Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

2.	Claims 1-25 are pending of which claims 1, 11 and 19 are independent.

Drawings
3.	Applicant’s drawings filed on 01/02/2020 has been inspected and it is compliance with MPEP 608.02.

Specification
4.	The specification filed on 01/02/2020 is acceptable for examination proceedings.

Information Disclosure Statement
5.	The information disclosure statement (IDS) submitted on 01/02/2020 and 05/12/2021.  The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.


Internet Communications
6. 	Applicant is encouraged to submit a written authorization for Internet communications (PTO/SB/439,
http://www.uspto.gov/sites/defauit/files/documents/sb0439.pdf) in the instant patent application to authorize the examiner to communicate with the applicant via email. The authorization will allow the examiner to better practice compact prosecution. The written authorization can be submitted via one of the following methods only. (1) Central Fax which can be found in the Conclusion section of this Office action; (2) regular postal mail; (3) EFS WEB; or (4) the service window on the Alexandria campus. EFS web is the recommended way to submit the form since this allows the form to be entered into the file wrapper within the same day (system dependent). Written authorization submitted via other methods, such as direct fax to the examiner or email, will not be accepted. See MPEP § 502.03. 

Claim Rejections – 35 USC §103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

7.	Claims 1-15 are rejected under 35 U.S.C. 103 as being unpatentable over Sreekanti (US Patent No. US 6,370,604 B1, hereinafter refer as to Sreekanti) in view of Sherman et al. (2006/0059346 A1, hereinafter refer as to Sherman). 

Sreekanti provides a storage device in a serial array of storage devices and, more particularly, to the replacement of such a device while the computer to which the array is attached continues to make requests to the array for the storage or retrieval of data.

Sherman provides systems and methods for authenticating a client for access to a business service of a firm and methods of creating a binding between a client's public key and a client identifier are provided.
As per claim 1, 11 and 19, Sreekanti discloses a method for protecting contents in a target storage device that is arranged to be removable from a storage system method comprising: receiving a request to remove the target storage device from the storage system (col. 5, lines 30-33 discloses “… a processor 61 receives a signal from an About To Replace Device Signal Generator 63 that a drive is about to be replaced, for example), the storage system comprising a plurality of storage devices and suspending all read or write operations to the target storage device (col. 5, lines 57-60 discloses “… After all pending data requests are completed, the processor 61 engages a buffer 66 to begin storing all further data requests and, at the same time, defers the performance of all future data requests, as illustrated in a Buffer And Defer Request block 67 in fig. 4, for example). 
Sreekanti failed to explicitly discloses having a unique combination of a system complex key (SCK) and a system identification (SID), each containing the identical combination of system complex key (SCK) and system identification (SID); receiving a system complex key password (SCKP); comparing the system complex key password (SCKP) to the system complex key (SCK) in the storage system; determining whether the system complex key password (SCKP) matches the system complex key (SCK) in the storage system; when the system complex key password (SCKP) matches the system complex key (SCK) in the storage system.  

Sherman discloses having a unique combination of a system complex key (SCK) (para. 0026 discloses data representative of a client password (e.g., a complex password or a hash of a password), for example) and a system identification (SID), each containing the identical combination of system complex key (SCK) (fig. 1 and furthermore para. 0026 discloses security token is RSA's SecurID.RTM.. Each client's database entry may also denote the client's level of access to the various services or features provided by the client services system 110 (e.g., client authorization/entitlement data), for example) and system identification (SID) (para. 0026 discloses client identification data (e.g., client name, contact information, client user name, unique identifier), for example); receiving a system complex key password (SCKP); comparing the system complex key password (SCKP) to the system complex key (SCK) in the storage system (fig. 1 and furthermore para. 0030 discloses the registration/authentication system 102 may yet further verify client identity by checking a complex password or other suitable authentication factor, for example); determining whether the system complex key password (SCKP) matches the system complex key (SCK) in the storage system (fig. 1A and para. 0028, for example); when the system complex key password (SCKP) matches the system complex key (SCK) in the storage system (see claim 22 and furthermore para. 0003 discloses the firm can verify the authenticity of a client request for remote access by requiring the client to enter the security token's current password. If the password entered by the client matches the token's current password, which the firm knows from the algorithm that generated the password, then the firm may be assured that the client request was made by someone in possession of the security token who is likely to be the client, for example). 

 Sreekanti and Sherman are analogues art because they both are directed to methods of creating a binding between a client's public key and a client identifier and one ordinary skill in the art would have had a reasonable expectation of success to modify Sreekanti with Sherman because they are from the same field of endeavor. 

Therefore, it would have been obvious to one ordinary skilled in the art before the effective filling date of applicant’s claimed invention to combine the teachings of Sherman with the teachings of Sreekanti in order for authenticating a client for access to a business service of a firm and methods of creating a binding between a client's public key and a client identifier [Sreekanti: para. 0006].   

As per claim 2 as applied in claim above Sherman as modified by Sreekanti discloses receiving a release complex key password (RCKP) (para. 0026 of Sherman); and unlocking the target storage device from the storage system when the release complex key password (RCKP) is determined to match a release complex key (RCK) for the target storage device (see claim 22 of Sherman and furthermore para. 0003, 0060 of Sherman, for example). 

As per claim 3 as applied in claim above Sherman as modified by Sreekanti discloses redistributing data from the target storage device to one or more of the plurality of storage devices (fig. 1 of Sherman depicted he digital certificate 232 may be stored in a storage medium such as a storage device 126 operatively associated with the client access device 112, for example). 
 
As per claim 4 as applied in claim above Sherman as modified by Sreekanti discloses detecting a triggering event related to the target storage device (fig. 1 of Sherman, for example).

As per claim 5 as applied in claim above Sherman as modified by Sreekanti discloses generating an event notification based on the triggering event (fig. 2 step 206 of Sherman show the registration/authentication system 102 may notify the client 124 that a digital certification authority is ready to issue a certificate, for example). 

As per claim 6 as applied in claim above Sherman as modified by Sreekanti discloses sending the event notification to a communicating device located a security operations center (SOC) or a storage administrator site (fig. 1 of Sherman depicted he registration/authentication system 102 and client access device 112 may communicate with the third-party digital certification authority 122 via the network 114, for example). 

As per claim 7 as applied in claim above Sherman as modified by Sreekanti discloses maintaining all read or write operations to the target storage device when the system complex key password (SCKP) does not match the system complex key (SCK) in the storage system (figs. 1,2A and 6B of Sherman showed the client 124 may be authenticated by comparing the password received, e.g., via the client access device 112, to the password originally communicated to the client 124, for example).  

As per claim 8 as applied in claim above Sherman as modified by Sreekanti discloses receiving a storage device in the storage system (figs. 1and 2 of Sherman show for example, step 202 of Sherman, show the registration/authentication system 102 may receive instructions to issue a digital certificate 232 to a client 124); establishing connectivity between the received storage device and the storage system; accessing a system complex key (SCKSD) (fig. 1 of Sherman show the client 124 may issue the instructions to the registration/authentication system 102 through the client access device 112, for example) and system identification (SIDSD) combination contained in the storage device; comparing the accessed system complex key (SCKSD) (fig. 1 and furthermore para. 0030 of Sherman discloses the registration/authentication system 102 may yet further verify client identity by checking a complex password or other suitable authentication factor, for example) and system identification (SIDSD) combination to the combination of system complex key (SCK) and system identification (SID) for the storage system (fig. 1 and furthermore para. 0026 of Sherman discloses security token is RSA's SecurID.RTM.. Each client's database entry may also denote the client's level of access to the various services or features provided by the client services system 110 (e.g., client authorization/entitlement data), for example); and, determining whether to format the received storage device or place the received storage device online (para. 0070 of Sherman discloses registration/authentication system 102 of the present invention may be implemented by a firm to authenticate clients 124 who attempt to access business services of the firm locally or remotely, for example).  

As per claim 9 as applied in claim above Sherman as modified by Sreekanti discloses placing the storage device online when the accessed system complex key (SCKSD) (fig. 1 of Sherman show the client 124 may issue the instructions to the registration/authentication system 102 through the client access device 112, for example) and system identification (SIDSD) combination contained in the received storage device matches the combination of system complex key (SCK) and system identification (SID) for the storage system (fig. 1 of Sherman and furthermore para. 0030 of Sherman discloses the registration/authentication system 102 may yet further verify client identity by checking a complex password or other suitable authentication factor, for example).  

As per claim 10 as applied in claim above Sherman as modified by Sreekanti discloses formatting the storage device online when the accessed system complex key (SCKSD) (para. 0070 of Sherman discloses registration/authentication system 102 of the present invention may be implemented by a firm to authenticate clients 124 who attempt to access business services of the firm locally or remotely, for example) and system identification (SIDSD) combination contained in the received storage device matches the combination of system complex key (SCK) and system identification (SID) for the storage system (see claim 22 and furthermore para. 0003 discloses the firm can verify the authenticity of a client request for remote access by requiring the client to enter the security token's current password. If the password entered by the client matches the token's current password, which the firm knows from the algorithm that generated the password, then the firm may be assured that the client request was made by someone in possession of the security token who is likely to be the client, for example).

As per claim 12 as applied in claim above Sherman as modified by Sreekanti discloses a system complex key generator arranged to generate said system complex key (SCK) (fig. 2A of Sherman show at step 208A, the registration/authentication system 102 may generate a password to be sent to and then received back from the client 124. The password may be generated in response to a request by an administrative user or by direct request of the client 124. For example, fig. 5D of Sherman shows a UI screen 506 that can be employed by an administrative user to prompt the registration/authentication system 102 to generate a password (e.g., by selecting the button entitled "Generate Password"), for example). 

As per claim 13 as applied in claim above Sherman as modified by Sreekanti discloses a release complex key generator arranged to generate a release complex key (RCK) for the target storage device (para. 0003 of Sherman discloses the firm can verify the authenticity of a client request for remote access by requiring the client to enter the security token's current password. If the password entered by the client matches the token's current password, which the firm knows from the algorithm that generated the password, then the firm may be assured that the client request was made by someone in possession of the security token who is likely to be the client, for example), wherein the security appliance that is arranged to release the target storage device from the storage system when a release complex key password (RCKP) is provisioned that matches the release complex key (RCK) for the target storage device (see claim 22 of Sherman and furthermore para. 0003, 0060 of Sherman, for example). 

As per claim 14 as applied in claim above Sherman as modified by Sreekanti discloses wherein the security appliance comprises a storage device configuration unit arranged to redistribute data from the target storage device to one or more of the plurality of storage devices in the storage system (fig. 1 of Sherman show The access devices 112 may be any type of devices capable of communicating with the registration/authentication system 102 via the network 114 including, for example and without limitation, computer devices (such as PC's, laptops, PDA's, pocket PC's, etc.) having browser software (e.g., Microsoft Internet Explorer) and/or various input/output devices. The access devices 112 may have one or more operatively associated storage devices 126, for example).

As per claim 15 as applied in claim above Sherman as modified by Sreekanti discloses wherein the security appliance comprises an event notification generator that is arranged to detect a triggering event related to the target storage device (fig. 2 step 204 of Sherman involves notifying the third-party digital certification authority 122 that a digital certificate 232 should be issued to the client 124. The registration/authentication system 102 and client access device 112 may communicate with the third-party digital certification authority 122 via the network 114, for example).

As per claim 16 as applied in claim above Sherman as modified by Sreekanti discloses wherein the event notification generator is arranged to generate an event notification based on the triggering event (fig. 2 step 206 of Sherman show the registration/authentication system 102 may notify the client 124 that a digital certification authority is ready to issue a certificate, for example).

As per claim 17 as applied in claim above Sherman as modified by Sreekanti discloses, wherein the security appliance is arranged to maintain all read or write operations to the target storage device when the system complex key password (SCKP) does not match the system complex key (SCK) in the storage system (figs. 1,2A and 6B of Sherman showed the client 124 may be authenticated by comparing the password received, e.g., via the client access device 112, to the password originally communicated to the client 124, for example).  

As per claim 18 as applied in claim above Sherman as modified by Sreekanti discloses wherein the security appliance is included in the storage system, and the storage system is arranged to: receive a storage device; establish connectivity with the received storage device; access a system complex key (SCKSD) (fig. 1 of Sherman show the client 124 may issue the instructions to the registration/authentication system 102 through the client access device 112, for example)  and system identification (SIDSD) combination contained in the storage device; compare the accessed system complex key (SCKSD) (fig. 1 of Sherman show the client 124 may issue the instructions to the registration/authentication system 102 through the client access device 112, for example) and system identification (SIDSD) combination to the combination of system complex key (SCK) and system identification (SID) for the storage system; and, determine whether to format the received storage device or place the received storage device online (para. 0070 of Sherman discloses registration/authentication system 102 of the present invention may be implemented by a firm to authenticate clients 124 who attempt to access business services of the firm locally or remotely, for example).  

As per claim 20 as applied in claim above Sherman as modified by Sreekanti discloses wherein the computer program instructions comprise further steps of: receiving a release complex key password (RCKP) (see claim 22 of Sherman and furthermore para. 0003, 0060 of Sherman, for example); and unlocking the target storage device from the storage system when the release complex key password (RCKP) is determined to match a release complex key (RCK) for the target storage device (see claim 22 of Sherman and furthermore para. 0003, 0060 of Sherman, for example).

As per claim 21 as applied in claim above Sherman as modified by Sreekanti discloses wherein the computer program instructions comprise a further step of: redistributing data from the target storage device to one or more of the plurality of storage devices  (fig. 1 of Sherman show The access devices 112 may be any type of devices capable of communicating with the registration/authentication system 102 via the network 114 including, for example and without limitation, computer devices (such as PC's, laptops, PDA's, pocket PC's, etc.) having browser software (e.g., Microsoft Internet Explorer) and/or various input/output devices. The access devices 112 may have one or more operatively associated storage devices 126, for example).

As per claim 22 as applied in claim above Sherman as modified by Sreekanti discloses wherein the computer program instructions comprise further steps of: detecting a triggering event related to the target storage device; or generating an event notification based on the triggering event  (fig. 2 step 206 of Sherman show the registration/authentication system 102 may notify the client 124 that a digital certification authority is ready to issue a certificate, for example); or sending the event notification to a communicating device located a security operations center (SOC) or a storage administrator site (fig. 2 step 206 of Sherman show the registration/authentication system 102 may notify the client 124 that a digital certification authority is ready to issue a certificate, for example).

As per claim 23 as applied in claim above Sherman as modified by Sreekanti discloses wherein the computer program instructions comprise a further step of: maintaining all read or write operations to the target storage device when the system complex key password (SCKP) does not match the system complex key (SCK) in the storage system (figs. 1,2A and 6B of Sherman showed the client 124 may be authenticated by comparing the password received, e.g., via the client access device 112, to the password originally communicated to the client 124, for example).  

As per claim 24 as applied in claim above Sherman as modified by Sreekanti discloses wherein the computer program instructions comprise further steps of: receiving a storage device in the storage system; establishing connectivity between the received storage device and the storage system (figs. 1and 2 of Sherman show for example, step 202 of Sherman, show the registration/authentication system 102 may receive instructions to issue a digital certificate 232 to a client 124); accessing a system complex key (SCKSD) (fig. 1 of Sherman show the client 124 may issue the instructions to the registration/authentication system 102 through the client access device 112, for example) and system identification (SIDSD) combination contained in the storage device; comparing the accessed system complex key (SCKSD) (fig. 1 and furthermore para. 0030 of Sherman discloses the registration/authentication system 102 may yet further verify client identity by checking a complex password or other suitable authentication factor, for example) and system identification (SIDSD) combination to the combination of system complex key (SCK) and system identification (SID) for the storage system (fig. 1 and furthermore para. 0026 of Sherman discloses security token is RSA's SecurID.RTM.. Each client's database entry may also denote the client's level of access to the various services or features provided by the client services system 110 (e.g., client authorization/entitlement data), for example); and determining whether to format the received storage device or place the received storage device online (para. 0070 of Sherman discloses registration/authentication system 102 of the present invention may be implemented by a firm to authenticate clients 124 who attempt to access business services of the firm locally or remotely, for example).    


As per claim 25 as applied in claim above Sherman as modified by Sreekanti discloses wherein the computer program instructions comprise a further step of: placing the storage device online when the accessed system complex key (SCKSD) (para. 0070 of Sherman discloses registration/authentication system 102 of the present invention may be implemented by a firm to authenticate clients 124 who attempt to access business services of the firm locally or remotely, for example) and system identification (SIDSD) combination contained in the received storage device matches the combination of system complex key (SCK) and system identification (SID) for the storage system (fig. 1 and furthermore para. 0026 of Sherman discloses security token is RSA's SecurID.RTM.. Each client's database entry may also denote the client's level of access to the various services or features provided by the client services system 110 (e.g., client authorization/entitlement data), for example). 

Pertinent Art 
8.	The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Ren et al. (Pub. No.: US 2017/0177507 A1) provide electronic communications, in particular to a data reading/writing method of a dual-system terminal and a dual-system terminal, Alonso Cebrian et al. (Pub. No.: US 2014/0380453 A1) provide  authentication systems, and more particularly to a computer implemented method and computer program products to prevent attacks against user authentication that improve the overall security in an authentication system, minimizing the impact on the usability and deplorability of these systems.

Conclusion
9.	Any inquiry concerning this communication or earlier communications from the examiner should be directed to ABIY GETACHEW whose telephone number is (571)272-6932. The examiner can normally be reached Mon.-Fri. 9:00 AM - 5:30 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kambiz Zand can be reached on (571) 272-3811. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





A.G.
June 17, 2022
/ABIY GETACHEW/Primary Examiner , Art Unit 2434