Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
This office action is in response to the communication filed on 9/14/2022.
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 9/14/2022 has been entered.
 Response to Arguments
The examiner has considered the applicants’ arguments finds them partly persuasive (as indicated in the advisory action mailed 8/23/2022).  As such the previous rejections and objections have been withdrawn. However, new rejections have been made, further in light of the teachings of Arrelid et al. as shown below. 
For brevity, the examiner has not repeated the response to arguments that were presented in the advisory action, but the examiner still maintains those responses to be valid and applicable to the rejection presented below.
All objections and rejections not set forth below have been withdrawn. 
Claims 1, 3-12, and 14-19 have been examined.


Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


Claims 1, 3-6, 9, 12 and 14-15 are rejected under 35 U.S.C. 103 as being unpatentable over Kanno (US Patent Application Publication Number 2019/0362081), and further in view of Arrelid et al. (US Patent Application Publication Number 2013/0139271).

Regarding claim 1, Kanno disclosed a solid-state data storage device (Kanno Fig. 3 or Fig. 6, for example), comprising: 
a storage device controller (Kanno Fig. 3 or Fig. 6, for example); 
solid-state memory (Kanno Fig. 3 or Fig. 6, for example); and 
an inline encryption engine, embedded in the storage device controller, for: 
receiving data blocks from a host, wherein the data blocks are generated by a plurality of different users working with a plurality of applications (Kanno Paragraphs 0078 and 0106-0108 for example), and 
wherein each different user working with a different one of the plurality of applications forms a respective user and application combination (Kanno Paragraphs 0078 and 0106-0108 for example);
encrypting the data blocks received from the host using a set of encryption keys and writing the encrypted data blocks into the solid-state memory, wherein data blocks having lifetimes associated with the same user and application combination are encrypted using the same encryption key (Kanno Figs. 3 and 6, Paragraphs 0074, 0106-0108, 0114-0115, and Fig. 30, Paragraphs 0243-0247 for example).
Kanno did not explicitly teach identifying each different user working with a different one of the plurality of application as a respective user and application combination.
Arrelid taught a system in which different users work with a variety of different applications, and Arrelid taught identifying each different user working with a different one of the plurality of application as a respective user and application combination in order to allow the system to track permissions for each user and application (Arrelid Paragraphs 0093 and 0065-0074 for example).
It would have been obvious to the person having ordinary skill in the art before the effective filing date of the invention to have employed the teachings of Arrelid in the system of Kanno by identifying combinations of users and applications and their respective permissions.  This would have been obvious to the person having ordinary skill in the art because the person having ordinary skill in the art would have been motivated to track user application permissions as well as to allow mimic user’s application permissions and configurations across multiple devices.


Regarding claim 12, Kanno disclosed a method for storing encrypted data blocks in a solid-state data storage device including an embedded inline encryption engine (Kanno Fig. 3 or Fig. 6, for example), comprising: 
receiving data blocks from a host, wherein the data blocks are generated by a plurality of different users working with a plurality of applications (Kanno Paragraphs 0078 and 0106-0108 for example); and
 wherein each different user working a different one of the plurality of applications forms a respective user and application combination (Kanno Paragraphs 0078 and 0106-0108 for example);
encrypting, using the inline encryption engine, the data blocks received from the host using a set of encryption keys, wherein data blocks having lifetimes associated with the same user and application combination are encrypted using the same encryption key (Kanno Figs. 3 and 6, Paragraphs 0074, 0106-0108, 0114-0115, and Fig. 30, Paragraphs 0243-0247 for example); and 
writing the encrypted data blocks into a solid-state memory of the solid-state data storage device (Kanno Figs. 3 and 6, Paragraphs 0074, 0106-0108, 0114-0115, and Fig. 30, Paragraphs 0243-0247 for example).
Kanno did not explicitly teach identifying each different user working with a different one of the plurality of application as a respective user and application combination.
Arrelid taught a system in which different users work with a variety of different applications, and Arrelid taught identifying each different user working with a different one of the plurality of application as a respective user and application combination in order to allow the system to track permissions for each user and application (Arrelid Paragraphs 0093 and 0065-0074 for example).
It would have been obvious to the person having ordinary skill in the art before the effective filing date of the invention to have employed the teachings of Arrelid in the system of Kanno by identifying combinations of users and applications and their respective permissions.  This would have been obvious to the person having ordinary skill in the art because the person having ordinary skill in the art would have been motivated to track user application permissions as well as to allow mimic user’s application permissions and configurations across multiple devices.

Regarding claims 3 and 14, Kanno and Arrelid taught that the host provides the data blocks and the set of encryption keys to the inline encryption engine (Kanno Figs. 3 and 6, Paragraphs 0074, 0106-0108, 0114-0115, and 0171-0174 for example).
Regarding claims 4 and 15, Kanno and Arrelid taught that the set of encryption keys are pre-loaded into the inline encryption engine, and wherein the host provides the data blocks and IDs of the encryption keys to be used to encrypt the data blocks to the inline encryption engine (Kanno Figs. 3 and 6, Paragraphs 0074, 0106-0108, 0114-0115, and Fig. 30, Paragraphs 0243-0247 for example).
Regarding claim 5, Kanno and Arrelid taught that the storage device controller includes n write-active erase units E.sub.1, E.sub.2, . . . E.sub.n, where n > 1 (Kanno Fig. 8 and Paragraphs 0093, and 0159-0163 for example).
Regarding claim 6, Kanno and Arrelid taught that for each data block, the inline encryption engine is configured to encrypt the data block using a corresponding encryption key from the set of encryption keys (Kanno Figs. 3 and 6, Paragraphs 0074, 0106-0108, 0114-0115, and Fig. 30, Paragraphs 0243-0247 for example), and wherein the storage device controller is configured to apply a hash function to the corresponding encryption key to obtain a corresponding hashed encryption key h.sub.i (Kanno Paragraphs 0062, 0081, and 0105 for example).
Regarding claim 9, Kanno and Arrelid taught that the storage device controller further includes an enhanced logical block address (LBA) to physical block address (PBA) mapping table, the enhanced LBA-PBA mapping table including, for each data block, a mapping of the LBA of the data block to its associated PBA in the solid-state memory together with a hashed encryption key h.sub.i (Kanno Paragraphs 0080-0081, and 0105 for example).




Claims 7, 8, 10, 11, and 16-19 are rejected under 35 U.S.C. 103 as being unpatentable over Kanno and Arrelid, and further in view of Stephens (US Patent Application Publication Number 2011/0219168).
Regarding claims 7 and 16, Kanno and Arrelid did not explicitly teach the storage device controller is configured to write the encrypted data block into an write-active erase unit E.sub.m, wherein m=h.sub.i mod n.  Kanno did teach using a lookup table which uses the hash of the encryption key to map to a physical block in the flash storage (Kanno Paragraph 0081).
Stephens taught a system for identifying which flash memory erase unit to write to by applying a hash to an input key and then taking that result modulo the number of erase units, producing the number of the erase unit (Stephens Paragraphs 0026-0027 for example).
It would have been obvious to the person having ordinary skill in the art before the effective filing date of the invention to have employed the teachings of Stephens in the system of Kanno and Arrelid by using the hash of the encryption key modulo the number of available blocks to determine which block to read/write data into.  This would have been obvious because the person having ordinary skill in the art would have been motivated to promote even wearing of the flash storage device.
Regarding claims 8 and 17, Kanno, Arrelid, and Stevens taught that if the write-active erase unit E.sub.m becomes full, the storage device controller is configured to seal the full write-active erase unit E.sub.m and allocate an empty erase unit as a new write-active erase unit E.sub.m (Kanno Fig. 30 and Paragraphs 0243-0247).

Regarding claim 10,  Kanno, Arrelid, and Stevens taught that the storage device controller is further configured to perform a garbage collection operation on an erase unit E.sub.r by: for each data block in the erase unit E.sub.r: using the LBA of the data block to obtain the hashed encryption key h.sub.i for the data block from the enhanced LBA-PBA mapping table (Kanno Paragraph 0080-0081 and 0243-0247); calculating m=h.sub.i mod n to determine the write-active erase unit E.sub.m where the data block is to be written (Stephens Paragraphs 0026-0027 for example); and writing the data block into the write-active erase unit E.sub.m (Kanno Paragraph 000080-0081 and 0243-0247 and Stephens Paragraphs 0026-0027 for example).
It would have been obvious to the person having ordinary skill in the art before the effective filing date of the invention to have employed the teachings of Stephens in the system of Kanno and Arrelid by using the hash of the encryption key modulo the number of available blocks to determine which block to read/write data into.  This would have been obvious because the person having ordinary skill in the art would have been motivated to promote even wearing of the flash storage device.

Regarding claim 11, Kanno, Arrelid, and Stevens taught that if the write-active erase unit E.sub.m becomes full, the storage device controller is configured to seal the full write-active erase unit E.sub.m and allocate an empty erase unit as a new write-active erase unit E.sub.m (Kanno Fig. 30 and Paragraphs 0243-0247).

Regarding claim 18, Kanno, Arrelid, and Stevens taught providing an enhanced logical block address (LBA) to physical block address (PBA) mapping table, the enhanced LBA-PBA mapping table including, for each data block, a mapping of the LBA of the data block to its associated PBA in the solid-state memory together with the hashed encryption key h.sub.i (Kanno Paragraphs 0080-0081 and 0105 for example).

Regarding claim 19, Kanno, Arrelid, and Stevens taught performing a garbage collection operation on an erase unit E.sub.r by: for each data block in the erase unit E.sub.r: using the LBA of the data block to obtain the hashed encryption key h.sub.i for the data block from the enhanced LBA-PBA mapping table (Kanno Paragraph 0080-0081 and 0243-0247); calculating m=h.sub.i mod n to determine the write-active erase unit E.sub.m where the data block is to be written (Stephens Paragraphs 0026-0027 for example); and writing the data block into the write-active erase unit E.sub.m (Kanno Paragraph 000080-0081 and 0243-0247 and Stephens Paragraphs 0026-0027 for example).
It would have been obvious to the person having ordinary skill in the art before the effective filing date of the invention to have employed the teachings of Stephens in the system of Kanno and Arrelid by using the hash of the encryption key modulo the number of available blocks to determine which block to read/write data into.  This would have been obvious because the person having ordinary skill in the art would have been motivated to promote even wearing of the flash storage device.

Conclusion
Claims 1, 3-12, and 14-19 have been rejected.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MATTHEW T HENNING whose telephone number is (571)272-3790. The examiner can normally be reached Monday- Thursday 9AM-5PM EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ashok Patel can be reached on (571)272-3972. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/MATTHEW T HENNING/            Primary Examiner, Art Unit 2491