DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


Claims 1-7, 9, 11 and 17-18 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by US patent 20180268146 granted to Suryanarayana et al.
Regarding claim 1, Suryanarayana meets the claimed limitations as follows:
“A method, comprising: 
generating a first device-specific cryptographic key based at least in part on a first partition of a memory device; 
258 for each corresponding partition of memory is dynamically generated and stored . . .) 
“assigning the first device-specific cryptographic key to a first virtual machine associated with the memory device; 
assigning the second device-specific cryptographic key to a second virtual machine associated with the memory device and different from the first virtual machine; ” see paragraph [0029] (. . . a plurality of virtual machines (e.g. guest device (202, 204, and 206). . . The unique virtual platform key is selectively assigned . . . each platform key is selectively accessible via a guest device (202, 204, and 206) . . .) 
“and authenticating at least one of the first virtual machine or the second virtual machine based at least in part on respective ones of the first device-specific cryptographic key or the second device-specific cryptographic key.” see paragraph [0032] (. . . virtual platform key in a corresponding partition memory, client interface dynamically generates a valid session identification. . . using the valid session identification enable boot emulator 232 to dynamically authenticating a requesting virtual machine . . .).
Regarding claim 2, Suryanarayana meets the claimed limitations as follows:
“The method of claim 1, wherein the first partition is associated with a first set of memory cells of the memory device and the second partition is associated with a second set of memory cells of the memory device different from the first set of memory cells.” see paragraph [0029].

“The method of claim 1, further comprising: generating a third device-specific cryptographic key based at least in part on the memory device; and assigning the third device-specific cryptographic key to the memory device.” see paragraph [0029].
Regarding claim 4, Suryanarayana meets the claimed limitations as follows:
“The method of claim 3, wherein the third device-specific cryptographic key is generated based at least in part on the first partition of the memory device and the second partition of the memory device.” see paragraph [0029] (. . . the unique virtual platform key is a combination of a uniquely generated identification and a select portion of a predecessor platform key. . .).
Regarding claim 5, Suryanarayana meets the claimed limitations as follows:
“The method of claim 3, wherein the third device-specific cryptographic key is generated based at least in part on a third partition of the memory device that is different from the first partition and the second partition.” see paragraph [0029] (. . . A unique virtual platform key 258 for each corresponding partition of memory is dynamically generated and stored . . .).
Regarding claim 6, Suryanarayana meets the claimed limitations as follows:
“The method of claim 5, wherein the third partition corresponds to all memory cells of the memory device.” see paragraph [0029].
Regarding claim 7, Suryanarayana meets the claimed limitations as follows:
“The method of claim 1, wherein authenticating the first virtual machine comprises: receiving, from the first virtual machine, a command signed with a first signature associated with the first virtual machine; and verifying that the first 
Regarding claim 9, Suryanarayana meets the claimed limitations as follows:
“The method of claim 7, wherein authenticating the second virtual machine comprises: receiving, from the second virtual machine, a second command signed with a second signature associated with the second virtual machine; and verifying that the second signature is valid based at least in part on a second authentication procedure using the second device-specific cryptographic key.” see paragraphs [0016] and [0031].
Regarding claim 11, Suryanarayana meets the claimed limitations as follows:
“A method, comprising: 
receiving a first cryptographic key from a first virtual machine associated with a memory device; 
receiving a second cryptographic key from a second virtual machine associated with the memory device;” see paragraph [0029] (. . . A unique virtual platform key 258 for each corresponding partition of memory is dynamically generated and stored . . .) 
“performing a first authentication procedure for the first virtual machine based at least in part on validating the first cryptographic key by the memory device; 
and performing a second authentication procedure for the second virtual machine based at least in part on validating the second cryptographic key by the memory device.” see paragraph [0032] (. . . virtual platform key in a corresponding partition memory, client interface dynamically generates a valid session identification. . . using the valid session identification enable boot emulator 232 to dynamically authenticating a requesting virtual machine . . .).

“The method of claim 11, wherein: the first cryptographic key is specific to a first partition of memory cells of the memory device; and the second cryptographic key is specific to a second partition of memory cells of the memory device different than the first partition of memory cells.” see paragraph [0029].

Claim 18 is an apparatus claim that is substantially equivalent to method claim 1. Therefore, claim 18 is rejected by a similar rationale.

Allowable Subject Matter
Claims 8, 10, 12-16, and 19-20 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
The following is a statement of reasons for the indication of allowable subject matter:  
With respect to claim 8, the cited prior art fails to specifically teach the method of claim 7, wherein authenticating the first virtual machine further comprises:  verifying that code of an operating system associated with the first virtual machine is non-malicious based at least in part on the first signature, wherein authenticating the first virtual machine is further based at least in part on verifying that the code of the operating system is non-malicious.
With respect to claim 10, the cited prior art fails to specifically teach the method of claim 9, wherein authenticating the second virtual machine further 
With respect to claim 12, the cited prior art fails to specifically teach the method of claim 11, further comprising: verifying that code of an operating system associated with the first virtual machine is non-malicious based at least in part on the first cryptographic key, wherein performing the first authentication procedure is based at least in part on verifying that the code of the operating system is non-malicious.
With respect to claim 13, the cited prior art fails to specifically teach the method of claim 12, further comprising: generating a hash of the code of the operating system associated with the first virtual machine, wherein verifying that the code is non-malicious is based at least in part on generating the hash of the code.
With respect to claim 14, the cited prior art fails to specifically teach the method of claim 12, further comprising: verifying that the received first cryptographic signature is valid, and wherein performing the first authentication procedure is further based at least in part on verifying that the received first cryptographic signature is valid. 
With respect to claim 15, the cited prior art fails to specifically teach the method of claim 12, further comprising: verifying that code of a second operating system associated with the second virtual machine is non-malicious based at least in part on the second cryptographic key, wherein performing the second authentication procedure is based at least in part on verifying that the code of the second operating system is non-malicious.

With respect to claim 19, the cited prior art fails to specifically teach the apparatus of claim 18, wherein the first device-specific cryptographic key corresponds to a device in communication with the first virtual machine, and wherein the controller is operable to: receive, from the first virtual machine, a command signed with a first signature associated with the first virtual machine; verify that the first signature is valid based at least in part on an authentication procedure using the first device-specific cryptographic key; and verify that code of an operating system associated with the first virtual machine is non-malicious based at least in part on verifying that the first signature is valid.
With respect to claim 20, the cited prior art fails to specifically teach the apparatus of claim 18, wherein the second device-specific cryptographic key corresponds to a device in communication with the second virtual machine, and wherein the controller is operable to: receive, from the second virtual machine, a command signed with a second signature associated with the second virtual machine; verify that the second signature is valid based at least in part on an authentication procedure using the second device-specific cryptographic key; and verify that code of an operating system associated with the second virtual machine is non-malicious based at least in part on verifying that the second signature is valid.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MATTHEW B SMITHERS whose telephone number is (571)272-3876. The examiner can normally be reached 8:00-4:00 (Teleworking).
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kristine Kincaid can be reached on 571-272-4063. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/MATTHEW SMITHERS/
Primary Examiner
Art Unit 2437