0111:	DETAILED ACTION
CLAIMS 1-20 
are presented for examination.
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Interpretation
Examiner notes Applicant’s limiting definition for computer storage media at [0077] – [0078] of the Specification. 
Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.

Claim(s) 1, 2, 7-9
 is/are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Erickson et al., US 2007/0083748 Al, (“Erickson”).
Regarding Claim 1,
 Erikson teaches a device, comprising: (Fig. 1, element 132 “client”) 
a processor; ([0017] “The major components of the boot server computer system 100 include one or more processors 101, a main memory 102 ….”; See also [0030] “The clients 132 may include some or all of the hardware and/or software elements previously described above for the boot server computer system 100.”) and
 a memory having computer-executable instructions stored thereupon which, when executed by the processor, ([0018] “Each processor 101 executes instructions stored in the main memory 102”) cause the device to:
the client computer system 132 sends a broadcast discover command to the network 130, which requests a name of a boot image file 168 and a network address of the boot server computer system 100 that contains the boot image file 168. The broadcast discover command includes the MAC address of the client computer system 132 …” Emphasis added.;
See also [0042] “The client MAC address 220 is a hardware address unique to each network interface on the client computer system 132 and is typically defined by the manufacturer” i.e. a globally unique identifier giving the claim the BRI.) 
receive connection information associated with the globally unique device identifier from the secure global registry, the connection information designating a particular cloud-based service for the device to connect to, ([0048] “the client computer system 132 receives the network address of the boot server computer system 100 and the name of the boot image 168 ….” Emphasis added. See also fig. 2, elements 220 and 240
i.e. the connection information – network address of a boot server giving the claim the BRI – identifies the particular service to connect to.) 
wherein the connection information is based on the device having been previously registered via the secure global registry to connect to the particular cloud-based service; ([0050] “block 410 where the plug-in 162 determines … the boot image network address specified in the boot image network address field 240 based on the received client network address, the received client MAC address ….” Emphasis added. 
See also Fig. 1, element 164 “boot table”; See also Fig. 2, elements 220 and 240 and [0020] – [0021] “The process controller 166 updates the contents of the boot table 164….” and [0015] “Thus, dynamic allocation of the boot server and boot image are possible without needing to manually modify hard-coded DHCP configuration files.”
i.e. the boot table is populated/updated prior to a request for a boot server address.) and
the client computer system 132 … retrieves the boot image 168 via the received network address and the boot image file name … client computer system 132 executes the boot image 168.”) 
Regarding Claim 2,
 Erikson teaches wherein the secure global registry comprises a single secure database.  (Fig. 2, element 164; See also [0020]. i.e. the boot table is stored in the memory of the boot server system – a single secure database giving the claim the BRI – ) 
Regarding Claim 7,
 Erickson teaches the memory having further computer-executable instructions stored thereupon which, when executed by the processor, cause the device to:
after connecting the device to the particular cloud-based service designated by the connection information received from the secure global registry: (Fig. 3, elements 340-345 followed by Fig. 3, element 300. i.e. when the client is rebooted after having connected with a boot server on the previous boot.) 
provide the globally unique device identifier that uniquely identifies the device to the secure global registry again; ([0045] “the client computer system 132 sends a broadcast discover command to the network 130, which requests a name of a boot image file 168 and a network address of the boot server computer system 100 that contains the boot image file 168. The broadcast discover command includes the MAC address of the client computer system 132 …” Emphasis added.;
See also [0042] “The client MAC address 220 is a hardware address unique to each network interface on the client computer system 132 and is typically defined by the manufacturer” i.e. a globally unique identifier giving the claim the BRI.) 
receive further connection information associated with the globally unique device identifier from the secure global registry, the further connection information designating another cloud-based service for the device to connect to, ([0048] “the client computer system 132 receives the network address of the boot server computer system 100 and the name of the boot image 168 ….” Emphasis added. See also fig. 2, elements 220 and 240)

 ([0015] “In various embodiments, a process controller may change the name of the boot image or the network address of the boot server that contains the boot image to the next name or address in a manufacturing, test, or installation sequence, in order to send different boot images to the client at different times.” Emphasis added.) 
 connect the device to the another cloud-based service designated by the further connection information received from the secure global registry.  ([0048] “the client computer system 132 … retrieves the boot image 168 via the received network address and the boot image file name … client computer system 132 executes the boot image 168.”)

Regarding Claim 8,
 Erikson teaches wherein the computer- executable instructions are executed in response to receipt of an electronic message requesting the device to acquire current connection information from the secure global registry. ([0049] “block 405 where the plug-in 162 receives the MAC address of the client computer system 132, the network address of the client computer system 132, and/or optional options data from the broadcast discover command.” Emphasis added. See also Fig. 4.)  
Regarding Claim 9,
 Erikson teaches wherein the computer-executable instructions are executed in response to received user input. ([0027] “The boot server computer system 100 may alternatively be a single-user system, typically containing only a single user display and keyboard input,”)  

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed 

Claim(s) 3 and 5
 is/are rejected under 35 U.S.C. 103 as being unpatentable over Erickson et al., US 2007/0083748 Al, (“Erickson”) in view of Radocchia et al., US 2017 /0345019 Al, (“Radocchia” cited by Applicant on IDS dated 8/7/2020).
Radocchia was cited as prior art in the previous office action. As such, its relevant teachings are hereby incorporated by reference to the extent applicable to the newly amended claims.
Regarding Claim 3,
 Erikson does not teach wherein the secure global registry comprises a public blockchain distributed structure.  Erikson goes on to teach a database/boot table in a DHCP/PXE protocol environment that may be hosted in a distributed environment (Erikson [0020]-[0021]).
Radocchia teaches wherein the secure global registry comprises a public blockchain distributed structure.  ([0030] “The open registry 106 stores registry data and is able to be a database, a blockchain … the open registry 106 is able to be self-controlled (based on the transaction rules inherent to the database) and publically accessible/viewable without any privileged permissions required.”)
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Radocchia with the teaching of Erikson as both references discuss managing data in database structures. Moreover Radocchia improves on Erikson’s teaching of a database/boot table in a DHCP/PXE protocol environment that may be hosted in a distributed environment (Erikson [0020]-[0021]) by teaching an open registry database which is “hardened against tampering and revision…,”  thus improving security in the system. (Radocchia [0026] and [0030])  

Regarding Claim 5,
 Erikson does not teach the memory having further computer-executable instructions stored thereupon which, when executed by the processor, cause the device to:
authenticate the device to the secure global registry using a device private key.  
Radocchia teaches the memory having further computer-executable instructions stored thereupon which, when executed by the processor, cause the device to:
authenticate the device to the secure global registry using a device private key.  .  ([0036] – [0037] “Upon receiving the challenge message, the circuit 206 of the tag 103 digitally signs the challenge message using the private key stored on the tag 103 and transmits the signed challenge ( e.g. the digital signature and the challenge message) to the device 104 … application 107 is able to further forward the signed message ( e.g. the digital signature and the challenge message) received from the tag 103 to the registry 106 such that all the validation is performed by the registry 106 which then indicates to the device 104 whether the authentication was a success.”) 
Claim(s) 4
 is/are rejected under 35 U.S.C. 103 as being unpatentable over Erickson et al., US 2007/0083748 Al, (“Erickson”) in view of Achkir et al., US 2019/0311108 Al, (“Achkir”).
Achkir was cited as prior art in the previous office action. As such, its relevant teachings are hereby incorporated by reference to the extent applicable to the newly amended claims.
Regarding Claim 4,
 Erickson does not teach wherein the secure global registry comprises a private blockchain distributed structure.  Erikson goes on to teach a database/boot table that may be hosted in a distributed environment (Erikson [0020]).
Achkir teaches wherein the secure global registry comprises a private blockchain distributed structure.  ([0021] – [0022]) 
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Achkir with the teaching of Erickson as both references are directed to managing data in databases. Moreover Achkir inproves on Erikson’s teaching of a database/boot table in a DHCP/PXE protocol environment that may be hosted in a distributed 
Claim(s) 6, 10, 12-13, 16, and 18-19
 is/are rejected under 35 U.S.C. 103 as being unpatentable over Erickson et al., US 2007/0083748 Al, (“Erickson”) in view of Komarla et al., US 2005/0149924 Al, (“Komarla”).
Komarla was cited as prior art in the previous office action. As such, its relevant teachings are hereby incorporated by reference to the extent applicable to the newly amended claims.
Regarding Claim 6,
 Erikson does not teach the memory having further computer-executable instructions stored thereupon which, when executed by the processor, cause the device to:
authenticate the device to the particular cloud-based service designated by the connection information received from the secure global registry.  
Komarla teaches the memory having further computer-executable instructions stored thereupon which, when executed by the processor, cause the device to: authenticate the device to the particular cloud-based service designated by the connection information received from the secure global registry.   ([0070] - [0071] “ In block 508, the server boot and provisioning system 454 accesses a platform identifier … the server boot and provisioning system 454 requests the platform identifier from the platform 400 … determines whether the platform identifier is in data store 310 (i.e., whether the platform identifier is valid). If so, processing continues to block 512, otherwise, processing continues to block 530.” Emphasis added.) 
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Komarla with the teaching of Erkison as both references are directed to booting computing systems. Moreover, Komarla improves on Erkison’s teaching of a dynamic boot server and boot image allocation system (Erkison [0015], [0041] – [0042])   a dynamic boot image allocation system which further adds a boot image integrity checking layer, (Komarla [0082],[0084]) thus improving delivery of the boot image and improving security of the system.
Regarding Claim 10,
 Erikson teaches A method, comprising:
creating a globally unique identifier that uniquely identifies a device; ([0042] “The client MAC address 220 is a hardware address unique to each network interface on the client computer system 132 and is typically defined by the manufacturer of the network interface device or the entire client computer system 132. ”) 
… and
 creating one or more entries in a secure global registry, the one or more entries comprising the globally unique identifier that uniquely identifies the device … and current cloud-based connection information for the device, See also Fig. 1, element 164 “boot table”; See also Fig. 2, elements 220 and 240 and [0041] “FIG. 2 depicts a block diagram of an example data structure for a boot table 164, … includes records 205, 210, and 215, but in other embodiments any number of records with any appropriate data may be present. Each of the records 205,210, and 215 includes a client MAC (Media Access Control) address field 220, a client network address field 225, an options field 230, a boot image file name field 235, and a boot image network address field 240.” Emphasis added. i.e. the MAC – globally unique identifier giving the claim the BRI – and the boot image network address and image file name – current cloud-based connection information giving the claim the BRI – are stored in the boot table – global secure registry giving the claim the BRI –)
wherein the current cloud- based connection information identifies a particular cloud-based endpoint ([0041] “a boot image network address field 240.” i.e. particular cloud based endpoint giving the claim the BRI) to which the device is designated to connect upon subsequently contacting the secure global registry to obtain the current cloud-based connection information.  ([0050] “block 410 where the plug-in 162 determines … the boot image network address specified in the boot image network address field 240 based on the received client network address, the received client MAC address ….” Emphasis added.) 

Note, as discussed above, Erikson goes on to teach that the boot table may contain any number of records/data as well as fields used in the PXE boot environment. (Erikson [0041] – [0042])
Komarla teaches obtaining a public/private key pair for the device, the public/private key pair comprising a device private key and a device public key; ([0037] “The I/O processor 210 is also connected to a tamper proof storage 226 that may be used to store a certificate. The certificate includes a public key used for decrypting a document, tag, etc. that is encrypted with a corresponding private key.” Emphasis added. See also Fig. 4A, elements 402 and 452)
creating entries in a secure global registry(Fig. 3, elements 300 and 310), the one or more entries comprising … the device public key([0072] “In block 514, the server boot and provisioning system 454 determines whether the platform identifier has an associated certificate 402.” See also [0037] “The certificate includes a public key used for decrypting a document, tag, etc. that is encrypted with a corresponding private key….” Emphasis added. )
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Komarla with the teaching of Erkison as both references are directed to booting computing systems. Moreover, Komarla improves on Erkison’s teaching of a dynamic boot server and boot image allocation system (Erkison [0015], [0041] – [0042])   a dynamic boot image allocation system which further adds a boot image integrity checking layer, (Komarla [0082],[0084]) thus improving delivery of the boot image and improving security of the system.
Regarding Claim 12,
 Erikson does not teach storing the device private key on the device; and  storing the globally unique identifier on the device.  
Komarla teaches further comprising:
The I/O processor 210 is also connected to a tamper proof storage 226 that may be used to store a certificate. The certificate includes a public key used for decrypting a document, tag, etc. that is encrypted with a corresponding private key.” Emphasis added.) and
 storing the globally unique identifier on the device. ([0046] “Each platform 400 has a platform identifier. In certain embodiments, the platform identifier may be a Globally- Unique Identification (GUID) … In certain embodiments, the platform identifier is sent by the platform 400 to the server boot and provisioning system 454 ….” Emphasis added.)  
Regarding Claim 13,
 Erikson teaches storing bootstrap code on the device, (Fig. 1, element 102, See also [0030] “The clients 132 may include some or all of the hardware and/or software elements previously described above for the boot server computer system 100.” and [0032]. i.e. the software executed in Fig. 3 is stored on the client computer – bootstrap code giving the claim the BRI –) 
wherein the bootstrap code causes the device to send the globally unique identifier to the secure global registry, (Fig. 3, element 320) receive the current cloud-based connection information from the secure global registry, (Fig. 3, element 340) and contact the particular cloud-based endpoint after receiving the current cloud-based  connection information from the secure global registry. (Fig. 3, element 340)  
Claim(s) 16 and 18-19
 recite(s) features that are substantially the same, save for the category of invention, as the method set forth in claim(s) 10 and 12-13. Therefore claim(s) 16 and 18-19 is/are rejected under the same reasoning set forth above over Erikson in view of Komorla.
Claim(s) 11, 14, and 17
 is/are rejected under 35 U.S.C. 103 as being unpatentable over Erickson et al., US 2007/0083748 Al, (“Erickson”) in view of Komarla et al., US 2005/0149924 Al, (“Komarla”) in further view of Radocchia et al., US 2017 /0345019 Al, (“Radocchia” cited by Applicant on IDS dated 8/7/2020).

Regarding Claim 11,
 Erikson in view of Komarla does not teach further comprising: signing the one or more entries in the secure global registry using an owner private key.  
Radocchia teaches signing the one or more entries in the secure global registry using an owner private key.  ([0036] “the device 104 generates and transmits a challenge message ( e.g. a random data set, a data set received from the registry 106) to the tag 103 at the step 310. Upon receiving the challenge message, the circuit 206 of the tag 103 digitally signs the challenge message using the private key stored on the tag 103 and transmits the signed challenge ( e.g. the digital signature and the challenge message) to the device 104” emphasis added. i.e. data from the registry – an intial entry giving the claim the BRI – is signed using the private key.) 
Erikson goes on to teach a database/boot table in a DHCP/PXE protocol environment that may be hosted in a distributed environment (Erikson [0020]-[0021]).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Radocchia with the teaching of Erikson as both references discuss managing data in database structures. Moreover Radocchia improves on Erikson’s teaching of a database/boot table in a DHCP/PXE protocol environment that may be hosted in a distributed environment (Erikson [0020]-[0021]) by teaching an open registry database which is “hardened against tampering and revision…,” thus improving security in the system. (Radocchia [0026] and [0030])  
Regarding Claim 14,
 Erikson in view of Komarla does not teach wherein the secure global registry comprises a public blockchain distributed structure.  
Radocchia teaches wherein the secure global registry comprises a public blockchain distributed structure.  ([0030] “The open registry 106 stores registry data and is able to be a database, a blockchain … the open registry 106 is able to be self-controlled (based on the transaction rules inherent to the database) and publically accessible/viewable without any privileged permissions required.”)
Claim(s) 17
 recite(s) features that are substantially the same, save for the category of invention, as the apparatus set forth in claim(s) 11. Therefore claim(s) 17 is/are rejected under the same reasoning set forth above over Erikson in view of Komarla in further view of Radocchia.
Claim(s) 15 and 20
 is/are rejected under 35 U.S.C. 103 as being unpatentable over Erickson et al., US 2007/0083748 Al, (“Erickson”) in view of Komarla et al., US 2005/0149924 Al, (“Komarla”) in further view of Achkir et al., US 2019/0311108 Al, (“Achkir”).
Achkir and Komarla were cited as prior art in the previous office action. As such, their relevant teachings are hereby incorporated by reference to the extent applicable to the newly amended claims.
Regarding Claim 15,
 Erikson in view of Komarla does not teach wherein the secure global registry comprises a private blockchain distributed structure.  
Achkir teaches wherein the secure global registry comprises a private blockchain distributed structure.  ([0021] – [0022]) 
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Achkir with the teaching of Erickson as both references are directed to managing data in databases. Moreover Achkir inproves on Erikson’s teaching of a database/boot table in a DHCP/PXE protocol environment that may be hosted in a distributed environment (Erikson [0020]-[0021]) by teaching a secure databse comprising a distributed blockchain architecture (Achkir [0021]), thus improving the security in the system. ([0013])
Claim(s) 20
 recite(s) features that are substantially the same, save for the category of invention, as the apparatus set forth in claim(s) 15. Therefore claim(s) 20 is/are rejected under the same reasoning set forth above over Erikson in view of Komarla in further view of Achkir.
Response to Arguments
Applicant’s arguments, see Remarks, filed 9/6/2021, with respect to the rejection(s) of claim(s) 1, 10, and 16 under 35 U.S.C. § 102 have been fully considered and are persuasive.  Therefore, the rejection Erikson for claim 1, and Erikson in view of Komarla for claims 10 and 16.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Subramanian, US 6,871,210 Bl for its teaching of providing dynamic boot server addresses to clients requesting boot server/images; and
Zimmer et al., US 2004/0255110 Al, for its teaching of booting a client from a boot server or another client; and
Mccarron et al., US 2009/0276620 Al, for its teaching of authenticating clients booting from a boot server.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to BRIAN J CORCORAN whose telephone number is (571)270-0549.  The examiner can normally be reached on M-F 07:30 - 16:30 EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jaweed Abbaszadeh can be reached on 571-270-1640.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 






/Brian J Corcoran/Examiner, Art Unit 2187                  

/JAWEED A ABBASZADEH/Supervisory Patent Examiner, Art Unit 2187