Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION
1. 	This Office Action is taken in response to Applicants’ Amendments and Remarks filed on 12/1/2021 regarding application 16/922,256 filed on 7/7/2020.  
2. 	Claims 1-15 are pending for consideration.

3.				Response to Amendments and Remarks 
	Applicants’ amendments and remarks have been fully and carefully considered, with the Examiner’s response set forth below.
	(1) In response to the amendments and remarks, an updated claim analysis has been made. Refer to the corresponding sections of the following Office Action for details.

4.					Examiner’s Note
(1) In the case of amending the Claimed invention, Applicant is respectfully requested to indicate the portion(s) of the specification which dictate(s) the structure relied on for proper interpretation and also to verify and ascertain the metes and bounds of the claimed invention. This will assist in expediting compact prosecution.  MPEP 714.02 recites: “Applicant should also specifically point out the support for any amendments made to the disclosure. See MPEP § 2163.06. An amendment which does Amendments not pointing to specific support in the disclosure may be deemed as not complying with provisions of 37 C.F.R.  1.131(b), (c), (d), and (h) and therefore held not fully responsive.  Generic statements such as “Applicants believe no new matter has been introduced” may be deemed insufficient.
(2) Examiner has cited particular columns/paragraph and line numbers in the references applied to the claims above for the convenience of the applicant. Although the specified citations are representative of the teachings of the art and are applied to specific limitations within the individual claim, other passages and figures may apply as well. It is respectfully requested from the applicant in preparing responses, to fully consider the references in entirety as potentially teaching all or part of the claimed invention, as well as the context of the passage as taught by the prior art or disclosed by the Examiner.

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

5.	Claims 10 is rejected under 35 U.S.C. 102(a)(1) and 102(a)(2) as being anticipated by Zhong et al. (US Patent Application Publication 2016/0335154, hereinafter Zhong).
As to claim 10, Zhong teaches A database system [as shown in figure 4] comprising: 
a data storage storing reference copies of data or software stored in the memory of a device [storage system, figure 4, 22; figure 5, 62] comprising: 
a microprocessor [controller chip, figure 5, 68]; 
associated memory [memory, figure 5, 66]; and 
a communication interface [the communication interface to the host as shown in figures 4 and 5], wherein the device is configured to receive, via the interface and from an external entity that is not part of the device [the corresponding external entity is the host (figure 4, 20; figure 5, 60)], an external read request specifying a block of the associated memory of the device [Storage infrastructures and methods that generate hash values based on error correction codes. A system is provided that includes: a code retrieval system implemented on a host having logic for issuing a redundancy read command to a storage system to retrieve a redundancy code for an identified data block; and a hashing system implemented on the host for hashing the redundancy code to generate a hash value based on the redundancy code. A storage system is also provided that includes: a memory for storing data blocks and associated redundancy codes; and a controller having: an input/output for receiving a hash value read command for a specified data block from a host and returning a hash value; a decoding system that extracts a redundancy code associated with the specified data 
wherein the device is further configured to return, in response to the external read request, a first hash value of the content of the specified memory block a microprocessor having read access to the data storage storing the reference copies of the data or the software stored in the memory of the device [Storage infrastructures and methods that generate hash values based on error correction codes. A system is provided that includes: a code retrieval system implemented on a host having logic for issuing a redundancy read command to a storage system to retrieve a redundancy code for an identified data block; and a hashing system implemented on the host for hashing the redundancy code to generate a hash value based on the redundancy code. A storage system is also provided that includes: a memory for storing data blocks and associated redundancy codes; and a controller having: an input/output for receiving a hash value read command for a specified data block from a host and returning a hash value; a decoding system that extracts a redundancy code associated with the specified data block; and an in -memory hashing system for computing a hash operation on the redundancy code (abstract)], 
wherein the database system is configured to receive, via a communication interface and from an entity that is not part of the database system, an external first read request specifying a block of data or software of a device [as shown in figure 2], 
wherein the database system is further configured to return a hash value of the content of the specified block in response to the first read request [Storage a controller having: an input/output for receiving a hash value read command for a specified data block from a host and returning a hash value; a decoding system that extracts a redundancy code associated with the specified data block; and an in -memory hashing system for computing a hash operation on the redundancy code (abstract)], 
wherein the database system is configured to receive an external second read request specifying a block of data or software of a device, wherein the database system is further configured to: return the content of the specified block in response to the second read request [as shown in figure 2, steps 51, 55, 56, and 57, where the host requests and receives the original data].

6.	Claims 1-3, 5, 7-10, and 13-15 are rejected under 35 U.S.C. 102(a)(1) and 102(a)(2) as being anticipated by Flynn et al. (US Patent Application Publication 2010/0031000, hereinafter referred to as Flynn).
As to claim 7, Flynn teaches A device [as shown in figure 1] comprising: 
a microprocessor [storage controller, figure 1, 104]; 
associated memory [data storage device, figure 1, 106]; and 
a communication interface, wherein the device is configured to receive, via the interface and from an external entity that is not part of the device [as shown in figure 1, where external clients (110) are connected to the storage system via a network (112)], an external read request specifying a block of the associated memory of the device [storage request receiver module, figure 2, 202; figure 19, steps 1902-1908; An apparatus, system, and method are disclosed for validating that correct data is read from a storage device. A read request receiver module receives a read storage request to read a data segment of a file or object stored on a data storage device … (abstract)], wherein the device is further configured to: return, in response to the external read request, a first hash value of the content of the specified memory block [figure 19, steps 1902-1908; An apparatus, system, and method are disclosed for validating that correct data is read from a storage device. A read request receiver module receives a read storage request to read a data segment of a file or object stored on a data storage device. The storage request includes one or more source parameters for the data segment. The source parameters include one or more virtual addresses that identify the data segment. A hash generation module generates one or more hash values from the virtual addresses … (abstract)]; 
receiving a second hash value of the data or software in the first block from a reference memory or receiving content of the first block from the reference memory and determining the second hash value [the corresponding second hash value is a stored hash value -- figure 19, steps 1902-1908; … A read data module reads the requested data segment and returns one or more data packets and corresponding stored hash values stored with the data packets. The stored hash values were 
comparing the first hash value and the second hash value [figure 19, steps 1902-1908; … A hash check module verifies that the generated hash values match the respective stored hash values (abstract)]; 
in case the first and second data are different: generating and outputting a signal indicating non-identity of the data or the software stored in the first block of the memory of the device and the data or software stored in the first block of the reference memory [The apparatus 1700 includes a hash check module 1708 that verifies that the one or more hash values generated by the hash generation module 1704 match the respective one or more stored hash values returned by the read data module 1706. If an error in a logical-to-physical map (e.g. the forward and reverse maps 1104, 1122 or some other map) or some other error causes a change in a location referenced by a logical address, data packets may be retrieved by the read data module 1706 and the hash check module 1708 will likely return hash values associated or stored with these incorrect data packets. The hash check module 1708 will then typically determine that the generated hash values do not match the stored hash values. In this case, an error will be detected and a number of actions may be taken, such as retrying the read, regenerating the map, notifying the requesting device, recreating the data from a redundant array of independent drives ("RAID") group, notifying a user, etc. Actions in response to detecting that a generated hash value and a stored hash value do not match are discussed below (¶ 0215)]; 
receiving or extracting error correction information for the first block stored in the memory of the device [… The hash check module 1708 will then typically determine that the generated hash values do not match the stored hash values. In this case, an error will be detected and a number of actions may be taken, such as retrying the read, regenerating the map, notifying the requesting device, recreating the data from a redundant array of independent drives ("RAID") group, notifying a user, etc. Actions in response to detecting that a generated hash value and a stored hash value do not match are discussed below (¶ 0215); When data is transmitted, stored, transformed, etc., occasionally the data can become corrupted. Data corruption can be caused by transient factors such as voltage fluctuations, alpha particles, etc. or by more serious troubles such as component failures. Regardless of the cause, data corruption is a serious problem that requires protection measures to detect and correct data errors. Currently there are numerous methods to detect and correct data errors from simple parity checks to complex error correction code ("ECC") that can detect and correct multiple bit errors (¶ 0005)]; 
receiving the content of the first block from the reference memory if the content has not already been received for determining the second hash value [… The hash check module 1708 will then typically determine that the generated hash values do not match the stored hash values. In this case, an error will be detected and a number of actions may be taken, such as retrying the read, regenerating the map, notifying the requesting device, recreating the data from a redundant array of independent drives ("RAID") group, notifying a user, etc. Actions in response to detecting that a generated hash value and a stored hash value do not match are discussed below (¶ 0215); After a may retrieve or derive another copy of the requested data. For example, if the data is RAIDed or mirrored, the data may be regenerated or retrieved from the mirror. The data may also then be replaced onto the data storage device 106. One of skill in the art will recognize other actions to take if a generated hash value and a stored hash value do not match (¶ 0233)]; and 
iteratively reconstructing the content of the first block stored in the memory of the device [The apparatus 1800, in another embodiment, includes a map rebuild module 1808 where when the hash check module 1708 detects an inconsistency between the generated hash value and the stored hash value one or more times, the map rebuild module 1808 rebuilds one or more maps that map logical addresses associated with stored data and physical addresses where the data is stored. The map rebuild module 1808, in one embodiment, may be associated with or may include the index rebuild module 308 described above in relation to the apparatus 300 of FIG. 3 or to the map rebuild module 802 described in relation to the apparatus 800 of FIG. 8 (¶ 0228)].
As to claim 8, Flynn teaches The device of claim 7, further configured to generate and return, in response to a corresponding read request specifying a block of memory of the device, error correction information for the content of the specified memory block [… The hash check module 1708 will then typically determine that the generated hash values do not match the stored hash values. In this case, an error will be detected and a number of actions may be taken, such as retrying the read, to detect and correct data errors. Currently there are numerous methods to detect and correct data errors from simple parity checks to complex error correction code ("ECC") that can detect and correct multiple bit errors (¶ 0005)].
As to claim 9, Flynn teaches The device of claim 7, further configured to return hash values of the content of a specified block of the memory only for requests to a specific memory address range [… Each virtual address may be a range. For example, a virtual address may be in the form of a virtual identifier with a range (e.g. offset and length) or may represent a range using a first and a last address or location … (¶ 0146-0148); An append point is typically set to an address just after previously stored data or data packets, but in other embodiments, may be set at a beginning address of a page, erase block, division, etc., may be set just after a block of addresses that are unusable, etc … (¶ 0079)].
As to claim 10, it recites substantially the same limitations as in claim 7, and is rejected for the same reasons set forth in the analysis of claim 7. Refer to "As to claim 7" presented earlier in this Office Action for details.

In addition, regarding claim 1, Flynn also teaches in case the first and second hash values are identical: repeating the preceding steps for data or software stored in a different block; generating and outputting a first signal indicating an identity of the data or software stored in the first block of the memory of the device and the data or software stored in the first block of the reference memory and/or terminating the method [The hash check module 1708 determines 2014 for a data packet if a generated hash value matches a stored hash value that was stored with the data packet. If the hash check module 1708 determines 2014 that the generated hash value matches the stored hash value the retrieved data is transmitted to the requesting device and the method 2000 ends … (¶ 0239)]; and 
generating a hash value of the modified content [The apparatus 1300 includes a reverse read module 1304 that reads at least a A portion of the data segment in response to a storage request that includes a read request. Read requests must be coordinated with storage requests that result in modification of a data segment so the apparatus 1300 also includes a read delay module 1306 that delays servicing the requested read until the first storage request is serviced by the append/invalidate module 1202, the restructure module 1204, and the data location update module 1302. The read delay module 1306 maintains data integrity by preventing a read while contents of a data segment are updated or while the index mapped to the data segment is updated … (¶ 0171-0173)]; comparing the hash value of the modified content with the received first hash value [The hash check module 1708 determines 2014 for a data packet if a generated hash value matches a stored hash value that was stored with the data packet. If the hash check module 1708 determines 2014 that the generated hash value matches the stored hash value the retrieved data is transmitted to the requesting device and the method 2000 ends. If the hash check module 1708 determines 2014 that the generated hash value does not match the stored hash value, the hash check module 1708 determines 2016 if a retry limit has been reached. If the hash check module 1708 determines 2016 that a read retry limit has not been reached, the read data module 1706 reads 2012 the requested data segment again (¶ 0239)];           
repeating the preceding iterative steps until the hash value of the modified content and the received first hash value are identical; and comparing the content of the first block received from the reference memory and the content of the reconstructed first block stored in the memory of the device for identifying differences in the content [… If the hash check module 1708 determines 2014 that the generated hash value does not match the stored hash value, the hash check module 1708 determines 2016 if a retry limit has been reached. If the hash check module 1708 determines 2016 that a read retry limit has not been reached, the read data module 1706 reads 2012 the requested data segment again … (¶ 0239-0240)].
As to claim 2, Flynn teaches The method of claim 1, wherein receiving the first hash value comprises: establishing a communication with a communication interface of the device [as shown in figure 1]; transmitting a read request specifying the first block to a communication interface of the device, targeted to return the content of the first block [figure 19, steps 1902-1908; … A read data module reads 
and/or wherein receiving the second hash value comprises: establishing a communication with a communication interface of a database, separate from the device; and transmitting a read request specifying the first block to a communication interface of the database, targeted to return the content of the first block or the corresponding second hash value [figure 14, step 1404; figure 19, steps 1902-1908].
As to claim 3, Flynn teaches The method of claim 1, wherein a begin address and/or an end address of a respective block are iteratively modified for isolating an address range in the memory of the device that is different from the corresponding address range in the reference memory [… Each virtual address may be a range. For example, a virtual address may be in the form of a virtual identifier with a range (e.g. offset and length) or may represent a range using a first and a last address or location … (¶ 0146-0148); An append point is typically set to an address just after previously stored data or data packets, but in other embodiments, may be set at a beginning address of a page, erase block, division, etc., may be set just after a block of addresses that are unusable, etc … (¶ 0079); The apparatus 1800, in another embodiment, includes a map rebuild module 1808 where when the hash check module 1708 detects an inconsistency between the generated hash value and the stored hash value one or more times, the map rebuild module 1808 rebuilds one or more maps that map logical addresses associated with stored data and physical addresses where the data is stored. The map rebuild module 1808, in one embodiment, may be associated 
As to claim 5, Flynn teaches The method of claim 1, wherein carrying out the iterative modification includes exploiting known patterns or properties of the content of the block [The apparatus 1800, in another embodiment, includes a map rebuild module 1808 where when the hash check module 1708 detects an inconsistency between the generated hash value and the stored hash value one or more times, the map rebuild module 1808 rebuilds one or more maps that map logical addresses associated with stored data and physical addresses where the data is stored. The map rebuild module 1808, in one embodiment, may be associated with or may include the index rebuild module 308 described above in relation to the apparatus 300 of FIG. 3 or to the map rebuild module 802 described in relation to the apparatus 800 of FIG. 8 (¶ 0228); … If the hash check module 1708 determines 2014 that the generated hash value does not match the stored hash value, the hash check module 1708 determines 2016 if a retry limit has been reached. If the hash check module 1708 determines 2016 that a read retry limit has not been reached, the read data module 1706 reads 2012 the requested data segment again … (¶ 0239-0240)].
As to claim 13, it recites substantially the same limitations as in claim 1, and is rejected for the same reasons set forth in the analysis of claim 1. Refer to "As to claim 1" presented earlier in this Office Action for details.

As to claim 15, it recites substantially the same limitations as in claim 1, and is rejected for the same reasons set forth in the analysis of claim 1. Refer to "As to claim 1" presented earlier in this Office Action for details.

Claim Rejections - 35 USC § 103
7.	The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all obviousness rejections set forth in this Office action:
(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are such that the subject matter as a whole would have been obvious at the time the invention was made to a person having ordinary skill in the art to which said subject matter pertains.  Patentability shall not be negatived by the manner in which the invention was made.

8.	Claim 4 is rejected under 35 U.S.C. 103 as being unpatentable over Flynn et al. (US Patent Application Publication 2010/0031000, hereinafter referred to as Flynn), and in view of Fisk et al. (US Patent Application Publication 2013/0047233, hereinafter referred to as Fisk).
As to claim 4, Flynn does not teach the content of the first block is received from the reference memory only after sending valid authentication and/or authorization information to an access control entity associated with the reference memory.
However, using authentication and/or authorization information to control accessing data content is well known and commonly used in the art to ensure security of the data system.
an Access Control List identifying computer 106) and if so, establish a connection. Mobile device 104 may be, for example, a handheld device or smart-phone, a personal digital assistant (PDA), an enhanced digital watch, a tablet computer, a notebook, a laptop computer, a thin client, or some other transitory computing device (¶ 0021); If in response to the determination of class, managing program 400 determines that the requested data is protected data, managing program 400 determines if the authorization level of computer 106 allows computer 106 to access protected data (decision block 418) … Similarly, if the requested data is private, managing program 400 determines if the authorization level of computer 106 allows computer 106 to access private data (decision block 422) and if the authorization level is sufficient, sends the data to computer 106 (step 424) (¶ 0052-0053)].
Therefore, it would have been obvious for one of ordinary skills in the art prior to Applicant’s invention to allow the content of the first block is received from the reference memory only after sending valid authentication and/or authorization information to an access control entity associated with the reference memory, as demonstrated by Fisk, and to incorporate it into the existing scheme disclosed by Flynn, in order to ensure security of the data system.
9.	Claim 6 is rejected under 35 U.S.C. 103 as being unpatentable over Flynn et al. (US Patent Application Publication 2010/0031000, hereinafter referred to as Flynn), and in view of Rathke (US Patent Application Publication 2017/0329635).
As to claim 6, Flynn does not teach decompiling program instructions.
However, decompiling program instructions is well known and commonly used in the art to reconstruct the source code.
For example, Rathke specifically teaches decompiling program instructions [Assigning an instruction to a particular compute node may comprise, identifying one or more emulated computing resources referenced by the instruction, determining translations between the emulated computing resources referenced by the instruction and physical computing resources of the compute nodes, and assigning the instruction to the particular compute node based on the determined translations. Identifying the one or more emulated computing resources referenced by the instruction may comprise decompiling the instruction … (¶ 0008); … In the FIG. 3 embodiment, the distributed execution manager 222 comprises a decompile unit 320, an instruction queue 322, and an execution manager 324. The decompile unit 320 may be configured to receive and/or fetch the binary instructions 301 for execution (e.g., fetch from memory by use of emulated cache control and/or the distributed memory manager 226, as disclosed in further detail herein). The decompile unit 320 may be further configured to decompile the binary instructions 301 into an intermediate format to produce instructions 303. The intermediate format may comprise an opcode format of the binary instructions 301 (e.g., an assembly language format). The decompile unit 320 may queue the instructions 303 in the queue 322 … (¶ 0058)].
decompiling the instruction … (¶ 0008)].
10.	Claims 11-12 are rejected under 35 U.S.C. 103 as being unpatentable over Zhong et al. (US Patent Application Publication 2016/0335154, hereinafter Zhong), and in view of Fisk et al. (US Patent Application Publication 2013/0047233, hereinafter referred to as Fisk).
As to claim 11, Zhong does not teach the content of the first block is received from the reference memory only after sending valid authentication and/or authorization information to an access control entity associated with the reference memory.
However, using authentication and/or authorization information to control accessing data content is well known and commonly used in the art to ensure security of the data system.
For example, Fisk specifically teaches the content of the first block is received from the reference memory only after sending valid authentication and/or authorization an Access Control List identifying computer 106) and if so, establish a connection. Mobile device 104 may be, for example, a handheld device or smart-phone, a personal digital assistant (PDA), an enhanced digital watch, a tablet computer, a notebook, a laptop computer, a thin client, or some other transitory computing device (¶ 0021); If in response to the determination of class, managing program 400 determines that the requested data is protected data, managing program 400 determines if the authorization level of computer 106 allows computer 106 to access protected data (decision block 418) … Similarly, if the requested data is private, managing program 400 determines if the authorization level of computer 106 allows computer 106 to access private data (decision block 422) and if the authorization level is sufficient, sends the data to computer 106 (step 424) (¶ 0052-0053)].
Therefore, it would have been obvious for one of ordinary skills in the art prior to Applicant’s invention to allow the content of the first block is received from the reference memory only after sending valid authentication and/or authorization information to an access control entity associated with the reference memory, as demonstrated by Fisk, and to incorporate it into the existing scheme disclosed by Zhong, in order to ensure security of the data system.
.
11.	Claims 11-12 are rejected under 35 U.S.C. 103 as being unpatentable over Flynn et al. (US Patent Application Publication 2010/0031000, hereinafter referred to as Flynn), and in view of Fisk et al. (US Patent Application Publication 2013/0047233, hereinafter referred to as Fisk).
As to claim 11, Flynn does not teach the content of the first block is received from the reference memory only after sending valid authentication and/or authorization information to an access control entity associated with the reference memory.
However, using authentication and/or authorization information to control accessing data content is well known and commonly used in the art to ensure security of the data system.
For example, Fisk specifically teaches the content of the first block is received from the reference memory only after sending valid authentication and/or authorization information to an access control entity associated with the reference memory [When mobile device 104 finds itself in close proximity to a compatible device, such as computer 106, mobile device 104 can determine if proper permissions for communication exist (for example, by Bluetooth protocol and an Access Control List identifying computer 106) and if so, establish a connection. Mobile device 104 may be, for example, a handheld device or smart-phone, a personal digital assistant (PDA), an enhanced digital watch, a tablet computer, a notebook, a laptop computer, a thin client, or some other transitory computing device (¶ 0021); If in response to the determination determines if the authorization level of computer 106 allows computer 106 to access protected data (decision block 418) … Similarly, if the requested data is private, managing program 400 determines if the authorization level of computer 106 allows computer 106 to access private data (decision block 422) and if the authorization level is sufficient, sends the data to computer 106 (step 424) (¶ 0052-0053)].
Therefore, it would have been obvious for one of ordinary skills in the art prior to Applicant’s invention to allow the content of the first block is received from the reference memory only after sending valid authentication and/or authorization information to an access control entity associated with the reference memory, as demonstrated by Fisk, and to incorporate it into the existing scheme disclosed by Flynn, in order to ensure security of the data system.
As to claim 12, it recites substantially the same limitations as in claim 11, and is rejected for the same reasons set forth in the analysis of claim 11. Refer to "As to claim 11" presented earlier in this Office Action for details.

Conclusion
12.	Claims 1-15 are rejected as explained above. 
13. 	THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE

14.	Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHENG JEN TSAI whose telephone number is 571-272-4244.  The examiner can normally be reached on Monday-Friday, 9-6.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Charles Rones can be reached on 571-272-4085. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).
/SHENG JEN TSAI/Primary Examiner, Art Unit 2136                                                                                                                                                                                                        
February 4, 2021