DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This Office Action is in response to the communication filed on 01/06/2026.
Examiner notes that in response to the Requirement for Restriction/Election mailed on 12/17/2025, Applicant has elected, without traverse, invention Group I comprising claims 1-19 for examination, and has canceled claim 20.
Claim 20 has been canceled. Claims 1-19 are pending.
Claim Objections
Claim 13 is objected to because of the following informalities:
In light of the specification [0045], “non-volatile storage medium” recited in claim 13 should read “non-transitory non-volatile storage medium” or “non-transitory storage medium”.
Appropriate correction is required.
Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention.
Claims 1, 12-14, and 16-18 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Sela et al. (US 2020/0014544).
Claim 1, Sela teaches:
A method, executed by at least one processor of an access control system, comprising:
receiving a request to enable access of a host computing system to a Replay Protected Memory Block (RPMB) of a data storage device (DSD); (e.g., [0045], “The RPMB feature allows an entity (e.g. host SoC [System On a Chip], remote Server, etc.) to write and read data to/from an RPMB partition in a secure manner. For purposes of this document, “secure” means that the write/read are replay protected and only an authorized entity could change the content of the partition. In general, replay protected means that there is protection to ensure that communications cannot be intercepted and replayed, for example, using a nonce to ensure that each RPMB read command and response are uniquely identified or using a write counter to ensure that each RPMB write command and response are uniquely identified. The RPMB feature is based on a symmetric key which resides in both the storage device and the entity (e.g. host SoC, remote server, etc.)” [0066], “FIG. 9 illustrates an example of writing an RPMB read key by a host 902 (e.g. cell phone, laptop, tablet, server, camera, etc.) to a memory system 900, which may occur during installation of memory system 900 in host 902 (e.g. installing a memory system, such as a memory card or SSD in a host). The RPMB read key may be written to a system area of non-volatile memory in memory system 900 in a manner that ensures that the RPMB read key cannot be altered or copied. Host 902 sends the RPMB read key programming request 906 to memory system 900. Memory system 900 sends a response 908, e.g. an acknowledgement that read key programming request 906 was received. Then, host 902 sends a result read request 910 to confirm writing of the RPMB read key and memory system 900 sends a response 912 providing confirmation that the read key is written”)
processing the request to determine whether the host computing system is authorized to access the RPMB of the DSD; and in response to determining that the host computing system is authorized to access the RPMB of the DSD, securely programming the host computing system and the DSD with a RPMB key, wherein the DSD is configured to authenticate, using the RPMB key, the host computing system to access the RPMB via a data path of the DSD. (e.g., [0063], “FIG. 7 illustrates an example of loading a write key into a memory system 700 (e.g. memory system 500 or 600)…The RPMB write key may be written to a system area of a non-volatile memory in a manner that ensures that the RPMB write key cannot be altered or copied. Server 702 sends a RPMB write key programming request 706 to memory system 700. Memory system 700 sends a response 708. Then, server 702 sends a result read request 710 to confirm writing of the RPMB write key and memory system 700 sends a response 712 providing confirmation” [0065], “An RPMB write key may be written in the same manner as an RPMB read key (e.g. as illustrated in FIGS. 7-8)” [0066], “FIG. 9 illustrates an example of writing an RPMB read key by a host 902 (e.g. cell phone, laptop, tablet, server, camera, etc.) to a memory system 900, which may occur during installation of memory system 900 in host 902 (e.g. installing a memory system, such as a memory card or SSD in a host). The RPMB read key may be written to a system area of non-volatile memory in memory system 900 in a manner that ensures that the RPMB read key cannot be altered or copied. Host 902 sends the RPMB read key programming request 906 to memory system 900. Memory system 900 sends a response 908, e.g. an acknowledgement that read key programming request 906 was received. Then, host 902 sends a result read request 910 to confirm writing of the RPMB read key and memory system 900 sends a response 912 providing confirmation that the read key is written”: the response 908 confirms that the host is authorized to access the RPMB [0067], “After RPMB read and write keys are written in a memory system, secure read and write access to corresponding RPMB regions may occur” [0051], “FIG. 4 shows an example of an RPMB 400 in non-volatile memory 104 of memory system 100. In addition, memory system 100 includes an authentication circuit 402 in controller 102, which is configured to authenticate access to RPMB 400. For example, authentication circuit 402 may authenticate access by host 120 to RPMB 400 using a key 404 and counter 406. Host 120 includes authentication circuit 412 and contains key 414 and a circuit holding a count 416. Keys 404 and 414 are identical in this example”)
Claim 12, Sela teaches:
in response to a failure to determine that the host is authorized to access the RPMB of the DSD: discarding the request received from the host computing system; and generating notification data to notify an external system of the request. (e.g., [0052]-[0053], [0056]-[0057])
Claim 13, Sela teaches:
A removable data storage device (DSD) comprising:
a non-volatile storage medium configured to store user data, wherein the non-volatile storage medium includes: (e.g., [0048], “a non-volatile storage system comprises a controller…and a non-volatile memory…connected to the controller”)
a Replay Protected Memory Block (RPMB) formed in a plurality of non-volatile memory cells; and (e.g., [0051], “FIG. 4 shows an example of an RPMB 400 in non-volatile memory 104 of memory system 100” [0055], “FIG. 5 shows an example of a memory system 500 that includes RPMB 400 in non-volatile memory 104 as previously described (e.g. in FIGS. 2-4)” [0076], “a plurality of non-volatile memory cells including a Replay Protected Memory Block (RPMB) formed in the plurality of non-volatile memory cells”)
an access key set; (e.g., [0055], “FIG. 5 shows an example of a memory system 500 that includes RPMB 400 in non-volatile memory 104 as previously described (e.g. in FIGS. 2-4) and a controller 502 configured to provide separate read and write authentication for RPMB 400. Controller 502 includes authentication circuit 504, which provides authentication using a write key 506, read key 508, and write counter 510”)
a data port configured to transmit data between a host computing system and the DSD via a data path; and (e.g., [0025], “Controller 102 communicates with host 120 via an interface 130 that implements NVM Express (NVMe) over PCI Express (PCIe)” [0072], “FIG. 12 includes a storage device 1270 (e.g. memory system that includes non-volatile memory such as a memory card or embedded memory system) that is coupled to a storage device host 1274 (e.g. a smartphone) through a first interface 1276, such as a UFS, eMMC, or NVMe interface”)
a controller configured to:
in response to the access key set including a RPMB key, authenticate one or more operations of the host computing system to access the RPMB; and (e.g., [0051], “FIG. 4 shows an example of an RPMB 400 in non-volatile memory 104 of memory system 100. In addition, memory system 100 includes an authentication circuit 402 in controller 102, which is configured to authenticate access to RPMB 400. For example, authentication circuit 402 may authenticate access by host 120 to RPMB 400 using a key 404 and counter 406. Host 120 includes authentication circuit 412 and contains key 414 and a circuit holding a count 416. Keys 404 and 414 are identical in this example” [0052], “When host 120 attempts to write to RPMB 400…If keys 404 and 414 are identical and the message is unchanged then the corresponding MACs will be identical and authentication circuit 402 grants write access to host 120 to write data in RPMB 400” [0053], “When host 120 attempts to read data from RPMB 400…If the two MACs are identical and the received message is unchanged then the read data from RPMB 400 may be considered authenticated…Host 120 may then use the read data”)
adjust the access key set in response to one or more key control operations performed on the DSD by an access control system, wherein the one or more key control operations include a secure key programming operation to cause the controller to add the RPMB key to the access key set. (e.g., [0063], “FIG. 7 illustrates an example of loading a write key into a memory system 700 (e.g. memory system 500 or 600)…The RPMB write key may be written to a system area of a non-volatile memory in a manner that ensures that the RPMB write key cannot be altered or copied. Server 702 sends a RPMB write key programming request 706 to memory system 700. Memory system 700 sends a response 708. Then, server 702 sends a result read request 710 to confirm writing of the RPMB write key and memory system 700 sends a response 712 providing confirmation” [0065], “An RPMB write key may be written in the same manner as an RPMB read key (e.g. as illustrated in FIGS. 7-8)”)
Claim 14, Sela teaches:
wherein the secure key programming operation is performed by the access control system in response to: receiving, by the access control system, a request to enable access to the RPMB of the DSD; and determining, by the access control system by processing the request, that the host computing system is authorized to access the RPMB of the DSD. (e.g., [0051], [0055], [0063], [0066])
Claim 16, Sela teaches:
wherein the RPMB key has a predetermined value. (e.g., [0046], [0052], [0064])
Claim 17, Sela teaches:
wherein the RPMB key is a host-specific key having a value that is generated, by the access control system, by processing the value of one or more keys of the access key set. (e.g., fig. 5, [0055], [0057], [0066])
Claim 18, Sela teaches:
wherein: the controller is further configured to receive the RPMB key via a secure communications channel; and the secure communications channel is established via a cryptographically secure message exchange between the access control system and at least one of the host computing system and the DSD. (e.g., [0025], [0029], [0063]-[0064], [0072])
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 2-3, 8, 10-11, and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Sela et al. (US 2020/0014544) in view of Blodgett et al. (US 2019/0013081).
Claim 2, Sela teaches wherein determining whether the host computing system is authorized to access the RPMB of the DSD includes validating (e.g., [0063]-[0066]), the host computing system and the DSD (see above) and does not appear to explicitly teach but Blodgett teaches:
an identity of a host computing system; and an identity of a DSD. (e.g., [0064]-[0065], [0164], [0168])
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teachings described by Blodgett into the invention of Sela, and the motivation for such an implementation would be for the purpose of detecting a request is faulty in a RPMB access and performing error handling (Blodgett [0061]-[0062], [0065]).
Claim 3, Sela-Blodgett teaches:
wherein securely programming the host computing system and the DSD with the RPMB key includes: determining a value of the RPMB key; and utilizing at least one secure communications channel to transmit the determined value of the RPMB key to the host computing system and to the DSD. (e.g., Sela [0063]-[0066]; Blodgett [0058], [0064], [0164], [0168])
Same motivation as presented in claim 2 would apply.
Claim 8, Sela-Blodgett teaches:
wherein: the determined value of the RPMB key is transmitted to the host computing system via a first secure communications channel; and the first secure communications channel is established between the access control system and the host computing system via a cryptographically secure message exchange. (e.g., Sela [0025], [0029], [0063]-[0064], [0072])
Claim 10, Sela-Blodgett teaches:
wherein: the determined value of the RPMB key is transmitted to the DSD via a second secure communications channel; and the second secure communications channel is established via a cryptographically secure message exchange between the access control system and the DSD. (e.g., Sela [0025], [0029], [0063]-[0064], [0072])
Claim 11, Sela-Blodgett teaches:
wherein the second secure communications channel is established in response to determining that the host is authorized to access the RPMB of the DSD. (e.g., Sela fig. 12 A, [0025], [0029], [0063], [0072])
Claim 15, Sela teaches wherein the host computing system is determined as authorized to access the RPMB of the DSD in response to a validation (e.g., [0063]-[0066]), the host computing system and the DSD (see above) and does not appear to explicitly teach but Blodgett teaches:
a validation of: an identity of a host computing system and a device identifier key of a DSD. (e.g., [0064]-[0065], [0164], [0168])
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teachings described by Blodgett into the invention of Sela, and the motivation for such an implementation would be for the purpose of detecting a request is faulty in a RPMB access and performing error handling (Blodgett [0061]-[0062], [0065]).
Claims 4-5 are rejected under 35 U.S.C. 103 as being unpatentable over Sela et al. (US 2020/0014544) in view of Blodgett et al. (US 2019/0013081) further in view of Cariello et al. (US 2020/0210596).
Claim 4, Sela-Blodgett teaches the RPMB key, the identity of the DSD, the value of the RPMB key (see above) and does not appear to explicitly teach but Cariello teaches:
a RPMB key has a predetermined value associated with an identity of a DSD; and determining a value of the RPMB key includes retrieving a stored copy of the predetermined value. (e.g., [0075]-[0076])
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teachings described by Cariello into the invention of Sela-Blodgett, and the motivation for such an implementation would be for the purpose of resolving the problem of expensive maintenance of big database on secure server (Cariello [0074]).
Claim 5, Sela-Blodgett-Cariello teaches:
wherein programming the DSD with the RPMB key occurs only once for the predetermined value of the RPMB key. (e.g., Cariello [0031], [0075]-[0076])
Same motivation as presented in claim 4 would apply
Claims 6-7 are rejected under 35 U.S.C. 103 as being unpatentable over Sela et al. (US 2020/0014544) in view of Blodgett et al. (US 2019/0013081) further in view of Sun (US 2019/0163913).
Claim 6, Sela-Blodgett teaches determining a value of the RPMB key, the identity of the host computing system and the RPMB of the DSD (see above) and does not appear to explicitly teach but Sun teaches:
generating a new host-specific RPMB key value that is unique to the combination of an identity of a host computing system and a RPMB of a DSD. (e.g., [0042], [0044], [0052]-[0053])
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teachings described by Sun into the invention of Sela-Blodgett, and the motivation for such an implementation would be for the purpose of RPMB section replay protection (Sun [0005]).
Claim 7, Sela-Blodgett-Sun teaches:
the new host-specific RPMB key value is generated by processing the value of one or more keys of an access key set of the DSD; and the DSD is configured to authenticate, using respective keys of the access key set, the access of one or more corresponding host computing systems to the RPMB via a data path of the DSD. (e.g., Sela [0051], [0055]; Sun [0044], [0047], [0049]-[0051])
Same motivation as presented in claim 6 would apply
Claim 9 is rejected under 35 U.S.C. 103 as being unpatentable over Sela et al. (US 2020/0014544) in view of Blodgett et al. (US 2019/0013081) further in view of Jang (US 2023/0289071).
Claim 9, Sela-Blodgett teaches wherein the determined value of the RPMB key is transmitted to the DSD via the data path of the DSD, the host computing system receiving the RPMB key from the first secure communications channel (see above) and does not appear to explicitly teach but Jang teaches:
transmitted to a DSD by a host computing system and in response to the host computing system receiving a RPMB key. (e.g., [0054], [0070])
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teachings described by Jang into the invention of Sela-Blodgett, and the motivation for such an implementation would be for the purpose of securely sharing security data stored in a RPMB with an external device (Jang [0054], [0128]).
Claim 19 is rejected under 35 U.S.C. 103 as being unpatentable over Sela et al. (US 2020/0014544) in view of Gyllenskog (US 2024/0028747).
Claim 19, Sela teaches the one or more key control operations, the controller, the RPMB key from the access key set, the access control system, access of the host computing system to the RPMB of the DSD (see above) and does not appear to explicitly teach but Gyllenskog teaches:
a secure key removal operation to cause a controller to remove a RPMB key from an access key set in response to: receiving, by an access control system, a request to disable access of a host computing system to a RPMB of a DSD; and validating, by the access control system, the request to disable access of the host computing system to the RPMB of the DSD. (e.g., [0026], [0030], [0050])
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teachings described by Gyllenskog into the invention of Sela, and the motivation for such an implementation would be for the purpose of ensuring that secure data are not accessible when not in a secure location (Gyllenskog [0008]).
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. The following references are cited but not been replied upon for this Office action: US 2021/0203496 discloses a secure method of modifying, erasing, or updating security keys for protected regions of a memory device. US 2021/0278979 discloses a computing system includes a storage device and a host. The storage device includes a memory device including a write protection area. The host performs an operation of providing, to the storage device, a first request regarding security write and write data in parallel with an operation of generating a host authentication code based on the write data and a key shared with the storage device.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to AMIE C LIN whose telephone number is (571)272-7752. The examiner can normally be reached M-F 9:00AM -5:00PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, GELAGAY SHEWAYE can be reached at (571)272-4219. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/AMIE C. LIN/Primary Examiner, Art Unit 2436