DETAILED ACTION
This action is in response to new application filed 12/10/2019 titled “SYSTEM AND METHOD TO SECURELY BROADCAST A MESSAGE TO ACCELERATORS USING VIRTUAL CHANNELS WITH SWITCH”. Claims 1-21 were received for consideration and are under consideration.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Priority
Acknowledgment is made of applicant's claim for foreign priority under 35 U.S.C. 119(a)-(d).  The certified copy has been received.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 8/19/2021, 9/2/2021, 12/14/2021, 12/22/2021, 2/15/2022, 3/10/2022, 3/16/2022 and 6/9/2022 are in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Claim Objections
Regarding claims 8-21 these claim(s) is/are objected to for lack of antecedent basis. The acronym “DP’ is repeatedly referenced in these claims, but is never defined as to what the acronym “DP’ actually means. At a minimum, the first occurrence in each independent/dependent claim sequence referencing the acronym “DP’ needs to spell out what the acronym “DP’ actually means.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 2, 4-9, 11-16 and 18-21 are rejected under 35 U.S.C. 103 as being unpatentable over Kurzak et al. (Design and Implementation of the PULSAR Programming System for Large Scale Computing, Supercomputing Frontiers and Innovations, 2017) list on IDS filed 3/10/2022 in view of Pletea et al (US 2011/0072270).
With respect to claim 1 Kurzah teaches a computer-implemented method to broadcast a message to one or more virtual data processing (DP) accelerators, the method comprising: 
receiving a broadcast instruction via a communication switch from an application hosted by a host, to send a broadcast message to one or more of a plurality of DP accelerators, each DP accelerator communicating through a virtual communication channel (See Kurzah section 1.0 lines 5-10; section 1.4 lines 10-11; section 3.2 lines 1-5 and section 3.4 lines 10-15 where Kurzak teaches a user utilizing application function calls to initiate the transmission of broadcasting or multi-casting of messages to multiple virtual data processing accelerator devices identified by user designated channels and slot numbers) and
broadcasting the broadcast message to the DP accelerators (See Kurzah section 1.0 lines 5-10; section 1.4 lines 10-11; Section 3.2 Lines 1-5; Figure 4 Item VSA; Section 3.4 Lines 10-15; Section 1.3 Lines 1-4; Section 2.2 Lines 8-16) where Kurzak et al. teaches a user utilizing application function calls to initiate the transmission of broadcasting or multi-casting of messages to designated adjacent or consecutive multiple virtual data processing accelerator devices identified by user designated channels and slot numbers).
Kurzah does not teach encrypting the broadcast message using a broadcast session key associated with a broadcast communication session; 
determining one or more public keys of one or more security key pairs, each security key pair being associated with one of the one or more DP accelerators; 
encrypting the broadcast session key using each of the determined public keys, generating one or more encrypted broadcast session keys corresponding to the one or more DP accelerators; and 
broadcasting the encrypted broadcast message, and the one or more encrypted broadcast session keys to the DP accelerators, wherein each of the DP accelerators decrypts the encrypted broadcast session key using a corresponding private key associated with the virtual DP accelerator, wherein the message is decrypted based on the broadcast session key.
Pletea teaches encrypting the broadcast message using a broadcast session key associated with a broadcast communication session (See Pletea figure 2, 3 and paragraph 0074-0075 i.e. The method 200 described above is described with reference to a particular example with reference to FIG. 3. Various embodiments include a protocol, as depicted in FIG. 3. The protocol includes the following three steps: [0076] The origin broadcasts the message: Policy, E.sub.Policy(sessionKey) to “All” (i.e. all of the nodes in the network). The message in this example includes two concatenated parts: the first part is the policy itself, described in a machine-readable non-encrypted representation; and the second part is the ciphertext resulting from the encryption (E) of plaintext ‘sessionKey’, with public key ‘Policy’); 
determining one or more public keys of one or more security key pairs, each security key pair being associated with one of the one or more DP accelerators (see Pletea paragraph 0038 i.e. the present invention provides a method performed by a device for identifying a network node within a network to which data will be replicated, the method comprising: encrypting a session key according to an attribute-based encryption scheme; broadcasting the encrypted session key within the network; receiving at least one message encrypted using the session key from at least one network node within the network; and selecting a network node from the at least one network node to which data will be replicated); 
encrypting the broadcast session key using each of the determined public keys, generating one or more encrypted broadcast session keys corresponding to the one or more DP accelerators (see Pletea paragraph 0076-0078 i.e. The origin broadcasts the message: Policy, E.sub.Policy(sessionKey) to “All” (i.e. all of the nodes in the network). The message in this example includes two concatenated parts: the first part is the policy itself, described in a machine-readable non-encrypted representation; and the second part is the ciphertext resulting from the encryption (E) of plaintext ‘sessionKey’, with public key ‘Policy’. [0077] The origin is the node that decides to replicate data, for example due to requirements regarding data query performance, load balancing and disaster recovery. In FIG. 1, the originating node is the node 102a. [0078] Targets (i.e. the rest of the nodes in the network) receive the message broadcasted by the origin. All of the targets try to decrypt the broadcast message using their respective private keys); and 
broadcasting the encrypted broadcast message, and the one or more encrypted broadcast session keys to the DP accelerators, wherein each of the DP accelerators decrypts the encrypted broadcast session key using a corresponding private key associated with the virtual DP accelerator, wherein the message is decrypted based on the broadcast session key (see Pletea 0079-0081 i.e. Targets (i.e. the rest of the nodes in the network) receive the message broadcasted by the origin. All of the targets try to decrypt the broadcast message using their respective private keys and each node's reply may be one of the two values: [0079] 1. “Do not understand” [0080] Such a response is sent by nodes which do not have the required keys to decrypt the message. This implicitly means that they do not satisfy the requested policy. [0081] 2. “OK, the data can be replicated here”. The node sends to the originating device a message encrypted with the session key: E.sub.sessionKey(src,dst,Policy). This response is given by nodes considered to be “Candidates”. Here, ‘src’ is the source, and ‘dst’ is the destination, and the message message is the ciphertext resulting from an encryption (E) of the plaintext ‘src, dst, policy’ using key ‘sessionKey’. Effectively, by sending this response, the node confirms that is able to decrypt the original message, and that it satisfies the policy (as it can use the ‘sessionKey’ key).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Kurzah in view of Pletea to encrypted the broadcast with a session and encrypted the session key with the receiving device public key a secure way to send session key encrypt data and the session key encrypted with the receiving device public key so that only the receiving device is able to decrypt the session key and decrypt the encrypted data (see Pletea paragraph 0079-0081). Therefore one would have been motivated to have encrypted the broadcast with a session and encrypted the session key with the receiving device public key.

	
With respect to claim 2 Kurzah teaches the method of claim 1, wherein the virtual DP accelerator receiving the broadcast instruction is a broadcast virtual DP accelerator selected by the application to broadcast the message (See Kurzah section 1.0 lines 5-10; section 1.4 lines 10-11; Section 3.2 Lines 1-5; Figure 4 Item VSA; Section 3.4 Lines 10-15; Section 1.3 Lines 1-4; Section 2.2 Lines 8-16) where Kurzak et al. teaches a user utilizing application function calls to initiate the transmission of broadcasting or multi-casting of messages to designated adjacent or consecutive multiple virtual data processing accelerator devices identified by user designated channels and slot numbers).

With respect to claim 4 Kurzah teaches the method of claim 1, wherein the communication switch is coupled to each of a plurality of DP accelerators via a physical communication channel corresponding to the DP accelerator (Kurzak et al. Section 1.0 Line 4; Section 1.5 Lines 1-2 where Kurzak et al. teaches a Virtual Systolic Array (VSA) that is a virtual set of DP accelerators connected with virtual channels)).

With respect to claim 5 Kurzah teaches the method of claim 1, wherein each physical communication channel is divided into a plurality of virtual communication channels based on the number of virtual DP accelerators configured for the DP accelerator (Kurzak et al. Section 1.0 Line 4; Section 1.5 Lines 1-2 where Kurzak et al. teaches a Virtual Systolic Array (VSA) that is a virtual set of DP accelerators connected with virtual channels).

With respect to claim 6 Kurzah teaches the method of claim 1, but does not disclose wherein a non-designated virtual DP accelerator of the plurality of virtual DP accelerators receives the broadcast for the encrypted broadcast session keys but does not have a corresponding key to decrypt the encrypted broadcast session keys for generation of a broadcast session key and the non-designated virtual DP accelerator has no access to the broadcast session key to decrypt the broadcast message for the communication session.
Pletea teaches wherein a non-designated virtual DP accelerator of the plurality of virtual DP accelerators receives the broadcast for the encrypted broadcast session keys but does not have a corresponding key to decrypt the encrypted broadcast session keys for generation of a broadcast session key and the non-designated virtual DP accelerator has no access to the broadcast session key to decrypt the broadcast message for the communication session (see Pletea paragraph 0078-0081 i.e. Targets (i.e. the rest of the nodes in the network) receive the message broadcasted by the origin. All of the targets try to decrypt the broadcast message using their respective private keys and each node's reply may be one of the two values: [0079] 1. “Do not understand” [0080] Such a response is sent by nodes which do not have the required keys to decrypt the message. This implicitly means that they do not satisfy the requested policy. [0081] 2. “OK, the data can be replicated here”. The node sends to the originating device a message encrypted with the session key: E.sub.sessionKey(src,dst,Policy). This response is given by nodes considered to be “Candidates”).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Kurzah in view of Pletea to encrypted the broadcast with a session and encrypted the session key with the receiving device public key a secure way to send session key encrypt data and the session key encrypted with the receiving device public key so that only the receiving device is able to decrypt the session key and decrypt the encrypted data (see Pletea paragraph 0079-0081). Therefore one would have been motivated to have encrypted the broadcast with a session and encrypted the session key with the receiving device public key.

With respect to claim 7 Kurzah teaches the method of claim 1 wherein the one or more designated virtual DP accelerators are to perform concurrently one or more data processing tasks (See Kurzah section 1.0 lines 5-10; section 1.4 lines 10-11; Section 3.2 Lines 1-5; Figure 4 Item VSA; Section 3.4 Lines 10-15; Section 1.3 Lines 1-4; Section 2.2 Lines 8-16) where Kurzak et al. teaches a user utilizing application function calls to initiate the transmission of broadcasting or multi-casting of messages to designated adjacent or consecutive multiple virtual data processing accelerator devices identified by user designated channels and slot numbers). 

With respect to claim 8 Kurzah teaches a non-transitory machine-readable medium having instructions stored therein, which when executed by a processor, cause the processor to perform one or more operations, the operations comprising: 
receiving a broadcast instruction via a communication switch from an application hosted by a host, to send a broadcast message to one or more of a plurality of DP accelerators, each DP accelerator communicating through a virtual communication channel (See Kurzah section 1.0 lines 5-10; section 1.4 lines 10-11; section 3.2 lines 1-5 and section 3.4 lines 10-15 where Kurzak teaches a user utilizing application function calls to initiate the transmission of broadcasting or multi-casting of messages to multiple virtual data processing accelerator devices identified by user designated channels and slot numbers) and
broadcasting the broadcast message to the DP accelerators (See Kurzah section 1.0 lines 5-10; section 1.4 lines 10-11; Section 3.2 Lines 1-5; Figure 4 Item VSA; Section 3.4 Lines 10-15; Section 1.3 Lines 1-4; Section 2.2 Lines 8-16) where Kurzak et al. teaches a user utilizing application function calls to initiate the transmission of broadcasting or multi-casting of messages to designated adjacent or consecutive multiple virtual data processing accelerator devices identified by user designated channels and slot numbers).
Kurzah does not teach encrypting the broadcast message using a broadcast session key associated with a broadcast communication session; 
determining one or more public keys of one or more security key pairs, each security key pair being associated with one of the one or more DP accelerators; 
encrypting the broadcast session key using each of the determined public keys, generating one or more encrypted broadcast session keys corresponding to the one or more DP accelerators; and 
broadcasting the encrypted broadcast message, and the one or more encrypted broadcast session keys to the DP accelerators, wherein each of the DP accelerators decrypts the encrypted broadcast session key using a corresponding private key associated with the virtual DP accelerator, wherein the message is decrypted based on the broadcast session key.
Pletea teaches encrypting the broadcast message using a broadcast session key associated with a broadcast communication session (See Pletea figure 2, 3 and paragraph 0074-0075 i.e. The method 200 described above is described with reference to a particular example with reference to FIG. 3. Various embodiments include a protocol, as depicted in FIG. 3. The protocol includes the following three steps: [0076] The origin broadcasts the message: Policy, E.sub.Policy(sessionKey) to “All” (i.e. all of the nodes in the network). The message in this example includes two concatenated parts: the first part is the policy itself, described in a machine-readable non-encrypted representation; and the second part is the ciphertext resulting from the encryption (E) of plaintext ‘sessionKey’, with public key ‘Policy’); 
determining one or more public keys of one or more security key pairs, each security key pair being associated with one of the one or more DP accelerators (see Pletea paragraph 0038 i.e. the present invention provides a method performed by a device for identifying a network node within a network to which data will be replicated, the method comprising: encrypting a session key according to an attribute-based encryption scheme; broadcasting the encrypted session key within the network; receiving at least one message encrypted using the session key from at least one network node within the network; and selecting a network node from the at least one network node to which data will be replicated); 
encrypting the broadcast session key using each of the determined public keys, generating one or more encrypted broadcast session keys corresponding to the one or more DP accelerators (see Pletea paragraph 0076-0078 i.e. The origin broadcasts the message: Policy, E.sub.Policy(sessionKey) to “All” (i.e. all of the nodes in the network). The message in this example includes two concatenated parts: the first part is the policy itself, described in a machine-readable non-encrypted representation; and the second part is the ciphertext resulting from the encryption (E) of plaintext ‘sessionKey’, with public key ‘Policy’. [0077] The origin is the node that decides to replicate data, for example due to requirements regarding data query performance, load balancing and disaster recovery. In FIG. 1, the originating node is the node 102a. [0078] Targets (i.e. the rest of the nodes in the network) receive the message broadcasted by the origin. All of the targets try to decrypt the broadcast message using their respective private keys); and 
broadcasting the encrypted broadcast message, and the one or more encrypted broadcast session keys to the DP accelerators, wherein each of the DP accelerators decrypts the encrypted broadcast session key using a corresponding private key associated with the virtual DP accelerator, wherein the message is decrypted based on the broadcast session key (see Pletea 0079-0081 i.e. Targets (i.e. the rest of the nodes in the network) receive the message broadcasted by the origin. All of the targets try to decrypt the broadcast message using their respective private keys and each node's reply may be one of the two values: [0079] 1. “Do not understand” [0080] Such a response is sent by nodes which do not have the required keys to decrypt the message. This implicitly means that they do not satisfy the requested policy. [0081] 2. “OK, the data can be replicated here”. The node sends to the originating device a message encrypted with the session key: E.sub.sessionKey(src,dst,Policy). This response is given by nodes considered to be “Candidates”. Here, ‘src’ is the source, and ‘dst’ is the destination, and the message message is the ciphertext resulting from an encryption (E) of the plaintext ‘src, dst, policy’ using key ‘sessionKey’. Effectively, by sending this response, the node confirms that is able to decrypt the original message, and that it satisfies the policy (as it can use the ‘sessionKey’ key).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Kurzah in view of Pletea to encrypted the broadcast with a session and encrypted the session key with the receiving device public key a secure way to send session key encrypt data and the session key encrypted with the receiving device public key so that only the receiving device is able to decrypt the session key and decrypt the encrypted data (see Pletea paragraph 0079-0081). Therefore one would have been motivated to have encrypted the broadcast with a session and encrypted the session key with the receiving device public key.

	
With respect to claim 9 Kurzah teaches the non-transitory machine-readable medium of claim 8, wherein the virtual DP accelerator receiving the broadcast instruction is a broadcast virtual DP accelerator selected by the application to broadcast the message (See Kurzah section 1.0 lines 5-10; section 1.4 lines 10-11; Section 3.2 Lines 1-5; Figure 4 Item VSA; Section 3.4 Lines 10-15; Section 1.3 Lines 1-4; Section 2.2 Lines 8-16) where Kurzak et al. teaches a user utilizing application function calls to initiate the transmission of broadcasting or multi-casting of messages to designated adjacent or consecutive multiple virtual data processing accelerator devices identified by user designated channels and slot numbers).
With respect to claim 11 Kurzah teaches the non-transitory machine-readable medium of claim 8, wherein the communication switch is coupled to each of a plurality of DP accelerators via a physical communication channel corresponding to the DP accelerator (Kurzak et al. Section 1.0 Line 4; Section 1.5 Lines 1-2 where Kurzak et al. teaches a Virtual Systolic Array (VSA) that is a virtual set of DP accelerators connected with virtual channels).

With respect to claim 12 Kurzah teaches the non-transitory machine-readable medium of claim 8, wherein each physical communication channel is divided into a plurality of virtual communication channels based on the number of virtual DP accelerators configured for the DP accelerator (Kurzak et al. Section 1.0 Line 4; Section 1.5 Lines 1-2 where Kurzak et al. teaches a Virtual Systolic Array (VSA) that is a virtual set of DP accelerators connected with virtual channels).

With respect to claim 13 Kurzah teaches the non-transitory machine-readable medium of claim 8, wherein a non-designated virtual DP accelerator of the plurality of virtual DP accelerators receives the broadcast for the encrypted broadcast session keys but does not have a corresponding key to decrypt the encrypted broadcast session keys for generation of a broadcast session key and the non-designated virtual DP accelerator has no access to the broadcast session key to decrypt the broadcast message for the communication session (see Pletea paragraph 0078-0081 i.e. Targets (i.e. the rest of the nodes in the network) receive the message broadcasted by the origin. All of the targets try to decrypt the broadcast message using their respective private keys and each node's reply may be one of the two values: [0079] 1. “Do not understand” [0080] Such a response is sent by nodes which do not have the required keys to decrypt the message. This implicitly means that they do not satisfy the requested policy. [0081] 2. “OK, the data can be replicated here”. The node sends to the originating device a message encrypted with the session key: E.sub.sessionKey(src,dst,Policy). This response is given by nodes considered to be “Candidates”).

With respect to claim 14 Kurzah teaches the non-transitory machine-readable medium of claim 8, wherein the one or more designated virtual DP accelerators are to perform concurrently one or more data processing tasks (See Kurzah section 1.0 lines 5-10; section 1.4 lines 10-11; Section 3.2 Lines 1-5; Figure 4 Item VSA; Section 3.4 Lines 10-15; Section 1.3 Lines 1-4; Section 2.2 Lines 8-16) where Kurzak et al. teaches a user utilizing application function calls to initiate the transmission of broadcasting or multi-casting of messages to designated adjacent or consecutive multiple virtual data processing accelerator devices identified by user designated channels and slot numbers).

With respect to claim 15 Kurzah teaches a data processing system, comprising: a processor; and a memory coupled to the processor to store instructions, which when executed by the processor, cause the processor to perform operations, the operations including
receiving a broadcast instruction via a communication switch from an application hosted by a host, to send a broadcast message to one or more of a plurality of DP accelerators, each DP accelerator communicating through a virtual communication channel (See Kurzah section 1.0 lines 5-10; section 1.4 lines 10-11; section 3.2 lines 1-5 and section 3.4 lines 10-15 where Kurzak teaches a user utilizing application function calls to initiate the transmission of broadcasting or multi-casting of messages to multiple virtual data processing accelerator devices identified by user designated channels and slot numbers) and
broadcasting the broadcast message to the DP accelerators (See Kurzah section 1.0 lines 5-10; section 1.4 lines 10-11; Section 3.2 Lines 1-5; Figure 4 Item VSA; Section 3.4 Lines 10-15; Section 1.3 Lines 1-4; Section 2.2 Lines 8-16) where Kurzak et al. teaches a user utilizing application function calls to initiate the transmission of broadcasting or multi-casting of messages to designated adjacent or consecutive multiple virtual data processing accelerator devices identified by user designated channels and slot numbers).
Kurzah does not teach encrypting the broadcast message using a broadcast session key associated with a broadcast communication session; 
determining one or more public keys of one or more security key pairs, each security key pair being associated with one of the one or more DP accelerators; 
encrypting the broadcast session key using each of the determined public keys, generating one or more encrypted broadcast session keys corresponding to the one or more DP accelerators; and 
broadcasting the encrypted broadcast message, and the one or more encrypted broadcast session keys to the DP accelerators, wherein each of the DP accelerators decrypts the encrypted broadcast session key using a corresponding private key associated with the virtual DP accelerator, wherein the message is decrypted based on the broadcast session key.
Pletea teaches encrypting the broadcast message using a broadcast session key associated with a broadcast communication session (See Pletea figure 2, 3 and paragraph 0074-0075 i.e. The method 200 described above is described with reference to a particular example with reference to FIG. 3. Various embodiments include a protocol, as depicted in FIG. 3. The protocol includes the following three steps: [0076] The origin broadcasts the message: Policy, E.sub.Policy(sessionKey) to “All” (i.e. all of the nodes in the network). The message in this example includes two concatenated parts: the first part is the policy itself, described in a machine-readable non-encrypted representation; and the second part is the ciphertext resulting from the encryption (E) of plaintext ‘sessionKey’, with public key ‘Policy’); 
determining one or more public keys of one or more security key pairs, each security key pair being associated with one of the one or more DP accelerators (see Pletea paragraph 0038 i.e. the present invention provides a method performed by a device for identifying a network node within a network to which data will be replicated, the method comprising: encrypting a session key according to an attribute-based encryption scheme; broadcasting the encrypted session key within the network; receiving at least one message encrypted using the session key from at least one network node within the network; and selecting a network node from the at least one network node to which data will be replicated); 
encrypting the broadcast session key using each of the determined public keys, generating one or more encrypted broadcast session keys corresponding to the one or more DP accelerators (see Pletea paragraph 0076-0078 i.e. The origin broadcasts the message: Policy, E.sub.Policy(sessionKey) to “All” (i.e. all of the nodes in the network). The message in this example includes two concatenated parts: the first part is the policy itself, described in a machine-readable non-encrypted representation; and the second part is the ciphertext resulting from the encryption (E) of plaintext ‘sessionKey’, with public key ‘Policy’. [0077] The origin is the node that decides to replicate data, for example due to requirements regarding data query performance, load balancing and disaster recovery. In FIG. 1, the originating node is the node 102a. [0078] Targets (i.e. the rest of the nodes in the network) receive the message broadcasted by the origin. All of the targets try to decrypt the broadcast message using their respective private keys); and 
broadcasting the encrypted broadcast message, and the one or more encrypted broadcast session keys to the DP accelerators, wherein each of the DP accelerators decrypts the encrypted broadcast session key using a corresponding private key associated with the virtual DP accelerator, wherein the message is decrypted based on the broadcast session key (see Pletea 0079-0081 i.e. Targets (i.e. the rest of the nodes in the network) receive the message broadcasted by the origin. All of the targets try to decrypt the broadcast message using their respective private keys and each node's reply may be one of the two values: [0079] 1. “Do not understand” [0080] Such a response is sent by nodes which do not have the required keys to decrypt the message. This implicitly means that they do not satisfy the requested policy. [0081] 2. “OK, the data can be replicated here”. The node sends to the originating device a message encrypted with the session key: E.sub.sessionKey(src,dst,Policy). This response is given by nodes considered to be “Candidates”. Here, ‘src’ is the source, and ‘dst’ is the destination, and the message message is the ciphertext resulting from an encryption (E) of the plaintext ‘src, dst, policy’ using key ‘sessionKey’. Effectively, by sending this response, the node confirms that is able to decrypt the original message, and that it satisfies the policy (as it can use the ‘sessionKey’ key).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Kurzah in view of Pletea to encrypted the broadcast with a session and encrypted the session key with the receiving device public key a secure way to send session key encrypt data and the session key encrypted with the receiving device public key so that only the receiving device is able to decrypt the session key and decrypt the encrypted data (see Pletea paragraph 0079-0081). Therefore one would have been motivated to have encrypted the broadcast with a session and encrypted the session key with the receiving device public key.

	
With respect to claim 16 Kurzah teaches the system of claim 15, wherein the virtual DP accelerator receiving the broadcast instruction is a broadcast virtual DP accelerator selected by the application to broadcast the message (See Kurzah section 1.0 lines 5-10; section 1.4 lines 10-11; Section 3.2 Lines 1-5; Figure 4 Item VSA; Section 3.4 Lines 10-15; Section 1.3 Lines 1-4; Section 2.2 Lines 8-16) where Kurzak et al. teaches a user utilizing application function calls to initiate the transmission of broadcasting or multi-casting of messages to designated adjacent or consecutive multiple virtual data processing accelerator devices identified by user designated channels and slot numbers).

With respect to claim 18 Kurzah teaches the system of claim 15, wherein the communication switch is coupled to each of a plurality of DP accelerators via a physical communication channel corresponding to the DP accelerator (Kurzak et al. Section 1.0 Line 4; Section 1.5 Lines 1-2 where Kurzak et al. teaches a Virtual Systolic Array (VSA) that is a virtual set of DP accelerators connected with virtual channels).

With respect to claim 19 Kurzah teaches the system of claim 15, wherein each physical communication channel is divided into a plurality of virtual communication channels based on the number of virtual DP accelerators configured for the DP accelerator (Kurzak et al. Section 1.0 Line 4; Section 1.5 Lines 1-2 where Kurzak et al. teaches a Virtual Systolic Array (VSA) that is a virtual set of DP accelerators connected with virtual channels).

With respect to claim 20 Kurzah teaches the system of claim 15, wherein a non-designated virtual DP accelerator of the plurality of virtual DP accelerators receives the broadcast for the encrypted broadcast session keys but does not have a corresponding key to decrypt the encrypted broadcast session keys for generation of a broadcast session key and the non-designated virtual DP accelerator has no access to the broadcast session key to decrypt the broadcast message for the communication session (see Pletea paragraph 0078-0081 i.e. Targets (i.e. the rest of the nodes in the network) receive the message broadcasted by the origin. All of the targets try to decrypt the broadcast message using their respective private keys and each node's reply may be one of the two values: [0079] 1. “Do not understand” [0080] Such a response is sent by nodes which do not have the required keys to decrypt the message. This implicitly means that they do not satisfy the requested policy. [0081] 2. “OK, the data can be replicated here”. The node sends to the originating device a message encrypted with the session key: E.sub.sessionKey(src,dst,Policy). This response is given by nodes considered to be “Candidates”).

With respect to claim 21 Kurzah teaches the system of claim 15, wherein the one or more designated virtual DP accelerators are to perform concurrently one or more data processing tasks (See Kurzah section 1.0 lines 5-10; section 1.4 lines 10-11; Section 3.2 Lines 1-5; Figure 4 Item VSA; Section 3.4 Lines 10-15; Section 1.3 Lines 1-4; Section 2.2 Lines 8-16) where Kurzak et al. teaches a user utilizing application function calls to initiate the transmission of broadcasting or multi-casting of messages to designated adjacent or consecutive multiple virtual data processing accelerator devices identified by user designated channels and slot numbers).

Claims 3, 10 and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Kurzak et al. (Design and Implementation of the PULSAR Programming System for Large Scale Computing, Supercomputing Frontiers and Innovations, 2017) in view of Pletea et al (US 2011/0072270) in view of Little et al (US 2011/0072270)
With respect to claim 3 Kurzah teaches the method of claim 1, but does not disclose wherein the public and private keys of each virtual DP accelerator are associated with a security key pair for the virtual DP accelerator and the security key pair is a derived security key generated by a security unit of the DP accelerator.
Little teaches wherein the public and private keys of each virtual DP accelerator are associated with a security key pair for the virtual DP accelerator and the security key pair is a derived security key generated by a security unit of the DP accelerator (See Little paragraph 0048 discloses a digital certificate for any particular entity typically includes the entity's public key and identification information that is bound to the public key with a digital signature, for example).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Kurzah in view of Little to for accessing multiple certificate status information providers for establishing electronic messaging between them (see Little Abstract). Therefore one would have been motivated to have each virtual DP accelerator are associated with a security key pair for the virtual DP accelerator.

With respect to claim 10 Kurzah teaches the non-transitory machine-readable medium of claim 8, but does not disclose wherein the public and private keys of each virtual DP accelerator are associated with a security key pair for the virtual DP accelerator and the security key pair is a derived security key generated by a security unit of the DP accelerator.
Little teaches wherein the public and private keys of each virtual DP accelerator are associated with a security key pair for the virtual DP accelerator and the security key pair is a derived security key generated by a security unit of the DP accelerator (See Little paragraph 0048 discloses a digital certificate for any particular entity typically includes the entity's public key and identification information that is bound to the public key with a digital signature, for example).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Kurzah in view of Little to for accessing multiple certificate status information providers for establishing electronic messaging between them (see Little Abstract). Therefore one would have been motivated to have each virtual DP accelerator are associated with a security key pair for the virtual DP accelerator.

With respect to claim 17 Kurzah teaches the system of claim 15, but does not disclose wherein the public and private keys of each virtual DP accelerator are associated with a security key pair for the virtual DP accelerator and the security key pair is a derived security key generated by a security unit of the DP accelerator.
Little teaches wherein the public and private keys of each virtual DP accelerator are associated with a security key pair for the virtual DP accelerator and the security key pair is a derived security key generated by a security unit of the DP accelerator (See Little paragraph 0048 discloses a digital certificate for any particular entity typically includes the entity's public key and identification information that is bound to the public key with a digital signature, for example).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Kurzah in view of Little to for accessing multiple certificate status information providers for establishing electronic messaging between them (see Little Abstract). Therefore one would have been motivated to have each virtual DP accelerator are associated with a security key pair for the virtual DP accelerator.

Prior Art
	Cerruti et al US 20060161502 teaches Cerruti et al teaches the binding of broadcast messages to a specific receiver.
Artzi US 6553009 teaches the binding of broadcast messages to a specific receiver.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DEVIN E ALMEIDA whose telephone number is (571)270-1018.  The examiner can normally be reached on Monday-Thursday from 7:30 A.M. to 5:00 P.M.  The examiner can also be reached on alternate Fridays from 7:30 A.M. to 4:00 P.M. 
If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, Saleh Najjar, can be reached on 571-272-4006. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).
/DEVIN E ALMEIDA/Examiner, Art Unit 2492                                                                                                                                                                                                        

/SALEH NAJJAR/Supervisory Patent Examiner, Art Unit 2492