DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on September 06 2022 has been entered. Applicant amended claims 1 and 9,  previously canceled claims 2 and 10, and added claims 18 and 19.

Response to Arguments

 Applicant’s arguments with respect to claim(s) 1 and 9 have been considered but are moot because the new ground of rejection does not rely on the Kamada reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument. The examiner has withdrawn the 35 USC 102 rejection of June 06 2006, and upon further search and consideration,  updated the rejection under 35 USC 103 as being unpatentable over  Liu et al US 20170323121 in view of Morino et al US 20070226412 to teach said limitations in claims 1 and 9; therefore, the Applicant’s remarks pertaining to the Kamada reference are moot.
Applicant’s remarks pertaining to the Morino and Hashimoto references are not persuasive. On page 10, Applicant alleges “neither Morino nor Hashimoto teaches or suggest….(generating) a verifier of the first data using the first data read from the first storage as recited in claims 1 and 9….Accordingly, Applicant respectfully submits that claims 1 and 9, and their dependent claims, are in condition for allowance and requests the Examiner withdraw the rejection under 102 and 103.” This is not persuasive, Morino teaches per paragraphs  54-55 that a digest/verifier is generated based on data written/stored in memory. Nonetheless, Morino was not relied upon to teach said limitation presented in the argument. While the Hashimoto reference teaches verification processing (Figure 12), the Hashimoto reference was not relied upon to teach the limitations recited in claims 1 and 9.


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim(s) 1, 3-7 and 9, 11-16, and 18-19  is/are rejected under 35 U.S.C. 103 as being unpatentable over Liu et al US 20170323121 (hereinafter Liu) in view of Morino et al US 20070226412 (hereinafter Morino).

As to claim 1, Liu teaches a storage device (Figure 14, reference number 500 reveals a Data Storage Device Authentication System, see also paragraph 19) comprising: 
a first storage (Figure 14, reference number 506 “Memory”; paragraph 47 reveals the memory can be in the form of NOR flash); and 
a controller (Figure 14, reference number 504 “Controller”) configured to execute control of the first storage based on a command from a host device (paragraph 84 discloses “Controller 84 is programmable to provide top level control using data in a memory 506; paragraph 28 also reveals “the controller  provides top level control of the device and directs communications and data transfers with a host device”. Paragraph 41 reveals a host interface communications commands…during transfer operation between the HDD/controller and the host), 
wherein the controller (paragraph 89 reveals that the controller executes the instructions of the data collection and verification modules. The verification module contains the verification algorithm(s) shown in Figures 7-9 ) is configured to: 
in response to a first command related to first data stored in the first storage from the host device (paragraph 41 reveals a host interface communicates commands between the HDD/controller and the host  device; claim 5 reveals an identifier value is retrieved from memory via the second interface port that communicates with a host device. This identifier is obtained from NOR Flash/first storage. Paragraph 62  reveals a first data such as an ID/identifier value 222B is obtained from a memory location of the storage device), the first command being a read command (paragraph 62 reveal a first data such as ID value 222B is obtained from a memory location of the storage device/first storage, and this is executed by the controller. Obtaining ID value 222B from the NOR Flash per paragraph 62 involves read command, to read from NOR Flash),   read the first data from the first storage (paragraphs 62 and 65 reveal the ID/identifier value is obtain/read from NOR Flash/first storage) and generate a verifier of the first data using the first data read from the first storage (Figure 8, reference number 224 and paragraph 63 reveal the retrieve identifiers are combined to generate combined identifier/ID/verifier). 
[AltContent: textbox (Retrieved ID (first) data from first storage)][AltContent: arrow][AltContent: textbox (Generated Verifier via instructions from Controller)][AltContent: arrow]
    PNG
    media_image1.png
    442
    669
    media_image1.png
    Greyscale

Figure 8 of Liu 

Liu does not teach in response to a second command related to the first data from the host device, transmit the verifier of the first data to the host device.
Morino teaches in response to a second command related to the first data from the host device, transmit the verifier of the first data to the host device (paragraphs 24-25 and 53 reveal  a digest is generated, and the digest is stored/transmitted to the memory/host memory according to the command from the host interface control unit; paragraph 127 also reveals the read out data from the verification result is transferred to the host device).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Liu’s storage device with Morino’s teachings of transmitting the verifier  such that the data in memory along with the commands from the controller are protected from piracy and falsification, thus enhancing the security of the data in memory (paragraph 30 of Morino).

	As to claim 3, the combination of Liu and Morino teaches wherein the controller is further configured to: set a range of storage areas within the first storage as designated by a third command from the host device as a generation range of the verifier (Morino: Paragraph 125 reveals a command is executed that pertains to the logical block address, LBA and  indicates an address range/parameter. Thus, a start LBA and an end LBA of the falsification check region is set) ; and generate the verifier of the first data after confirming that the first data is stored within the generation range of the verifier (Morino: paragraphs 126-127 reveal verification digest is generated when it is confirmed/judge that the LBA of the data is in the check region/range).

As to claim 4, the combination of Liu and Morino teaches wherein the controller is further configured to: 3Application No. 16/425,805Docket No.: TAI/2491 US Amendment dated September 6, 2022 After Final Office Action of June 6, 2022store a verifier of the first data in a second storage (Liu: digital signature verifier 210 in Figure 8, which is obtained from NOR Flash/remote server, thus a second storage, as shown in Figure 7 and paragraph 59. Morino: paragraph 63 reveals digest is read from the nonvolatile memory, see also paragraph 57), and in response to a fourth command from the host device, compare the verifier of the first data stored in the second storage with the generated verifier (Liu: paragraph 65 reveal the verification algorithm compares the generated verifier/identifier and the stored verifier/digital signature and computes a pass/fail value; Morino: paragraph 63 reveals that the digest verifier read from the host memory/second storage is compared with the digest generated) , and transmit the comparison result to the host device(Liu: paragraph 66 reveals the verifier result based on  the first data/identifier is transmitted/stored in one or more memory locations/host memory; Morino: paragraph 127 also reveals the read out data from the verification result is transferred to the host device).

As to claim 5, the combination of Liu and Morino teaches wherein the controller further includes: an encryption circuit configured to encrypt data to be written into the first storage (Liu: Figure 11, reference number 292 “Encryption Algorithm”, wherein the data is encrypted and written in the first storage/NOR Flash; Morino: Paragraph 139 recites “in the case of storing a digest in the tamper resistant module 100, a digest generated by the digest generation 31 is encrypted in the encryption processing unit 42 by using the session key, and information specifying a position of the nonvolatile memory inside the tamper resistant module 100 is generated based on an address of an LBA in the storage region assigning unit 43”; see also paragraphs 27 and 82) and a decryption circuit configured to decrypt the data which is encrypted by the encryption unit and read from the first storage(Liu: Figure 12, reference number 302 “Decryption Algorithm”; Morino: Paragraph 143 recites “the hard disk controller decrypts the encrypted digest by using the session key in the encryption processing unit 42, and the digest verification unit 32 compares the digest generated from the data read out from the HDA 21 with the decrypted digest to confirm whether or not there is falsification”; see also paragraphs 27, 83, 85, 140-141).

	As to claim 6, the combination of Liu and Morino teaches wherein the controller is further configured to: issue to an external device, a command requesting authentication of a program stored in the first storage using a verifier that the controller generated from the program (Morino: paragraph 48 reveals authentication is performed between the host of the external device and the hard disk controller. Thus a command is received by the host for authentication of a program stored in the first storage using a verifier by means of digest/signature/certificate that the hard disk controller generates. Paragraph 30 reveals the detection of falsification of data and programs is detected); and store the verifier generated from the program in the second storage when the program is authenticated by the external device(Morino: Paragraph 98 recites “the host sends the host certificate to the hard disk device…the hard disk verifies the host certificate by verifying the signature using the certificate authority public key Ko to confirm that the host certificate is free from falsification and the certificate has been issued by the certificate authority…The hard disk transfer the HDD certificate to the hard disk drive…the host verifies the HDD certificate by verifying the signature using the certificate authority public key Ko to confirm that the HDD certificate is free from falsification and the certificate has been issued by the certificate authority”).

As to claim 7, the combination of Liu and Morino teaches herein the controller is further configured to: in response to a fifth command from the host device, generate a verifier of a program that is loaded into an external memory from the first storage(Morino :Paragraph 126 recites “when it is judged that the (logical block address) LBA of the data is in the falsification check region 28, the CPU 10 writes the data in the assigned LBA in the falsification check region 28 to generate digests in a digest processing unit, followed by storing the digest in a nonvolatile memory 23”); and in response to a sixth command from the host device, compare the verifier of the program with a verifier of the program which is generated when the program is stored in the first storage and is stored in the second storage(Morino: Paragraph 127 recites “in the case of reading, when it is judged that the LBA is the LBA in the falsification check region 28, the data are read out from the assigned LBA in the falsification check region 28 to confirm whether or not the data have been falsified by performing verification of digests in the digest processing unit 18.” Paragraph 165 recites “the digest read out from the nonvolatile memory 114 and the digest generate based on the data read out by the digest generation unit 117 are inputted to the digest verification unit 118 to compare the digests in the digest verification unit 118”).

As to claim 9, Liu teaches a method of detecting tampering of data in a first storage connected to a host device (abstract reveals method for detecting unauthorized tampering with a data storage device; Figure 4 reveals the data storage device is connected to “HOST”), said method comprising:
 in response to a first command related to first data stored in the first storage from the host device(paragraph 41 reveals a host interface communicates commands between the HDD/controller and the host  device; claim 5 reveals an identifier value is retrieved from memory via the second interface port that communicates with a host device. This identifier is obtained from NOR Flash/first storage. Paragraph 62  reveals a first data such as an ID/identifier value 222B is obtained from a memory location of the storage device), the first command being a read command(paragraph 62 reveals a first data such as ID value 222B is obtained from a memory location of the storage device/first storage, and this is executed by the controller. Obtaining ID value 222B from the NOR Flash per paragraph 62 involves read command, to read from NOR Flash), reading the first data from the first storage(paragraphs 62 and 65 reveal the ID/identifier value is obtain/read from NOR Flash/first storage)  and generating a verifier of the first data using the first data read from the first storage(Figure 8, reference number 224 and paragraph 63 reveal the retrieve identifiers are combined to generate combined identifier/ID/verifier).
Liu does not teach in response to a second command related to the first data from the host device transmitting the verifier of the first data to the host device.
Morino teaches in response to a second command related to the first data from the host device transmitting the verifier of the first data to the host device(paragraphs 24-25 and 53 reveal  a digest is generated, and the digest is stored/transmitted to the memory/host memory according to the command from the host interface control unit; paragraph 127 also reveals the read out data from the verification result is transferred to the host device).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Liu’s storage device with Morino’s teachings of transmitting the verifier  such that the data in memory along with the commands from the controller are protected from piracy and falsification, thus enhancing the security of the data in memory (paragraph 30 of Morino).

As to claim 11, the combination of Liu and Morino teaches setting a range of storage areas within the first storage as designated by a third command from the host device as a generation range of the verifier(Morino: Paragraph 125 reveals a command is executed that pertains to the logical block address, LBA,  indicate an address range/parameter. Thus, a start LBA and an end LBA of the falsification check region is set), wherein the verifier of the first data is generated after confirming that the first data is stored within the generation range of the verifier(Morino: paragraphs 126-127 reveal verification digest is generated when it is confirmed/judge that the LBA of the data is in the check region/range).

As to claim 12, the combination of Liu and Morino teaches storing a verifier of the data in a second storage(Liu: digital signature verifier 210 in Figure 8, which is obtained from NOR Flash/remote server, thus a second storage, per Figure 7 and paragraph 59. Morino: paragraph 63 reveals digest is read from the nonvolatile memory, see also paragraph 57).

As to claim 13, the combination of Liu and Morino teaches in response to a fourth command from the host device, comparing the verifier of the data stored in the second storage with the verifier generated from the first data read form the first storage(Liu: paragraph 65 reveals the verification algorithm compares the generated verifier/identifier and the stored verifier/digital signature and computes a pass/fail value; Morino: paragraph 63 reveals that the digest verifier read from the host memory/second storage is compared with the digest generated), and transmitting the comparison result to the host device(Liu: paragraph 66 reveals the verifier result based on  the first data/identifier is transmitted/stored in one or more memory locations/host memory; Morino: paragraph 127 also reveals the read out data from the verification result is transferred to the host device).

As to claim 14, the combination of Liu and Morino teaches encrypting data to be written into the first storage(Liu: Figure 11, reference number 292 “Encryption Algorithm”, wherein the data is encrypted and written in the first storage/NOR Flash; Morino: Paragraph 139 recites “in the case of storing a digest in the tamper resistant module 100, a digest generated by the digest generation 31 is encrypted in the encryption processing unit 42 by using the session key, and information specifying a position of the nonvolatile memory inside the tamper resistant module 100 is generated based on an address of an LBA in the storage region assigning unit 43”; see also paragraphs 27 and 82); and decrypting the data which has been encrypted and read from the first storage(Liu: Figure 12, reference number 302 “Decryption Algorithm”; Morino: Paragraph 143 recites “the hard disk controller decrypts the encrypted digest by using the session key in the encryption processing unit 42, and the digest verification unit 32 compares the digest generated from the data read out from the HDA 21 with the decrypted digest to confirm whether or not there is falsification”; see also paragraphs 27, 83, 85, 140-141).

As to claim 15, the combination of Liu and Morino teaches issuing to an external device, a command requesting authentication of a program stored in the first storage using a verifier generated from the program(Morino: paragraph 48 reveals authentication is performed between the host of the external device and the hard disk controller. Thus a command is received by the host for authentication of a program stored in the first storage using a verifier by means of digest/signature/certificate that the hard disk controller generates. Paragraph 30 reveals the detection of falsification of data and programs is detected); and storing the verifier generated from the program in the second storage when the program is authenticated by the external device(Morino: Paragraph 98 recites “the host sends the host certificate to the hard disk device…the hard disk verifies the host certificate by verifying the signature using the certificate authority public key Ko to confirm that the host certificate is free from falsification and the certificate has been issued by the certificate authority…The hard disk transfer the HDD certificate to the hard disk drive…the host verifies the HDD certificate by verifying the signature using the certificate authority public key Ko to confirm that the HDD certificate is free from falsification and the certificate has been issued by the certificate authority”).

As to claim 16, the combination of Liu and Morino teaches in response to a fifth command from the host device, generating a verifier of a program that is loaded into an external memory from the first storage(Morino :Paragraph 126 recites “when it is judged that the (logical block address) LBA of the data is in the falsification check region 28, the CPU 10 writes the data in the assigned LBA in the falsification check region 28 to generate digests in a digest processing unit, followed by storing the digest in a nonvolatile memory 23”); and in response to a sixth command from the host device, comparing the verifier of the program with a verifier of the program which is generated when the program is stored in the first storage and is stored in the second storage(Morino: Paragraph 127 recites “in the case of reading, when it is judged that the LBA is the LBA in the falsification check region 28, the data are read out from the assigned LBA in the falsification check region 28 to confirm whether or not the data have been falsified by performing verification of digests in the digest processing unit 18.” Paragraph 165 recites “the digest read out from the nonvolatile memory 114 and the digest generate based on the data read out by the digest generation unit 117 are inputted to the digest verification unit 118 to compare the digests in the digest verification unit 118”).

As to claim 18, the combination of Liu and Morino teaches wherein the controller is configured to generate the verifier of the first data by using a predetermined hush function with respect to the first data read from the first storage (Morino: paragraphs 24 and 55 reveal the digest/verifier is generated by using a hush/hash function with respect to first data in memory as stated in paragraph 54).

As to claim 19, the combination of Liu and Morino teaches wherein the verifier of the first data is generated by using a predetermined hush function with respect to the first data read from the first storage(Morino: paragraphs 24 and 55 reveal the digest/verifier is generated by using a hush/hash function with respect to first data in memory as stated in paragraph 54).

Claim(s) 8 and 17 is/are rejected under 35 U.S.C. 103 as being unpatentable over Liu et al US 20170323121 (hereinafter Liu) in view of Morino et al US 20070226412 (hereinafter Morino) in further view of Hashimoto et al US 20150370726 (hereinafter Hashimoto).

As to claim 8, the combination of Liu in view of Morino teaches all the limitations recited in claim 7 above, and further teaches [sending a]  notification to the host device when the comparison result indicates non-coincidence (Morino: Paragraph 63 recites “When the digest do not coincide with each other, it is judged that the data could have been falsified , and the possibility of falsification is informed to the host via the host I/F control unit 14.”). 
The combination of Liu in view of Morino does not teach wherein the controller is further configured to perform, at each predetermined timing, generation of the verifier of the program in the external memory, comparison of the verifier of the program generated at each predetermined timing with the verifier of the program stored in the second storage
Hashimoto teaches wherein the controller is further configured to perform, at each predetermined timing, generation of the verifier of the program in the external memory (Paragraph 238 recites “the secure VMM 516 stored in the external memory 7 is verified at the time of activation based on a program stored in the mask ROM 508, and is then stored in the program area 519g in the secure VMM 516 in the internal memory 8”; Paragraph 57 recites “when the parent tables 101 is not stored in the internal memory 8, and the child table 201 and verifiers cv1 to cvn are copied from the external memory 7 to the internal memory 8, the verification calculation unit 4 generates verification information based on the parent table 101 and parent verifiers pv1 to pvn read from the external memory 7 and physical addresses stored in the parent table 101 in the external memory 7”; Also paragraph 6; Paragraph 163 recites “…signature verification during the boot is performed in parallel with generation of the page table tree 9 and the verifier tree 10 to shorten the boot time in comparison with the case of performing signature verification and generation of the page table tree 9 and the verifier tree 10 separately”; see also paragraph 164), comparison of the verifier of the program generated at each predetermined timing with the verifier of the program stored in the second storage (Paragraph 6 recites “in data falsifying verification, it is determined whether verification target data is falsified according to whether a first verifier calculated at a first time based on the verification target data matches at a second verifier calculated at a second time based on the verification target data”).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Liu’s storage device in view of Morino’s teachings of transmitting the verifier  with Hashimoto’s controller to protect the operating system from memory errors at low cost without an expensive error correcting memory (paragraph 466 of Hashimoto).

As to claim 17, the combination of Liu in view of Morino teaches all the limitations recited in claim 16 above and further teaches [sending a] notification to the host device when the comparison result indicates non-coincidence (Morino: Paragraph 63 recites “When the digest do not coincide with each other, it is judged that the data could have been falsified , and the possibility of falsification is informed to the host via the host I/F control unit 14.”).
The combination of Liu in view of Morino does not teach performing, at each predetermined timing, generation of the verifier of the program in the external memory, comparison of the verifier of the program generated at each predetermined timing with the verifier of the program stored in the second storage.
Hashimoto teaches  performing, at each predetermined timing, generation of the verifier of the program in the external memory(Paragraph 238 recites “the secure VMM 516 stored in the external memory 7 is verified at the time of activation based on a program stored in the mask ROM 508, and is then stored in the program area 519g in the secure VMM 516 in the internal memory 8”; Paragraph 57 recites “when the parent tables 101 is not stored in the internal memory 8, and the child table 201 and verifiers cv1 to cvn are copied from the external memory 7 to the internal memory 8, the verification calculation unit 4 generates verification information based on the parent table 101 and parent verifiers pv1 to pvn read from the external memory 7 and physical addresses stored in the parent table 101 in the external memory 7”; Also paragraph 6; Paragraph 163 recites “…signature verification during the boot is performed in parallel with generation of the page table tree 9 and the verifier tree 10 to shorten the boot time in comparison with the case of performing signature verification and generation of the page table tree 9 and the verifier tree 10 separately”; see also paragraph 164), comparison of the verifier of the program generated at each predetermined timing with the verifier of the program stored in the second storage(Paragraph 6 recites “in data falsifying verification, it is determined whether verification target data is falsified according to whether a first verifier calculated at a first time based on the verification target data matches at a second verifier calculated at a second time based on the verification target data”).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Liu’s storage device in view of Morino’s teachings of transmitting the verifier  with Hashimoto’s controller to protect the operating system from memory errors at low cost without an expensive error correcting memory (paragraph 466 of Hashimoto).

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to FELICIA FARROW whose telephone number is (571)272-1856. The examiner can normally be reached M - F 7:30--5:30pm (EST).
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kristine Kincaid can be reached on (571)272-4063. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/FELICIA FARROW/               Examiner, Art Unit 2437 

/KRISTINE L KINCAID/               Supervisory Patent Examiner, Art Unit 2437