DETAILED ACTION
This action is response to communication:  response to election filed on 12/02/2021.
Claims 1-20 are currently pending in this application.  Applicants have elected Group I (claims 1-18) without traverse.  Claims 19-20 have been withdrawn.
The IDS filed on 04/27/2020 has been accepted.  
	
Election/Restrictions
Applicant’s election without traverse of the restriction requirement in the reply filed on 12/02/2021 is acknowledged.
Claims 19-20 are withdrawn from further consideration pursuant to 37 CFR 1.142(b) as being drawn to a nonelected group, there being no allowable generic or linking claim. Election was made without traverse in the reply filed on 12/02/2021.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention 

Claims 1, 3, and 7-13 are rejected under 35 U.S.C. 103 as being unpatentable Ndu et al. US Patent Application Publication 2019/0384918 (Nud), in view of Ishaya et. al US Patent Applciation Publication 2014/0282889 (Ishaya).
 
As per claim 1, Ndu teaches a management controller comprising (paragraph 13 and Figure 1 with device 120) to: a communication interface to communicate with a computing device, wehrien the management controller is separate from a processor of the computing 
	Although Ndu teaches validating codes, Ndu does not explicitly teach in response to the validation of the program codes, unlock access of information in an information store to allow access of the information by the computing device, wherein the information is for use by the cluster of virtual entities of the computing device, and wherein the management controller is to block access of the information in the information store prior to the validation.  However, this would have been obvious.  For example, see Ishaya (paragraph 35 with plurality of virtual machines; see claim 1 with authentication manager controls access by the virtual machine to resource/configuration information; after authentication, virtual machine instance may access resource; see paragarph 191 for authentication by authentication manager; see paragraph 175 with controlling access to resources based on identity; access may be allowed or blocked based on identity based authentication).
	At the time the invention was filed, it would have been obvious to one of ordinary skill in the art to combine the teachings of Ndu with Ishaya.  One of ordinary skill in the art would have been motivated to perform such an addition to authenticate newly instantiated virtual machine instances based on their identity (paragraph 9).
	As per claim 3, it would have been obvious over the Ndu combination wherein the virtual entities comprise virtual machines, and wherein the validation of the program codes 
	As per claim 7, the Ndu combination teaches wherein the information inthe information store comprises configuration data for configuring the virtual entities (throughout Ishaya; see abstract wherein the resources are configuration resources).
	As per claim 8, it would have been obvious over the Ndu combination wherein the information the information store comprises an authentication key for use by the virtual entities in performing authentication (obvious over Ishaya; see paragraph 100 wherein keys may be used for authentication for particular resources such as particular machines)
	As per claim 9, it would have been obvious over the Ndu combination wherein the validation is based on computing a hash value of each of the program codes (Ishaya paragraph 181-182 with utilizing hash value to authenticate virtual machine).
	As per claim 10, it would have been obvious over the Ndu combination further comprising a communciationn interface to communicate with a remote entity as part of management of the computing device (Ishaya Figure 1 and Figure 2 with connecting to networks).
	As per claim 11, it would have been obvious over the Ndu combination wherein the management controller is a baseboard management controller (Ndu paragraph 6 and Figure 5).
	 As per claim 12, it would have been obvious over the Ndu combination to further validate other program codes of the computing device, prior to the validatin of the program codes of the virtual entities (Ishaya paragraph 16-18 with authenticating/verifying the boot process and measurement driver.
	As per claim 13, it would have been obvious over the Ndu combination where the other program codes comprise a boot code and an operating system code of the computing device (paragraphs 16-18 with verifying boot code and boot process; see paragarph 34 wherein OS is loaded part of the boot process, and thus verified).


Claims 2 and 4-6 are rejected under 35 U.S.C. 103 as being unpatentable over the Ndu combination as applied above, and further in view of Gupta et al. US Patent Application Publication 2018/0349610 (Gupta)
As per claim 2, the Ndu combination teaches the validation of the program codes in the computing device (see Ishaya abstract, claim 1 and throughout) , but does not explicitly teach wherein the virtual entities comprise containers.  However, this would have been obvious.  For example, see Gupta (abstract, paragraph 16, and throughout with authenticating containers).
At the time the invention was filed, it would have been obvious to one of ordinary skill in the art to combine the teachings of the Ndu combination with Gupta.  One of ordinary skill in the art would have been motivated to perform such an addition to create more security by providing trusted deployment of application containers (paragraph 1 of Gupta)
As per claim 4, The Ndu combination does not explicitly teach wherein the management processor is to unlock the access of the information in the information store by sending a key to the computing device.  However, utilizing keys to access/decrypt virtual entities is well known in the art.  For example, see Gupta (paragraph 15, 16, with key management service providing keys to decrypt container images).
At the time the invention was filed, it would have been obvious to one of ordinary skill in the art to combine the teachings of the Ndu combination with Gupta.  One of ordinary skill in the art would have been motivated to perform such an addition to create more security by providing trusted deployment of application containers (paragraph 1 of Gupta).
As per claim 5, the Ndu combination teaches wherein the key comprises a decryption key to decrypt encrypted information in the information store (Gupta paragraph 15 with decrypting container images).


Claims 14 is rejected under 35 U.S.C. 103 as being unpatentable Ndu et al. US Patent Application Publication 2019/0384918 (Nud), in view of Ishaya et. al US Patent Applciation Publication 2014/0282889 (Ishaya), and further in view of Brandwine et al. US Patent No. 9,626,512 (Brandwinde)
As per claim 14, Ndu teaches a non-transitory machine-readable storage medium comprising instructions that upon execution cause a management controller (paragraph 13 and Figure 1 with device 120) to: perform validation of program codes of a cluster of virtual entities 
	Although Ndu teaches validating codes, Ndu does not explicitly teach in response to the validation of the program codes, unlock access of information in an information store to allow access of the information by the computing device, wherein the information is for use by the cluster of virtual entities in interacting with one another and to execute tasks of the virtual entities in the cluster of virtual entities, and wherein the management controller is to block access of the information in the information store prior to the validation.  However, this would have been obvious.  For example, see Ishaya (paragraph 35 with plurality of virtual machines; see claim 1 with authentication manager controls access by the virtual machine to resource/configuration information; after authentication, virtual machine instance may access resource; see paragarph 191 for authentication by authentication manager; see paragraph 175 with controlling access to resources based on identity; access may be allowed or blocked based on identity based authentication).
	At the time the invention was filed, it would have been obvious to one of ordinary skill in the art to combine the teachings of Ndu with Ishaya.  One of ordinary skill in the art would have been motivated to perform such an addition to authenticate newly instantiated virtual machine instances based on their identity (paragraph 9).
	Although Ndu and Ishaya teach  the management controller separate from the computing device, the combination does not explicitly teach an auxiliary power supply.  
	At the time the invention was filed, it would have been obvious to one of ordinary skill in the art to combine the teachings of the Ndu combination with Brandwine.  One of ordinary skill in the art would have been motivated to perform such an addition to provide more security by providing a trusted platform module (col. 2 lines 14-43).
	
Claims 15-18 are rejected under 35 U.S.C. 103 as being unpatentable over the Ndu combination as applied above, and further in view of Gupta et al. US Patent Application Publication 2018/0349610 (Gupta)

As per claim 15, the Ndu combination does not explicitly teach wherein the cluster of virtual entities comprises a master virtual entity and a worker virtual entity.  This would have been obvious.  For example, see Gupta (paragraph 16 with container manager and vrtm as master and containerized images are workers).
At the time the invention was filed, it would have been obvious to one of ordinary skill in the art to combine the teachings of the Ndu combination with Gupta.  One of ordinary skill in the art would have been motivated to perform such an addition to create more security by providing trusted deployment of application containers (paragraph 1 of Gupta)
	As per claim 16, the Ndu combination teaches wherein the master virtual entity coprises processes of a master node, and the worker virtual entity comprises processes of a worker node (paragraph 16 with management and authentication processes of master node and application processes from application containers).

At the time the invention was filed, it would have been obvious to one of ordinary skill in the art to combine the teachings of the Ndu combination with Gupta.  One of ordinary skill in the art would have been motivated to perform such an addition to create more security by providing trusted deployment of application containers (paragraph 1 of Gupta)
	As per claim 18, the Ndu combination teaches wherein the key comprises a decryption key to decrypt encrypted information in the information store (Gupta paragraph 15 with decrypting container images). 

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JASON KAI YIN GEE whose telephone number is (571)272-6431.  The examiner can normally be reached on Monday-Friday 8:30-5:00 PST Pacific.

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).

/JASON K GEE/Primary Examiner, Art Unit 2495