DETAILED ACTION
This Office Action is in response to the amendment filed on 9/9/2025.
Claims 5-7, 10-11, 14, and 16-18 have been canceled.
Claims 1, 3, 9, 13, 15 and 19-20 have been amended.
Claims 1-4, 8-9, 12-13, 15 and 19-20 are pending for consideration.
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 10/8/2025 has been entered.
Response to Arguments
Applicant’s arguments (i.e., “subsequent to removing the cryptographic information, receiving the cryptographic information responsive to the device being determined to be in a secure location”) with respect to claim(s) 1-4, 8-9, 12-13, 15 and 19-20 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.
Claim Rejections - 35 USC § 112
The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.
The following is a quotation of the first paragraph of pre-AIA 35 U.S.C. 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention.
Claims 1-4, 8-9, 12-13, 15 and 19-20 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement. The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA 35 U.S.C. 112, the inventor(s), at the time the application was filed, had possession of the claimed invention.
Regarding claims 1, 9 and 15, the claims recite “subsequent to removing the cryptographic information, receiving the cryptographic information responsive to the device being determined to be in a secure location”. The claims lack sufficient written description to show the applicant possessed the full scope of the invention recited in the claim, the specification must describe the claimed invention in sufficient detail that one skilled in the art can reasonably conclude that the inventor had possession of the claimed invention at the time of filing. See Reiffin v. Microsoft Corp., 214 F.3d 1342, 1345 (Fed. Cir. 2000) and MPEP 2161.01 (I).
Applicant’s specification does not describe an algorithm/steps/flows that perform the function “subsequent to removing the cryptographic information, receiving the cryptographic information responsive to the device being determined to be in a secure location” in sufficient detail such that one of ordinary skill in the art can reasonably conclude that the inventor invented the claimed subject matter. For example, Applicant’s specification, paragraph 0031, discloses “subsequent to the cryptographic key being logically erased, the RPMB control component 105 can further trigger an RPMB purge operation”. Furthermore, paragraph 0046 discloses an administrator that can monitor a location of a device and force the device to remove the cryptographic key when the device is in an unsecure area.
The Applicant is respectfully reminded that the MPEP section 2163.02, “An applicant shows possession of the claimed invention by describing the claimed invention with all of its limitations using such descriptive means as words, structures, figures, diagrams, and formulas that fully set forth the claimed invention. Lockwood v. Am. Airlines, Inc., 107 F.3d 1565, 1572, 41 USPQ2d 1961, 1966 (Fed. Cir. 1997); and MPEP section 2163.03, "Even if a claim is supported by the specification, the language of the specification, to the extent possible, must describe the claimed invention so that one skilled in the art can recognize what is claimed. The appearance of mere indistinct words in a specification or a claim, even an original claim, does not necessarily satisfy that requirement." See Enzo Biochem, Inc. v. Gen-Probe, Inc., 323 F.3d 956, 968, 63 USPQ2d 1609, 1616 (Fed. Cir. 2002). Possession may be shown in a variety of ways including description of an actual reduction to practice, or by showing that the invention was "ready for patenting" such as by the disclosure of drawings or structural chemical formulas that show that the invention was complete, or by describing distinguishing identifying characteristics sufficient to show that the applicant was in possession of the claimed invention.” Here, the Examiner does not find the description, drawing or formula as complete nor distinguishing to show that the applicant was in possession of the claimed invention.
Claims 2-4, 8, 12-13 and 19-20 are dependent claims depended on claims 1, 9 and 15 respectively. The claims 2-4, 8, 12-13 and 19-20 are rejected for the same reasons as that of parent claims 1, 9 and 15, respectively. Appropriate corrections are required.
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
Regarding claims 2-4, 8, 12-13 and 19-20, the claims are rejected for lack of sufficient written description. According to MPEP 2161.01 (I), a rejection under 35 U.S.C. 112(b) or the second paragraph of pre-AIA 35 U.S.C. 112 must be made in addition to the written description rejection. According to MPEP 2173, 35 U.S.C. 112(b) or pre-AIA 35 U.S.C. 112, second paragraph requires that a patent application specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention. A secondary purpose is to provide a clear measure of what the inventor or a joint inventor regards as the invention so that it can be determined whether the claimed invention meets all the criteria for patentability and whether the specification meets the criteria of 35 U.S.C. 112(a) or pre-AIA 35 U.S.C. 112, first paragraph with respect to the claimed invention. Therefore, the claim must be rejected under 112(b) because it does not comply with written description requirement under 35 U.S.C 112(a). For the purpose of prior art examination, the claims are interpreted as best understood. Appropriate corrections are required.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim(s) 1-4, 8-9, 13, 15 and 19-20 are rejected under 35 U.S.C. 103 as being unpatentable over McClintock (US 20190035238) (hereinafter McClintock) in view of MUTHUKUMARAN et al. (US 20220075523) (hereinafter MUTHUKUMARAN), and further in view of McClintock et al. (US 10129299) (hereinafter McClintock_A).
Regarding claim 1, McClintock discloses a method, comprising:
accessing, by a device, data using cryptographic information of the device that is configured to store the cryptographic information (McClintock: paragraphs 0032, 0035, 0046, 0084, 0086 and 0088, “a case where the device has a file system that supports encryption, such as FileVault 2 or Encrypting File System, and, so long as sensors of the device indicate that the device is within a work place, the file system should remain unencrypted. However, if the sensors of the device detect that the device has left the workplace, the device may encrypt the file system and/or delete the decryption keys from memory”); and
removing, to prevent the device from accessing the data using the cryptographic information, the cryptographic information from the device based at least in part on a location of the device (McClintock: paragraphs 0034, 0064 and 0083-0088, “if the sensors of the device detect that the device has left the workplace, the device may encrypt the file system and/or delete the decryption keys from memory”…“if the sensors on the device detect that the device has been removed and transported beyond a certain distance (e.g., 1,000 feet), the device may cause its memory, persistent storage, and/or cryptographic keys to be erased”).
McClintock does not explicitly disclose the following limitations which are disclosed by MUTHUKUMARAN, the cryptographic information is stored in a replay protected memory block (RPMB) of the device that is configured to store the cryptographic information in a replay protected manner (MUTHUKUMARAN: see figure 1; and paragraphs 0032, 0041 and 0047, “Although a local purge operation may only actually purge data blocks 104 in the first partition 102A, in an embodiment in which the data blocks 104 in the first partition 102A are used to store key information associated with encrypted data stored in data blocks” … “The special or local partition, such as the first partition 102A in the illustrated embodiment, may be, for example, a Replay-Protected Memory Block (“RPMB”). An RPMB is a type of authenticated-access partition.”); reconfiguring a logical-to-physical mapping table to not to include a physical address associated with the cryptographic information in the table (Muthukumaran: see figure 1
PNG
media_image1.png
722
626
media_image1.png
Greyscale
and paragraphs 0023, 0032, 0034, 0038, 0042 and 0047, “In response to a global Purge command issued by the host system 204, the controller 206 may erase all de-mapped blocks 104. Managed flash devices also may implement a Format Unit command. In response to a Format Unit command issued by the host system 204, the controller 206 may erase all de-mapped blocks 104 (e.g., in response to an Erase command) and then write various data values, such as all zeroes, all ones, random numbers, etc., to the erased blocks”); and performing a purge operation on the RPMB to physically erase the cryptographic information such that no physical storage locations of the RPMB store the cryptographic information anymore (MUTHUKUMARAN: paragraphs 0032, 0037-0038, 0041-0042 and 0047, “An erased block may also be referred to as being in a “free” state”…“ may implement a Purge command, which may be referred to herein as a global Purge command to distinguish it from a local purge command that is described below. In response to a global Purge command issued by the host system 204, the controller 206 may erase all de-mapped blocks 104. Managed flash devices also may implement a Format Unit command. In response to a Format Unit command issued by the host system 204, the controller 206 may erase all de-mapped blocks 104 (e.g., in response to an Erase command)”).
McClintock and MUTHUKUMARAN are analogous art because they are from the same field of endeavor, data protection. Before the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of McClintock and MUTHUKUMARAN before him or her, to modify the system of McClintock to include a replay protected memory block, reconfiguring a logical-to-physical mapping table to not to include a physical address and performing a purge operation on a RPMB to physically erase a cryptographic information of MUTHUKUMARAN. The suggestion/motivation for doing so would have been to eliminating physical manifestations of de-mapped data from a memory to prevent data from being retrieved (MUTHUKUMARAN: paragraph 0037).
McClintock as modified discloses subsequent to removing the cryptographic information (McClintock: paragraphs 0016, 0021, 0023-0024 and 0088, “automatically detecting low-risk locations, and dynamically adjusting security states with minimal user input, thereby improving the user experience”), (McClintock: paragraphs 0016, 0021, 0023-0024 and 0088, Examiner notes: in lower security states, the user data is not encrypted, and higher security state would cause data to be encrypted, that needs key to be decrypted (McClintock: paragraph 0024)).
Although McClintock as modified does not explicitly disclose receiving the cryptographic information responsive to the device being determined to be in a secure location. On the other hand, McClintock_A discloses subsequent to removing the cryptographic information (McClintock_A: paragraph (29), “The beacon device may enforce at least a portion of the policy mechanisms by encrypting data on computing devices of the user. For example, the user may receive an encryption key from the beacon device and the user's computing device may use the encryption key to encrypt a particular software application or data stored on the user's computing device such that the application may only be accessible by the computing device when the beacon device is detected”; paragraph (57): “The user device 604 may determine that the user device 604 is in the untrusted environment 600A … For example, the user device 604 may prevent one or more applications from executing on the user device 604) , receiving the cryptographic information responsive to the device being determined to be in a secure location (McClintock_A: paragraphs (28), (29), (59), (84) and (86), “The loader application may load the encrypted executable of the application into memory of the user device 1502 and decrypt the executable with the decryption key 1610 such that the application may be executed by the user device 1504 … encrypt the application with the key 1510 and destroy the key 1510 or otherwise make the key 1510 unavailable such as by overwriting the key with other data”… “If access is allowed the beacon device may transmit the decryption key 1612 to the user device. The decryption key may be configured to enable the user device to access the application”).
McClintock as modified and McClintock_A are analogous art because they are from the same field of endeavor, data protection. Before the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of McClintock as modified and McClintock_A before him or her, to modify the system of McClintock as modified to include subsequent to removing a cryptographic information, receiving the cryptographic information responsive to a device being determined to be in a secure location of McClintock_A. The suggestion/motivation for doing so would have been to enhancements to network devices such that the enhanced network devices are capable of implementing a secure computing environment (McClintock_A: paragraph (22)).
Regarding claim 9, the claim 9 discloses a device claim that is substantially equivalent to the method of claim 1. Therefore, the arguments set forth above with respect to claim 1 are equally applicable to claim 9 and rejected for the same reasons.
Regarding claim 15, the claim 15 discloses a device claim that is substantially equivalent to the method of claim 1. Therefore, the arguments set forth above with respect to claim 1 are equally applicable to claim 15 and rejected for the same reasons.
Regarding claim 2, McClintock as modified discloses wherein removing the cryptographic information from the device based at least in part on the location of the device further comprises removing the cryptographic information from the device responsive to the device being determined to be not in a secure location (McClintock: paragraphs 0034 and 0083-0088, “so long as sensors of the device indicate that the device is within a work place, the file system should remain unencrypted. However, if the sensors of the device detect that the device has left the workplace, the device may encrypt the file system and/or delete the decryption keys from memory”).
Regarding claim 3, McClintock as modified discloses further comprising, after receiving the cryptographic information responsive to the device being determined to be in a secure location, accessing the data using the cryptographic information while the device is in the secure location (McClintock: paragraphs 0034, 0064 and 0083-0088, “However, if the sensors of the device detect that the device has left the workplace, the device may encrypt the file system and/or delete the decryption keys from memory”… “if the sensors on the device detect that the device has been removed and transported beyond a certain distance (e.g., 1,000 feet), the device may cause its memory, persistent storage, and/or cryptographic keys to be erased”).
Regarding claim 4, McClintock as modified discloses further comprising, prior to accessing the data using the cryptographic information, receiving the cryptographic information from a temporarily approved location to access the data using the cryptographic information while the device is not in the secure location (McClintock: paragraphs 0034, 0064 and 0083-0088, “However, if the sensors of the device detect that the device has left the workplace, the device may encrypt the file system and/or delete the decryption keys from memory”… “if the sensors on the device detect that the device has been removed and transported beyond a certain distance (e.g., 1,000 feet), the device may cause its memory, persistent storage, and/or cryptographic keys to be erased”).
Regarding claim 8, McClintock as modified discloses wherein accessing the data using the cryptographic information further comprises decrypting the data using the cryptographic information (McClintock: paragraphs 0024 and 0084, “this may involve locking the system and/or encrypting data in memory and/or persistent storage such that credentials of an authorized user may need to be provided in order to unlock the system and/or decrypt the data”… “if the sensors of the device detect that the device has left the workplace, the device may encrypt the file system and/or delete the decryption keys from memory”).
Regarding claim 13, McClintock as modified discloses wherein the controller is configured to receive and store the cryptographic information in the memory array in response to the apparatus being determined to be in a third location (McClintock: paragraphs 0033, 0052 and 0084, “so long as sensors of the device indicate that the device is within a work place, the file system should remain unencrypted. However, if the sensors of the device detect that the device has left the workplace, the device may encrypt the file system and/or delete the decryption keys from memory”).
Regarding claim 19, McClintock as modified discloses wherein the controller is configured to decrypt, to access the data, the data stored in the memory array using the cryptographic information stored in the RPMB (McClintock: paragraphs 0033, 0052 and 0084, “so long as sensors of the device indicate that the device is within a work place, the file system should remain unencrypted. However, if the sensors of the device detect that the device has left the workplace, the device may encrypt the file system and/or delete the decryption keys from memory”).
Regarding claim 20, McClintock as modified discloses wherein the controller is configured to receive the cryptographic information in response to the apparatus being determined to be in a third location (McClintock: paragraphs 0033, 0052 and 0084, “so long as sensors of the device indicate that the device is within a work place, the file system should remain unencrypted. However, if the sensors of the device detect that the device has left the workplace, the device may encrypt the file system and/or delete the decryption keys from memory”).
Claim 12 is rejected under 35 U.S.C. 103 as being unpatentable over McClintock in view of MUTHUKUMARAN in view of McClintock_A, and further in view of Ostrovsky et al. (US 20220012172) (hereinafter Ostrovsky).
Regarding claim 12, McClintock as modified does not explicitly disclose the following limitation which is disclosed by Ostrovsky, wherein the apparatus is a universal flash storage (UFS) device (Ostrovsky: paragraphs 0207 and 0221, “The first version (see FIGS. 4A and 4B) is utilizing the described architecture to the system to guarantee that any dereferenced data is erased from the flash devices or other solid-state memory within a certain time bound (e.g., within 3 days or other time bound as readily devised). The erasure time bound may be system selected or user settable as to time duration and/or applicability to some data and not other data”.. “where keys 506 are stored, than in the second type of memory 606 (e.g., flash memory) in which data, encrypted or not, is stored. The action to the erase blocks 610 is also applicable to physically deleting data, as described above. These actions could be mixed in a further embodiment, where a key(s) is overwritten, and encrypted data is dereferenced then prioritized for garbage collection and erasure of the block, in response to receiving a delete 424 direction for the encrypted data 612.”).
McClintock as modified and Ostrovsky are analogous art because they are from the same field of endeavor, data protection. Before the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of McClintock as modified and Ostrovsky before him or her, to modify the system of McClintock as modified to include an apparatus that is a universal flash storage (UFS) device of Ostrovsky. The suggestion/motivation for doing so would have been to secure data stored on the storage system (Ostrovsky: paragraph 0190).
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to TRANG T DOAN whose telephone number is (571)272-0740. The examiner can normally be reached Monday-Friday 7-4 ET.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn D Feild can be reached on (571)272-2092. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/TRANG T DOAN/Primary Examiner, Art Unit 2431