Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
The present Office Action is responsive to communication received 10/15/2020. Claims 1-20 are pending.

Information Disclosure Statement
The information disclosure statements (IDS) submitted on 10/15/2020, 10/25/2020 and 8/11/2022 are in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statements are being considered by the examiner.

Objection- Informalities
Claims 5, 12 and  recite : “prevent, in response to receiving the second enabling key request and determining that the at least one of the plurality of second SCP subsystems is trusted is not trusted, the at least one of the plurality of second SCP subsystems from accessing the at least one enabling key stored in the first key management database”; the correct limitation is “prevent, in response to receiving the second enabling key request and determining that the at least one of the plurality of second SCP subsystems 


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-3, 5, 7-9, 12, 14-16 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over US 20200304319 to Wei et al., hereinafter Wei.
Regarding claim 1, Wei discloses 
A distributed key management system, comprising ([0020], fig. 1): a plurality of second System Control Processor (SCP) subsystems that each include a respective second key management subsystem ; a first SCP subsystem that is included in a first computing system and that coupled to the plurality of second SCP subsystems via a network; and a first key management subsystem that is included in the first SCP subsystem (Fig. 3, [0051]-[0053]: nodes 304a-d or first subsystem in communication with other nodes (second subsystem) participating in blockchain network, each node including a KM TEE and service TEE (claimed SCP is interpreted as the secure environment TEE)) and that is configured, in response to the first SCP subsystem establishing respective secure communication channels with each of the plurality of second SCP subsystems, to: retrieve, from one of the second key management subsystems in one of the plurality of second SCP subsystems, at least one enabling key for communicating via the respective secure communication channels with each of the plurality of second SCP subsystems ([0054]: key management center which can be located in one or more nodes of the other nodes in communication with nodes 304a-d, provide the key to nodes 304a-d KM TEE; Wei discloses each of the KM TEE establish a trust relationships with other KM TEE in the network before sharing key ([0046][0064]),  therefore the communication path is considered secure; [0047]: the key enables secure communication between 2 nodes ([0047]) – also [0060][0061]: KM TEES across the network perform mutual attestation and exchange encryption key, [0066]: secure communication between KM TEEs using the key); store the at least one enabling key in a first key management database that is included in the first key management subsystem ([0054]: KM TEE obtain and stores an encryption key); receive, from the first SCP subsystem, a first enabling key request; determine whether the first SCP subsystem is trusted; provide, in response to receiving the first enabling key request and determining that the first SCP subsystem is trusted, the first SCP subsystem access to the at least one enabling key stored in the first key management database ([0058]:  the KM TEE receives request from the service TEE, provide the key after authenticating the service key through local authentication, meaning the SCP or TEE is trusted; ); and prevent, in response to receiving the first enabling key request and determining that the first SCP subsystem is not trusted, the first SCP subsystem from accessing the at least one enabling key stored in the first key management database ([0058]: provide the key if TEE is authenticated-Wei does not explicitly disclose preventing access to the key if the TEE is not trusted, however, it would have been obvious to a skilled artisan to do so because it would reinforce the key provisioning to a TEE only if the TEE is trusted, improving security).  

Regarding claim 2, Wei discloses the system of claim 1, wherein the first SCP subsystem is configured to: authenticate a plurality of first computing devices in the first computing system, and wherein the determining that the first SCP subsystem is trusted includes determining that the first SCP subsystem has authenticated the plurality of first computing devices in the first computing system ([0060][0061]: KM TEEs perform mutual authentication with one or more other 308a-d KM TEEs in nodes 304a-d (see Fig. 3) ).

Regarding claim 3, Wei discloses the system of claim 1, wherein the first SCP subsystem is configured to: identify the plurality of second SCP subsystems and, in response, establish the respective secure communication channels with each of the plurality of second SCP subsystem ([0054]: the second SCPs are the TEE within the  one or more nodes of the other nodes in communication with nodes 304a-d).  

Regarding claim 5, Wei discloses the system of claim 1, wherein the first key management subsystem is configured to: receive, from at least one of the plurality of second SCP subsystems, a second enabling key request ([0094]); determine whether the at least one of the plurality of second SCP subsystems is trusted ([0089]: remote attestation; see also [0047])); provide, in response to receiving the second enabling key request and determining that the at least one of the plurality of second SCP subsystems is trusted, the at least one of the plurality of second SCP subsystems access to the at least one enabling key stored in the first key management database ([0060][0061]: after a trust relationship is established between nodes, reach consensus on which encryption key to deploy; see also [0064]); and prevent, in response to receiving the second enabling key request and determining that the at least one of the plurality of second SCP subsystems [[is trusted]] is not trusted, the at least one of the plurality of second SCP subsystems from accessing the at least one enabling key stored in the first key management database (although Wei does not explicitly teach preventing a node to access the key if the node is not trusted, it would have been obvious to a skilled artisan to do so because it would reinforce the key provisioning to a second node only if the TEE is trusted, improving security).  

Regarding claim 7, Wei discloses:
An Information Handling System (IHS), comprising (Fig. 1 nodes in a blockchain network): a first processing subsystem; a first memory subsystem that is coupled to the first processing subsystem and that includes instructions that, when executed by the first processing subsystem, cause the first processing subsystem to provide an enabling key utilization engine; a second processing subsystem that is coupled to the first processing subsystem; a second memory subsystem that is coupled to the second processing subsystem and that includes instructions that, when executed by the second processing subsystem, cause the second processing subsystem to provide a key management engine that is configured to ([0041] each nodes includes memory, processor, a TEE,  trusted applications, other applications): retrieve, from a key management subsystem in one of a plurality of second System Control Processor (SCP) subsystems, at least one enabling key for communicating via respective secure communication channels with each of the plurality of second SCP subsystems; store the at least one enabling key in a key management database that is coupled to the second processing subsystem ([0054]: key management center which can be located in one or more nodes of the other nodes in communication with nodes 304a-d, provide the key to nodes 304a-d KM TEE; Wei discloses each of the KM TEE establish a trust relationships with other KM TEE in the network before sharing key ([0046][0064]),  therefore the communication path is considered secure; [0047]: the key enables secure communication between 2 nodes ([0047]) – also [0060][0061]: KM TEES across the network perform mutual attestation and exchange encryption key, [0066]: secure communication between KM TEEs using the key; ([0054]: KM TEE obtain and stores an encryption key)); receive, from the enabling key utilization engine, a first enabling key request; determine whether the IHS is trusted; provide, in response to receiving the first enabling key request and determining that the IHS is trusted, the enabling key utilization engine access to the at least one enabling key stored in the key management database ([0058]:  the KM TEE receives request from the service TEE, provide the key after authenticating the service key through local authentication, meaning the IHS or TEE is trusted; ); and prevent, in response to receiving the first enabling key request and determining that the IHS is not trusted, the enabling key utilization engine from accessing the at least one enabling key stored in the key management database ([0058]: provide the key if TEE is authenticated-Wei does not explicitly disclose preventing access to the key if the TEE is not trusted, however, it would have been obvious to a skilled artisan to do so because it would reinforce the key provisioning to a TEE only if the TEE is trusted, improving security).  
Regarding claim 14, the claim recites substantially the same content as claim 1 and is rejected by the rationale set forth for claim 1.
Regarding claims 8 and 15, the claims recite substantially the same content as claim 2 and is rejected by the rationale set forth for claim 2.
Regarding claims 9 and 16, the claims recite substantially the same content as claim 3 and is rejected by the rationale set forth for claim 3.
Regarding claims 12 and 19, the claims recite substantially the same content as claim 5 and is rejected by the rationale set forth for claim 5.

Claims 4, 10 and 17 are rejected under 35 USC 103 as being unpatentable over Wei, in further view of US 11431514 to Geethakumar et al., hereinafter Geethakumar.

Regarding claim 4, Wei discloses the system of claim 1 but does not explicitly teach: wherein the first key management subsystem is configured to: erase, in response to determining that the first SCP subsystem is not trusted, the at least one enabling key from the first key management database.  
In an analogous art, Geethakumar discloses a device performing a mutual authentication with a server and establishing encryption keys, and storing the keys in a TEE of the device (col.2:63-67, col.3:1-22); Geethakumar discloses erase, in response to determining that the first SCP subsystem is not trusted, the at least one enabling key from the first key management database (col.14:1-33: delete encryption key from storage in response to determining unauthorized access to data).  It would have been obvious to a skilled artisan before the application was effectively filed to erase the keys if the system is untrusted because it would enhance data security and prevent unauthorized use of key and decryption of confidential information.
Regarding claims 10 and 17, the claims recite substantially the same content as claim 4 and is rejected by the rationale set forth for claim 4.

Claims 6, 13 and 20 are rejected under 35 USC 103 as being unpatentable over Wei, in further view of publication titled “An authentication scheme using identity-based encryption & blockchain”, IEEE 2018, ISCC) (pp. 00556-00561), by  Zhou et al., hereinafter Zhou.

Regarding claim 6, Wei discloses the system of claim 5; Wei also discloses the nodes using a consensus process to assign encryption keys to other nodes ([0020]), but does not explicitly teach wherein the first key management subsystem is configured to receive the second enabling key request in response to: receiving a global key manager designation communication that identifies the first key management subsystem as a global key manager.  
In an analogous art, Zhou describes a blockchain using a consensus mechanism, nodes participating in the blockchain can be elected as supervisor node, production node and protection node. Nodes change roles by election (Fi. 3). The supervision node receives the requests and initiate the authentication of the requestors (p. 00558, in B). It would have been obvious to a skilled artisan before the application was effectively filed to elect a supervision node which initiates the consensus process as taught by Zhou and implement the claim, because it allow each node to take on the role of supervision node and initiate the authentication of a requestor, leading to an equal opportunity for the participating nodes in the consensus mechanism. 
Regarding claims 13 and 20, the claims recite substantially the same content as claim 6 and are rejected by the rationale set forth for claim 6.

Allowable Subject Matter
Claims 11 and 18 recite allowable subject matter
Regarding claim 11 and substantially claim 18, Wei in view of Geethakumar disclose the IHS of claim 10 or the method of claim 17, but does not teach: wherein the key management engine is configured to: determine, subsequent to erasing the at least one enabling key from the key management database, that the IHS is trusted; retrieve, in response to determining that the IHS is trusted subsequent to erasing the at least one enabling key from the key management database and from the key management subsystem in one of the plurality of second SCP subsystems, the at least one enabling key; and store, in response to retrieving the at least one enabling key after determining that the IHS is trusted subsequent to erasing the at least one enabling key from the key management database, the at least one enabling key in the key management database.  
None of the prior art of the record disclose the aforementioned limitations. Therefore, claims 11 and 18 are allowable.
Claims 11 and 18 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
Teshome et al 20180324162 disclose remotely securing Information in a compromised Information Handling System IHS, including disabling credential, encryption key ... 
Harnik et al 20190026234 discloses a cluster of Secure Execution Platforms (SEPs) having connectivity to a data storage, each SEP of said cluster configured to maintain, using a key, confidentiality of data while processing thereof; the key is shared among the SEPs of said cluster ...
Baker et al 20180337771 disclose receiving an access request from a requesting device for access to an encryption key associated with a user device, broadcasting the request to peer nodes for approval or disapproval, storing a transaction to a blockchain indicating the approval or disapproval of the request for access to the encryption key, and providing access to the encryption key when the approval is indicated.
CILARDO, Alessandro, MAZZEO, Antonino, ROMANO, Luigi, et al. “An FPGA-based key-store for improving the dependability of security services”. In : 10th IEEE international workshop on object-oriented real-time dependable systems. IEEE, 2005. p. 389-396. 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to CATHERINE B THIAW whose telephone number is (571)270-1138. The examiner can normally be reached Monday-Friday 7am-4pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, CARL G COLIN can be reached on 571-272-3862. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/Catherine Thiaw/Primary Examiner, Art Unit 2493                                                                                                                                                                                                        9/24/2022