Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
Claims 1-20 are pending in this application.
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 10/22/2024 is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.
Claim Interpretation
The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.
The following is a quotation of pre-AIA 35 U.S.C. 112, sixth paragraph:
An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.
The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art. The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the description in the specification when 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, is invoked.
As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph:
(A) the claim limitation uses the term “means” or “step” or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function;
(B) the term “means” or “step” or the generic placeholder is modified by functional language, typically, but not always linked by the transition word “for” (e.g., “means for”) or another linking word or phrase, such as “configured to” or “so that”; and
(C) the term “means” or “step” or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function.
Use of the word “means” (or “step”) in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites sufficient structure, material, or acts to entirely perform the recited function.
Absence of the word “means” (or “step”) in a claim creates a rebuttable presumption that the claim limitation is not to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is not interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites function without reciting sufficient structure, material or acts to entirely perform the recited function.
Claim limitations in this application that use the word “means” (or “step”) are being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. Conversely, claim limitations in this application that do not use the word “means” (or “step”) are not being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action.
This application includes one or more claim limitations that do not use the word “means,” but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, because the claim limitation(s) uses a generic placeholder that is coupled with functional language without reciting sufficient structure to perform the recited function and the generic placeholder is not preceded by a structural modifier. Such claim limitation(s) is/are: a host configured to receive [] (claim 1); a memory device configured to: receive/store/compare/determine (claim 1); memory device is further configured to: store [], encrypt or decrypt [] (claim 2); the memory device is further configured to: perform [] (claim 3); the memory device is configured to determine [] (claim 4); the memory device is further configured to determine [] (claim 5); the host is further configured to determine [] (claim 6); first data configured to determine [] and second data configured to determine [] (claim 7); a host configured to receive [] (claim 14); a memory device configured to receive/store/compare/determine (claim 14); wherein the memory device is configured to store [] and encrypt or decrypt (claim 15); the memory device is configured to perform [] (claim 16); wherein the host is further configured to determine [], (claim 19); first data configured to determine [] and second data configured to determine [] (claim 20).
Because this/these claim limitation(s) is/are being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, it/they is/are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof.
If applicant does not intend to have this/these limitation(s) interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, applicant may: (1) amend the claim limitation(s) to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph (e.g., by reciting sufficient structure to perform the claimed function); or (2) present a sufficient showing that the claim limitation(s) recite(s) sufficient structure to perform the claimed function so as to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 1-20 are rejected under 35 U.S.C. 101 as being directed to non- statutory subject matter as being directed to an abstract idea without being integrated into a practical application or significantly more.
Regarding claim 1, 8 and 14, claims 1, 8 and 14 are rejected under U.S.C. 101 because the claimed invention is directed to an abstract idea without significant more. The claim recites “receive a user data encryption key [],” “receive the user data encryption key [],” store the received meta data,” “compare [],” and determine a cause of change of the user data encryption key [].” Broadly interpreted, the aforementioned steps are directed to mental processes as said steps could be performed in the human mind. Therefore, the claims recite an abstract idea. Accordingly, the claims recite an abstract idea. Said abstract idea and/or judicial exception is not integrated into a practical application as the claim does not recite any other active steps that utilize "determine a cause of change of the user data encryption key." It's noted that the claims recite the limitation "determine a cause of change of the user data encryption key.” Said steps are not sufficient to consider the abstract idea is being interpreted into a practical application as said steps are recited at a high level of generality in gathering/processing/storing information, which are a form of insignificant extra-solution activity. As discussed in the specification in paragraph [0139] By utilizing the Meta Data, the memory system 100 may determine a cause of an occurrence of an error when the error has occurred in the user data encryption key MEK. For example, when an error has occurred in the first data, the memory system 100 may determine that the error has occurred in the memory device 130. Also, when an error has occurred in the second data, the memory system 100 may determine that the error has occurred in the server 110 which is insufficiently considered as "being interpreted the abstract idea into a practical application because it does not impose any meaningful limits on practicing the abstract idea. The claims do not include additional elements that are sufficient to amount to significantly more than the judicial exception because the additional elements when considered both individually and as an ordered combination do not amount to significantly more than the abstract idea. It's also noted that the claims recited additional elements (i.e. a host, a memory device, a server). However, said additional elements are recited at a high level of generality (i.e. generic computer components performing their conventional functions of receiving, training, performing a telemetry tampering detection operation) such that it amounts no more than mere instructions to apply the exception or abstract idea using a generic computer component. As mentioned above, although the claims recite additional elements, said elements taken individually or as a combination, do not result in the claim amounting to significantly more than the abstract idea because as the additional elements perform generic functions (i.e determine a cause of change of the user data encryption key []). See US Application 8,005,227 by Linnell et al (See Linnell, Col. 6, Line 67; Col. 7, Lines 1-9). As discussed above, the additional elements recited as a high-level of generality such that they amount no more than mere instructions to apply the exception using a generic computer component. Therefore, the claim is directed to non-statutory subject matter as being directed to an abstract idea without being integrated into a practical application nor significantly more.
Regarding claims 2-7, 9-13 and 15-20, claims 2-7, 9-13 and 15-20 are also rejected under 35 U.S.C. 101 as being directed to non-statutory subject matter for the same reasons addressed above as the claims recite an abstract idea and the claims do not positively recite any other operations that could be considered as the abstract idea is being integrated into a practical application or significantly more.
It's noted that claim 2 recites the limitations "store previously received meta data [],” and “encrypt the user data [] or decrypt the user data []." Similar to analysis discussed above, the limitations "store previously received meta data [],” and “encrypt the user data [] or decrypt the user data []” is recited at a high level of generality, which is a form of insignificant extra-solution activity; and the limitations ""store previously received meta data [],” and “encrypt the user data [] or decrypt the user data []” are also a mental process which is an abstract idea. Merely adding another abstract idea to the claim does not make the claim less abstract. See RecogniCorp, LLC V. Nintendo Co., 855 F.3d 1322, 1327 (Fed. Cir. 2017) ("Adding one abstract idea to another abstract idea does not render the claim non-abstract.").
It's noted that claim 3 recites the limitation “perform input/output processing on the data [].” Similar to analysis discussed above, the limitation “perform input/output processing on the data [],” is recited at a high level of generality, which is a form of insignificant extra-solution activity; and the limitation “perform input/output processing on the data [],” is also a mental process which is an abstract idea. Merely adding another abstract idea to the claim does not make the claim less abstract. See RecogniCorp, LLC V. Nintendo Co., 855 F.3d 1322, 1327 (Fed. Cir. 2017) ("Adding one abstract idea to another abstract idea does not render the claim non-abstract.").
It's noted that claim 4 recites the limitation “determine whether the user data encryption key has changed [].” Similar to analysis discussed above, the limitation “determine whether the user data encryption key has changed [],” is recited at a high level of generality, which is a form of insignificant extra-solution activity; and the limitation “determine whether the user data encryption key has changed [],” is also a mental process which is an abstract idea. Merely adding another abstract idea to the claim does not make the claim less abstract. See RecogniCorp, LLC V. Nintendo Co., 855 F.3d 1322, 1327 (Fed. Cir. 2017) ("Adding one abstract idea to another abstract idea does not render the claim non-abstract.").
It's noted that claim 5 recites the limitation “determine whether the user data encryption key has changed [].” Similar to analysis discussed above, the limitation “determine whether the user data encryption key has changed []” is recited at a high level of generality, which is a form of insignificant extra-solution activity; and the limitation “determine whether the user data encryption key has changed []” is also a mental process which is an abstract idea. Merely adding another abstract idea to the claim does not make the claim less abstract. See RecogniCorp, LLC V. Nintendo Co., 855 F.3d 1322, 1327 (Fed. Cir. 2017) ("Adding one abstract idea to another abstract idea does not render the claim non-abstract.").
It's noted that claim 6 recites the limitation “determine at least one of the server or the memory device as the cause of the change of the user data encryption key [],” Similar to analysis discussed above, the limitation “determine at least one of the server or the memory device as the cause of the change of the user data encryption key []”is recited at a high level of generality, which is a form of insignificant extra-solution activity; and the limitation “determine at least one of the server or the memory device as the cause of the change of the user data encryption key [],” is also a mental process which is an abstract idea. Merely adding another abstract idea to the claim does not make the claim less abstract. See RecogniCorp, LLC V. Nintendo Co., 855 F.3d 1322, 1327 (Fed. Cir. 2017) ("Adding one abstract idea to another abstract idea does not render the claim non-abstract.").
It's noted that claim 7 recites the limitations “determine whether the host has normally delivered the user data encryption key to the memory device;” and “determine whether the user data encryption key received from the server has been changed.” Similar to analysis discussed above, the limitations ““determine whether the host has normally delivered the user data encryption key to the memory device;” and “determine whether the user data encryption key received from the server has been changed” are recited at a high level of generality, which is a form of insignificant extra-solution activity; and the limitation “determine whether the host has normally delivered the user data encryption key to the memory device;” and “determine whether the user data encryption key received from the server has been changed” are also a mental process which is an abstract idea. Merely adding another abstract idea to the claim does not make the claim less abstract. See RecogniCorp, LLC V. Nintendo Co., 855 F.3d 1322, 1327 (Fed. Cir. 2017) ("Adding one abstract idea to another abstract idea does not render the claim non-abstract.").
It's noted that claim 9 recites the limitations “receiving the user data encryption key [],” “storing the previously received meta data [],” and “encrypting or decrypting the user data based on the received meta data[].” Similar to analysis discussed above, the limitations “receiving the user data encryption key [],” “storing the previously received meta data [],” and “encrypting or decrypting the user data based on the received meta data[],” are recited at a high level of generality, which is a form of insignificant extra-solution activity; and the limitations “receiving the user data encryption key [],” “storing the previously received meta data [],” and “encrypting or decrypting the user data based on the received meta data[],” are also a mental process which is an abstract idea. Merely adding another abstract idea to the claim does not make the claim less abstract. See RecogniCorp, LLC V. Nintendo Co., 855 F.3d 1322, 1327 (Fed. Cir. 2017) ("Adding one abstract idea to another abstract idea does not render the claim non-abstract.").
It's noted that claim 10 recites the limitation “performing input/output processing on data based on the received meta data about the user data encryption key matching the stored meta data about the user data encryption key.” Similar to analysis discussed above, the limitation “performing input/output processing on data based on the received meta data about the user data encryption key matching the stored meta data about the user data encryption key” is recited at a high level of generality, which is a form of insignificant extra-solution activity; and the limitation “performing input/output processing on data based on the received meta data about the user data encryption key matching the stored meta data about the user data encryption key” is also a mental process which is an abstract idea. Merely adding another abstract idea to the claim does not make the claim less abstract. See RecogniCorp, LLC V. Nintendo Co., 855 F.3d 1322, 1327 (Fed. Cir. 2017) ("Adding one abstract idea to another abstract idea does not render the claim non-abstract.").
It's noted that claim 11 recites the limitation “wherein receiving the user data encryption key from the server comprises determining whether the user data encryption key has been changed, based on performing a write operation on the memory device.” Similar to analysis discussed above, the limitation “wherein receiving the user data encryption key from the server comprises determining whether the user data encryption key has been changed, based on performing a write operation on the memory device” is recited at a high level of generality, which is a form of insignificant extra-solution activity; and the limitation “wherein receiving the user data encryption key from the server comprises determining whether the user data encryption key has been changed, based on performing a write operation on the memory device” is also a mental process which is an abstract idea. Merely adding another abstract idea to the claim does not make the claim less abstract. See RecogniCorp, LLC V. Nintendo Co., 855 F.3d 1322, 1327 (Fed. Cir. 2017) ("Adding one abstract idea to another abstract idea does not render the claim non-abstract.").
It's noted that claim 12 recites the limitation “wherein receiving the user data encryption key from the server comprises determining whether the user data encryption key has been changed, based on performing a data input/output processing operation on the memory device.” Similar to analysis discussed above, the limitation “wherein receiving the user data encryption key from the server comprises determining whether the user data encryption key has been changed, based on performing a data input/output processing operation on the memory device” is recited at a high level of generality, which is a form of insignificant extra-solution activity; and the limitation “wherein receiving the user data encryption key from the server comprises determining whether the user data encryption key has been changed, based on performing a data input/output processing operation on the memory device” is also a mental process which is an abstract idea. Merely adding another abstract idea to the claim does not make the claim less abstract. See RecogniCorp, LLC V. Nintendo Co., 855 F.3d 1322, 1327 (Fed. Cir. 2017) ("Adding one abstract idea to another abstract idea does not render the claim non-abstract.").
It's noted that claim 13 recites the limitations “determining whether the user data encryption key has been changed,” and “determine at least one of the server or memory device as the cause of change [],” Similar to analysis discussed above, the limitations “determining whether the user data encryption key has been changed,” and “determine at least one of the server or memory device as the cause of change [],” are recited at a high level of generality, which is a form of insignificant extra-solution activity; and the limitation “determining whether the user data encryption key has been changed,” and “determine at least one of the server or memory device as the cause of change [],” are also a mental process which is an abstract idea. Merely adding another abstract idea to the claim does not make the claim less abstract. See RecogniCorp, LLC V. Nintendo Co., 855 F.3d 1322, 1327 (Fed. Cir. 2017) ("Adding one abstract idea to another abstract idea does not render the claim non-abstract.").
It's noted that claim 15 recites the limitations “store the previously received meta data [],” and “encrypt or decrypt the user data based on the received meta data [].” Similar to analysis discussed above, the limitations “store the previously received meta data [],” and “encrypt or decrypt the user data based on the received meta data [],” and are recited at a high level of generality, which is a form of insignificant extra-solution activity; and the limitations “store the previously received meta data [],” and “encrypt or decrypt the user data based on the received meta data [],” are also a mental process which is an abstract idea. Merely adding another abstract idea to the claim does not make the claim less abstract. See RecogniCorp, LLC V. Nintendo Co., 855 F.3d 1322, 1327 (Fed. Cir. 2017) ("Adding one abstract idea to another abstract idea does not render the claim non-abstract.").
It's noted that claim 16 recites the limitation “perform input/output processing on data based on the received meta data about the user data encryption key matching the stored meta data about the user data encryption key.” Similar to analysis discussed above, the limitation “perform input/output processing on data based on the received meta data about the user data encryption key matching the stored meta data about the user data encryption key” is recited at a high level of generality, which is a form of insignificant extra-solution activity; and the limitation “perform input/output processing on data based on the received meta data about the user data encryption key matching the stored meta data about the user data encryption key” is also a mental process which is an abstract idea. Merely adding another abstract idea to the claim does not make the claim less abstract. See RecogniCorp, LLC V. Nintendo Co., 855 F.3d 1322, 1327 (Fed. Cir. 2017) ("Adding one abstract idea to another abstract idea does not render the claim non-abstract.").
It's noted that claim 17 recites the limitation “determine whether the user data encryption key has been changed [].” Similar to analysis discussed above, the limitation “determine whether the user data encryption key has been changed [],” is recited at a high level of generality, which is a form of insignificant extra-solution activity; and the limitation “determine whether the user data encryption key has been changed [],” is also a mental process which is an abstract idea. Merely adding another abstract idea to the claim does not make the claim less abstract. See RecogniCorp, LLC V. Nintendo Co., 855 F.3d 1322, 1327 (Fed. Cir. 2017) ("Adding one abstract idea to another abstract idea does not render the claim non-abstract.").
It's noted that claim 18 recites the limitation “determine whether the user data encryption key has been changed [].” Similar to analysis discussed above, the limitation “determine whether the user data encryption key has been changed [],” is recited at a high level of generality, which is a form of insignificant extra-solution activity; and the limitation “determine whether the user data encryption key has been changed [],” is also a mental process which is an abstract idea. Merely adding another abstract idea to the claim does not make the claim less abstract. See RecogniCorp, LLC V. Nintendo Co., 855 F.3d 1322, 1327 (Fed. Cir. 2017) ("Adding one abstract idea to another abstract idea does not render the claim non-abstract.").
It's noted that claim 19 recites the limitation “determine at least one of the server or the memory device as the cause of change of the user data []” Similar to analysis discussed above, the limitation “determine at least one of the server or the memory device as the cause of change of the user data []” is recited at a high level of generality, which is a form of insignificant extra-solution activity; and the limitation “determine at least one of the server or the memory device as the cause of change of the user data []” is also a mental process which is an abstract idea. Merely adding another abstract idea to the claim does not make the claim less abstract. See RecogniCorp, LLC V. Nintendo Co., 855 F.3d 1322, 1327 (Fed. Cir. 2017) ("Adding one abstract idea to another abstract idea does not render the claim non-abstract.").
It's noted that claim 20 recites the limitations “determine whether the host has normally delivered the user data encryption key to the memory device,” and “determine whether the user data encryption key received from the server has been changed,” Similar to analysis discussed above, the limitations “determine whether the host has normally delivered the user data encryption key to the memory device,” and “determine whether the user data encryption key received from the server has been changed,” are recited at a high level of generality, which is a form of insignificant extra-solution activity; and the limitation “determine whether the host has normally delivered the user data encryption key to the memory device,” and “determine whether the user data encryption key received from the server has been changed,” are also a mental process which is an abstract idea. Merely adding another abstract idea to the claim does not make the claim less abstract. See RecogniCorp, LLC V. Nintendo Co., 855 F.3d 1322, 1327 (Fed. Cir. 2017) ("Adding one abstract idea to another abstract idea does not render the claim non-abstract.").
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over Hubis et al (“Hubis,” US 20220284135), Pearson et al (“Pearson,” US 20190266103) and further in view of Linnell et al (“Linnell,” US 8,005,227).
Regarding claim 1, Hubis discloses a memory system operating with user data encryption, the memory system comprising: (Hubis, [0021]-[0022], [0012] FIG 1, memory sub-system with memory device operating with user data encryption)
and
a memory device configured to, from the host, receive the user data encryption key and meta data about the user data encryption key (Hubis, [0038], FIG 2, the memory sub-system receives key injection command with encrypted key; [0018] key tag and key identifier [meta data])
and configured to encrypt user data, (Hubis, [0040], FIG 3, the encryption component 310 encrypts data using encryption key 308)
wherein the memory device is configured to store the received meta data; (Hubis, [0039], FIG 2 describes a key entry is stored in the key table 206 with key identifier 205)
compare, based on a read operation being performed, the stored meta data about the user data encryption key with the received meta data about the user data encryption key to detect whether the user data encryption key has been changed; (Hubis, [0042], FIG 4A; On read command, key identifier check 412 compares the stored key identifier 404 from the memory device with key identifier 408 [stored meta data] in the key table where the key identifier corresponds to encryption key to determine if they match otherwise if mismatch returns an error)
Hubis fails to explicitly disclose a host configured to receive a user data encryption key from a server.
However, in an analogous art, Pearson discloses a host configured to receive a user data encryption key from a server; (Pearson, [0033], [0039], FIG 1, storage appliance [host] receives eMEK from Key Management Server (KMS 30); also see Figures 1-3)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Pearson with Hubis to include a host configured to receive a user data encryption key from a server; One would have been motivated to provide a method and system for self-encrypting drives (Pearson, [0002]).
Hubis and Pearson fail to explicitly disclose and determine a cause of a change of the user data encryption key, based on a result of comparing the stored meta data about the user data encryption key with the received meta data about the user data encryption key.
However, in an analogous art, Linnell discloses and determine a cause of a change of the user data encryption key, based on a result of comparing the stored meta data about the user data encryption key with the received meta data about the user data encryption key, (Linnell, Col. 6, Line 67; Col. 7, Lines 1-9, If the values do not match [comparing], it indicates that there may an inconsistency between these table entries which could result in the loss of data due to the inability to correctly decrypt encrypted data, as described in more detail below. Thus, if the non-matching condition is detected, it can be to (1) prevent a subsequent encryption or decryption 5 operation involving the storage object represented by OBJ, and (2) activate some higher-level mechanism for investigating the inconsistency and taking some kind of remedial action.)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Linnell with Hubis and Pearson to include and determine a cause of a change of the user data encryption key, based on a result of comparing the stored meta data about the user data encryption key with the received meta data about the user data encryption key. One would have been motivated to provide a data storage system that employs data encryption for enhanced data security and also has a structure in which the overall processing of an I/O command is performed by multiple relatively independent modules of the system in a coordinated fashion (Linnell, Col. 1, Lines 56-63).
Regarding claim 2, Hubis, Pearson and Linnell disclose the memory system of claim 1.
Hubis further discloses wherein the memory device is further configured to store previously received meta data about the user data encryption key; (Hubis, [0039], FIG 2 describes the key table 206 stores key identifiers from prior key injection commands)
and encrypt or decrypt the user data based on the received meta data about the user data encryption key matching the stored meta data about the user data encryption key, (Hubis describes in [0042], FIG 4A that if key identifiers match, decryption component 414 decrypts data using encryption key 410).
Regarding claim 3, Hubis, Pearson and Linnell disclose the memory system of claim 2.
Hubis further discloses wherein the memory device is further configured to perform input/output processing on data based on the received meta data about the user data encryption key matching the stored meta data about the user data encryption key, (Hubis, [0042], FIG 4A, I/O proceeds where the read returns decrypted data when key identifiers match [meta data] about the encryption key; [0040], FIG 3 describes a write I/O)
Regarding claim 4, Hubis, Pearson and Linnell disclose the memory system of claim 1.
Hubis further discloses in [0040]-[0041], FIG 3, during write the key identifier 306 is stored with encrypted data 312 enables verification.
Pearson further discloses wherein the memory device is further configured to determine whether the user data encryption key has been changed, based on performing a write operation on the memory device, (Pearson, [0029], [0085]-[0086] the SED uses UID to verify correct key during writes. The SED may compute a checksum on the plaintext of the data to be stored prior to encrypting the data)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claim invention to combine the teachings of Pearson with Hubis to include wherein the memory device is further configured to determine whether the user data encryption key has been changed, based on performing a write operation on the memory device. One would have been motivated to provide a method and system for self-encrypting drives (Pearson, [0002]).
Regarding claim 5, Hubis, Pearson and Linnell disclose the memory system of claim 1.
Hubis discloses wherein the memory device is further configured to determine whether the user data encryption key has been changed, based on performing a data input/output processing operation on the memory device, (Hubis, [0042], FIG 4A describes a key check is performed during I/O processing where the read operation is the data I/O; [0040]-[0042] describe write/read I/O processing)
Regarding claim 6, Hubis, Pearson and Linnell disclose the memory system of claim 1.
Hubis further discloses in [0042], FIG 4A, FIG 4B a key mismatch error.
Linnell further discloses wherein the host is further configured to determine at least one of the server or the memory device as the cause of the change of the user data encryption key, based on comparing the stored meta data about the user data encryption key with the received meta data about the user data encryption key, (Linnell, Linnell, Col. 6, Line 67; Col. 7, Lines 1-67; Col. 8, Lines 1-40, a system level mechanism for investigating inconsistency to identify source whether the SP or I/O module is the cause Col. 9, Lines 19-34)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Linnell with Hubis and Pearson to include wherein the host is further configured to determine at least one of the server or the memory device as the cause of the change of the user data encryption key, based on comparing the stored meta data about the user data encryption key with the received meta data about the user data encryption key. One would have been motivated to provide a data storage system that employs data encryption for enhanced data security and also has a structure in which the overall processing of an I/O command is performed by multiple relatively independent modules of the system in a coordinated fashion (Linnell, Col. 1, Lines 56-63).
Regarding claim 7, Hubis, Pearson and Linnell disclose the memory system of claim 1.
Linnell further discloses wherein the meta data comprises: first data configured to determine whether the host has normally delivered the user data encryption key to the memory device; (Linnell discloses in Col. 6, Lines 22-67; Col. 7, Lines 1-16 the HASH (KEYID) used in the verification process to confirm I/O module which is the memory device received the wrapped key from the SP [host] which verifies delivery from the host to the memory device)
and second data configured to determine whether the user data encryption key received from the server has been changed, (Linnell discloses in Col. 6, Lines 22-67; Col. 7, Lines 1-16 a hash comparison verifies the key from the key server hasn’t changed)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claim invention to combine the teachings of Linnell with Hubis and Pearson to include wherein the meta data comprises: first data configured to determine whether the host has normally delivered the user data encryption key to the memory device; and second data configured to determine whether the user data encryption key received from the server has been changed. One would have been motivated to provide a data storage system that employs data encryption for enhanced data security and also has a structure in which the overall processing of an I/O command is performed by multiple relatively independent modules of the system in a coordinated fashion (Linnell, Col. 1, Lines 56-63).
Regarding claim 8, Hubis discloses a method of operating a memory system operating with user data encryption, the method comprising:
receiving, by a memory device, the user data encryption key and meta data about the user data encryption key from a host; (Hubis, [0038], FIG 2, the memory sub-system receives key injection command with encrypted key, key tag and key identifier from a host)
and
encrypting user data, (Hubis, [0040], FIG 3, the encryption component 310 encrypts data using encryption key 308)
receiving, by a memory device, the user data encryption key and meta data about the user data encryption key from a host comprises: (Hubis, [0038], FIG 2, the memory sub-system receives key injection command with encrypted key, key tag and key identifier from a host)
storing the received meta data, (Hubis, [0040], FIG 3; [0039], FIG 2 describes a key entry is stored in the key table 206 with key identifier 205)
and
detecting, based a read operation being performed, whether an error has occurred in the user data encryption key by using the stored meta data, (Hubis, [0042], FIG 4A; On read command, key identifier check 412 compares the stored key identifier 404 from the memory device with key identifier 408 in the key table to determine if they match otherwise if mismatch returns an error)
and
determining that the user data encryption key has been changed (Hubis, [0042], FIG 4A; On read command, key identifier check 412 compares the stored key identifier 404 from the memory device with key identifier 408 in the key table to determine if they match otherwise if mismatch returns an error)
Hubis fails to explicitly disclose receiving a user data encryption key from a server; wherein, receiving the user data encryption key from the server comprises:
However, in an analogous art, Pearson discloses receiving a user data encryption key from a server; (Pearson discloses Figures 1-3 SAS obtains eMEK for the client from KMS 30 [server])
wherein, receiving the user data encryption key from the server comprises: (Pearson discloses Figures 1-3 SAS obtains eMEK for the client from KMS 30)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Pearson with Hubis to include receiving a user data encryption key from a server; wherein, receiving the user data encryption key from the server comprises. One would have been motivated to provide a method and system for self-encrypting drives (Pearson, [0002]).
Hubis and Pearson fail to explicitly disclose and determining a cause of a change of the user data encryption key, based on a result of comparing the stored meta data about the user data encryption key with the received meta data about the user data encryption key.
However, in an analogous art, Linnell discloses and determining a cause of a change of the user data encryption key, based on a result of comparing the stored meta data about the user data encryption key with the received meta data about the user data encryption key, (Linnell, Col. 6, Line 67; Col. 7, Lines 1-9, If the values do not match, it indicates that there may an inconsistency between these table entries which could result in the loss of data due to the inability to correctly decrypt encrypted data, as described in more detail below. Thus, if the non-matching condition is detected, it can be to (1) prevent a subsequent encryption or decryption 5 operation involving the storage object represented by OBJ, and (2) activate some higher-level mechanism for investigating the inconsistency and taking some kind of remedial action.)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Linnell with Hubis and Pearson to include and determine a cause of a change of the user data encryption key, based on a result of comparing the stored meta data about the user data encryption key with the received meta data about the user data encryption key. One would have been motivated to provide a data storage system that employs data encryption for enhanced data security and also has a structure in which the overall processing of an I/O command is performed by multiple relatively independent modules of the system in a coordinated fashion (Linnell, Col. 1, Lines 56-63).
Regarding claim 9, Hubis, Pearson and Linnell disclose the method of claim 8.
Hubis further discloses wherein receiving the user data encryption key and the meta data about the user data encryption key from the host comprises: storing the previously received meta data about the user data encryption key; (Hubis, [0039], FIG 2 describes the key table 206 stores key identifiers from prior key injection commands)
and encrypting or decrypting the user data based on the received meta data about the user data encryption key matching the stored meta data about the user data encryption key, (Hubis describes in [0042], FIG 4A that if key identifiers match, decryption component 414 decrypts data using encryption key 410).
Regarding claim 10, Hubis, Pearson and Linnell disclose the method of claim 9.
Hubis further discloses further comprising performing input/output processing on data based on the received meta data about the user data encryption key matching the stored meta data about the user data encryption key, (Hubis, [0042], FIG 4A, I/O proceeds where the read returns decrypted data when key identifiers match; [0040], FIG 3 describes a write I/O)
Regarding claim 11, Hubis, Pearson and Linnell disclose the method of claim 8,
Hubis further discloses wherein receiving the user data encryption key from the server comprises determining whether the user data encryption key has been changed, based on performing a write operation on the memory device, (Hubis, [0042], FIG 4A describes a key check is performed during I/O processing where the read operation is the data I/O; [0040]-[0042] describe write/read I/O processing)
Regarding claim 12, Hubis, Pearson and Linnell disclose the method of claim 8.
Hubis further discloses wherein receiving the user data encryption key from the server comprises determining whether the user data encryption key has been changed, based on performing a data input/output processing operation on the memory device, (Hubis, [0042], FIG 4A describes a key check is performed during I/O processing where the read operation is the data I/O; [0040]-[0042] describe write/read I/O processing)
Regarding claim 13, Hubis, Pearson and Linnell disclose the method of claim 8.
Hubis further discloses in [0042], FIG 4A, FIG 4B a key mismatch error.
Linnell further discloses further comprising determining whether the user data encryption key has been changed, and wherein the host is configured to determine at least one of the server or the memory device as the cause of the change of the user data encryption key, based on comparing the stored meta data about the user data encryption key with the received meta data about the user data encryption key, (Linnell, Linnell, Col. 6, Line 67; Col. 7, Lines 1-67; Col. 8, Lines 1-40, a system level mechanism for investigating inconsistency to identify source whether the SP or I/O module is the cause Col. 9, Lines 19-34)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claim invention to combine the teachings of Linnell with Hubis and Pearson to include further comprising determining whether the user data encryption key has been changed, and wherein the host is configured to determine at least one of the server or the memory device as the cause of the change of the user data encryption key, based on comparing the stored meta data about the user data encryption key with the received meta data about the user data encryption key. One would have been motivated to provide a data storage system that employs data encryption for enhanced data security and also has a structure in which the overall processing of an I/O command is performed by multiple relatively independent modules of the system in a coordinated fashion (Linnell, Col. 1, Lines 56-63).
Regarding claim 14, Hubis discloses a memory system operating with user data encryption, the memory system comprising: (Hubis, [0021]-[0022], FIG 1, memory sub-system with memory device) and
a memory device configured to receive the user data encryption key and meta data about the user data encryption key from the host and configured to encrypt user data, wherein the memory device is configured to (Hubis, [0038], FIG 2, the memory sub-system receives key injection command with encrypted key, key tag and key identifier from a host; [0072], [0082], [0090] describes encrypting the data using the encryption key)
store the received meta data; (Hubis, [0039], FIG 2 describes a key entry is stored in the key table 206 with key identifier 205 [meta data])
compare, based on a read operation being performed, the stored meta data about the user data encryption key with the received meta data about the user data encryption key to detect whether the user data encryption key has been changed; (Hubis, [0042], FIG 4A; On read command, key identifier check 412 compares the stored key identifier 404 from the memory device with key identifier 408 associated with the encryption key in the key table to determine if they match [compare] otherwise if mismatch returns an error)
Hubis fails to explicitly disclose a server configured to manage a user data encryption key; a host configured to receive the user data encryption key from the server.
However, in an analogous art, Pearson discloses a server configured to manage a user data encryption key; (Pearson discloses [0032], FIG’s 1-3, system includes KMS 30 [server]; Figures 1-3 describe KMS saves/provides eMEK to SAS)
a host configured to receive the user data encryption key from the server; (Pearson discloses Figures 1-3 SAS [host] obtains eMEK for the client from KMS 30 [server])
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claim invention to combine the teachings of Pearson with Hubis to include a server configured to manage a user data encryption key; a host configured to receive the user data encryption key from the server. One would have been motivated to provide a method and system for self-encrypting drives (Pearson, [0002]).
Hubis and Pearson disclose and determine a cause of a change of the user data encryption key, based on a result of comparing the stored meta data about the user data encryption key with the received meta data about the user data encryption key.
However, in an analogous art, Linnell discloses and determine a cause of a change of the user data encryption key, based on a result of comparing the stored meta data about the user data encryption key with the received meta data about the user data encryption key, (Linnell, Col. 6, Line 67; Col. 7, Lines 1-9, If the values do not match, it indicates that there may an inconsistency between these table entries which could result in the loss of data due to the inability to correctly decrypt encrypted data, as described in more detail below. Thus, if the non-matching condition is detected, it can be to (1) prevent a subsequent encryption or decryption 5 operation involving the storage object represented by OBJ, and (2) activate some higher-level mechanism for investigating the inconsistency and taking some kind of remedial action)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claim invention to combine the teachings of Linnell with Hubis and Pearson to include and determine a cause of a change of the user data encryption key, based on a result of comparing the stored meta data about the user data encryption key with the received meta data about the user data encryption key. One would have been motivated to provide a data storage system that employs data encryption for enhanced data security and also has a structure in which the overall processing of an I/O command is performed by multiple relatively independent modules of the system in a coordinated fashion (Col. 1, Lines 56-63).
Regarding claim 15, Hubis, Pearson and Linnell disclose the memory system of claim 14.
Hubis further discloses wherein the memory device is configured to store the previously received meta data about the user data encryption key; (Hubis, [0039], FIG 2 describes the key table 206 stores key identifiers from prior key injection commands)
and encrypt or decrypt the user data based on the received meta data about the user data encryption key matching the stored meta data about the user data encryption key, (Hubis describes in [0042], FIG 4A that if key identifiers match, decryption component 414 decrypts data using encryption key 410).
Regarding claim 16, Hubis, Pearson and Linnell disclose the memory system of claim 15.
Hubis further discloses wherein the memory device is further configured to perform input/output processing on data based on the received meta data about the user data encryption key matching the stored meta data about the user data encryption key, (Hubis, [0042], FIG 4A, I/O proceeds where the read returns decrypted data when key identifiers match; [0040], FIG 3 describes a write I/O)
Regarding claim 17, Hubis, Pearson and Linnell disclose the memory system of claim 14.
Hubis further discloses in [0040]-[0041], FIG 3, during write the key identifier 306 is stored with encrypted data 312 enables verification.
Pearson further discloses determine whether the user data encryption key has been changed, based on performing a write operation on the memory device, (Pearson, [0029], [0085]-[0086] the SED uses UID to verify correct key during writes. The SED may compute a checksum on the plaintext of the data to be stored prior to encrypting the data)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claim invention to combine the teachings of Pearson with Hubis to include wherein the memory device is further configured to determine whether the user data encryption key has been changed, based on performing a write operation on the memory device. One would have been motivated to provide a method and system for self-encrypting drives (Pearson, [0002]).
Regarding claim 18, Hubis, Pearson and Linnell disclose the memory system of claim 14.
Hubis further discloses determine whether the user data encryption key has been changed, based on performing a data input/output processing operation on the memory device, (Hubis, [0042], FIG 4A describes a key check is performed during I/O processing where the read operation is the data I/O; [0040]-[0042] describe write/read I/O processing)
Regarding claim 19, Hubis, Pearson and Linnell disclose the memory system of claim 14.
Hubis further discloses in [0042], FIG 4A, FIG 4B a key mismatch error.
Linnell further discloses wherein the host is further configured to determine at least one of the server or the memory device as the cause of the change of the user data encryption key, based on comparing the stored meta data about the user data encryption key with the received meta data about the user data encryption key, (Linnell, Linnell, Col. 6, Line 67; Col. 7, Lines 1-67; Col. 8, Lines 1-40, a system level mechanism for investigating inconsistency to identify source whether the SP or I/O module is the cause Col. 9, Lines 19-34)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Linnell with Hubis and Pearson to include wherein the host is further configured to determine at least one of the server or the memory device as the cause of the change of the user data encryption key, based on comparing the stored meta data about the user data encryption key with the received meta data about the user data encryption key. One would have been motivated to provide a data storage system that employs data encryption for enhanced data security and also has a structure in which the overall processing of an I/O command is performed by multiple relatively independent modules of the system in a coordinated fashion (Linnell, Col. 1, Lines 56-63).
Regarding claim 20, Hubis, Pearson and Linnell disclose the memory system of claim 14.
Linnell discloses wherein the meta data comprises: first data configured to determine whether the host has normally delivered the user data encryption key to the memory device; (Linnell discloses in Col. 6, Lines 22-67; Col. 7, Lines 1-16 the HASH (KEYID) used in the verification process to confirm I/O module which is the memory device received the wrapped key from the SP [host] which verifies normal delivery from the host to the memory device)
and second data configured to determine whether the user data encryption key received from the server has been changed, (Linnell discloses in Col. 6, Lines 22-67; Col. 7, Lines 1-16 a hash comparison verifies the key from the key server hasn’t changed)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claim invention to combine the teachings of Linnell with Hubis and Pearson to include wherein the meta data comprises: first data configured to determine whether the host has normally delivered the user data encryption key to the memory device; and second data configured to determine whether the user data encryption key received from the server has been changed. One would have been motivated to provide a data storage system that employs data encryption for enhanced data security and also has a structure in which the overall processing of an I/O command is performed by multiple relatively independent modules of the system in a coordinated fashion (Linnell, Col. 1, Lines 56-63).
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JAMES J WILCOX whose telephone number is (571)270-3774. The examiner can normally be reached M-F: 8 A.M. to 5 P.M..
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu T. Pham can be reached at (571)270-5002. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/JAMES J WILCOX/Examiner, Art Unit 2439
/LUU T PHAM/Supervisory Patent Examiner, Art Unit 2439
Prosecution Insights