DETAILED ACTION

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 9/27/2021 has been entered.
 
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Status of Claims
Claims 1-25 are pending.

Claim Objections
Claims 1-2, 5, 7, 12, 15-17, 21 are objected to because of the following informalities:  
Claim 1 has no antecedent basis for “the storage device”.  For the purposes of art rejection, this will be interpreted as “the storage drive”.
Claim 2 has no antecedent basis for “the storage device”.  For the purposes of art rejection, this will be interpreted as “the storage drive”.
Claim 12 has no antecedent basis for “the storage device”.  For the purposes of art rejection, this will be interpreted as “the storage drive”.
Claim 16 has no antecedent basis for “the storage device”.  For the purposes of art rejection, this will be interpreted as “the storage drive”.
Claim 21 has no antecedent basis for “the storage device”.  For the purposes of art rejection, this will be interpreted as “the storage drive”.
Claims 5, 7, 15, 17 each contain “the at least portion”.  This should be “the at least one portion” or similar. 
Appropriate correction is required.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim(s) 1-2, 7, 11-12, 16-17, 19-25 is/are rejected under 35 U.S.C. 103 as being unpatentable over Poornachandran et al (PGPUB 2015/0381610), and further in view of Bates et al (PGPUB 2002/0125886).

Regarding Claim 1:
	Poornachandran teaches a storage drive (abstract, portable device including encrypted storage divided into plurality of discrete units) comprising:
	a non-volatile memory (NVM) (paragraph 73-77, portable secured device including non-volatile encrypted storage); and
(paragraph 73-74, portable secured device including processor connected to memory storing executable instructions):
	determine a first location of the storage drive (paragraph 19, portable device provided with short-range transceiver for determining location upon entering an area; identity and location provided to policy server);
	place the storage drive into a secure mode responsive to a determination that the first location of the storage drive is in a permitted area (paragraph 24-25, storage device divided into plurality of partitions with separate location-based security policies, providing particular utility in full disk encryption schemes; paragraph 26, specific partitions contain different classes of data which can be individually encrypted and/or decrypted according to device-enforceable policy; paragraph 27, as user moves between areas of facility, device selectively applies time-and-place-driven security policies to the different partitions, and determines whether certain partitions should be encrypted or decrypted by default, so that access to certain data is denied in appropriate context (i.e. locations), and granted in appropriate contexts (i.e. locations)), the secure mode requiring a first level of security interaction to permit a data transfer between the NVM and a client device (paragraph 45, 48, Fig. 1B, 2B, security policies applicable to facility zones (e.g. zone 1 and zone 2) include allowing unlocked access to certain partitions, e.g. non-sensitive applications, but requires manual override to access other partitions (e.g. non-sensitive data in zone 1, and personal data/applications in zone 2), while access to certain partitions is denied regardless of manual override (e.g. classified data); paragraph 45, manual override requires a user to provide a token (e.g. password, key, or two-factor authentication) in order to obtain access to storage partition).
	Poornachandran does not explicitly teach the controller configured to: 
determine that the storage device has been moved to a second location in a non-permitted area that overlaps the permitted area; and

However, Bates teaches the concept of a controller configured to (paragraph 24-26, CPU of electronic processing device, e.g. mobile device/cellphone): 
determine that a storage device has been moved to a second location in a non-permitted area that overlaps a permitted area (abstract, applications/functions enabled only when device is in specified geographic location; paragraph 23-24, device including memory and storage; paragraph 30, geographic location of device is determined; given location, process retrieves data record for highest priority regions associated with applications/functions enabled at this geographic location; if data record is found, enablement bit is interrogated to determine when application/function is enabled for geographic location associated with current GPS location; if so, function is openend and/or enabled to perform normal operations; paragraph 29, table of data records includes priority and multiple regions; regions include associated priority; in the case of overlapping regions, region having highest priority is the one that determines which applications/functions may be opened in that geographic region; paragraph 31, processing device determines if device has changed locations, and if so, if an application/function should be disabled or aborted because of the change; process can be run periodically at any interval, e.g. every minute; if application/function is active, process retrieves data records for highest priority regions at current geographic location; process interrogates enablement bit to determine whether function is enabled or disabled in particular region; process therefore will determine if device has been moved to second location in overlapping regions, and determines if the priority region allows application/function to remain enabled); and
retain the storage device in a secure mode responsive to the determination that the second location of the storage device is in the non-permitted area that overlaps the permitted area (paragraph 31, processing device determines if device has changed locations, and if so, if an application/function should be disabled or aborted because of the change; process can be run periodically at any interval, e.g. every minute; if application/function is active, process retrieves data records for highest priority regions at current geographic location; process interrogates enablement bit to determine whether function is enabled or disabled in particular region; process therefore will determine if device has been moved to second location in overlapping regions, and determines if the priority region allows application/function to remain enabled).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the overlapping region priority teachings of Bates with the location-based storage access teachings of Poornachandran, in order to allow application/function operation in circumstances where two regions of conflicting permissions overlapped, which could occur for a number of reasons, e.g. when specifying multiple regions according to distance from a point or anchor device, or when relying on an imprecise GPS reading.  It would therefore be beneficial to allow a user or administrator to set region priority, as in Bates, resulting in the device behaving in a predictable way in such circumstances according to preset configuration.

Regarding Claim 2:
Poornachandran in view of Bates teaches the storage drive of claim 1.  In addition, Bates teaches wherein the controller executing the computer code is further configured to determine that the storage device has been subsequently moved to a third location in a permitted area that does not overlap the non-permitted area, and to continuously retain the storage device in the secure mode while the storage device is sequentially in each of the first, second and third locations (paragraph 31, processing device determines if device has changed locations, and if so, if an application/function should be disabled or aborted because of the change; process can be run periodically at any interval, e.g. every minute; if application/function is active, process retrieves data records for highest priority regions at current geographic location; process interrogates enablement bit to determine whether function is enabled or disabled in particular region; process therefore will determine if device has been moved to third location in a non-overlapping region, and determines if the priority region allows application/function to remain enabled). 
The rationale to combine Poornachandran and Bates is the same as provided for claim 1 due to the overlapping subject matter between claims 1 and 2.

Regarding Claim 7:
Poornachandran in view of Bates teaches the storage drive of claim 2.  In addition, Poornachandran teaches wherein the controller executing computer code is further configured to lock the at least portion of storage responsive to a determination that the location of the storage drive has transitioned out of the permitted area (paragraph 111, when portable secured device leaves particular zone, security agent encrypts relevant partitions, making them unavailable, thereby “locking” said partitions).

Regarding Claim 11:
	Poornachandran teaches a method to securely operate a computer storage system having a storage drive with a non-volatile memory (NVM) (abstract, portable device including encrypted storage divided into plurality of discrete units; paragraph 73-77, portable secured device including non-volatile encrypted storage), the method comprising:
	determining a first location of the storage drive (paragraph 19, portable device provided with short-range transceiver for determining location upon entering an area; identity and location provided to policy server);
(paragraph 24-25, storage device divided into plurality of partitions with separate location-based security policies, providing particular utility in full disk encryption schemes; paragraph 26, specific partitions contain different classes of data which can be individually encrypted and/or decrypted according to device-enforceable policy; paragraph 27, as user moves between areas of facility, device selectively applies time-and-place-driven security policies to the different partitions, and determines whether certain partitions should be encrypted or decrypted by default, so that access to certain data is denied in appropriate context (i.e. locations), and granted in appropriate contexts (i.e. locations)), the secure mode requiring a first level of security interaction to permit data transfers between the NVM and a client device responsive to bi-directional communications between the storage drive and the client (paragraph 45, 48, Fig. 1B, 2B, security policies applicable to facility zones (e.g. zone 1 and zone 2) include allowing unlocked access to certain partitions, e.g. non-sensitive applications, but requires manual override to access other partitions (e.g. non-sensitive data in zone 1, and personal data/applications in zone 2), while access to certain partitions is denied regardless of manual override (e.g. classified data); paragraph 45, manual override requires a user to provide a token (e.g. password, key, or two-factor authentication) in order to obtain access to storage partition; paragraph 98-101, user space applications communicatively couple to file system driver, which communicatively couples to file system driver, which communicatively couples to disk sector level driver which reports to file system driver those sectors that are currently unencrypted and available; paragraph 96, encrypted storage uses sector-level drivers to control access to partition during relevant operations).
	Poornachandran does not explicitly teach retaining the storage device in the secure mode responsive to a determination that the storage device has transitioned to a second location in a non-permitted area that overlaps the permitted area so that the data transfers between the NVM and the 
	However, Bates teaches the concept of retaining a storage device in a secure mode responsive to a determination that the storage device has transitioned to a second location in a non-permitted area that overlaps a permitted area so that applications/functions continue in the second location (abstract, applications/functions enabled only when device is in specified geographic location; paragraph 23-24, device including memory and storage; paragraph 30, geographic location of device is determined; given location, process retrieves data record for highest priority regions associated with applications/functions enabled at this geographic location; if data record is found, enablement bit is interrogated to determine when application/function is enabled for geographic location associated with current GPS location; if so, function is openend and/or enabled to perform normal operations; paragraph 29, table of data records includes priority and multiple regions; regions include associated priority; in the case of overlapping regions, region having highest priority is the one that determines which applications/functions may be opened in that geographic region; paragraph 31, processing device determines if device has changed locations, and if so, if an application/function should be disabled or aborted because of the change; process can be run periodically at any interval, e.g. every minute; if application/function is active, process retrieves data records for highest priority regions at current geographic location; process interrogates enablement bit to determine whether function is enabled or disabled in particular region; process therefore will determine if device has been moved to second location in overlapping regions, and determines if the priority region allows application/function to remain enabled); and
	Poornachandran teaches wherein the applications/functions are data transfers between the NVM and the client responsive to the bi-directional communications between the storage drive and the client (paragraph 98-101, user space applications communicatively couple to file system driver, which communicatively couples to file system driver, which communicatively couples to disk sector level driver which reports to file system driver those sectors that are currently unencrypted and available; paragraph 96, encrypted storage uses sector-level drivers to control access to partition during relevant operations).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the overlapping region priority teachings of Bates with the location-based storage access teachings of Poornachandran, in order to allow application/function operation in circumstances where two regions of conflicting permissions overlapped, which could occur for a number of reasons, e.g. when specifying multiple regions according to distance from a point or anchor device, or when relying on an imprecise GPS reading.  It would therefore be beneficial to allow a user or administrator to set region priority, as in Bates, resulting in the device behaving in a predictable way in such circumstances according to preset configuration.

Regarding Claim 12:
Poornachandran in view of Bates teaches the method of claim 11.  In addition, Bates teaches the further subsequent steps of determining that the storage device has been subsequently moved to a third location in the permitted area that does not overlap the non-permitted area, so that the secure mode continues in an uninterrupted fashion in each of the first, second and third locations (paragraph 31, processing device determines if device has changed locations, and if so, if an application/function should be disabled or aborted because of the change; process can be run periodically at any interval, e.g. every minute; if application/function is active, process retrieves data records for highest priority regions at current geographic location; process interrogates enablement bit to determine whether function is enabled or disabled in particular region; process therefore will determine if device has been moved to third location in a non-overlapping region, and determines if the priority region allows application/function to remain enabled). 
The rationale to combine Poornachandran and Bates is the same as provided for claim 11 due to the overlapping subject matter between claims 11 and 12.

Regarding Claim 16:
	Poornachandran in view of Bates teaches the method of claim 11.  In addition, Poornachandran teaches wherein the data transfers carried out between the NVM and the client in response to the bi-directional communications between the storage device and the client in the second location comprise the encryption of data stored to the NVM and the decryption of previously stored data retrieved from the NVM (paragraph 99, sector level driver communicatively couples to encryption filter which is configured to provide sector level encryption and decryption).

Regarding Claim 17:
Poornachandran in view of Bates teaches the method of claim 12.  In addition, Poornachandran teaches the method comprising locking the at least portion of storage upon determining the storage drive is removed from one of the one or more permitted areas or enters one of the one or more non-permitted areas (paragraph 111, when portable secured device leaves particular zone, security agent encrypts relevant partitions, making them unavailable, thereby “locking” said partitions).

Regarding Claim 19:
Poornachandran teaches a computer-program product to improve a storage system having a permitted area, the computer-program product comprising a non-transitory computer-readable medium storing instructions thereon, the instructions being executable by one or more processors to (abstract, portable device including encrypted storage divided into plurality of discrete units; paragraph 73-74, portable secured device including processor connected to memory storing executable instructions; paragraph 27, as user moves between areas of facility, device selectively applies time-and-place-driven security policies to the different partitions, and determines whether certain partitions should be encrypted or decrypted by default, so that access to certain data is denied in appropriate context (i.e. locations), and granted in appropriate contexts (i.e. locations)):
determining a first location of a storage drive (paragraph 19, portable device provided with short-range transceiver for determining location upon entering an area; identity and location provided to policy server);
placing the storage drive in a secured mode responsive to a determination that the first location of the storage drive is in a portion of the permitted area that does not overlap a non-permitted area (paragraph 24-25, storage device divided into plurality of partitions with separate location-based security policies, providing particular utility in full disk encryption schemes; paragraph 26, specific partitions contain different classes of data which can be individually encrypted and/or decrypted according to device-enforceable policy; paragraph 27, as user moves between areas of facility, device selectively applies time-and-place-driven security policies to the different partitions, and determines whether certain partitions should be encrypted or decrypted by default, so that access to certain data is denied in appropriate context (i.e. locations), and granted in appropriate contexts (i.e. locations); no mention is made of overlapping areas).
Poornachandran does not explicitly teach the storage system having the permitted area overlapping a non-permitted area; 
determining a preestablished precedence between the permitted area and the non-permitted area in an overlapping portion thereof; and

However, Bates teaches a storage system having a permitted area overlapping a non-permitted area (abstract, application/functions within electronic device having GPS can be enabled only when in specified geographic location; paragraph 29, data structure records application/function permissions according to region coordinates, priority of region, and whether function is enabled/disabled; given overlapping regions such as “work” and “school” regions, region having highest priority is the one that determines which applications/functions may be opened in the overlapping region); 
determining a preestablished precedence between the permitted area and the non-permitted area in an overlapping portion thereof (paragraph 29, given overlapping regions such as “work” and “school” regions, region having highest priority is the one that determines which applications/functions may be opened in the overlapping region); and
retaining the device in the secure mode responsive to a determination that the location of the storage drive has transitioned to a second location within the overlapping portions of the permitted area and the non-permitted area and to a determination that the preestablished precedence is the permitted area over the non-permitted area in the overlapping portion thereof (paragraph 30, geographic location of device is determined using GPS, and the data record is retrieved for the highest priority region at the geographic location; if record is found, enablement on/off bit is interrogated to determine when an application function is enabled or disabled in the geographic location associated with current GPS location; enabling functions can be seen as analogous to “secure mode”, i.e. access to features is provided; therefore, if the highest priority overlapping region is set to enable an application/function, the device will be retained in “secure mode”; paragraph 31, processing device determines if device has changed locations, and if so, if an application/function should be disabled or aborted because of the change; process can be run periodically at any interval, e.g. every minute; if application/function is active, process retrieves data records for highest priority regions at current geographic location; process interrogates enablement bit to determine whether function is enabled or disabled in particular region; process therefore will determine if device has been moved to second location in overlapping regions, and determines if the priority region allows application/function to remain enabled); and
Poornachandran teaches wherein the device is a storage drive (paragraph 73-77, portable secured device including non-volatile encrypted storage).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the overlapping region priority teachings of Bates with the location-based storage access teachings of Poornachandran, in order to allow application/function operation in circumstances where two regions of conflicting permissions overlapped, which could occur for a number of reasons, e.g. when specifying multiple regions according to distance from a point or anchor device, or when relying on an imprecise GPS reading.  It would therefore be beneficial to allow a user or administrator to set region priority, as in Bates, resulting in the device behaving in a predictable way in such circumstances according to preset configuration.

Regarding Claim 20:
Poornachandran in view of Bates teaches the computer-program product of claim 19.  In addition, Poornachandran teaches wherein the instructions executed by the one or more processors cause the one or more processors to perform the steps of unlocking at least a portion of storage on the storage drive based at least in part on determining the storage drive is located in one of the one or more permitted areas (paragraph 45, 48, Fig. 1B, 2B, security policies applicable to facility zones (e.g. zone 1 and zone 2) include allowing unlocked access to certain partitions, e.g. non-sensitive applications, but requires manual override to access other partitions (e.g. non-sensitive data in zone 1, and personal data/applications in zone 2), while access to certain partitions is denied regardless of manual override (e.g. classified data); paragraph 45, manual override requires a user to provide a token (e.g. password, key, or two-factor authentication) in order to obtain access to storage partition).

Regarding Claim 21:
Poornachandran in view of Bates teaches the storage drive of claim 1.  In addition, Bates teaches wherein a portion of the permitted area overlaps a portion of the non-permitted area, and where the controller executing the computer code is configured to retain the storage device in the secure mode responsive to the determination that the location of the storage device has transitioned to the overlapping areas (abstract, application/functions within electronic device having GPS can be enabled only when in specified geographic location; paragraph 29, data structure records application/function permissions according to region coordinates, priority of region, and whether function is enabled/disabled; given overlapping regions such as “work” and “school” regions, region having highest priority is the one that determines which applications/functions may be opened in the overlapping region; paragraph 30, geographic location of device is determined using GPS, and the data record is retrieved for the highest priority region at the geographic location; if record is found, enablement on/off bit is interrogated to determine when an application function is enabled or disabled in the geographic location associated with current GPS location; enabling functions can be seen as analogous to “secure mode”, i.e. access to features is provided).
The rationale to combine Poornachandran and Bates is the same as provided for claim 1 due to the overlapping subject matter between claims 1 and 21.

Claim 22:
Poornachandran in view of Bates teaches the storage drive of claim 21.  In addition, Poornachandran teaches wherein the controller executing computer code is further configured to switch the storage drive to an unsecured mode responsive to a determination that the location of the storage drive has transitioned out of the permitted area (paragraph 111, when portable secured device leaves particular zone, security agent encrypts relevant partitions, making them unavailable, thereby “locking” said partitions).

Regarding Claim 23:
Poornachandran in view of Bates teaches the storage drive of claim 21.  In addition, Bates teaches wherein the controller executing computer code is further configured to switch the storage device to an unsecured mode responsive to a determination that the location of the device has transitioned to a non-overlapping portion of the non-permitted area (paragraph 30, the geographic location of the electronic processing device is determined, preferably by using the GPS signals received using GPS processing electronics installed in the device; given a specific location the process continues and retrieves the data record for the highest priority regions associated with the applications/functions enabled at this geographic location; if a data record is found, the enablement on/off bit is interrogated to determine when an application/function is automatically enabled or disabled in the geographic location associated with the current GPS location; if an enablement on/off bit is on, then the function is opened and is able to perform normal operations; if the default is that the application/function is normally closed, i.e., the bit is set to "off" then control exits without performing the function; therefore, if the device transitions from high priority permitted area to non-overlapping non-permitted area, the device will disable application/function, i.e. be placed in “unsecured mode”); and
(paragraph 73-77, portable secured device including non-volatile encrypted storage).
The rationale to combine Poornachandran and Bates is the same as provided for claim 21 due to the overlapping subject matter between claims 21 and 23.

Regarding Claim 24:
	Poornachandran in view of Bates teaches the computer-program product of claim 19.  In addition, Bates teaches wherein an edge of the permitted area crosses over an edge of the non-permitted area (paragraph 29, given overlapping regions, the region having the highest priority is the one that determines which applications/functions may be opened in that geographic region).
The rationale to combine Poornachandran and Bates is the same as provided for claim 19 due to the overlapping subject matter between claims 19 and 24.

Regarding Claim 25:
	Poornachandran in view of Bates and Bates teaches the computer-program product of claim 19.  In addition, Bates teaches wherein one of the permitted area and the non-permitted area is embedded in the other of the permitted area and the non-permitted area (paragraph 29, given overlapping regions, the region having the highest priority is the one that determines which applications/functions may be opened in that geographic region).
The rationale to combine Poornachandran and Bates is the same as provided for claim 19 due to the overlapping subject matter between claims 19 and 24.

Claims 3-6, 13-15 is/are rejected under 35 U.S.C. 103 as being unpatentable over Poornachandran in view of Bates, and further in view of Robinson et al (PGPUB 2016/0337863).

Regarding Claim 3:
Poornachandran in view of Bates teaches the storage drive of claim 1.  
Neither Poornachandran nor Bates explicitly teaches wherein the controller executing computer code is further configured to unlock at least a portion of storage on the storage drive responsive to the storage drive location being within a detectable proximity of a pre-authorized device.
However, Robinson teaches the concept wherein a controller executing computer code is configured to unlock at least a portion of storage on a storage drive responsive to the storage drive location being within a detectable proximity of a pre-authorized device (abstract, performing device security corrective action based on loss of proximity to another device, such as key device; paragraph 64-69, behavior modification module controls access to certain types of data stored on target device, e.g. allowing access to encrypted container only when certain conditions are satisfied; conditions include presence or absence of key device, and/or geo-location of target device is or is not near specified landmark; behavior modification module disables lockout features if key device is detected and target device is located in particular location, e.g. home or work office; paragraph 50, target device detects presence of key device using Near Field Communication (NFC) technology).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the detectable proximity of pre-authorized device teachings of Robinson with the location-based storage access teachings of Poornachandran in view of Bates, in order to improve the security environment by requiring multiple forms of verification prior to allowing access to sensitive data, thereby increasing the accuracy of the authentication determination and preventing malicious actors who may have stolen or guessed one form of authentication from being able to access the device without one or more additional factors which are more difficult to obtain or spoof, such as proximity to a key device.

Regarding Claim 4:
Poornachandran in view of Bates and Robinson teaches the storage drive of claim 3.  In addition, Robinson teaches wherein the storage drive or the pre-authorized device, or both, comprises a near field communication (NFC) sensor to detect the proximity between the storage drive and the pre-authorized device (paragraph 50, target device detects presence of key device using Near Field Communication (NFC) technology).
The rationale to combine Poornachandran and Robinson is the same as provided for claim 3 due to the overlapping subject matter between claims 3 and 4.

Regarding Claim 5:
Poornachandran in view of Bates and Robinson teaches the storage drive of claim 3.  In addition, Poornachandran teaches wherein the controller executing computer code is further configured to unlock the at least portion of storage on the storage drive responsive to validating a multi-factor authentication (paragraph 45, manual override requires a user to provide a token (e.g. password, key, or two-factor authentication) in order to obtain access to storage partition).

Regarding Claim 6:
Poornachandran in view of Bates and Robinson teaches the storage drive of claim 5.  In addition, Robinson teaches wherein at least one factor in the multi-factor authentication includes placing the storage drive within detectable proximity of the pre-authorized device (paragraph 59, 69, behavior modification module allows access to encrypted container when key device is detected and when user is authenticated; detection of key device includes authenticating key device; paragraph 64, user authenticates by providing appropriate authentication information).


Regarding Claim 13:
	Poornachandran in view of Bates teaches the method of claim 11.
	Neither Poornachandran nor Bates explicitly teaches the method comprising unlocking at least a portion of storage on the storage drive upon determining the storage drive is located within detectable proximity of a pre-authorized device.
However, Robinson teaches the concept of a method comprising unlocking at least a portion of storage on a storage drive upon determining the storage drive is located within detectable proximity of a pre-authorized device (abstract, performing device security corrective action based on loss of proximity to another device, such as key device; paragraph 64-69, behavior modification module controls access to certain types of data stored on target device, e.g. allowing access to encrypted container only when certain conditions are satisfied; conditions include presence or absence of key device, and/or geo-location of target device is or is not near specified landmark; behavior modification module disables lockout features if key device is detected and target device is located in particular location, e.g. home or work office; paragraph 50, target device detects presence of key device using Near Field Communication (NFC) technology).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the detectable proximity of pre-authorized device teachings of Robinson with the location-based storage access teachings of Poornachandran in view of Bates, in order to improve the security environment by requiring multiple forms of verification prior to allowing access to sensitive data, thereby increasing the accuracy of the authentication determination and preventing malicious actors who may have stolen or guessed one form of authentication from being able to access 

Regarding Claim 14:
Poornachandran in view of Bates and Robinson teaches the method of claim 13.  In addition, Robinson teaches wherein the storage drive or the pre-authorized device, or both, including a near field communication (NFC) sensor to detect the proximity between the storage drive and the pre-authorized device (paragraph 50, target device detects presence of key device using Near Field Communication (NFC) technology).
The rationale to combine Poornachandran and Robinson is the same as provided for claim 3 due to the overlapping subject matter between claims 3 and 4.

Regarding Claim 15:
Poornachandran in view of Bates and Robinson teaches the method of claim 13.  In addition, Poornachandran teaches method comprising unlocking the at least portion of storage on the storage drive based at least in part on validating a multi-factor authentication (paragraph 45, manual override requires a user to provide a token (e.g. password, key, or two-factor authentication) in order to obtain access to storage partition).

Claims 8, 18 is/are rejected under 35 U.S.C. 103 as being unpatentable over Poornachandran in view of Bates, and further in view of Lim et al (PGPUB 2020/0034928).

Regarding Claim 8:
Poornachandran in view of Bates teaches the storage drive of claim 1. 

However, Lim teaches wherein a controller executing computer code is configured to update an event ledger responsive to detecting a location of the storage drive, wherein the event ledger is stored in a blockchain of a cloud storage system (abstract, smart device comprising blockchain application module to blockchain data obtained by the smart device and transmit blockchained data to blockchain data system; paragraph 29, data obtained and stored by smart device comprises location of smart device; smart device blockchains data obtained by smart device; paragraph 30, blockchain data system configured as distributed ledger that receives and stores data that has been blockchained prior to being sent to blockchain data system (i.e. “cloud storage”) from the smart device); and
Poornachandran teaches wherein the device is a storage drive (paragraph 73-77, portable secured device including non-volatile encrypted storage).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the location tracking blockchain record of Lim with the location-based storage access teachings of Poornachandran in view of Bates, in order to provide a cryptographically secure means of tracking the location of a security device as it is transported or used, thereby allowing an administrator or security agent to determine the current or last known location of a secure device or identify locations where the device is not supposed to operate, preventing possible theft and allowing recovery or detection of abuse.  Use of blockchain allows such a record to be maintained in a way that makes maliciously tampering with the record extremely difficult to impossible.

Regarding Claim 18:
Poornachandran in view of Bates teaches the method of claim 11. 

However, Lim teaches wherein a method comprises updating an event ledger upon detecting a location of a storage device, wherein the event ledger is stored in a blockchain of a cloud storage system (abstract, smart device comprising blockchain application module to blockchain data obtained by the smart device and transmit blockchained data to blockchain data system; paragraph 29, data obtained and stored by smart device comprises location of smart device; smart device blockchains data obtained by smart device; paragraph 30, blockchain data system configured as distributed ledger that receives and stores data that has been blockchained prior to being sent to blockchain data system (i.e. “cloud storage”) from the smart device); and
Poornachandran teaches wherein the device is a storage drive (paragraph 73-77, portable secured device including non-volatile encrypted storage).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the location tracking blockchain record of Lim with the location-based storage access teachings of Poornachandran in view of Bates, in order to provide a cryptographically secure means of tracking the location of a security device as it is transported or used, thereby allowing an administrator or security agent to determine the current or last known location of a secure device or identify locations where the device is not supposed to operate, preventing possible theft and allowing recovery or detection of abuse.  Use of blockchain allows such a record to be maintained in a way that makes maliciously tampering with the record extremely difficult to impossible.

Claim 9 is/are rejected under 35 U.S.C. 103 as being unpatentable over Poornachandran in view of Bates, and further in view of Gillon et al (PGPUB 2014/0344886).

Regarding Claim 9:
Poornachandran in view of Bates teaches the storage drive of claim 1.  In addition, Bates teaches wherein the controller executing computer code is further configured to: 
program a user customized permitted area (paragraph 28, user moves boundaries of geographic regions in which application/function is enabled/disabled).
The rationale to combine Poornachandran and Bates is the same as provided for claim 1 due to the overlapping subject matter between claims 1 and 9.
Neither Poornachandran nor Bates explicitly teaches the hardware controller further configured to:
program the permitted area at a manufacturing site of the storage drive.
However, Gillon teaches the concept of a hardware controller further configured to:
program a permitted area at a manufacturing site of a storage drive (paragraph 16, information handling system that performs security policy enforcement using security policy data maintained in embedded controller; paragraph 44, manufacturer utilizes initial manufacturing interface access to establish for IHS a policy that specifies that system operation is enabled only within location bounds of a customer’s premises).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the location default and user customization teachings of Gillon with the location-based storage access teachings of Poornachandran in view of Bates, in order to allow an end user to make immediate use of a location-based security system immediately through use of manufacturer specified default settings, while also allowing an administrator to modify said default settings in the event that an organization’s locality or policy requirements change over time, without requiring a costly factory refurbishing process or other means for a manufacturer to reset a device.

Claim 10 is/are rejected under 35 U.S.C. 103 as being unpatentable over Poornachandran in view of Bates, and further in view of Saxena et al (PGPUB 2012/0159172).

Regarding Claim 10:
Poornachandran in view of Bates teaches the storage drive of claim 1.
Neither Poornachandran nor Bates explicitly teaches wherein the controller executing computer code is further configured to validate the determination that the location of the storage drive is in the permitted area by using a public key to verify a received GPS packet.
However, Saxena teaches the concept wherein a controller executing computer code is further configured to validate a determination that a location of a device is in a permitted area by using a public key to verify a received GPS packet (paragraph 18, logic configured to receive GPS location information from GPS sensor via a link; GPS sensor uses private key to encrypt and sign GPS location information before transmission; logic uses public key to authenticate and decrypt location information received over link to verify that true source of location information is GPS sensor; paragraph 22, location information used to authenticate user for access to trust-aware applications, i.e. user must be in permitted area to be authenticated); and
Poornachandran teaches wherein the device is a storage drive (paragraph 73-77, portable secured device including non-volatile encrypted storage).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the validated GPS location teachings of Saxena with the location-based storage access teachings of Poornachandran in view of Bates, in order to allow a location-dependent security system to validate received location data using well-known and understood cryptographic methods (e.g. asymmetric cryptographic signatures) in order to prevent malicious .

Response to Arguments
Applicant's arguments filed 9/27/2021 have been fully considered but they are not persuasive.

Regarding the claim objections:
	Applicant’s amendments have overcome the prior claim objections.  However, the amendment presents new claim objections, as addressed above.

Regarding the rejection of claims under 35 USC 102/103:
	Applicant’s arguments regarding Sand-Soll are moot, as Sand-Soll is no longer part of the new ground(s) for rejection of claims 1 and 11, provided above.
	In response to Applicant’s arguments regarding Bates, page 11 paragraph 2-3:  Applicant seems to argue that Bates merely teaches a location check upon first opening an application or accessing a function, and therefore cannot teach continuity of function during transition from one region to another.  However, this is not the case.  Bates also teaches that the device is monitored on a periodic basis, e.g. every minute, to determine if the device has been moved (paragraph 31).  As a result of determining the new location, Bates further checks whether the device is in an overlapping region, and if so, which of the overlapping regions has priority, as per paragraphs 29-31.  It is clear from the teachings of Bates that when a user is in a highest priority region for which access to the respective applications/functions is allowed, and subsequently moves into overlapping regions which do not allow access to the respective applications/functions, the device will determine location and use the settings of the highest priority region, i.e. the use of the applications/functions will continue.  Furthermore, 
[0069] In some cases, a permitted area may overlap a non-permitted area. For example, an edge of a permitted area may cross over an edge of a non-permitted area. Additionally or alternatively, overlap may occur when a permitted area is embedded within a non-permitted area. In some cases, overlap may occur when a non-permitted area is embedded within a permitted area. In some cases, when a storage drive enters a permitted area that overlaps a non-permitted area, the permitted area may take precedence over the non-permitted area and the storage drive may remain in or be allowed to enter secure mode. Alternatively, when a storage drive in secure mode enters a permitted area that overlaps a non-permitted area, the non-permitted area may take precedence over the permitted area and the storage drive may be kept in non-secure mode or removed from secure mode and placed in non-secure mode. As depicted, first computing device 535 may include a storage drive that determines its location is in both the first permitted area 505 and non-permitted area 510. Thus, in one embodiment, the storage drive of first computing device 535 may be allowed to enter or may remain in secure mode. Alternatively, the storage drive of first computing device 535 may be kept in non-secure mode or removed from secure mode and placed in non-secure mode.  

In other words, the specification teaches that when a device is in two overlapping regions, it is determined which region has precedence (i.e. priority), and access is allowed/denied based on this precedence.  This corresponds to the way the device of Bates functions.  Therefore, Bates teaches determining that the storage device has been moved to a second location in a non-permitted area that overlaps the permitted area; and retains the storage device in the secure mode responsive to the determination”, as in claim 1, as well as retaining the storage device in secure mode responsive to the determination that the device has returned to the permitted area which does not overlap the non-permitted area, as per claim 2.
	Applicant’s arguments with regard to independent claims 11 and 19 are similar to those regarding claim 1 and are therefore responded to in a similar way.
	Applicant further argues that the dependent claims are allowable due to depending on an allowable independent claim.  However, as shown above, the independent claims are not allowable.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to FORREST L CAREY whose telephone number is (571)270-7814. The examiner can normally be reached 9:00AM-5:30PM M-F.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ashok Patel can be reached on 5712723972. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/FORREST L CAREY/Examiner, Art Unit 2491                                                                                                                                                                                                        

/ASHOKKUMAR B PATEL/Supervisory Patent Examiner, Art Unit 2491