DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
The present application, filed on December 15, 2020, is accepted.
Claims 1 – 20 are being considered on the merits.

Drawings
The drawings, filed on December 15, 2020, are accepted.

Specification
The specification, filed on December 15, 2020, is accepted.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.



Claims 10 and 20 are rejected under 35 U.S.C. 112(b) as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, regards as the invention.
Claim 10 recites the limitation " the device " in line 1.  There is insufficient antecedent basis for this limitation in the claim. For the purpose of examination, “the device” is interpreted as “a device”.
Claim 10 recites the limitation " the data operations " in line 2.  There is insufficient antecedent basis for this limitation in the claim. For the purpose of examination, “the data operations” is interpreted as “a data operations”.
Claim 10 recites the limitation " the storage medium " in line 2.  There is insufficient antecedent basis for this limitation in the claim. For the purpose of examination, “the storage medium” is interpreted as “a storage medium”.
Claim 20 recites the limitation " the device " in line 1.  There is insufficient antecedent basis for this limitation in the claim. For the purpose of examination, “the device” is interpreted as “a device”.
Claim 20 recites the limitation " the data operations " in line 2.  There is insufficient antecedent basis for this limitation in the claim. For the purpose of examination, “the data operations” is interpreted as “a data operations”.
Claim 20 recites the limitation " the storage medium " in line 2.  There is insufficient antecedent basis for this limitation in the claim. For the purpose of examination, “the storage medium” is interpreted as “a storage medium”.


Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1 – 7 and 9 – 16 are rejected under 35 U.S.C. 103 as being unpatentable over US 20150127946 A1 to Miller et al., (hereinafter, “Miller”) in view of US 20210034791 A1 to Singh et al., (hereinafter, “Singh”).
Regarding claim 1, Miller teaches a device-implemented method, comprising: receiving, at a device configured to perform data operations on a storage medium, one or more unique external keys, the one or more external keys being served to the device from one or more external sources for Key per IO operation; [Miller, para. 28 discloses for each type of external secret 124, information about the external secret may be stored on each storage device 150A-N of storage system 100. In another embodiment, information about the external secret may be stored on sufficiently many storage devices so that at least one storage device has this information. This information is shown as external secret access info 162N in the expanded representation of storage device 150N. In one embodiment, each storage device 150A-N may be organized in the same manner as is shown in the expanded representation of storage device 150N.] accessing an internal key stored within the device; [Miller, para. 27 discloses each storage device 150A-N may generate and utilize a key for encrypting the data that is stored on the device. Para. 66 discloses the share and external secret access information may be stored in the header of the storage device while the encrypted key may be stored on the storage device in an area inaccessible to the end user. In this embodiment, the encrypted key may only be accessible via an unlock command. In some embodiments, each storage device may store a checksum which is used to validate the final master secret.], but Miller does not teach generating a unique media encryption key for each of at least some of the one or more external keys using the internal key and the associated one of the one or more external keys, each media encryption key being associated with the external key used for generation thereof; and in response to receiving a request to perform a data operation for data associated with one of the one or more external keys, using the media encryption key associated with that external key to encrypt and/or decrypt the data.
	However, Singh does teach generating a unique media encryption key for each of at least some of the one or more external keys using the internal key and the associated one of the one or more external keys, each media encryption key being associated with the external key used for generation thereof; [Singh, para. 51 discloses To encrypt the I/O data, encryption/decryption module 340 may generate an MEK and encrypt the MEK with an SKEK. The encryption/decryption module 340 may generate a random MEK for each received write request. Encryption/decryption module 340 then encrypts the I/O data with the encrypted MEK prior to storing the encrypted I/O data in virtual disk 225a. In this example, I/O data in request 325 may be encrypted in seven independent parts because virtual disk 225a is associated with seven different persistent storage devices.] and in response to receiving a request to perform a data operation for data associated with one of the one or more external keys, using the media encryption key associated with that external key to encrypt and/or decrypt the data. [Singh, para. 51 discloses For example, a portion of the I/O data may be stored in a slice 410a as shown in FIG. 4. The MEK will be encrypted by the SKEK for disk 1 prior to using the encrypted MEK to encrypt the portion of I/O data to be stored in slice 410a. Similarly, if a portion of the I/O data is to be stored in a slice 410b, as shown in FIG. 4, then the MEK may be encrypted by the SKEK for disk 2 prior to using the encrypted MEK to encrypt the portion of I/O data to be stored in slice 410b. A similar process may be used to for remaining I/O data to the other storage devices in virtual disk 225a.]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling to combine Singh’s system with Miller’s system, with a motivation to receives request 325 and starts processing the request. In particular, encryption/decryption module 340 may parse request 325 to identify the start address and the end address of virtual disk 225a. Encryption/decryption module 340 then determines whether the start address and the end address are valid. [Singh, para. 50]

As per claim 2, modified Miller teaches the device-implemented method of claim 1, wherein the internal key is generated internal to the device. [Miller, para. 27 discloses each storage device 150A-N may generate and utilize a key for encrypting the data that is stored on the device]

As per claim 3, modified Miller teaches the device-implemented method of claim 2, wherein the internal key is stored in non-volatile memory of the device in wrapped form. [Miller, para. 27 discloses each storage device 150A-N may generate and utilize a key for encrypting the data that is stored on the device. These unencrypted keys may be encrypted using final master secret 128 and a device-specific value. Each of the resultant encrypted keys 155A-N may be stored on a corresponding storage device 150A-N.]

As per claim 4, modified Miller teaches the device-implemented method of claim 1, wherein the one or more external keys and the media encryption keys are only stored, in the device, in volatile memory. [Miller, para. 46 discloses storage device 150N may also include volatile memory for storing a decrypted key with which reads and writes may be executed. Generally speaking, storage device 150N may use the decrypted key during the reading and writing of data to storage device 150N. When storage device 150N is powered up, there may be an initialization process to get storage device 150N into an operational state. Para. 56 discloses  Each storage device 250A-N may retrieve a corresponding key from RAM 230 and use this key to encrypt and decrypt data during reads and writes from the storage device. Alternatively, each storage device 250A-N may include a portion of volatile memory, and a key may be stored in this volatile memory on the corresponding storage device. Other possibilities of locations for storing the decrypted keys are possible and are contemplated.]

As per claim 5, modified Miller teaches the device-implemented method of claim 1, wherein the device is configured to prohibit transfer of the internal key in any form to outside of the device. [Miller, para. 36 discloses if the logic for generating shares and secrets and/or encrypting keys is located within a shelf or within a storage device, then the shares, secrets, and/or encrypted keys may not be conveyed from the storage controller to the storage devices 150A-N as shown in FIG. 1.]

Regarding claim 6, modified Miller teaches the device-implemented method of claim 1, but Miller does not teach wherein several of the external keys are individually associated with unique data stored at different locations in a same logical block address range.
However, Singh does teach wherein several of the external keys are individually associated with unique data stored at different locations in a same logical block address range. [Singh, para. 49 discloses virtual machine server 215 receives KEKs 350 and combines them with the start address, and the end address to generate SKEKs 355. SKEKs 355 includes an SKEK for each persistent storage device in the virtual disk. For example, for virtual disk 225a, the SKEK for disk 1 is “(Disk-1(KEK)+Start1+End1).” The SKEK for disk 2 is “(Disk-2(KEK)+Start1+End1).” The SKEK for disk 3 is “(Disk-3(KEK)+Start1+End1).” The SKEK for disk 3 is “(Disk-3(KEK)+Start1+End1).” The SKEK for disk 4 is “(Disk-4(KEK)+Start1+End1).” The SKEK for disk 5 is “(Disk-5(KEK)+Start1+End1).” The SKEK for disk 6 is “(Disk-6(KEK)+Start1+End1).” The SKEK for disk 7 is “(Disk-7(KEK)+Start1+End1).” At stage H, virtual machine server 215 updates request 325 with SKEKs 355 and transmits request 325 to data storage system 220.]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling to combine Singh’s system with Miller’s system, with a motivation to receives request 325 and starts processing the request. In particular, encryption/decryption module 340 may parse request 325 to identify the start address and the end address of virtual disk 225a. Encryption/decryption module 340 then determines whether the start address and the end address are valid. [Singh, para. 50]

Regarding claim 7, modified Miller teaches the device-implemented method of claim 1, but Miller does not teach wherein at least one of the media encryption keys is created using more than one internal key.
However, Singh does teach wherein at least one of the media encryption keys is created using more than one internal key. [Singh, para. 54 discloses The start address and the end address may be used along with the SKEK for a particular physical disk to encrypt the MEK. Because virtual disk 225a includes seven persistent storage devices, seven KEKs along with the start address and end address of virtual disk 225a may be used to generate the SKEKs. For example, as shown virtual disk 225a, the SKEKs includes the following: “(Disk-1(KEK)+Start1+End1)+(Disk-2(KEK)+Start1+End1)+(Disk-3(KEK)+Start1+End1)+(Disk-4(KEK)+Start1+End1)+(Disk-5(KEK)+Start1+End1)+(Disk-6(KEK)+Start1+End1)+(Disk-7(KEK)+Start1+End1),” where Start1 refers to the start address and End1 refers to the end address of virtual disk 225a.]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling to combine Singh’s system with Miller’s system, with a motivation to receives request 325 and starts processing the request. In particular, encryption/decryption module 340 may parse request 325 to identify the start address and the end address of virtual disk 225a. Encryption/decryption module 340 then determines whether the start address and the end address are valid. [Singh, para. 50]

Regarding claim 9, Miller teaches a computer program product for enabling crypto-erase, the computer program product comprising a computer readable storage medium having program instructions embodied therewith, the program instructions executable by a device configured to perform data operations on a storage medium to cause the device to perform the method of claim 1. [Miller, para. 79 discloses one or more portions of the methods and mechanisms described herein may form part of a cloud-computing environment. In such embodiments, resources may be provided over the Internet as services according to one or more various models. Such models may include Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS). In IaaS, computer infrastructure is delivered as a service. In such a case, the computing equipment is generally owned and operated by the service provider. In the PaaS model, software tools and underlying equipment used by developers to develop software solutions may be provided as a service and hosted by the service provider. SaaS typically includes a service provider licensing software as a service on demand. The service provider may host the software, or may deploy the software to a customer for a given period of time. Numerous combinations of the above models are possible and are contemplated.], the remaining limitations are similar to limitations within claim 1, therefore, they are rejected in a similar manner.

Regarding claim 10, Miller teaches a system, comprising: the device configured to perform the data operations on the storage medium, the device having a processor and logic integrated with the processor, executable by the processor, or integrated with and executable by the processor, the logic being configured to cause the device to perform the method of claim 1. [Miller, para. 26 discloses a generalized block diagram of one embodiment of a storage system 100 is shown. The storage system 100 may include storage controller 110 and storage devices 150A-N which are included within shelves 140 and 145. Storage controller 110 may implement a secret sharing algorithm in combination with the use of one or more external secrets 124 to prevent unauthorized access to storage devices 150A-N. Depending on the embodiment, external secret(s) 124 may include password(s), secret(s) stored on universal serial bus (USB) key token(s), secret(s) stored on secure smart card(s), secret(s) stored on remote server(s) accessible by network, and/or secret(s) stored on other device(s).], the remaining limitations are similar to limitations within claim 1, therefore, they are rejected in a similar manner.

Regarding claim 11, Miller teaches a device-implemented method, accessing an internal key stored within the device; [Miller, para. 27 discloses each storage device 150A-N may generate and utilize a key for encrypting the data that is stored on the device. Para. 66 discloses the share and external secret access information may be stored in the header of the storage device while the encrypted key may be stored on the storage device in an area inaccessible to the end user. In this embodiment, the encrypted key may only be accessible via an unlock command. In some embodiments, each storage device may store a checksum which is used to validate the final master secret.], but Miller does not teach comprising: receiving, at a device configured to perform data operations on a storage medium, a request to write first data to the storage medium in encrypted form using a first external key associated with the first data; generating a first media encryption key using the internal key and the first external key; encrypting the first data using the first media encryption key; writing the encrypted first data to the storage medium in a first logical block address range of the storage medium; receiving, at the device, a second request to write second data to the storage medium in encrypted form using a second external key associated with the second data; generating a second media encryption key using the internal key and the second external key; encrypting the second data using the second media encryption key; and writing the encrypted second data to the storage medium in the first logical block address range of the storage medium. 
However, Singh does teach comprising: receiving, at a device configured to perform data operations on a storage medium, a request to write first data to the storage medium in encrypted form using a first external key associated with the first data; [Singh, para. 45 discloses an application in virtual machine 100a performs an I/O operation such as a request 325. Request 325 may be a write operation to or a read operation from data storage system 220. Request 325 may include an identifier of the virtual machine that initiated the request. At stage B, hypervisor 210 processes request 325 prior to its transmission to data storage system 220. During the processing, hypervisor 210 identifies the virtual disk mapped to virtual machine 100a using mapping table 310 based on the virtual machine identifier included in request 325. Mapping table 310 associates each virtual machine to its corresponding or assigned virtual disk. Mapping table 310 may use identifiers, for example, virtual machine identifiers and virtual disks identifiers for the association.] generating a first media encryption key using the internal key and the first external key; [Singh, Para. 49 discloses virtual machine server 215 receives KEKs 350 and combines them with the start address, and the end address to generate SKEKs 355. SKEKs 355 includes an SKEK for each persistent storage device in the virtual disk. For example, for virtual disk 225a, the SKEK for disk 1 is “(Disk-1(KEK)+Start1+End1).” The SKEK for disk 2 is “(Disk-2(KEK)+Start1+End1).” The SKEK for disk 3 is “(Disk-3(KEK)+Start1+End1).” The SKEK for disk 3 is “(Disk-3(KEK)+Start1+End1).” The SKEK for disk 4 is “(Disk-4(KEK)+Start1+End1).” The SKEK for disk 5 is “(Disk-5(KEK)+Start1+End1).” The SKEK for disk 6 is “(Disk-6(KEK)+Start1+End1).” The SKEK for disk 7 is “(Disk-7(KEK)+Start1+End1).”] encrypting the first data using the first media encryption key; [Singh, para. 51 discloses to encrypt the I/O data, encryption/decryption module 340 may generate an MEK and encrypt the MEK with an SKEK. The encryption/decryption module 340 may generate a random MEK for each received write request. Encryption/decryption module 340 then encrypts the I/O data with the encrypted MEK prior to storing the encrypted I/O data in virtual disk 225a.] writing the encrypted first data to the storage medium in a first logical block address range of the storage medium; [Singh, para. 51 discloses Encryption/decryption module 340 then encrypts the I/O data with the encrypted MEK prior to storing the encrypted I/O data in virtual disk 225a. In this example, I/O data in request 325 may be encrypted in seven independent parts because virtual disk 225a is associated with seven different persistent storage devices. For example, a portion of the I/O data may be stored in a slice 410a as shown in FIG. 4. The MEK will be encrypted by the SKEK for disk 1 prior to using the encrypted MEK to encrypt the portion of I/O data to be stored in slice 410a. Similarly, if a portion of the I/O data is to be stored in a slice 410b, as shown in FIG. 4, then the MEK may be encrypted by the SKEK for disk 2 prior to using the encrypted MEK to encrypt the portion of I/O data to be stored in slice 410b. A similar process may be used to for remaining I/O data to the other storage devices in virtual disk 225a.] receiving, at the device, a second request to write second data to the storage medium in encrypted form using a second external key associated with the second data; [Singh, para. 45 discloses an application in virtual machine 100a performs an I/O operation such as a request 325. Request 325 may be a write operation to or a read operation from data storage system 220. Request 325 may include an identifier of the virtual machine that initiated the request. At stage B, hypervisor 210 processes request 325 prior to its transmission to data storage system 220. During the processing, hypervisor 210 identifies the virtual disk mapped to virtual machine 100a using mapping table 310 based on the virtual machine identifier included in request 325. Mapping table 310 associates each virtual machine to its corresponding or assigned virtual disk. Mapping table 310 may use identifiers, for example, virtual machine identifiers and virtual disks identifiers for the association.] generating a second media encryption key using the internal key and the second external key; [Singh, Para. 49 discloses virtual machine server 215 receives KEKs 350 and combines them with the start address, and the end address to generate SKEKs 355. SKEKs 355 includes an SKEK for each persistent storage device in the virtual disk. For example, for virtual disk 225a, the SKEK for disk 1 is “(Disk-1(KEK)+Start1+End1).” The SKEK for disk 2 is “(Disk-2(KEK)+Start1+End1).” The SKEK for disk 3 is “(Disk-3(KEK)+Start1+End1).” The SKEK for disk 3 is “(Disk-3(KEK)+Start1+End1).” The SKEK for disk 4 is “(Disk-4(KEK)+Start1+End1).” The SKEK for disk 5 is “(Disk-5(KEK)+Start1+End1).” The SKEK for disk 6 is “(Disk-6(KEK)+Start1+End1).” The SKEK for disk 7 is “(Disk-7(KEK)+Start1+End1).”] encrypting the second data using the second media encryption key; [Singh, para. 51 discloses to encrypt the I/O data, encryption/decryption module 340 may generate an MEK and encrypt the MEK with an SKEK. The encryption/decryption module 340 may generate a random MEK for each received write request. Encryption/decryption module 340 then encrypts the I/O data with the encrypted MEK prior to storing the encrypted I/O data in virtual disk 225a.] and writing the encrypted second data to the storage medium in the first logical block address range of the storage medium. [Singh, para. 51 discloses Encryption/decryption module 340 then encrypts the I/O data with the encrypted MEK prior to storing the encrypted I/O data in virtual disk 225a. In this example, I/O data in request 325 may be encrypted in seven independent parts because virtual disk 225a is associated with seven different persistent storage devices. For example, a portion of the I/O data may be stored in a slice 410a as shown in FIG. 4. The MEK will be encrypted by the SKEK for disk 1 prior to using the encrypted MEK to encrypt the portion of I/O data to be stored in slice 410a. Similarly, if a portion of the I/O data is to be stored in a slice 410b, as shown in FIG. 4, then the MEK may be encrypted by the SKEK for disk 2 prior to using the encrypted MEK to encrypt the portion of I/O data to be stored in slice 410b. A similar process may be used to for remaining I/O data to the other storage devices in virtual disk 225a.]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling to combine Singh’s system with Miller’s system, with a motivation to receives request 325 and starts processing the request. In particular, encryption/decryption module 340 may parse request 325 to identify the start address and the end address of virtual disk 225a. Encryption/decryption module 340 then determines whether the start address and the end address are valid. [Singh, para. 50]

Regarding claim 12, it recites features similar to features within claim 2, therefore, it is rejected in a similar manner.

As per claim 13, modified Miller teaches the device-implemented method of claim 11, comprising receiving the external keys from one or more external sources. [Miller, para. 29 discloses the external secret access information 162 cannot be used to derive the external secret(s) 124, but the information 162 indicates how the external secret(s) 124 can be obtained. For example, in one embodiment, the information 162 might indicate that external secret 124 is stored on a USB key token and that the initial master secret 120 must be run through the USB key token to provide the final master secret 128. Information 162 may also include an identifier for use with the USB key token. In another embodiment, information 162 may specify a key exchange protocol and the internet protocol (IP) addresses of one or more servers to contact to obtain external secret 124. In this embodiment, information 162 may also specify an identifier to present to the server. In one embodiment, there may be a single set of external secrets 124 for storage system 100. In this embodiment, each storage device 150 may store the same information 162 for obtaining external secrets 124.]

Regarding claim 14 – 15, they recite features similar to features within claim 4 - 5, therefore, they are rejected in a similar manner.

As per claim 16, modified Miller teaches the device-implemented method of claim 11, wherein the device is configured as a Key per IO device. [Miller, para. 27 disclose each storage device 150A-N may generate and utilize a key for encrypting the data that is stored on the device. These unencrypted keys may be encrypted using final master secret 128 and a device-specific value. Each of the resultant encrypted keys 155A-N may be stored on a corresponding storage device 150A-N.]

Claim 8 is rejected under 35 U.S.C. 103 as being unpatentable over US 20150127946 A1 to Miller et al., (hereinafter, “Miller”) in view of US 20210034791 A1 to Singh et al., (hereinafter, “Singh”) in further view of US 10205594 B1 to Kaufman.
Regarding claim 8, modified Miller teaches the device-implemented method of claim 1, but modified Miller does not teach comprising performing crypto-erase of data written using the one or more media encryption keys created using the internal key by destroying the internal key and all associated media encryption key(s) in the device created using that internal key. 
However, Kaufman does teach comprising performing crypto-erase of data written using the one or more media encryption keys created using the internal key by destroying the internal key and all associated media encryption key(s) in the device created using that internal key. [Kaufman, col. 8 lines 54 – 65 discloses the key server 210 receives the status request 232. The key server may be set to enable one or more keys or disable one or more keys. A key is enabled if the key server sends the key in response to the status request or the key server sends a response indicating that the key would be sent if requested. A key is disabled if the key is not sent in response to the status request and/or a response indicating the key would not be sent if requested. Keys may be disabled by deleting one or more keys off the key server, deleting an encryption key used to encrypt one or more keys, or otherwise stopping the key server from sending one or more keys to one or more clients.]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling to combine Kaufman’s system with modified Miller’s system, with a motivation for a key stored on a key server may be disabled or made unavailable to prevent an unauthorized party from obtaining a copy of the key stored on the key server. [Kaufman, col. 8 lines 66 – 67 to col. 9 lines 1 – 2]

Claims 17 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over US 10205594 B1 to Kaufman in view of US 20210034791 A1 to Singh et al., (hereinafter, “Singh”).
Regarding claim 17, Kaufman teaches a device-implemented method for crypto-erase, the method comprising: receiving, at a device configured to perform data operations on a storage medium using Key per IO operation, a request to cause crypto-erasure of all data in at least one logical block address range of the storage medium, [Kaufman, col. 3 lines 5 – 14 disclose The retry time intervals and time out period enables uninterrupted access to data storage during the time out period while enabling the storage system to shut down and/or delete keys if instructed to do so by the key server and/or if connectivity to the key server is lost for a pre-determined period of time. The retry time interval enables the data storage to continue operating for a predetermined period of time until a response confirming the key is unavailable is received or until a time out expires. This retry time interval enables a reduced error rate in shutting down the data storage where there is a technical issue with the key server or loss of network connectivity at the key server.] and achieving the crypto-erase by destroying the internal key and all media encryption key(s) associated therewith in the device. [Kaufman, col. 3 lines 19 – 26 disclose the key failure action includes deleting the one or more keys, shutting down all or part of the data storage, and/or initiating a reboot of the data storage. Shutting down the data storage and/or rebooting the data storage deletes local copies of the key(s) stored in volatile memory on the data storage to prevent unauthorized access to key(s). The key failure action protects encrypted data stored on the data storage and reduces likelihood of unauthorized access of data.], but Kaufman does not teach individual portions of the data in the at least one logical block address range each being associated with a unique external key, the individual portions of the data each being encrypted using a unique media encryption key created using an internal key and the unique external key associated with the portion of the data.
However, Singh does teach individual portions of the data in the at least one logical block address range each being associated with a unique external key, the individual portions of the data each being encrypted using a unique media encryption key created using an internal key and the unique external key associated with the portion of the data. [Singh, para. 39 discloses Encryption/decryption module 340 may comprise any system, device, or apparatus configured to encrypt data for storage on one or more of virtual disks 225a-225d and/or encrypt data read from one or more of virtual disks 225a-225d. Encryption/decryption module 340 may be configured to execute multiple cryptographic functions such as encryption algorithms, algorithm modes, cryptographic hashes, and/or cryptographic sign functions. Para. 51 discloses to encrypt the I/O data, encryption/decryption module 340 may generate an MEK and encrypt the MEK with an SKEK. The encryption/decryption module 340 may generate a random MEK for each received write request. Encryption/decryption module 340 then encrypts the I/O data with the encrypted MEK prior to storing the encrypted I/O data in virtual disk 225a. In this example, I/O data in request 325 may be encrypted in seven independent parts because virtual disk 225a is associated with seven different persistent storage devices. For example, a portion of the I/O data may be stored in a slice 410a as shown in FIG. 4. The MEK will be encrypted by the SKEK for disk 1 prior to using the encrypted MEK to encrypt the portion of I/O data to be stored in slice 410a. Similarly, if a portion of the I/O data is to be stored in a slice 410b, as shown in FIG. 4, then the MEK may be encrypted by the SKEK for disk 2 prior to using the encrypted MEK to encrypt the portion of I/O data to be stored in slice 410b. A similar process may be used to for remaining I/O data to the other storage devices in virtual disk 225a.]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling to combine Singh’s system with Miller’s system, with a motivation to receives request 325 and starts processing the request. In particular, encryption/decryption module 340 may parse request 325 to identify the start address and the end address of virtual disk 225a. Encryption/decryption module 340 then determines whether the start address and the end address are valid. [Singh, para. 50]

Regarding claim 20, modified Kaufman teaches a system, comprising: the device configured to perform the data operations on the storage medium, the device having a processor and logic integrated with the processor, executable by the processor, or integrated with and executable by the processor, the logic being configured to cause the device to perform the method of claim 17. [Kaufman, col. 2 lines 45 – 50 disclose a computing system may include a single computing device, a set of one or more computing devices, and/or a data storage system. A data storage system includes, without limitation, a set of one or more data storage devices. In some examples, a data storage array may be implemented as part of cloud storage. Col. 3 lines 52 – 67 to col. 4 lines 1 – 3 disclose Computing device 102 in this example represents any type of computing device executing instructions (e.g., as application programs, operating system functionality, or both) to implement the operations and functionality associated with the computing device 102. The computing device 102 includes a plurality of hardware components and a plurality of software components. The computing device 102 may be implemented as a data processing system, a data storage device, cloud storage, a personal computer, kiosk, tabletop device, industrial control device, wireless charging station, an electric automobile charging station, or any other type of computing device utilizing one or more cryptographic keys to encrypt or decrypt data. A data storage device is typically either a spinning magnetic disk or a solid state drive. A data storage device in some examples includes, without limitation, one or more hard disks, one or more flash drives, as well as any other type of device for storing data.], the remaining limitations are similar to limitations within claim 17, therefore, they are rejected in a similar manner.

Claims 18 – 19 are rejected under 35 U.S.C. 103 as being unpatentable over US 10205594 B1 to Kaufman in view of US 20210034791 A1 to Singh et al., (hereinafter, “Singh”) in further view of US 20150127946 A1 to Miller et al., (hereinafter, “Miller”).
Regarding claim 18, modified Kaufman teaches the device-implemented method of claim 17, but modified Kaufman does not teach wherein the external keys and the media encryption keys are only stored, in the device, in volatile memory.
	However, Miller teaches wherein the external keys and the media encryption keys are only stored, in the device, in volatile memory. [Miller, para. 46 discloses storage device 150N may also include volatile memory for storing a decrypted key with which reads and writes may be executed. Generally speaking, storage device 150N may use the decrypted key during the reading and writing of data to storage device 150N. When storage device 150N is powered up, there may be an initialization process to get storage device 150N into an operational state. Para. 56 discloses  Each storage device 250A-N may retrieve a corresponding key from RAM 230 and use this key to encrypt and decrypt data during reads and writes from the storage device. Alternatively, each storage device 250A-N may include a portion of volatile memory, and a key may be stored in this volatile memory on the corresponding storage device. Other possibilities of locations for storing the decrypted keys are possible and are contemplated.]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling to combine Miller’s system with modified Kaufman’s system, with a motivation to retain encrypted key 155N, which is non-useable until it is decrypted to recreate the original key which was used to encrypt the data (encrypted data 170N) stored on device 150N. [Miller, para. 46]

Regarding claim 19, modified Kaufman teaches the device-implemented method of claim 17, but modified Kaufman does not teach wherein the device is configured to prohibit transfer of the internal key in any form to outside of the device.
However, Miller teaches wherein the device is configured to prohibit transfer of the internal key in any form to outside of the device. [Miller, para. 36 discloses if the logic for generating shares and secrets and/or encrypting keys is located within a shelf or within a storage device, then the shares, secrets, and/or encrypted keys may not be conveyed from the storage controller to the storage devices 150A-N as shown in FIG. 1.]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling to combine Miller’s system with modified Kaufman’s system, with a motivation for the shares, secrets, and/or encrypted keys may be utilized locally at their respective storage device after they are generated. [Miller, para. 36]

Conclusion
Pertinent prior art made of record however not replied upon includes:
US 9594698 B2 to Koning et al.
“A method and system self encrypts a disk storage device. Given a plurality of data storage devices, the system establishes an encryption key for the plurality of data storage devices. The system locally stores the encryption key in a piecewise manner throughout the plurality of data storage devices such that the encryption key is rendered undeterminable with less than a threshold subset of the plurality of data storage devices. This results in the plurality of data storage devices being self encrypting. Upon an increase or decrease in the plurality, the system resplits the encryption key and locally stores the resulting pieces throughout the changed (increased/decreased) plurality of data storage devices. This renders the encryption key undeterminable with less than a new or revised threshold each time the plurality is changed.”

Any inquiry concerning this communication or earlier communications from the examiner should be directed to Phuc Pham whose telephone number is (571)272-8893. The examiner can normally be reached Monday - Thursday 7:30 AM - 4:30 PM; Friday 8:00 AM - 12:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kambiz Zand can be reached on (571)272-3811. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/P.P./Patent Examiner, Art Unit 2434                                                                                                                                                                                                        

/KAMBIZ ZAND/Supervisory Patent Examiner, Art Unit 2434