DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Status of Claims
Applicant's amendment filed on 1/7/2021 has been entered. Claims 1-2, 4, 10, 12-16, 18, 21, 24-25 are currently amended. Claims 1-25 are pending in the application. 
The objection of claims 1, 4, 10, 13, 15-16, 18, 21 has been withdrawn in light of applicant’s amendment to the claims.
The obviousness nonstatutory double patenting rejection of claims 24-25 has been withdrawn in light of applicant’s argument being persuasive and further in light of applicant’s amendment to the claims.
Response to Arguments
The Applicant's arguments with Remarks filed on 1/7/2021 with respect to the rejection of claims under nonstatutory double patenting and 35 U.S.C. 103 have been fully considered. 
Regarding nonstatutory double patenting rejection for claims 1-23, applicant mainly argued, see pages 14-15 of the Remarks, that the claims of copending ‘871 (now US Patent No. 10,885,197 B2, hereinafter “’197”) “fail to disclose compute nodes each having a TPM provisioned with a signed attestation key (AK) certificate, as required in each of independent claims 1, 18, and 21 of the instant application. The claims of the instant application are directed to merging multiple compute nodes with TPMs utilizing provisioned node certificates, whereas the claims of '197 are directed to merging multiple compute nodes with TPMs utilizing an authentication protocol with active TPM Provisioning”. Examiner acknowledges applicant’s a slave request from each respective slave compute node to the master compute node, wherein the slave request includes a node ID, an endorsement key (EK) certificate, a public part of an EK, and a public part of an attestation signing key (AK) and the AK name” (i.e. the TPM on each of the compute nodes is provisioned with a platform certificate and a signed attestation key (AK) certificate, as required by claim 1 (similarly claim 18, 21) of the instant application). For this reason the rejection of claim 1-23 under nonstatutory double patenting further in view of the newly applied prior art Thom is maintained.
Regarding nonstatutory double patenting rejection for claims 24-25, applicant mainly argued, see pages 15-16 of the Remarks, that the claims of  ‘197 “fail to disclose compute nodes each having a TPM provisioned with a signed attestation key (AK) certificate created and stored in the TPM at manufacturing TPM provisioning time making use of a TPM provisioning process that includes attestation key enrollment for generating a primary attestation signing key (AK) used to sign the AK certificate, as now required by each of independent claims 24 and 25 of the instant application”. Examiner acknowledges that claims of ‘197 does not explicitly recite “stored in the TPM at manufacturing TPM provisioning time”, further the amended limitation of “making use of a TPM provisioning process that includes attestation key enrollment for 
Applicant’s argument, see pages 16-18 of the Remarks, regarding rejection of claims 1-11, 18-23 under 35 U.S.C. 103 over reference of record has been fully considered. Examiner acknowledges applicant has amended claim 1 (similarly claims 18, 21) by including limitation(s) reciting “sending, after receiving the quote response from each respective slave compute node, a ‘Train’ message from the master compute node to each respective slave compute node to disable the respective slave compute node's TPM and to trigger completion of the node merge operations that enable processor bus communications for full system connectivity”. Applicant further stated: This added recitation is a generic version of the subject matter recited in objected to claims 12 and 14, each of which the examiner indicated as allowable. In the statement of reasons for the indication of allowable subject matter, with regard to similar recitations in claims 12 and 14, the Examiner states, ‘No relevant reference has been found to teach the subject matters.’" 
Examiner acknowledges applicant’s perspective however would like to point out that the original claims 12, 14 had been objected as being dependent upon rejected base claim(s), but would be allowable if rewritten in independent form including all of the limitations of the base claim(s) and any intervening claims as well as overcome the obviousness double patenting rejection. Claim 1 (similarly claims 18, 21) has been amended to include partial limitations of 
Applicant’s argument, see pages 18-19 regarding rejection of claims 24-25 under 35 U.S.C. 103 over prior arts of record has been fully considered. Examiner acknowledges applicant has amended claim 24-25 by including amended limitation(s) underlined reciting “stored in the TPM at manufacturing TPM provisioning time making use of a TPM provisioning process that includes attestation key enrollment for generating a primary attestation signing key (AK) used to sign the AK certificate”. Upon updated search the examiner found reference Campagna that appears to teach the above features, therefore examiner asserts applicant’s argument is moot in view of the new ground of rejection presented below with newly applied prior art.
Applicant’s further argument regarding dependent claims 2-11, 19-20, 22-23 is moot since the independent claims they are respectively depend upon are found not patentable.
Claim Objections
Claims 9, 11, 16-17 are objected to because of the following informalities:  
Claim 9 line 6, “adding the quote response a TPM event log…” may read as “adding the quote response the TPM event log…” since TPM event log has been specified in claim 8 which claim 9 depends.
Claim 11 line 1, “wherein validating,…” may read as “wherein the validating,…”; lines 2-3, “… prior to enabling node merge operations,” may read as “… prior to the enabling node merge operations,”.
Claim 16 (similarly claim 17) line 2, “… after completion of node merge operations…” may read as “… after the completion of the node merge operations…” to be consistent to claim 14 which claims 16, 17 depend.
Appropriate correction is required.
Allowable Subject Matter
Claims 12, 14 are objected to as being dependent upon rejected base claim(s), but would be allowable if rewritten in independent form including all of the limitations of the base claim(s) and any intervening claims as well as overcome the obviousness double patenting rejection set forth below.
The following is a statement of reasons for the indication of allowable subject matter:  Claim 12 recites “The method as recited in claim 10, wherein sending, after receiving the quote response from each respective slave compute node, a "Train" message from the master compute node to each respective slave compute node to disable the respective slave compute node's TPM and to trigger completion of the node .
Claims 13, claims 15-17 are objected to for being dependent upon an already objected claim 12, claim 14, respectively.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claim 1 recites the limitation "the node merge operations" in lines 17-18, similarly claim 18 in line 21, claim 21 in line 21.  There is insufficient antecedent basis for this limitation in the claim.
Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159.  See MPEP §§ 706.02(l)(1) - 706.02(l)(3) for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 

Claims 1-23 are rejected on the ground of nonstatutory double patenting as being unpatentable over the corresponding claims of copending Application No. 16/138,871, now US Patent No. 10,885,197 B2 (hereinafter “’197”).
Claim 24 and claim 14 of ‘197 discloses all of the limitations recited in claims 1, 18, 21 of the instant application, as seen in the table below.
Claims 3-5, 8-10, 12-17 of ‘197 discloses all of the limitations recited in claims 3-5, 8-10, 12-17 respectively of the instant application, with claims 19, 22 are similar to claim 5, and claims 20, 23 are similar to claim 8, as seen in the table below.
The other dependent claims 2, 6-7, 11 are also rejected due to their dependency to the rejected independent claims.
Instant Application 16/138,804
US 10,885,197 B2
Claim 1 (similarly claims 18, 21). 
A method comprising: connecting compute nodes to be available for merger into a single multi-node system, wherein each of the compute nodes includes firmware and a trusted platform module (TPM) accessible to the firmware on the compute node, and 
assigning one of the compute nodes the role of master compute node and each of the remaining one(s) of the compute nodes the role of slave compute node; 
sending a quote request from the master compute node to each slave compute node, wherein sending the quote request is controlled by the firmware on the master compute node; sending, in response to receiving the quote request, a quote response from each respective slave compute node to the master compute node, wherein the quote response includes the AK certificate of the slave compute node's TPM, and wherein sending the quote response is controlled by the firmware on the slave compute node;
sending, after receiving the quote response from each respective slave compute node, a "Train" message from the master compute node to each respective slave compute node to disable the respective slave compute node's TPM and to trigger completion of the node merge operations that enable processor bus communications for full system connectivity.

Claim 24.

A method for merging compute nodes into a single multi-node system, wherein each of the compute nodes includes firmware and a trusted platform module (TPM) accessible to the firmware on the compute node, 



wherein one of the compute nodes is assigned the role of master compute node and each of the remaining one(s) of the compute nodes is assigned the role of slave compute node, the method comprising: executing an active TPM provisioning process between the master compute node and each slave compute node, wherein executing an active TPM provisioning process includes sending a message from the master compute node to each respective slave compute node, and sending, in response to receiving the message, a slave request from each respective slave compute node to the master compute node, wherein the slave request includes a node ID, an endorsement key (EK) certificate, a public part of an EK, and a public part of an attestation signing key (AK) and the AK name; executing a challenge/response exchange between the master compute node and each slave compute node, wherein executing a challenge/response exchange includes sending an encrypted challenge from the master compute node to each respective slave compute node, and sending, in response to receiving the encrypted challenge, a slave response from each respective slave compute node to the master compute node, wherein the encrypted challenge includes a nonce encrypted using the public part of the EK, and wherein the slave response includes the nonce decrypted using a private part of the EK; executing a quote request/response flow between the master compute node and each slave compute node, wherein executing a quote request/response flow includes sending a quote request from the master compute node to each respective slave compute node, 

Claim 14. The method as recited in claim 9, further comprising: sending, in response to receiving the quote response from each respective slave compute node, a "Train" message from the master compute node to each respective slave compute node to disable the respective slave compute node's TPM and to trigger completion of the node merge operations that enable processor bus communications for full system connectivity.
Claim 3. The method as recited in claim 1, wherein the firmware on the master compute node that controls sending the quote request includes Hostboot code, and wherein the firmware on each respective slave compute node that controls sending the quote response includes Hostboot code.
Claim 3. The method as recited in claim 1, wherein sending the quote request is controlled by the firmware on the master compute node including Hostboot code, and wherein sending the quote response is controlled by the firmware on each respective slave compute node including Hostboot code.
Claim 4. The method as recited in claim 1, further comprising; validating, at a remote trusted third party, after completion of node merge operations but prior to trusting the multi-node system to secure workloads, the credentials of each respective slave compute node based on a quote received from the master compute node's TPM and a TPM event log received from the firmware on the master compute node. 
Claim 4. The method as recited in claim 1, further comprising; validating, at a remote trusted third party, after completion of node merge operations but prior to trusting the multi-node system to secure workloads, the credentials of each respective slave compute node based on a quote received from the master compute node's TPM and a TPM event log received from the firmware on the master compute node.
Claim 5 (similarly claims 19, 22). The method as recited in claim 1, wherein each compute node's TPM includes multiple platform configuration registers (PCRs), including PCR0, PCR1, PCR2, PCR3, PCR4, PCR5, PCR6, and PCR7, and wherein the quote request from the master compute node to each respective slave compute node includes a 
Claim 5. The method as recited in claim 1, wherein each compute node's TPM includes multiple platform configuration registers (PCRs), including PCR0, PCR1, PCR2, PCR3, PCR4, PCR5, PCR6, and PCR7, and wherein the quote request from the master compute node to each respective slave compute node includes a nonce and specific PCR contents 
Claim 8 (similarly claims 20, 23). The method as recited in claim 5, wherein the quote response sent from each respective slave compute node to the master compute node includes a structured message containing the slave compute node's ID, the nonce received from the master compute node in the quote request, TPM quote data, a TPM quote signature, contents of PCR0-7 of the slave compute node's TPM, the AK certificate of the slave compute node's TPM, and a TPM event log associated with the slave compute node's TPM. 
Claim 8. The method as recited in claim 5, wherein the quote response sent from each respective slave compute node to the master compute node includes a structured message containing the slave compute node's ID, the nonce received from the master compute node in the quote request, TPM quote data, a TPM quote signature, contents of PCR0-7 of the slave compute node's TPM, and a TPM event log associated with the slave compute node's TPM. 
Claim 9. The method as recited in claim 8, further comprising: performing, at the master compute node, in response to receiving the quote response from each respective slave compute node, the following operations: extending PCR1 of the master compute node's TPM with a hash of the quote response from the slave compute node; adding the quote response a TPM event log associated with the master compute node's TPM. 
Claim 9. The method as recited in claim 8, further comprising: performing, at the master compute node, in response to receiving the quote response from each respective slave compute node, the following operations: extending PCR1 of the master compute node's TPM with a hash of the quote response from the slave compute node; adding the quote response a TPM event log associated with the master compute node's TPM.
Claim 10. The method as recited in claim 9, further comprising; validating, at the master compute node, after receiving the quote response from each respective slave compute node but prior to enabling node merge operations, the credentials of each respective slave compute node. 
Claim 10. The method as recited in claim 9, further comprising; validating, at the master compute node, after receiving the quote response from each respective slave compute node but prior to enabling node merge operations, the credentials of each respective slave compute node.
Claim 12. The method as recited in claim 10, further comprising: sending, in response to validating the credentials of each respective slave compute node, a "Train" message from the master compute node to each respective slave compute node to disable the respective slave compute node's TPM and to trigger completion of the node merge operations that enable processor bus communications for full system connectivity. 
Claim 12. The method as recited in claim 10, further comprising: sending, in response to validating the credentials of each respective slave compute node, a "Train" message from the master compute node to each respective slave compute node to disable the respective slave compute node's TPM and to trigger completion of the node merge operations that enable processor bus communications for full system connectivity. 
Claim 13. The method as recited in claim 12, further comprising; disabling, at each respective slave compute node, in response to receiving the "Train" message from the master compute node, each respective slave compute node's TPM. 
Claim 13. The method as recited in claim 12, further comprising; disabling, at each respective slave compute node, in response to receiving the "Train" message from the master compute node, each respective slave compute node's TPM. 
Claim 14. The method as recited in claim 9, further comprising: sending, in response to receiving the quote response from each respective slave compute node, a "Train" message from the master compute node to each respective slave compute node to disable the respective slave compute node's TPM and to trigger completion of the node merge operations that enable processor bus communications for full system connectivity. 
Claim 14. The method as recited in claim 9, further comprising: sending, in response to receiving the quote response from each respective slave compute node, a "Train" message from the master compute node to each respective slave compute node to disable the respective slave compute node's TPM and to trigger completion of the node merge operations that enable processor bus communications for full system connectivity.
Claim 15. The method as recited in claim 14, further comprising; disabling, at each respective slave compute node, in response to receiving the Train message from the master compute node, each respective slave compute node's TPM. 
Claim 15. The method as recited in claim 14, further comprising; disabling, at each respective slave compute node, in response to receiving the Train message from the master compute node, each respective slave compute node's TPM.
Claim 16. The method as recited in claim 15, further comprising; validating, at a remote trusted third party, after completion of node merge operations but prior to trusting the multi-node system to secure workloads, the credentials of each respective slave compute node. 
Claim 16. The method as recited in claim 15, further comprising; validating, at a remote trusted third party, after completion of node merge operations but prior to trusting the multi-node system to secure workloads, the credentials of each respective slave compute node. 
Claim 17. The method as recited in claim 16, wherein validating, at a remote trusted third party, after completion of node merge operations but prior to trusting the multi-node system to secure workloads, the credentials of each respective slave compute node includes: the trusted third party retrieving, via a remote attestation process, a quote from the master compute node's TPM and a TPM event log from the firmware on the master compute node. 
Claim 17. The method as recited in claim 16, wherein validating, at a remote trusted third party, after completion of node merge operations but prior to trusting the multi-node system to secure workloads, the credentials of each respective slave compute node includes: the trusted third party retrieving, via a remote attestation process, a quote from the master compute node's TPM and a TPM event log from the firmware on the master compute node.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 1, 18, 21 are rejected under 35 U.S.C. 103 as being unpatentable over Dasari et al (US201000125731A1-IDS provided by Applicant, hereinafter, “Dasari”), in view of Smith et al (US20120030730A1, hereinafter, “Smith”), further in view of Sarangdhar et al .
Regarding claim 1, similarly claim 18, claim 21, Dasari teaches:
A method, a multi-node computer system, a computer program product for merging compute nodes into a single multi-node system, comprising: 
connecting compute nodes to be available for merger into a single multi-node system, wherein each of the compute nodes includes firmware and a trusted platform module (TPM) accessible to the firmware on the compute node (Dasari, [Abstract] … operating a plurality of computer nodes while maintaining trust. A primary computer node and at least one secondary computer node are connected into a cluster, wherein each of the clustered computer nodes includes a trusted platform module (TPM) that is accessible to software (i.e. firmware) and includes security status information about the respective computer node. [0013] Each of the clustered computer nodes are then merged into a single node with only the trusted platform module of the primary computer node being accessible to software. And [0033] an entirely software embodiment (including firmware, resident software, micro-code, etc.)), [and wherein the TPM on each of the compute nodes is provisioned with a platform certificate and a signed attestation key (AK) certificate] (see Sarangdhar below); 
assigning one of the compute nodes the role of master compute node and each of the remaining one(s) of the compute nodes the role of slave compute node (Dasari, [0029] FIG. 1 is a block diagram of two computer nodes arranged in a cluster 10 through a scalability connection 12. The cluster 10 includes a primary node 20 (i.e. master compute node) and at least one secondary node 40 (i.e. slave compute node) (only one shown)); 
[sending, after receiving the quote response from each respective slave compute node, a "Train" message from the master compute node to each respective slave compute node to disable the respective slave compute node's TPM], and to trigger completion of the node merge operations that enable processor bus communications for full system connectivity (Dasari, [0046] After the secure merge of the system's TPM and system resources has been accomplished for all nodes, the system boot is completed in a conventional manner by continuing with the POST/BIOS execution (controlled by the primary node)). (See Thom below for sending, …, a "Train" message … to disable the respective slave compute node's TPM).
While Dasari teaches compute nodes to be available for merger into a single multi-node system, but does not explicitly teach the following limitation(s), however in the same field of endeavor Smith teaches:
sending a quote request from the master compute node to each slave compute node, wherein sending the quote request is controlled by the firmware on the master compute node (Smith, [0021] each node in the root complex may have a PCI configuration space which can be used to store integrity measurements of device capabilities. Complex devices have loadable firmware, can support patch and update and may be connected to other buses or networks. And  [0028] In operation of the system of FIG. 5, master 210 may request the device entry log (DEL) entries from device 220 used to report device log information); 
sending, in response to receiving the quote request, a quote response from each respective slave compute node to the master compute node (Smith, [0041]  at block 510, the manifest is used to load, measure and verify device firmware (but does not execute it). The device (i.e. slave compute node) then measures the authority keys manifest and creates a policy TLV entry by writing authority measurements to an entry of its TLV table (block 515). The device sets its device ready bit (DR0) to TRUE (block 520) (i.e. in response to master node’s quote request)), [wherein the quote response includes the AK certificate of the slave compute node's TPM], and wherein sending the quote response is controlled by the firmware on the slave compute node (Smith, [0042] where the master reads the authority values from the TLV entries (e.g., the policy TLV entries) and extends TPM authority PCRs and updates a TPM PCR log. Then at block 570, the master sets the device X master ready bit (MR0) to TRUE, e.g., using a VDM function. In peer-peer mode, the VDM message may be authenticated by the device using EPID signing or TPM signing keys); (See Sarangdhar below for wherein the quote response includes the AK certificate of the slave compute node's TPM)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Smith in the method of securely merging multiple nodes of Dasari by validating devices with communication between master and slave device using virtual device message authenticated in peer-peer mode. This would have been obvious because the person having ordinary skill in the art would have been motivated to allow the master node to validate with slave node in peer-peer mode for multiple node cluster with trusted slave devices (Smith, [Abstract], [0016], [0040-0042]).
While the combination of Dasari-Smith teaches validation and initialization of slave compute devices in multiple node compute system with TPM, but does not explicitly teach attestation of TPM with attestation key and certificate, however in the same field of endeavor Sarangdhar teaches:
(Sarangdhar, [0018] The interface module may further be to cause the communication module to transmit a response to the request, the response including at least the TPM credentials for validation by the attestation platform, and to receive a message from the attestation platform via the communication module, the message at least indicating at least that the TPM credentials have been validated… the response to the request may further comprise the AKS certificate or the TPM certificate for the attestation platform to use in validating the TPM credentials),
wherein the quote response includes the AK certificate of the slave compute node's TPM (Sarangdhar, [0018] an example method for TPM certification and attestation using an anonymous key system may comprise loading a combined AKS and TPM firmware module into a runtime environment in a device, … triggering at least one of TPM certification or TPM attestation in the device);
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Sarangdhar in the method of securely merging multiple nodes of Dasari-Smith by validating TPM credentials with attestation platform and certificate. This would have been obvious because the person having ordinary skill in the art would have been motivated to create trusted hardware system with TPM by attestation certificate in order to safeguard the electronics information (Sarangdhar, [Abstract], [0002], [0018]).
While the combination of Dasari-Smith-Sarangdhar does not explicitly teach the following limitation(s), however in the same field of endeavor Thom teaches:
sending, [after receiving the quote response from each respective slave compute node] (See Smith for limitation(s) in bracket above), a "Train" message from the master compute node to each respective slave compute node to disable the respective slave compute node's TPM (Thom discloses authenticating device with TPM of generating and/or signing digital certificates as security related function with the TPM device. And [0020] FIG. 1 is a schematic diagram of an example of a device 100 that can communicate with a separate …, removably connectable TPM device 102 for performing one or more security-related functions. And [0044] TPM interface 122, … can terminate the CA service 116 based at least in part on detecting a termination event (i.e. “Train” message) related to communications with the TPM device 102.  For example, the TPM device 102 can be decoupled from device 100 (e.g., TPM device 102 can unplug from the device 100, can terminate a pairing with device 100, etc.), … CA service 116 can indicate termination of the CA service 116 (e.g., once one or more digital certificates 142 have been created), at which time the TPM device 102 can be removed (i.e. disable the respective slave compute node's TPM) from device 100),
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Thom in the method of securely merging multiple nodes of Dasari-Smith-Sarangdhar by using removable TPM device for authentication of a device using the TPM device. This would have been obvious because the person having ordinary skill in the art would have been motivated to decouple the TPM device from the authenticated device after digital certificates have been created from CA service in authenticating devices using a TPM device (Thom, [Abstract], [0004-0005], [0044]).

Claims 24, 25 are rejected under 35 U.S.C. 103 as being unpatentable over Dasari et al (US201000125731A1-IDS provided by Applicant, hereinafter, “Dasari”), in view of Sarangdhar et al (US20160142212A1-IDS provided by Applicant, hereinafter, “Sarangdhar”), further in view of Fenner et al (US20170302459A1, hereinafter, “Fenner”) and Campagna et al (US20190312851A1, hereinafter, “Campagna”).
Regarding claim 24, similarly claim 25, Dasari teaches:
A method, a multi-node computer system, comprising: 
providing compute nodes, each having a processor, a memory, and a bus that couples various compute node components including the memory to the processor (Dasari, see Fig. 1, Node 1 Node 2, CPU, Memory, North Bridge and scalability connection 12), wherein each of the compute nodes includes firmware and a trusted platform module (TPM) accessible to the firmware on the compute node (Dasari, [0018] the step of merging includes reading and extending the security status information from a platform configuration register (PCR) within the trusted platform module of each secondary node to a platform configuration register (PCR) within the trusted platform module of the primary node. A platform configuration register contains information about each of the firmware modules), [wherein the TPM on each of the compute nodes is provisioned with a platform certificate and a signed attestation key (AK) certificate] (see Sarangdhar below), and [wherein the AK certificate of each compute node's TPM is created by the TPM utilizing a network connection to a trusted certificate authority (CA) and stored in the TPM at manufacturing TPM provisioning time making use of a TPM provisioning process that includes attestation key enrollment for generating a primary attestation signing key (AK) used to sign the AK certificate] (see Fenner, Campagna below); 
(Dasari, [Abstract] … operating a plurality of computer nodes while maintaining trust. A primary computer node and at least one secondary computer node are connected into a cluster, wherein each of the clustered computer nodes includes a trusted platform module (TPM) that is accessible to software (i.e. firmware) and includes security status information about the respective computer node. And [0013] Each of the clustered computer nodes are then merged into a single node with only the trusted platform module of the primary computer node being accessible to software. And [0033] an entirely software embodiment (including firmware, resident software, micro-code, etc.)), wherein the connecting operation includes connecting each of the compute nodes using a secure trusted communications channel (Dasari, see Fig. 1 scalability connection 12 (i.e. secure trusted communication channel). Also [Claim 18] wherein each of the primary and secondary computer nodes includes a chipset with a scalability port to facilitate connection into a cluster).  
While Dasari teaches the multi-node computer system and method, but does not explicitly teach attestation of TPM with attestation key and certificate, however in the same field of endeavor Sarangdhar teaches:
wherein the TPM on each of the compute nodes is provisioned with a platform certificate and a signed attestation key (AK) certificate (Sarangdhar, [0018] The interface module may further be to cause the communication module to transmit a response to the request, the response including at least the TPM credentials for validation by the attestation platform, and to receive a message from the attestation platform via the communication module, the message at least indicating at least that the TPM credentials have been validated… the response to the request may further comprise the AKS certificate or the TPM certificate for the attestation platform to use in validating the TPM credentials).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Sarangdhar in the method of securely merging multiple nodes of Dasari by validating TPM credentials with attestation platform and certificate. This would have been obvious because the person having ordinary skill in the art would have been motivated to create trusted hardware system with TPM by attestation certificate in order to safeguard the electronics information (Sarangdhar, [Abstract], [0002], [0018]).
While the combination of Dasari-Sarangdhar does not explicitly teach the following limitation(s), however in the same field of endeavor Fenner teaches:
wherein the AK certificate of each compute node's TPM is created by the TPM utilizing a network connection to a trusted certificate authority (CA) and stored in the TPM at manufacturing TPM provisioning time (Fenner, [0054] consider now a discussion of an example TPM key attestation leverages a TPM's Endorsement Key (EK) that is injected into the TPM when it is manufactured and that is unique to each TPM. The trust in the EK is based on the secure and tamper-proof storage of the EK in the TPM and on the fact that the EK's certificate chains to the TPM manufacturer's issuing CA) [making use of a TPM provisioning process that includes attestation key enrollment for generating a primary attestation signing key (AK) used to sign the AK certificate] (See Campagna below).  
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Fenner in the 
The combination of Dasari-Sarangdhar-Fenner teaches AK certificate of each compute node's TPM is created by the TPM utilizing a network connection to a trusted certificate authority (CA) and stored in the TPM at manufacturing TPM provisioning time as shown above, but does not explicitly teach the following limitation(s), however in the same field of endeavor Campagna teaches:
making use of a TPM provisioning process that includes attestation key enrollment for generating a primary attestation signing key (AK) used to sign the AK certificate (Campagna,  [0017] discloses provisioning device by using cryptographic key and digital certificate, in particular with key signed using private key provisioned into the TPM device by manufacturer. And [0044] the provisioning private key may be an attestation identity key that is securely stored within a TPM as to be non-exportable… The remote attestation may, for example, be included in certificate information 116 including a device public key generated by the TPM, wherein the certificate information is signed by the attestation identity key (i.e. primary attestation signing key) (e.g., a provisioning private key securely stored within the TPM).
.

Claim 2 is rejected under 35 U.S.C. 103 as being unpatentable over the combination of Dasari-Smith-Sarangdhar-Thom as applied to claim 1, further in view of Fenner et al (US20170302459A1, hereinafter, “Fenner”) and Campagna et al (US20190312851A1, hereinafter, “Campagna”).
Regarding claim 2, Dasari-Smith-Sarangdhar-Thom combination teaches:
The method as recited in claim 1, 
While the combination of Dasari-Smith-Sarangdhar-Thom does not explicitly teach the following limitation(s), however in the same field of endeavor Fenner teaches:
wherein the AK certificate of each compute node's TPM is created by the TPM utilizing a network connection to a trusted certificate authority (CA) and stored in the TPM at manufacturing TPM provisioning time (Fenner, [0054] consider now a discussion of an example TPM key attestation leverages a TPM's Endorsement Key (EK) that is injected into the TPM when it is manufactured and that is unique to each TPM. The trust in the EK is based on the secure and tamper-proof storage of the EK in the TPM and on the fact that the EK's certificate chains to the TPM manufacturer's issuing CA) [making use of a TPM provisioning process that includes attestation key enrollment for generating a primary attestation signing key (AK) used to sign the AK certificate] (See Campagna below).  
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Fenner in the method of securely merging multiple nodes of Dasari-Smith-Sarangdhar-Thom by issuance of certificates for TPM within computing platform at manufacturing provisioning time. This would have been obvious because the person having ordinary skill in the art would have been motivated to issue certificates as contingent on key attestation of keys to guarantee that a certain cryptographic operation occurred in the TPM of a particular computer by virtue of the fact that any operation that uses the private key of such a key pair must occur inside that specific TPM (Fenner, [Abstract], [0004], [0019]).
While the combination of Dasari-Smith-Sarangdhar-Thom-Fenner does not explicitly teach the following limitation(s), however in the same field of endeavor Campagna teaches:
making use of a TPM provisioning process that includes attestation key enrollment for generating a primary attestation signing key (AK) used to sign the AK certificate (Campagna,  [0017] discloses provisioning device by using cryptographic key and digital certificate, in particular with key signed using private key provisioned into the TPM device by manufacturer. And [0044] the provisioning private key may be an attestation identity key that is securely stored within a TPM as to be non-exportable… The remote attestation may, for example, be included in certificate information 116 including a device public key generated by the TPM, wherein the certificate information is signed by the attestation identity key (i.e. primary attestation signing key) (e.g., a provisioning private key securely stored within the TPM).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Campagna in the method of securely merging multiple nodes of Dasari-Sarangdhar-Thom-Fenner using a provisioned private key as attestation identity key to sign the certificate information. This would have been obvious because the person having ordinary skill in the art would have been motivated to use the provisioned private key built within TPM to sign the digital certificate to enable the system to check that the information provided from device from manufacture is configured to be trustable in provisioning and authorizing a device for use in a network (Campagna, [Abstract], [0017], [0044]).

Claim 3 is rejected under 35 U.S.C. 103 as being unpatentable over the combination of Dasari-Smith-Sarangdhar-Thom as applied to claim 1, further in view of Schwartz et al (US20050071625A1, hereinafter, “Schwartz”).
Regarding claim 3, Dasari-Smith-Sarangdhar-Thom combination teaches:
The method as recited in claim 1, 
While the combination of Dasari-Smith-Sarangdhar-Thom does not explicitly teach the following limitation(s), however in the same field of endeavor Schwartz teaches:
(Schwartz, [Abstract] discloses dynamic configuring of a multi-node computer, and [claim 9] program code for configuring each processor node according to configuration data supplied by the scalability management module; and program code for completing a full boot on a host processor node, the host processor node being selected by the scalability management module from the plurality of processor nodes, to enable the host processor node to control the multi-node computer).  
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Schwartz in the method of securely merging multiple nodes of Dasari-Smith-Sarangdhar-Thom by using full boot on a host processor node as program code to configure each processor node in a scalability management module. This would have been obvious because the person having ordinary skill in the art would have been motivated to use the program code of boot on a host processor for scalability management in the multi-node computer system (Schwartz, [Abstract]).

Claim 4 is rejected under 35 U.S.C. 103 as being unpatentable over the combination of Dasari-Smith-Sarangdhar-Thom as applied to claim 1, further in view of Schmidt et al (US20160306975A1, hereinafter, “Schmidt”).
Regarding claim 4, Dasari-Smith-Sarangdhar-Thom combination teaches:
: 
While the combination of Dasari-Smith-Sarangdhar-Thom does not explicitly teach the following limitation(s), however in the similar field of endeavor Schmidt teaches:
validating, at a remote trusted third party, after completion of node merge operations but prior to trusting the multi-node system to secure workloads, the credentials of each respective slave compute node based on a quote received from the master compute node's TPM and a TPM event log received from the firmware on the master compute node (Schmidt, [Abstract] discloses verification data as leaf nodes in subtree structure certified by a third party. And [0053] for generating verification data that may be used for validation of a wireless transmit-receive unit (WTRU). The WTRU may have one or more components and a secure environment with a number of secure registers. A secure environment may include a secure hardware and/or software environment …, the secure environment may be a trusted platform module (TPM),… And [0054] verification data may be generated by obtaining a value, for each of a plurality of components of the WTRU, ... A measurement log (ML) may be generated containing a record of the component measurement values and other component-specific data may be stored on the WTRU).  
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Schmidt in the method of securely merging multiple nodes of Dasari-Smith-Sarangdhar-Thom by distributing the verification of measurement components for providing security to devices. This would have been obvious because the person having ordinary skill in the art would have been motivated to .

Claims 5, 19, 22 are rejected under 35 U.S.C. 103 as being unpatentable over the combination of Dasari-Smith-Sarangdhar-Thom as applied to claims 1, 18, 21 respectively, further in view of Krahn et al (US20170041147A1, hereinafter, “Krahn”).
Regarding claim 5, similarly claim 19 and claim 22, Dasari-Smith-Sarangdhar-Thom combination teaches: The method as recited in claim 1, the multi-node computer system as recited in claim 18, the computer program product as recited in claim 21,
While the combination of Dasari-Smith-Sarangdhar-Thom does not explicitly teach the following limitation(s), however in the similar field of endeavor Krahn teaches:
wherein each compute node's TPM includes multiple platform configuration registers (PCRs), including PCRO, PCR1, PCR2, PCR3, PCR4, PCR5, PCR6, and PCR7, and wherein the quote request from the master compute node to each respective slave compute node includes a nonce and specific PCR contents requested from the slave compute node's TPM (Krahn, [0005] establish a communication channel between the first device and the second device, receive, at the first device, identity information from the second device, the identity information including one or more of: a trusted platform module (TPM) endorsement key certificate, a public portion of an identity key, one or more platform control register (PCR) values (i.e. PCR0,…PCR7), … verify, at the first device, certification of the asymmetric signing key, based on the verification, send, from the first device to the second device, a message including a signing key, where the signing key includes a random value (i.e. nonce) generated by the first device).  
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Krahn in the method of securely merging multiple nodes of Dasari-Smith-Sarangdhar-Thom by using discovery message to identify identity information of slave compute node with information of PCR values for peer-peer attestation. This would have been obvious because the person having ordinary skill in the art would have been motivated to verify PCR values in order to authenticate the slave device (Krahn, [Abstract], [0005]).

Claim 6 is rejected under 35 U.S.C. 103 as being unpatentable over the combination of Dasari-Smith-Sarangdhar-Thom-Krahn as applied to claim 5, further in view of Robison et al (US20140237228A1, hereinafter, “Robison”), Puri et al (US20180246732A1, hereinafter, “Puri”) and Ellison et al (US20100082984A1, hereinafter, “Ellison”).
Regarding claim 6, Dasari-Smith-Sarangdhar-Thom-Krahn combination teaches:
The method as recited in claim 5, 
While the combination of Dasari-Smith-Sarangdhar-Thom-Krahn does not seem to teach the following limitations, in the same field of endeavor, 
Robison teaches: further comprising: performing, at each respective slave compute node, in response to receiving the quote request from the master compute node, the following operations: re-creating a primary attestation signing key (AK) used to sign the AK certificate (Robison, [0035] the system may validate the authority of the card holder to obtain a renewed smart card and may populate the smart card with a new private/public cryptographic key pair, a new certificate attesting to ownership of the private key, and any PIN associated with the new certificate); 
Puri teaches: reading the AK certificate of the slave compute node's TPM (Puri, [0051] … cause the computing device to obtain (i.e. reading) at least one of: …, or a cryptographic certificate of a Trusted Platform Module ( TPM) of the computing device); 
Ellison teaches: extending PCR1 of the slave compute node's TPM with a hash of the AK certificate; adding the hash of the AK certificate to a TPM event log associated with the slave compute node's TPM (Ellison, [Abstract] Messages, including messages in conformance with various protocols, can be hashed and the hash values added to an event log and provided to a Trusted Platform Module (TPM), which can extend one or more Platform Configuration Registers (PCRs) with the hash value. And [0039] Once the client computing device 210 has provided the hashed message 255 to the TPM 150 and the PCRs 155 have been extended, and once the TCG event log 190 has been updated with the hashed message, the client computing device can generate a response communication 265 to the server computing device 220).  
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Robison in the method of securely merging multiple nodes of Dasari-Smith-Sarangdhar-Thom-Krahn by providing personal identification information to renew the smart card with valid certificate. This would have been obvious because the person having ordinary skill in the art would have been motivated to re-generate attestation certificate for smart card renewal (Robison, [Abstract]).

It would also have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Ellison in the method of securely merging multiple nodes of Dasari-Smith-Sarangdhar-Thom-Krahn-Robison-Puri by extending PCR and adding PCR value to event log to TPM. This would have been obvious because the person having ordinary skill in the art would have been motivated to use TPM to sign messages which provides security and trust benefits without additional cost to the manufacturer of a computer device (Ellison, [Abstract], [0010]).

Claim 7 is rejected under 35 U.S.C. 103 as being unpatentable over the combination of Dasari-Smith-Sarangdhar-Thom-Krahn as applied to claim 5, further in view of Fenner et al (US20170302459A1, hereinafter, “Fenner”), Puri et al (US20180246732A1, hereinafter, “Puri”) and Ellison et al (US20100082984A1, hereinafter, “Ellison”).
Regarding claim 7, Dasari-Smith-Sarangdhar-Thom-Krahn combination teaches:
The method as recited in claim 5, 

Fenner teaches: wherein the TPM on each of the compute nodes includes a primary AK used to sign the AK certificate, the method further comprising: performing, at each respective slave compute node, in response to receiving the quote request from the master compute node, the following operations: reading the primary AK of the slave compute node's TPM (Fenner, [0055] In response to receiving the key instruction 202, the TPM 108 executes a key attestation process 204 to generate a key claim, which is used to obtain an AIK certificate that attests that the AIK key 118 is contained within the TPM 108); 
Puri teaches: reading the AK certificate of the slave compute node's TPM (Puri, [0051] … cause the computing device to obtain (i.e. reading) at least one of: …, or a cryptographic certificate of a Trusted Platform Module ( TPM) of the computing device); 
Ellison teaches: extending PCR1 of the slave compute node's TPM with a hash of the AK certificate; adding the hash of the AK certificate to a TPM event log associated with the slave compute node's TPM (Ellison, [Abstract] Messages, including messages in conformance with various protocols, can be hashed and the hash values added to an event log and provided to a Trusted Platform Module (TPM), which can extend one or more Platform Configuration Registers (PCRs) with the hash value. And [0039] Once the client computing device 210 has provided the hashed message 255 to the TPM 150 and the PCRs 155 have been extended, and once the TCG event log 190 has been updated with the hashed message, the client computing device can generate a response communication 265 to the server computing device 220).  

It would also have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Puri in the method of securely merging multiple nodes of Dasari-Smith-Sarangdhar-Thom-Krahn-Fenner by obtaining certificate of a TMP of computing device in remote administration of computing system setup. This would have been obvious because the person having ordinary skill in the art would have been motivated to initialize the computer operation with validation of certificate of TPM as initial setup option (Puri, [Abstract], [0051]).
It would also have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Ellison in the method of securely merging multiple nodes of Dasari-Smith-Sarangdhar-Thom-Krahn-Fenner-Puri by extending PCR and adding PCR value to event log to TPM. This would have been obvious because the person having ordinary skill in the art would have been motivated to use TPM to .

Claims 8-11, 20, 23 are rejected under 35 U.S.C. 103 as being unpatentable over the combination of Dasari-Smith-Sarangdhar-Thom-Krahn as applied above, further in view of Schwartz et al (US20050071625A1, hereinafter, “Schwartz”) and Ellison et al (US20100082984A1, hereinafter, “Ellison”).
Regarding claim 8, similarly claim 20 and claim 23, Dasari-Smith-Sarangdhar-Thom-Krahn combination teaches:
The method as recited in claim 5, the multi-node computer system as recited in claim 19, the computer program product as recited in claim 22, 
Krahn further teaches: wherein the quote response sent from each respective slave compute node to the master compute node includes a structured message containing the nonce received from the master compute node in the quote request (Krahn, [0005] from the first device to the second device, a message including a signing key, where the signing key includes a random value (i.e. nonce) generated by the first device), contents of PCRO-7 of the slave compute node's TPM (Krahn, [0005] the identity information including one or more of: a trusted platform module (TPM) endorsement key certificate, a public portion of an identity key, one or more platform control register (PCR) values (i.e. PCR0,…PCR7)),
Dasari further teaches: TPM quote data (Dasari, [0031]), a TPM quote signature (Smith, [0042] In peer-peer mode, the VDM message may be authenticated by the device using EPID signing or TPM signing keys), 
(Sarangdhar, [0036] Encryption module 112' may then issue a TPM2_Create(EPID_OID) instruction to FW module 110', which may respond with an attestation identity key (AIK) that may correspond to the TPM certificate), 
While the combination of Dasari-Smith-Sarangdhar-Thom-Krahn does not appear to teach the following limitations, in the same field of endeavor, 
Schwartz teaches: the slave compute node's ID (Schwartz, [0020] The SMM also reads a list of Universal Unique Identifiers (UUIDs) for each node in the partition to be formed),
Ellison teaches: and a TPM event log associated with the slave compute node's TPM (Ellison, [0030] The RAM 132 can also comprise data that can be relevant to the operation of the TPM 150, such as the TCG event log 190).  
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Schwartz in the method of securely merging multiple nodes of Dasari-Smith-Sarangdhar-Thom-Krahn by using full boot on a host processor node as program code to configure each processor node in a scalability management module. This would have been obvious because the person having ordinary skill in the art would have been motivated to use the program code of boot on a host processor for scalability management in the multi-node computer system (Schwartz, [Abstract]).
It would also have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Ellison in the method of securely merging multiple nodes of Dasari-Smith-Sarangdhar-Thom-Krahn-Schwartz by 

Regarding claim 9, Dasari-Smith-Sarangdhar-Thom-Krahn-Schwartz-Ellison combination further teaches:
The method as recited in claim 8, further comprising: performing, at the master compute node, in response to receiving the quote response from each respective slave compute node, the following operations: extending PCR1 of the master compute node's TPM with a hash of the quote response from the slave compute node; adding the quote response a TPM event log associated with the master compute node's TPM (Ellison, [Abstract] Messages, including messages in conformance with various protocols, can be hashed and the hash values added to an event log and provided to a Trusted Platform Module (TPM), which can extend one or more Platform Configuration Registers (PCRs) with the hash value. And [0039] Once the client computing device 210 has provided the hashed message 255 to the TPM 150 and the PCRs 155 have been extended, and once the TCG event log 190 has been updated with the hashed message, the client computing device can generate a response communication 265 to the server computing device 220).  
Examiner note that Ellison’s teachings of extending PCR value and adding response a TPM event log can apply to both master and slave compute nodes.

Regarding claim 10, Dasari-Smith-Sarangdhar-Thom-Krahn-Schwartz-Ellison combination further teaches:
The method as recited in claim 9, further comprising: validating, at the master compute node, after receiving the quote response from each respective slave compute node but prior to enabling node merge operations, the credentials of each respective slave compute node (Krahn, [0026] Security modules (e.g., security module 180) that provide such invalid credentials are not to be provided with attestation identity credentials that would attest or confirm authenticity of the security modules and thereby authenticity of computing devices on which the security modules reside. Similarly, in some implementations, device information database 194 may identify specialized endorsement credentials and respective extended integrity measurements that are valid).  

Regarding claim 11, Dasari-Smith-Sarangdhar-Thom-Krahn-Schwartz-Ellison combination further teaches:
The method as recited in claim 10, wherein validating, at the master compute node, after receiving the quote response from each respective slave compute node but prior to enabling node merge operations, the credentials of each respective slave compute node includes: analyzing the quote response received from each slave compute node for any prohibited level of firmware; analyzing the quote response received from each slave compute node for an authentic AK certificate (Krahn, [0016] The TPM may be associated with firmware (e.g., Basic Input/Output System (BIOS) firmware) that allows the computing device to represent itself as a trusted platform. And [26] Security modules (e.g., security module 180) that provide such invalid credentials are not to be provided with attestation identity credentials (i.e. prohibited) that would attest or confirm authenticity of the security modules and thereby authenticity of computing devices on which the security modules reside. Similarly, in some implementations, device information database 194 may identify specialized endorsement credentials and respective extended integrity measurements that are valid).  
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MICHAEL M LEE whose telephone number is (571)272-1975.  The examiner can normally be reached on M-F: 8:30AM - 5:30PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, Applicant is 
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Shewaye Gelagay can be reached on (571) 272-4219.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



/MICHAEL M LEE/Examiner, Art Unit 2436

/KENDALL DOLLY/Primary Examiner, Art Unit 2436