DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Status of Claims
Claims 1-25 are pending.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim(s) 1-3, 5-7, 11-13, 15-17, 19-25 is/are rejected under 35 U.S.C. 103 as being unpatentable over Poornachandran et al (PGPUB 2015/0381610), and further in view of Bates et al (PGPUB 2002/0125886) and Gum (PGPUB 2010/0175116).

Regarding Claim 1:
	Poornachandran teaches a storage drive (abstract, portable device including encrypted storage divided into plurality of discrete units) comprising:
	a non-volatile memory (NVM) (paragraph 73-77, portable secured device including non-volatile encrypted storage); and
	a controller executing computer code configured to (paragraph 73-74, portable secured device including processor connected to memory storing executable instructions):
	determine a first location of the storage drive (paragraph 19, portable device provided with short-range transceiver for determining location upon entering an area; identity and location provided to policy server);
	place the storage drive into a secure mode responsive to a determination that the first location of the storage drive is in a permitted area (paragraph 24-25, storage device divided into plurality of partitions with separate location-based security policies, providing particular utility in full disk encryption schemes; paragraph 26, specific partitions contain different classes of data which can be individually encrypted and/or decrypted according to device-enforceable policy; paragraph 27, as user moves between areas of facility, device selectively applies time-and-place-driven security policies to the different partitions, and determines whether certain partitions should be encrypted or decrypted by default, so that access to certain data is denied in appropriate context (i.e. locations), and granted in appropriate contexts (i.e. locations)), the secure mode requiring a first level of security interaction to permit a data transfer between the NVM and a client device (paragraph 45, 48, Fig. 1B, 2B, security policies applicable to facility zones (e.g. zone 1 and zone 2) include allowing unlocked access to certain partitions, e.g. non-sensitive applications, but requires manual override to access other partitions (e.g. non-sensitive data in zone 1, and personal data/applications in zone 2), while access to certain partitions is denied regardless of manual override (e.g. classified data); paragraph 45, manual override requires a user to provide a token (e.g. password, key, or two-factor authentication) in order to obtain access to storage partition).
	Poornachandran does not explicitly teach the controller configured to: 
determine that the storage drive has been moved to a second location in a non-permitted area that overlaps the permitted area; and
retain the storage drive in the secure mode responsive to the determination that the second location of the storage drive is in the non-permitted area that overlaps the permitted area.
However, Bates teaches the concept of a controller configured to (paragraph 24-26, CPU of electronic processing device, e.g. mobile device/cellphone): 
determine that a storage drive has been moved to a second location in a non-permitted area that overlaps a permitted area (abstract, applications/functions enabled only when device is in specified geographic location; paragraph 23-24, device including memory and storage; paragraph 30, geographic location of device is determined; given location, process retrieves data record for highest priority regions associated with applications/functions enabled at this geographic location; if data record is found, enablement bit is interrogated to determine when application/function is enabled for geographic location associated with current GPS location; if so, function is opened and/or enabled to perform normal operations; paragraph 29, table of data records includes priority and multiple regions; regions include associated priority; in the case of overlapping regions, region having highest priority is the one that determines which applications/functions may be opened in that geographic region; paragraph 31, processing device determines if device has changed locations, and if so, if an application/function should be disabled or aborted because of the change; process can be run periodically at any interval, e.g. every minute; if application/function is active, process retrieves data records for highest priority regions at current geographic location; process interrogates enablement bit to determine whether function is enabled or disabled in particular region; process therefore will determine if device has been moved to second location in overlapping regions, and determines if the priority region allows application/function to remain enabled); and
retain the storage drive in a secure mode responsive to the determination that the second location of the storage drive is in the non-permitted area that overlaps the permitted area (paragraph 31, processing device determines if device has changed locations, and if so, if an application/function should be disabled or aborted because of the change; process can be run periodically at any interval, e.g. every minute; if application/function is active, process retrieves data records for highest priority regions at current geographic location; process interrogates enablement bit to determine whether function is enabled or disabled in particular region; process therefore will determine if device has been moved to second location in overlapping regions, and determines if the priority region allows application/function to remain enabled).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the overlapping region priority teachings of Bates with the location-based storage access teachings of Poornachandran, in order to allow application/function operation in circumstances where two regions of conflicting permissions overlapped, which could occur for a number of reasons, e.g. when specifying multiple regions according to distance from a point or anchor device, or when relying on an imprecise GPS reading.  It would therefore be beneficial to allow a user or administrator to set region priority, as in Bates, resulting in the device behaving in a predictable way in such circumstances according to preset configuration.
Neither Poornachandran nor Bates explicitly teaches the controller configured to:
	erase data stored to the NVM responsive to a subsequent detection that the storage drive has been relocated outside the permitted area.
However, Gum teaches the concept of erasing data stored to a NVM responsive to a subsequent detection that the storage drive has been relocated outside a permitted area (paragraph 7, method of establishing dynamic system settings at a portable electronic device, including determining current location information of the portable electronic device, determining whether the current location information satisfies one or more pre-defined mobility characteristics, each of the pre-defined mobility characteristics including at least one location criterion and loading at least one system setting at the portable electronic device based on whether the current location information satisfies the one or more pre-defined mobility characteristics; paragraph 53, assume that the user logs onto the PED 205 in sector A1 as shown in FIG. 4, and that sectors A1 through A7 correspond to access points (APs); because A1 is not within the usage profile, in 325, the PED 205 determines that the access attempt does not conform with the usage profile, and the process advances to 330; in 330, the PED 205 prompts the user to satisfy one or more authentication protocols; paragraph 57-58, if the PED 205 determines that the information provided by the user in response to the authentication prompt is not sufficient to authenticate the user, the PED 205 denies access and locks itself, 340, and sends an alert message, 345; the locking step may include deleting information on the PED or formatting the PED entirely; paragraph 60, sectors A1 through A7 may correspond to geographic ranges as defined by a radial distance from a fixed GPS point, instead of access points; paragraph 63, if the PED is associated with a higher level of security, the authentication step can be skipped altogether; if authentication is skipped or the user fails to authenticate properly, the PED can be locked down).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the erasing data following failed authentication teachings of Gum with the location-based storage access teachings of Poornachandran in view of Bates, in order to significantly improve data security by causing the data to be deleted in the event of failed authentication, which is a possible indication of device theft, thereby preventing an attacker from attempting to find a way to overcome other protective features and steal the data through security exploits and trial-and-error.

Regarding Claim 2:
Poornachandran in view of Bates and Gum teaches the storage drive of claim 1.  In addition, Bates teaches wherein the controller executing the computer code is further configured to determine that the storage drive has been subsequently moved to a third location in a permitted area that does not overlap the non-permitted area, and to continuously retain the storage drive in the secure mode while the storage drive is sequentially in each of the first, second and third locations (paragraph 31, processing device determines if device has changed locations, and if so, if an application/function should be disabled or aborted because of the change; process can be run periodically at any interval, e.g. every minute; if application/function is active, process retrieves data records for highest priority regions at current geographic location; process interrogates enablement bit to determine whether function is enabled or disabled in particular region; process therefore will determine if device has been moved to third location in a non-overlapping region, and determines if the priority region allows application/function to remain enabled). 
The rationale to combine Poornachandran and Bates is the same as provided for claim 1 due to the overlapping subject matter between claims 1 and 2.

Regarding Claim 3:
Poornachandran in view of Bates and Gum teaches the storage drive of claim 1.  In addition, Gum teaches wherein the controller executing computer code is further configured to unlock at least a portion of storage on the storage drive responsive to the storage drive location being within a detectable proximity of a pre-authorized device (paragraph 7, method of establishing dynamic system settings at a portable electronic device, including determining current location information of the portable electronic device, determining whether the current location information satisfies one or more pre-defined mobility characteristics, each of the pre-defined mobility characteristics including at least one location criterion and loading at least one system setting at the portable electronic device based on whether the current location information satisfies the one or more pre-defined mobility characteristics; paragraph 52-53, the PED 205 compares the list of APs in the usage profile with the current AP to which the PED 205 is connected to or is within range of, 320; for example, the PED 205 may ping a local AP to verify whether the local AP is within the usage profile; assume that the user logs onto the PED 205 in sector A1 as shown in FIG. 4, and that sectors A1 through A7 correspond to access points (APs); because A1 is not within the usage profile, in 325, the PED 205 determines that the access attempt does not conform with the usage profile, and the process advances to 330; in 330, the PED 205 prompts the user to satisfy one or more authentication protocols; paragraph 56, if the PED 205 determines, 335, that the information provided by the user in response to the authentication prompt is sufficient to authenticate the user, the process advances to 310 and 315, where sector A1 is added to the usage profile and the user is permitted to access the PED 205).
The rationale to combine Poornachandran and Gum is the same as provided for claim 1 due to the overlapping subject matter between claims 1 and 3.

Regarding Claim 5:
Poornachandran in view of Bates and Gum teaches the storage drive of claim 3.  In addition, Poornachandran teaches wherein the controller executing computer code is further configured to unlock the at least a portion of storage on the storage drive responsive to validating a multi-factor authentication (paragraph 45, manual override requires a user to provide a token (e.g. password, key, or two-factor authentication) in order to obtain access to storage partition).

Regarding Claim 6:
Poornachandran in view of Bates and Robinson teaches the storage drive of claim 5.  In addition, Gum teaches wherein at least one factor in the multi-factor authentication includes placing the storage drive within detectable proximity of the pre-authorized device (paragraph 7, method of establishing dynamic system settings at a portable electronic device, including determining current location information of the portable electronic device, determining whether the current location information satisfies one or more pre-defined mobility characteristics, each of the pre-defined mobility characteristics including at least one location criterion and loading at least one system setting at the portable electronic device based on whether the current location information satisfies the one or more pre-defined mobility characteristics; paragraph 52-53, the PED 205 compares the list of APs in the usage profile with the current AP to which the PED 205 is connected to or is within range of, 320; for example, the PED 205 may ping a local AP to verify whether the local AP is within the usage profile; assume that the user logs onto the PED 205 in sector A1 as shown in FIG. 4, and that sectors A1 through A7 correspond to access points (APs); because A1 is not within the usage profile, in 325, the PED 205 determines that the access attempt does not conform with the usage profile, and the process advances to 330; in 330, the PED 205 prompts the user to satisfy one or more authentication protocols; paragraph 56, if the PED 205 determines, 335, that the information provided by the user in response to the authentication prompt is sufficient to authenticate the user, the process advances to 310 and 315, where sector A1 is added to the usage profile and the user is permitted to access the PED 205).
The rationale to combine Poornachandran and Gum is the same as provided for claim 4 due to the overlapping subject matter between claims 4 and 6.

Regarding Claim 7:
Poornachandran in view of Bates and Gum teaches the storage drive of claim 1.
In addition, Gum teaches wherein the data are erased from the NVM responsive to detection of the storage drive being relocated outside the permitted area and responsive to a lack of detection of a pre-authorized device in proximity to the storage drive using a multi-factor authentication scheme (paragraph 57-58, if the PED 205 determines that the information provided by the user in response to the authentication prompt is not sufficient to authenticate the user, the PED 205 denies access and locks itself, 340, and sends an alert message, 345; the locking step may include deleting information on the PED or formatting the PED entirely; paragraph 63, if the PED is associated with a higher level of security, the authentication step can be skipped altogether; if authentication is skipped or the user fails to authenticate properly, the PED can be locked down; paragraph 60, in Example 2 of the usage profile, sectors A1 through A7 correspond to geographic ranges as defined by a radial distance from a fixed GPS point, instead of access points as in Example 1 above; GPS A5 is a range inclusive of any GPS location within a 1 mile radius of the work office 215, and GPS_A6 is a range inclusive of any GPS location within a 2 mile radius of the residential home 210; aside from using a geographic position (e.g., as derived by SPS or GPS), additional conditions such a visibility of certain signals at the PED (e.g., cellular signals, WiFi signals from local APs, SPS signals, etc.) may be used an addition to geographic location information; paragraph 63, additional security can be provided by associating the location of the PED with particular times wherein usage of the PED is expected at that location, and/or other parameters such as which signals are visible to the PED (e.g., cellular signals, WiFi signals, SPS signals, etc.); therefore, Gum teaches erasing the data in the event that the determined location and presence of expected AP signals does not conform to an expected usage profile), and wherein the data are not erased from the NVM responsive to detection of the storage drive being located outside the permitted area and responsive to detection of a pre-authorized device in proximity to the storage drive using said multi-factor authentication scheme (paragraph 62, the PED 205 compares the list of APs in the usage profile with the current AP to which the PED 205 is connected to or is within range of, 315; in 325, the PED 205 determines whether the access attempt conforms with Example 2 of the usage profile, and the process advances to 310 or 340 based on this determination, as discussed above in detail; Example 2 of the usage profile requires the PED 205 to measure both (i) time of day/week (e.g., by checking an internal clock at the PED 205) and (ii) the location of the PED 205 (in 303); the usage comparison of 320/325 may include a position determining process as discussed above with respect to 303, such as GPS, trilateration, hybrid SPS (i.e., a combination of SPS positioning with positioning based on terrestrial signals), positioning based on an IP address of the PED 205, and/or any other well-known positioning technique; paragraph 63, the user can optionally be given a chance to authenticate him or herself if the PED is being used in an unexpected manner; paragraph 56, if the PED 205 determines, 335, that the information provided by the user in response to the authentication prompt is sufficient to authenticate the user, the process advances 315, where the user is permitted to access the PED 205; therefore, Gum teaches the circumstance wherein the device data is not erased responsive to the determination that one or the other of the determined location and presence of expected AP signals does not conform to an expected usage profile).
The rationale to combine Poornachandran and Gum is the same as provided for claim 1 due to the overlapping subject matter between claims 1 and 7.

Regarding Claim 11:
	Poornachandran teaches a method to securely operate a computer storage system having a storage drive with a non-volatile memory (NVM) (abstract, portable device including encrypted storage divided into plurality of discrete units; paragraph 73-77, portable secured device including non-volatile encrypted storage), the method comprising:
	determining a first location of the storage drive (paragraph 19, portable device provided with short-range transceiver for determining location upon entering an area; identity and location provided to policy server);
	placing the storage drive into a secure mode responsive to a determination that the first location of the storage drive is in a permitted area (paragraph 24-25, storage device divided into plurality of partitions with separate location-based security policies, providing particular utility in full disk encryption schemes; paragraph 26, specific partitions contain different classes of data which can be individually encrypted and/or decrypted according to device-enforceable policy; paragraph 27, as user moves between areas of facility, device selectively applies time-and-place-driven security policies to the different partitions, and determines whether certain partitions should be encrypted or decrypted by default, so that access to certain data is denied in appropriate context (i.e. locations), and granted in appropriate contexts (i.e. locations)), the secure mode requiring a first level of security interaction to permit data transfers between the NVM and a client device responsive to bi-directional communications between the storage drive and the client (paragraph 45, 48, Fig. 1B, 2B, security policies applicable to facility zones (e.g. zone 1 and zone 2) include allowing unlocked access to certain partitions, e.g. non-sensitive applications, but requires manual override to access other partitions (e.g. non-sensitive data in zone 1, and personal data/applications in zone 2), while access to certain partitions is denied regardless of manual override (e.g. classified data); paragraph 45, manual override requires a user to provide a token (e.g. password, key, or two-factor authentication) in order to obtain access to storage partition; paragraph 98-101, user space applications communicatively couple to file system driver, which communicatively couples to file system driver, which communicatively couples to disk sector level driver which reports to file system driver those sectors that are currently unencrypted and available; paragraph 96, encrypted storage uses sector-level drivers to control access to partition during relevant operations).
	Poornachandran does not explicitly teach retaining the storage drive in the secure mode responsive to a determination that the storage drive has transitioned to a second location that includes a non-permitted area.
	However, Bates teaches the concept of retaining a storage device in a secure mode responsive to a determination that the storage drive has transitioned to a second location that includes a non-permitted area (abstract, applications/functions enabled only when device is in specified geographic location; paragraph 23-24, device including memory and storage; paragraph 30, geographic location of device is determined; given location, process retrieves data record for highest priority regions associated with applications/functions enabled at this geographic location; if data record is found, enablement bit is interrogated to determine when application/function is enabled for geographic location associated with current GPS location; if so, function is opened and/or enabled to perform normal operations; paragraph 29, table of data records includes priority and multiple regions; regions include associated priority; in the case of overlapping regions, region having highest priority is the one that determines which applications/functions may be opened in that geographic region; paragraph 31, processing device determines if device has changed locations, and if so, if an application/function should be disabled or aborted because of the change; process can be run periodically at any interval, e.g. every minute; if application/function is active, process retrieves data records for highest priority regions at current geographic location; process interrogates enablement bit to determine whether function is enabled or disabled in particular region; process therefore will determine if device has been moved to second location in overlapping regions, and determines if the priority region allows application/function to remain enabled).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the overlapping region priority teachings of Bates with the location-based storage access teachings of Poornachandran, in order to allow application/function operation in circumstances where two regions of conflicting permissions overlapped, which could occur for a number of reasons, e.g. when specifying multiple regions according to distance from a point or anchor device, or when relying on an imprecise GPS reading.  It would therefore be beneficial to allow a user or administrator to set region priority, as in Bates, resulting in the device behaving in a predictable way in such circumstances according to preset configuration.
Neither Poornachandran nor Bates explicitly teaches retaining the storage drive in the secure mode responsive to the storage drive being within detectable proximity of a pre-authorized device using a multi-factor authorization scheme.
However, Gum teaches the concept of retaining a storage drive in a secure mode responsive to the storage drive being within detectable proximity of a pre-authorized device using a multi-factor authorization scheme (paragraph 7, method of establishing dynamic system settings at a portable electronic device, including determining current location information of the portable electronic device, determining whether the current location information satisfies one or more pre-defined mobility characteristics, each of the pre-defined mobility characteristics including at least one location criterion and loading at least one system setting at the portable electronic device based on whether the current location information satisfies the one or more pre-defined mobility characteristics; paragraph 52-53, the PED 205 compares the list of APs in the usage profile with the current AP to which the PED 205 is connected to or is within range of, 320; for example, the PED 205 may ping a local AP to verify whether the local AP is within the usage profile; assume that the user logs onto the PED 205 in sector A1 as shown in FIG. 4, and that sectors A1 through A7 correspond to access points (APs); because A1 is not within the usage profile, in 325, the PED 205 determines that the access attempt does not conform with the usage profile, and the process advances to 330; in 330, the PED 205 prompts the user to satisfy one or more authentication protocols; paragraph 56, if the PED 205 determines, 335, that the information provided by the user in response to the authentication prompt is sufficient to authenticate the user, the process advances to 310 and 315, where sector A1 is added to the usage profile and the user is permitted to access the PED 205).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the detectable proximity of a pre-authorized device teachings of Gum with the location-based storage access teachings of Poornachandran in view of Bates, in order to improve the security environment by requiring multiple forms of verification prior to allowing access to sensitive data, thereby increasing the accuracy of the authentication determination and preventing malicious actors who may have stolen or guessed one form of authentication from being able to access the device without one or more additional factors which are more difficult to obtain or spoof, such as proximity to particular active access points.

Regarding Claim 12:
Poornachandran in view of Bates and Gum teaches the method of claim 11.  In addition, Bates teaches the further subsequent steps of determining that the storage drive has been subsequently moved to a third location in the permitted area that does not overlap the non-permitted area, so that the secure mode continues in an uninterrupted fashion in each of the first, second and third locations (paragraph 31, processing device determines if device has changed locations, and if so, if an application/function should be disabled or aborted because of the change; process can be run periodically at any interval, e.g. every minute; if application/function is active, process retrieves data records for highest priority regions at current geographic location; process interrogates enablement bit to determine whether function is enabled or disabled in particular region; process therefore will determine if device has been moved to third location in a non-overlapping region, and determines if the priority region allows application/function to remain enabled). 
The rationale to combine Poornachandran and Bates is the same as provided for claim 11 due to the overlapping subject matter between claims 11 and 12.

Regarding Claim 13:
Poornachandran in view of Bates and Gum teaches the method of claim 11.  In addition, Gum teaches the method comprising unlocking at least a portion of storage on the storage drive upon determining the storage drive is located within detectable proximity of the pre-authorized device (paragraph 7, method of establishing dynamic system settings at a portable electronic device, including determining current location information of the portable electronic device, determining whether the current location information satisfies one or more pre-defined mobility characteristics, each of the pre-defined mobility characteristics including at least one location criterion and loading at least one system setting at the portable electronic device based on whether the current location information satisfies the one or more pre-defined mobility characteristics; paragraph 52-53, the PED 205 compares the list of APs in the usage profile with the current AP to which the PED 205 is connected to or is within range of, 320; for example, the PED 205 may ping a local AP to verify whether the local AP is within the usage profile; assume that the user logs onto the PED 205 in sector A1 as shown in FIG. 4, and that sectors A1 through A7 correspond to access points (APs); because A1 is not within the usage profile, in 325, the PED 205 determines that the access attempt does not conform with the usage profile, and the process advances to 330; in 330, the PED 205 prompts the user to satisfy one or more authentication protocols; paragraph 56, if the PED 205 determines, 335, that the information provided by the user in response to the authentication prompt is sufficient to authenticate the user, the process advances to 310 and 315, where sector A1 is added to the usage profile and the user is permitted to access the PED 205).
The rationale to combine Poornachandran and Gum is the same as provided for claim 11 due to the overlapping subject matter between claims 11 and 13.

Regarding Claim 15:
Poornachandran in view of Bates and Gum teaches the method of claim 11.  In addition, Gum teaches the method, further comprising erasing data from the NVM responsive to detection of the storage drive outside the permitted area in an absence of detection of proximity of the pre-authorized device (paragraph 57-58, if the PED 205 determines that the information provided by the user in response to the authentication prompt is not sufficient to authenticate the user, the PED 205 denies access and locks itself, 340, and sends an alert message, 345; the locking step may include deleting information on the PED or formatting the PED entirely; paragraph 63, if the PED is associated with a higher level of security, the authentication step can be skipped altogether; if authentication is skipped or the user fails to authenticate properly, the PED can be locked down; paragraph 60, in Example 2 of the usage profile, sectors A1 through A7 correspond to geographic ranges as defined by a radial distance from a fixed GPS point, instead of access points as in Example 1 above; GPS A5 is a range inclusive of any GPS location within a 1 mile radius of the work office 215, and GPS_A6 is a range inclusive of any GPS location within a 2 mile radius of the residential home 210; aside from using a geographic position (e.g., as derived by SPS or GPS), additional conditions such a visibility of certain signals at the PED (e.g., cellular signals, WiFi signals from local APs, SPS signals, etc.) may be used an addition to geographic location information; paragraph 63, additional security can be provided by associating the location of the PED with particular times wherein usage of the PED is expected at that location, and/or other parameters such as which signals are visible to the PED (e.g., cellular signals, WiFi signals, SPS signals, etc.); therefore, Gum teaches erasing the data in the event that the determined location and presence of expected AP signals does not conform to an expected usage profile). 
The rationale to combine Poornachandran and Gum is the same as provided for claim 11 due to the overlapping subject matter between claims 11 and 15.

Regarding Claim 16:
	Poornachandran in view of Bates and Gum teaches the method of claim 11.  In addition, Poornachandran teaches wherein the data transfers carried out between the NVM and the client in response to the bi-directional communications between the storage drive and the client in the second location comprise the encryption of data stored to the NVM and the decryption of previously stored data retrieved from the NVM (paragraph 99, sector level driver communicatively couples to encryption filter which is configured to provide sector level encryption and decryption).

Regarding Claim 17:
Poornachandran in view of Bates and Gum teaches the method of claim 12.  In addition, Poornachandran teaches the method comprising locking the at a least portion of storage upon determining the storage drive is removed from one of the one or more permitted areas or enters one of the one or more non-permitted areas (paragraph 111, when portable secured device leaves particular zone, security agent encrypts relevant partitions, making them unavailable, thereby “locking” said partitions).

Regarding Claim 19:
Poornachandran teaches a computer-program product to improve a storage system having a permitted area, the computer-program product comprising a non-transitory computer-readable medium storing instructions thereon, the instructions being executable by one or more processors to perform the steps of (abstract, portable device including encrypted storage divided into plurality of discrete units; paragraph 73-74, portable secured device including processor connected to memory storing executable instructions; paragraph 27, as user moves between areas of facility, device selectively applies time-and-place-driven security policies to the different partitions, and determines whether certain partitions should be encrypted or decrypted by default, so that access to certain data is denied in appropriate context (i.e. locations), and granted in appropriate contexts (i.e. locations)):
determining a first location of a storage drive (paragraph 19, portable device provided with short-range transceiver for determining location upon entering an area; identity and location provided to policy server);
placing the storage drive in a secured mode responsive to a determination that the first location of the storage drive is in a portion of the permitted area that does not overlap a non-permitted area (paragraph 24-25, storage device divided into plurality of partitions with separate location-based security policies, providing particular utility in full disk encryption schemes; paragraph 26, specific partitions contain different classes of data which can be individually encrypted and/or decrypted according to device-enforceable policy; paragraph 27, as user moves between areas of facility, device selectively applies time-and-place-driven security policies to the different partitions, and determines whether certain partitions should be encrypted or decrypted by default, so that access to certain data is denied in appropriate context (i.e. locations), and granted in appropriate contexts (i.e. locations); no mention is made of overlapping areas).
Poornachandran does not explicitly teach the storage system having the permitted area overlapping a non-permitted area; 
determining a preestablished precedence between the permitted area and the non-permitted area in an overlapping portion thereof; and
retaining the storage drive in the secure mode responsive to a determination that the storage drive has transitioned to a second location within the overlapping portion of the permitted area and the non-permitted area and to a determination that the preestablished precedence is the permitted area over the non-permitted area in the overlapping portion thereof.
However, Bates teaches a storage system having a permitted area overlapping a non-permitted area (abstract, application/functions within electronic device having GPS can be enabled only when in specified geographic location; paragraph 29, data structure records application/function permissions according to region coordinates, priority of region, and whether function is enabled/disabled; given overlapping regions such as “work” and “school” regions, region having highest priority is the one that determines which applications/functions may be opened in the overlapping region); 
determining a preestablished precedence between the permitted area and the non-permitted area in an overlapping portion thereof (paragraph 29, given overlapping regions such as “work” and “school” regions, region having highest priority is the one that determines which applications/functions may be opened in the overlapping region); and
retaining the device in the secure mode responsive to a determination that the location of the storage drive has transitioned to a second location within the overlapping portions of the permitted area and the non-permitted area and to a determination that the preestablished precedence is the permitted area over the non-permitted area in the overlapping portion thereof (paragraph 30, geographic location of device is determined using GPS, and the data record is retrieved for the highest priority region at the geographic location; if record is found, enablement on/off bit is interrogated to determine when an application function is enabled or disabled in the geographic location associated with current GPS location; enabling functions can be seen as analogous to “secure mode”, i.e. access to features is provided; therefore, if the highest priority overlapping region is set to enable an application/function, the device will be retained in “secure mode”; paragraph 31, processing device determines if device has changed locations, and if so, if an application/function should be disabled or aborted because of the change; process can be run periodically at any interval, e.g. every minute; if application/function is active, process retrieves data records for highest priority regions at current geographic location; process interrogates enablement bit to determine whether function is enabled or disabled in particular region; process therefore will determine if device has been moved to second location in overlapping regions, and determines if the priority region allows application/function to remain enabled); and
Poornachandran teaches wherein the device is a storage drive (paragraph 73-77, portable secured device including non-volatile encrypted storage).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the overlapping region priority teachings of Bates with the location-based storage access teachings of Poornachandran, in order to allow application/function operation in circumstances where two regions of conflicting permissions overlapped, which could occur for a number of reasons, e.g. when specifying multiple regions according to distance from a point or anchor device, or when relying on an imprecise GPS reading.  It would therefore be beneficial to allow a user or administrator to set region priority, as in Bates, resulting in the device behaving in a predictable way in such circumstances according to preset configuration.
Neither Poornachandran nor Bates explicitly teaches erasing data from a non-volatile memory (NVM) of the storage drive responsive to detected relocation of the storage drive outside the permitted area.
However, Gum teaches the concept of erasing data from a NVM of a storage drive responsive to detected relocation of the storage drive outside a permitted area (paragraph 7, method of establishing dynamic system settings at a portable electronic device, including determining current location information of the portable electronic device, determining whether the current location information satisfies one or more pre-defined mobility characteristics, each of the pre-defined mobility characteristics including at least one location criterion and loading at least one system setting at the portable electronic device based on whether the current location information satisfies the one or more pre-defined mobility characteristics; paragraph 53, assume that the user logs onto the PED 205 in sector A1 as shown in FIG. 4, and that sectors A1 through A7 correspond to access points (APs); because A1 is not within the usage profile, in 325, the PED 205 determines that the access attempt does not conform with the usage profile, and the process advances to 330; in 330, the PED 205 prompts the user to satisfy one or more authentication protocols; paragraph 57-58, if the PED 205 determines that the information provided by the user in response to the authentication prompt is not sufficient to authenticate the user, the PED 205 denies access and locks itself, 340, and sends an alert message, 345; the locking step may include deleting information on the PED or formatting the PED entirely; paragraph 60, sectors A1 through A7 may correspond to geographic ranges as defined by a radial distance from a fixed GPS point, instead of access points; paragraph 63, if the PED is associated with a higher level of security, the authentication step can be skipped altogether; if authentication is skipped or the user fails to authenticate properly, the PED can be locked down).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the erasing data following failed authentication teachings of Gum with the location-based storage access teachings of Poornachandran in view of Bates, in order to significantly improve data security by causing the data to be deleted in the event of failed authentication, which is a possible indication of device theft, thereby preventing an attacker from attempting to find a way to overcome other protective features and steal the data through security exploits and trial-and-error.

Regarding Claim 20:
Poornachandran in view of Bates and Gum teaches the computer-program product of claim 19.  In addition, Poornachandran teaches wherein the instructions executed by the one or more processors cause the one or more processors to perform the steps of unlocking at least a portion of storage on the storage drive based at least in part on determining the storage drive is located in the permitted area (paragraph 45, 48, Fig. 1B, 2B, security policies applicable to facility zones (e.g. zone 1 and zone 2) include allowing unlocked access to certain partitions, e.g. non-sensitive applications, but requires manual override to access other partitions (e.g. non-sensitive data in zone 1, and personal data/applications in zone 2), while access to certain partitions is denied regardless of manual override (e.g. classified data); paragraph 45, manual override requires a user to provide a token (e.g. password, key, or two-factor authentication) in order to obtain access to storage partition).

Regarding Claim 21:
Poornachandran in view of Bates and Gum teaches the storage drive of claim 1.  In addition, Bates teaches wherein a portion of the permitted area overlaps a portion of the non-permitted area, and where the controller executing the computer code is configured to retain the storage drive in the secure mode responsive to the determination that the location of the storage drive has transitioned to the overlapping area (abstract, application/functions within electronic device having GPS can be enabled only when in specified geographic location; paragraph 29, data structure records application/function permissions according to region coordinates, priority of region, and whether function is enabled/disabled; given overlapping regions such as “work” and “school” regions, region having highest priority is the one that determines which applications/functions may be opened in the overlapping region; paragraph 30, geographic location of device is determined using GPS, and the data record is retrieved for the highest priority region at the geographic location; if record is found, enablement on/off bit is interrogated to determine when an application function is enabled or disabled in the geographic location associated with current GPS location; enabling functions can be seen as analogous to “secure mode”, i.e. access to features is provided).
The rationale to combine Poornachandran and Bates is the same as provided for claim 1 due to the overlapping subject matter between claims 1 and 21.

Regarding Claim 22:
Poornachandran in view of Bates and Gum teaches the storage drive of claim 21.  In addition, Poornachandran teaches wherein the controller executing computer code is further configured to switch the storage drive to an unsecured mode responsive to a determination that the location of the storage drive has transitioned out of the permitted area (paragraph 111, when portable secured device leaves particular zone, security agent encrypts relevant partitions, making them unavailable, thereby “locking” said partitions).

Regarding Claim 23:
Poornachandran in view of Bates and Gum teaches the storage drive of claim 21.  In addition, Gum teaches wherein the controller executing computer code is further configured to switch the storage device to an unsecured mode responsive to a determination that the location of the device has transitioned to a non-overlapping portion of the non-permitted area and a determination that the storage drive is not proximate a pre-authorized device in a multi-authentication scheme (paragraph 57-58, if the PED 205 determines that the information provided by the user in response to the authentication prompt is not sufficient to authenticate the user, the PED 205 denies access and locks itself, 340, and sends an alert message, 345; the locking step may include deleting information on the PED or formatting the PED entirely; paragraph 63, if the PED is associated with a higher level of security, the authentication step can be skipped altogether; if authentication is skipped or the user fails to authenticate properly, the PED can be locked down; paragraph 60, in Example 2 of the usage profile, sectors A1 through A7 correspond to geographic ranges as defined by a radial distance from a fixed GPS point, instead of access points as in Example 1 above; GPS A5 is a range inclusive of any GPS location within a 1 mile radius of the work office 215, and GPS_A6 is a range inclusive of any GPS location within a 2 mile radius of the residential home 210; aside from using a geographic position (e.g., as derived by SPS or GPS), additional conditions such a visibility of certain signals at the PED (e.g., cellular signals, WiFi signals from local APs, SPS signals, etc.) may be used an addition to geographic location information; paragraph 63, additional security can be provided by associating the location of the PED with particular times wherein usage of the PED is expected at that location, and/or other parameters such as which signals are visible to the PED (e.g., cellular signals, WiFi signals, SPS signals, etc.); therefore, Gum teaches erasing the data in the event that the determined location and presence of expected AP signals does not conform to an expected usage profile).
The rationale to combine Poornachandran and Gum is the same as provided for claim 21 due to the overlapping subject matter between claims 21 and 23.

Regarding Claim 24:
	Poornachandran in view of Bates and Gum teaches the computer-program product of claim 19.  In addition, Bates teaches wherein an edge of the permitted area crosses over an edge of the non-permitted area (paragraph 29, given overlapping regions, the region having the highest priority is the one that determines which applications/functions may be opened in that geographic region).
The rationale to combine Poornachandran and Bates is the same as provided for claim 19 due to the overlapping subject matter between claims 19 and 24.

Regarding Claim 25:
	Poornachandran in view of Bates and Gum teaches the computer-program product of claim 19.  In addition, Bates teaches wherein one of the permitted area and the non-permitted area is embedded in the other of the permitted area and the non-permitted area (paragraph 29, given overlapping regions, the region having the highest priority is the one that determines which applications/functions may be opened in that geographic region).
The rationale to combine Poornachandran and Bates is the same as provided for claim 19 due to the overlapping subject matter between claims 19 and 24.

Claims 4, 14 is/are rejected under 35 U.S.C. 103 as being unpatentable over Poornachandran in view of Bates and Gum, and further in view of Robinson et al (PGPUB 2016/0337863).

Regarding Claim 4:
Poornachandran in view of Bates and Gum teaches the storage drive of claim 3.  
Neither Poornachandran nor Bates nor Gum explicitly teaches wherein the storage drive or the pre-authorized device, or both, comprises a near field communication (NFC) sensor to detect the proximity between the storage drive and the pre-authorized device.
However, Robinson teaches the concept wherein a storage drive or a pre-authorized device, or both, comprises a near field communication (NFC) sensor to detect proximity between the storage drive and the pre-authorized device (abstract, performing device security corrective action based on loss of proximity to another device, such as key device; paragraph 64-69, behavior modification module controls access to certain types of data stored on target device, e.g. allowing access to encrypted container only when certain conditions are satisfied; conditions include presence or absence of key device, and/or geo-location of target device is or is not near specified landmark; behavior modification module disables lockout features if key device is detected and target device is located in particular location, e.g. home or work office; paragraph 50, target device detects presence of key device using Near Field Communication (NFC) technology).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the NFC device teachings of Robinson with the location-based storage access teachings of Poornachandran in view of Bates and Gum, in order to improve the security environment by using devices which rely on NFC technology, which strictly limits the range at which authorized devices can communicate, thereby making it more difficult to attack or exploit a device without being also possessing or being in the location of one or more authentication factors.

Regarding Claim 14:
Poornachandran in view of Bates and Gum teaches the method of claim 11.  
Neither Poornachandran nor Bates nor Gum explicitly teaches wherein the storage drive or the pre-authorized device, or both, including a near field communication (NFC) sensor to detect the proximity between the storage drive and the pre-authorized device.
However, Robinson teaches the concept wherein a storage drive or a pre-authorized device, or both, including a near field communication (NFC) sensor to detect proximity between the storage drive and the pre-authorized device (abstract, performing device security corrective action based on loss of proximity to another device, such as key device; paragraph 64-69, behavior modification module controls access to certain types of data stored on target device, e.g. allowing access to encrypted container only when certain conditions are satisfied; conditions include presence or absence of key device, and/or geo-location of target device is or is not near specified landmark; behavior modification module disables lockout features if key device is detected and target device is located in particular location, e.g. home or work office; paragraph 50, target device detects presence of key device using Near Field Communication (NFC) technology).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the NFC device teachings of Robinson with the location-based storage access teachings of Poornachandran in view of Bates and Gum, in order to improve the security environment by using devices which rely on NFC technology, which strictly limits the range at which authorized devices can communicate, thereby making it more difficult to attack or exploit a device without being also possessing or being in the location of one or more authentication factors.

Claims 8, 18 is/are rejected under 35 U.S.C. 103 as being unpatentable over Poornachandran in view of Bates and Gum, and further in view of Lim et al (PGPUB 2020/0034928).

Regarding Claim 8:
Poornachandran in view of Bates teaches the storage drive of claim 1. 
Neither Poornachandran nor Bates nor Gum explicitly teaches wherein the controller executing computer code is further configured to update an event ledger responsive to detecting the location of the storage drive, wherein the event ledger is stored in a blockchain of a cloud storage system.
However, Lim teaches wherein a controller executing computer code is configured to update an event ledger responsive to detecting a location of the storage drive, wherein the event ledger is stored in a blockchain of a cloud storage system (abstract, smart device comprising blockchain application module to blockchain data obtained by the smart device and transmit blockchained data to blockchain data system; paragraph 29, data obtained and stored by smart device comprises location of smart device; smart device blockchains data obtained by smart device; paragraph 30, blockchain data system configured as distributed ledger that receives and stores data that has been blockchained prior to being sent to blockchain data system (i.e. “cloud storage”) from the smart device); and
Poornachandran teaches wherein the device is a storage drive (paragraph 73-77, portable secured device including non-volatile encrypted storage).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the location tracking blockchain record of Lim with the location-based storage access teachings of Poornachandran in view of Bates and Gum, in order to provide a cryptographically secure means of tracking the location of a security device as it is transported or used, thereby allowing an administrator or security agent to determine the current or last known location of a secure device or identify locations where the device is not supposed to operate, preventing possible theft and allowing recovery or detection of abuse.  Use of blockchain allows such a record to be maintained in a way that makes maliciously tampering with the record extremely difficult to impossible.

Regarding Claim 18:
Poornachandran in view of Bates and Gum teaches the method of claim 11. 
Neither Poornachandran nor Bates nor Gum explicitly teaches the method comprising updating an event ledger upon detecting the location of the storage drive, wherein the event ledger is stored in a blockchain of a cloud storage system.
However, Lim teaches wherein a method comprises updating an event ledger upon detecting a location of a storage device, wherein the event ledger is stored in a blockchain of a cloud storage system (abstract, smart device comprising blockchain application module to blockchain data obtained by the smart device and transmit blockchained data to blockchain data system; paragraph 29, data obtained and stored by smart device comprises location of smart device; smart device blockchains data obtained by smart device; paragraph 30, blockchain data system configured as distributed ledger that receives and stores data that has been blockchained prior to being sent to blockchain data system (i.e. “cloud storage”) from the smart device); and
Poornachandran teaches wherein the device is a storage drive (paragraph 73-77, portable secured device including non-volatile encrypted storage).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the location tracking blockchain record of Lim with the location-based storage access teachings of Poornachandran in view of Bates and Gum, in order to provide a cryptographically secure means of tracking the location of a security device as it is transported or used, thereby allowing an administrator or security agent to determine the current or last known location of a secure device or identify locations where the device is not supposed to operate, preventing possible theft and allowing recovery or detection of abuse.  Use of blockchain allows such a record to be maintained in a way that makes maliciously tampering with the record extremely difficult to impossible.

Claim 9 is/are rejected under 35 U.S.C. 103 as being unpatentable over Poornachandran in view of Bates and Gum, and further in view of Gillon et al (PGPUB 2014/0344886).

Regarding Claim 9:
Poornachandran in view of Bates teaches the storage drive of claim 1.  In addition, Bates teaches wherein the controller executing computer code is further configured to: 
program a user customized permitted area (paragraph 28, user moves boundaries of geographic regions in which application/function is enabled/disabled).
The rationale to combine Poornachandran and Bates is the same as provided for claim 1 due to the overlapping subject matter between claims 1 and 9.
Neither Poornachandran nor Bates nor Gum explicitly teaches the hardware controller further configured to:
program the permitted area at a manufacturing site of the storage drive.
However, Gillon teaches the concept of a hardware controller further configured to:
program a permitted area at a manufacturing site of a storage drive (paragraph 16, information handling system that performs security policy enforcement using security policy data maintained in embedded controller; paragraph 44, manufacturer utilizes initial manufacturing interface access to establish for IHS a policy that specifies that system operation is enabled only within location bounds of a customer’s premises).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the location default and user customization teachings of Gillon with the location-based storage access teachings of Poornachandran in view of Bates and Gum, in order to allow an end user to make immediate use of a location-based security system immediately through use of manufacturer specified default settings, while also allowing an administrator to modify said default settings in the event that an organization’s locality or policy requirements change over time, without requiring a costly factory refurbishing process or other means for a manufacturer to reset a device.

Claim 10 is/are rejected under 35 U.S.C. 103 as being unpatentable over Poornachandran in view of Bates and Gum, and further in view of Saxena et al (PGPUB 2012/0159172).

Regarding Claim 10:
Poornachandran in view of Bates teaches the storage drive of claim 1.
Neither Poornachandran nor Bates nor Gum explicitly teaches wherein the controller executing computer code is further configured to validate the determination that the location of the storage drive is in the permitted area by using a public key to verify a received GPS packet.
However, Saxena teaches the concept wherein a controller executing computer code is further configured to validate a determination that a location of a device is in a permitted area by using a public key to verify a received GPS packet (paragraph 18, logic configured to receive GPS location information from GPS sensor via a link; GPS sensor uses private key to encrypt and sign GPS location information before transmission; logic uses public key to authenticate and decrypt location information received over link to verify that true source of location information is GPS sensor; paragraph 22, location information used to authenticate user for access to trust-aware applications, i.e. user must be in permitted area to be authenticated); and
Poornachandran teaches wherein the device is a storage drive (paragraph 73-77, portable secured device including non-volatile encrypted storage).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the validated GPS location teachings of Saxena with the location-based storage access teachings of Poornachandran in view of Bates and Gum, in order to allow a location-dependent security system to validate received location data using well-known and understood cryptographic methods (e.g. asymmetric cryptographic signatures) in order to prevent malicious interception/spoofing of GPS location data which would allow an unauthorized agent to obtain access to a secure device.

Response to Arguments
Applicant's arguments filed 4/8/2022 have been fully considered but they are not persuasive.

Regarding the claim objections:
	Applicant’s amendments have overcome the prior claim objections.  Therefore, the claim objections are withdrawn.

Regarding the rejection of claims under 35 USC 103:
	In response to Applicant’s arguments regarding Bates, page 10 paragraph 1-4:  The only elements missing from each of Poornachandran, Bates, and Robinson, are those of “eras[ing] data stored to the NVM responsive to a subsequent detection that the storage drive has been relocated outside the permitted area,” as in claim 1 as amended, and “retaining the storage drive in the secure mode responsive to a determination that the storage drive has transitioned to a second location that includes a non-permitted area and responsive to the storage drive being within detectable proximity of a pre-authorized device using a multi-factor authorization scheme,” as in claim 11 as amended.  However, a new ground(s) for rejection is provided above which does teach this subject matter, as added by amendment.
	Applicant’s arguments regarding claim 19 are similar to those regarding claims 1 and 11, and are therefore responded to in a similar way.
	In addition, the dependent claims are not allowable due to depending from a corresponding independent claim which is not allowable.

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to FORREST L CAREY whose telephone number is (571)270-7814. The examiner can normally be reached 9:00AM-5:30PM M-F.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ashok Patel can be reached on 5712723972. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/FORREST L CAREY/Examiner, Art Unit 2491                                                                                                                                                                                                        



/ASHOKKUMAR B PATEL/Supervisory Patent Examiner, Art Unit 2491