Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Detail Action
This office action is response to the application 16/809,545 filed on 03/04/2020 and RCE filed on 04/13/2022. Claims 18-20 are canceled which were previously restricted and elected by the applicant without traverse. Claims 1-17 & 21 are pending in this communication.

Priority
This application claims priority from US provisional application 62/964,109 01/21/2020. Priority date has been accepted.

Examiner’s Note
The examiner is requesting the applicant’s representative to provide direct phone number and email address in next communication, which will be very helpful to advance the prosecution.
Generally the text that are italicized are claims; the text that are in bold are reference citations (with some obvious exception); the text which is neither italicized nor bolded are by the examiner.
The Examiner used figures, paragraph and line numbers from the instant application’s pre-grant publication or pdf copy of allowance. In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.

Continued Examination under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 04/13/2022 has been entered.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b) or second paragraph:

(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.

         Dependent claims 2-17 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor regards as the invention.
Independent claim 1 recites the limitation in part “A system … ”. However, the dependent claims 2-17 recites in part “The continuous authentication system …”. Obviously there is a lack of antecedent basis for “The continuous authentication system …” in dependent claims 2-17.

Claim Rejections - 35 USC § 103
The following is a quotation of AIA  35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1 is rejected under AIA  35 U.S.C. 103 as being unpatentable over SHI; Mingjiang et al., Pat. No.: US 9,143,504 B1 in view of BILODI; Prakash et al., Pub. No.: US 2011/0038479 A1 and further in view of SHUMACHER; Ryan Wayne et al, Pub. No.: US 2021/0138982 A1.

Regarding Claim 1, SHI discloses a continuous authentication system, comprising:
…
a first physical connection {Fig. 3 element 140 – ‘In-Band Communication Connection’} between the host {Fig. 3 element 102 ‘Host’} and the storage device {Fig. 3 element 104 – ‘Data Storage System’}, wherein the first physical connection is configured to transfer one or more input/output requests (I/Os) {col. 2 lines 19-24, “The first secure communication connection may be an in band communication connection of a data path for transmitting I/O requests from the host to the data storage system and for providing requested host data that is stored on the data storage system to the host”}; and
a second physical connection between the host and the storage device {Fig. 3 element 150 – ‘Out of Band communication Connection’}, wherein:
the encryption unit is configured to encrypt an authentication signal {col. 17, “The host agent may encrypt information sent to the data storage system using the data storage system's public key”};
the host is configured to transmit the authentication signal through the second physical connection {Fig. 4 & col. 17 lines 28-33, “information provided from the host agent to the data storage system in step 420 over the out of band channel in response to the request from the data storage system may be encrypted such as, for example, through use of public-private keys or other suitable encryption technique”};
the storage device is configured to receive the authentication signal through the second physical connection {col. 2 lines 24-27, “The second communication connection may be an out of band communication connection of a management path used for management requests between the host and the data storage system”}; and
the decryption unit is configured to decrypt the authentication signal {col. 17 lines 40-42, “The data storage system may then decrypt the received encrypted information using its private key (not shared with anyone else)”}.
SHI, however, does not explicitly disclose
a host including an encryption unit; a storage device including a decryption unit;
the storage device is configured to process the one or more I/Os using the first physical connection based on the authentication signal received using the second physical connection.
In an analogous reference BILODI discloses
a host including an encryption unit; a storage device including a decryption unit {[0067], “instead of encryption and decryption occurring at intervening switches, the encryption and decryption may be performed at the storage devices of the SAN 100 that serve as targets, or at the hosts that serve as initiators of SAN requests”};
In an analogous reference SHUMACHER discloses
the storage device is configured to process the one or more I/Os using the first physical connection based on the authentication signal received using the second physical connection {[0043], “Controller 114 may obtain authentication information from, for example, a wired connection formed at electrical connection 112. Controller 114 may obtain authentication information from another physical connection providing the authentication data, … Controller 114 may obtain authentication information … through a wireless connection to remote server 120 and/or one or more portable devices such as, for example, key fob 122, mobile phone 124, and/or maintenance tool 126}.
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify SHI’s technique of ‘out-of-band authentication and encryption system to transfer data to a storage device’ for ‘physically placing encryption device in a transmitting host and physically placing decryption device in a storage device’, as taught by BILODI, and ‘receiving authentication data via another physical interface such as wireless transceiver, as taught by SHUMACHER in order to securely transfer data to a storage device. The motivation is to prevent intrusion of only one communication channel and getting control of both payload data and security metadata. When part of instruction parameters are exchanged over out-of-band communication channel it is difficult for an intruder to successfully hack both in-band and out-of-band communication channel and be successful in data intrusion.
All references are inventions in analogous area but each invention teaches specific claimed limitation specifically and other references mutually cure each other’s deficiencies. When all claimed techniques are combined they teach claimed invention. The Examiner notes that this motivation applies to all dependent and/or otherwise subsequently addressed claims unless addressed separately. 

Allowable subject matter
Claim 21 will be allowable if written in independent form with base system claim 1. The dependent claims which further limit claim 1 also are allowable by virtue of their dependency if the 35 USC 112(b) rejection is overcome. 
Reasons of allowance: what is missing from the prior arts is: a technique of authentication system with reception of authentication signal over an alternative physical interface more than once and determining additional transmissions of authentication signal provide an indication of a secure connection.

Conclusion
Following prior art has been considered but is not applied: 
US 9,578,024 B2 (CHENG; Hui et al.) – Continuous authentic of mobile device users:  a user authentication subsystem 110 embodied in the computing system 100 analyzes and interprets the inputs 128, 130, and identifies therefrom the activity context 132 and biometric signature 134 expressed by one or more of the participants 120, 122 over time and in a substantially continuous fashion.
US 2021/0385653 A1 (SAU; Jonathan Hong-Man et al.) – Cryptographic process for portable devices, and user presence and/or access authorization system and method employing the same: “after a lapse in receipt of said periodic authentication codes resulting in said authenticated user access being terminated, but prior to expiry of said prescribed advertising lifetime, said authenticated user access is reauthorized upon receipt at said network application of a subsequently advertised authentication code encompassing said STSA key”.
US 2021/0176065 A1 (OSAKI; Nobuyuki et al.) – Storage system and data protection method for storage system: “a host to which an authentication key is allocated; and a node, wherein the host is configured to generate encrypted data in which the data is encrypted using a data encryption key, generate an authentication code based on the encrypted data using the authentication key, and transmit the encrypted data and the authentication code to the node, the node is configured to receive the encrypted data and the authentication code that are transmitted from the host, store the encrypted data and the authentication code based on a verification result of the authentication code transmitted from the host, and transmit the encrypted data and the authentication code that are stored to the host, and the host is further configured to receive the encrypted data and the authentication code that are transmitted from the node, and decrypt the encrypted data based on a verification result of the authentication code transmitted from the node”
Any inquiry concerning this communication or earlier communications from the examiner should be directed to QUAZI FAROOQUI whose telephone number is (571) 270-1034. The examiner can normally be reached on M-F 8:30AM-5:00PM. If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, Ashok B. Patel can be reached on 571-272-3972. The fax phone number for Examiner Farooqui assigned is 571-270-2034.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-flee). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/QUAZI FAROOQUI/
Primary Examiner, Art Unit 2491