Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 1/2/26 has been entered.
Claim 21 has been added. Claim 9 is canceled. Claims 1, 2, 6, 8, 11, 12, 17, and 18-20 are amended. Claims 1-8 and 9-21 are pending.
Response to Arguments
Applicant’s arguments with respect to claim(s) 1-8 and 10-20 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim(s) 1, 2, 6, 7, 8, 11, 12, and 16-21 are rejected under 35 U.S.C. 103 as being unpatentable over USP Application Publication 2023/0179418 to Noh et al., hereinafter Noh in view of NPL entitled, “IOCTL_VOLUME_OFFLINE IOCTL (ntddvol.h)”, hereinafter MS.
As per claims 1, 11, and 18, Noh teaches receiving,
and denying,
receiving, from a storage management system [authentication manage 213] configured to manage the storage volume [200] and based on the token received via the I/O control command, an indication whether the process is authorized to access the device [after successfully authorization of the token and user, auth manager 213 provides the command to the command processor 216 of the storage volume for execution; 0103-0105]. Also, in operation S305 the storage device may provide a response to the command message (0089).
Noh does not explicitly teach the command to open is received by the driver of a device and denying by the driver of the device and based on the receiving the command to open the device, additional commands transmitted to the device from the process at least until an input/output (I/0) control command comprising a token is received. On the other hand, Goodwin teaches a command to open is received by the driver of a device and denying by the driver of the device and based on the receiving the command to open the device, additional commands transmitted to the device from the process at least until an input/output (I/0) control command is received. MS describes a process where a driver wants to prevent a storage volume from being remounted. A call to open a volume succeeds if it is offline but I/O directed toward an offline volume fails. Thus, it must be first placed online before additional command can be accepted. MS teaches the opening of a drive so that it may be accessed with other commands. Noh teaches that a control command comprises a token in order for a storage volume to be accessed by the requesting process. Taking the two teachings together, MS says open a device with a I/O command in order to allow additional commands and Noh says that additional command without a token will be denied. Therefore, the combination teaches the broad claim limitations. Once a device is opened, I/O commands can be processed according to the security guidelines above as taught by Noh. Using the teaching of MS provides a way to protect a safely open a device and prevent I/O. The claim is obvious because one of ordinary skill in the art can combine methods known before the effective filing date which produce predictable results.
As per claims 2, 12, and 19, Noh teaches determining, based on the indication, that the process is authorized to access the device; and granting, based on the determining, access to the device for the process (0103-0105).
As per claim 6, Noh teaches the determining that the process is authorized to access the device comprises: providing, to the storage management system, the token (0101); the indication that the process is authorized to access the device (0103-0105).
As per claims 7 and 16, Noh teaches the granting the access to the device for the process comprises granting access for a user-defined period (0091).
As per claims 8, 17, and 20, Noh teaches receiving the I/O control command comprising the token (0094); determining, based on the indication token, that the process is unauthorized to access the device; and denying, based on the determining, access to the device for the process [inferred because access only allowed when the process is authorized and the token is valid; 0101-0103].
As per claim 21, Noh teaches the receiving, based on the token received via the I/O control command, the indication whether the process is authorized to access the device comprises receiving a first access level indication, based on the token, for the process (Fig. 8C); and the method further comprises receiving, from the storage management system based on an additional token received from an additional process (0081) via an additional I/O control command, a second access level indication, based on the additional token, for the additional process (0083). User have different tokens which have different levels of access.
Claim(s) 3, 4, 13, and 14 is/are rejected under 35 U.S.C. 103 as being unpatentable over Noh and MS as applied to claim 1 above, and further in view of USP Application Publication 2023/0195375 to Puthoor et al., hereinafter Puthoor.
As per claims 3 and 13, Noh and MS are silent in explicitly teaching storing a process identifier (PID) associated with the process; and verifying additional PIDs associated with additional commands to the device with the PID associated with the process. Puthoor teaches storing a process identifier (PID) associated with the process verifying additional PIDs associated with additional commands to the device with the PID associated with the process (0046 and 0064). Puthoor also stores active PID associated with request handled by a system driver. Puthoor can check to see if other processes are stored to determined ownership of a record. Having this database of active PID’s ensures ownership is only when it is available. Therefore, checking ownership prevents ownership until a previous ownership is relinquished. The claim is obvious because one of ordinary skill in the art can combine methods known before the effective filing date which produce predictable results.
As per claims 4 and 14, the combined system of Noh, MS, and Puthoor teaches clearing the PID associated with the process when the process is terminated (Puthoor: 0046; as the means to relinquish owner to a process).
Claims 5 and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Noh and MS as applied to claims 1 and 11 and further in view of USP Application Publication 2019/0141041 to Bhabbur et al., hereinafter Bhabbur.
As per claims 5 and 15, Noh and MS do not explicitly teach determining that the process is authorized to access the device comprises authenticating the token with a public key associated with the process. Bhabbur teaches a driver (RDMA driver is comprised by RDMA agent) authentication a cryptographically signed token with the corresponding public key (0175-0177). Public key cryptography is well-known and one of its core principles is that a signature generated by an entity’s private key can be authenticated by its known public key. Noh does teach that token request contains digital signature and they are verified but not explicitly during the time of an access request (0068 and 0071). This is how Bhabbur authenticates tokens included with request using the system’s driver. This process could have been used to authenticate the tokens of Noh with predictable results because it is simply using a well-established cryptographic function. Each prior art authenticates token at the driver that received a resource request. The claim is obvious because one of ordinary skill in the art can combine methods known before the effective filing date which produce predictable results.
Claim 10 is rejected under 35 U.S.C. 103 as being unpatentable over Noh and MS as applied to claim 1 and in further view of USP 8,898,806 to Manmohan
As per claim 10, the combined system of Noh and MS does not explicitly teach that the device comprises the driver. Manmohan teaches that the device comprises the driver. In the system of Manmohan, the filter driver is embodied in the identification module which performs a similar role to the authentication manager 213 which is on the device in Noh. Therefore, the driver in the combined system of Noh and MS could have been implemented on the device itself. The claim is obvious because one of ordinary skill in the art can combine methods known before the effective filing date which produce predictable results.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MICHAEL R. VAUGHAN whose telephone number is (571)270-7316. The examiner can normally be reached on Monday - Friday, 9:30am - 5:30pm, EST. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn Feild can be reached on (571) 272-2092. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/MICHAEL R VAUGHAN/
Primary Examiner, Art Unit 2431