DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Objections
Claims 6, 20 are objected to because of the following informalities:  
In line 5 of Page 11, “the secure identifier” is repeated in Claim 6 with no further information and it is recommended that the phrase be removed. 
In line 19 of Page 13, it is recommended that “allowing” be modified to “allows”. 
Appropriate correction is required.

Claim Rejections - 35 USC § 112
The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.

The following is a quotation of the first paragraph of pre-AIA  35 U.S.C. 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention.

Claims 5 and 10 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement. The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the 
Regarding Claim 5, the claim recites the additional limitation of “wherein the handshake module comprises a hash circuit to derive the secure identifier with a device key and a secure trusted platform module” (Page 10, lines 22-25). Regarding deriving the secure identifier with the hash circuit, the specification merely recites “the handshake module 172 can employ a hash circuit 194 that conducts hash functions with the device key and the system trusted platform module (TPM) to derive a secure identifier that indicates the storage device” (Page 7, lines 3-6). No information is provided in the specification in how these hash functions specifically derive the secure identifier beyond what is claimed. That is, no information is provided in which one of ordinary skill in the art could predict to derive the secure identifier, i.e. whether the secure identifier is an output of hashing the device key, formed using a hash value as only one of the inputs, formed using a keyed hash function wherein the device key is used, etc. For this reason, a person of ordinary skill in the art would not view the applicant to have been in possession of the generic subject matter claimed based on the information disclosed in the specification.
Regarding Claim 10, the claim recites the additional limitation of “wherein the secure identifier is derived using a cryptographic function to combine the key certificate and a security data of the data storage device to generate a hash value” (Page 11, lines 21-23). Regarding deriving the secure identifier using a cryptographic function, the specification merely recites “the handshake module 172 can employ a hash circuit 194 that conducts hash functions with the device key and the system trusted platform module (TPM) to derive a secure identifier that indicates the storage device” (Page 7, lines 3-6). As argued above for Claim 5, there is no information provided in which one of ordinary skill in the art could predict to derive the secure identifier from the hash value. Furthermore, the claim is directed more generally to combining the key certificate and a security data of the data storage device. No further 

The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.

Claim 5 is rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being incomplete for omitting essential structural cooperative relationships of elements, such omission amounting to a gap between the necessary structural connections.  See MPEP § 2172.01.  The omitted structural cooperative relationships are how the hash functions are used in conjunction with the device key and trusted platform module, and how the hash value is used to form the secure identifier. As argued previously, the lack of written description in the specification, i.e. omission of these relationships, prevent one ordinary skill in the art to predict how to derive the secure identifier, rendering the scope of the claim indefinite. 
Claim 10 is rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being incomplete for omitting essential structural cooperative relationships of elements, such omission amounting to a gap between the necessary structural connections.  See MPEP § 2172.01.  The omitted structural cooperative relationships are how the cryptographic functions are used in conjunction with the key certificate and security data, and how the hash value is used to form the secure identifier. As argued previously, the lack of written description in the specification, i.e. omission of these 

Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


Claims 1-4, 6-8 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Orsini et al. (U.S. Pub. No. 2011/0246817 A1) hereinafter referred to as “Orsini”. 
Regarding Claim 1:
	Orsini discloses the following limitations:
	An apparatus comprising a storage device encoded with a key certificate (Par. [0105], FIG. 2 also illustrates the trust engine 110 having the mass storage 225 (An apparatus comprising a storage device)… the mass storage 225 may be used to store digital certificates having the public key of a user contained therein (encoded with a key certificate)). The trust engine of Orsini comprises a storage device, and this storage device contains key certificates, i.e. digital certificates which inherently have public keys.
(Par. [0129], similarly, the data units may be distributed into one or more shares according to a fixed or predetermined data unit size, a pattern or combination of data unit sizes, or a randomly generated data unit size or sizes per share (the data storage device initialized into a distributed data system)). The system of Orsini is directed towards a distributed data system which stores data as shares across various servers (Par. [0098], According to one embodiment, the depository 210 comprises one or more data storage facilities, such as, for example, a directory server, a database server, or the like). As such, the storage device is considered to be inherently initialized into the distributed data system as it is one of the essential components of the system of Orsini under the broadest reasonable interpretation.
	a handshake module of the data storage device to derive a secure identifier (Par. [0120], the cryptographic engine 220 also comprises a cryptographic handling module 625 configured to perform one, some or all of a wide number of cryptographic functions. According to one embodiment, the cryptographic handling module 625 may comprise software modules or programs, hardware, or both. According to another embodiment, the cryptographic handling module 625 may perform data comparisons, data parsing, data splitting, data separating, data hashing, data encryption or decryption, digital signature verification or creation, digital certificate generation, storage, or requests, cryptographic key generation, or the like (a handshake module of the data storage device to derive a secure identifier)). The trust engine of Orsini comprises a cryptographic engine which contains a cryptographic module. This cryptographic module may derive a secure identifier in the form of generating cryptographic keys/hashes/signatures. That is, under the broadest reasonable interpretation, these constitute a secure identifier as they are used to securely transmit data to the proper location, hence identifying the connection to be secure. Regarding the phrase “module of the data storage device”, it is noted that the trust engine of Orsini comprises “one or more secure servers, or a trust engine” (Par. [0071]). Therefore, the components of the trust engine can be considered to be combined together into a single device as seen fit, since Orsini discloses the case in which the trust engine comprises a single server. As such, any modules hereinafter may be considered to be modules of the data storage device under the broadest reasonable interpretation. 
	a provenance module of the data storage device to monitor data storage device activity and maintain an in-device provenance (Par. [0097], the transaction engine (a provenance module of the data storage device) 205 may advantageously create an audit trail. According to one embodiment, the audit trail includes a record of at least the type and format of data routed by the transaction engine 205 throughout the cryptographic system 100 (monitor data storage device activity and maintain an in-device provenance). Such audit data may advantageously be stored in the mass storage 225). The trust engine of Orsini includes a transaction engine which keeps a record of transactions through an audit trail. As the device is able to perform this function, this also inherently meets the limitation of “monitor data storage device activity” under the broadest reasonable interpretation. 
	and a trusted data pathway between the data storage device and a host of the distributed data storage system formed with the secure identifier (Par. [0102], the communications to the authentication engine comprise secure communications (and a trusted data pathway between the data storage device), such as, for example, SSL technology. Additionally, security can be provided within the trust engine 110 components, such as, for example, super-encryption using public key technologies. For example, according to one embodiment, the user (a host of the distributed data storage system) encrypts the current authentication data with the public key of the authentication engine 215 (formed with the secure identifier). In addition, the depository 210 also encrypts the enrollment authentication data with the public key of the authentication engine 215. In this way, only the authentication engine's private key can be used to decrypt the transmissions). In the system of Orsini, a user, i.e. a host of the system as defined within the specification as “any generator of a data access request” (Page 3, line 12), has their communication encrypted by a public key of the authentication engine, and this public key is supplied by the cryptographic engine of Orsini. 

Regarding Claim 2:
	Orsini discloses Claim 1.
	Orsini further discloses the following limitation:
	wherein the handshake module and provenance module are each resident in a housing of the data storage device (Par. [0071], one or more secure servers, or a trust engine (the handshake module and provenance module are each resident in a housing of the data storage device)). In the above argument for Claim 1, it was argued that the trust engine of Orsini comprises a cryptographic engine (handshake module) and a transaction engine (provenance module). Furthermore, it was argued that since the trust engine of Orsini may comprise that of a single server, the modules are inherently resident within the same device, i.e. inherently resident in a housing of the data storage device. 

Regarding Claim 3:
	Orsini discloses Claim 1.
	Orsini further discloses the following limitation:
	wherein the handshake module comprises a lock circuit to execute at least one protection policy to prevent access to the data storage device by a third party (Par. [0101], according to one embodiment, the authentication engine 215 comprises a data comparator (wherein the handshake module comprises a lock circuit) configured to compare data from the transaction engine 205 with data from the depository 210 (to execute at least one protection policy). For example, during authentication, a user supplies current authentication data to the trust engine 110 such that the transaction engine 205 receives the current authentication data; Par. [0377], any data set that is desired to be kept secure from any unauthorized user may be secured using the methods and systems described herein (to prevent access to the data storage device by a third party)). The authentication engine of Orsini checks the user’s identity through comparing the user’s authentication data with the access request with the authentication data submitted at time of enrollment. In this interpretation, the handshake module is considered to be the combination of the authentication engine and the cryptographic engine of Orsini.

Regarding Claim 4:
	Orsini discloses Claim 1.
	Orsini further discloses the following limitation:
	wherein the handshake module comprises a trust circuit to establish and maintain the trusted data pathway (Par. [0102], the communications to the authentication engine comprise secure communications (to establish and maintain the trusted data pathway), such as, for example, SSL technology. Additionally, security can be provided within the trust engine 110 components, such as, for example, super-encryption using public key technologies. For example, according to one embodiment, the user encrypts the current authentication data with the public key of the authentication engine 215 (wherein the handshake module comprises a trust circuit)). As argued previously in Claims 1 and 3, the authentication engine, which is treated here to be part of the handshake module, establishes a trusted data pathway by establishing encryption on top of the user authentication data. 

Regarding Claim 6:
	Claim 6 is drawn to the method of using corresponding to the apparatus same as claimed in Claim 1. Therefore, method Claim 6 corresponds to apparatus Claim 1, and is rejected for the same ((Par. [0102], the communications to the authentication engine comprise secure communications (form a trusted relationship), such as, for example, SSL technology. Additionally, security can be provided within the trust engine 110 components, such as, for example, super-encryption using public key technologies. For example, according to one embodiment, the user (a host of the distributed data storage system) encrypts the current authentication data with the public key of the authentication engine 215 (utilizing the secure identifier)). Under the broadest reasonable interpretation, “forming a trusted pathway” and “form a trusted relationship” are considered to be similar and correspond to each other accordingly. 

Regarding Claim 7:
	Orsini discloses Claim 6.
	Orsini further discloses the following limitation:
	wherein the provenance module authenticates data within the data storage device to maintain the in-device provenance (Par. [0101], according to one embodiment, the authentication engine 215 comprises a data comparator configured to compare data from the transaction engine 205 (wherein the provenance module authenticates data within the data storage device to maintain the in-device provenance) with data from the depository 210. For example, during authentication, a user supplies current authentication data to the trust engine 110 such that the transaction engine 205 receives the current authentication data). The transaction engine and authentication engine may be considered together to form the provenance module under the broadest reasonable interpretation. Therefore, the transaction engine, which sends the data to the authentication engine for authentication, both authenticates the data and maintains the in-device provenance. That is, authenticating the data inherently meets the limitation of maintaining the in-device provenance as each transaction is recorded in the audit log of Orsini. 

Regarding Claim 8:
	Orsini discloses Claim 7.
	Orsini further discloses the following limitation:
	wherein the data is authenticated by testing a previous source and destination for data (Par. [0101], the authentication engine 215 comprises a data comparator (data is authenticated) configured to compare data from the transaction engine 205 with data from the depository 210 (testing a previous source and destination for data)). The system of Orsini authenticates data by comparing the authentication data with the enrollment authentication data stored in the depository. This enrollment data under the broadest reasonable interpretation is considered a previous source and destination for data, as it is data which has been previously submitted by the user (previous source) to be stored in the depository (destination for data). 

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim 5 is rejected under 35 U.S.C. 103 as being unpatentable over Orsini as applied to Claim 1 above, and further in view of Volkanov et al. (U.S. Patent No. 10,474,831 B1) hereinafter referred to as “Volkanov”.

	Orsini discloses Claim 1:
	Orsini further discloses the following limitation:
	wherein the handshake module comprises a hash circuit to derive the secure identifier with a device key (Par. [0147], as mentioned in the foregoing, the cryptographic handling module 625 (wherein the handshake module comprises a hash circuit to derive the secure identifier) may advantageously perform hashing, hash comparisons, data encryption or decryption, digital signature verification or creation, or the like; Par. [0102], in addition, the depository 210 also encrypts the enrollment authentication data (derive the secure identifier) with the public key of the authentication engine 215 (with a device key). In this way, only the authentication engine's private key can be used to decrypt the transmissions). The encrypted authentication data of Orsini may be considered to be a secure identifier, i.e. it is used to identify a secured connection to a user by verifying their identity under the broadest reasonable interpretation. Regarding the phrase “a hash circuit”, the cryptographic module is able to perform hashing operations, so it is considered to comprise a hash circuit. 
	(disclosed by Volkanov below)
	
	Volkanov discloses the following limitation not taught by Orsini:
	and a secure trusted platform module (Col. 3, lines 45-50, one method of verifying the boot image and/or the operating system files is to use a secure cryptoprocessor (e.g., a hardware security module (“HSM”) or trusted platform module (“TPM”)) of the computation server to verify a signature or hash of the shared boot image and/or the operating system files). Orsini does not disclose using a trusted platform module. However, Volkanov teaches that a trusted platform module may be used in combination with performing and comparing hashes. Furthermore, Volkanov teaches that using a trusted platform module has the benefit of providing tamper resistance (Col. 7, line 43). 

	References Orsini and Volkanov are considered to be analogous art because they both relate to securely storing data. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the storage device of Orsini with the trusted platform module of Volkanov to gain the benefit of tamper resistance for the hardware. 

	Claim 9 is rejected under 35 U.S.C. 103 as being unpatentable over Orsini as applied to Claim 6 above, and further in view of Saito (JP 2007-336180 A) hereinafter referred to as “Saito”.
Regarding Claim 9:
	Orsini discloses Claim 6.
	Saito discloses the following limitation not taught by Orsini:
	wherein the provenance module authenticates the data storage device by maintaining a provenance log of connections to the data storage device (Page 3, Par. 2, when the server authenticates the control unit (wherein the provenance module authenticates the data storage device), the server creates a connection log (by maintaining a provenance log of connections to the data storage device) with the control unit and disconnects the communication state with the control unit, and then confirms the connection state with the control unit based on the connection log). Orsini discloses authenticating the data within the storage device, but not authenticating the storage device itself. Saito however discloses that a connection log may be used to authenticate the storage device itself. Saito further teaches that such an authentication through the connection log allows for periodic authentication and updates to the storage device (Page 3, Par. 8, after obtaining the user's consent, the server acquires the version information of the control program of the control means on the user side, and the server controls the necessary update program accordingly).

	References Orsini and Saito are considered to be analogous art because they both relate to the authentication of networked devices. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the storage device of Orsini with the device authentication of Saito in order to gain the benefit of periodic authentication/updates. 

	Claims 10-11, 17 are rejected under 35 U.S.C. 103 as being unpatentable over Orsini and further in view of Ducklin (NPL - “Serious Security: How to Store Your Users’ Passwords Securely”) hereinafter referred to as “Ducklin”.
Regarding Claim 10:
	Orsini discloses Claim 6.
	Orsini further discloses the following limitation:
	wherein the secure identifier is derived using a cryptographic function to combine the key certificate and a security data of the data storage device (Par. [0102], in addition, the depository 210 also encrypts the enrollment authentication data (wherein the secure identifier is derived … and a security data of the data storage device) with the public key of the authentication engine 215 (using a cryptographic function to combine the key certificate). In this way, only the authentication engine's private key can be used to decrypt the transmissions)

	Ducklin discloses the following limitation not taught by Orsini:
	to generate a hash value (Page 7, Bullet 6, store the iteration count, the salt and the final hash (generate a hash value) in your password database). As argued in Claim 5, the secure identifier may be considered to be the encrypted authentication data of Orsini. This authentication data may comprise that of a password (Par. [0203], examples of knowledge-based authentication include without limitation a password). Orsini stores this authentication data within its depository to verify a user. The unencrypted, un-hashed enrollment data is considered to be the security data, as it is used for authentication. Likewise, the usage of the key certificate here is interpreted to mean using the authentication engine key which corresponds to the key of the certificate. Orsini however does not disclose hashing in this manner. Reference Ducklin however discloses that stored passwords should be hashed in order to have better security, especially as an HMAC hash which uses a key. 
	
	References Orsini and Ducklin are considered to be analogous art because they both relate to securely storing data. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the storage device of Orsini with the storage of password hashes of Ducklin in order to gain the benefit of increased security. 

Regarding Claim 11:
	The combination of references Orsini/Ducklin discloses Claim 10.
	Orsini further discloses the following limitation:
	wherein the hash value is employed during a subsequent initialization of communications between the storage device and the host (Par. [0079], the trust engine 110 may advantageously require the user to produce the authentication data (wherein the hash value is employed during a subsequent initialization of communications between the storage device and the host) at the time of each transaction, or, the trust engine 110 may advantageously allow the user to periodically produce authentication data, such as at the beginning of a string of transactions or the logging onto a particular vendor website). The system of Orsini may require checking the authentication data for every transaction. As the hashed password stored in the depository is understood to be the hash value, this means that it is employed inherently whenever authentication is performed, i.e. subsequent initialization of communications. The same reasons for combination/motivation of references used in Claim 10 are used here. 
	
Regarding Claim 17:
	The combination of references Orsini/Ducklin discloses Claim 10.
	Orsini further discloses the following limitation:
	wherein the provenance module monitors a number and source of data connections in a log over time to maintain the in-device provenance (Par. [0117], the comparator 515 may advantageously track authentication attempts for a particular transaction (wherein the provenance module monitors a number and source of data connections). For example, when a transaction fails, the trust engine 110 may request the user to re-enter his or her current authentication data. The comparator 515 of the authentication engine 215 may advantageously employ an attempt limiter 535 (in a log over time to maintain the in-device provenance) to limit the number of authentication attempts). Orsini teaches that an attempt limiter tracks the number of data connections from a particular source in order to prevent repeated authentication attempts from someone attempting to impersonating a user. Under the broadest reasonable interpretation, this tracking is inherently done in a log over time as the attempt limiter needs to track the number of attempts, and this log further constitutes the device provenance, as this is part of the history of connections. The same reasons for combination/motivation of references used in Claim 10 are used here. 

	Claims 12 and 14 are rejected under 35 U.S.C. 103 as being unpatentable over Orsini and further in view of Jain et al. (U.S. Pub. No. 2012/0137127 A1) hereinafter referred to as “Jain”.

	Orsini discloses Claim 6.
	Jain discloses the following limitation not taught by Orsini:
	wherein the key certificate is unique to the data storage device (Claim 26, wherein the device certificate is unique to the individual device). Orsini does not teach the key certificate to be unique to the data storage device. Jain however teaches that a device certificate may be included, and this device certificate is unique to the data storage device. Jain further teaches that including such a device certificate has the benefit of providing digital rights management through verifying user access (Par. [0005], the device certificate is unique to the consumer electronics device and typically allows a person using the consumer electronics device to access protected content desired to be played on the device).

	References Orsini and Jain are considered to be analogous art because they both relate to the secure storage/access of data. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the storage device of Orsini with the device certificate of Jain in order to gain the benefit of individualized device certificates which aid in accessing protected media content in digital rights management. 

Regarding Claim 14:
	The combination of references Orsini/Jain discloses Claim 12.
	Jain further discloses the following limitation:
	wherein the key certificate is generated from operational metrics during manufacturer testing (Claim 1, accessing a device template that is stored on an individual device of a plurality of devices of a product line, the device template (the key certificate is generated) comprising information common to the plurality of devices of the product line (operational metrics during manufacturer testing)). Jain teaches that device certificates may include device information which is common to that of the product line. Under the broadest reasonable interpretation, this meets the limitation of operational metrics during manufacturer testing because these are device characteristics, i.e. features which characterize the device and hence its operation, and are established before manufacture, i.e. manufacturer testing. The same reasons for combination/motivation of references used in Claim 12 are used here. 

	Claim 13 is rejected under 35 U.S.C. 103 as being unpatentable over the combination of Orsini/Ducklin as applied to Claim 10 above, and further in view of Jain.
Regarding Claim 13:
	The combination of Orsini/Ducklin discloses Claim 10.
	Jain discloses the following limitation not taught by the combination of Orsini/Ducklin:
	wherein the key certificate is encoded by a manufacturer prior to user data being stored on the data storage device (Claim 27, wherein the device certificate is provided on the individual device at a time of manufacture of the individual device). The combination of references Orsini/Ducklin does not teach the device certificate being encoded by the manufacturer. Reference Jain however teaches that a device certificate, which is known in the art to be provided at the time of manufacturer, may be used for access control of protected content. Jain further teaches that it is common for manufacturers to install unique device certificates in devices at time of manufacture (Par. [0037], each consumer electronics device 201, 202, 203 is built with a corresponding unique device certificate 204, 205, 206). By providing certificates before user data is entered, Jain teaches that this ensures that DRM content is accessed only by authorized users (Par. [0039], typically creates the device certificate before DRM content is accessed).

	The combination of references Orsini/Ducklin and Jain are considered to be analogous art because they both relate to the secure storage/access of data. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the storage device of Orsini/Ducklin with the device certificate of Jain in order to gain the benefit of individualized device certificates installed at the time of manufacture which ensure that accessing protected media content in digital rights management is only performed by the authorized user.

	Claims 15 and 16 are rejected under 35 U.S.C. 103 as being unpatentable over the combination of Orsini/Jain as applied to Claim 14 above, and further in view of Messner et al. (NPL – “Guest Editorial”) hereinafter referred to as “Messner”.
Regarding Claim 15:
	The combination of references Orsini/Jain discloses Claim 14.
	Messner discloses the following limitation not taught by the combination of references Orsini/Jain:
	wherein the operational metric is read latency (Page 153, Col. 1, Par. 3, the challenge of disk drives technology development is to maintain a 60% annual density growth rate, while increasing data transfer rate and reducing latency. Latency is the average time that it takes a drive to retrieve a piece of data (operational metric is read latency)). The combination of Orsini/Jain disclose incorporating operational metrics into device certificates but do not disclose specific operational metrics such as read latency. Messner discloses however that latency is an important operational metric for hard disk drives, i.e. storage devices. Messner further teaches that is so important that the critical challenge of developing the technology revolves around reducing the latency, so incorporating such a metric in the device certificate would have the benefit of assessing the performance of the storage device. 

	The combination of references Orsini/Jain and reference Messner are considered to be analogous art because they all relate to the performance of storage devices. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the storage device of Orsini/Jain with the operational metric of read latency of Messner in order to gain the benefit of having a device certificate which contains pertinent information to assessing the storage device’s performance. 

Regarding Claim 16:
	The combination of references Orsini/Jain discloses Claim 14.
	Messner discloses the following limitation not taught by the combination of references Orsini/Jain: 
	wherein the operational metric is measured fly height (Page 154, Col 2, Par. 3, other aspects of the disk drive require careful design, analysis, and experimental verification to account for complex
suspension, slider, and air bearing interface dynamics. Among them, maintaining the fly height is very important for reading and writing data, and achieving ultrahigh linear bit densities (operational metric is measured fly height)). The combination of Orsini/Jain do not disclose specific operation metrics such as read latency. Messner discloses however that fly height is also an important operational metric for hard disk drives, i.e. storage devices. Messner further teaches that “low fly height is necessary to achieve ultrahigh linear bit storage densities” (Page 153, Col. 1, Par. 2), so incorporating such a metric in the device certificate would have the benefit of assessing the performance of the storage device. 

	The combination of references Orsini/Jain and reference Messner are considered to be analogous art because they all relate to the performance of storage devices. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the storage device of Orsini/Jain with the operational metric of read latency of Messner in order to gain the benefit of having a device certificate which contains pertinent information to assessing the storage device’s performance.

	Claims 18-20 are rejected under 35 U.S.C. 103 as being unpatentable over Orsini and further in view of Venkatesan (U.S. Pub. No. 2015/0381594 A1) hereinafter referred to as “Venkatesan”. 
Regarding Claim 18:
	Claim 18 recites identical limitations which correspond to those of method Claim 6. Therefore, the same reasons for anticipation by Orsini used previously in Claim 6 are used here for the respective limitations of Claim 18. However, Claim 18 further recites the following limitations which are disclosed by Venkatesan:
	detecting an imminent detachment of the data storage device from the distributed data system (Par. [0039], control next passes to diamond 390 to determine whether the reservation time has ended. If so, control passes to block 395 where the user device may be disconnected from the paired devices). Orsini does not disclose what happens when the data storage device is detached. Venkatesan however teaches a reservation system for connecting between user devices and enterprise devices, which include network attached storage devices. When the system of Venkatesan detects that the reservation time is over, it disconnects the device from the system which constitutes an imminent detachment from the system.
	and removing the secure identifier as a requirement for data storage device access and control with the handshake module (Par. [0039], furthermore, the credential may be revoked from the user device. This revocation may be effected by deleting the credential present in the credential storage of the user device such that the device is no longer enabled or allowed to access the enterprise devices in the context of the now concluded reservation). Furthermore, in response to this detachment, the system of Venkatesan deletes the credential from the user device, thereby removing the identifier as a requirement for access to the data storage device, as the reservation is no longer valid. Venkatesan further teaches that such a reservation system has the benefit of “providing secure and seam less access to protected computing systems” (Par. [0001]).
	
	References Orsini and Venkatesan are considered to be analogous art because they both relate to authentication of network attached storage devices. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the storage device of Orsini with the reservation system of Venkatesan in order to gain the benefit of increased security by limiting access to a per-use basis (Par. [0014], a secure device is an enterprise device that is configured with a credential on a per use basis).  

Regarding Claim 19:
	The combination of references Orsini/Venkatesan discloses Claim 18.
	Venkatesan further discloses the following limitation:
	wherein a detach circuit of the provenance module removes the secure identifier to terminate the trusted relationship with the host and enable a new trusted relationship to be created (Par. [0039], furthermore, the credential may be revoked from the user device. This revocation may be effected by deleting the credential present in the credential storage of the user device such that the device is no longer enabled or allowed to access the enterprise devices in the context of the now concluded reservation (wherein a detach circuit of the provenance module removes the secure identifier to terminate the trusted relationship with the host); Par. [0014], the credentials assigned to the secure device are revoked and new credentials are assigned, if needed (enable a new trusted relationship to be created)). As argued above, the system of Venkatesan removes the secure identifier altogether to terminate the reservation. The same reasons for combination/motivation of references used in Claim 18 are used here. 

Regarding Claim 20:
	The combination of references Orsini/Venkatesan discloses Claim 18.
	Orsini further discloses the following limitation:
	wherein the handshake module allowing a single trusted relationship between the data storage device and host (Par. [0102], the communications to the authentication engine comprise secure communications (wherein the handshake module allowing a single trusted relationship between the data storage device and host), such as, for example, SSL technology). Claim 18 previously disclosed that there is a trusted relationship between the storage device and host. Under the broadest reasonable interpretation, “forming a trusted relationship” inherently includes “allowing a single trusted relationship” as the former claim implies that a singular trusted relationship is formed and hence is allowable. The same reasons for combination/motivation of references used in Claim 18 are used here. 

Related Art
	The following prior art made of record and cited on PTO-892, but not relied upon, is considered pertinent to applicant’s disclosure: 
Triantafillou et al. (U.S. Pub. No. 2012/0117348 A1) – Includes methods related to authorizing access to a storage device
Gill et al. (U.S. Pub. No. 2003/0051135 A1) – Includes methods regarding secure transmission of data with network attached storage devices
Teegavarapu et al. (U.S. Pub. No. 2017/0262626 A1) – Includes methods related to authenticating a storage device

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ETHAN V VO whose telephone number is (571)272-2505. The examiner can normally be reached M-F 8am-5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn Feild can be reached on (571)272-2092. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.