DEVICE ONBOARDING IN DISTRIBUTED SYSTEMS USING ATTESTED PAYLOADS

DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Information Disclosure Statement The information disclosure statements provided filed on 9/17/2025, 10/13/2025, and 11/24/2025 have been considered. Status of Claims The present application is being examined under the claims filed 04/23/2024. Claims 1-20 are pending. Claims 1-20 are rejected. Claim Objections Claim 3 objected to because of the following informalities: Regarding Claim 3, lines 3-5 state “the request being for obtaining information regarding an entity to contact for obtaining the BMO instructions, the entity being the orchestrator” (emphasis added), and lines 6-7 state “receiving, in response to the request and directly from the rendezvous system without the endpoint device having to first contact the entity” (emphasis added). Unnecessary complexity is added to the claims by redefining “the orchestrator” to “the entity,” as “the orchestrator” is used to refer to this element in all claims dependent on claim 3. Suggested wording for claim 3 is as follows: “The method of claim 2, further comprising: before obtaining the BMO instructions from the rendezvous system: transmitting a request to the rendezvous system, the request being for obtaining information regarding contacting the orchestrator for obtaining the BMO instructions; and receiving, in response to the request and directly from the rendezvous system without the endpoint device having to first contact the orchestrator, the BMO instructions in addition to the information as part of the BMO instructions.” Appropriate correction is required. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows: 1. Determining the scope and contents of the prior art. 2. Ascertaining the differences between the prior art and the claims at issue. 3. Resolving the level of ordinary skill in the pertinent art. 4. Considering objective evidence present in the application indicating obviousness or nonobviousness. Claims 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over Ponnuru et. al. (US 2023/0087829 A1) in view of Cannata et. al. (US 2020/0341597A1). Regarding Claim 1, Ponnuru discloses a method for managing an endpoint device of endpoint devices in a deployment (Ponnuru par. 14, authenticate, provide data integrity/confidentiality, provision, configure, and establish a secure session to ensure secured access to an attached device, such as endpoint device 140 in IHS 105 (i.e., deployment)), the method comprising: during an onboarding of the endpoint device and by the endpoint device (Ponnuru FIG. 3 and par. 32, method 300 for proxy authentication for a resource-constrained device of system 100 with endpoint device 140 at runtime; and par. 33, endpoint device 140 which is a hot-plug device [i.e., endpoint device] is inserted at information handling system 105 and detected by resource-constrained device 130 [i.e., must be onboarded]): obtaining [orchestration] instructions (Ponnuru FIG. 3 and par. 38, step 375, BMC 150 provisions and/or configures [i.e., orchestrates the endpoint device, see instant app. par. 93-94, orchestrating involves configuring endpoint device to operate on a control plane] endpoint device 140 [i.e., the endpoint device obtains orchestration instructions from BMC 150]); using the [orchestration] instructions to complete [an orchestration] of the endpoint device (Ponnuru FIG. 3 and par. 38, step 375, BMC 150 provisions and/or configures [i.e., orchestrates] endpoint device 140 [i.e., the endpoint device uses instructions from BMC 150]); and after completing the [orchestration] of the endpoint device, completing the onboarding of the endpoint device to a control plane in cooperation with an orchestrator (Ponnuru FIG. 1, resource constrained device 130 [i.e., orchestrator]; and par. 39, at steps 380-385 resource-constrained device 130 may terminate the secure session between BMC 150 and endpoint device 140, and may complete operations (e.g., clean up the secure session secrets) [i.e., complete onboarding process]), the orchestrator being located within the control plane to which the endpoint device is to connect and receive onboarding data for completing the onboarding (Ponnuru FIG. 1, resource constrained device 130 [i.e., orchestrator] is trusted at the same level as the endpoint device [i.e., on the same control plane as the endpoint device]; and par. 39, resource-constrained device 130 may track message payloads between BMC 150 and endpoint device 140 [i.e., resource-constrained device receives the onboarding data used to complete the onboarding]). Ponnuru does not explicitly teach: obtaining bare metal orchestration (BMO) instructions; using the BMO instructions to complete a BMO of the endpoint device; after completing the BMO of the endpoint device, completing the onboarding of the endpoint device to a control plane in cooperation with an orchestrator, the orchestrator being located within the control plane to which the endpoint device is to connect and receive onboarding data for completing the onboarding. In the analogous art of partitioning of resources to endpoint devices, Cannata teaches a method for managing an endpoint device of endpoint devices in a deployment (Cannata par. 39, PCIe switch port can allow logical isolation between endpoints and has the effect of connecting endpoints [i.e., managing configuration of endpoints]; also see par. 80, processing resources [i.e., endpoint devices] added and removed from a compute unit), the method comprising: during an onboarding of the endpoint device and by the endpoint device (Cannata par. 101, e.g., management services or control processors can be configured to perform this establishment and alteration of machines and clusters using the PCIe fabric as a medium to couple the various elements dynamically; and par. 80, processing resources [i.e., endpoint devices] added and removed from a compute unit [i.e., onboarded and offboarded]): obtaining bare metal orchestration (BMO) instructions (Cannata par. 21 and par. 99, PCIe fabric [i.e., endpoint devices, see par. 31] can be configured by management processor 110 to selectively route traffic among the components of a particular processor module and with external systems, while maintaining logical isolation between components not included in a particular processor module, management system can dynamically pull elements/resources from a pool of free elements [“bare metal” configuration is used for the operations disclosed above, i.e., execute bare metal orchestration instructions]); using the BMO instructions to complete a BMO of the endpoint device (Cannata par. 79, e.g., graphics processing resources [i.e., endpoint device] can be orchestrated [i.e., complete BMO of the endpoint device] by a first computing resource/CPU and subsequently provide graphics processing status/results to another compute unit/CPU; also see par. 32, FPGA devices [i.e., endpoint devices] can be re-programmed to change the circuitry implemented therein, as well as to perform a different set of processing tasks at different points in time [i.e., execute orchestration instructions]); after completing the BMO of the endpoint device, completing the onboarding of the endpoint device (Cannata par. 79, processing resources and other elements (graphics processing, network, storage, FPGA, or other) can be swapped in and out of computing units and associated clusters on-the-fly and these resources can be assigned to other computing units or clusters [i.e., onboarding (configuring the device to be a part of the compute unit) is completed]) […]; Therefore, it would have been obvious of one of ordinary skill in the art, having the teachings of Ponnuru and Cannata before him, before the effective filing date of the claimed invention, to combine Ponnuru’s method for onboarding and orchestrating an endpoint device with Cannata’s use of bare metal orchestration instructions, the motivation being to increase flexibility of computing resources by creating individual compute units to suit computing policy needs (Cannata par. 3-4 and par. 21, bare metal configuration can be established among the components of platform 100 to create individual compute units; and par. 99, components can be allocated dynamically among any number of clusters and associated compute units/machines). Regarding Claim 2, Ponnuru in view of Cannata disclose the method of claim 1, wherein the BMO instructions are obtained from a rendezvous system that is disposed external to the control plane from which the endpoint device is to be provided with the onboarding data (Ponnuru FIG. 1,BMC 150 [i.e., rendezvous system is subject to security enforcement [i.e., different control plane], and Ponnuru FIG. 1 and par. 38, BMC 150 provisions and/or configures endpoint device 140 using a secure communication channel [i.e., BMC provides onboarding data on a different control plane than the endpoint device 140 is provided the data]). Regarding Claim 3, Ponnuru in view of Cannata disclose the method of claim 2, further comprising: before obtaining the BMO instructions from the rendezvous system (Ponnuru FIG. 3, all steps below occur before step 375, in which the BMO instructions are obtained, as per. Claim 1 mapping): transmitting a request to the rendezvous system (Ponnuru FIG. 3, step 308 and par. 33, at 308, resource-constrained device 130 [i.e., orchestrator] sends a notification [i.e., request] to BMC 150 regarding the hot-plug insertion of endpoint device 140), the request being for obtaining information regarding an entity to contact for obtaining the BMO instructions, the entity being the orchestrator (Ponnuru FIG. 3, steps 310-315, BMC and resource constrained device exchange information regarding the capabilities of resource-constrained device 130 [i.e., the request is regarding obtaining information about the orchestrator]); and receiving, in response to the request and directly from the rendezvous system without the endpoint device having to first contact the entity (Ponnuru FIG. 3 and par. 33, a hot-plug device is inserted at information handling system 105 and detected by resource-constrained device 130 [i.e., endpoint device does not contact the orchestrator], and FIG. 3, the endpoint device 340 does not communicate with resource constrained device 130 [i.e., orchestrator]), the BMO instructions in addition to the information as part of the BMO instructions (Ponnuru FIG. 3, step 375, BMC 150 provisions and/or configures endpoint device 140 using a secure communication channel [i.e. endpoint device receives the instructions (used for the provisioning and configuration) in response to the request]). Regarding Claim 4, Ponnuru in view of Cannata disclose the method of claim 3, wherein the BMO instructions are signed using a secret key associated with a current owner of the endpoint device (Ponnuru par. 35, a proxy certificate (which is signed using a private key) allows resource-constrained device 130 [i.e., orchestrator] to delegate some or all of its privileges to BMC 150; and par. 35, BMC 150 establishes a secure session with resource-constrained device 130 using the generated proxy certificate [i.e., communications are signed]; also see par. 16, the use of the proxy certificate allows dynamic delegation of authentication privileges to authenticate and verify the trust of one or more endpoints or attached devices [i.e., the certificate belongs to the "owner" of the device]). Regarding Claim 5, Ponnuru in view of Cannata disclose the method of claim 4, wherein the BMO instructions are provided to the rendezvous system by the orchestrator prior to the endpoint device transmitting a request to the rendezvous system to initiate an onboarding process (Ponnuru par. 35, proxy certificate allows resource-constrained device 130 to delegate some or all of its privileges to BMC 150, and par. 16-17, resource-constrained device 130 may delegate security actions to BMC 150 such as to perform authentication and/or authorization actions [i.e., provide instructions to the rendezvous system]; also see FIG. 3, step 320 and par. 34, check if delegate security capability is enabled before any communication between endpoint device and BMC (i.e., before any requests between the endpoint device and rendezvous system)), and the rendezvous system validates an integrity of the BMO instructions by validating that the orchestrator is associated with the current owner of the endpoint device (Ponnuru par. 35, a proxy certificate (which is signed using a private key) allows resource-constrained device 130 [i.e., orchestrator] to delegate some or all of its privileges to BMC 150 [i.e., change owner]; and par. 35, BMC 150 establishes a secure session with resource-constrained device 130 using the generated proxy certificate [i.e., communications are signed]; also see par. 16, the use of the proxy certificate allows dynamic delegation of authentication privileges to authenticate and verify the trust of one or more endpoints or attached devices [i.e., the certificate belongs to the "owner" of the device]). Regarding Claim 6, Ponnuru in view of Cannata disclose the method of claim 4, further comprising: before using the BMO instructions to complete the BMO of the endpoint device: validating an integrity of the BMO instructions using an ownership voucher of the endpoint device (Ponnuru par. 35, BMC 150 establishes a secure session with resource-constrained device 130 using the generated proxy certificate [i.e., ownership voucher, used to validate integrity]]); and determining that the BMO instructions are trusted using the ownership voucher (Ponnuru par. 35, at 350, resource-constrained device 130 establishes a secure session with endpoint device 140 for BMC 150 using its private key and the proxy certificate received from BMC 150; and par. 36-37, security checks are performed over the secure connection established by resource-constrained device 130). Regarding Claim 7, Ponnuru in view of Cannata disclose the method of claim 6, wherein the ownership voucher comprises another key associated with the current owner of the endpoint device, the another key being a public key of a public private key pair, and the secret key being a private key of the public private key pair (Ponnuru par. 34, resource-constrained device 130 generates asymmetric key pair which includes a public/private key pair; and par. 35, BMC 150 generates a proxy certificate that it may sign using its private key [i.e., secret key]… the proxy certificate may be an X.509 certificate and includes the public key [i.e., another key] received from resource-constrained device 130), and determining that the BMO instructions are trusted comprises determining that the another key is referenced by the secret key used to sign the BMO instructions (Ponnuru par. 35, resource-constrained device 130 establishes a secure session with endpoint device 140 for BMC 150 using its private key and the proxy certificate received from BMC 150). Regarding Claim 8, Ponnuru in view of Cannata disclose the method of claim 2, wherein the orchestrator is both a BMO control plane and an application control plane of the endpoint device (Cannata par. 99, clusters are electrically isolated using PCIe fabric 620, and a management system can dynamically pull elements/resources from a pool of free elements [i.e., BMO control], and par. 80, software such as operating systems and applications can be deployed to processing resources as-needed [i.e., application control]; also see Cannata FIG. 9 and par. 111-112, management CPU [i.e., orchestrator] controls operations to establish compute units [i.e., BMO control] and specify a software configuration [i.e., application control]; or Ponnuru par. 52, BMC utilizes various protocols and application programming interfaces (APIs) to direct and control the processes for monitoring and maintaining the system firmware). Therefore, it would have been obvious of one of ordinary skill in the art, having the teachings of Ponnuru and Cannata before him, before the effective filing date of the claimed invention, to combine Ponnuru’s method for onboarding and orchestrating an endpoint device with Cannata’s use of bare metal orchestration instructions, a BMO client, and an application onboarding client the motivation being to individually control hardware configuration and software configuration for increased overall flexibility over operational parameters (Cannata par. 3-4, machine policies disclosed provide for enhanced operation and dynamic alteration of compute units comprising physical computing components coupled over a communication fabric, using a first selection indicating a set of physical computing components to form a target compute unit, and a second selection indicating a selected policy among the plurality of software policies to apply to the target compute unit). Regarding Claim 9, Ponnuru in view of Cannata disclose the method of claim 8, wherein the endpoint device comprises a BMO client and an application onboarding client that is different from the BMO client (Cannata FIG. 1, GUI 114 showing separate cluster [BMO] and policy [application] setups), the BMO client being used to complete the BMO of the endpoint device (Cannata par. 80, software such as operating systems and applications can be deployed to processing resources as-needed [i.e., application client]; and par. 99, clusters are electrically isolated using PCIe fabric 620, and a management system can dynamically pull elements/resources from a pool of free elements [i.e., BMO client]). The same motivation that was utilized for combining Ponnuru and Cannata as set forth in claim 8 is equally applicable to claim 9. Regarding Claim 10, Ponnuru in view of Cannata disclose the method of claim 9, wherein completing the onboarding of the endpoint device with the orchestrator after completing the BMO of the endpoint device comprises: executing, by the application onboarding client, application onboarding data to complete configuration of one or more applications installed on the endpoint device after completing the BMO of the endpoint device (Cannata par. 21 and par. 99, PCIe fabric [i.e., endpoint devices, see par. 31] can be configured by management processor 110 to selectively route traffic among the components of a particular processor module and with external systems, while maintaining logical isolation between components not included in a particular processor module, management system can dynamically pull elements/resources from a pool of free elements [i.e., execute orchestration instructions]; and par. 112, a software configuration is deployed to an associated device of the compute unit, such as to a host processor, storage device, FPGA, or other device that can accept or store software configurations [i.e., each onboarded device loads application data after it is assigned to a compute node]). The same motivation that was utilized for combining Ponnuru and Cannata as set forth in claim 8 is equally applicable to claim 10. Regarding Claim 11, Cannata discloses a non-transitory machine-readable medium having instructions stored therein, which when executed by a processor of an endpoint device of endpoint devices in a deployment, cause the processor to perform operations for managing the endpoint device (Cannata par. 69, storage system 313 and RAM 312 together can comprise a non-transitory data storage system, and are capable of storing software and OS images, and par. 70, software or data stored on or in storage system 313 or RAM 312 comprise computer program instructions, firmware, or some other form of machine-readable processing instructions having processes that when executed a processing system direct processor 300 to operate; and Cannata par. 99 and par. 111, endpoint devices are machines shown for each cluster, where the machines comprise physical elements/resources 640 such as CPUs, FPGAs, GPUs, NICs, storage drives, memory devices and other PCIe devices, along with software/configuration data directed or deployed thereto). Therefore, it would have been obvious of one of ordinary skill in the art, having the teachings of Ponnuru and Cannata before him, before the effective filing date of the claimed invention, to combine Ponnuru’s method for onboarding and orchestrating an endpoint device with Cannata’s disclosure of the endpoint device comprising a processor to execute machine readable instructions from memory, the motivation being to implement various physical computing components as endpoint devices for inclusion in compute units (Cannata par. 99 and par. 111, endpoint devices are machines shown for each cluster, where the machines comprise physical elements/resources 640 such as CPUs, FPGAs, GPUs, NICs, storage drives, memory devices and other PCIe devices, along with software/configuration data directed or deployed thereto). The remaining limitations in the claim are similar in scope to claim 1 as addressed above and is thus rejected under the same rationale. Regarding Claim 12, the claim is similar in scope to claim 2 as addressed above and is thus rejected under the same rationale. Regarding Claim 13, the claim is similar in scope to claim 3 as addressed above and is thus rejected under the same rationale. Regarding Claim 14, the claim is similar in scope to claim 4 as addressed above and is thus rejected under the same rationale. Regarding Claim 15, the claim is similar in scope to claim 5 as addressed above and is thus rejected under the same rationale. Regarding Claim 16, Cannata discloses an endpoint device (Cannata par. 39, PCIe switch port can allow logical isolation between endpoints and has the effect of connecting endpoints [i.e., managing configuration of endpoints]; and FIG. 6, endpoint devices in cluster 1 and cluster N), comprising: a processor (Cannata par. 99, endpoint devices are machines shown for each cluster, where the machines comprise physical elements/resources 640 such as CPUs, FPGAs, GPUs, NICs, storage drives, memory devices and other PCIe devices, along with software/configuration data directed or deployed thereto); and a memory coupled to the processor to store instructions, which when executed by the processor, cause the endpoint device to perform operations for onboarding (Cannata par. 69, storage system 313 and RAM 312 together can comprise a non-transitory data storage system, and are capable of storing software and OS images, and par. 70, software or data stored on or in storage system 313 or RAM 312 comprise computer program instructions, firmware, or some other form of machine-readable processing instructions having processes that when executed a processing system direct processor 300 to operate). Therefore, it would have been obvious of one of ordinary skill in the art, having the teachings of Ponnuru and Cannata before him, before the effective filing date of the claimed invention, to combine Ponnuru’s method for onboarding and orchestrating an endpoint device with Cannata’s disclosure of the endpoint device comprising a processor to execute machine readable instructions from memory, the motivation being to implement various physical computing components as endpoint devices for inclusion in compute units (Cannata par. 99 and par. 111, endpoint devices are machines shown for each cluster, where the machines comprise physical elements/resources 640 such as CPUs, FPGAs, GPUs, NICs, storage drives, memory devices and other PCIe devices, along with software/configuration data directed or deployed thereto). The remaining limitations in the claim are similar in scope to claim 1 as addressed above and is thus rejected under the same rationale. Regarding Claim 17, the claim is similar in scope to claim 2 as addressed above and is thus rejected under the same rationale. Regarding Claim 18, the claim is similar in scope to claim 3 as addressed above and is thus rejected under the same rationale. Regarding Claim 19, the claim is similar in scope to claim 4 as addressed above and is thus rejected under the same rationale. Regarding Claim 20, the claim is similar in scope to claim 5 as addressed above and is thus rejected under the same rationale. Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Applicant is reminded that in amending in response to a rejection of claims, the patentable novelty must be clearly shown in view of the state of the art disclosed by the references cited and the objections made. Applicant must also show how the amendments avoid such references and objections. See 37 CFR §1.111(c). BOOTSTRAPPING WITHOUT TRANSFERRING PRIVATE KEY - Sasin et. al. (US 20170039373 A1) discloses a secure bootstrap mechanism for endpoint devices comprising a public key attributed to a remote device, signing the public key attributed to the remote device with a private key of a server, and generating a digitally signed certificate to verify the ownership of the public key as the remote device. Any inquiry concerning this communication or earlier communications from the examiner should be directed to COLE JIAWEI WENTZEL whose telephone number is (703) 756-4762. The examiner can normally be reached 9:30am-5:30pm ET (Mon-Fri). Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Andrew Jung can be reached on (571) 270-3779. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /C.J.W./Examiner, Art Unit 2175 /ANDREW J JUNG/Supervisory Patent Examiner, Art Unit 2175