DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Specification

Applicant is reminded of the proper language and format for an abstract of the disclosure.
The abstract should be in narrative form and generally limited to a single paragraph on a separate sheet within the range of 50 to 150 words in length. The abstract should describe the disclosure sufficiently to assist readers in deciding whether there is a need for consulting the full patent text for details.
The language should be clear and concise and should not repeat information given in the title. It should avoid using phrases which can be implied, such as, “The disclosure concerns,” “The disclosure defined by this invention,” “The disclosure describes,” etc.  In addition, the form and legal phraseology often used in patent claims, such as “means” and “said,” should be avoided.
The abstract of the disclosure is objected to because applicant uses the legal terminology of “According to one embodiment” in line 1 of the abstract. Applicant should refrain from using such terminology and phrase should be omitted from the abstract.




The specification is objected to under 37 C.F.R. 1.74, which requires the detailed description to refer to the different parts of the figures by use of reference letters or reference numerals. Implicit in this rule is that the detailed description correctly reference the figures. In this application the figures and detailed description are inconsistent as explained below.

In Page 19 Par. (0069) lines 4-7 the specification refers to reference character 104 as “host machine” and “host system”
In Page 53 Par. (00141) lines 12-14 the specification refers reference character 2209 in Figure 22 as “a unique endorsement credential (EC) and as “endorsement key (EK)”







Claim Objections

Claims 1 and 9-14 objected to because of the following informalities:  

In regards to Claim 1, the applicant recites the limitation in Claim 1 line 3 “receiving at a host system from a data processing (DP) accelerator”, this becomes unclear because in the preamble of the claim the applicant already recite “a data processing accelerator” recited in Claim 1 line 1 “A computer-implemented method for key distribution of a data processing accelerator,”. It becomes unclear if the applicant is referring to the data processing accelerator already recited in the beginning of the claim or if the applicant is implying a new embodiment and limitation of a data processing accelerator. The specifications state in Par. (0063) “a system receives, at a host system from a data processing (DP) accelerator, an accelerator identifier (ID) that uniquely identifies the DP accelerator, where the host system is coupled to the DP accelerator over a bus” as well as in Par. (00176) “Figure 29. Referring to Figure 31, at block 3101, processing logic receives, at a host system from a DP accelerator, an accelerator ID that uniquely identifies the DP accelerator, where the host system is coupled to the DP accelerator over a bus”. Therefore it will be broadly and reasonably interpreted that the data processing accelerator that is transmitting the accelerator identifier to the host system is the same data processing accelerator described in the preamble of claim 1. Appropriate correction is required.

“The machine-readable medium of”, this becomes unclear because of the lack of antecedent basis of the claim as well as confusion surrounding the issue if the applicant is changing the scope of the claim. The applicant recites in independent Claim 8 that it is a “A non-transitory machine-readable medium having instructions stored therein” therefor the dependent claims that rely upon Claim 8 do not match the format provided and the “non-transitory” limitation is nowhere to be found in any of the dependent claims. This creates confusion on the dependent claims highlighted above if they are in fact the same non-transitory machine-readable medium described in Claim 8 or if they are a new and different embodiment of a type of machine-readable medium. The specification state in Par.(00191) “the term "computer-readable storage medium" shall accordingly be taken to include, but not be limited to, solid-state memories, and optical and magnetic media, or any other non-transitory machine-readable medium” as well as in Par. (0005) “ a non-transitory machine- readable medium having instructions stored therein, which when executed by a processor, cause the processor to perform operations, the operations comprising: receiving, at a host system from a data processing (DP) accelerator, an accelerator identifier (ID) that uniquely identifies the DP accelerator, wherein the host system is coupled to the DP accelerator over a bus;”. Therefor it will be broadly and reasonable interpreted that the machine-readable mediums in dependent claims 9-14 reflect the non-transitory machine-readable medium described in claim 8. 

Appropriate correction is required.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Scarlata et al. (U.S Pub. No. 20190132136, hereinafter referred to as "Scarlata") in view of Tardo et al. (U.S Pub. No. 20030226018 hereinafter referred to as “Tardo”).

In regards to Claim 1, Scarlata teaches A computer-implemented method for key distribution of a data processing accelerator, the method comprising: (Figure 2 labels 200, 206, 210; key distribution of data processing accelerator (cryptographic data key exchange of accelerator FPGA); Par. (0029) “data exchanged with the trusted ”; key distribution (cryptographic data exchange) of data processing accelerator (FPGA).
receiving, at a host system from a data processing (DP) accelerator, an accelerator identifier (ID) that uniquely identifies the DP accelerator, (Par. (0033) “The ASE 302 is configured to receive a unique device identifier from the accelerator device 136 and to validate a device certificate for the unique device identifier. The device identifier may be based on a PUF 208 of the accelerator device 136.”; host system (ASE) receives accelerator ID (unique device identifier), uniquely identifies the DP accelerator( based on [..] accelerator device),  wherein the host system is coupled to the DP accelerator over a bus; (Par. (0022) “The accelerator device 136 may be coupled to the processor 120 via a high-speed connection interface such as a peripheral bus”; accelerator coupled to host over a bus).
transmitting the accelerator ID to a predetermined trusted server over a network;  (Figure 5 label 502-506; predetermined trusted server (computing device) receives accelerator ID (unique device identifier is transmitted)(Par. (0039) “the computing device 102 may execute a method 500 for secure authentication and programming of an accelerator device 136. It should be appreciated that, in some embodiments, the operations of the method 500 may be performed by one or more components of the environment 300 of the computing device 102 as shown in FIG. 3 (e.g., the ASE 302). The method 500 begins in block 502, in which the ASE 302 receives a unique, secure device identifier from an accelerator device 136,”; accelerator ID (Unique identifier) is received by (transmitted) a predetermined trusted server (computing device).
receiving a certificate from the predetermined trusted server over the network, the certificate certifying the DP accelerator; (Par. (0040) “the ASE 302 looks up a certificate for the device identifier from the certificate service 104. The device identifier may be established and enrolled during manufacturing or is otherwise known to the certificate service 104. For example, the certificate service 104 may be provided by the manufacturer or other authority associated with the FPGA 200. The certificate may include one or more mappings between the device identifier and one or more testable attributes of the FPGA”; certificate received), (Par. (0041)” validates the device certificate received from the certificate service 104. For example, the ASE 302 may validate a signature of the device certificate using the appropriate authority's key. Validating the device certificate may establish that the device certificate is a valid manifest for the FPGA; certifying the accelerator)
and establishing a secure channel with the DP accelerator using the PK_RK based on the verification to exchange data securely between the host system and the DP accelerator. (Figure 5 label 528; establishing secure channel with key (tunnel key)) (Par. (0045) “the ASE 302 establishes a secure channel protected by the shared secret tunnel key with the FPGA 200. To establish the secure channel, the ASE 302 may complete the secure key exchange protocol as described above. For example, the ASE 302 may derive the tunnel key based on the ephemeral keys and then send a third SIGMA message in response to the FPGA 200. After establishing the secure channel, the tunnel key may be used to encrypt, wrap, or otherwise protect data secure channel based on verification between host (ASE) and DP accelerator (FPGA) using key (secret tunnel key)), (Par. (0084) “and wherein to validate the device certificate comprises to validate the device certificate with a public key of the certificate service.”; use of public key based on verification (validation) between host (ASE) and DP accelerator (FPGA).
However Scarlata does not explicitly teach extracting a public root key (PKRK) from the certificate for verification, the PK_RK corresponding to a private root key (SKRK) associated with the DP accelerator;  
Wherein Tardo teaches extracting a public root key (PKRK) from the certificate for verification, the PK_RK corresponding to a private root key (SKRK) associated with the DP accelerator;  (Par. 39 “The client then generates a pre-master secret for the session, encrypts the pre-master secret with the server's public key obtained from the server certificate, and sends the encrypted pre-master secret to the server at 321.”; extracting (obtaining) a public root key (public key) from certificate; private key (pre-master secret)). , (Par. (41) “Both the server 303 and the client 301 use key generation information such as the pre-master secret to generate a master secret and subsequently to generate the session keys. In typical implementations, a function call is issued to a cryptography accelerator to derive a master secret from a pre-master secret.”; private key (master secret) associated with DP accelerator (cryptography accelerator).
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Tardo to the key distribution of a data processing accelerator, receiving from a host an accelerator identifier, transmitting the 
The motivation to combine these references is because by extracting the certificate for verification the host system can establish a secure exchange with the data processing accelerator. This eliminates unlawful or unauthorized access from entities trying to compromise or impersonate users trying to run application on the data processing accelerators. By using public and private keys associated with the accelerators it reduces the risk of vulnerabilities, compromise and alteration of the sensitive data on the host system and allows providers of these application to execute using the data processing accelerators freely and without concern for the integrity of the system.




In regards to Claim 2, the combination of Scarlata and Tardo teach the method of claim 1. Scarlata further teaches The method of claim 1, wherein the DP accelerator includes one or more execution units operable to perform data processing operations on behalf of an application hosted within the host system. (Par. (0016) “code and data to be securely communicated between an application executed by the processor 120 and an accelerator device 136.”; accelerator executes application within host), (Par. (0029) “FPGA 200 that are configured to perform an acceleration task. Each one or more execution units included in accelerator).

In regards to Claim 3, the combination of Scarlata and Tardo teach the method of claim 1. Scarlata further teaches The method of claim 2, wherein the predetermined trusted server is associated with a provider of the application. (Figure 4 label 302, 402; predetermined trusted server (ASE) receiving data associated with provider of application), (Par. (0042) “associated with the ASE 302, such as a cloud service provider (CSP) or other owner of the computing device”; predetermined trusted server (ASE) associated with provider), (Par. (0034) “The ASE 302 may be further configured to authenticate the tenant enclave 304, which includes a tenant application or other user application.”; predetermined trusted server (ASE) associated with provider of application), (Figure 5 label 502; provider of application (ASE) receives ID from accelerator (FPGA) as predetermined trust server).

In regards to Claim 4, the combination of Scarlata and Tardo teach the method of claim 1. Scarlata further teaches The method of claim 1, wherein the predetermined trusted server is associated with a provider of the DP accelerator. (Figure 4 labels 402, 410 and 412; data is securely exchanged between host (ASE) and provider of DP accelerator (FPGA) label 200 being the predetermined trusted server in communication), (Par. (0038) “the ASE 302 securely programs the FPGA 200 with the bitstream image and one or more of the associated encryption keys. In interaction 412, data exchanged with provider of DP accelerator (FPGA) as predetermined trusted server)

In regards to Claim 5, the combination of Scarlata and Tardo teach the method of claim 1. Scarlata further teaches The method of claim 1, wherein the PK_RK is further utilized to verify a signature generated for the DP accelerator. (Par. (0041) “ASE 302 may validate a signature of the device certificate using the appropriate authority's key. Validating the device certificate may establish that the device certificate is a valid manifest for the FPGA 200”; verifying (validating) signature for DP accelerator (FPGA), public key (appropriate authority key), (Par. (0066) “ wherein to validate the device certificate comprises to validate the device certificate with a public key of the certificate service.”; signature (certificate) verified (validated) with public key))


In regards to Claim 6, the combination of Scarlata and Tardo teach the method of claim 1. Scarlata further teaches The method of claim 5, wherein the PK_RK is utilized by the host system to establish a session key associated with a communication session between the host system and the DP accelerator. (Figure 5 label 512, 528; secure channel is established between DP accelerator (FPGA) and host system (ASE) using a session key (secret tunnel key), (Par. (0045) “the ASE 302 establishes a secure channel protected by the shared secret tunnel key with the FPGA 200. To establish the secure channel, the ASE 302 may complete the secure key establishing a session key (secret tunnel key) by host system (ASE), session key (tunnel key) utilized (based on) by public key (ephemeral keys), 

In regards to Claim 7, the combination of Scarlata and Tardo teach the method of claim 1. Scarlata further teaches The method of claim 5, wherein the PK_RK is utilized by the host system to verify a signature for a public attestation key to attest a kernel object stored in the DP accelerator. (Par. (0040) “The certificate may include one or more mappings between the device identifier and one or more testable attributes of the FPGA 200 (e.g., firmware version, PUF attestation key, or other attributes). The certificate may be signed with an authority's key, such as the key of the manufacturer of the FPGA 200.”; attestation key included in certificate), (Par. (0041) “ASE 302 may validate a signature of the device certificate using the appropriate authority's key. Validating the device certificate may establish that the device certificate is a valid manifest for the FPGA 200.”; Host system (ASE) verify (validate) signature for public attestation key (certificate included with attestation key)), (Par. (0066) “wherein to validate the device certificate comprises to validate the device certificate with a public key of the certificate service.”; public utilized to verify (validate) signature (certificate with attestation key))




In regards to Claims 9 and 16, claims 9 and 16 recite similar limitations as claim 2 and the teachings of Scarlata and Tardo address all the limitation discussed in Claim 2 and are thereby rejected under the same grounds. 

In regards to Claims 10 and 17, claims 10 and 17 recite similar limitations as claim 3 and the teachings of Scarlata and Tardo address all the limitation discussed in Claim 3 and are thereby rejected under the same grounds. 

In regards to Claims 11 and 18, claims 11 and 18 recite similar limitations as claim 4 and the teachings of Scarlata and Tardo address all the limitation discussed in Claim 4 and are thereby rejected under the same grounds. 

In regards to Claims 12 and 19, claims 12 and 19 recite similar limitations as claim 5 and the teachings of Scarlata and Tardo address all the limitation discussed in Claim 5 and are thereby rejected under the same grounds. 



In regards to Claim 14, claim 14 recites similar limitations as claim 7 and the teachings of Scarlata and Tardo address all the limitation discussed in Claim 7 and are thereby rejected under the same grounds. 


Relevant Prior Art

The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.

Laurich; Lawrence A (U.S Pub. No. 20110296440 “ACCELERATOR SYSTEM FOR USE WITH SECURE DATA STORAGE”. Considered this reference because it addressed the coupling of a data processing accelerator with a bus and a host system in communication. Utilized the transferring of confidential information through blocks to maintain the integrity of the application before execution.

Chiou; Derek (U.S Patent. No. 10977104) “Partially Reconfiguring Acceleration Components”. Considered this application because it relates to 

Chen; Zhiping (U. S Pub. No. 20180307499) “Method And Apparatus For Configuring Accelerator”. Considered this application because it illustrated and explained in detail the use of multiple data processing accelerators in secure communication with a server and determining the target service type corresponding to the rightful accelerator in exchange with the server.


Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to HASSAN A HUSSEIN whose telephone number is (571)272-3554. The examiner can normally be reached on 7:30am-5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


/HASSAN A HUSSEIN/ 
Examiner, Art Unit 2497
/ELENI A SHIFERAW/Supervisory Patent Examiner, Art Unit 2497