DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
The claims 1-20 are pending.


Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


Claim(s) 1, 2, 5-7, 9-13, and 15-20 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Bagal et al (US Patent No. 9,660,987 B2).
With respect to claim 1, Bagal teaches an apparatus comprising: at least one processing device (OS 126) comprising a processor coupled to a memory; wherein the at least one processing device is configured: to control delivery of input-output operations from a host device to a storage system over selected ones of a plurality of paths through a network (col. 3, lines 15-31; col. 7, lines 56-67 disclose determining which storage portion the data I/O requests are addressed in the storage pool); to generate a plurality of authentication tokens over time utilizing seed information of the host device (col. 6, line 59-67; col. 7, line 56-col. 9, line 56 disclose generating authentication token utilizing security token (paraphrase, biometrics) provided by MTSS client; and for each of one or more of the input-output operations (for each data I/O request): to incorporate a particular one of the authentication tokens into the input-output operation (col. 6, line 59-67; col. 7, line 56-col. 9, line 56; Fig. 2 disclose embedding generated OS authentication token into data I/O request data); to send the input-output operation to the storage system (col. 6, line 59-67; col. 7, line 56-col. 9, line 56; Fig. 2; Fig. 3 disclose MTTS receiving data I/O request including authentication token); and to receive an indication from the storage system, responsive to the input-output operation sent to the storage system, as to whether or not the authentication token incorporated into the input-output operation matches a corresponding authentication token generated by the storage system (col. 6, line 59-67; col. 7, line 56-col. 9, line 56; Fig. 2; Fig. 3 disclose comparing authentication token 340A that was received in the data I/O request with generated authentication toke 340B to produce an authentication output).

With respect to claim 2, Bagal teaches wherein the at least one processing device comprises at least a portion of the host device (OS 126; Fig. 1 disclose OS 126 as part of MTSS client).

With respect to claim 5, Bagal teaches wherein generating a plurality of authentication tokens over time utilizing seed information of the host device comprises: generating a first plurality of authentication tokens over time for a first application executing on the host device, utilizing first seed information of the host device (col. 4, lines 35-59 disclose generating authentication tokens for application 128 utilizing security tokens); and generating a second plurality of authentication tokens over time for a second application executing on the host device, utilizing second seed information of the host device (col. 5, lines 14-44 disclose generating authentication tokens for application 148 utilizing security tokens).

With respect to claim 6, Bagal teaches wherein incorporating a particular one of the authentication tokens into the input-output operation comprises: identifying a particular one of a plurality of applications, executing on the host device, that generated the input-output operation (col. 4, lines 35-59; col. 5, lines 14-44); determining a current authentication token for the particular application; and incorporating the current authentication token for the particular application into the input-output operation (col. 6, line 59-67; col. 7, line 56-col. 9, line 56; Fig. 2).

With respect to claim 7, Bagal teaches wherein the seed information of the host device is stored in one or more data structures of the storage system and utilized by the storage system in generating the corresponding authentication token for comparison with the authentication token incorporated into the input-output operation sent to the storage system (col. 8, lines 1-14).

With respect to claim 9, Bagal teaches wherein incorporating a particular one of the authentication tokens into the input-output operation comprises generating at least one of a read command and a write command that includes at least a portion of the authentication token (col.4, lines 54-59; col. 7, line 56-col. 9, line 56; Fig. 2 disclose embedding generated OS authentication token into data I/O request data).

With respect to claim 10, Bagal teaches wherein receiving an indication from the storage system as to whether or not the authentication token incorporated into the input-output operation matches a corresponding authentication token generated by the storage system comprises receiving a notification from the storage system that the input-output operation has been executed by the storage system (col. 3, lines 5-10), wherein said notification is indicative of a match between the authentication tokens (col. 3, lines 5-10).

With respect to claim 11, Bagal teaches wherein receiving an indication from the storage system as to whether or not the authentication token incorporated into the input-output operation matches a corresponding authentication token generated by the storage system comprises receiving a notification from the storage system that the input-output operation has not been executed by the storage system (col. 3, lines 5-10), wherein said notification is indicative of an absence of a match between the authentication tokens (col. 3, lines 5-10).

With respect to claim 12, Bagal teaches wherein the authentication token incorporated into the input- output operation is determined to match the corresponding authentication token generated by the storage system responsive to an exact match between the authentication tokens (col. 7, line 56-col. 9, line 56; Fig. 2; Fig. 3).

With respect to claim 13, Bagal teaches wherein the authentication token incorporated into the input- output operation is determined to match the corresponding authentication token generated by the storage system responsive to an approximate match between the authentication tokens within a specified time window (col. 7, line 56-col. 9, line 56; Fig. 2; Fig. 3).

The limitations of claim 15 are rejected in the analysis of claim 1 above, and the claim is rejected on that basis.

The limitations of claim 16 are rejected in the analysis of claim 5 above, and the claim is rejected on that basis.

The limitations of claim 17 are rejected in the analysis of claim 6 above, and the claim is rejected on that basis.

The limitations of claim 18 are rejected in the analysis of claim 1 above, and the claim is rejected on that basis.

The limitations of claim 19 are rejected in the analysis of claim 5 above, and the claim is rejected on that basis.

The limitations of claim 20 are rejected in the analysis of claim 6 above, and the claim is rejected on that basis.


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim(s) 3, 4, 8, and 14 are rejected under 35 U.S.C. 103 as being unpatentable over Bagal et al (US Patent No. 9,660,987 B2) in view of Roth et al (US Patent No. 9,106,406 B1).
With respect to claim 3, Bagal teaches wherein generating a plurality of authentication tokens over time utilizing seed information of the host device (col. 6, line 59-67; col. 7, line 56-col. 9, line 56 disclose generating authentication token utilizing security token (paraphrase, biometrics) provided by MTSS client). 
Bagal does not explicitly disclose generating a series of time-based passcodes utilizing the seed information and time information of the host device.
However, Roth teaches generating a series of time-based passcodes utilizing the seed information and time information of the host device (col. 4, lines 1-17; col. 4, line 47-67 disclose generating time -based OTP codes based seed information and the current time to be used authentication) in order to efficiently renegotiate authentications (Abstract). Therefore, based on Bagal in view of Roth, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to utilize the teaching of Roth to the system of Bagal in order to efficiently renegotiate authentications.

With respect to claim 4, Bagal teaches wherein generating a plurality of authentication tokens over time utilizing seed information of the host device (col. 6, line 59-67; col. 7, line 56-col. 9, line 56 disclose generating authentication token utilizing security token (paraphrase, biometrics) provided by MTSS client). 
Bagal does not explicitly disclose generating a series of event-based passcodes utilizing the seed information and event counter information of the host device.
However, Roth teaches generating a series of event-based passcodes utilizing the seed information and event counter information of the host device (col. 6, line 13 – col. 7, line 20 disclose generating time -based OTP codes based seed information and counter value of events) in order to efficiently renegotiate authentications over time (Abstract). Therefore, based on Bagal in view of Roth, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to utilize the teaching of Roth to the system of Bagal in order to efficiently renegotiate authentications over time.

With respect to claim 8, Bagal teaches wherein generating a plurality of authentication tokens over time utilizing seed information of the host device (col. 6, line 59-67; col. 7, line 56-col. 9, line 56 disclose generating authentication token utilizing security token (paraphrase, biometrics) provided by MTSS client). 
Bagal does not explicitly disclose determining current time information in the host device; combining the current time information with the seed information; and hashing a result of the combining to generate a current one of the authentication tokens as the particular one of the authentication tokens to be incorporated into the input-output operation.
However, Roth teaches determining current time information in the host device (col. 4, lines 1-17); combining the current time information with the seed information (col. 4, lines 1-17); and hashing a result of the combining to generate a current one of the authentication tokens as the particular one of the authentication tokens to be incorporated into the input-output operation (col. 6, line 13 – col. 7, line 34) in order to efficiently renegotiate authentications over time (Abstract). Therefore, based on Bagal in view of Roth, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to utilize the teaching of Roth to the system of Bagal in order to efficiently renegotiate authentications over time.

With respect to claim 14, Bagal discloses the claimed subject matter as discussed above except wherein the at least one processing device is further configured, responsive to receipt of an indication from the storage system that the authentication token incorporated into the input-output operation does not match the corresponding authentication token generated by the storage system, to send at least one synchronization command to the storage system, said at least one synchronization command comprising information utilized to synchronize time clocks between the host device and the storage system.
However, Roth teaches wherein the at least one processing device is further configured, responsive to receipt of an indication from the storage system that the authentication token incorporated into the input-output operation does not match the corresponding authentication token generated by the storage system, to send at least one synchronization command to the storage system, said at least one synchronization command comprising information utilized to synchronize time clocks between the host device and the storage system (col. 6, line 13-col. 7, line 34) in order to efficiently renegotiate authentications over time (Abstract). Therefore, based on Bagal in view of Roth, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to utilize the teaching of Roth to the system of Bagal in order to efficiently renegotiate authentications over time.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to CHEIKH T NDIAYE whose telephone number is (571)270-3914. The examiner can normally be reached Monday-Friday 8:00am-5:30pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, JOON H HWANG can be reached on 571-272-4036. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/CHEIKH T NDIAYE/Primary Examiner, Art Unit 2447                                                                                                                                                                                                        

6/17/2022