Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
This Office Action is in response to the application 18/964,369 filed on 11/30/2024.
Claims 1-20 have been examined and are pending in this application.
Information Disclosure Statement
The information disclosure statement (IDS), submitted on 11/30/2024, is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.
Claim Objections
Claims 1 and 12 are objected to because of the following informalities:
Regarding claims 1 and 12, the acronym 'UFS' is used without spelling out in full at their first occurrences in the claim.
Appropriate correction is required.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(B) CONCLUSION. —The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
Claim 1-20 are rejected under 35 U.S.C. 112(b), as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA the applicant regards as the invention.
Regarding claims 1 and 12, claim 1 and 12 recite “wherein the command UPIU includes a basic header segment that is included in a UPIU exchanged between the external host and the memory controller:” it is not clear what is the difference between command UPIU and a UPIU.
Regarding claims 1 and 12, claim 1 and 12 recite “wherein the command UPIU includes a basic header segment that is included in a UPIU exchanged between the external host and the memory controller:” it is not clear. A UPIU is already part of the command UPIU because claims 1 and 12 recite “a command UFS Protocol Information Unit (UPIU).” So UPIU is include command UFS.
Regarding claims 2-11 and 13-20; claims 2-11 and 13-20 are dependent on claims 1 and 12, and therefore inherit 35 U.S.C. 112(b); 35 U.S.C. 112 (pre-AIA ), second paragraph issues of the independent claims.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C.
102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over Lee (US 2022/0413718) and in view of Jung (US 2025/0165162).
Regarding claim 1, Lee discloses a storage device comprising:
a nonvolatile memory device including a Replay Protected Memory Block (RPMB) (Lee par. 0111 and 0210; The memory device 100 may include a write protection area 110. Write data that has verified integrity may be stored in the write protection area 110. The write counter may include the number of times a write operation is successfully performed on the RPMB (also known as write protection area 110)); and
a memory controller configured to receive, from an external host, a command UFS Protocol Information Unit (UPIU) including a host RPMB message, and to store data in the RPMB according to an authentication performed using the host RPMB message (Lee par. 0041, 0206, 0211 and 0222; The memory device 100 receive a command and an address from the memory controller 200, and access an area selected by the address in the memory cell array. In an embodiment, the RPMB message may be composed of one or more RPMB message data frames under a communication method of host interface such as the UFS protocol. The address may be a logical address to store data in the RPMB or a logical address to be read from the RPMB. In step S1301, the host 300 may provide a command protocol unit (Command PIU) to the storage device 50. The Command PIU provided in step S1301 may include an RPMB message. The storage device 50 may perform an authentication operation for the RPMB using the message authentication code (MAC) and metadata included in the RPMB message. See also par. 0310).
wherein the command UPIU includes a segment that is included in a UPIU exchanged between the external host and the memory controller (Lee par. 0222 and 0232; The storage device 50 may perform an authentication operation for the RPMB using the message authentication code (MAC) and metadata included in the RPMB message. Specifically, the RPMB message of the authentication read request may include a nonce provided by the host 300, an address to be read, a block count to be read, and a message indicating that the Command PIU provided by the host 300 to the storage device 50 in step S1301 is the authentication read request. See also par. 0227 and 0245), and
wherein the segment includes a data segment length field as information indicating that the host RPMB message has been included in the command UPIU (Lee par. 0206 and 0215; The RPMB message may be composed of one or more RPMB message data frames under a communication method of host interface such as the UFS protocol, each of which includes: Request Message Type=0003h, Block Count, Address, Write Counter, Data and MAC. The RPMB message delivered from the host to the device may be composed of one or more RPMB message data frame, each of which includes Request Message Type, Block Count, Address Write Counter, Data and MAC. For example, The RPMB message delivered from the host to the device may be composed of one RPMB message data frame including Data whose length is greater than 512 byte or may be dependent on the block count).
Lee teaches, the storage device 50 may perform an authentication operation for the RPMB using the message authentication code (MAC) and metadata included in the RPMB message (Lee par. 0222). However, Lee does not explicitly disclose wherein the command UPIU includes a basic header segment.
However, in an analogous art, Jung teaches wherein the command UPIU includes a basic header segment (Jung par. 0059; The command UPIU CMD UPIU may include an operation code (e.g., “xx00 0001b”), flags, a logical unit number (LUN), a task tag, an initiator ID (IID), a command set type, total extra header segment (EHS) length, a data segment length, an expected data transfer length, a command descriptor block (hereinafter referred to as “CDB”), and a header end-to-end cyclic redundancy check (CRC) E2ECRC. The header E2ECRC may be omitted in some cases. See also par. 0070).
Therefore, it would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to combine the teachings of Jung with the method and system of Lee, wherein the command UPIU includes a basic header segment to provide users with a means for preventing a replay attack (Jung par. 0002).
Regarding claim 2, Lee and Jung disclose the storage device of claim 1,
Lee further discloses wherein the command UPIU further includes a transaction specific field indicating a type of the command UPIU (Lee par. 0206 and 0215; The RPMB message may be composed of one or more RPMB message data frames under a communication method of host interface such as the UFS protocol, each of which includes: Request Message Type=0003h, Block Count, Address, Write Counter, Data and MAC. The RPMB message delivered from the host to the device may be composed of one or more RPMB message data frame, each of which includes Request Message Type, Block Count, Address Write Counter, Data and MAC. For example, The RPMB message delivered from the host to the device may be composed of one RPMB message data frame including Data whose length is greater than 512 byte or may be dependent on the block count).
Regarding claim 3, Lee and Jung disclose the storage device of claim 1,
Lee further discloses wherein the command UPIU further includes a data segment including the host RPMB message (Lee par. 0227 and 0245; The host 300 may provide the Data Out PIU to the storage device 50. The Data Out PIU may include a plurality of data segments including data to be stored in the RPMB).
Regarding claim 4, Lee and Jung disclose the storage device of claim 1,
Lee further discloses wherein the RPMB includes: an authentication key storage configured to store an authentication key used for the authentication; a write counter configured to store a write count value indicating a number of times an authenticated data write operation is successfully performed in the RPMB; a result register configured to store a result of performing an operation on the RPMB; and an RPMB data area configured to store write data received from the external host (Lee par. 0066, 0210 and 0213; According to another embodiment, the memory controller 200 may generate the device authentication code using the write data received from the host 300 and the key shared with the host 300. The memory controller 200 may verify integrity of the write data based on a result of comparing the device authentication code with a host authentication code received from the host 300. The memory controller 200 may control the memory device 100 to store write data that has verified integrity in the write protection area in response to the request from the host 300. The write counter may include the number of times a write operation is successfully performed on the RPMB (also known as write protection area 110). The write counter may include total amount of successfully authenticated data write requests. The result may include a result of performing an RPMB write operation or an RPMB read operation).
Regarding claim 5, Lee and Jung disclose the storage device of claim 4,
Lee further discloses wherein the steps of analyzing the software application and modifying the given instruction are performed by an application wrapper executing on the processor (Lee par. 0222, 0213 and 0232; The storage device 50 may perform an authentication operation for the RPMB using the message authentication code (MAC) and metadata included in the RPMB message. Specifically, the RPMB message of the authentication read request may include a nonce provided by the host 300, an address to be read, a block count to be read, and a message indicating that the Command PIU provided by the host 300 to the storage device 50 in step S1301 is the authentication read request. The write counter may include total amount of successfully authenticated data write requests. The result may include a result of performing an RPMB write operation or an RPMB read operation).
Regarding claim 6, Lee and Jung disclose the storage device of claim 5,
Lee further discloses wherein the authentication manager includes: a device MAC calculator configured to generate a device MAC, using the host meta data and the authentication key; and an MAC comparator configured to generate a result of the authentication according to whether the host MAC and the device MAC are the same (Lee par. 0066; According to another embodiment, the memory controller 200 may generate the device authentication code using the write data received from the host 300 and the key shared with the host 300. The memory controller 200 may verify integrity of the write data based on a result of comparing the device authentication code with a host authentication code received from the host 300).
Regarding claim 7, Lee and Jung disclose the storage device of claim 6,
Lee further discloses wherein the MAC calculator generates the device MAC, using the host meta data, the authentication key, and a security hash algorithm-256 (SHA-256) (Lee par. 0203; The Stuff Bytes may include padding data or dummy data. The Stuff Bytes may have a length dependent on a length of the MAC. For example, the Stuff Bytes may have a length of 223 bytes minus the length of an authentication key. The message authentication code (MAC) may include a result calculated by host 300 using a pre-stored authentication key and metadata. That is, the MAC may include an authentication code calculated using an authentication method such as a hash-based message authentication code (HMAC SHA-256). The MAC may have a length dependent on authentication method. For example, The MAC may have a length of 256 bits (32 bytes). The authentication key used to generate the MAC may have a length of 256 bits).
Regarding claim 8, Lee and Jung disclose the storage device of claim 6,
Lee further discloses wherein, when the host MAC and the device MAC are the same, the access controller controls the nonvolatile memory device to store the write data in the RPMB (Lee par. 0242; The authentication write request may be a request that stores data in the RPMB and includes data to be stored. The result read request may be a request for transmitting a command for requesting a value stored in a result register in which the result of the RPMB write operation is stored).
Regarding claim 9, Lee and Jung disclose the storage device of claim 8,
Lee further discloses wherein the access controller stores an increased write count value obtained by increasing the write count value in the write counter, and controls the nonvolatile memory device to store a result code indicating that the authenticated data write operation has succeeded (Lee par. 0210, 0243; In step S1501, the host 300 may provide a command protocol unit (Command PIU) to the storage device 50. The Command PIU provided in step S1501 may include an RPMB message. The storage device 50 may perform an authentication operation for the RPMB using the message authentication code (MAC) and metadata included in the RPMB message. The memory device 100 may include a write protection area 110. Write data that has verified integrity may be stored in the write protection area 110. The write counter may include the number of times a write operation is successfully performed on the RPMB (also known as write protection area 110)).
Regarding claim 10, Lee and Jung disclose the storage device of claim 1,
Jung further discloses wherein the memory controller accesses the RPMB in a normal RPMB mode, an advanced RPMB mode, or a high speed RPMB mode (Lee par. 0055; Various UFS protocol information units (UPIUs) may be transmitted and received between the host 10 and the device 100 in a normal RPMB mode disclosed in the UFS standard).
Therefore, it would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to combine the teachings of Jung with the method and system of Lee, wherein the command UPIU includes a basic header segment to provide users with a means for preventing a replay attack (Jung par. 0002).
Regarding claim 11, Lee and Jung disclose the storage device of claim 10,
Jung further discloses wherein the high speed RPMB mode uses a smaller number of UPIUs as compared with the advanced RPMB mode (Lee par. 0055 and 0069; The command UPIU CMD UPIU, the ready to transfer UPIU RTT UPIU, the data output UPIU D_OUT UPIU, and the response UPIU RESP UPIU may be transmitted and received (e.g., the terms “transmitted and received” may also be referred to as a term “transceived”) between the host 10 and the device 100 in the advanced RPMB mode disclosed in the UFS standard).
Therefore, it would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to combine the teachings of Jung with the method and system of Lee, wherein the command UPIU includes a basic header segment to provide users with a means for preventing a replay attack (Jung par. 0002).
Regarding claim 12, Lee discloses a storage device comprising:
a nonvolatile memory device including a Replay Protected Memory Block (RPMB) (Lee par. 0111 and 0210; The memory device 100 may include a write protection area 110. Write data that has verified integrity may be stored in the write protection area 110. The write counter may include the number of times a write operation is successfully performed on the RPMB (also known as write protection area 110)); and
a memory controller configured to receive, from an external host, a command UFS Protocol Information Unit (UPIU) including a host RPMB message, and to read data stored in the RPMB (Lee par. 0041, 0206, 0211 and 0222; The memory device 100 receive a command and an address from the memory controller 200, and access an area selected by the address in the memory cell array. In an embodiment, the RPMB message may be composed of one or more RPMB message data frames under a communication method of host interface such as the UFS protocol. The address may be a logical address to store data in the RPMB or a logical address to be read from the RPMB. In step S1301, the host 300 may provide a command protocol unit (Command PIU) to the storage device 50. The Command PIU provided in step S1301 may include an RPMB message. The storage device 50 may perform an authentication operation for the RPMB using the message authentication code (MAC) and metadata included in the RPMB message. See also par. 0310).
wherein the command UPIU includes a segment that is included in a UPIU exchanged between the external host and the memory controller (Lee par. 0222 and 0232; The storage device 50 may perform an authentication operation for the RPMB using the message authentication code (MAC) and metadata included in the RPMB message. Specifically, the RPMB message of the authentication read request may include a nonce provided by the host 300, an address to be read, a block count to be read, and a message indicating that the Command PIU provided by the host 300 to the storage device 50 in step S1301 is the authentication read request. See also par. 0227 and 0245), and
wherein the segment includes a data segment length field as information indicating that the host RPMB message has been included in the command UPIU (Lee par. 0206 and 0215; The RPMB message may be composed of one or more RPMB message data frames under a communication method of host interface such as the UFS protocol, each of which includes: Request Message Type=0003h, Block Count, Address, Write Counter, Data and MAC. The RPMB message delivered from the host to the device may be composed of one or more RPMB message data frame, each of which includes Request Message Type, Block Count, Address Write Counter, Data and MAC. For example, The RPMB message delivered from the host to the device may be composed of one RPMB message data frame including Data whose length is greater than 512 byte or may be dependent on the block count).
Lee teaches, the storage device 50 may perform an authentication operation for the RPMB using the message authentication code (MAC) and metadata included in the RPMB message (Lee par. 0222). However, Lee does not explicitly disclose wherein the command UPIU includes a basic header segment.
However, in an analogous art, Jung teaches wherein the command UPIU includes a basic header segment (Jung par. 0059; The command UPIU CMD UPIU may include an operation code (e.g., “xx00 0001b”), flags, a logical unit number (LUN), a task tag, an initiator ID (IID), a command set type, total extra header segment (EHS) length, a data segment length, an expected data transfer length, a command descriptor block (hereinafter referred to as “CDB”), and a header end-to-end cyclic redundancy check (CRC) E2ECRC. The header E2ECRC may be omitted in some cases. See also par. 0070).
Therefore, it would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to combine the teachings of Jung with the method and system of Lee, wherein the command UPIU includes a basic header segment to provide users with a means for preventing a replay attack (Jung par. 0002).
Regarding claim 13; claim 13 is directed to device associated with the device claimed in claim 2 respectively. Claim 13 is similar in scope to claim 2 respectively, and is therefore rejected under similar rationale respectively.
Regarding claim 14, Lee and Jung disclose the storage device of claim 12,
Lee further discloses wherein the basic header segment further includes a data segment length field having a non-zero value (Lee par. 0216; The MAC may be included in the last RPMB message data frames, the MAC field may be zero in previous data frames. In each data frame, the nonce may contain a copy of the received nonce, the address may be the start address of the full access and the block count may be the total count of the blocks. For example, The RPMB message delivered from the device to the host may be composed of one RPMB message data frame including Data whose length is greater than 512 byte or may be dependent on the block count).
Regarding claim 15, Lee and Jung disclose the storage device of claim 12,
Lee further discloses wherein the host RPMB message includes an address of data to be read from the RPMB (Lee par. 0041, 0206, 0211 and 0222; The memory device 100 receive a command and an address from the memory controller 200, and access an area selected by the address in the memory cell array. In an embodiment, the RPMB message may be composed of one or more RPMB message data frames under a communication method of host interface such as the UFS protocol. The address may be a logical address to store data in the RPMB or a logical address to be read from the RPMB).
Regarding claim 16, Lee and Jung disclose the storage device of claim 12,
Lee further discloses wherein the RPMB includes: an authentication key storage configured to store an authentication key used to generate a device Message Authentication Code (MAC); and an RPMB data area configured to store data ((Lee par. 0242; The authentication write request may be a request that stores data in the RPMB and includes data to be stored. The result read request may be a request for transmitting a command for requesting a value stored in a result register in which the result of the RPMB write operation is stored. See also par. 0066, 0210 and 0213).
Regarding claim 17, Lee and Jung disclose the storage device of claim 16,
Lee further discloses wherein the memory controller includes: an authentication manager configured to generate the device MAC to be used for the external host to authenticate data read from the RPMB; and an access controller configured to generate a response UPIU as a response to the command UPIU, and provide the read data to the external host and the response UPIU to the external host (Lee par. 0041, 0064, 0206, 0211 and 0222; The memory device 100 receive a command and an address from the memory controller 200, and access an area selected by the address in the memory cell array. According to an embodiment, the host 300 may receive the first response, together with the read data from the memory controller 200. The host 300 may receive the first response after receiving the read data from the memory controller 200. In an embodiment, the RPMB message may be composed of one or more RPMB message data frames under a communication method of host interface such as the UFS protocol. The address may be a logical address to store data in the RPMB or a logical address to be read from the RPMB).
Regarding claim 18, Lee and Jung disclose the storage device of claim 17,
Lee further discloses wherein the access controller includes: a device meta data generator configured to generate device meta data including a portion of data included in the host RPMB message; and a device UPIU generator configured to generate a device RPMB message including the device meta data and the device MAC (Lee par. 0222, 0213 and 0232; The storage device 50 may perform an authentication operation for the RPMB using the message authentication code (MAC) and metadata included in the RPMB message. Specifically, the RPMB message of the authentication read request may include a nonce provided by the host 300, an address to be read, a block count to be read, and a message indicating that the Command PIU provided by the host 300 to the storage device 50 in step S1301 is the authentication read request. The write counter may include total amount of successfully authenticated data write requests. The result may include a result of performing an RPMB write operation or an RPMB read operation).
Regarding claims 19-20; claims 19-20 are directed to device associated with the device claimed in claims 10-11 respectively. Claims 19-20 are similar in scope to claims 10-11 respectively, and are therefore rejected under similar rationale respectively.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SANCHIT K SARKER whose telephone number is (571)270-7907. The examiner can normally be reached M-F 8:30 AM-5:30 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, FARID HOMAYOUNMEHR can be reached at 571-272-3739. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/SANCHIT K SARKER/Primary Examiner, Art Unit 2495
Prosecution Insights