DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This Office Action is responsive to application 16/857,518 that the Applicant filed on April 24, 2020 and presented 20 claims.  Original claims 1-20 remain pending in the application. 
Claim Objections
Claim 1 is objected to because of the following informalities: “a second memory medium memory medium” should read “a second memory medium.”  Appropriate correction is required.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The following conventions apply to the mapping of the prior art to the claims:
Italicized text – claim language.
Parenthetical plain text – Examiner’s citation and explanation.
Quotation marks – language quoted from a prior art reference.
Underlining – language quoted from a claim.
Brackets – material altered from either a prior art reference or a claim, which includes the Examiner’s explanation that relates a claim limitation to the quoted material of a reference.
Braces – a limitation previously addressed in the primary reference analysis, but presented to provide context to a further limitation addressed in a secondary reference analysis.
Numbered footnote – a first phrase to be moved upwards to the primary reference analysis.
Lettered footnote – a second phrase to be moved after the movement of the first phrase from which it was lifted, or more succinctly, move numbered material first, lettered material last.
A.	Claims 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over Olarig et all (US 2020/0097659, “Olarig”) in view of Dasari et al. (US 2018/0114024, “Dasari”), and further in view of Smith et al. (2018/0004953, “Smith”).
Regarding Claim 1
Olarig discloses
An information handling system (¶ [0012], i.e., the computer system that includes the BMC, FPGA, and authority server), comprising: 
at least one processor (¶ [0064], “Further, the various components of these devices may be a process or thread, running on one or more processors,…,” and Fig. 2, ¶ [0044], “CPU 205”); and 
1 …, 
that stores instructions executable by the at least one processor (¶ [0064], “The computer program instructions are stored in a memory which may be implemented [and thereby executed via the processor] in a computing device using a standard memory device,…”); 
an integrated circuit (IC) (Fig. 2, ¶¶ [0044]-[0045], i.e., “FPGA SSD 203,” i.e., the field programmable solid state dive is an integrated circuit, noting claim 5 limits an IC to an FPGA); and 
an authentication device (Fig. 2, ¶¶ [0044]-[0046], “BMC 206,” “When the BMC [as the authentication device] is used as a security [validation/authentication] manager for the FPGA SSD 203…,” and “Moreover, the different example embodiments of the present disclosure use BMC (e.g., BMC 206) to authenticate the leaser or the user, and validate [and thereby authenticat[e]] the proposed FPGA configuration that may be supported by the selected or assigned FPGA SSDs (e.g., FPGA SSD 203)”); 
wherein the authentication device (Fig. 2, ¶¶ [0044]-[0046]) is configured to: 
2 ….
a/b access a/the second memory medium… (Fig. 2, ¶¶ [0044]-[0046], “The FPGA SSD 203 also includes NVM [non-volatile memory] over fabric (NVMf) module 210 [as the second memory medium]” and “as the BMC (e.g., BMC 206) is capable of accessing all the [NVMf of the] SSDs (e.g., FPGA SSD 203),”)
Olarig doesn’t disclose
	1 a first memory medium, coupled to the at least one processor,…
	2 {access a second memory medium}a, which stores firmware of the IC and a digital signature of the firmware, to obtain the firmware; 
receive the firmware from the second memory medium; 
{access the second memory medium}b to obtain the digital signature of the firmware, 
wherein the digital signature includes an encrypted hash value, encrypted via an asymmetric encryption process with a private encryption key; 
receive the digital signature of the firmware from the second memory medium; 
determine a first hash value of the firmware; 
decrypt the encrypted hash value, via the asymmetric encryption process with a public encryption key associated with the private encryption key, to obtain a second hash value; 
determine if the first hash value matches the second hash value; 
if the first hash value matches the second hash value, permit the information handling system to boot an operating system; and 
if the first hash value does not match the second hash value, prevent the information handling system from booting the operating system.  
Dasari, however, discloses
	1 a first memory medium, coupled to the at least one processor,… (Fig. 3, Col. 5:59-Col. 6:6, i.e., “device memory 330” that is coupled to “CPU 350” that corresponds to the “CPU 205” Olarig (Fig. 2))
Smith, however, discloses
	2 {access a second memory medium (Olarig Fig. 2, ¶¶ [0044]-[0046])},a which stores firmware of the IC (Olarig ¶¶ [0044]-[0045], Smith Fig. 1 as “component 140”) and a digital signature of the firmware (Fig. 6, i.e., as illustrated, the “software image 610” as firmware and the “signature 612” are stored within the “NVMf 210”/second memory medium of Olarig; and ¶ [0041], “…extra precautions might be provided to prevent tampering with the boot firmware stored in persistent memory”), to obtain the firmware (Fig. 6, ¶ [0044], “A software image 650 [as the firmware] on the secure boot side is provided [and thereby accessed by the BMC of Olarig as the authentication device/”security manager”] along with a signature 652”); 
receive the firmware from the second memory medium (Fig. 6, ¶ [0044], “A software image 650 [as the firmware] on the secure boot side is provided [and thereby receive[d] by the BMC of Olarig as the authentication device/”security manager”] along with a signature 652”); 
{access the second memory medium (Olarig Fig. 2, ¶¶ [0044]-[0046])}b to obtain the digital signature of the firmware (Fig. 6, ¶ [0044], “The software image 610 [as firmware] is used to generate a hash 620 that is encrypted 622 with a private key 624 to create the signature [of the firmware] 612,” and “A software image 650 on the secure boot side is provided [and thereby accessed by the BMC of Olarig as the authentication device/”security manager”] along with a [digital] signature 652”), 
wherein the digital signature includes an encrypted hash value, encrypted via an asymmetric encryption process with a private encryption key (Fig. 6, ¶ [0044], “The software image 610 [as firmware] is used to generate a hash 620 that is [asymmetric[ally]] encrypted 622 with a private key 624 to create the signature [of the firmware] 612,”); 
receive the digital signature of the firmware from the second memory medium (Fig. 6, ¶ [0044], “A software image 650 on the secure boot side is provided [and thereby receive[d] by the BMC of Olarig as the authentication device/”security manager”] along with a [digital] signature 652”); 
determine a first hash value of the firmware (Fig. 6, ¶ [0044], “The software image 650 [as firmaware] is hashed 660 [to determine a first hash value of the firmware]”); 
decrypt the encrypted hash value, via the asymmetric encryption process with a public encryption key associated with the private encryption key, to obtain a second hash value (Fig. 6, ¶ [0044], “…a hash [value] 676 decrypted with the public key 674 [to obtain a second hash value]”); 
determine if the first hash value matches the second hash value (Fig. 6, “The software image 650 is hashed 660 [as the first hash value] and compared 662 [for a determin[ation]] with a hash 676 [as the second hash value] decrypted with the public key 674.”); 
if the first hash value matches the second hash value, permit the information handling system to boot an operating system (Fig. 6, ¶ [0044], “If the hashes match at 680, the boot is secure.”); and 
if the first hash value does not match the second hash value, prevent the information handling system from booting the operating system (Fig. 6, ¶ [0044], “If the verification process does not check out, this might indicate tampering with the system and progress from the current boot stage to the next boot stage may be blocked [and thereby prevent[ed]].”).  
Regarding the combination of Olarig and Dasari, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the security system of Olarig to have included BMC memory feature of Dasari. One of ordinary skill in the art would have been motivated to incorporate BMC memory feature of Dasari because a memory is a fundamental component of a computer system. 
Regarding the combination of Olarig-Dasari and Smith, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the security system of Olarig-Dasari to have included the authentication/security feature of Smith. One of ordinary skill in the art would have been motivated to incorporate the authentication feature of Smith because Smith teaches “That is, it may generally be desirable to impose a number of restrictions on the typical behavior or operations of the industrial controller in order to improve the overall security of the industrial control system. For example, as set forth in detail below, operating the industrial controller in a secure fashion [that require authenction] may generally block the execution of unauthorized executable files and/or block access to the industrial controller by unauthorized persons or systems.”  See Smith ¶ [0020]. 
Regarding Claim 2
Olarig in view of Dasari, and further in view of Smith (“Olarig-Dasari-Smith”) discloses the information handling system of claim 1, and Olarig further discloses
wherein the authentication device (Fig. 2, ¶¶ [0044]-[0046]) includes the at least one processor, a platform controller hub of the information handling system, a baseboard management controller (Fig. 2, ¶¶ [0044]-[0046], “BMC 206,”) of the information handling system (¶ [0012]), or a microcontroller of the information handling system.  
Regarding Claim 3
Olarig-Dasari-Smith discloses the information handling system of claim 2, and Olarig further discloses 
wherein the authentication device (Fig. 2, ¶¶ [0044]-[0046]) includes the baseboard management controller (Fig. 2, ¶¶ [0044]-[0046]) or the microcontroller; and 
wherein the baseboard management controller or the microcontroller stores the public encryption key (¶ [0045], “When the BMC is used as a security manager for the FPGA SSD 203, as shown in FIG. 2, at 1, a host device may send a public key to the target FPGA SSD 203, at 2, FPGA SSD 203 may receive the public key from the host device and forward the public key to the BMC 206 [where it is then store[d];” see also Smith Fig. 6, ¶ [0044], “public key 654”).  
Regarding Claim 4
Olarig-Dasari-Smith discloses the information handling system of claim 2, and Olarig further discloses 
further comprising: a non-volatile memory medium (Fig. 2, ¶ [0044], “The FPGA SSD 203 also includes NVM [non-volatile memory medium] over fabric (NVMf) module 210,…”); 
wherein the non-volatile memory medium stores the public encryption key (¶ [0045], “at 2, FPGA SSD 203 may receive [and thereby store[]] the public key from the host device and forward the public key to the BMC 206;” and ¶ [0035], “a battery is needed if using battery-backed Random Access Memory (RAM) (BBRAM) for key storage),” i.e., storing the public key in the non-volatile memory negates the need for a battery, and thus the public key is stored in non-volatile memory); 
wherein the authentication device (Fig. 2, ¶¶ [0044]-[0046]) includes the processor (Fig. 2, ) or the platform controller hub; and 
wherein the authentication device (Fig. 2, ¶¶ [0044]-[0046]) is further configured to:  access the non-volatile memory medium (¶ [0046], “as the BMC (e.g., BMC 206) is capable of accessing all the [the NVMf of the] SSDs (e.g., FPGA SSD 203)”) to obtain the public encryption key (¶ [0045], “at 2, FPGA SSD 203 may receive the public key which is then access[ible] to the BMC] from the host device and forward the public key to the BMC 206, …, at 4, both public key and the proposed FPGA configuration may be forwarded to the BMC 206 for validation”); and 
receive the public encryption key from the non-volatile memory medium (¶ [0045], “at 2, FPGA SSD 203 may receive the public key from the host device and forward the public key to the BMC 206, …, at 4, both public key and the proposed FPGA configuration may be forwarded to [and thereby be receive[d] by] the BMC 206 for validation”).  
Regarding Claim 5
Olarig-Dasari-Smith discloses the information handling system of claim 2, and Olarig further discloses 
wherein the IC includes a field programmable gate array (FPGA) (Fig. 2, ¶¶ [0044]-[0045], i.e., “FPGA SSD 203,”) or a complex programmable logic device (CPLD).  
Regarding Claim 6
Olarig-Dasari-Smith discloses the information handling system of claim 2, and Olarig further discloses 
wherein, to receive the firmware (Smith Fig. 6, ¶ [0041]) of the IC (Fig. 2, ¶¶ [0044]-[0045]), the authentication device (Fig. 2, ¶¶ [0044]-[0046]) is further configured to…1 
via one or more direct couplings (Fig. 2, ¶¶ [0024]-[0025], i.e., via the combination of the ethernet and PCIe (Peripheral Component Interconnect Express) bus, the initiator of Olarig (Fig. 2), which corresponds to the Original Equipment Manager of Smith (Fig. 6), sends a public key and FPGA configuration to the FPGA (Fig. 2, step 1) and then to the BMC (Fig. 2, step 4), with such direct couplings being available to have the BMC as a “component 140” in Smith receive the firmware); and 
wherein, to receive the digital signature (Smith Fig. 6, ¶ [0044]), the authentication device (Fig. 2, ¶¶ [0044]-[0046]) is further configured to…2 
via the one or more direct couplings (Fig. 2, ¶¶ [0024]-[0025], i.e., via the combination of the ethernet and PCIe (Peripheral Component Interconnect Express) bus, the initiator of Olarig (Fig. 2), which corresponds to the Original Equipment Manager of Smith (Fig. 6), sends a public key and FPGA configuration to the FPGA (Fig. 2, step 1) and then to the BMC (Fig. 2, step 4), with such direct couplings being available to have the BMC as a “component 140” in Smith receive the digital signature).
Smith further discloses
	1 … receive the firmware (Fig. 6, ¶ [0041], ¶ [0044], “A software image 650 [as the firmware] on the secure boot side is provided [to the BMC of Olarig] along with a signature 652 and public key 654.”)…;  
	2 … receive the digital signature (Fig. 6, ¶ [0044], “A software image 650 on the secure boot side is provided [to the BMC of Olarig] along with a [digital] signature 652 and public key 654.”)….
	Regarding the rationale to combine Olarig-Dasari and Smith, the rational to combine is the same as provided for claim 1 due to the overlapping subject matter between claims 1 and 6.
Regarding Claim 7
Olarig-Dasari-Smith discloses the information handling system of claim 2, and Olarig further discloses 
wherein, to receive the firmware (Smith Fig. 6, ¶ [0041]) of the IC (Fig. 2, ¶¶ [0044]-[0045]), the authentication device (Fig. 2, ¶¶ [0044]-[0046]) is further configured to …1 
via a bus (Fig. 2, ¶¶ [0024]-[0025], i.e., via the combination of the ethernet and PCIe (Peripheral Component Interconnect Express) bus, the initiator of Olarig (Fig. 2), which corresponds to the Original Equipment Manager of Smith (Fig. 6), sends a public key and FPGA configuration to the FPGA (Fig. 2, step 1) and then to the BMC (Fig. 2, step 4), with PCIe being available to have the BMC as a “component 140” in Smith receive the firmware) shared with at least one component of the information handling system other than the IC and the authentication device (Fig. 2, as illustrated, the “CPU 205” as a component … other than the IC and the authentication device shares the PCIe with the BMC and FPGA); and
wherein, to receive the digital signature (Smith Fig. 6, ¶ [0044]), the authentication device (Fig. 2, ¶¶ [0044]-[0046]) is further configured to …2 
via the bus (Fig. 2, ¶¶ [0024]-[0025], i.e., via the combination of the ethernet and PCIe (Peripheral Component Interconnect Express) bus, the initiator of Olarig (Fig. 2), which corresponds to the Original Equipment Manager of Smith (Fig. 6), sends a public key and FPGA configuration to the FPGA (Fig. 2, step 1) and then to the BMC (Fig. 2, step 4), with PCIe being available to have the BMC as a “component 140” in Smith receive the firmware).
Smith further discloses
	1 … receive the firmware (Fig. 6, ¶ [0041], ¶ [0044], “A software image 650 [as the firmware] on the secure boot side is provided [to the BMC of Olarig] along with a signature 652 and public key 654.”)…;  
	2 … receive the digital signature (Fig. 6, ¶ [0044], “A software image 650 on the secure boot side is provided [to the BMC of Olarig] along with a [digital] signature 652 and public key 654.”)….
	Regarding the rationale to combine Olarig-Dasari and Smith, the rational to combine is the same as provided for claim 1 due to the overlapping subject matter between claims 1 and 7.
Regarding Independent Claim 8 and Dependent Claims 9-14
With respect to claims 8-14, a corresponding reasoning as given earlier for claims 1-7 applies, mutatis mutandis, to the subject matter of claims 8-14. Therefore, claims 8-14 are rejected, for similar reasons, under the grounds set forth for claims 1-7. 
Regarding Independent Claim 15 and Dependent Claims 15-20
With respect to claims 15-20, a corresponding reasoning as given earlier for claims 1 and 3-7 applies, mutatis mutandis, to the subject matter of claims 15-20. Therefore, claims 15-20 are rejected, for similar reasons, under the grounds set forth for claims 1 and 3-7. 
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to D'ARCY WINSTON STRAUB whose telephone number is (303)297-4405. The examiner can normally be reached Monday-Friday 9:00-5:00 Mountain Time.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, ASHOKKUMAR B PATEL can be reached on (571)272-3972. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



/D'Arcy Winston Straub/Examiner, Art Unit 2491