangements would be advantageous to the users  for more securely sharing cryptographic data among various network users (note Alwen, [0007] –[0009])
Regarding claim 2, it is rejected applying as same motivation and rationale applied above rejecting claim 1, furthermore, Kang et al teaches the storage device wherein the controller is further configured to divide the nonvolatile memory device into a user area comprising the storage space and a meta area (note figure 1.210: encrypted user/ secret data in NV memory), and wherein the controller stores the encrypted DEK in the meta area (note figure 1.210; and column 1, starts at line 62)
Regarding claim 13, it is rejected applying as same motivation and rationale applied above rejecting claim 1, furthermore, Kang et al teaches the storage device wherein the controller is further configured to: prohibit the second user from accessing the storage space until the encrypted DEK is decrypted and authority to access the storage space has been granted to the second user (note column 4, starts at line 30: allowing decryption of DEK using KEK based on user secret/ password) 
Kang et al  fails to teach expressly  authority to access the storage space has been granted to the second user. 
However, Alwen teaches prohibiting the second user from accessing the storage space until the encrypted DEK is decrypted and authority to access the storage space has been granted to the second user (note para. [0030], [0041] -[0042])  
Regarding claim 14, Kang et al  teaches a storage device (note figure 1.10: storage medium), comprising:
a nonvolatile memory device (note figure 1.200: non-volatile memory); and

wherein the DEK is used to encrypt data to be written in a storage space of the nonvolatile memory device by a first user and to decrypt data read from the storage space (note column 3, starts at line 7),
wherein the controller is further configured to: encrypt the DEK in a first manner when the DEK is stored in an area of the nonvolatile memory device associated with the first user (note column 3, starts at line 7; and column 4, starts at line 30)
Kang et al   fails to teach expressly encrypt the DEK in a second manner, different from the first manner, when the DEK is  stored in an area of the nonvolatile memory device associated with a second user.
However, Alwen teaches encrypt the DEK in a second manner, different from the first manner, when the DEK is stored in an area of the nonvolatile memory device associated with a second user (note para. [0004], [0009]; see also para. [0030], [0041]: encrypting the encryption key associated with second device; selecting different ciphering suites/ schemes for encryption by different devices)
Alwen and  Kang et al  are analogous art because they are from the same field of endeavor of  securing access to sensitive/ cryptographic data. Therefore, at the time of effective filing date of the claimed invention, it would have been obvious to a person of ordinary skill in art to modify Kang et al   method to further include the features of encrypting the DEK in a second manner, different from the first Alwen since such arrangements would be advantageous to the users  for more securely sharing cryptographic data among various network users (note Alwen, [0004], [0009])
Regarding claim 15, it is rejected applying as same motivation and rationale applied above rejecting claim 1, furthermore, Kang et al teaches the storage device of claim 14, wherein encrypting the DEK in the first manner comprises encrypting the DEK by using a password provided from the first user (note column 4, starts at line 30)
Regarding claim 16, it is rejected applying as same motivation and rationale applied above rejecting claim 1, furthermore, Alwen teaches the storage device of claim 14, wherein encrypting the DEK in the second manner comprises encrypting the DEK based on a Diffie-Hellman (DH) algorithm (note para. [0007], [0030])
Regarding claim 17, it is rejected applying as same motivation and rationale applied above rejecting claim 1, furthermore, Alwen teaches the storage device of claim 14, wherein, access to the storage space is permitted for the second user when the DEK encrypted in the second manner is stored in the area associated with the second user (note para. [0004], [0009], [0030], [0041]: selecting different ciphering suites/ schemes for encryption by different devices)

Claims 3-6 are rejected under 35 U.S.C. 103 as being unpatentable over  Kang et al in view of  Alwen  further in view of US 2013/0086303 A1 (hereinafter Ludwig et al)
Regarding claim 3, it is rejected applying as same motivation and rationale applied above rejecting claim 2, furthermore, Kang et al  fails to teach expressly the storage device of claim 2, wherein the controller is further configured to:  receive a first value indicating a number of ranges; divide the user area into a plurality of ranges based on the received first value; receive a second value indicating a number of users; and divide the meta area into a plurality of slots based on the received second value; and allocate the slots to the users, respectively.
However, Ludwig et al teaches the storage device of claim 2, wherein the controller is further configured to:  receive a first value indicating a number of ranges (note para. [0092], [0179]); divide the user area into a plurality of ranges based on the received first value (note para. [0092], [0179]); receive a second value indicating a number of users (note figure 8: section ID associated with a client ID; and para. [0092], [0179]); and divide the meta area into a plurality of slots based on the received second value (note figure 8; and para. [0179], [0209]); and allocate the slots to the users, respectively (note para. [0179], [0209])
Ludwig et al and  Kang et al  are analogous art because they are from the same field of endeavor of  securing access to sensitive/ cryptographic data. Therefore, at the time of effective filing date of the claimed invention, it would have been obvious to a person of ordinary skill in art to modify Kang et al   method Ludwig et al since such arrangement would be advantageous to manage and secure data specific to each user (note para. [0004]-[0006])
Regarding claim 4, it is rejected applying as same motivation and rationale applied above rejecting claim 3, furthermore, Ludwig et al teaches the storage device wherein granting the second user authority to access the encrypted DEK comprises storing, by the controller, the encrypted DEK in a slot allocated to the second user from among the slots (note para. [0117], [0141])
Regarding claim 5, it is rejected applying as same motivation and rationale applied above rejecting claim 3, furthermore, Kang et al  teaches the storage device wherein the controller is further configured to:
receive a password from the second user (note column 4, starts at line 30: user secret information);
encrypt the decrypted DEK by using the password  (note column 4, starts at line 30: generating KEK from secret information/ password); and
store the DEK encrypted with the password in a slot allocated to the second user from among the slots (note column 2, starts at line 10; and column 4, starts at line 30)
Regarding claim 6, it is rejected applying as same motivation and rationale applied above rejecting claim 3, furthermore, Alwen teaches the storage device wherein the storage space is one range of the plurality of ranges, wherein, in response to a request of the second user, the controller encrypts the data to be written in the storage space (note para. [0030], [0041] -[0042]) Furthermore, Ludwig et al teaches wherein, in response to a request of the second user, the controller encrypts the data to be written in the storage space by using the decrypted DEK and decrypts the data read from the storage space by using the decrypted DEK (note para. [0141], [0179], [0187])

Allowable Subject Matter
Claims 7-12 and 19-20 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.

           Conclusion
A shortened statutory period for response to this action is set to expire in 3 (Three) months and 0 (Zero) days from the mailing date of this letter. Failure to respond within the period for response will result in ABANDOMENT of the application (see 35 U.S.C 133, M.P.E.P 710.02(b)). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHANTO ABEDIN whose telephone number is 571-272-3551.  The examiner can normally be reached on M-F from 8:30 AM to 6:30 PM. If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, Jung (Jay) Kim, can be reached on 571-272-3804. The RightFax number for faxing directly to the examiner is 571-273-3551. 

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).
/SHANTO ABEDIN/Primary Examiner, Art Unit 2494