DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

This is Response to Amendment(s)/REMARKS, filed on 07/25/2022.
Claims 1—20 are pending.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim(s) 1—6 is/are rejected under 35 U.S.C. 103 as being unpatentable over “Cox” et al. (US 9,613,215 B2) in view of “Silver” et al. (US 2019/0220861 A1).

Cox disclose 1. An apparatus comprising 
a data storage device [see System 100 (FIGURE 1) that includes Device (SoC) 110] connected to a host as part of a distributed computing system [see Couple Device to Host 710 (FIGURE 7)], the data storage device comprising a provenance module [for example, Controllable Supply Potential Domain 160 (FIG.1)] with a trust circuit to maintain a chain of title ledger logging a provenance of the data storage device since the data storage device was manufactured [see FIGS.4A-4D, where Cox disclose implementing chain of trust; for example, by performing Pre-Production mode, Executing Secure, Warm & Cold Boot Code Operations, etc.. The manufacturer (of device 110) performs initial configuration or debugging before shipping (step 412, pre-production)].

Cox does not; but, Silver, analogues art, disclose updating the chain of title ledger with plurality of different provenance activities of the data storage device over time [Silver disclose updating vehicle token (Abstract; FIG.1: par.0018--0020); see also par.0013, where Silver disclose updating distributed ledger, etc.].
Therefore, it would have been obvious before the effective filing date of the claimed invention to modify the system of Cox by incorporating the updating chain of title ledger teaching of Silver to implement vehicle tracking, analysis and payment processing using distributed ledger.
Cox in view of Silver disclose claims 2—6. The apparatus of claim 1, wherein the provenance comprises each source of data external to the data storage device; wherein the provenance comprises each connection between the data storage device and an external computing component [see Couple Device to Host 710 (FIGURE 7) of Cox]; wherein the provenance comprises each source of security credentials external to the data storage device [Cox discloses reading from A/O register, accessing peripheral information, etc. (FIGURES 8 & 9) of Cox]; wherein the provenance comprises each source of encryption keys external to the data storage device [see Secure Encryption Engine 118 (FIGURES 1 & 2) odf Cox]; and wherein the data storage device is connected to a network controller as part of the distributed computing system [see System Controller(s): FIGURE 1; Host is coupled via network (FIG.7) of Cox]. 


Claims 7—17 is/are rejected under 35 U.S.C. 103 as being unpatentable over “Cox” et al. (US 9,613,215 B2) in view of “Silver” et al. (US 2019/0220861 A1), and further in view of “Benson” (US 10,237,073 B2).

Cox disclose 7. A method comprising: 
installing a data storage device into a distributed computing system [see System 100 (FIGURE 1) that includes Device (SoC) 110, Couple Device to Host 710 (FIGURE 7)]; restricting data communication to the data storage device [Cox disclose Secure portion 310, Limit access to Secure information/SSK 450/480 (FIGURES 4A-4D]; and consulting a chain of title ledger with a trust circuit of a provenance module of the data storage device, the chain of title ledger logging a provenance of the data storage device [see FIGS.4A-4D, where Cox disclose implementing chain of trust; for example, by performing Pre-Production mode, Executing Secure, Warm & Cold Boot Code Operations, etc.. The manufacturer (of device 110) performs initial configuration or debugging before shipping (step 412, pre-production)]; and verifying the provenance of the data storage device with the trust circuit in response to consulting the chain of title ledger [Cox disclose verifying Device 110 files (see FIGS.4A-4D); see also FIGURE 7, where Cox disclose Device performing self-validation process, etc.]; 
And, Silver disclose updating vehicle token [Abstract; FIG.1: par.0018--0020); see also par.0013, where Silver disclose updating distributed ledger, etc.]. The motivation to combine is the same as that of claim 1 above.

Cox in view of Silver  may not expressly disclose.; but, Benson, analogues art, disclose and forming a trusted data pathway with at least one component of the distributed computing system in response to the provenance being attested by the trust circuit [Benson disclose establishing trusted path for secure communication (Abstract) with FIGS.1-2]. 
Therefore, it would have been obvious before the effective filing date of the claimed invention to modify the system of Cox/Silver by incorporating the data communication path teaching of Benson for providing protection against man-in-the-middle and/or MIM attacks.
REGARDING CLAIM 17. 
It recite similar limitations as that of claim 7 above; and thus, rejected for the same rationale. In addition, Cox in view of Benson further disclose transferring data over the trusted data pathway [Benson disclose establishing trusted path for secure communication (Abstract) with FIGS.1-2]; generating a provenance strategy with the provenance module [see System 100 (FIGURE 1) that includes Device (SoC) 110; for example, Controllable Supply Potential Domain 160 (FIG.1)]; and executing the provenance strategy to detect a third-party attack on the data storage device [Cox disclose verifying Device 110 files (see FIGS.4A-4D); see also FIGURE 7, where Cox disclose Device performing self-validation process, etc. Benson prevents MIM attacks]. And, Silver disclose updating vehicle token [Abstract; FIG.1: par.0018--0020); see also par.0013, where Silver disclose updating distributed ledger, etc.]. The motivation is the same as that of claims 1 and 7 above.

Cox in view of Silver, and further in view of Benson further disclose claims 8—13. The method of claim 7, wherein the trusted data pathway allows data communication with the distributed computing system [Benson disclose establishing trusted path for secure communication (Abstract) with FIGS.1-2]; wherein the trusted data pathway is used to load external security information into the data storage device [Cox discloses reading from A/O register, accessing peripheral information, etc. (FIGURES 8 & 9)]; wherein the trusted data pathway is logged by the trust circuit into the chain of title ledger; wherein the trusted data pathway is used to load external encryption information into the data storage device [see Secure Encryption Engine 118 (FIGURES 1 & 2 of Cox)]; wherein the provenance module restricts the chain of title ledger from being altered other than adding new connections and sources of data external to the data storage device [Benson disclose establishing trusted path for secure communication (Abstract) with FIGS.1-2]; and wherein the chain of title ledger comprises a unique initial entry written by a manufacturer of the data storage device [see FIGS.4A-4D, where Cox disclose implementing chain of trust; for example, by performing Pre-Production mode, Executing Secure, Warm & Cold Boot Code Operations, etc.. The manufacturer (of device 110) performs initial configuration or debugging before shipping (step 412, pre-production)].
The motivation to combine is the same as that of claim 7 above. 

Cox in view of Benson Silver, and further in view of further disclose claims 14—16. The method of claim 13, wherein the unique initial entry corresponds with a testing parameter conducted on the data storage device prior to the data storage device being released from the manufacturer; wherein the testing parameter is a number of testing cycles conducted while the data storage device was in custody of the manufacturer; and wherein the testing parameter is a pass/fail ratio for multiple tests conducted while the data storage device was in custody of the manufacturer [see FIGS.4A-4D, where Cox disclose implementing chain of trust; for example, by performing Pre-Production mode, Executing Secure, Warm & Cold Boot Code Operations, etc.. The manufacturer (of device 110) performs initial configuration or debugging before shipping (step 412, pre-production)]. 

Claims 18—20 is/are rejected under 35 U.S.C. 103 as being unpatentable over “Cox” et al. (US 9,613,215 B2) in view of “Silver” et al. (US 2019/0220861 A1), and further in view of “Benson” (US 10,237,073 B2), and further in view of “Crabtree” et al. (US 2020/0389495 A1).

Cox in view of Silver, and further in view of Benson further disclose claims 18—20. The method of claim 17. Cox/Benson may not; but, Crabtree, analogues art, disclose wherein the provenance strategy comprises prescribed proactive measures to be executed in response to a third-party attack predicted by a prediction circuit of the provenance module [Crabtree disclose predictive analysis (see FIGS. 5-7)]. 
Therefore, it would have been obvious before the effective filing date of the claimed invention to modify the system of Cox/Benson by incorporating the teaching of Crabtree for the benefit of enhancing data transport.

Cox in view of Silver, and further in view of Benson, further in view of Crabtree further disclose claims 18—20. The method of claim 17, wherein the provenance strategy comprises prescribed reactive measures to be executed in response to a successful third-party attack detected by the provenance module [Cox disclose verifying Device 110 files (see FIGS.4A-4D); see also FIGURE 7, where Cox disclose Device performing self-validation process, etc. Benson prevents MIM attacks]; and wherein the provenance strategy comprises measures to be executed to prioritize an integrity of the chain of title ledger in response to a predicted, attempted, or successful third-party attack [Crabtree disclose predictive analysis (see FIGS. 5-7)]. The motivation to combine is the same as that of claim 17 above.

Response to Arguments
Applicant’s arguments with respect to the pending claim(s) have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 

Contact Information
Any inquiry concerning this communication or earlier communications from the examiner should be directed to AMARE F TABOR whose telephone number is (571)270-3155. The examiner can normally be reached Mon.—Fri.: 8:00 AM to 5:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, KAMBIZ ZAND can be reached on (571) 272-3811. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/AMARE F TABOR/Primary Examiner, Art Unit 2434