DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claims 1-20 are pending in this application.
IDS submitted on 08/13/2021 has been considered by the Examiner.


Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Claims 1, 3-7, 11 and 13-17 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1, 3-11 and 13-19 of U.S. Patent No. US11,128,448 B1. Although the claims at issue are not identical, they are not patentably distinct from each other because claims 1, 3-11 and 13-19 of U.S. Patent No. US11,128,448 B1 contains every element of claims 1, 3-7, 11 and 13-17 of the instant application and thus anticipate the claims of the instant application (see Claim Comparison Table below).

Instant Application 17/402,024
Patent NO.: 11,128,448 B1
1. A storage system comprising: 
a plurality of storage devices and a controller, wherein the storage devices are configured into one or more write groups, and the controller is configured to carry out: 
encrypting a device key for each storage device using a master secret to generate an encrypted device key for each storage device; 












generating, for each write group, a plurality of shares from the master secret including creating a number of shares required to reconstruct the master secret equal to a minimum number of storage devices required from each write group for a quorum to boot the storage system; and 




storing, for each storage device, the encrypted device key and the respective share in the storage devices.
1. A storage system comprising: 
a plurality of storage devices and a controller, wherein the storage devices are configured into one or more write groups, and the controller is configured to carry out: 
encrypting a device key for each storage device using a master secret to generate an encrypted device key for each storage device; 
generating a plurality of intermediate shares for reconstructing the master secret, wherein generating the plurality of intermediate shares comprises splitting the master secret into the plurality of intermediate shares such that each write group is associated with an intermediate share of the plurality of intermediate shares such that each intermediate share of the plurality of intermediate shares is required to reconstruct the master secret; 
generating, for each write group, a plurality of shares for reconstructing an intermediate share associated with a respective write group, wherein generating the plurality of shares comprises splitting each intermediate share associated with the respective write group into a plurality of shares such that each storage device in the respective write group is associated with a respective share of the plurality of shares; and 
storing, for each storage device, the encrypted device key and the respective share in the storage device, wherein, for each write group, a minimum number of storage devices required for a quorum to boot the storage system is at least equal to a minimum number of shares associated with the write group required to reconstruct the intermediate share associated with the write group.
3. The storage system of claim 1, wherein the number of storage devices in each write group is not less than eight and the allowed number of failed storage devices comprises four.
3. The storage system of claim 2, wherein the number of storage devices in each write group is not less than eight and the second number of possible failed devices comprises four.
4. The storage system of claim 1, wherein the number of storage devices in each write group is less than eight and the allowed number of failed storage devices comprises a number less than half of the number of storage devices in each write group.
4. The storage system of claim 2, wherein the number of storage devices in each write group is less than eight and the second number of possible failed devices comprises a number less than half of the number of storage devices in each write group.
5. The storage system of claim 4, wherein the controller is further configured to carry out the step of notifying a user to add additional storage devices to one or more write groups.
5. The storage system of claim 4, wherein the controller is further configured to carry out the step of notifying a user to add additional storage devices to one or more write groups.
6. The storage system of claim 1, wherein encrypting the device key further comprises encrypting the device key using the master secret and a value unique to the corresponding storage device.
6. The storage system of claim 1, wherein encrypting the device key further comprises encrypting the device key using the master secret and a value unique to the corresponding storage device.
7. The storage system of claim 1, 
wherein the controller is further configured to: reconstruct the master secret; 
decrypt one or more encrypted device keys using the master secret; 


store the decrypted device keys in a volatile memory; and 

use the decrypted device keys to decrypt data stored on one or more of the storage devices.
7. The storage system of claim 3, 
wherein the controller is further configured to carry out: reconstructing the master secret.

8. The system of claim 7, wherein the controller is further configured to carry out decrypting one or more of the encrypted device keys using the master secret to generate one or more decrypted device keys.
9. The system of claim 8, wherein the controller is further configured to carry out storing the one or more decrypted device keys in a volatile memory.

10. The system of claim 9, wherein the controller is further configured to carry out using the one or more decrypted device keys to decrypt data stored on one or more of the storage devices.

11. A method comprising: 
encrypting a device key for each storage device in a storage system using a master secret to generate an encrypted device key for each storage device, wherein the storage devices are configured into one or more write groups; 


generating, for each write group, a plurality of shares from the master secret including creating a number of shares required to reconstruct the master secret equal to a minimum number of storage devices required from each write group for a quorum to boot the storage system; and




















 
storing, for each storage device, the encrypted device key and the respective share in the storage devices.
11. A method comprising: 
encrypting a device key for each storage device of a plurality of storage devices of a storage system, using a master secret to generate an encrypted device key for each storage device, wherein the plurality of storage devices are configured into one or more write groups; 

generating a plurality of intermediate shares for reconstructing the master secret, wherein generating the plurality of intermediate shares comprises splitting the master secret into the plurality of intermediate shares such that each write group is associated with an intermediate share of the plurality of intermediate shares such that each intermediate share of the plurality of intermediate shares is required to reconstruct the master secret; generating, for each write group, a plurality of shares for reconstructing an intermediate share associated with a respective write group, wherein generating the plurality of shares comprises splitting each intermediate share associated with the respective write group into a plurality of shares such that each storage device in the respective write group is associated with a respective share of the plurality of shares such that a minimum number of storage devices required from each write group for a quorum to boot the storage system is at least equal to a minimum number of shares required to reconstruct the intermediate share associated with the respective write group; and 
storing the encrypted device keys and the plurality of shares in the storage devices.
13. The method of claim 11, wherein the number of storage devices in each write group is not less than eight and the allowed number of failed storage devices comprises four.
13. The method of claim 12, wherein the number of storage devices in each write group is not less than eight and the second number of possible failed devices comprises four.
14. The method of claim 11, wherein the number of storage devices in each write group is less than eight and the allowed number of failed storage devices comprises a number less than half of the number of storage devices in each write group.
14. The method of claim 12, wherein the number of storage devices in each write group is less than eight and the second number of possible failed devices comprises a number less than half of the number of storage devices in each write group.
15. The method of claim 14, further comprising notifying a user to add additional storage devices to one or more write groups.
15. The method of claim 14, further comprising notifying a user to add additional storage devices to one or more write groups.
16. The method of claim 11, wherein encrypting the device key further comprises encrypting the device key using the master secret and a value unique to the corresponding storage device.
16. The method of claim 11, wherein encrypting the device key further comprises encrypting the device key using the master secret and a value unique to a corresponding storage device.
17. The method of claim 11, further comprising: reconstructing the master secret; decrypting one or more encrypted device keys using the master secret; 
storing the decrypted device keys in a volatile memory; and 

using the decrypted device keys to decrypt data stored on one or more of the storage devices.
17. The method of claim 11, further comprising decrypting the one or more encrypted device keys using the master secret to generate one or more decrypted device keys.


18. The method of claim 17, further comprising storing the one or more decrypted device keys in a volatile memory.


19. The method of claim 18, further comprising using the one or more decrypted device keys to decrypt data stored on one or more of the storage devices.



.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-4, 7, 11-14 and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Murty et al. (Pub. No.: US 2003/0084290 A1) (hereinafter, “Murty”) in view of Hansen (Pub. No.: US 2011/0022574 A1) and further in view of Gamache et al. (Patent No.: US 6, 453, 426 B1) (hereinafter, “Gamache”).

As to claim 1, Murty discloses a storage system comprising: a plurality of storage devices and a controller, wherein the storage devices are configured into one or more write groups (Fig. 2, [0028], [0031]; herein, item 18 of Fig. 2 reads on plurality of storage devices and item 20 of Fig. 2 reads on a controller), and the controller is configured to carry out: 
encrypting a device key for each storage device using a master secret to generate an encrypted device key for each storage device (“Preferably, before being stored on the secure storage devices 18a, the storage key is encrypted using a master key stored on a master key hardware component 50 (FIG. 5) in the security appliance 20. According to one embodiment, the security appliance 20 encrypts the storage key using the master key before writing the storage key to one of the secure storage devices 18a.” –e.g. see, [0031]; herein, a storage key (i.e. a device key) is encrypted using a master key; see also, [0029]: “”To elaborate, each of the secure storage devices 18a has an associated storage key that is used to encrypt data stored on that particular secure storage device 18a. Different secure storage devices 18a will have different storage keys and will be accessible by different secure host servers 12a.”; herein, Murty teaches that each device a storage key unique to a particular device (i.e. storage key is equivalent to a device key)); 
storing, for each storage device, the encrypted device key and the respective share in the storage devices (“Preferably, before being stored on the secure storage devices 18a, the storage key is encrypted using a master key stored on a master key hardware component 50 (FIG. 5) in the security appliance 20.” –e.g. see, [0031]; herein, encrypted device key is stored on the secure storage devices; Furthermore, storage devices are also storing plurality of shares (i.e. stored according to a secret sharing scheme)-e.g. see, [0032]).
Although Murty teaches the concept of dividing a key into a plurality of shares and storing the shares in plurality of storage and reconstructing the key from these shares (e.g. see, [0032]), Murty may not explicitly disclose generating, for each write group, a plurality of shares from the master secret including creating a number of shares required to reconstruct the master secret ….
However, in an analogous art, Hansen discloses generating, for each write group, a plurality of shares from the master secret including creating a number of shares required to reconstruct the master secret (“the virtual memory file system divides the master secret token s into n parts or shares. The n shares have a characteristic that the combination of any threshold number t of the n shares can recreate the master secret token s. In step 710, the virtual memory file system of the primary server distributes each of the n shares to a different server in the cluster.”-e.g. see, [0025]; herein, ‘n shares’ are the minimum number of shares required to reconstruct the master secret; “n shares” could be any number of shares that is equivalent to number of write groups and threshold number t of the n share may represent number of required storage devise in each group; see also, [0026]).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to modify the teaching of Murty as taught by Hansen in order to provide a secure master key storage mechanism which would be very difficult to be compromised.
Neither Murthy nor Hansen explicitly disclose reconstruct the master secret equal to a minimum number of storage devices required from each write group for a quorum to boot the storage system.
However, in an analogous art, Gamache discloses a minimum number of storage devices required from each write group for a quorum to boot the storage system (“In this “quorum of replica members" configuration, (FIG. 4C), the core boot data 102.sub.1 -102.sub.3 is replicated to each member 112.sub.1 -112.sub.3, and ownership of a quorum (majority) of the possible replica members 112.sub.1 -112.sub.3 is needed to form and maintain a cluster. In keeping with the invention, the cluster always has the most up-to-date core boot data since the quorum requirement ensures that at least one replica member that was common to the replica set of the prior cluster is in the replica set of the subsequent cluster. High reliability is achieved via the replication of the data.” –e.g. see, col. 11, lines 19-40).
Herein, Hansen teaches generating a plurality of shares from a master secret wherein a minimum number of shares required to reconstruct the master secret and Gamache teaches the concept of using write group for a quorum to boot a storage system in a cluster environment. Therefore, using the combination of Hansen and Gamache, anyone with ordinary skill in the art can use the minimum number of write group for a quorum to boot the storage system which would be same as minimum number of shares to reconstruct the master secret. Any number of storage devices can be selected as long as the total number is not less than n parts as explained in Hansen as part of Shamir’s secret sharing algorithm.
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to modify the teaching of Murty and Hansen as taught by Gamache in order to achieve high reliability of bootup mechanism in a distributed storage system.

As to claim 11, it is rejected using the similar rationale as for the rejection of claim 1.

As to claims 2 and 12, the combination of Murty, Hansen and Gamache disclose wherein the number of shares required to reconstruct the master secret is made equal to a number of storage devices in a write group less an allowed number of failed storage devices (Hansen: “the virtual memory file system divides the master secret token s into n parts or shares. The n shares have a characteristic that the combination of any threshold number t of the n shares can recreate the master secret token s. In step 710, the virtual memory file system of the primary server distributes each of the n shares to a different server in the cluster.”-e.g. see, Hansen: [0025], see also, [0026], herein, secondary server 200.sub.B continues to receive master secret token shares until it has received a threshold t of master secret token shares. In an embodiment having competing secondary servers, another secondary server may obtain the threshold t of master secret token shares before secondary server 200.sub.B, for example, if the secondary servers follow the rules of acceptance in accordance with Lamport's Paxos algorithm or similar algorithms. In step 740, secondary server 200.sub.B is able to generate master secret token s from the t shares.).

As to claims 3 and 13, the combination of Murty, Hansen and  Gamache disclose wherein the number of storage devices in each write group is not less than eight and the allowed number of failed storage devices comprises four (Hansen: [0025], see also, [0026]; herein, any number of storage devices can be selected as long as the total number is not less than n parts as explained in Hansen as part of Shamir’s secret sharing algorithm).

As to claim 4, the combination of Murty, Hansen and  Gamache disclose wherein the number of storage devices in each write group is less than eight and the allowed number of failed storage devices comprises a number less than half of the number of storage devices in each write group (Hansen: [0025], see also, [0026]; herein, any number of storage devices can be selected as long as the total number is not less than n parts as explained in Hansen as part of Shamir’s secret sharing algorithm).

As to claims 7 and 17, Murty discloses decrypt one or more encrypted device keys using the master secret; store the decrypted device keys in a volatile memory (“a key management means 48 for providing a storage key and associated storage identity information to the HSED 22 following authentication, and a key storage means 58 for securely storing: a root key component 57 for signing all certificates in a secure storage network (FIG. 1) and all transactions that the security appliance 20 initiates and responds to, a master key component 50 for encrypting and decrypting the storage key before and after storage respectively” -e.g. see, Murty: [0035]); and use the decrypted device keys to decrypt data stored on one or more of the storage devices (Murty: “In the case of encryption of data, it uses the storage key thus obtained to encrypt data before writing the data to a secure storage device 18a identified in the response by the storage device associations. In the case of decryption of data, the HSED 22 will retrieve the encrypted data from the secure storage devices 18a identified by the storage device associations, and then decrypt this data using the storage key.” –e.g. see, Murty: [0030]; which shows data from each storage device is decrypted with unique storage key associated with that storage device, see also, Murty: [0039]).
Murty may not explicitly disclose wherein the controller is further configured to: reconstruct the master secret;
However, in an analogous art, Hansen discloses wherein the controller is further configured to: reconstruct the master secret (“ … secret sharing methods may be used to divide and reconstruct master secret token s in accordance with embodiments of the invention” -e.g. see, Hansen: [0025]).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to modify the teaching of Murty as taught by Hansen in order to provide a secure master key storage mechanism which would be very difficult to be compromised.

Claims 5 and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Murty in view of Hansen in view of Gamache and further in view of Bish et al. (US 2011/0145497 A1) (hereinafter, “Bish”).

As to claims 5 and 15, neither Murty nor Hansen nor Gamache explicitly disclose wherein the controller is further configured to carry out the step of notifying a user to add additional storage devices to one or more write groups.
However, in an analogous art, Bish discloses wherein the controller is further configured to carry out the step of notifying a user to add additional storage devices to one or more write groups (“… Hence, the creation module 410 may alert or notify a user via management interface 355 that the cluster 220(d) being added to the family 280(1), for example, is currently a family member of another family 280(2). The user may then deselect 220(d) from family 280(2) and add or reselect 220(d) to family 280(1). Accordingly, the creation module 410 allows all clusters 220 in a domain 205 (e.g., a grid) to be aware of their own role and relationship to their family they reside in, to other family members, and to non-family members residing in other families.” -e.g. see, Bish: [0086]; herein, cluster is equivalent to storage device which is selected by a user for a family (i.e. write group)).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to modify the teaching of Murty, Hansen and Gamache as taught by Bish in order to  achieve cumulative consistency within the cluster family of at least two outside data objects and share data within the cluster family so that all clusters within the cluster family have a consistent copy of each outside data object. (Bish, Spec, [0007]).

Claims 6 and 16 are rejected under 35 U.S.C. 103 as being unpatentable over Murty in view of Hansen in view of Gamache and further in view of Ito et al. (Pub. No.; US 2010/0189265 A1) (hereinafter, “Ito”).

As to claims 6 and 16, neither Murty nor Hansen nor Gamache explicitly disclose wherein encrypting the device key further comprises encrypting the device key using the master secret and a value unique to the corresponding storage device.
However, in an analogous art, Ito discloses wherein encrypting the device key further comprises encrypting the device key using the master secret and a value unique to the corresponding storage device (Ito: “..the device key encryption server generating an encrypted device key by encrypting a predetermined device key using a predetermined unique manufacturer key, the predetermined unique manufacturer key being generated based on the unique information and the manufacturer key;” –e.g. see, Ito: [0016]; herein manufacturer key is equivalent to a value unique to the corresponding storage device which is decrypted using master key and device key is decrypted using manufacturer key which implies that the master key and a value unique to the corresponding storage device is used to decrypt the unique device key).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to modify the teaching of Murty, Hansen and Gamache as taught by Ito in order to set device keys for use in a network service in terminals in a manner that the device keys will not be exposed, tampered with or misused, and conventional techniques do not allow device keys to be set in terminals in a cost-effective way as suggested by Ito (Ito, Spec, [0015]).

Claims 8-9 and 18-19 are rejected under 35 U.S.C. 103 as being unpatentable over Murty in view of Hansen in view of Gamache and further in view of Gosnell (US 2010/0299315 A1).

As to claims 8 and 18, Murty discloses wherein the controller is further configured to carry out the steps of: 
encrypting each device key using the new master secret to generate a new encrypted device key for each storage device (“Preferably, before being stored on the secure storage devices 18a, the storage key is encrypted using a master key stored on a master key hardware component 50 (FIG. 5) in the security appliance 20. According to one embodiment, the security appliance 20 encrypts the storage key using the master key before writing the storage key to one of the secure storage devices 18a.” –e.g. see, [0031]; herein, a storage key (i.e. a device key) is encrypted using a master key; see also, [0029]: “”To elaborate, each of the secure storage devices 18a has an associated storage key that is used to encrypt data stored on that particular secure storage device 18a. Different secure storage devices 18a will have different storage keys and will be accessible by different secure host servers 12a.”; herein, Murty teaches that each device a storage key unique to a particular device (i.e. storage key is equivalent to a device key)); 
storing, for each storage device, the new encrypted device key and a separate respective share in each storage device (“Preferably, before being stored on the secure storage devices 18a, the storage key is encrypted using a master key stored on a master key hardware component 50 (FIG. 5) in the security appliance 20.” –e.g. see, [0031]; herein, encrypted device key is stored on the secure storage devices; Furthermore, storage devices are also storing plurality of shares (i.e. stored according to a secret sharing scheme)-e.g. see, [0032]).
Murty may not explicitly disclose generating a new master secret;
generating, for each write group, a plurality of shares from the new master secret including creating a number of shares required to reconstruct the master secret equal to the minimum number of storage devices required from each write group for the quorum to boot the storage system less an allowed number of failed storage devices; 
However, in an analogous art, Hansen discloses generating, for each write group, a plurality of shares from the new master secret including creating a number of shares required to reconstruct the master secret … less an allowed number of failed storage devices (“the virtual memory file system divides the master secret token s into n parts or shares. The n shares have a characteristic that the combination of any threshold number t of the n shares can recreate the master secret token s. In step 710, the virtual memory file system of the primary server distributes each of the n shares to a different server in the cluster.”-e.g. see, [0025]; herein, ‘n shares’ are the minimum number of shares required to reconstruct the master secret; “n shares” could be any number of shares that is equivalent to number of write groups and threshold number t of the n share may represent number of required storage devise in each group; see also, [0026]).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to modify the teaching of Murty as taught by Hansen in order to provide a secure master key storage mechanism which would be very difficult to be compromised.
Neither Murthy nor Hansen explicitly disclose generating a new master secret; reconstruct the master secret equal to the minimum number of storage devices required from each write group for the quorum to boot the storage system.
However, in an analogous art, Gamache discloses reconstruct the master secret equal to the minimum number of storage devices required from each write group for the quorum to boot the storage system (“In this “quorum of replica members" configuration, (FIG. 4C), the core boot data 102.sub.1 -102.sub.3 is replicated to each member 112.sub.1 -112.sub.3, and ownership of a quorum (majority) of the possible replica members 112.sub.1 -112.sub.3 is needed to form and maintain a cluster. In keeping with the invention, the cluster always has the most up-to-date core boot data since the quorum requirement ensures that at least one replica member that was common to the replica set of the prior cluster is in the replica set of the subsequent cluster. High reliability is achieved via the replication of the data.” –e.g. see, col. 11, lines 19-40).
Herein, Hansen teaches generating a plurality of shares from a master secret wherein a minimum number of shares required to reconstruct the master secret and Gamache teaches the concept of using write group for a quorum to boot a storage system in a cluster environment. Therefore, using the combination of Hansen and Gamache, anyone with ordinary skill in the art can use the minimum number of write group for a quorum to boot the storage system which would be same as minimum number of shares to reconstruct the master secret. Any number of storage devices can be selected as long as the total number is not less than n parts as explained in Hansen as part of Shamir’s secret sharing algorithm.
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to modify the teaching of Murty and Hansen as taught by Gamache in order to achieve high reliability of bootup mechanism in a distributed storage system.
Neither Murthy nor Hansen nor Gamache explicitly disclose generating a new master secret.
However, in an analogous art, Gosnell discloses generating a new master secret (“The method can also comprise retiring a master key after a predetermined period of time. Retiring the master key includes obtaining a new master key; decrypting the one or more key containers with the master key; encrypting the one or more key containers with the new master key; and locking away the master key.” -e.g. see, [0028]).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to modify the teaching of Murty, Hansen and Gamache as taught by Gosnell in order to prevent unauthorized access to the device key.

As to claims 9 and 19, the combination of Murty, Hansen, Gamache and Gosnell disclose wherein generating a new master secret further comprises generating the new master secret periodically on a predetermined schedule (“The method can also comprise retiring a master key after a predetermined period of time. Retiring the master key includes obtaining a new master key; decrypting the one or more key containers with the master key; encrypting the one or more key containers with the new master key; and locking away the master key.” -e.g. see, Gosnell: [0028]).

Claims 10 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Murty in view of Hansen in view of Gamache in view of Gosnell and further in view of Chow (US 2002/0154782 A1).

As to claims 10 and 20, neither Murty nor Hansen nor Gamache nor Gosnell explicitly disclose wherein generating a new master secret further comprises generating the new master secret in response to detecting a failed storage device.
However, in an analogous art, Chow discloses wherein generating a new master secret further comprises generating the new master secret in response to detecting a failed storage device (“Referring to FIG. 9, during operation of method 900, the compromise monitor 110 continuously monitors to determine if the group key is compromised at step 902. If no, then the system 100 remains idle as indicated by step 904, while the method 900 continues to monitor for a compromised group key at step 902. If yes, the central node 104 is notified at step 906 that (1) that the group key needs to expire immediately, (2) a new group key needs to be generated immediately, and (3) the new group key needs to be immediately distributed to the branch nodes 106. At step 908 a compromised branch node 106 is added to the revocation list stored in storage 212 in the central node 104 that is accessed during operation of methods 600 and 700. The method 900 then returns to step 902 and continues to monitor for a compromised group key.” -e.g. see, Chow: [0049]).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to modify the teaching of Murty, Hansen, Gamache and Gosnell as taught by Chow in order to provide a scalable, on-demand group key agreement within a scalable content delivery network (Chow: [0013]).

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SUMAN DEBNATH whose telephone number is (571)270-1256. The examiner can normally be reached Mon-Fri; 9:00am-5:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached on 571-272-3739. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

SUMAN DEBNATH
Patent Examiner
Art Unit 2495



/S.D/Examiner, Art Unit 2495                                                                                                                                                                                                        
/PONNOREAY PICH/Primary Examiner, Art Unit 2495