DETAILED ACTION

The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 5/12/21 has been entered.

Claims 1-20 are pending.  Claims 1, 9, 17 have been amended. 

Response to Amendment

Applicant’s amendments to claims 1, 9, 17 have been considered and are accepted.  The Examiner finds that applicant's amendments do have support in applicant's as-filed disclosure.

Response to Arguments
Applicant’s arguments filed 05/12/2021 have been fully considered but they are not persuasive.
Applicant’s arguments regarding the rejections of the claims under the prior art have been fully considered.  However, those arguments are rendered moot in light of the new grounds of rejection outlined below, which were necessitated by the applicant's amendment.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

s 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over Messerges (US Pub. 20150341341 A1) and further in view of Chen et al. (US Pub. 20150278552 A1).

	Regarding claim 1 (currently amended), Messerges discloses a method of operating a computer system including a management device (Fig. 1, certificate authority), comprising, at the management device: 
determining that a target event occurred at a first server in a group of servers that are jointly managed (Fig. 1, para. 17- In order to perform debugging operations on device 102, subsequent to connecting with device 102, debugging computer 104 may send a debugging establishment request to device 102. The debugging establishment request may be a request for a unique identifier associated with device 102 and an expiration value); 
obtaining, for the first server, a (para. 16, 19- Debugging computer 104 may also be communicatively coupled, via wired or wireless connection, to certificate authority 106. Certificate authority 106 may be, for example, a server or another computer that is configured to provide digital certificates to debugging computer 104); 
providing the first key to the first server such that the first server is accessible by authentication with the first key (para. 18- device 102 may secure the expiration value with a cryptographic mechanism that makes use of one or more of a cryptographic hash algorithm, a digital signature, or an encryption algorithm. For example, the integrity and authenticity of the expiration value may be ensured by having device 102 create a message authentication code (MAC) over the expiration value with a unique key known only to device 102, thereby preventing debugging computer 104 or another device from tampering with the expiration value without such tampering being detected by device 102.); and 
providing the second key to a client device such that the first server is accessible by the client device by providing the second key to the first server, wherein the client device sends an access request including the second key to the first server, wherein the first server grants the client device access when the second key matches the first key. (para. 19-21- Responsive to receiving the signed TLS certificate, debugging computer 104 may attempt to establish a secured and authenticated TLS session with device 102. Using a current TLS protocol, during the TLS session establishment, debugging computer 104 may forward the TLS certificate to device 102 and the parties may use the TLS certificate and asymmetric cryptography to ensure that they are communicating with each other. During the TLS session establishment, device 102 and debugging computer 104 may also establish a TLS session key that may be used to encrypt data to be exchanged by the parties. As part of a typical TLS verification process, device 102 may ensure that the signed TLS certificate has a valid signature and device 102 may use the signature to authenticate debugging computer 104. In some embodiments, to enable a debugging mode on device 102, subsequent to establishing a session with debugging computer 104, device 102 may ensure that an identifier in the signed TLS certificate matches its own identifier)


Regarding claim 2, Messerges discloses in the method of claim 1, wherein the target event is occurred at a component of the first server, wherein the first key is provided to firmware executed on the component.  (para. 15- The device receives a transport layer security (TLS) certificate from the debugging computer and establishes a secured and authenticated link with the debugging computer using the TLS certificate. The device enables a debugging mode, responsive to determining that an identifier in the TLS certificate matches the unique identifier and that a secured TLS expiration value in the TLS certificate is valid and within a predefined validity range, and executes, in the debugging mode, debugging instructions received from the debugging computer.)

Regarding claim 3, Chen discloses in the method of claim 1, further comprising: generating the public-private key pair at the management device. (para. 45- a configuration device 148, such as a desktop computer, a handheld mobile phone, a notebook computer, a tablet, or a mobile device of any type, configures authentication data, including but not limited to paired keys (public key and private key) with a specific lifetime. An administrator or user uses the configuration device 148 to generate authentication data with a specific lifetime)

Regarding claim 4, Chen discloses in the method of claim 1, wherein the first key is a public key of the public-private key pair. (para. 49- In a preferred embodiment, the configuration user of the configuration device 148 sends a public key with a specific lifetime to any storage medium of the authorized user through the means of transmission 152.)

Regarding claim 5, Chen discloses in the method of claim 1, wherein the first key is a private key of the public-private key pair. (para. 49- the configuration user of the configuration device 148 sends a private key with a specific lifetime to the authentication module 160 of the information handling system 100 through the means of transmission 154)

Regarding claim 6, the combination of Messerges and Chen discloses in the method of claim 1, wherein the providing the first key to the first server includes uploading the first key to the first server through an interface of the first server. (Messerges- para. 15- The device receives a transport layer security (TLS) certificate from the debugging computer and establishes a secured and authenticated link with the debugging computer using the TLS certificate. The device enables a debugging mode, responsive to determining that an identifier in the TLS certificate matches the unique identifier and that a secured TLS expiration value in the TLS certificate is valid and within a predefined validity range, and executes, in the debugging mode, debugging instructions received from the debugging computer.; Chen- para. 49)

Regarding claim 7, the combination of Messerges and Chen discloses the method of claim 1, further comprising: revoking the first key from the first server. (Messerges-para. 18, 21; Chen- para. 51)

Regarding claim 8, the combination of Messerges and Morel discloses the method of claim 1, wherein the computer system further comprises the first server, the method further comprising, at the first server: receiving the first key from the management device; receiving the second key from the client device in an authentication process; matching the second key with the first key; and allowing the client device to access the first server when the second key matches the first key. (Messerges- para. 21, 26; Chen- Fig. 3 and paras.; para. 53- the authentication is deemed a success when the public key and the private key are matched paired keys, and the authentication is deemed a failure when the public key and the private key are non-matched paired keys)

Regarding claims 9-16, they are rejected as applied to claims 1-8 because a corresponding system would have been necessitated to carry forth the method steps of claims 1-8.  The applied prior art also discloses the corresponding architecture.  

Regarding claims 17-20, they recite a computer program that when executed, performs the functional steps of method claims 1-4, and thus, rejected for the same rationale.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to WILLIAM A CORUM JR whose telephone number is (303)297-4234.  The examiner can normally be reached on Mon. - Fri. 8 AM - 5 PM EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey Pwu can be reached on (571)272-6798.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/WILLIAM A CORUM JR/Examiner, Art Unit 2433      

/JEFFREY C PWU/Supervisory Patent Examiner, Art Unit 2433