DETAILED ACTION

1.	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

 2.        An examiner's amendment to the record appears below. Should the changes and/or additions be unacceptable to Applicant, an amendment may be filed as provided by 37 CFR 1.312.  To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.

  	Authorization for this examiner's amendment was given in a telephone interview with Mr. Joseph Mencher, of registration number 56,822, on October 5,2021. During the telephone interview, Mr. Mencher has agreed and authorized the examiner to amend claims 1, 7, and 14.

CLAIMS

3.	Replace following Claims:
Claim 1 (Currently Amended) A redundant key management system, comprising: 
    a network; 
    a key management system that is coupled to the network and configured to generate a device locking key and transmit that key through the network; and 
    a first server device that is coupled to the network, wherein the first server device includes: 
    a managed device; and 
    a first remote access controller device that is coupled to the managed device, that operates independently of an operating system included on the first server device, that uses a first dedicated out-of-band
    network connection to the network that is separate from an in-band network connection used by the operating system, and that is configured to:

           lock, using the device locking key, the managed device; 
           encrypt the device locking key to provide an encrypted device locking key; 
           broadcast, through the network to a plurality of second remote access controller devices provided in respective second server devices, the encrypted device locking key as part of a first blockchain
           transaction that is directed to a blockchain address that is associated with a smart contract on a blockchain that is maintained by the first remote access controller device and the plurality of second 
           remote access controller devices,  
           wherein each of the plurality of second remote access controller devices: 
                  [ operates independently of a respective operating system included on the respective second server device in which that second remote access controller device is provided; and 
                   [ uses a respective second dedicated out-of-band network connection to the network that is separate from a respective in-band network connection used by the respective operating system included
                   on the respective second server device in which that second remote access controller device is provided, and wherein one of the plurality of second remote access controller devices is configured to
                   process the first blockchain transaction to cause the smart contract to execute and store the encrypted device locking key on the blockchain;  
           erase, subsequent to broadcasting the device locking key, the encrypted device locking key; 
           transmit, subsequent to erasing the device locking key, a request to retrieve the encrypted device locking key as part of a second blockchain transaction that is directed to the blockchain address that is 
           associated with the smart contract, wherein one of the plurality of second remote access controller devices is configured to process the second blockchain transaction to cause the smart contract to

           receive, through the network from the at least one of the plurality of second remote access controller devices in response to transmitting the request to retrieve the device locking key, the encrypted
           device locking key; 
           decrypt the encrypted device locking key to provide the device locking key; and use the device locking key to unlock the managed device.

Claim 7. (Currently Amended) An Information Handling System (IHS), comprising: 
           a first processing system; and 
           a first memory system that is coupled to the first processing system and that includes instructions that, when executed by the first processing system, cause the first processing system to provide a remote access controller engine that operates independently of an operating system that is provided by a second processing system executing instructions included on a second memory system in the IHS, and that is configured to: 
              receive, through a network from a key management system via a first dedicated out-of-band network connection that is separate from an in-band network connection used by the operating system, a device locking key; 
              lock, using the device locking key, a managed device; 
              encrypt the device locking key to provide an encrypted device locking key; 
              broadcast, through the network to a plurality of remote access controller devices provided in respective server devices, the encrypted device locking key_as part of a first blockchain transaction that is directed to a blockchain address that is associated with a smart contract on a blockchain that is maintained by the remote access controller engine and the plurality of remote access controller devices, wherein each of the plurality of remote access controller devices: 
operates independently of a respective operating system included in the respective server device in which that remote access controller device is provided; and 
                        [ uses a respective second dedicated out-of-band network connection to the network that is separate from a respective in-band network connection used by the respective operating system included on the respective server device in which that remote access controller device is provided, and wherein one of the plurality of remote access controller devices is configured to process the first blockchain transaction to cause the smart contract to execute and store the encrypted device locking key on the blockchain; 
                erase, subsequent to broadcasting the device locking key, the encrypted device locking key; 
                transmit, subsequent to erasing the device locking key, a request to retrieve the encrypted device locking key as part of a second blockchain transaction that is directed to the blockchain address that is associated with the smart contract, wherein one of the plurality of remote access controller devices is configured to process the second blockchain transaction to cause the smart contract to execute and transmit the encrypted device locking key to the remote access controller engine; 
               receive, through the network from the at least one of the plurality of remote access controller devices in response to transmitting the request to retrieve the device locking key, the encrypted device locking key;
               decrypt the encrypted device locking key to provide the device locking key; and use the device locking key to unlock the managed device.

Claim 14. (Currently Amended) A method for redundant key management, comprising: 
         receiving, by a first remote access controller device in a first server device through a network from a key management system, a device locking key, wherein the first remote access controller device operates independently of an operating system included on the first server device, and uses a first dedicated out-of-band network 
           locking, by the first remote access controller device using the device locking key, a managed device; 
           encrypting, by the first remote access controller device, the device locking key to provide an encrypted device locking key; 
           broadcasting, by the first remote access controller device through the network to a plurality of second remote access controller devices provided in respective second server devices, the encrypted device locking key as part of a first blockchain transaction that is directed to a blockchain address that is associated with a smart contract on a blockchain that is maintained by the first remote access controller device and the plurality of second remote access controller devices, wherein each of the plurality of second remote access controller devices: 
                      [ operates independently of a respective operating system included on the respective second server device in which that second remote access controller device is provided; and 
                     [ uses a respective second dedicated out-of-band network connection to the network that is separate from a respective in-band network connection used by the respective operating system included on the respective second server device in which that second remote access controller device is provided, and wherein one of the plurality of second remote access controller devices is configured to process the first blockchain transaction to cause the smart contract to execute and store the encrypted device locking key on the blockchain;
          erasing, by the first remote access controller device subsequent to broadcasting the device locking key, the encrypted device locking key; 
           transmitting, by the first remote access controller device subsequent to erasing the device locking key, a request to retrieve the encrypted device locking key as part of a second blockchain transaction that is directed to the blockchain address that is associated with the smart contract, wherein one of the plurality of second remote access controller devices is configured to process the second blockchain transaction to 
           receiving, by the first remote access controller device through the network from the at least one of the plurality of second remote access controller devices in response to transmitting the request to retrieve the device locking key, the encrypted device locking key; 
          decrypting, by the first remote access controller device, the encrypted device locking key to provide the device locking key; and 
          using, by the first remote access controller device, the device locking key to unlock the managed device. 

Allowable Subject Matter

4.	Claims 1-20 are allowed.

Examiner’s statement of reason of allowance

 5.	The following is an examiner’s statement of reasons for allowance: 
           The present invention is directed to a method for redundant key management. The prior art of record fails to teach or fairly suggest neither singly nor in combination a method, an apparatus, and a system for redundant key management, in the manner and combinations recited in independent claims 1, 7, and 14, and having the uniquely distinct features of:
                      “broadcast, through the network to a plurality of second remote access controller devices provided in respective second server devices, the encrypted device locking key as part of a first blockchain transaction that is directed to a blockchain address that is associated with a smart contract on a blockchain that is maintained by the first remote access controller device and the plurality of second remote access controller devices, wherein each of the plurality of second remote access controller devices: 
operates independently of a respective operating system included on the respective second server device in which that second remote access controller device is provided; and 
                             uses a respective second dedicated out-of-band network connection to the network that is separate from a respective in-band network connection used by the respective operating system included on the respective second server device in which that second remote access controller device is provided, and wherein one of the plurality of second remote access controller devices is configured to process the first blockchain transaction to cause the smart contract to execute and store the encrypted device locking key on the blockchain;  
                      erase, subsequent to broadcasting the device locking key, the encrypted device locking key;”.
           Claims 2-6, 8-13, and 15-20 incorporate the allowable features recited above, through dependency, and are also allowed.
            The closest prior arts, Kahler et al. (U.S. 2012/0233455 A1) disclose redundant key server encryption environment; Acar et al. (U.S. 2015/0215118 A1) disclose role-based distributed key management; Dobrek et al. (U.S. 10,320,843 B1) disclose a method for encrypted electronic storage and confidential network transfer of private data through a trustless distributed ledger technology system; and Khartri et al (U.S. 2015/0193620 A1) disclose a method for managing secure boot certificates.  The cited prior art does not teach or suggest, alone or in combination,
                      “broadcast, through the network to a plurality of second remote access controller devices provided in respective second server devices, the encrypted device locking key as part of a first blockchain transaction that is directed to a blockchain address that is associated with a smart contract on a blockchain that is maintained by the first remote access controller device and the plurality of second remote access controller devices, wherein each of the plurality of second remote access controller devices: 
                             operates independently of a respective operating system included on the respective second server device in which that second remote access controller device is provided; and 
uses a respective second dedicated out-of-band network connection to the network that is separate from a respective in-band network connection used by the respective operating system included on the respective second server device in which that second remote access controller device is provided, and wherein one of the plurality of second remote access controller devices is configured to process the first blockchain transaction to cause the smart contract to execute and store the encrypted device locking key on the blockchain;  
                      erase, subsequent to broadcasting the device locking key, the encrypted device locking key;”, in combination with the other claimed limitations.

Conclusion

6.	Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee. 

           7.     Any inquiry concerning this communication or earlier communications from the examiner should be directed to Peiliang Pan whose telephone number is (571) 272-5987.  The examiner can normally be reached on Monday-Friday 8:00 am - 5:00 pm EST.
         If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Saleh Najjar can be reached on (571) 272-4006.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
         Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service 


/Peiliang Pan/
Examiner, Art Unit 2492

/MICHAEL W CHAO/Examiner, Art Unit 2492