CTNF 19/086,733 CTNF 82446 2133 07-03-aia AIA 15-10-aia The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA. DETAILED ACTION Claim Rejections - 35 USC § 103 07-20-aia AIA The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. 07-23 AIA The factual inquiries set forth in Graham v. John Deere Co. , 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103(a) are summarized as follows: 1. Determining the scope and contents of the prior art. 2. Ascertaining the differences between the prior art and the claims at issue. 3. Resolving the level of ordinary skill in the pertinent art. 4. Considering objective evidence present in the application indicating obviousness or nonobviousness. 07-21-aia AIA Claim s 1-17 are rejected under 35 U.S.C. 103 as being unpatentable over Kim (US PGPUB # 20190236031) in view of Shaw et al. (US PGPUB # 20160094526) . With respect to independent claims 1, 12 Kim discloses: A storage device [ Kim 0008 ] comprising: a memory device configured to include a memory block providing a security function [ RPMB used to protect data via authentication and replay protection - Kim 0008 ]; and a memory controller [ controller 200 - Kim fig 1 ] configured to receive a command including a host security message from a host [ memory controller may include an RPMB engine configured to receive a write request for the RPMB from an external host - Kim 0008 ] and to control the memory device to access the memory block based on an authentication performed using the host security message [ performing an authentication operation on the write request by comparing a message authentication code in the write data with a message authentication code calculated by the storage device; and determining, based on a result of the authentication operation, whether to store the write data in the RPMB - Kim claim 5 ], wherein the command includes: a first segment [ Kim does not explicitly teach a command including first and second segments. Nevertheless in the same field of endeavor Shaw teaches means for security control wherein a security message/command includes first (payload) and second (header) segments - Shaw claims 4-5, 11-12 ]; and a second segment including information indicating whether the first segment includes the host security message [ header comprises identifier data that is checked before decrypting payload data and processing payload data only in the event that the identifier data indicates (whether the first segment includes the host security message) - Shaw claims 4-5, 11-12 ]. Kim does not explicitly teach a command including first and second segments. Nevertheless in the same field of endeavor Shaw teaches means for security control wherein a security message/command includes first (payload) and second (header) segments - Shaw claims 4-5, 11-12. It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to implement a command including first and second segments in the invention of Kim as taught by Shaw because it would be advantageous for inhibiting/preventing operation of a computer when a secure command/message is not present (Shaw 0009) . With respect to dependent claim 2, 14 Kim/Shaw discloses wherein the memory block includes: an authentication key storage configured to store an authentication key that is used for the authentication [ Kim 0055 ]; a write counter configured to store a write count value indicating a number of times an authenticated data write operation of storing data in the memory block is performed [ Kim 0056, 0066 ]; a result register configured to store a result of an operation on the memory block [ Kim 0056, 0058-0059, 0061 ]; and a data storing area to store data received from the host [ Kim claim 1 ]. With respect to dependent claim 3 Kim/Shaw discloses wherein the memory controller comprises: an authentication manager configured to perform the authentication and output a result of the authentication [ logic that performs authentication and outputs a result of the authentication is understood to be authentication manager - Kim 0058-0061, fig 2 ]; and an access controller configured to control the memory block based on the result of the authentication [ Kim 0059 ], wherein the host security message includes a host message authentication code (MAC) and host metadata [ Kim fig 4 ]. With respect to dependent claim 4 Kim/Shaw discloses wherein the authentication manager comprises: a device MAC calculator configured to generate a device MAC using device metadata and an authentication key [ Kim 0050, 0055 ]; and a MAC comparator configured to generate the result of the authentication according to whether the host MAC and the device MAC match [ Kim 0051, claim 5 ]. With respect to dependent claim 5, 16 Kim/Shaw discloses wherein the device MAC calculator generates the device MAC using a secure hash algorithm-256 (SHA-256) based on the device metadata and the authentication key [ Kim 0060 ]. With respect to dependent claim 6 Kim/Shaw discloses wherein the memory controller further configured to receive write data from the host [ Kim 0007 ]. With respect to dependent claim 7 Kim/Shaw discloses wherein the access controller controls the memory device to store the write data in the memory block, when the host MAC and the device MAC match [ comparing and selectively storing – Km claims 1 & 5 ]. With respect to dependent claim 8 Kim/Shaw discloses wherein the access controller controls the memory device to store an increased write count value obtained by increasing the write count value in a write counter, and store a result code indicating that an authenticated data write operation is successful in a result register [ write count incremented/increased for each authenticated write - Kim 0056, 0058-0059, 0061, 0067, 0083 ]. With respect to dependent claim 9 Kim/Shaw discloses wherein the access controller generates a response message including a device security message [ Kim 0087-0088, claim 1 ]. With respect to dependent claim 10, 17 Kim/Shaw discloses wherein the response message includes: a third segment; and a fourth segment including information indicating whether the third segment includes the device security message [ messages between secure devices may have header/identifier and payload, header comprises identifier data that is checked before decrypting payload data and processing payload data only in the event that the identifier data indicates (whether the first segment includes the host security message) - Shaw claims 4-5, 11-12. Shaw teaches means for security control wherein a security message/command includes first (payload) and second (header) segments - Shaw claims 4-5, 11-12 ]. With respect to dependent claim 11 Kim/Shaw discloses wherein the device security message includes the increased write count value and the result code [ write count incremented/increased for each authenticated write - Kim 0056, 0058-0059, 0061, 0067, 0083 ]. With respect to dependent claim 13 Kim/Shaw discloses wherein the host security message includes an address indicating data to be read from the memory block [ address – Kim 0038, 0045-0047, fig 4 ]. With respect to dependent claim 15 Kim/Shaw discloses wherein the memory controller comprises: an authentication manager configured to generate the device MAC to be used for authenticating data read from the memory block by the host [ logic that performs authentication and outputs a result of the authentication is understood to be authentication manager - Kim 0058-0061, fig 2 ]; and an access controller configured to generate a response message for the command [ Kim 0059 ], provide the read data to the host [ Kim abstract ], and provide the response message to the host [ Kim 0087-0088, claim 1 ] . Conclusion 07-96 AIA The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Lee US PGPUB # 20180307625 teaches receiving, at a storage device, a request. The request includes a request message authentication code and write protect information. The write protect information includes at least one of start address information and length information. The start address information indicates a logical block address at which a memory area in a non-volatile memory of the storage device starts, and the length information indicates a length of the memory area. The method also includes generating, at the storage device, a message authentication code based on (1) at least one of the start address information and the length information, and (2) a key stored at the storage device; authenticating, at the storage device, the request based on the generated message authentication code and the request message authentication code; and processing, at the storage device, the request based on a result of the authenticating. Any inquiry concerning this communication or earlier communications from the examiner should be directed to MARWAN AYASH whose telephone number is (571)270-1179. The examiner can normally be reached 9a-530p M-R. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Rocio del Mar Perez-Velez can be reached on 571-270-5935. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /Marwan Ayash/Examiner, Art Unit 2133 /ROCIO DEL MAR PEREZ-VELEZ/Supervisory Patent Examiner, Art Unit 2133 Application/Control Number: 19/086,733 Page 2 Art Unit: 2133 Application/Control Number: 19/086,733 Page 3 Art Unit: 2133 Application/Control Number: 19/086,733 Page 4 Art Unit: 2133 Application/Control Number: 19/086,733 Page 5 Art Unit: 2133