Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

This Office Action is in response to the communication(s) filed on 09/07/2021. There are a total of 20 claims pending in the application. Claims 1-8, 10-18, and 20 have been amended. No claims have been canceled or added.

ACKNOWLEDGEMENT OF REFERENCES CITED BY APPLICANT
	Information Disclosure Statement
	As required by M.P.E.P. 2001.06(b) and 37 C.F.R. 1.98(d), since the instant application has been identified as a continuation application of an earlier filed application and is relied upon for an earlier filing date under 35 U.S.C. 120, the examiner has reviewed the prior art cited in the earlier related application as required by M.P.E.P. 707.05 and 904 and as stated in M.P.E.P. 2001.06(b), no separate citation of the same prior art need be made by the applicants in the instant application.

INFORMATION CONCERNING FOREIGN PRIORITY:
Acknowledgment is made of applicant's claim for foreign priority based on an application filed in Republic of Korea on 07/28/2015.
INFORMATION CONCERNING CLAIMS:
Claim Interpretation


Claim Rejections - 35 USC § 112
The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.

The following is a quotation of the first paragraph of pre-AIA  35 U.S.C. 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention.

Claims 1-20 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement. The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA  35 U.S.C. 112, the inventor(s), at the time the application was filed, had possession of the claimed invention.

1.	The independent claim 1, in part, recites the limitation:
“wherein the memory controller sets access authority corresponding to the at least one virtual function device sets an access control setting corresponding to the at least one virtual function, wherein the access control setting is based on virtual address range information, logical address range information, permission information, and policy information.” (Emphasis added).

The claimed specification does not appear to describe or support the above limitation(s) as claimed. The independent claim 11 recite similar limitation(s) and is rejected based on the same ground of rejection. The dependent claims 2-10 and 12-20 are rejected at least by virtue of their dependency from their respected independent claims. 

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-7, 9-10, 11-17, and 19-20 are rejected under 35 U.S.C. 103 as being unpatentable over Satoyama et al. “Satoyama” (US 2013/0097377 A1) in view of Ohira et al. “Ohira” (US 2014/0019701 A1) and Nair “Nair” (US 2015/0242227 A1).
2. 	In regard to claim 1 Satoyama teaches:
(e.g., ¶ 0125, storage system 30 in Fig. 5) comprising: a non-volatile memory device;” (e.g., ¶ 0137, Fig. 5, RG #1 is composed of multiple SSDs).
“and a memory controller (e.g., ¶ 0081, Fig. 1, the storage system 30 comprises a controller 31) configured to generate a physical function device (e.g., ¶ 0108, Fig. 2, the logical volume that the first storage system 125 provides can be associated with the physical device 163) and at least one virtual function device, wherein the at least one virtual function device is assigned to a virtual machine of a host,” (e.g., ¶ 0162, Figs. 7A-7B, The VM 101 operating on the physical host computer 10 refers to a volume 301 copied via the storage system 30. The volume 301 stores a copy of the VM pattern system image stored in the copy source volume 301AA). For example, Virtual volume or snapshot 301A assigned to VM 101A). However, Satoyama does not appear to expressly teach while:
Ohira discloses: “wherein the memory controller converts a virtual address for the at least one virtual function device into a logical address in response to an access request,” (e.g., ¶ 0081, Fig. 5, the virtual-to-logical conversion table 301 is a table to be referred to in order convert a virtual address of a virtual volume specified by the host 100 to a logical address). 
performs an address conversion process converting the logical address into a physical address, and” (e.g., ¶ 0086, Fig. 6, the logical-to-physical conversion table 302 is a table referred to in order to convert a logical address in a pool 201 into a physical address in a physical storage drive. 
Nair discloses: “(e.g., ¶ 0053, protection bits on the page tables to restrict read, write, and execute permissions on a page by the system and user processes;¶ 0058, Fig. 11, the DIOV device 1170 presents itself as a SR-IOV device with multiple virtual functions to hypervisor 1185 to allow the virtual machines 1191 through 1193 to directly operate on these virtual functions), and wherein the access control setting is based on virtual address region , logical address region [e.g., ¶ 0052, PMM refers to the entire chunk of memory as a single entity, and addresses it with its own virtual address called DOM virtual address (DVA) that ranges from 0 . . . N (virtual) blocks… PMM APIs to map the specific DVAs into process’s address space with specific address controls; ¶ 0064, security policies enforced by the hypervisor; ¶ 0064, the process-level security management aims at enforcing security decisions] providing dynamic virtualization.
Disclosures by Satoyama, Ohira, and Nair are analogous because they are in the same field of endeavor and/or solving a similar or common problem.
It would have been obvious to a person of having ordinary skill in the art before the effective filing date of the claimed invention to modify the method for assigning storage area taught by Satoyama to include the address conversion disclosed by Ohira; furthermore, to include the dynamic information virtualization taught by Nair.

Therefore, it would have been obvious to combine teachings of Nair and Ohira with Satoyama to obtain the invention as specified in the claim.
3. 	In regard to claim 11 Satoyama teaches: 
“A storage device (e.g., ¶ 0125, storage system 30 in Fig. 5) comprising: a non-volatile memory device;” (e.g., ¶ 0137, Fig. 5, RG #1 is composed of multiple SSDs).
“an input/output (I/O) adapter;” (e.g., ¶ 0085, Fig. 1, host adapter 310 transmits and receives data to/from the host computer 10 via a storage network 50).
“and a memory controller (e.g., ¶ 0081, Fig. 1, the storage system 30 comprises a controller 31) configured to communicate with a host connected through the input/output (I/O) adapter to transmit and receive data,” (e.g., ¶ 0084, Fig. 1, the controller 31 … further comprises a host adapter) provide the host with a physical function device (e.g., ¶ 0108, Fig. 2, the logical volume that the first storage system 125 provides can be associated with the physical device 163) and at least one virtual function device,” (e.g., ¶ 0162, Figs. 7A-7B, The VM 101 operating on the physical host computer 10 refers to a volume 301 copied via the storage system 30. The volume 301 stores a copy of the VM pattern system image stored in the copy source volume 301AA). 
“wherein the at least one virtual function device is assigned to a virtual machine of the host, and” (e.g., ¶ 0162, Figs. 7A-7B, The VM 101 operating on the physical host computer 10 refers to a volume 301 copied via the storage system 30. The volume 301 stores a copy of the VM pattern system image stored in the copy source volume 301AA). For example, Virtual volume or snapshot 301A assigned to VM 101A). However, Satoyama does not appear to expressly teach while:
Ohira disclose: “converts a virtual address into a logical address (e.g., ¶ 0081, Fig. 5, the virtual-to-logical conversion table 301 is a table to be referred to in order convert a virtual address of a virtual volume specified by the host 100 to a logical address), and perform an address conversion process converting the logical address into a physical address,” (e.g., ¶ 0086, Fig. 6, the logical-to-physical conversion table 302 is a table referred to in order to convert a logical address in a pool 201 into a physical address in a physical storage drive.
Nair discloses: “wherein the physical function device sets an access control setting corresponding to the at least one virtual function device (e.g., ¶ 0053, protection bits on the page tables to restrict read, write, and execute permissions on a page by the system and user processes;¶ 0058, Fig. 11, the DIOV device 1170 presents itself as a SR-IOV device with multiple virtual functions to hypervisor 1185 to allow the virtual machines 1191 through 1193 to directly operate on these virtual functions), wherein the access control setting is based on [e.g., ¶ 0052, PMM refers to the entire chunk of memory as a single entity, and addresses it with its own virtual address called DOM virtual address (DVA) that ranges from 0 . . . N (virtual) blocks… PMM APIs to map the specific DVAs into process’s address space with specific address controls; ¶ 0064, security policies enforced by the hypervisor; ¶ 0064, the process-level security management aims at enforcing security decisions] providing dynamic virtualization. The motivation for combining is based on the same rational presented for rejection of the independent claim 1.
4. 	In regard to claims 2 and 12 Nair further teaches: 
“wherein the permission information which corresponds to the access control setting (e.g., ¶ 0052, the DOM optimizations (e.g., DIV) call the PMM APIs to map the specific DVAs into the process's address space with specific access controls) includes one of read-only authority (e.g., ¶ 0053, restrict write), read-write authority (e.g., ¶ 0053, restrict –read-write), and write-only authority (e.g., ¶ 0053, restrict read) for each of at least one [[of]] physical storage area of the non-volatile memory device corresponding to each of the at least one virtual function device.” (e.g., ¶ 0053, protection bits …the page-level protection plays an important role in ensuring strong isolation across processes and across virtual machines; ¶ 0058, Fig. 11, the DIOV device 1170 presents itself as a SR-IOV device with multiple virtual functions to the hypervisor 1185 to allow to allow virtual machines 1191 through 1193 to directly operate on these virtual functions). 
5. 	In regard to claims 3 and 13 Satoyama further teaches:
“wherein the policy information which corresponds to [[the]] a virtual address region [e.g., ¶ 064, Figs. 7A-7B, volumes 301A and 301B are virtual volumes (snapshots), ¶ 0246, snapshot refers to a COW (copy-on-write)]
6. 	In regard to claims 4 and 14 Satoyama further teaches:
“wherein the physical function device sets the copy-on-write policy for a first physical storage area of the at least one physical storage area which corresponds to the virtual address region [e.g., ¶ 064, Figs. 7A-7B, volumes 301A and 301B are virtual volumes (snapshots); Volumes 301A and 301B are virtual volumes. The volume 301AA can either be a virtual volume or a real volume; ¶ 0446, Fig. 41A).
7. 	In regard to claims 5 and 15 Ohira further teaches:
“wherein, when a write request is generated for writing data to a first virtual address in the virtual address region of the at least one physical storage area and a second logical address for the second physical storage area , and creates mapping information which maps the first virtual address to the second logical address and maps the second logical address to the second physical address of the second physical storage area, and wherein the virtual function device (e.g., ¶ 081, Fig. 5, illustrates an exemplary configuration of the virtual-to-logical conversion table 301; ¶ 082, Fig. 5, an entry virtual-to-logical conversion table of 301 includes … virtual volume number 502, virtual address 503; ¶ 086, Fig. 6, is a drawing illustrating an exemplary configuration of the logical-to-physical conversion table; ¶ 0136, Fig. 15, controller 155 updates information on the relevant page in the virtual-to-logical conversion table 301). Fig. 5 of Ohira shows each virtual volume comprises a plurality of virtual address, and virtual address 0x0000 (e.g., first virtual address) is mapped to: the logical address 0x0040 (e.g., first logical address) and the logical address 0x0020 (e.g., second logical address).
8. 	In regard to claims 6 and 16 Ohira further teaches: 
“wherein the at least one virtual function device copies data stored in the first physical storage area corresponding to the first virtual address to the second physical storage area.” (e.g., ¶ 0148, Fig. 16, the relocation program 405 updates the information on the relocated page data in the virtual-to-logical conversion table).
9. 	In regard to claims 7 and 17 Satoyama further teaches:
“wherein the memory controller further comprises a random access memory (e.g., ¶ 0084, Fig. 1, memory 350; ¶ 0087, the memory 350 is composed for example of a RAM, and stores programs and data), that stores virtual function device mapping table information for retrieving the logical address corresponding to the virtual address, and each of the at least one [[of]] virtual function device converts (e.g., ¶ 0176, Fig. 8, address mapping table; Fig. 8 and its corresponding text description)
10. 	In regard to claims 9 and 19 Nair further teaches:
“wherein the virtual function device mapping table information is transmitted to a virtual machine (VM) monitor of the host.” (e.g., ¶ 0024, Dynamic I/O virtualization (DIOV) is a device model for I/O virtualization; ¶ 0052, Fig. 3, The PMM translates the DVA of DOM to DOM physical address (DPA) and from DPA to the Host Physical Address (HPA) or the physical address of the computer), and updates the page tables of the process accordingly; ¶ 0072, Fig. 2, the emulated DIOV device 221 is initialized in the hypervisor 230; ¶ 0072, Fig. 3). Virtual Machine Monitor (VMM) or hypervisor comprises DIOV that includes mapping information.
11. 	In regard to claims 10 and 20 Satoyama further teaches:
“wherein the memory controller generates specific identification device (ID) data corresponding to the at least one virtual function device in response to a device virtualization request from [[a]] the host, and transmits the generated specific ID data corresponding to the at least one virtual function device to the host.” (e.g., ¶ 0146, Fig. 6, storage system 30 provides a virtual volume 411 to the host computer 10; ¶ 0150, an ID of the virtual volume 411).

s 8 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Satoyama in view of Ohira and Nair as applied to claims 7 and 17 above, and further in view of Zhang et al. “Zhang” (US 2014/0223079 A1).
12. 	In regard to claims 8 and 18 Satoyama in view of Ohira and Nair teach all limitations included in claims 7 and 17 but do not expressly teach while Zhang discloses: 
“wherein the memory controller writes the virtual function device mapping table information stored in the random access memory to the non-volatile memory device before the storage device is powered off and loads the virtual function device mapping table information read from the non-volatile memory device to the random access memory after the storage device is powered on.” (e.g., ¶ 0049, Fig. 5, the controller 110 determines whether the power-off event is an abnormal power-off or not in step S510. If the determination in step S510 indicates that the power-off event is the normal power-off, then the controller 110 reads the information table 121, the index table 122 and all the sub-mapping tables SMT.sub.--1 to SMT_n from the non-volatile storage unit 130 in the initial process, and the information table 121, the index table 122 and all the sub-mapping tables SMT.sub.--1 to SMT_n are written into the main memory 120 (step S515). After the step S515 is complete, the NVM apparatus 100 finishes the initial process (step S520). After the initial process is complete, the controller 110 then executes the steps S215 to S240 described in the related description of FIG. 2). Zhang distinguishes between normal and abnormal power-off event. The mapping tables sub-divided in plurality sub-groups. Zhang discloses that in the case of the abnormal power-off event the mapping table, the sub-mapping table may be rebuilt according the address of access request, instead of entire of mapping table.
Disclosures by Satoyama, Ohira, Nair, and Zhang are analogous because they are in the same field of endeavor and/or solving a similar or common problem.
It would have been obvious to a person of having ordinary skill in the art before the effective filing date of the claimed invention to modify the method for assigning storage area taught by Satoyama to include the address conversion disclosed by Ohira; furthermore, to include the dynamic information virtualization taught by Nair; and furthermore, to include the method saving/restoring mapping information to/from non-volatile/volatile memory in case of power-off/power-on events.
The motivation for including the address conversion as taught by paragraph [0005] of Ohira is to minimize the time to complete the page relocation; furthermore, the motivation to include the dynamic information virtualization as taught by paragraph [0007] of Nair is to facilitate coherent access to information from storage and network resources by the VM; and furthermore, the motivation for saving/restoring mapping information to/from non-volatile/volatile memory as taught by paragraph [0010] of Zhang is to improve the startup speed of NMV apparatus when the NMV apparatus is power-on after abnormal power-off event.
Therefore, it would have been obvious to combine teachings of Zhang, Nair, and Ohira with Satoyama to obtain the invention as specified in the claim.

Response to Remarks

“wherein the memory controller sets access authority corresponding to the at least one virtual function device sets an access control setting corresponding to the at least one virtual function, wherein the access control setting is based on virtual address range information, logical address range information, permission information, and policy information.” (Emphasis added).

The above limitation has been amended to replace the “address range” with “address region” as follow:
“wherein the access control setting is based on virtual address region region 

Page 8 of the Remarks states paragraphs [0085] and [0086] with reference to Fig. 5 of the application describes or support the newly amended above limitation.

The Examiner respectfully disagrees. For convenient paragraphs [0085] and [0086] of the claimed specification is reproduced as shown below:
“[0086] The virtual block addresses V1 and V3 in which the access authority is set as "read-only (RO)" permit only a read operation and not a write operation. The virtual block addresses V2 and V4 in which the access authority is set as "read/write (RW)" permit both read and write operations. 
[0087] For example, a storage area L0 of a physical layout in which data is actually stored represents a logical address region corresponding to a virtual address region in which access authority is set as "read-only (RO)", in the storage device 200A. Remaining storage areas other than the storage area L0 represent logical address regions corresponding to virtual address regions in which access authority is set as "read/write (RW)". Therefore, logical block addresses L1 and L2 represent logical address regions corresponding to virtual address regions in which access authority is set as "read-only (RO)", and logical block addresses L3 and L4 represent logical address regions corresponding to virtual address regions in which access authority is set as "read/write (RW)".” (Emphasis added.)
However, paragraphs [0085] and [0086] or any other portions of specification does not appear to describe or support the limitation “access control setting is based on virtual address region information, logical address region information, permission information, and policy information”. Paragraphs [0085] and [0086] describes a logical address region corresponds to a virtual address region in which access authority is set as “read-only (RO) or “read/write (RW)”. The claimed specification is silence on “policy information” or policy. Paragraph [0116] of the claimed specification recites:
“[0116] In a virtualization process of the storage device 200B in the memory controller 210, read/write access authority may be set with respect to a virtual block. A virtual block permitting only a read operation may be set as a copy-on-write block. A virtual block permitting only a write operation may also be set in the storage device 200B. The information about setting the access authority may be included in virtual device mapping table information.” (Emphasis added).

There is nothing in the claimed specification that describe or support access authority or control setting is based on virtual address region information. The specification states that read/write access authority may be set with respect to a virtual address.


In regard to the prior art 103 rejection, Page 9 of the Remarks, in part, recites:

“The storage device of claim 1 includes in combination among other features
a memory controller configured to generate a physical function device, wherein
the physical function device “sets an access control setting corresponding to the at
least one virtual function device, and wherein the access control setting is based
on virtual address region information, logical address region information,
permission information, and policy information.” (Emphasis added).

As described above, the above limitation(s), as claimed, is not described or supported in the specification. The paragraph [0116] of claimed specification recites:
read/write access authority may be set with respect to a virtual block. A virtual block permitting only a read operation may be set as a copy-on-write block. A virtual block permitting only a write operation may also be set in the storage device 200B. The information about setting the access authority may be included in virtual device mapping table information.” (Emphasis added).

It is clear that the access authority may be set with respect to a virtual block and may be included in the virtual device mapping table information. To the extent that mapping table may include a physical block corresponding to the virtual block, one having ordinary skilled may interpret that the physical block corresponding to the virtual block may have the same access authority included in mapping table.
Page 10 of the Remarks make some references to paragraphs [0044] and [0086] of the claimed specification and recites paragraph [0053] of Nair and then on page 11 of the Remarks states that prior art relied fails to meet all the features of current claim.

Nair disclose:
“[0043] Hardware virtual machine (HVM) architectures (e.g., Intel VT, AMD-V) use nested page tables. Examples of HVM include, but are not limited to, Intel's extended page table (EPT), and AMD's rapid virtual indexing (RVI) or nested page table (NPT). The EPT and RVI/NPT have the same architecture as the four-level page tables. Every virtual address translation emanating inside a guest operating system goes through two steps of translation. The first translation step uses the guest's page table to translate from a guest virtual address (GVA) to a guest physical address (GPA). The second translation step uses the EPT or RVI/NPT to translate from the guest physical address (GPA) to a host physical address (HPA) that is the same as the physical address on the host computer.
The PMM refers to the entire chunk of memory as a single entity, and addresses it with its own virtual address called DOM virtual address (DVA) that ranges from 0 . . . N (virtual) blocks. The DOM optimizations (e.g., DIV) always operate at the DVA level. When the DOM optimizations complete chores, the DOM optimizations may grant access to guest processes for appropriate blocks of memory. For example, for a process that requests a file to be opened, DIV may want to map the file descriptor and data blocks corresponding to the file, in the address space of the process. At that time, the DOM optimizations (e.g., DIV) call the PMM APIs to map the specific DVAs into the process's address space with specific access controls. The PMM translates the DVA of DOM to DOM physical address (DPA) and from DPA to the Host Physical Address (HPA) or the physical address of the computer), and updates the page tables of the process accordingly. 
[0053] The memory blocks handled by the PMM can be of any size. According to one embodiment, the memory blocks are sized at 2 MB or 4KB to align with page sizes supported by the x86 paging hardware. This gives the advantage of using the protection bits on the page tables to restrict read, write, and execute permissions on a page by the system and user processes. The page-level protection plays an important role in ensuring strong isolation across processes and across virtual machines.” (Emphasis added). 
Nair teaches that mapping or translating virtual address to physical address use nested page table. The first translation step uses the guest's page table to translate from a guest virtual address (GVA) to a guest physical address (GPA) (e.g., paragraph [0043] of Nair). DIV may want to map the file descriptor and data blocks corresponding to the file The PMM APIs to map the specific DVAs into the process's address space (e.g., region of memory) with specific access control (e.g., paragraph [0052] of Nair). This gives the advantage of using the protection bits on the page tables to restrict read, write, and execute permissions on a page by the system and user processes (e.g., paragraph [0053] of Nair). The Examiner respectfully submits Nair teaches mapping of virtual address to address space (e.g., region) include specific access control. The . 
 
Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to HASHEM FARROKH whose telephone number is (571)272-4193.  The examiner can normally be reached Monday through Friday from 8:30 am - 5:00 pm.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Mr. Sanjiv Shah can be reached on (571)272-4098.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. For questions regarding access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/HASHEM FARROKH/          Primary Examiner, Art Unit 2135                                                                                                                                                                                              
November 11, 2021