DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .


Response to Amendments
This communication is in response to the amendments filed on 9 August 2022:
	Claims 1-15 are amended.
	Claims 16-20 are canceled.
	Claims 21-25 are added.
	Claims 1-15 and 21-25 are pending.



Response to Arguments
In response to Applicant’s remarks filed on 9 August 2022:
a.	Applicant’s arguments that Vas does not teach that the hardware certificate 354 shown in Fig. 19 of Vas includes serial numbers for a plurality of components disposed on the PCB has been fully considered but is deemed moot in view of the new grounds of rejection presented in this Office Action. 
b.	Applicant’s arguments that Narayanan does not teach “generate a nonce key in response to the authentication of the hardware module based on the serial numbers” has been fully considered but is deemed moot in view of the new grounds of rejection presented in this Office Action. 
c.	Applicant’s arguments that the asserted combination of Narayanan and Vas would not have led to “retrieving, by the first device, authentication information stored on an identification component of the hardware module over a first interface, the authentication information including a module specific authentication certificate comprising serial numbers of a plurality of components on the hardware module…” have been fully considered but is deemed moot in view of the new grounds of rejection presented in this Office Action. 
d.	Applicant’s arguments that Hanna does not provide any teaching or hint of writing, by the first device, a nonce key to a nonce register of the identification component of the hardware module in response to successfully authenticating the hardware module…” has been fully considered but is deemed moot in view of the new grounds of rejection presented in this Office Action. 



Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claims 1, 3-7, 21, 23 and 25 are rejected under 35 U.S.C. 103 as being unpatentable over Narayanan et al. (U.S. PGPub. 2017/0075699), hereinafter Narayanan, in view of Park et al. (U.S. PGPub. 2018/0205560), hereinafter Park. 

	Regarding claim 1, Narayanan teaches A system comprising:
	a computing platform comprising a management system (Narayanan, Paragraph [0005], see “…an information handling system (IHS) includes a booting subsystem; a trusted platform module that is coupled to the booting subsystem and that is configured to couple to a network operating system engine, wherein the trusted platform module is configured to receive and store current boot metric data that is generated when the booting subsystem and the network operating system engine perform a boot process; and a platform management controller that is coupled to the trusted platform module, wherein the platform management controller is configured to retrieve the current boot metric data from the trusted platform module in response to the booting subsystem and the network operating system engine performing the boot process, authenticate the trusted platform module, and compare the current boot metric data to previously stored boot metric data to determine whether to authenticate the network operating system engine”, where “platform management controller” is being read as a management system); and
	a hardware module connected to the computing platform over a management interface and a data interface (Narayanan, Paragraph [0022], see “…The network operating system engine 308 is coupled to the platform management controller SoC 304 via a plurality of connections 310 that may include a power connection, a Network Controller Sideband Interface (NC-SI) connection, a Local Procedure Call (LPC) connection, a Management Data Input/Output (MDIO) connection, and/or other connections known in the art…”, where “network operating system engine 308” is being read as comprising one or more hardware modules connected to the computing platform), the hardware module comprising a field replaceable unit (FRU) comprising (Narayanan, Paragraph [0017], see “…the FRU device 204 may be a circuit board, part, and/or assembly that is quickly connectable to and removable from the computing system 202 or other electronic component such that, for example, it may be quickly and easily replaced with another FRU device…the FRU device 204 may be the IHS 100 discussed above with reference to FIG. 1 and/or include some or all of the IHS components”):
		a plurality of components disposed on a printed circuit board (PCB) (Narayanan, Paragraph [0019], see “…The FRU device 300 includes a chassis 302 that, in the embodiments described below, is a circuit board that supports or provides each of the components of the FRU 300…”), and
		an identification component disposed on the PCB and comprising a memory to store a module specific authentication certificate that binds the plurality of components to the FRU (Narayanan, Paragraph [0033], see “…a trusted platform module private key (“TPM private key 610a”) may be created within the trusted platform module 306 and stored in the memory system 306b of the trusted platform module 306…the trusted platform module 306 may include an encrypted trusted platform module certificate 611…that may be generated at the instruction of the OEM and utilized to verify that the trusted platform module 306 is authentic”, where “trusted platform module 306” is being read as comprising an identification component);
	wherein the management system is communicatively coupled to the identification component of the hardware module over the management interface and is to (Narayanan, Paragraph [0039], see “…the embedded processing system 304a in the platform management controller SoC 304 may receive the trusted platform module certificate 611 and perform TPM certificate verification 906 by decrypting the trusted platform module certificate 611 (e.g., the AIK certificate) and analyzing the data in the decrypted TPM certificate to determine whether the trusted platform module 306 has been compromised using methods known in the art”, where “TPM 306” is being read as comprising the identification component, which is communicatively coupled to the management system for sending and receiving the TPM certificate):
		
		
		
	
	Narayanan does not teach the following limitation(s) as taught by Park: perform an authentication of the hardware module based on serial numbers in the module specific authentication certificate (Park, Paragraph [0022], see “…When authenticating a mobile computing device’s certificate, the vehicle computing device may retrieve the hardware serial number that was used to generate the hardware key, and may generate another hardware key, which may be used as a hardware key check…”, where an authentication is performed based on serial numbers in the certificate), wherein the serial numbers are for the plurality of components disposed on the PCB (Park, Paragraph [0003], see “…a hardware serial number associated with a hardware component of a computing device may be received”) (Park, Paragraph [0004], see “…The hardware component may be a USB chip or a network interface card…”, where “USB chip or network interface card” is analogous to the components being disposed on a PCB);
		generate a nonce key in response to the authentication of the hardware module based on the serial numbers in the module specific authentication certificate (Park, Paragraph [0022], see “…When authenticating a mobile computing device’s certificate, the vehicle computing device may retrieve the hardware serial number that was used to generate the hardware key, and may generate another hardware key, which may be used as a hardware key check”, where “generate another hardware key” is analogous to generating a nonce key in response to the authentication of the hardware module based on the serial  numbers in the certificate); and
		write the nonce key to a register of the hardware module (Park, FIG. 1 and FIG. 2, see “Storage 140 and 240”, “Hardware Key 144”, where the hardware key (nonce key) is written/stored to a register (storage) of the hardware module),
	wherein the register is to provide the nonce key to authorize an access of the hardware module by a controller (Park, FIG. 8, see “802”, “806”, “810”, where the register/storage is to provide the nonce key (hardware key) to authorize an access of the hardware module, where “802” depicts providing the nonce key (hardware key) to authorize an access of the hardware module, where “806” and “810” depict the step of authentication and authorization). 
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for a field replaceable unit authentication system, disclosed of Narayanan, by implementing techniques for per-device authentication, comprising of performing an authentication of a hardware module based on serial numbers in the certificate, generating a nonce key in response to the authentication, storing the nonce key, and utilizing the nonce key to authorize an access of the hardware module, disclosed of Park.   
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for a field-replaceable unit (FRU) secure component binding, comprising of performing an authentication of a hardware module based on serial numbers in the certificate, generating a nonce key in response to the authentication, storing the nonce key, and utilizing the nonce key to authorize an access of the hardware module. This allows for better security management by utilizing a nonce key (hardware key) that is bound to each certificate in order to authenticate each request. Park is deemed as analogous art due to the art disclosing techniques for performing an authentication of a hardware module based on serial numbers in the certificate, generating a nonce key in response to the authentication, storing the nonce key, and utilizing the nonce key to authorize an access of the hardware module (Park, Paragraph [0022]). 

Regarding claim 3, Narayanan as modified by Park teaches The system of claim 1, wherein the hardware module comprises a memory device, and the access of the hardware module by the controller comprises an access of the memory device by a memory controller (Narayanan, FIG. 6, see “308”, “308b”, which depicts the hardware module (308) comprising a memory device (308b), where the controller accesses the system memory for the public key and certificate during authentication procedures). 

Regarding claim 4, Narayanan does not teach the following limitation(s) as taught by Park: The system of claim 1, wherein the management system is to perform the authentication of the hardware module by comparing information representing the serial numbers in the module specific authentication certificate with information representing component serial numbers from another source (Park, Paragraph [0009], see “A means for receiving a hardware serial number associated with a hardware component of a computing device, a means for converting the hardware serial number to a hardware key check, a means for receiving a hardware key associated with a certificate from the computing device, a means for comparing the hardware key to the hardware check key to obtain a verification of the certificate…”, where “hardware key” is analogous to information representing the serial numbers in the certificate and where “hardware key check” is analogous to information representing component serial numbers that is generated from another source (not the computing device), where the hardware key and hardware key check are compared for authentication purposes). 
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for a field replaceable unit authentication system, disclosed of Narayanan, by implementing techniques for per-device authentication, comprising of performing the authentication of the hardware module by comparing information representing the serial numbers with information representing the serial numbers that are received/generated from a different source, disclosed of Park.    
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for a field-replaceable unit (FRU) secure component binding, comprising of performing the authentication of the hardware module by comparing information representing the serial numbers with information representing the serial numbers that are received/generated from a different source. This allows for better security management by comparing the hardware key received from the computing device with a hardware key check generated by a different source in order to authenticate the received hardware key. Park is deemed as analogous art due to the art disclosing techniques for performing the authentication of the hardware module by comparing information representing the serial numbers with information representing the serial numbers that are received/generated from a different source (Park, Paragraph [0009]). 

Regarding claim 5, Narayanan does not teach the following limitation(s) as taught by Park: The system of claim 4, wherein the information representing the serial numbers in the module specific authentication certificate comprises a hash of the serial numbers (Park, Paragraph [0039], see “The certificate generator 110 of the computing device 100 may generate the hardware key 144 using the hardware serial number, for example, hashing the hardware serial number and reducing the number of bits used by discarding part of the hash. The hardware key 144 may be stored as part of the certificate 142”, where the information representing the serial numbers in the certificate comprises a hash of the serial numbers), and the comparing compares the hash to a hash from the another source, and wherein the hash is contained in the module specific authentication certificate (Park, Paragraph [0036], see “…The certificate generator 310 may be able to authentication the signature 143, hash hardware serial numbers, convert the resulting hash into a hardware key check, and compare that generated hardware key check to the hardware key 144 to check that the certificate 142 was issued to the mobile computing device 200”, where “convert the resulting hash into a hardware key check, and compare that generated hardware key check to the hardware key 144…” is analogous to comparing the hash to a hash from another source, where the hardware key 144 comprises the hash received by the mobile computing device and where the hardware key check comprises the hash that was generated by another source). 
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for a field replaceable unit authentication system, disclosed of Narayanan, by implementing techniques for per-device authentication, comprising of hashing the serial numbers, wherein the comparing compares the hash to a hash from another source, disclosed of Park.     
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for a field-replaceable unit (FRU) secure component binding, comprising of hashing the serial numbers, wherein the comparing compares the hash to a hash from another source. This allows for better security management and memory efficiency by hashing the serial numbers in order to provide a more secure method of authentication, as well as reducing the amount of memory needed to store the hashed information. Park is deemed as analogous art due to the art disclosing techniques for hashing the serial numbers, wherein the comparing compares the hash to a hash from another source (Park, Paragraph [0036] and [0039]). 

Regarding claim 6, Narayanan does not teach the following limitation(s) as taught by Park: The system of claim 1, wherein the management system is to:
compare the nonce key retrieved from the register with a value included in an access request to access the hardware module (Park, FIG. 8, see “800”, “802”, “804”, “806”, where “800” and “802” depict retrieving of a hardware serial number and a hardware key, where “hardware key” is analogous to the nonce key, and where “hardware serial number” is analogous to a value included in an access request, where the hardware serial number is received as part of an access request, where “804” and “806” depict the comparison of the nonce key (hardware key received) with a value (hardware serial number received which is used to generate the hardware key check)); and
based on the comparison of the nonce key with the value, determine whether to allow the access request (Park, FIG. 8, see “810”, which shows authenticating the signature based on the comparison of the nonce key (hardware key) with the value (hardware serial numbers used to generate the hardware key check), and determining whether to allow the access request) (Park, Paragraph [0054], see “At 810, the signature may be authenticated…When both the signature 143 is authenticated and the hardware key check verifies the certificate 142 by matching the hardware key 144, the mobile computing device 200 may be permitted access to the vehicle computing device 300”). 
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for a field replaceable unit authentication system, disclosed of Narayanan, by implementing techniques for per-device authentication, comprising of comparing a nonce key retrieved from the register with a value included in a request and based on the comparison, determining whether to allow the request, disclosed of Park.      
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for a field-replaceable unit (FRU) secure component binding, comprising of comparing a nonce key retrieved from the register with a value included in a request and based on the comparison, determining whether to allow the request. This allows for better security management by comparing a nonce key with a value (i.e., a different nonce key generated using a value), in order to determine whether or not the requesting device is allowed access to the target device. Park is deemed as analogous art due to the art disclosing techniques for comparing a nonce key retrieved from the register with a value included in a request and based on the comparison, determining whether to allow the request (Park, FIG. 8). 

Regarding claim 7, Narayanan as modified by Park teaches The system of claim 1, wherein the plurality of components comprise one or more of a register, a power management integrated circuit (PMIC), or a dual in line memory module (DIMM) (Narayanan, Paragraph [0039], see “…If the TPM certificate is not verified at decision block 508, the platform management controller SoC 304 may determine that the current boot metric data is not valid and the method 500 may proceed to block 510, where the platform management controller SoC 304 ceases providing power to the network operating system engine…the embedded processing system 304a in the platform management controller SoC 304 may perform a host processing system power down 914 and cease the provisioning of power through at least one of the power connections 310 to the host processing system 308a in the network operating system engine 308”, where “the platform management controller SoC 304 ceases providing power to the network operating system engine” is being read as the one or more components comprising a power management integrated circuit) (Narayanan, FIG. 6, see “304b”, “306b”, “308b”, which are being read as registers comprised in the one or more components).

Regarding claim 21, Narayanan teaches A management system comprising:
a processor (Narayanan, FIG. 3, see “304”, “304a”, where “304” depicts a management system and where “304a” depicts a processor included in the management system); and
a non-transitory storage medium storing instructions executable on the processor to (Narayanan, FIG. 3, see “304b”, which depicts a non-volatile memory system for storing instructions executable by the processor):
	perform an authentication of a hardware module comprising a plurality of components by (Narayanan, Abstract, see “…A platform management controller in the field replaceable unit device retrieves the current boot metric data from the trusted platform module, authenticates the trusted platform module, and compares the current boot metric data to previously stored boot metric data to determine whether to authenticate the network operating system engine”, where “network operating system engine” is being read as a hardware module comprising a plurality of components):
		
		
	
	
	
	
	
Narayanan does not teach the following limitation(s) as taught by Park: accessing a module specific authentication certificate from an identification component of the hardware module (Park, Paragraph [0022], see “…When authenticating a mobile computing device’s certificate, the vehicle computing device may retrieve the hardware serial number that was used to generate the hardware key, and may generate another hardware key, which may be used as a hardware key check…”, where “the vehicle computing device may retrieve the hardware serial number that was used to generate the hardware key” is analogous to accessing a module specific authentication certificate from an identification component of the hardware module), the module specific authentication certificate comprising information representing serial numbers of the plurality of components in the hardware module (Park, Paragraph [0003], see “…a hardware serial number associated with a hardware component of a computing device may be received. The hardware serial number may converted to a hardware key. The hardware key may eb stored as part of a certificate…”);
		authenticating the hardware module based on the information representing the serial numbers in the module specific authentication certificate (Park, Paragraph [0022], see “…When authenticating a mobile computing device’s certificate, the vehicle computing device may retrieve the hardware serial number that was used to generate the hardware key, and may generate another hardware key, which may be used as a hardware key check…”, where an authentication is performed based on serial numbers in the certificate);
	generate a nonce key in response to the authentication of the hardware module based on the information representing the serial numbers in the module specific authentication certificate (Park, Paragraph [0022], see “…When authenticating a mobile computing device’s certificate, the vehicle computing device may retrieve the hardware serial number that was used to generate the hardware key, and may generate another hardware key, which may be used as a hardware key check”, where “generate another hardware key” is analogous to generating a nonce key in response to the authentication of the hardware module based on the serial  numbers in the certificate);
	write the nonce key to a register of the hardware module (Park, FIG. 1 and FIG. 2, see “Storage 140 and 240”, “Hardware Key 144”, where the hardware key (nonce key) is written/stored to a register (storage) of the hardware module);
	receive, from a controller, a value included in an access request to access the hardware module (Park, Paragraph [0050], see “…The hardware key 144 may be received in response to a request…”, where “hardware key 144” comprises the hashed value of the serial numbers, which is received in an access request);
	compare the value with the nonce key read from the register of the hardware module (Park, FIG. 8, see “800”, “802”, “804”, “806”, where “800” and “802” depict retrieving of a hardware serial number and a hardware key, where “hardware key” is analogous to the nonce key, and where “hardware serial number” is analogous to a value included in an access request, where the hardware serial number is received as part of an access request, where “804” and “806” depict the comparison of the nonce key (hardware key received) with a value (hardware serial number received which is used to generate the hardware key check)); and
	provide an indication to allow the access request in response to the value matching the nonce key (Park, FIG. 8, see “810”, which shows authenticating the signature based on the comparison of the nonce key (hardware key) with the value (hardware serial numbers used to generate the hardware key check), and determining whether to allow the access request) (Park, Paragraph [0054], see “At 810, the signature may be authenticated…When both the signature 143 is authenticated and the hardware key check verifies the certificate 142 by matching the hardware key 144, the mobile computing device 200 may be permitted access to the vehicle computing device 300”). 
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for a field replaceable unit authentication system, disclosed of Narayanan, by implementing techniques for per-device authentication, comprising of authenticating hardware module based on the information representing the serial numbers in the certificate and generating a nonce key in response to the authentication of the hardware module based on the information, disclosed of Park.    
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for a field-replaceable unit (FRU) secure component binding, comprising of authenticating hardware module based on the information representing the serial numbers in the certificate and generating a nonce key in response to the authentication of the hardware module based on the information. This allows for better security management by authenticating a hardware module based on their respective serial numbers, whilst generating a nonce key (hardware key) for quick, subsequent authentication requests. Park is deemed as analogous art due to the art disclosing techniques for authenticating hardware module based on the information representing the serial numbers in the certificate and generating a nonce key in response to the authentication of the hardware module based on the information (Park, Paragraph [0022]). 

Regarding claim 23, Narayanan does not teach the following limitation(s) as taught by Park: The management system of claim 21, wherein the information representing the serial numbers in the module specific authentication certificate comprises a hash value based on a hash function applied on the serial numbers of the plurality of components in the hardware module (Park, Paragraph [0039], see “The certificate generator 110 of the computing device 100 may generate the hardware key 144 using the hardware serial number, for example, hashing the hardware serial number and reducing the number of bits used by discarding part of the hash. The hardware key 144 may be stored as part of the certificate 142”, where the information representing the serial numbers in the certificate comprises a hash of the serial numbers), and the authenticating of the hardware module is based on the hash value (Park, Paragraph [0036], see “…The certificate generator 310 may be able to authentication the signature 143, hash hardware serial numbers, convert the resulting hash into a hardware key check, and compare that generated hardware key check to the hardware key 144 to check that the certificate 142 was issued to the mobile computing device 200”, where “convert the resulting hash into a hardware key check, and compare that generated hardware key check to the hardware key 144…” is analogous to comparing the hash to a hash from another source, where the hardware key 144 comprises the hash received by the mobile computing device and where the hardware key check comprises the hash that was generated by another source). 
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for a field replaceable unit authentication system, disclosed of Narayanan, by implementing techniques for per-device authentication, comprising of hashing the serial numbers, wherein the comparing compares the hash to a hash from another source, disclosed of Park.     
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for a field-replaceable unit (FRU) secure component binding, comprising of hashing the serial numbers, wherein the comparing compares the hash to a hash from another source. This allows for better security management and memory efficiency by hashing the serial numbers in order to provide a more secure method of authentication, as well as reducing the amount of memory needed to store the hashed information. Park is deemed as analogous art due to the art disclosing techniques for hashing the serial numbers, wherein the comparing compares the hash to a hash from another source (Park, Paragraph [0036] and [0039]). 

Regarding claim 25, Narayanan does not teach the following limitation(s) as taught by Park: The management system of claim 21, wherein the authenticating of the hardware module based on the information representing the serial numbers in the module specific authentication certificate comprises comparing the information representing the serial numbers in the module specific authentication certificate with information representing component serial numbers from another source (Park, Paragraph [0009], see “A means for receiving a hardware serial number associated with a hardware component of a computing device, a means for converting the hardware serial number to a hardware key check, a means for receiving a hardware key associated with a certificate from the computing device, a means for comparing the hardware key to the hardware check key to obtain a verification of the certificate…”, where “hardware key” is analogous to information representing the serial numbers in the certificate and where “hardware key check” is analogous to information representing component serial numbers that is generated from another source (not the computing device), where the hardware key and hardware key check are compared for authentication purposes). 
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for a field replaceable unit authentication system, disclosed of Narayanan, by implementing techniques for per-device authentication, comprising of performing the authentication of the hardware module by comparing information representing the serial numbers with information representing the serial numbers that are received/generated from a different source, disclosed of Park.    
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for a field-replaceable unit (FRU) secure component binding, comprising of performing the authentication of the hardware module by comparing information representing the serial numbers with information representing the serial numbers that are received/generated from a different source. This allows for better security management by comparing the hardware key received from the computing device with a hardware key check generated by a different source in order to authenticate the received hardware key. Park is deemed as analogous art due to the art disclosing techniques for performing the authentication of the hardware module by comparing information representing the serial numbers with information representing the serial numbers that are received/generated from a different source (Park, Paragraph [0009]). 



Claims 2 is rejected under 35 U.S.C. 103 as being unpatentable over Narayanan, in view of Park, in further view of VAS et al. (U.S. PGPub. 2011/0314346), hereinafter Vas.

Regarding claim 2, Narayanan as modified by Park teaches The system of claim 1, wherein the module specific authentication certificate is part of authentication information stored in the identification component (Narayanan, Paragraph [0033], see “…a trusted platform module private key (“TPM private key 610a”) may be created within the trusted platform module 306 and stored in the memory system 306b of the trusted platform module 306…the trusted platform module 306 may include an encrypted trusted platform module certificate 611…that may be generated at the instruction of the OEM and utilized to verify that the trusted platform module 306 is authentic”), and the management system is to:
in response to the authentication of the hardware module, flag the hardware module as authentic (Narayanan, FIG. 5, see “512” and “514”, where platform management controller SoC authenticates network operating system engine and assigns authentication role(s) when the data is validated and the network operating system engine sends authentication message to platform management controller SoC, which is being read as flagging the hardware module as authentic); 

Narayanan as modified by Park do not teach the following limitation(s) as taught by Vas: provide an authenticated list of the serial numbers to an application of the computing platform (Vas, Paragraph [0145], see “The configuration data 230 may be utilized by any element of a dispersed storage network (DSN) to configure and operate in accordance with the registry entry. The configuration data 230 may include one or more of slice name range assignments, node internet protocol addresses, certificate authority addresses, authentication authorities addresses, vault identifiers, access control information, digital certificates, application software, driver software, verbal numbers…”, where “registry entry” is being read as comprising an authenticated list of serial numbers, which are provided to one or more applications of the computing platform) (Vas, Paragraph [0186], see “The method continues at step 390 where the processing module sends a certificate signing request (CSR) to the DS managing unit. The CSR includes one or more of a device identifier (ID), a serial number of a node associated with the processing module, the node public key, registration information, and a signature. The method continues at step 392 where the processing module receives a signed certificate from the DS managing unit. The signed certificate includes a signature from the DS managing unit…the processing module receives the hardware certificate from a DS unit during an initial installation”).
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for a field replaceable unit authentication system, disclosed of Narayanan, and techniques disclosed of Park, by implementing techniques for identifying a slice name information error, comprising of providing an authenticated list of serial numbers to one or more applications of the computing platform, disclosed of Vas.   
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for a field-replaceable unit (FRU) secure component binding, comprising of providing an authenticated list of serial numbers to one or more applications of the computing platform. This allows for better security management by providing an authenticated list of serial numbers to each node in the computing platform in order for the nodes to establish communication and authenticity between each other based on the updated list. Vas is deemed as analogous art due to the art disclosing methods of authenticating serial numbers of hardware modules (Vas, Paragraph [0145]). 




Allowable Subject Matter
Claims 8-15 are allowed. 

Claims 22 and 24 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims. 





Conclusion
Applicant’s amendment necessitated the new ground(s) of rejection presented in this Office Action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). 
	A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to RODMAN ALEXANDER MAHMOUDI whose telephone number is (571)272-8747.  The examiner can normally be reached on M-F 11:00am – 7:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Philip Chea can be reached on (571) 272-3951.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/R.A.M./Examiner, Art Unit 2499                                                                                                                                                                                                        
/PHILIP J CHEA/Supervisory Patent Examiner, Art Unit 2499