DETAILED ACTION
This first non-final action is in response to applicants’ preliminary amendment filed on 11/10/2021. Claims 21-40 are currently pending and have been considered as follows.
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
Drawings
The drawings filed on 09/08/2021 are accepted.
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 11/10/2021 has been placed in the application file, and the information referred therein has been considered as to the merits.
Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Parent Patent No. 10,671,762 B2
Claims 21-24, 29-32, 37, and 40 are rejected on the ground of nonstatutory obviousness-type double patenting as being unpatentable over Claims 1 and 13 of parent U.S. Patent No. 10,671,762 B2 (common inventive entity and assignee) in view of prior art Kwon et al. (US 20120215959 A1).  Although the claims at issue are not identical, they are not patentably distinct from each other because the examined application Claims 21-24, 29-32, 37, and 40 are an obvious variation of Claims 1 and 13 of the parent patent in view of the prior art reference Kwon.  All the elements of Claims 21-24, 29-32, 37, and 40 of the instant application are found within the scope of Claims 1 and 13 of parent U.S. Patent No. 10,671,762 B2 except for the features of “a control circuit configured to manage a cache formed from volatile memory, wherein the cache is configured to store main memory data to reduce latency in accessing the main memory”, “the volatile memory comprises dynamic random access memory (DRAM)”, and “wherein the volatile memory is external to the integrated circuit”.
However, the analogous prior art Kwon does disclose “a control circuit configured to manage a cache formed from volatile memory, wherein the cache is configured to store main memory data to reduce latency in accessing the main memory” (e.g. Kwon “Many data processing devices may include a processor that processes data read out from a main memory, such as a dynamic random access memory (DRAM). The data processing devices may include a cache memory system to reduce a potential bottleneck phenomenon during data processing due to a speed difference between the main memory and the processor” [0003]; “a cache memory may store data that is accessed often from the main memory, and may have a faster operating speed than a main memory. It may also be integrated with a processor or may be closer to the processor than a main memory, making the data access more efficient” [0026]; “A cache memory within a cache memory system may be used as an L1 (or level 1) cache or an L2 (or level 2) cache. The L1 cache, also known as a primary cache, may be accessed first by the processor and its memory capacity may be less in size than the L2 cache. The L2 cache, also called a secondary cache, may be accessed second by the processor when the processor does not find its desired data in the L1 cache” [0027]; cache controller [0006]; [0038]; [0068]), “the volatile memory comprises dynamic random access memory (DRAM)” (e.g. Kwon memory device may include DRAM [0092]), and “wherein the volatile memory is external to the integrated circuit” (e.g. Kwon Fig. 10).
It would have been an obvious modification to the invention of Claims 1 and 13 of parent U.S. Patent No. 10,671,762 B2 to include “a control circuit configured to manage a cache formed from volatile memory, wherein the cache is configured to store main memory data to reduce latency in accessing the main memory”, “the volatile memory comprises dynamic random access memory (DRAM)”, and “wherein the volatile memory is external to the integrated circuit” (as taught by Kwon) for the purpose of minimizing or reducing cache latency so that a data processing speed of CPU is improved (Kwon [0099]).  
Therefore, the invention as specified in the instant application Claims 21-24, 29-32, 37, and 40 is not patentably distinct from Claims 1 and 13 of parent U.S. Patent No. 10,671,762 B2 in view of the Kwon reference.
Parent Patent No. 11,138,346 B2
Claims 21-24, 27-32, and 35-40 are rejected on the ground of nonstatutory obviousness-type double patenting as being unpatentable over Claims 17-19 of parent U.S. Patent No. 11,138,346 B2 (common inventive entity and assignee) in view of prior art Kwon et al. (US 20120215959 A1).  Although the claims at issue are not identical, they are not patentably distinct from each other because the examined application Claims 21-24, 27-32, and 35-40 are an obvious variation of Claims 17-19 of the parent patent in view of the prior art reference Kwon.  All the elements of Claims 21-24, 27-32, and 35-40 of the instant application are found within the scope of Claims 17-19 of the parent patent except for the features of “a control circuit configured to manage a cache formed from volatile memory, wherein the cache is configured to store main memory data to reduce latency in accessing the main memory”, “the volatile memory comprises dynamic random access memory (DRAM)”, and “wherein the volatile memory is external to the integrated circuit”.
However, the analogous prior art Kwon does disclose “a control circuit configured to manage a cache formed from volatile memory, wherein the cache is configured to store main memory data to reduce latency in accessing the main memory” (e.g. Kwon “Many data processing devices may include a processor that processes data read out from a main memory, such as a dynamic random access memory (DRAM). The data processing devices may include a cache memory system to reduce a potential bottleneck phenomenon during data processing due to a speed difference between the main memory and the processor” [0003]; “a cache memory may store data that is accessed often from the main memory, and may have a faster operating speed than a main memory. It may also be integrated with a processor or may be closer to the processor than a main memory, making the data access more efficient” [0026]; “A cache memory within a cache memory system may be used as an L1 (or level 1) cache or an L2 (or level 2) cache. The L1 cache, also known as a primary cache, may be accessed first by the processor and its memory capacity may be less in size than the L2 cache. The L2 cache, also called a secondary cache, may be accessed second by the processor when the processor does not find its desired data in the L1 cache” [0027]; cache controller [0006]; [0038]; [0068]), “the volatile memory comprises dynamic random access memory (DRAM)” (e.g. Kwon memory device may include DRAM [0092]), and “wherein the volatile memory is external to the integrated circuit” (e.g. Kwon Fig. 10).
It would have been an obvious modification to the invention of Claims 17-19 of parent U.S. Patent No. 11,138,346 B2 to include “a control circuit configured to manage a cache formed from volatile memory, wherein the cache is configured to store main memory data to reduce latency in accessing the main memory”, “the volatile memory comprises dynamic random access memory (DRAM)”, and “wherein the volatile memory is external to the integrated circuit” (as taught by Kwon) for the purpose of minimizing or reducing cache latency so that a data processing speed of CPU is improved (Kwon [0099]).  
Therefore, the invention as specified in the instant application Claims 21-24, 27-32, and 35-40 is not patentably distinct from Claims 17-19 of parent U.S. Patent No. 11,138,346 B2 in view of the Kwon reference.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
Claims 21-24, 29-32, 37, and 40 are rejected under 35 U.S.C. 103 as being unpatentable over Herman et al. (US 20100229005 A1, IDS submitted 11/10/2021, hereinafter Herman) in view of DONIE et al. (US 20110022853 A1, IDS submitted 11/10/2021, hereinafter Donie), and further in view of Kwon et al. (US 20120215959 A1, hereinafter Kwon).

As to Claim 21:
Herman discloses a system (e.g. Herman FIG. 1 electronic device; system for managing data storage in non-volatile memories [Abstract]) comprising:
a non-volatile memory (e.g. Herman FIG. 1 Non-Volatile Memory), wherein at least a portion of the non-volatile memory is addressable as main memory (e.g. Herman stored data in non-volatile memory can be accessed with read or write commands [0026]);
an integrated circuit coupled to the non-volatile memory (e.g. Herman FIG. 1; “SoC control circuitry 120 can control the general operations and functions of SoC 110 and its other components. For example, responsive to user inputs or the instructions of an application, SoC control circuitry 120 can issue read or write commands to non-volatile memory interface 150 to obtain or store data from or in non-volatile memory 160. SoC control circuitry 120 can include any combination of hardware, software, and firmware, and any components, circuitry, or logic operative to drive the functionality of electronic device 100”; “SoC control circuitry 220 can include file system 222 to issue the read and write commands instructed by the application or operating system. File system 222 can include any suitable type of file system, such as a File Allocation Table (FAT) file system. With each read or write command, file system 222 can provide a logical address to indicate where the data should be read or written” [0026]), the integrated circuit including:
a cryptographic circuit (e.g. Herman FIG. 1 Encryption module [0022]) configured to employ one or more keys to encrypt data written to the main memory and decrypt data read from the main memory (e.g. Herman FIG. 2; “Encryption module 130 can be or may include any hardware or software, or combination thereof, configured to perform encryption and decryption based on a suitable cipher. For example, encryption module 130 can be based on the Advanced Encryption Standard (AES), Data Encryption Standard (DES), or RSA. Encryption module 130 can provide security for sensitive data, such as personal information or billing information, stored in non-volatile memory” [0021]; “Encryption module 130 can encrypt and decrypt data using one or more " encryption seeds" provided by SoC control circuitry 120 or non-volatile memory interface 150, which may be required by the encryption algorithm to perform encryption or decryption. In some embodiments, and particularly for AES-based encryption modules, the encryption seeds can include a key and an initialization vector ("IV"). To recover the original unencrypted data from encrypted data, the encryption seeds used for decryption may need to be the same as the seeds originally used for encryption” [0022]; [0031]; [0032]), and wherein the integrated circuit is configured to store the one or more keys within the integrated circuit (e.g. Herman SoC control circuitry includes files system which provides privacy key and initialization vector for encryption seeds [0026]; [0031]);
But Herman does not specifically disclose:
wherein data in the main memory is non-persistent with a power down of the system to simulate a volatile nature of the data;
discard the one or more keys at the power down of system to implement the non-persistent, volatile nature of the main memory; and 
a control circuit configured to manage a cache formed from volatile memory, wherein the cache is configured to store main memory data to reduce latency in accessing the main memory.
However, the analogous art Donie does disclose wherein data in the main memory is non-persistent with a power down of the system to simulate a volatile nature of the data (e.g. Donie memory device 6 [0014] which can be non-volatile [0015] stores encryption keys which are erased as part of power down, restart or shut down sequence [0024]) and discard the one or more keys at the power down of system to implement the non-persistent, volatile nature of the main memory (e.g. Donie upon detecting restart operation/power down/shut down sequence, the determined encryption keys are erased from memory device [0024]).  Herman and Donie are analogous art because they are from the same field of endeavor in cryptographic data storage.  Furthermore, the analogous art Kwon does disclose a control circuit configured to manage a cache formed from volatile memory (e.g. Kwon cache controller [0006]; [0038]; [0068] of cache memory that stores data that is accessed often from main memory [0026]; [0027]), wherein the cache is configured to store main memory data to reduce latency in accessing the main memory (e.g. Kwon “a cache memory may store data that is accessed often from the main memory, and may have a faster operating speed than a main memory. It may also be integrated with a processor or may be closer to the processor than a main memory, making the data access more efficient” [0026]; “A cache memory within a cache memory system may be used as an L1 (or level 1) cache or an L2 (or level 2) cache. The L1 cache, also known as a primary cache, may be accessed first by the processor and its memory capacity may be less in size than the L2 cache. The L2 cache, also called a secondary cache, may be accessed second by the processor when the processor does not find its desired data in the L1 cache” [0027]).  Herman and Kwon are analogous art because they are from the same field of endeavor in management of data storage and retrieval.
It would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art, having the teachings of Herman, Donie, and Kwon before him or her, to modify the system and method of Herman with the teachings of Donie and Kwon to include wherein data in the main memory is non-persistent with a power down of the system to simulate a volatile nature of the data, discard the one or more keys at the power down of system to implement the non-persistent, volatile nature of the main memory; and a control circuit configured to manage a cache formed from volatile memory, wherein the cache is configured to store main memory data to reduce latency in accessing the main memory as claimed because Herman teaches a method and system on a chip that provides secure read and write operations for decrypting and encrypting data in non-volatile memory using keys (Herman [Abstract]; FIG. 1; [0017]-[0032]) stored in non-volatile memory which could be erased upon detecting a power down, restart, or shut down sequence (Donie [0014]; [0015]; [0024]) and a cache memory managed by a cache controller (Kwon [0006]; [0026]; [0027]; [0038]; [0068]).  The suggestion/motivation for doing so would have been to prevent an unauthorized user from accessing the encryption keys to access unencrypted blocks following a restart of the system (Donie [0024]) and to minimize or reduce cache latency so that a data processing speed of CPU is improved (Kwon [0099]).  Therefore, it would have been obvious to combine Herman, Donie, and Kwon to obtain the invention as specified in the instant claim(s).
As to Claim 22:
Herman in view of Donie and Kwon discloses the system as recited in claim 21 wherein the volatile memory comprises dynamic random access memory (DRAM) (e.g. Herman “Memory 140 can include any suitable type of volatile or non-volatile memory, such as dynamic random access memory (DRAM)” [0019]).
As to Claim 23:
Herman in view of Donie and Kwon discloses the system as recited in claim 21 wherein the volatile memory is external to the integrated circuit (e.g. Herman FIG. 1 Non-Volatile Memory 160 is external to System-on-a-chip 110).
As to Claim 24:
Herman in view of Donie and Kwon discloses the system as recited in claim 21 wherein the integrated circuit comprises one or more agents configured to generate memory requests addressing the main memory (e.g. Herman FIG. 1; “SoC control circuitry 120 can control the general operations and functions of SoC 110 and its other components. For example, responsive to user inputs or the instructions of an application, SoC control circuitry 120 can issue read or write commands to non-volatile memory interface 150 to obtain or store data from or in non-volatile memory 160. SoC control circuitry 120 can include any combination of hardware, software, and firmware, and any components, circuitry, or logic operative to drive the functionality of electronic device 100” [0018]; “SoC control circuitry 220 can include file system 222 to issue the read and write commands instructed by the application or operating system. File system 222 can include any suitable type of file system, such as a File Allocation Table (FAT) file system. With each read or write command, file system 222 can provide a logical address to indicate where the data should be read or written” [0026]).
As to Claim 29:
Herman discloses a method (e.g. Herman “methods are provided for whitening or otherwise managing data for storage on a non-volatile memory, such as a NAND Flash memory” [0004]) comprising:
employing one or more keys in a cryptographic circuit (e.g. Herman FIG. 1 Encryption module [0022]) to encrypt data written to a main memory portion of a non-volatile memory and decrypt data read from the main memory portion (e.g. Herman FIG. 2; “Encryption module 130 can be or may include any hardware or software, or combination thereof, configured to perform encryption and decryption based on a suitable cipher. For example, encryption module 130 can be based on the Advanced Encryption Standard (AES), Data Encryption Standard (DES), or RSA. Encryption module 130 can provide security for sensitive data, such as personal information or billing information, stored in non-volatile memory” [0021]; “Encryption module 130 can encrypt and decrypt data using one or more " encryption seeds" provided by SoC control circuitry 120 or non-volatile memory interface 150, which may be required by the encryption algorithm to perform encryption or decryption. In some embodiments, and particularly for AES-based encryption modules, the encryption seeds can include a key and an initialization vector ("IV"). To recover the original unencrypted data from encrypted data, the encryption seeds used for decryption may need to be the same as the seeds originally used for encryption” [0022]; [0031]; [0032]);
But Herman does not specifically disclose:
wherein data in the main memory is non-persistent with a power down of a system including the non-volatile memory to simulate a volatile nature of the data;
discarding the one or more keys at the power down of the system to implement the non-persistent, volatile nature of the main memory; and
managing a cache formed from volatile memory to store main memory data to reduce latency in accessing the main memory.
However, the analogous art Donie does disclose wherein data in the main memory is non-persistent with a power down of a system including the non-volatile memory to simulate a volatile nature of the data (e.g. Donie memory device 6 [0014] which can be non-volatile [0015] stores encryption keys which are erased as part of power down, restart or shut down sequence [0024]) and discarding the one or more keys at the power down of the system to implement the non-persistent, volatile nature of the main memory (e.g. Donie upon detecting restart operation/power down/shut down sequence, the determined encryption keys are erased from memory device [0024]).  Herman and Donie are analogous art because they are from the same field of endeavor in cryptographic data storage.  Furthermore, the analogous art Kwon does disclose managing a cache formed from volatile memory to store main memory data to reduce latency in accessing the main memory (e.g. Kwon cache controller [0006]; [0038]; [0068] of cache memory that stores data that is accessed often from main memory [0026]; [0027]; “a cache memory may store data that is accessed often from the main memory, and may have a faster operating speed than a main memory. It may also be integrated with a processor or may be closer to the processor than a main memory, making the data access more efficient” [0026]; “A cache memory within a cache memory system may be used as an L1 (or level 1) cache or an L2 (or level 2) cache. The L1 cache, also known as a primary cache, may be accessed first by the processor and its memory capacity may be less in size than the L2 cache. The L2 cache, also called a secondary cache, may be accessed second by the processor when the processor does not find its desired data in the L1 cache” [0027]).  Herman and Kwon are analogous art because they are from the same field of endeavor in management of data storage and retrieval.
It would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art, having the teachings of Herman, Donie, and Kwon before him or her, to modify the system and method of Herman with the teachings of Donie and Kwon to include wherein data in the main memory is non-persistent with a power down of a system including the non-volatile memory to simulate a volatile nature of the data; discarding the one or more keys at the power down of the system to implement the non-persistent, volatile nature of the main memory; and managing a cache formed from volatile memory to store main memory data to reduce latency in accessing the main memory as claimed because Herman teaches a method and system on a chip that provides secure read and write operations for decrypting and encrypting data in non-volatile memory using keys (Herman [Abstract]; FIG. 1; [0017]-[0032]) stored in non-volatile memory which could be erased upon detecting a power down, restart, or shut down sequence (Donie [0014]; [0015]; [0024]) and a cache memory managed by a cache controller (Kwon [0006]; [0026]; [0027]; [0038]; [0068]).  The suggestion/motivation for doing so would have been to prevent an unauthorized user from accessing the encryption keys to access unencrypted blocks following a restart of the system (Donie [0024]) and to minimize or reduce cache latency so that a data processing speed of CPU is improved (Kwon [0099]).  Therefore, it would have been obvious to combine Herman, Donie, and Kwon to obtain the invention as specified in the instant claim(s).
As to Claim 30:
Herman in view of Donie and Kwon discloses the method as recited in claim 29 wherein the volatile memory comprises dynamic random access memory (DRAM) (e.g. Herman “Memory 140 can include any suitable type of volatile or non-volatile memory, such as dynamic random access memory (DRAM)” [0019]).
As to Claim 31:
Herman in view of Donie and Kwon discloses the method as recited in claim 29 wherein the volatile memory is external to an integrated circuit that includes the cryptographic circuit (e.g. Herman FIG. 1 Non-Volatile Memory 160 is external to System-on-a-chip 110 with encryption module 130).
As to Claim 32:
Herman in view of Donie and Kwon discloses the method as recited in claim 29 further comprising generating, by one or more agents in the system, memory requests addressing the main memory (e.g. Herman FIG. 1; “SoC control circuitry 120 can control the general operations and functions of SoC 110 and its other components. For example, responsive to user inputs or the instructions of an application, SoC control circuitry 120 can issue read or write commands to non-volatile memory interface 150 to obtain or store data from or in non-volatile memory 160. SoC control circuitry 120 can include any combination of hardware, software, and firmware, and any components, circuitry, or logic operative to drive the functionality of electronic device 100” [0018]; “SoC control circuitry 220 can include file system 222 to issue the read and write commands instructed by the application or operating system. File system 222 can include any suitable type of file system, such as a File Allocation Table (FAT) file system. With each read or write command, file system 222 can provide a logical address to indicate where the data should be read or written” [0026]).
As to Claim 37:
Herman discloses a system (e.g. Herman FIG. 1 electronic device; system for managing data storage in non-volatile memories [Abstract]) comprising:
a non-volatile memory (e.g. Herman FIG. 1 Non-Volatile Memory), wherein at least a portion of the non-volatile memory is addressable as main memory (e.g. Herman stored data in non-volatile memory can be accessed with read or write commands [0026]);
an integrated circuit coupled to the non-volatile memory and the volatile memory (e.g. Herman FIG. 1; “SoC control circuitry 120 can control the general operations and functions of SoC 110 and its other components. For example, responsive to user inputs or the instructions of an application, SoC control circuitry 120 can issue read or write commands to non-volatile memory interface 150 to obtain or store data from or in non-volatile memory 160. SoC control circuitry 120 can include any combination of hardware, software, and firmware, and any components, circuitry, or logic operative to drive the functionality of electronic device 100”; “SoC control circuitry 220 can include file system 222 to issue the read and write commands instructed by the application or operating system. File system 222 can include any suitable type of file system, such as a File Allocation Table (FAT) file system. With each read or write command, file system 222 can provide a logical address to indicate where the data should be read or written” [0026]) the integrated circuit comprising: a cryptographic circuit (e.g. Herman FIG. 1 Encryption module [0022]) configured to employ one or more keys to encrypt data written to the main memory and decrypt data read from the main memory (e.g. Herman FIG. 2; “Encryption module 130 can be or may include any hardware or software, or combination thereof, configured to perform encryption and decryption based on a suitable cipher. For example, encryption module 130 can be based on the Advanced Encryption Standard (AES), Data Encryption Standard (DES), or RSA. Encryption module 130 can provide security for sensitive data, such as personal information or billing information, stored in non-volatile memory” [0021]; “Encryption module 130 can encrypt and decrypt data using one or more " encryption seeds" provided by SoC control circuitry 120 or non-volatile memory interface 150, which may be required by the encryption algorithm to perform encryption or decryption. In some embodiments, and particularly for AES-based encryption modules, the encryption seeds can include a key and an initialization vector ("IV"). To recover the original unencrypted data from encrypted data, the encryption seeds used for decryption may need to be the same as the seeds originally used for encryption” [0022]; [0031]; [0032]), and wherein the integrated circuit is configured to store the one or more keys within the integrated circuit (e.g. Herman SoC control circuitry includes files system which provides privacy key and initialization vector for encryption seeds [0026]; [0031]);
But Herman does not specifically disclose:
wherein data in the main memory is non-persistent with a power down of the system to simulate a volatile nature of the data;
a volatile memory managed as a cache for main memory data;
discard the one or more keys at the power down of system to implement the non-persistent, volatile nature of the main memory.
However, the analogous art Donie does disclose wherein data in the main memory is non-persistent with a power down of the system to simulate a volatile nature of the data (e.g. Donie memory device 6 [0014] which can be non-volatile [0015] stores encryption keys which are erased as part of power down, restart or shut down sequence [0024]) and discard the one or more keys at the power down of system to implement the non-persistent, volatile nature of the main memory (e.g. Donie upon detecting restart operation/power down/shut down sequence, the determined encryption keys are erased from memory device [0024]).  Herman and Donie are analogous art because they are from the same field of endeavor in cryptographic data storage.  Furthermore, the analogous art Kwon does disclose a volatile memory managed as a cache for main memory data (e.g. Kwon “a cache memory may store data that is accessed often from the main memory, and may have a faster operating speed than a main memory. It may also be integrated with a processor or may be closer to the processor than a main memory, making the data access more efficient” [0026]; “A cache memory within a cache memory system may be used as an L1 (or level 1) cache or an L2 (or level 2) cache. The L1 cache, also known as a primary cache, may be accessed first by the processor and its memory capacity may be less in size than the L2 cache. The L2 cache, also called a secondary cache, may be accessed second by the processor when the processor does not find its desired data in the L1 cache” [0027]; [0038]; [0068]).  Herman and Kwon are analogous art because they are from the same field of endeavor in management of data storage and retrieval.
It would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art, having the teachings of Herman, Donie, and Kwon before him or her, to modify the system and method of Herman with the teachings of Donie and Kwon to include wherein data in the main memory is non-persistent with a power down of the system to simulate a volatile nature of the data, a volatile memory managed as a cache for main memory data, and discard the one or more keys at the power down of system to implement the non-persistent, volatile nature of the main memory as claimed because Herman teaches a method and system on a chip that provides secure read and write operations for decrypting and encrypting data in non-volatile memory using keys (Herman [Abstract]; FIG. 1; [0017]-[0032]) stored in non-volatile memory which could be erased upon detecting a power down, restart, or shut down sequence (Donie [0014]; [0015]; [0024]) and a cache memory managed by a cache controller (Kwon [0006]; [0026]; [0027]; [0038]; [0068]).  The suggestion/motivation for doing so would have been to prevent an unauthorized user from accessing the encryption keys to access unencrypted blocks following a restart of the system (Donie [0024]) and to minimize or reduce cache latency so that a data processing speed of CPU is improved (Kwon [0099]).  Therefore, it would have been obvious to combine Herman, Donie, and Kwon to obtain the invention as specified in the instant claim(s).
As to Claim 40:
Herman in view of Donie and Kwon discloses the system as recited in claim 37 wherein the volatile memory comprises dynamic random access memory (DRAM) (e.g. Herman “Memory 140 can include any suitable type of volatile or non-volatile memory, such as dynamic random access memory (DRAM)” [0019]).


Claims 27, 28, 35, 36, 38, and 39 are rejected under 35 U.S.C. 103 as being unpatentable over Herman in view of Donie and Kwon as applied to Claims 21, and further in view of Begum et al. (US 20120072713 A1, IDS submitted 11/10/2021, hereinafter Begum).
As to Claim 27:
Herman in view of Donie and Kwon discloses the system as recited in claim 21 wherein the cryptographic circuit is configured to employ one or more additional keys to encrypt data (e.g. Herman “The encryption module of the SoC can encrypt and decrypt data using one or more initial values, which may sometimes be referred to as " encryption seeds." For AES engines, the encryption seeds can include a key and an initialization vector ("IV"). The memory interface can generate or select the encryption seeds based on the type of data that is being read or programmed (e.g., sensitive data, non-sensitive data, or metadata). In some embodiments, the memory interface can receive a command to read or write data from the file system, and the memory interface can detect whether the information is sensitive or non-sensitive. If the data is sensitive, the memory module can encrypt the data using a secure privacy key and initialization vector provided by the file system. Otherwise, for non-sensitive data, the memory interface can use a predetermined, whitening key and an IV that may be generated based on the logical address of the data” [0007]) stored in a remaining portion of the non-volatile memory (e.g. Herman [0026]-[0028]) excluding the main memory, but does not specifically disclose:
retain the one or more additional keys at the power down.
However, the analogous art Begum does disclose retain the one or more additional keys at the power down (e.g. Begum “The initialization vector and encryption keys for each block of plane-text are stored as crypto metadata. As shown in FIG. 3A, each data file block is associated with crypto metadata, which may comprise a hash block. In the event of a network or server outage between the time of a data block write and its corresponding crypto metadata block write, data sitting on the disk will be lost through strong encryption and cannot be recovered” [0008]; [0011]; [0025]).  Herman and Begum are analogous art because they are from the same field of endeavor in cryptographic data storage.
(e.g. Begum “the method encrypts the block key on the first client machine with a public key of a keystore associated with a user and associates the encrypted block key with the encrypted file as crypto metadata. The method caches the encrypted data block and the crypto metadata on the first client machine sends the encrypted data block and the crypto metadata from the first client machine to a network file system server. When the method receives a return code from the network file system server indicating successful writes of the encrypted data block and the crypto metadata, the method clears the cached encrypted data block and the crypto met” [0011]; “The encrypted block key forms crypto metadata for the encrypted data block. In an NFSv4 implementation, the encrypted block key crypto metadata may be attached to the encrypted data block as an extended attribute, as indicated at block 413. Then, the client caches the encrypted data block and the encrypted block key crypto metadata in its local encryption cache 107, at block 415, and sends the encrypted data block and crypto metadata over network 109 to network file system server” [0025]).
It would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art, having the teachings of Herman, Donie, Kwon, and Begum before him or her, to modify the combination of Herman, Donie, and Kwon with the teachings of Begum to include retain the one or more additional keys at the power down as claimed because Herman already provides a method and system on a chip that provides secure read and write operations for decrypting and encrypting data in non-volatile memory using keys and initialization vectors (Herman [Abstract]; FIG. 1; [0017]-[0032]) which could be stored as crypto metadata (Begum [0032]; [0052]; [0055]; [0073]; [0075]).  The suggestion/motivation for doing so would have been to provide centralized keystores and extended attributes so that encrypted data blocks and crypto metadata will not be lost or unrecoverable (Begum [0002]; [0027]).  Therefore, it would have been obvious to combine Herman, Donie, Kwon, and Begum to obtain the invention as specified in the instant claim(s).
As to Claim 28:
Herman in view of Donie, Kwon, and Begum discloses the system as recited in claim 27 wherein the integrated circuit is configured to write the one or more additional keys to a metadata area of the non-volatile memory to retain the one or more additional keys (e.g. Begum “The initialization vector and encryption keys for each block of plane-text are stored as crypto metadata. As shown in FIG. 3A, each data file block is associated with crypto metadata, which may comprise a hash block. In the event of a network or server outage between the time of a data block write and its corresponding crypto metadata block write, data sitting on the disk will be lost through strong encryption and cannot be recovered” [0008]; [0011]; “The client then XORs the IV and the file key, at block 407, to obtain block key. The client then encrypts a first or next data block or the file to be stored using the using the block key” [0025]).  The Examiner supplies the same rationale for the combination of references Herman, Donie, Kwon, and Begum as in Claim 27.
As to Claim 35:
Herman in view of Donie and Kwon discloses the method as recited in claim 29 further comprising: employing one or more additional keys in the cryptographic circuit to encrypt data (e.g. Herman “The encryption module of the SoC can encrypt and decrypt data using one or more initial values, which may sometimes be referred to as " encryption seeds." For AES engines, the encryption seeds can include a key and an initialization vector ("IV"). The memory interface can generate or select the encryption seeds based on the type of data that is being read or programmed (e.g., sensitive data, non-sensitive data, or metadata). In some embodiments, the memory interface can receive a command to read or write data from the file system, and the memory interface can detect whether the information is sensitive or non-sensitive. If the data is sensitive, the memory module can encrypt the data using a secure privacy key and initialization vector provided by the file system. Otherwise, for non-sensitive data, the memory interface can use a predetermined, whitening key and an IV that may be generated based on the logical address of the data” [0007]) stored in a remaining portion of the non-volatile memory (e.g. Herman [0026]-[0028]) excluding the main memory, but does not specifically disclose:
retaining the one or more additional keys at the power down.
However, the analogous art Begum does disclose retaining the one or more additional keys at the power down (e.g. Begum “The initialization vector and encryption keys for each block of plane-text are stored as crypto metadata. As shown in FIG. 3A, each data file block is associated with crypto metadata, which may comprise a hash block. In the event of a network or server outage between the time of a data block write and its corresponding crypto metadata block write, data sitting on the disk will be lost through strong encryption and cannot be recovered” [0008]; [0011]; [0025]).  Herman and Begum are analogous art because they are from the same field of endeavor in cryptographic data storage.
(e.g. Begum “the method encrypts the block key on the first client machine with a public key of a keystore associated with a user and associates the encrypted block key with the encrypted file as crypto metadata. The method caches the encrypted data block and the crypto metadata on the first client machine sends the encrypted data block and the crypto metadata from the first client machine to a network file system server. When the method receives a return code from the network file system server indicating successful writes of the encrypted data block and the crypto metadata, the method clears the cached encrypted data block and the crypto met” [0011]; “The encrypted block key forms crypto metadata for the encrypted data block. In an NFSv4 implementation, the encrypted block key crypto metadata may be attached to the encrypted data block as an extended attribute, as indicated at block 413. Then, the client caches the encrypted data block and the encrypted block key crypto metadata in its local encryption cache 107, at block 415, and sends the encrypted data block and crypto metadata over network 109 to network file system server” [0025]).
It would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art, having the teachings of Herman, Donie, Kwon, and Begum before him or her, to modify the combination of Herman, Donie, and Kwon with the teachings of Begum to include retaining the one or more additional keys at the power down as claimed because Herman already provides a method and system on a chip that provides secure read and write operations for decrypting and encrypting data in non-volatile memory using keys and initialization vectors (Herman [Abstract]; FIG. 1; [0017]-[0032]) which could be stored as crypto metadata (Begum [0032]; [0052]; [0055]; [0073]; [0075]).  The suggestion/motivation for doing so would have been to provide centralized keystores and extended attributes so that encrypted data blocks and crypto metadata will not be lost or unrecoverable (Begum [0002]; [0027]).  Therefore, it would have been obvious to combine Herman, Donie, Kwon, and Begum to obtain the invention as specified in the instant claim(s).
As to Claim 36:
Herman in view of Donie, Kwon, and Begum discloses the method as recited in claim 35 wherein the retaining comprises writing the one or more additional keys to a metadata area of the non-volatile memory to retain the one or more additional keys. (e.g. Begum “The initialization vector and encryption keys for each block of plane-text are stored as crypto metadata. As shown in FIG. 3A, each data file block is associated with crypto metadata, which may comprise a hash block. In the event of a network or server outage between the time of a data block write and its corresponding crypto metadata block write, data sitting on the disk will be lost through strong encryption and cannot be recovered” [0008]; [0011]; “The client then XORs the IV and the file key, at block 407, to obtain block key. The client then encrypts a first or next data block or the file to be stored using the using the block key” [0025]).  The Examiner supplies the same rationale for the combination of references Herman, Donie, Kwon, and Begum as in Claim 35.
As to Claim 38:
Herman in view of Donie and Kwon discloses the system as recited in claim 37 wherein the cryptographic circuit is configured to employ one or more additional keys to encrypt data (e.g. Herman “The encryption module of the SoC can encrypt and decrypt data using one or more initial values, which may sometimes be referred to as " encryption seeds." For AES engines, the encryption seeds can include a key and an initialization vector ("IV"). The memory interface can generate or select the encryption seeds based on the type of data that is being read or programmed (e.g., sensitive data, non-sensitive data, or metadata). In some embodiments, the memory interface can receive a command to read or write data from the file system, and the memory interface can detect whether the information is sensitive or non-sensitive. If the data is sensitive, the memory module can encrypt the data using a secure privacy key and initialization vector provided by the file system. Otherwise, for non-sensitive data, the memory interface can use a predetermined, whitening key and an IV that may be generated based on the logical address of the data” [0007]) stored in a remaining portion of the non-volatile memory (e.g. Herman [0026]-[0028]) excluding the main memory, but does not specifically disclose:
retain the one or more additional keys at the power down.
However, the analogous art Begum does disclose retain the one or more additional keys at the power down (e.g. Begum “The initialization vector and encryption keys for each block of plane-text are stored as crypto metadata. As shown in FIG. 3A, each data file block is associated with crypto metadata, which may comprise a hash block. In the event of a network or server outage between the time of a data block write and its corresponding crypto metadata block write, data sitting on the disk will be lost through strong encryption and cannot be recovered” [0008]; [0011]; [0025]).  Herman and Begum are analogous art because they are from the same field of endeavor in cryptographic data storage.
(e.g. Begum “the method encrypts the block key on the first client machine with a public key of a keystore associated with a user and associates the encrypted block key with the encrypted file as crypto metadata. The method caches the encrypted data block and the crypto metadata on the first client machine sends the encrypted data block and the crypto metadata from the first client machine to a network file system server. When the method receives a return code from the network file system server indicating successful writes of the encrypted data block and the crypto metadata, the method clears the cached encrypted data block and the crypto met” [0011]; “The encrypted block key forms crypto metadata for the encrypted data block. In an NFSv4 implementation, the encrypted block key crypto metadata may be attached to the encrypted data block as an extended attribute, as indicated at block 413. Then, the client caches the encrypted data block and the encrypted block key crypto metadata in its local encryption cache 107, at block 415, and sends the encrypted data block and crypto metadata over network 109 to network file system server” [0025]).
It would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art, having the teachings of Herman, Donie, Kwon, and Begum before him or her, to modify the combination of Herman, Donie, and Kwon with the teachings of Begum to include retain the one or more additional keys at the power down as claimed because Herman already provides a method and system on a chip that provides secure read and write operations for decrypting and encrypting data in non-volatile memory using keys and initialization vectors (Herman [Abstract]; FIG. 1; [0017]-[0032]) which could be stored as crypto metadata (Begum [0032]; [0052]; [0055]; [0073]; [0075]).  The suggestion/motivation for doing so would have been to provide centralized keystores and extended attributes so that encrypted data blocks and crypto metadata will not be lost or unrecoverable (Begum [0002]; [0027]).  Therefore, it would have been obvious to combine Herman, Donie, Kwon, and Begum to obtain the invention as specified in the instant claim(s).

As to Claim 39:
Herman in view of Donie, Kwon, and Begum discloses the system as recited in claim 38 wherein the integrated circuit is configured to write the one or more additional keys to a metadata area of the non-volatile memory to retain the one or more additional keys (e.g. Begum “The initialization vector and encryption keys for each block of plane-text are stored as crypto metadata. As shown in FIG. 3A, each data file block is associated with crypto metadata, which may comprise a hash block. In the event of a network or server outage between the time of a data block write and its corresponding crypto metadata block write, data sitting on the disk will be lost through strong encryption and cannot be recovered” [0008]; [0011]; “The client then XORs the IV and the file key, at block 407, to obtain block key. The client then encrypts a first or next data block or the file to be stored using the using the block key” [0025]).  The Examiner supplies the same rationale for the combination of references Herman, Donie, Kwon, and Begum as in Claim 38.
Allowable Subject Matter
Claims 25, 26, 33, and 34 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicants’ disclosure.
Lee et al. (US 20100281273 A1) is cited for on-chip security for software applications through creation of a secure memory area external to a processor.
Zmudzinski et al. (US 20140006799 A1) is cited for a secure sleep state that is provided for protection of data stored on a computing platform.
Colp et al. (US 20140006805 A1) is cited for cache locking to protect secure data in SoC storage from cold boot attacks.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Kenneth W Chang whose telephone number is (571)270-7530. The examiner can normally be reached Monday - Friday 9-5pm EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Taghi Arani can be reached on 571-272-3787. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/KENNETH W CHANG/Primary Examiner, Art Unit 2438                                                                                                                                                                                                        
    PNG
    media_image1.png
    35
    280
    media_image1.png
    Greyscale

09.20.2022