DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
Claims 1-3, 6-8, and 13-15 are rejected under 35 U.S.C. 103 as being unpatentable over Sato et al., (US 20170091123 A1) hereinafter referred to as Sato in view of Hashimoto (US 20150256333 A1) hereinafter referred to as Hashimoto.
Regarding Claims 1 and 13, Sato discloses A memory system communicable with a plurality of hosts, the memory system comprising: a nonvolatile memory; and a controller electrically connected to the nonvolatile memory [Figure 1,  receive an authentication request command from a first host; [paragraph 0309, In FIG. 10, the information processing apparatus 4 performs authentication. Alternatively, the wireless storage apparatus 3 may perform authentication – the “hosts” are the “information processing apparatus” and the “wireless storage apparatus” is the “memory system communicable” with the hosts. This teaches that although the following citations are regarding the information processing apparatus performing the authentication, the examiner is using these to teach that, just like this states, the “wireless storage apparatus may perform authentication”] [paragraph 0296, first, in step S1001, the information processing apparatus 4 transmits an inquiry of an apparatus ID to the wireless storage apparatus 3, by wireless communication] 
transmit a first authentication code to the first host upon authentication of the first host being successful; [paragraph 0299, When the apparatus IDs match, the information processing apparatus 4 generates a random number, and transmits the number to the wireless storage apparatus 3 in step S1004] 
and receive an access command, which includes a second authentication code, for accessing the nonvolatile memory from a second host, [paragraph 0184, if another information processing apparatus is moved close to the wireless storage apparatus 3, the wireless storage apparatus 3 rejects the change of the lock state because the information processing apparatus has a different apparatus ID – the “different apparatus ID” is the “second authentication code”] 
wherein the controller is configured to: in a case where the second authentication code matches the first authentication code, permit an access to the nonvolatile memory in accordance with the access command; [paragraph 102b included in the condition information 102 matches the received apparatus ID, the wireless storage apparatus 3 permits change of the lock state] 
and in a case where the second authentication code is different from the first authentication code, prohibit an access to the nonvolatile memory in accordance with the access command. [paragraph 0184, Even if another information processing apparatus is moved close to the wireless storage apparatus 3, the wireless storage apparatus 3 rejects the change of the lock state because the information processing apparatus has a different apparatus ID]
Sato does not explicitly teach and configured to: encrypt data to be written into the nonvolatile memory; decrypt data read from the nonvolatile memory.
Hashimoto teaches and configured to: encrypt data to be written into the nonvolatile memory; [paragraph 0004, a storage medium that stores encrypted data that have been encrypted by a second computing device] 
decrypt data read from the nonvolatile memory; [paragraph 0004, The decryption key generator is configured to generate a decryption key based at least in part on a unique ID number associated with the data storage device, and the decryption engine is configured to convert the encrypted data into decrypted data using the decryption key] 
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Hashimoto with the disclosure of Sato. The motivation or suggestion would have been for “robust security.” (paragraph 0003)
Regarding Claims 2 and 14, Sato discloses wherein the access command is a read command that requests to read first data from the nonvolatile memory, [paragraph 0038, The information processing apparatus sends an instruction to change a lock state (locked or unlocked: an access right setting state), to the wireless storage apparatus, by wireless communication – the changing of the “lock state” to “unlocked” is a read command] 
and in a case where the second authentication code in the read command matches the first authentication code, the controller reads the first data from the nonvolatile memory, [paragraph 0189, as long as a password is matched even when a different information processing apparatus is used, it is possible to change the lock state of the wireless storage apparatus 3 – here, the “password” is the authentication code and no matter which device submits the correct “authentication code”, access is then granted] 
and in a case where the second authentication code is different from the first authentication code, the controller does not read the first data from the nonvolatile memory. [paragraph 0184, Even if another information processing apparatus is moved close to the wireless storage apparatus 3, the wireless storage apparatus 3 rejects the change of the lock state because the information processing apparatus has a different apparatus ID]
Sato does not explicitly teach decrypts the first data, and transmit the decrypted first data to the second host.
Hashimoto teaches decrypts the first data, [paragraph 0004, The decryption key generator is configured to generate a decryption key based at least in part on a unique ID number associated with the data storage device, and the decryption engine is configured to convert the encrypted data into decrypted data using the decryption key] 
and transmit the decrypted first data to the second host, [paragraph 0006, converting encrypted data that have been encrypted by a second computing device and stored in the data storage device, to decrypted data using the decryption key, and transmitting the decrypted data to a media player] 
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Hashimoto with the disclosure of Sato. The motivation or suggestion would have been for “robust security.” (paragraph 0003)
Regarding Claims 3 and 15, Sato discloses wherein the authentication request command includes authentication information, [paragraph 0182, the information processing apparatus 4 transmits its own apparatus ID stored in the storage unit 41 to the wireless storage apparatus 3 by wireless communication. The wireless storage apparatus 3 performs authentication based on the apparatus ID 102b included in the condition information 102 and the received apparatus ID] 
and in a case where the authentication of the first host using the authentication information is successful, the controller generates an encryption key corresponding to the authentication information, [paragraph 0299, When the apparatus IDs match, the information processing apparatus 4 generates a random number, and transmits the number to the wireless storage apparatus 3 in step S1004] [paragraph 0300, In step S1005, the wireless storage apparatus 3 generates an authentication key KA, based on the common key, the random number received from the information processing apparatus 4, and an NFC UID, which is a unique apparatus ID of the wireless storage apparatus 3]
Sato does not explicitly teach and in a case where the second authentication code matches the first authentication code, the controller decrypts the first data with the encryption key.
Hashimoto teaches and in a case where the second authentication code matches the first authentication code, the controller decrypts the first data with the encryption key. [paragraph 0016, For the end-user to access the copyright-protected content, the data storage device decrypts the copyright-protected content using a public key that is also based at least in part on the unique ID number associated with the data storage device so as to be matched to the private key] 
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Hashimoto with the disclosure of Sato. The motivation or suggestion would have been for “robust security.” (paragraph 0003)
Regarding Claim 6, Sato discloses wherein the first authentication code includes a random number. [paragraph 0300, In step S1005, the wireless storage apparatus 3 generates an authentication key KA, based on the common key, the random number received from the information processing apparatus 4, and an NFC UID]
Regarding Claim 7, Sato discloses wherein the first authentication code includes a random number and an identifier of the first host. [paragraph 0300, In step S1005, the wireless storage apparatus 3 generates an authentication key KA, based on the common key, the random number received from the information processing apparatus 4, and an NFC UID, which is a unique apparatus ID of the wireless storage apparatus 3]
Regarding Claim 8, Sato discloses wherein in a case where the authentication of the first host is unsuccessful, the controller does not transmit the first authentication code to the first host. [Figure 10, element S1003, if the authentication is not successful, the process ends]

Claims 4-5 and 16-17 are rejected under 35 U.S.C. 103 as being unpatentable over Sato in view of Hashimoto, as applied to Claims 1 and 13, above, respectively, and further in view of Haines et al., (EP 0388841 B1) hereinafter referred to as Haines and further in view of Kim (US 20050197102 A1) hereinafter referred to as Kim.
Regarding Claims 4 and 16, Sato discloses wherein the access command is a write command that requests to write second data into the nonvolatile memory, [paragraph 0040, When the electronic apparatus attempts to read data from or write data to the wireless storage apparatus, or attempts to wirelessly communicate with the wireless storage apparatus, the wireless storage apparatus checks its own lock state. Then, when it is locked, the wireless storage apparatus rejects access thereto. When it is unlocked, the wireless storage apparatus permits access thereto]
The combination of Sato and Hashimoto does not explicitly teach and in a case where the second authentication code…matches the first authentication code, the controller encrypts the second data and writes the encrypted second data into the nonvolatile memory, and in a case where the second authentication code is different from the first authentication code, the controller does not write the second data into the nonvolatile memory.
Haines teaches and in a case where the second authentication code…matches the first authentication code, the controller encrypts the second data and writes the encrypted second data into the nonvolatile memory, [paragraph 0024, If the two codes match and the other information is accurate, then the computer generates an encrypted emergency enable code] [paragraph 0025, The computer then communicates the encrypted emergency enable code to the customer – this encrypted emergency enable code would thus be stored] 
and in a case where the second authentication code is different from the first authentication code, the controller does not write the second data into the nonvolatile memory. [paragraph 0024, the encrypted emergency enable code is only generated if there is a match. Therefore, if there is no match, then the encrypted emergency enable code is not generated and would not be stored] 
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Haines with the disclosures of Sato and Hashimoto. The motivation or suggestion would have been to confirm data in a secure manner. (paragraph 0027)
The combination of Sato, Hashimoto, and Haines does not explicitly teach in the write command.
Kim teaches in the write command [paragraph 0015, The security code is generated when the input command is an equipment identity write command] 
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of with the disclosures of Sato, Hashimoto, and Haines. The motivation or suggestion would have been to ensure security for the write command. (Abstract and throughout)
Regarding Claims 5 and 17, Sato discloses wherein the authentication request command includes authentication information, [Figure 10, elements S1001, S1002, S1003, S1004] 
and in a case where the authentication of the first host using the authentication information is successful, the controller generates an encryption key corresponding to the authentication information, [Figure 10, element S1005]
The combination of Sato and Hashimoto does not explicitly teach and in a case where the second authentication code matches the first authentication code, the controller encrypts the second data with the encryption key.
Haines teaches and in a case where the second authentication code matches the first authentication code, the controller encrypts the second data with the encryption key. [paragraph 0024, If the two codes match and the other information is accurate, then the computer generates an encrypted emergency enable code]
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Haines with the disclosures of Sato and Hashimoto. The motivation or suggestion would have been to confirm data in a secure manner. (paragraph 0027)

Claims 9-11 and 18-20 are rejected under 35 U.S.C. 103 as being unpatentable over Sato in view of Hashimoto, as applied to Claims 1 and 13, above, respectively, and further in view of Fitch et al., (US 9117062 B1) hereinafter referred to as Fitch.
Regarding Claims 9 and 18, the combination of Sato and Hashimoto does not explicitly teach wherein the authentication request command includes encrypted authentication information, and the controller is configured to decrypt the encrypted authentication information, and transmit the first authentication code to the first host upon the authentication of the first host using the decrypted authentication information being successful.
Fitch teaches wherein the authentication request command includes encrypted authentication information, [Column 2, lines 14-17, the request can include a token that is encrypted using a public key or other security information known by the intended recipient] 
and the controller is configured to decrypt the encrypted authentication information, [Column 2, lines 17-18, The intended recipient can decrypt the token using the public key to extract the shared secret] 
and transmit the first authentication code to the first host upon the authentication of the first host using the decrypted authentication information being successful. [Column 2, lines 33-34, sending only the signature but not the secret to the intended destination – the signature can be transmitted to the first host upon successful authentication] 
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Fitch with the disclosures of Sato and Hashimoto. The motivation or suggestion would have been to better protect security information in access requests. (Abstract and throughout)
Regarding Claims 10 and 19, the combination of Sato and Hashimoto does not explicitly teach wherein the controller is configured to transmit the first authentication code that is encrypted to the first host upon the authentication of the first host being successful.
Fitch teaches wherein the controller is configured to transmit the first authentication code that is encrypted to the first host upon the authentication of the first host being successful. [Column 2, lines 33-34, sending only the signature but not the secret to the intended destination – the signature can be transmitted to the first host upon successful authentication] 
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Fitch with the disclosures of Sato and Hashimoto. The motivation or suggestion would have been to better protect security information in access requests. (Abstract and throughout)
Regarding Claims 11 and 20, Sato discloses in a case where the decrypted second authentication code matches the first authentication code, permit the access to the nonvolatile memory; [paragraph 0182, When the apparatus ID 102b included in the condition information 102 matches the received apparatus ID, the wireless storage apparatus 3 permits change of the lock state]
and in a case where the decrypted second authentication code is different from the first authentication code, prohibit the access to the nonvolatile memory. [paragraph 0184, Even if another information processing apparatus is moved close to the wireless storage apparatus 3, the wireless storage apparatus 3 rejects the change of the lock state because the information processing apparatus has a different apparatus ID]
The combination of Sato and Hashimoto does not explicitly teach wherein the second authentication code included in the access command is encrypted, and the controller is configured to: decrypt the encrypted second authentication code.
Fitch teaches wherein the second authentication code included in the access command is encrypted, [Column 2, lines 14-17, the request can include a token that is encrypted using a public key or other security information known by the intended recipient – the same procedure would apply to any number of access commands] 
and the controller is configured to: decrypt the encrypted second authentication code; [Column 2, lines 17-18, The intended recipient can decrypt the token using the public key to extract the shared secret – the same procedure would apply to any number of access commands] 
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Fitch with the disclosures of Sato and Hashimoto. The motivation or suggestion would have been to better protect security information in access requests. (Abstract and throughout)

Claim 12 is rejected under 35 U.S.C. 103 as being unpatentable over Sato in view of Hashimoto, as applied to Claim 1, above, and further in view of Hoff et al., (US 20060129824 A1) hereinafter referred to as Hoff.
Regarding Claim 12, the combination of Sato and Hashimoto does not explicitly teach wherein the memory system conforms to a Trusted Computing Group (TCG) standard.
Hoff teaches wherein the memory system conforms to a Trusted Computing Group (TCG) standard. [paragraph 0009, The Trusted Computing Group (TCG), a standards-setting entity, has defined and published a specification to enable trust and security capabilities on computing platforms in general. They define a trusted subsystem that can be integrated into every computing platform in order to build a secure computing base. The functions defined by the TCG are integrated into a Trusted Platform Module (TPM). The TPM comprises a CPU and memory to securely perform functions relating to security and privacy]
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Hoff with the disclosures of Sato and Hashimoto. The motivation or suggestion would have been “to build a secure computing base.” (paragraph 0009)

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ANDREW J STEINLE whose telephone number is (571)272-9923. The examiner can normally be reached M-F 10am-6pm CT.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni Shiferaw can be reached on (571) 272-3867. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


/ANDREW J STEINLE/Primary Examiner, Art Unit 2497