DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Information Disclosure Statement
The information disclosure statements (IDS) submitted on 05/28/2020 have been considered. The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly an initialed and dated copy of Applicant's IDS form 1449 filed 05/28/2020 are attached to the instant Office action.

Acknowledgements
This communication is in response to
Application claim amendments filed on 08/04/020, and 
Authorization for the below examiner’s claim amendments was given by email by Mr. Jong Park (Reg. No. 60,953) on 10/28/2021.
Drawing Replacement sheet for Figure 2 filed on 11/01/2021 is accepted.

The claims filed on 08/04/020 have been entered.

An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.

Examiner’s Amendment
Note: Proposed amendments marked manually with underlining and 

Specification
Please amend Paragraph [0030] as follows.
[0030] “Each blockchain node 11, 12, 13 authenticates its identity to prove that it is a proper node when participating in the blockchain network 10. To this end, each blockchain node 11, 12, 13 is issued a key and a certificate for identity authentication25 through a key management server 13, and the key and certificate are collected and stored 6in a separate security medium 14 accessible by the key management server 13. Each blockchain node 11, 12 requests a key and a certificate from the key management server 13 when identity authentication is required, and the key management server 13 reads the key and certificate from the security medium [[4]] 14 and provides them to the requesting 5blockchain nodes 11 and 12 after decryption.”

Please amend Paragraph [0033] as follows.
[0033] “However, this conventional key management method had several serious problems. First, since the keys and certificates of all the blockchain nodes 11, 12, [[30]] 13 are stored and managed in one place, when there is a problem with the key management server 13 or the security medium 14 that stores and manages them, the problem of single points of failure that the entire blockchain network 10 cannot operate 

Claims

Claim 1 (Currently Amended): A decentralized key management system comprising: 
a bootstrap software module for generating a key and obtaining a certificate corresponding to the generated key; 
a memory for receiving the key and the certificate from the bootstrap and storing the key and the certificate; 
a container comprising a computer module, in response to a mount command of the bootstrap, for reading the key and the certificate from the memory and being mounted with the key and the certificate; 
a controller for generating the bootstrap, and deleting the bootstrap after the container mounts the key and the certificate;
a storage for receiving the key and the certificate from the bootstrap and storing the key and the certificate, wherein the controller regenerates the bootstrap when there is a request to restore a node of a blockchain network from a client device after deleting the bootstrap; the regenerated bootstrap reads the key and the certificate from the storage and stores again the key and the certificate in the memory; and  
the container, in response to the regenerated bootstrap, reads the key and the certificate stored again in the memory and re-mounted with the key and the certificate, and restores the node using the re-mounted key and the certificate.

Claim 2 (Cancelled): 

Claim 3 (Currently Amended): The decentralized key management system of claim [[2]] 1, wherein the memory and the storage are accessible only through the bootstrap except when the container reads the key and the certificate from the memory.  

Claim 4 (Currently Amended): The decentralized key management system of claim [[2]] 1, wherein the bootstrap encrypts the key, and provides the encrypted key to the storage, and provides the key without the encryption to the memory.  

Claim 5 (Currently Amended): The decentralized key management system of claim [[2]] 1, wherein the controller regenerates the bootstrap to restore at least one of the key and the certificate when the at least one of the key and the certificate stored in the memory is deleted.  



Claim 7 (Previously Presented): The decentralized key management system of claim 6, wherein the controller deletes the regenerated bootstrap after the container mounts the at least one of the key and the certificate stored again in the memory.  

Claim 8 (Previously Presented): The decentralized key management system of claim 1, wherein the controller, in response to a node generating request from a client device, generates the bootstrap; and Page 5 of 19Appl. No.: 16/885,480the container configures a node of a blockchain network and performs authentication of the node using the mounted key and certificate.  

Claim 9 (Cancelled).

Claim 10 (Currently Amended): The decentralized key management system of claim [[9]] 1, wherein the controller deletes the regenerated bootstrap after the container restores the node.  



Claim 12 (Currently Amended): A decentralized key management method performed by a computing device, comprising: 
generating a bootstrap; generating a key using the bootstrap and obtaining a certificate corresponding to the generated key; 
storing the key and the certificate in a memory; 
mounting the key and the certificate stored in the memory to a container; 
deleting the bootstrap after mounting the key and the certificate;
storing the key and the certificate in a storage, 
regenerating the bootstrap when there is a request to restore a node of a blockchain network from a client device after deleting the bootstrap; 
reading, with the regenerated bootstrap, the key and the certificate from the storage and storing again the key and the certificate in the memory; and 
in response to the regenerated bootstrap, reading the key and the certificate stored again in the memory and re-mounting the key and the certificate on the container, and restoring the node using the re-mounted key and the certificate.
  

regenerating the bootstrap in response to a request to restore at least one of the key and certificate; 
reading the key and the certificate stored in a storage using the regenerated bootstrap and storing again the key and the certificate in the memory; 
re-mounting the key and the certificate stored again in the memory to the container; and 
deleting the regenerated bootstrap after mounting again the key and the certificate.  

Claim 14 (Currently Amended): A computer program for driving a decentralized key management system, the computer program comprising computer-executable code embodied on a non-transitory computer readable recording medium for executing steps comprising: 
generating a bootstrap; 
generating a key using the bootstrap, and 
obtaining a certificate corresponding to the generated key; 
storing the key and the certificate in a memory; 
mounting the key and the certificate stored in the memory to a container; 
deleting the bootstrap after mounting the key and the certificate.  
	storing the key and the certificate in a storage, 
regenerating the bootstrap when there is a request to restore a node of a blockchain network from a client device after deleting the bootstrap; reading, with the regenerated bootstrap, the key and the certificate from the storage and storing again the key and the certificate in the memory; and 
in response to the regenerated bootstrap, reading the key and the certificate stored again in the memory and re-mounting the key and the certificate on the container, and restoring the node using the re-mounted key and the certificate.

Claim 15 (Previously Presented): The computer program of claim 14, wherein the bootstrap is generated in response to a node generating request from a client device; and the steps further comprises configuring a node of a blockchain network and performs authentication of the node using the mounted key and certificate.  

Claim 16 (Cancelled).

Claim 17 (Previously Presented): The decentralized key management method of claim 12, wherein the bootstrap is generated in response to a node generating request from a client device; and Page 8 of 19Appl. No.: 16/885,480 Docket No: Q32120KS04the decentralized key management method further comprises configuring a node of a blockchain network and performs authentication of the node using the mounted key and certificate.  

Claim 18 (Cancelled). 

Allowable Subject Matter
Above Claims 1, 3-8, 10-15 and 17 are allowed.
The following is a statement of reasons for indication of allowable subject matter.
Cited and relevant prior art of record:
Bose et. al. (US 20190288995 A1),
Kim et. al. (US 9769801 B2), hereinafter Kim_1,
Peng et. al (US 20170257221 A1),
Kim et. al. (US 20150358824 A1), hereinafter Kim_2, and
Lambert (US 20170104589 A1),
Bose discloses unstaging a renewed secret (e.g., by granting it a lease to unstage the secret), upon which a role can accept the renewed secret by removing the staged property from the cached secret. For example, the role may call a method of credentials management service that accepts the renewed secret in secrets store. 
Kim_1 discloses updating bootstrap information regarding a specific resources in a wireless communication, and further discloses that a client is re-bootstrapped when errors are continuously generated in communication between the client and a server.
Peng discloses digital certificates separately issued for a cloud management host, physical cloud computing host and virtual cloud computing machine, are stored in a certificate key which supports the storage of a plurality of digital certificates that are isolated from each other through certificate containers, each container in the certificate key is arranged to store a separate digital certificate, and the reader of each digital certificate can only read the digital certificate according to the user’s right.

Lambert discloses no communication required between a vehicle and a key sharing server in order to register the owner. After a first successful use, the vehicle may disable the registration code so that even if the registration code is lost, no other user can register with the vehicle.
While the above prior arts disclose the aforementioned concepts, however, none of the above prior arts, individually or in combination, discloses all the limitations in the manner recited in the independent claims. Specifically, none of the above prior art discloses bootstrap generation for generating a key and obtaining a certificate, deleting the bootstrap after a container is mounted with the key and certificate, regeneration of the bootstrap when there is a request to restore a node of a blockchain network from a client device after deleting the bootstrap and re-mounting the container with the key and certificate. Therefore, the above limitations in conjunction with the remaining limitations of the independent claims render the above independent claims allowable.

Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee. Such submissions should be clearly labeled "Comments on Statement of Reasons for Allowance."

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to BASSAM A NOAMAN whose telephone number is (571)272-2705.  The examiner can normally be reached on Monday-Friday 8:30 AM-5:00PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni A. Shiferaw can be reached on (571) 272-3867.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




/BASSAM A NOAMAN/Examiner, Art Unit 2497                                                                                                                                                                                                        /ELENI A SHIFERAW/Supervisory Patent Examiner, Art Unit 2497