DETAILED ACTION
This action is in response to the application filed on July 30, 2020. Claims 1-20 are
pending. Of such, claims 1-11 represent a system, claims 12-16 represent a device, and claims 17-20
represent a method directed to a host sending write requests to a storage device.  
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claims 1-20 are rejected under 35 U.S.C. 102(a)(1) and (a)(2) as being anticipated by Shin et al. (US Publication 2015/0350206), hereinafter referred to as Shin. 
Regarding Claim 1, Shin discloses:
A computing system (In ¶ 58 Shin discloses “FIG. 2, a storage system 2000 may include a host 2100 and a storage device 2200”), comprising: a host configured to generate a host authentication code (In ¶ 20 Shin discloses “The host may be configured to generate the authentication code using a shared private key copies of which are stored at both the host and the storage device.”); and a storage device configured to receive a first request among a series of requests, including the first request and a second request, regarding security write and write data from the host (In ¶ 17 Shin discloses “the storage device being configured to receive a WP change request” and in ¶ 13 discloses “The host may be configured such that the request of the host to set or clear the secure WP is provided using a data frame that includes a request/response type field, a write counter field, a nonce field, a block counter field, a data field, an address field, a result field, and an HMAC field.”), generate a device authentication code based on the write data, receive the second request and the host authentication code from the host, and perform a program operation on the write data based on a result of comparing the host authentication code with the device authentication code (In ¶ 21 Shin discloses “The storage device may be configured such that performing the authentication process includes, generating a validation code using the shared private key, performing a comparison operation based on the validation code and the authentication code, and determining whether the WP change request is valid based on a result of the comparison operation.”).
Regarding Claim 2, Shin discloses:
The computing system of claim 1, wherein the host 15generates the host authentication code and provides the write data to the storage device in parallel (In ¶ 13 Shin discloses “The host may be configured such that the request of the host to set or clear the secure WP is provided using a data frame that includes a request/response type field, a write counter field, a nonce field, a block counter field, a data field, an address field, a result field, and an HMAC field.”).
Regarding Claim 3, Shin discloses:
The computing system of claim 1, wherein the host authentication code is generated in parallel with generation of the 20device authentication code by the storage device (In ¶ 21 Shin discloses “[0021] The storage device may be configured such that performing the authentication process includes, generating a validation code using the shared private key”).
Regarding Claim 4, Shin discloses:
The computing system of claim 1, wherein the storage device comprises: a memory device including a write protection area (In ¶ 9 Shin discloses “The register may include a secure WP configuration masking field for controlling register fields associated with the WP, and register fields associated with the write protection may be controlled by the secure WP configuration masking field.”); and 37a memory controller configured to control the security write (In ¶ 55 Shin discloses “The device controller 1230 may control an overall operation of the nonvolatile memory 1210 including a write operation, a read operation, an erase operation, etc. The device controller 1230 may exchange data with the nonvolatile memory 1210 or the buffer memory 1240 through an address or data bus.”).
Regarding Claim 5, Shin discloses:
The computing system of claim 4, wherein the series of requests further includes a third request (In ¶ 17 Shin discloses “the storage device being configured to receive a WP change request”), and wherein the memory controller comprises: a data verification component configured to generate authentication information which indicates integrity of the write data based on the result of comparing the host authentication code and the device authentication code (In ¶ 110 Shin discloses “the security manager 3234 may determine whether the request regarding the secure mode is valid, based on a comparison result of step S140. When the HMAC provided from the host 3100 and the HMAC computed by the storage device 3200 are equal to each other, the security manager 3234 may determine the request regarding the secure mode as being valid.”); and an authenticated write controller configured to control the program operation based on the authentication information in response to the series of requests (In ¶ 62 Shin discloses “the command manager 2232 may send a ready-to-transfer complete signal to the host 2100.”).
Claim 6, Shin discloses:
The computing system of claim 5, wherein the authenticated write controller provides a first response, which indicates whether the first request has been received, to the host in response to the first request, and provides a second response, which indicates whether the second request has been received, to the host in response to the second request (In ¶ 58 Shin discloses “”).
Regarding Claim 7, Shin discloses:
The computing system of claim 5, wherein the authenticated write controller provides a third response, which includes a result of the program operation, to the host in response to the third request received from the host (In ¶ 64 Shin discloses “If a data transfer operation for a command and a program operation are completed, then the storage device 2200 may send a response signal to the host 2100 through an interface and may inform the host 2100 of command completion.”).
Regarding Claim 8, Shin discloses:
The computing system of claim 7, wherein the result of the program operation includes information indicating whether the write data has integrity and information indicating whether the program operation has passed or failed (In ¶ 100 Shin discloses “the security manager 3234 may determine whether the request regarding the secure mode is valid, based on a comparison result of step S140. When the HMAC provided from the host 3100 and the HMAC computed by the storage device 3200 are equal to each other, the security manager 3234 may determine the request regarding the secure mode as being valid. When the HMAC provided from the host 3100 and the HMAC computed by the storage device 3200 are not equal to each other, the security manager 3234 may reject the request regarding the secure mode.”).
Regarding Claim 9, Shin discloses:
The computing system of claim 5, wherein the authenticated write controller controls the memory device to store the write data in the write protection area during the program operation (In ¶ 136 Shin discloses “The host 6100 may write data at the memory card 6200 and may read data from the memory card 6200. The host controller 6110 may provide the memory card 6200 with a command (e.g., a write command), a clock signal CLK generated from a clock generator (not shown) in the host 6100, and data through the host connection unit 6120.”).
Regarding Claim 10, Shin discloses:
The computing system of claim 5, wherein the data verification component comprises: an authentication code generator configured to generate the device authentication code based on a key shared between the host and the storage device and the received write data (In ¶ 98 Shin discloses “a security manager 3234 of the storage device 3200 may calculate a HMAC using a shared private key.”); and an authentication code comparator configured to generate the authentication information based on whether the host authentication code is the same as the device authentication code (In ¶ 100 Shin discloses “In step S150, the security manager 3234 may determine whether the request regarding the secure mode is valid, based on a comparison result of step S140. When the HMAC provided from the host 3100 and the HMAC computed by the storage device 3200 are equal to each other, the security manager 3234 may determine the request regarding the secure mode as being valid.”).
Regarding Claim 11, Shin discloses:
The computing system of claim 1, wherein the device authentication code and the host authentication code are generated based on a message authentication code (MAC) algorithm (In ¶ 22 Shin discloses “The host may be configured such that the authentication code is a keyed-hash message authentication code (HMAC), and the storage device is configured such that the validation code is a HMAC.”).
Regarding Claim 12, Shin discloses:
A host, comprising: a host memory configured to store write data (In ¶ 135 Shin discloses “The host 6100 may contain a host controller 6110 and a host connection unit 6120. The memory card 6200 may include a card connection unit 6210, a card controller 6220, and a flash memory 6230”); and a host processor configured to provide a first request among a series of requests, including at least the first request and a second request, regarding security write and write data to a storage device (In ¶ 13 Shin discloses “The host may be configured such that the request of the host to set or clear the secure WP is provided using a data frame that includes a request/response type field, a write counter field, a nonce field, a block counter field, a data field, an address field, a result field, and an HMAC field.”), provide the write data and generate a host authentication code in parallel, and provide the second request and the host authentication code to the storage device (In ¶ 20 Shin discloses “The host may be configured to generate the authentication code using a shared private key copies of which are stored at both the host and the storage device.”).
Regarding Claim 13, Shin discloses:
The host of claim 12, wherein the host processor provides a third request for requesting a result of a program operation on the write data to the storage device (In ¶ 91 Shin discloses “FIG. 7 is a table schematically illustrating a data frame including information regarding requests and responses for setting and clearing secure WP. Referring to FIG. 7, a data frame including information regarding requests and responses may include fields for Stuff, Key/MAC, Data, Nonce (e.g., a cryptographic nonce), Write Counter (W.C.), Address, Block Count, Result, and Request/Response Type”).
Regarding Claim 14, Shin discloses:
The host of claim 13, wherein the result of the program operation includes information indicating whether the program operation has passed or failed and authentication information indicating integrity of the write data, and wherein the authentication information is generated based on a result of comparing the device authentication code, which is generated by the storage device based on the write data, with the host authentication code (In ¶ 100 Shin discloses “the security manager 3234 may determine whether the request regarding the secure mode is valid, based on a comparison result of step S140. When the HMAC provided from the host 3100 and the HMAC computed by the storage device 3200 are equal to each other, the security manager 3234 may determine the request regarding the secure mode as being valid.”).
Regarding Claim 15, Shin discloses:
The host of claim 12, wherein the host processor generates the host authentication code based on a key shared between the storage device and the host and the write data (In ¶ 20 Shin discloses “The host may be configured to generate the authentication code using a shared private key copies of which are stored at both the host and the storage device.”).
Regarding Claim 16, Shin discloses:
The host of claim 12, wherein the host processor receives a first response indicating whether the first request has been received from the storage device, provides the second request to the storage device in response to the first response, receives a second response indicating whether the second request has been received from the storage device, and provides a third request to the storage device in response to the second response (In ¶ 94 Shin discloses “An authenticated register write response may be provided from the storage device 3200 to the host 3100” and in ¶ 91 further discloses “Referring to FIG. 7, a data frame including information regarding requests and responses may include fields for Stuff, Key/MAC, Data, Nonce (e.g., a cryptographic nonce), Write Counter (W.C.), Address, Block Count, Result, and Request/Response Type.”). 
Regarding Claim 17, Shin discloses:
A method of operating a host, the method comprising: providing a first request among a series of requests, including at least a first request and second request, regarding security write and write data to a storage device in parallel with generating a host authentication code(In ¶ 13 Shin discloses “The host may be configured such that the request of the host to set or clear the secure WP is provided using a data frame that includes a request/response type field, a write counter field, a nonce field, a block counter field, a data field, an address field, a result field, and an HMAC field”); receiving a first response, which indicates whether the first request has been received, from the storage device (In ¶ 94 Shin discloses “An authenticated register write response may be provided from the storage device 3200 to the host 3100”).; and providing the second request and the host authentication code to the storage device (In ¶ 20 Shin discloses “[0020] The host may be configured to generate the authentication code using a shared private key copies of which are stored at both the host and the storage device”).
Regarding Claim 18, Shin discloses: 
The method of claim 17, further comprising: receiving a second response, which indicates whether the second request has been received, from the storage device; providing a third request to the storage device (In ¶ 91 Shin discloses “Referring to FIG. 7, a data frame including information regarding requests and responses may include fields for Stuff, Key/MAC, Data, Nonce (e.g., a cryptographic nonce), Write Counter (W.C.), Address, Block Count, Result, and Request/Response Type.”); and receiving a third response, which includes a result of a program operation on the write data, from the storage device (In ¶ 64 Shin discloses “If a data transfer operation for a command and a program operation are completed, then the storage device 2200 may send a response signal to the host 2100 through an interface and may inform the host 2100 of command completion.”).
Regarding Claim 19, Shin discloses:
The method of claim 18, wherein the host authentication code is generated based on a key shared between the storage device and the host, and the write data (In ¶ 20 Shin discloses “The host may be configured to generate the authentication code using a shared private key copies of which are stored at both the host and the storage device.”).
Regarding Claim 20, Shin discloses:
(In ¶ 100 Shin discloses “the security manager 3234 may determine whether the request regarding the secure mode is valid, based on a comparison result of step S140. When the HMAC provided from the host 3100 and the HMAC computed by the storage device 3200 are equal to each other, the security manager 3234 may determine the request regarding the secure mode as being valid. When the HMAC provided from the host 3100 and the HMAC computed by the storage device 3200 are not equal to each other, the security manager 3234 may reject the request regarding the secure mode.”).
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Ito , US Publication Number 2011/0246707, discloses unlocking and locking a memory device to allow transmission. 
Kanbe, US Publication Number 2020/0244458, discloses a memory system that can communicate with a plurality of hosts.  
Carlson et al, US Publication Number 2021/0026542, discloses a memory device authenticated utilizing authentication codes.
Hausauer et al, US Publication Number  2019/0102568, discloses a method for authenticating to a memory region for a transaction. 

Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Saleh Najjar can be reached on 571-272-4006. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




/SHADI H KOBROSLI/Examiner, Art Unit 2492                                                                                                                                                                                                        

/SALEH NAJJAR/Supervisory Patent Examiner, Art Unit 2492