DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.



Claims 1-20 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.

The term “common to” in claim 1 and the term “commonly” in claims 14 and 20 is a relative term which renders the claim indefinite. The terms “common to" and "commonly” are not defined by the claim, the specification does not provide a standard for ascertaining the requisite degree, and one of ordinary skill in the art would not be reasonably apprised of the scope of the invention. While [00120] of the supplied disclosure provides some examples of what Applicant considers data that is frequently included in header segments, and is thus common to or commonly included in header segments, the given list is not a definitive list as it only “may” include these items, which means it “may” also include other, undisclosed items. Depending on the communication method selected from the non-exhaustive list in [0062], the contents in the basic header segment change. Are only the ones that are used in every communication method considered common? Perhaps only the data items shared between at least 3 of the communication methods are considered common. For the purposes of examination, the term “common to” in claim 1 and the term “commonly” in claims 14 and 20 will be interpreted as any data in a header that is not specifically taught as being unique to the particular device being taught by the reference.

Claim 6 recites the limitation "the nonvolatile memory device".  There is insufficient antecedent basis for this limitation in the claim. Neither claims 1 or 4, in which claim 6 is directly or indirectly dependent upon, has claimed a nonvolatile memory device, thus it is unclear what is the nonvolatile memory device. For the purposes of examination, the term “the nonvolatile memory” will be interpreted as “a nonvolatile memory”.

Claim 7 recites the limitation "the volatile memory device".  There is insufficient antecedent basis for this limitation in the claim. Neither claims 1, or 6, in which claim 7 is directly or indirectly dependent upon, has claimed a volatile memory device, thus it is unclear what is the volatile memory device. For the purposes of examination, the term “the volatile memory” will be interpreted as “a volatile memory”.

Claims 12 and 20 recites the limitation "the external host".  There is insufficient antecedent basis for this limitation in the claim. While claims 1 and 14 have recited a host, neither claims 1 or 14, in which claims 12 or 20 is indirectly dependent upon, has claimed an external host, thus it is unclear what is the external host. For the purposes of examination, the term “the external host” will be interpreted as “the host”.

Claim 15 recites the limitation "the protected memory block".  There is insufficient antecedent basis for this limitation in the claim. Claim 14 recites a replay protection block and does not claim a protected memory block, thus it is unclear what is the protected memory block. For the purposes of examination, the term “the protected memory block” will be interpreted as “the replay protection block”.

As dependent claims 2-13 and 15-19 are directly or indirectly dependent upon rejected claim 1 or 14 above, dependent claims 2-13 and 15-19 are also rejected under 35 U.S.C. 112(b) as indefinite.


Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless – (a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.



Claim(s) 1-8, 10-11, 14-17 is/are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Samsonov et al (US 2016/0379015 A1) hereinafter referred to as Samsonov.

Regarding claim 1, Samsonov teaches A data storage device comprising:
 a memory device including a protected memory block that is protected by a security protocol (Samsonov Fig. 2 trusted storage environment 208; [0027] "The client code set 202 may use the client secret symmetric key 212 to create a hash message authentication code signature to associate with any read or write request sent to the trusted storage environment 208"; the system of Samsonov utilizes various authentication measures (security protocol) to protect the trusted storage environment 208 (memory device including a protected memory block)); and
 a memory controller configured to receive a command protocol component associated with the security protocol including a host side protection message requesting data from a host to be written in the protected memory block (Samsonov [0018] "a trusted platform module (TPM) 160"; [0022] "The trusted platform module 160 may be configured to act as a trusted client environment for maintaining a trusted counter and a secret key";), 
 perform an authentication operation on the protected memory block using a host message authentication code included in the host side protection message (Samsonov [0017] "The virtual replay protected storage system may encode a hash message authentication code signature based on the trusted counter, the secret key, and a data set. The virtual replay protected storage system may send a write request of the data set associated with the hash message authentication code signature to an agnostic data storage. The virtual replay protected storage system may send a read request for the data set with the hash message authentication code signature from the agnostic data storage. The virtual replay protected storage system may verify the hash message authentication code signature to determine whether the data set has been corrupted"), and store data from the host according to a result of the authentication operation (Samsonov [0047] "The agnostic data storage may store a data set sent in the write request from the client code set (Block 1106)"),
wherein the command protocol component comprises:
a basic header segment common to protocol components transmitted between the host and the memory controller (Samsonov Fig. 5; [0034] "The agnostic data storage may associate a primary header instance 502 and a successor header instance 504 with a data set 506"; Fig. 5 displays many generic data items seen in headers);
 a transaction specific field including a value for identifying a type of the protocol components (Samsonov Fig. 5 HMAC 520); and
 an additional header segment that is a header segment different from the basic header segment and is configured to include the host side protection message (Samsonov Fig. 5 Counter Value +1 526; [0034] "The agnostic data storage may associate a primary header instance 502 and a successor header instance 504 with a data set 506").

Independent claim 14 has substantially the same scope and limitations as claim 1 as it is the corresponding second Device claim. While claim 14 recites a “replay protection block” instead of claim 1’s “protected memory block”, [0044] and [0045] of the supplied disclosure states that a “replay protection block” is merely a type of “protected memory block” that utilizes a security protocol, such as the security protocol of Samsonov. Therefore, claim 14 is rejected under 35 U.S.C. 102(a)(1) for at least the same reasons as above.

Regarding claim 2, Samsonov teaches The data storage device of claim 1, wherein the protected memory block comprises: an authentication key storage configured to store an authentication key for authenticating access to the protected memory block (Samsonov Fig. 2 Storage key 214); a write counter configured to store a write count value obtained by counting a number of successful write operations storing data in the protected memory block (Samsonov Fig. 2 Counter 216; [0028] "The trusted storage environment 208 may have a persistent trusted counter 216 that is incremented upon each successful write to prevent use of a replay attack");  a result register configured to store a result obtained by performing an operation on the protected memory block (Samsonov [0043] "The client code set may verify the hash message authentication code signature to determine whether the data set has been corrupted (Block 712). If the verification indicates the data has been corrupted (Block 714), the client code set may mark the data set as corrupt (Block 716). If the verification indicates the data has not been corrupted (Block 714), the client code set may mark the data set as usable (Block 718)"); and a protected memory block data area configured to store the data from the host to be written to the protected memory block (Samsonov [0047] "The agnostic data storage may store a data set sent in the write request from the client code set (Block 1106)").

Dependent claim 15 has substantially the same scope and limitations as claim 2 as it is the corresponding second Device claim. Therefore, claim 15 is rejected under 35 U.S.C. 102(a)(1) for at least the same reasons as above.

Regarding claim 3, Samsonov teaches The data storage device of claim 2, wherein the memory controller comprises: an authentication manager configured to perform the authentication operation and output a result of the authentication operation (Samsonov [0028] "Both the client code set 202 and the data storage 206 may detect and reject any data which is a replay of previously exchanged data"); and an access controller configured to control the protected memory block based on the result of the authentication operation (Samsonov [0028] "Both the client code set 202 and the data storage 206 may detect and reject any data which is a replay of previously exchanged data"),  and the host side protection message comprises authentication data including the host message authentication code and metadata (Samsonov Fig. 5 HMAC 520; [0036] "The primary header instance 502 may store the hash message authentication code signature 520. The primary header instance 502 may store a spare sector list 522, of fixed or variable length, describing the physical addresses of the spare sectors 510. The primary header instance 502 may store a 32-bit cyclic redundancy check (CRC) digest 524 for the data set 506. A 32-bit cyclic redundancy check digest 524 is a value based on a common error-detecting code that indicates whether the data set 506 has been changed").

Dependent claim 16 has substantially the same scope and limitations as claim 3 as it is the corresponding second Device claim. Therefore, claim 16 is rejected under 35 U.S.C. 102(a)(1) for at least the same reasons as above.

Regarding claim 4, Samsonov teaches The data storage device of claim 3, wherein the authentication manager comprises: a device message authentication code calculator configured to generate a device message authentication code using the metadata and the authentication key (Samsonov [0027] "To prevent such an attack, the trusted client environment 204 may protect a client secret symmetric key 212. The client code set 202 may use the client secret symmetric key 212 to create a hash message authentication code signature to associate with any read or write request sent to the trusted storage environment 208"; [0035] "The primary header instance 502 may contain a sector hash message authentication code (HMAC) signature 512 for each individual data sector 508. The primary header instance 502 may introduce a level of indirection between a logical sector number and a physical sector address. The data structure for the sector hash message authentication code signature 512 may be addressed based on the logical sector number and the physical sector address"); and a message authentication code comparator configured to generate the result of the authentication operation indicating whether the host message authentication code matches the device message authentication code (Samsonov [0028] "Both the client code set 202 and the data storage 206 may detect and reject any data which is a replay of previously exchanged data").

Dependent claim 17 has substantially the same scope and limitations as claim 4 as it is the corresponding second Device claim. Therefore, claim 17 is rejected under 35 U.S.C. 102(a)(1) for at least the same reasons as above.
Regarding claim 5, Samsonov teaches The data storage device of claim 4, wherein the message authentication code calculator generates the device message authentication code using a secure hash algorithm based on the metadata and the authentication key (Samsonov [0027] "To prevent such an attack, the trusted client environment 204 may protect a client secret symmetric key 212. The client code set 202 may use the client secret symmetric key 212 to create a hash message authentication code signature to associate with any read or write request sent to the trusted storage environment 208"; [0035] "The primary header instance 502 may contain a sector hash message authentication code (HMAC) signature 512 for each individual data sector 508. The primary header instance 502 may introduce a level of indirection between a logical sector number and a physical sector address. The data structure for the sector hash message authentication code signature 512 may be addressed based on the logical sector number and the physical sector address";).

Dependent claim 18 has substantially the same scope and limitations as claim 5 as it is the corresponding second Device claim. Therefore, claim 18 is rejected under 35 U.S.C. 102(a)(1) for at least the same reasons as above.

Regarding claim 6, Samsonov teaches The data storage device of claim 4, wherein the access controller controls the nonvolatile memory device to store the write data in the protected memory block based on the result of the authentication operation indicating that the host message authentication code matches the device message authentication code (Samsonov [0043] "If the verification indicates the data has been corrupted (Block 714), the client code set may mark the data set as corrupt (Block 716). If the verification indicates the data has not been corrupted (Block 714), the client code set may mark the data set as usable (Block 718)"; [0047] "The agnostic data storage may store a data set sent in the write request from the client code set (Block 1106)"; [0021] "The data storage 140 may include any type of tangible machine-readable medium, such as, for example, magnetic or optical recording media, such as a digital video disk, and its corresponding drive").

Regarding claim 7, Samsonov teaches The data storage device of claim 6, wherein the access controller controls the volatile memory device to increase a current write count value stored in the write counter, store the increased write count value in the write counter (Samsonov [0020] "The memory 130 may be a random access memory (RAM) or another type of dynamic data storage that stores information and instructions for execution by the processor 120…The memory 130 is additionally configured to maintain a spare sector list describing a spare sector in a primary header instance. The memory 130 is further configured to associate a successor header instance with the data set having a successor hash message authentication code signature based on an incremented trusted counter value"), and store, in the result register, a result code indicating that a write operation for the protected memory block is successful (Samsonov [0043] "The client code set may verify the hash message authentication code signature to determine whether the data set has been corrupted (Block 712). If the verification indicates the data has been corrupted (Block 714), the client code set may mark the data set as corrupt (Block 716). If the verification indicates the data has not been corrupted (Block 714), the client code set may mark the data set as usable (Block 718)").

Regarding claim 8, Samsonov teaches The data storage device of claim 7, wherein the access controller generates a device side protection message including the device message authentication code (Samsonov Fig. 5; [0043] "The client code set may receive a read response having the data set and associated header conveying the hash message authentication code signature from the agnostic data storage (Block 708)"; while most of the examples given are of client generated headers (host), here Samsonov is teaching that the data storage device can also generate the same headers), the increased write count value (Samsonov [0037] "The successor header instance 502 may store an incremented counter value 526 one greater than the present counter value 518 of the primary header instance 502, indicating that a write operation has occurred"),  an address storing the write data (Samsonov [0035] "The data structure for the sector hash message authentication code signature 512 may be addressed based on the logical sector number and the physical sector address"), the result code (Samsonov [0043] "mark the data set as usable (Block 718)"), and information indicating a response corresponding to the command protocol component (Samsonov [0046] "The client code set may receive a write response (Block 1016)"; [0043] "The client code set may receive a read response").
Regarding claim 10, Samsonov teaches The data storage device of claim 4, wherein the access controller controls the memory device to store, in the result register, a result code indicating that a write operation for the protected memory block is failed, based on a result of an authentication operation indicating that the host message authentication code does not match the device message authentication code (Samsonov [0043] "If the verification indicates the data has been corrupted (Block 714), the client code set may mark the data set as corrupt (Block 716). If the verification indicates the data has not been corrupted (Block 714), the client code set may mark the data set as usable (Block 718)";).

Regarding claim 11, Samsonov teaches The data storage device of claim 10, wherein the access controller generates a device side protection message including the device message authentication code (Samsonov Fig. 5; [0043] "The client code set may receive a read response having the data set and associated header conveying the hash message authentication code signature from the agnostic data storage (Block 708)"; while most of the examples given are of client generated headers (host), here Samsonov is teaching that the data storage device can also generate the same headers), a current write count value stored in the write counter (Samsonov [0037] "The successor header instance 502 may store an incremented counter value 526 one greater than the present counter value 518 of the primary header instance 502, indicating that a write operation has occurred"; if the write operation failed, then the successor header instance 502 will not increment, and thus be equal to the counter value in the primary header instance 502),  an address where data storage of the write data is failed (Samsonov [0035] "The data structure for the sector hash message authentication code signature 512 may be addressed based on the logical sector number and the physical sector address"), the result code (Samsonov [0043] "mark the data set as usable (Block 718)"), and information indicating a response corresponding to the command protocol component (Samsonov [0046] "The client code set may receive a write response (Block 1016)"; [0043] "The client code set may receive a read response").


Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 13, 19, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Samsonov in view of Powell III (US 10491569 B1) hereinafter referred to as Powell.
	Regarding claim 13, Samsonov teaches The data storage device of claim 1, however Samsonov does not explicitly teach wherein the basic header segment includes a total additional header segment length indicating a length of the additional header segment.
Powell teaches wherein the basic header segment includes a total additional header segment length indicating a length of the additional header segment (Powell Col. 8 Lines 64-67 and Col. 9 Lines 1-8, "For example, internal data packet 430 may include header fields for start of message (SOM) 432, length 434, security domain (SD) tag 436, open network destination MAC 438, internal (Int) initialization vector 440 (or nonce), internal (Int) hash-keyed message authentication code (HMAC) 442, end of message (EOM) 444, and interframe gap (IFG) 446. Note that the example frame for internal data packet 430 assumes both internal authentication (Int HMAC 442) and internal encryption (Int Vector 440) are being used. In some embodiments, the frame for internal data packet 430 may also include a replay protection tag and/or a quality of service value for internal traffic management").
As Samsonov and Powell are both in a similar field of endeavor of secure memory control, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the invention to modify the Primary header of Samsonov with the Length fields of Powell. One of ordinary skill in the art would have been motivated to make this modification because including the length of the header message as part of the header is a well-known and routine method of improving the processing speed of the header and basic verification that the message was received whole. If the receiving device knows how many bits are expected in each part of the message, the device can more quickly parse the message into its constituent parts. Further, this also allows the receiving device to verify that no bits where lost in the transmission. As this is a well-known and routine action, a person of ordinary skill in the art would have a reasonable chance of success to include a length field in the header for the various portions of the header.

Regarding claim 19, Samsonov teaches The data storage device of claim 14, however Samsonov does not explicitly teach wherein the basic header segment includes a total length of the additional header segment indicating a length of the additional header segment.
Powell teaches wherein the basic header segment includes a total length of the additional header segment indicating a length of the additional header segment (Powell Col. 8 Lines 64-67 and Col. 9 Lines 1-8, "For example, internal data packet 430 may include header fields for start of message (SOM) 432, length 434, security domain (SD) tag 436, open network destination MAC 438, internal (Int) initialization vector 440 (or nonce), internal (Int) hash-keyed message authentication code (HMAC) 442, end of message (EOM) 444, and interframe gap (IFG) 446. Note that the example frame for internal data packet 430 assumes both internal authentication (Int HMAC 442) and internal encryption (Int Vector 440) are being used. In some embodiments, the frame for internal data packet 430 may also include a replay protection tag and/or a quality of service value for internal traffic management").
As Samsonov and Powell are both in a similar field of endeavor of secure memory control, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the invention to modify the Primary header of Samsonov with the Length fields of Powell. One of ordinary skill in the art would have been motivated to make this modification because including the length of the header message as part of the header is a well-known and routine method of improving the processing speed of the header and basic verification that the message was received whole. If the receiving device knows how many bits are expected in each part of the message, the device can more quickly parse the message into its constituent parts. Further, this also allows the receiving device to verify that no bits where lost in the transmission. As this is a well-known and routine action, a person of ordinary skill in the art would have a reasonable chance of success to include a length field in the header for the various portions of the header.

Regarding claim 20, Samsonov teaches The data storage device of claim 16, wherein the response protocol component includes a basic header segment commonly included in protocol components transmitted and received between the external host and the memory controller (Samsonov Fig. 5; [0034] "The agnostic data storage may associate a primary header instance 502 and a successor header instance 504 with a data set 506"; Fig. 5 displays many generic data items seen in headers), however Samsonov does not explicitly teach 15and wherein the basic header segment includes a total length of the additional header segment indicating a length of an additional header segment included in the response protocol component.
Powell teaches and wherein the basic header segment includes a total length of the additional header segment indicating a length of an additional header segment included in the response protocol component (Powell Col. 8 Lines 64-67 and Col. 9 Lines 1-8, "For example, internal data packet 430 may include header fields for start of message (SOM) 432, length 434, security domain (SD) tag 436, open network destination MAC 438, internal (Int) initialization vector 440 (or nonce), internal (Int) hash-keyed message authentication code (HMAC) 442, end of message (EOM) 444, and interframe gap (IFG) 446. Note that the example frame for internal data packet 430 assumes both internal authentication (Int HMAC 442) and internal encryption (Int Vector 440) are being used. In some embodiments, the frame for internal data packet 430 may also include a replay protection tag and/or a quality of service value for internal traffic management").
As Samsonov and Powell are both in a similar field of endeavor of secure memory control, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the invention to modify the Primary header of Samsonov with the Length fields of Powell. One of ordinary skill in the art would have been motivated to make this modification because including the length of the header message as part of the header is a well-known and routine method of improving the processing speed of the header and basic verification that the message was received whole. If the receiving device knows how many bits are expected in each part of the message, the device can more quickly parse the message into its constituent parts. Further, this also allows the receiving device to verify that no bits where lost in the transmission. As this is a well-known and routine action, a person of ordinary skill in the art would have a reasonable chance of success to include a length field in the header for the various portions of the header.


Allowable Subject Matter
Claims 9 and 12 would be allowable if rewritten to overcome the rejection(s) under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), 2nd paragraph, set forth in this Office action and to include all of the limitations of the base claim and any intervening claims.
The following is an examiner’s statement of reasons for allowance: While Samsonov teaches that either the client or the storage device can generate the various headers, Samsonov does not teach that when the storage device generates header data, it is then placed the secondary header. Powell does not cure this deficiency, and this feature does not appear to be taught by any other art before the effective filing date of the invention.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”


Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DUSTIN B FULFORD whose telephone number is (571)272-7229. The examiner can normally be reached M-Th 9am-3pm EST.

Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, David Yi can be reached on (571) 270-7519. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.

Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/D.B.F./Examiner, Art Unit 2132                                                                                                                                                                                                        
/DAVID YI/Supervisory Patent Examiner, Art Unit 2132