Notice of Pre-AIA  or AIA  Status
1.	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Election/Restrictions
2.    NO restrictions warranted at initial time of filing for patent.
 
Information Disclosure Statement
3.    The information disclosure statement (IDS) submitted on 07/31/2020, the submission is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.

Oath/Declaration
4.    Applicant’s Oath was filed on 07/31/2020.

Drawings
5.    Applicant’s drawings filed on 07/31/2020 has been inspected and is in compliance with MPEP 608.01.
Specification
6.    Applicant’s specification filed on 07/31/2020 has been inspected and is in compliance with MPEP 608.02.
Claim Objections
7.    NO objections warranted at initial time of filing for patent.

Remarks
8.	Examiner request Applicant review relevant prior art under the conclusion of this office action.

EXAMINER'S AMENDMENT
9.	An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.

10.	Authorization for this examiner’s amendment was given in an interview with Yen-Kai (Eldwin) Hseu on 03/31/2022.

The application has been amended as follows: 
 (Currently Amended) A method for storing encrypted data in a non-volatile storage device, comprising:
receiving, by a processor, an indication of a power interruption event;
disabling, based on the indication, decryption of encrypted data read from a volatile memory module; [[and]]
initiating copying of the encrypted data from the volatile memory module to the non-volatile storage device; and 
after initiating the copying of the encrypted data from the volatile memory module to the non-volatile storage device:
receiving a second indication of a power recovery event;
disabling, based on the second indication, encryption of data written to the volatile memory module;
initiating copying the encrypted data from the non-volatile storage device to the volatile memory module.
(Original) The method of claim 1, wherein disabling the decryption of encrypted data comprises:
modifying an address association table to indicate that the encrypted data on the volatile memory module is unencrypted.
(Cancelled)

(Currently Amended) The method of claim [[3]]1, wherein initiating copying of the encrypted data from the non-volatile storage device to the volatile memory module comprises:
copying the encrypted data from the volatile memory module to cache; and
copying the encrypted data from the cache to the non-volatile storage device.

(Currently Amended) The method of claim [[3]]1, wherein initiating copying of the encrypted data from the non-volatile storage device to the volatile memory module comprises:
sending a copy command to the non-volatile storage device, wherein the copy command instructs the non-volatile storage device to copy the encrypted data from the volatile memory module to the non-volatile storage device.
(Currently Amended) The method of claim [[3]]1, wherein disabling the encryption of data comprises:
modifying an address association table to indicate that the encrypted data is to not be encrypted.
(Currently Amended) The method of claim [[3]]1, further comprising:
after initiating copying the encrypted data from the non-volatile storage device to the volatile memory module:
modifying an address association table to indicate that the encrypted data on the volatile memory module is encrypted.
(Original) The method of claim 1, wherein the power interruption event is a loss of continuous external power.

(Original) The method of claim 8, wherein after receiving the indication of power interruption event, a capacitor provides power to the processor and the volatile memory module.
(Original) The method of claim 1, wherein initiating copying of the encrypted data from the volatile memory module to the non-volatile storage device comprises:
copying the encrypted data from the volatile memory module to cache; and
copying the encrypted data from the cache to the non-volatile storage device.
(Original) The method of claim 1, wherein initiating copying of the encrypted data from the volatile memory module to the non-volatile storage device comprises:
sending a copy command to the non-volatile storage device, wherein the copy command instructs the non-volatile storage device to copy the encrypted data from the volatile memory module to the non-volatile storage device.
(Currently Amended) A non-transitory computer readable medium comprising instructions which, when executed by a computer processor, enables the computer processor to perform a method for storing encrypted data in a non-volatile storage device, comprising:
receiving, by a processor, an indication of a power interruption event;
disabling, based on the indication, decryption of encrypted data read from a volatile memory module;
initiating copying of the encrypted data from the volatile memory module to the non-volatile storage device; and 
after initiating the copying of the encrypted data from the volatile memory module to the non-volatile storage device:
receiving a second indication of a power recovery event;
disabling, based on the second indication, encryption of data written to the volatile memory module; and
initiating copying the encrypted data from the non-volatile storage device to the volatile memory module.
(Original) The non-transitory computer readable medium of claim 12, wherein disabling the decryption of encrypted data comprises:
modifying an address association table to indicate that the encrypted data on the volatile memory module is unencrypted.
(Cancelled)

(Currently Amended) The non-transitory computer readable medium of claim [[14]]12, wherein initiating copying of the encrypted data from the non-volatile storage device to the volatile memory module comprises:
copying the encrypted data from the volatile memory module to cache; and
copying the encrypted data from the cache to the non-volatile storage device.
(Currently Amended) The non-transitory computer readable medium of claim [[14]]12, wherein initiating copying of the encrypted data from the non-volatile storage device to the volatile memory module comprises:
sending a copy command to the non-volatile storage device, wherein the copy command instructs the non-volatile storage device to copy the encrypted data from the volatile memory module to the non-volatile storage device.
(Currently Amended) The non-transitory computer readable medium of claim [[14]]12, further comprising:
after initiating copying the encrypted data from the non-volatile storage device to the volatile memory module:
modifying an address association table to indicate that the encrypted data on the volatile memory module is encrypted.
(Original) The non-transitory computer readable medium of claim 12, wherein initiating copying of the encrypted data from the volatile memory module to the non-volatile storage device comprises:
copying the encrypted data from the volatile memory module to cache; and
copying the encrypted data from the cache to the non-volatile storage device.
(Original) The non-transitory computer readable medium of claim 12, wherein initiating copying of the encrypted data from the volatile memory module to the non-volatile storage device comprises:
sending a copy command to the non-volatile storage device, wherein the copy command instructs the non-volatile storage device to copy the encrypted data from the volatile memory module to the non-volatile storage device.
(Currently Amended) A node, comprising:
a non-volatile storage device;
a volatile memory module;
a processor, wherein the processor is configured to perform a method for storing encrypted data in the non-volatile storage device, comprising:
receiving, by the processor, an indication of a power interruption event;
disabling, based on the indication, decryption of encrypted data read from the volatile memory module; [[and]]
initiating copying of the encrypted data from the volatile memory module to the non-volatile storage device; and 
after initiating the copying of the encrypted data from the volatile memory module to the non-volatile storage device:
receiving a second indication of a power recovery event;
disabling, based on the second indication, encryption of data written to the volatile memory module; and
initiating copying the encrypted data from the non-volatile storage device to the volatile memory module.



Reasons for Allowance
11.	Claims 1 , 2, 4-13, and 15-20 including all of the limitations of the base claim and any intervening claims are allowed.

Closest Prior Art:
U.S. Publication No. 20120274351 discloses on paragraph 0023 “One advantage of disabling the decryption engine is that side-channel attacks on the decryption engine (such as simple power analysis (SPA) or differential power analysis (DPA)) may be prevented, since such attacks typically require the decryption engine to be exercised. In particular, even if the main power supply of PLD 100 is interrupted before the volatile battery-backed key is fully cleared, disabling the decryption engine prevents an attacker from accessing the key using side-channel attacks.”

U.S. Publication No. 20170075820 discloses on paragraph 0043 “If an exception occurs while the processor 105 is executing instructions of the secure software module, the processor can be configured to catch the exception and to take steps to clean up the context information representing a current state of the secure software module (or a thread executing the secure software module in a multi-threaded environment), to store an encrypted copy of the context information in a secure memory location, and to stop decryption of the instructions and/or the data of the secure software module An example of such a process is illustrated in FIG. 6, which is discussed in detail below.”

U.S. Publication No. 20120317382 discloses on paragraph 0011 “The module may also include logic to encrypt data copied from the volatile memory to the nonvolatile memory, and to copy encrypted data in the nonvolatile memory to the peripheral I/O bus without decrypting the copied data.”

U.S. Publication No. 20180121674 discloses on paragraph 0040 “It is advantageous, if only volatile storage means are used in the processing area, wherein the access control monitors accesses to the processing area and interrupts the power supply of the processing area upon detection of an unauthorized access such that the volatile storage means of the processing area lose their storage content. Because the data is only present in unencrypted form in the processing area, it is ensured that upon unauthorized access to the processing area, the data in the processing area is deleted and no unencrypted data remains outside the processing area.

	U.S. Patent No. 7028014 discloses Col. 3 Lines 3-21 “In accordance with the invention, a postal security device (PSD) contains a nonvolatile memory which does not depend on battery power, such as an EEPROM, and contains a nonvolatile memory which does depend on battery power, such as a static RAM. The PSD also contains an encryption engine. An encryption key is developed and is stored in the static RAM, which is sized to be only large enough to contain the encryption key. A large body of data, too large to fit in the static RAM, is encrypted by means of the encryption engine and with reference to the encryption key, and is stored in the EEPROM. This body of data typically includes cryptographic keys and sensitive bit-images. When the PSD is powered, a large RAM (typically a dynamic RAM) is available to receive the large body of data, decrypted using the encryption key. A tamper switch cuts power to both RAMs in the event of tampering. In this way, the battery power required to maintain the PSD during power-off periods is minimal, and yet the large body of data will be inaccessible in the event of tampering.”

U.S. Publication No. 20090187704 discloses on paragraph 0033 “Once the PCI memory 208 is partitioned and/or the encryption keys are loaded into the decryption controller 218, the PCI secure processor 210 may issue an interrupt into the PC software driver 204. The PC software driver 204 may then read out, from the PC hard-drive 202, the encrypted processor execution codeset 226. The PC software driver 204 and/or the memory controller 216 may enable loading the encrypted processor execution codeset 226, via the PCI bus 224, into the accessible region 220 of the PCI memory 208. The decryption controller 218 may then copy out the encrypted processor execution codeset 226 from the accessible region 220, and may perform decryption operation, utilizing loaded encryption keys from the PCI secure processor 210 for example, and may load the decrypted code into the restricted region 222. Consequently, potential exposure of the processor execution codeset 226 may be reduced during potential security breaches because the PC software driver 204 may be unable to access the decrypted processor execution codeset 226 once it is stored back into the restricted region 222. The PCI secure processor 210 may validate the decrypted processor execution codeset 226, and in instances where the decrypted processor execution codeset 226 may be determined to be valid, the PCI secure processor 210 may take the PCI main processor 212 from reset. Once the PCI main processor 212 is released from reset, the PCI main processor 212 may load the decrypted processor execution codeset 226 from the restricted region, and/or may utilize the processor execution codeset 226 to perform operations and/or functionality that may requested, in the PC system 200, via the PCI-slave device 206.”

 	The following is an Examiner’s Statement of Reasons for Allowance: 
 	Claims 1 , 2, 4-13, and 15-20 are allowable over prior art references taken individually or in combination fails to particularly disclose, fairly suggests or render obvious are argued by the applicant which examiner considers persuasive as set forth above
 	Although the prior art discloses receiving, by a processor, an indication of a power interruption event and disabling, based on the indication, decryption of encrypted data , no one or two references anticipates or obviously suggest disabling, based on the indication, decryption of encrypted data read from a volatile memory module and initiating copying of the encrypted data from the volatile memory module to the non-volatile storage device. 
Thereafter, initiating the copying of the encrypted data from the volatile memory module to the non-volatile storage device and receiving a second indication of a power recovery event. Disabling, based on the second indication, encryption of data written to the volatile memory module thereby initiating copying the encrypted data from the non-volatile storage device to the volatile memory module.

 Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to GARY S GRACIA whose telephone number is (571)270-5192. The examiner can normally be reached Monday-Friday 9am-6pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ashok Patel can be reached on 5712723972. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/GARY S GRACIA/Primary Examiner, Art Unit 2499