DETAILED ACTION
Claims 1-21 are pending in this action.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Allowable Subject Matter
Claims 1-6 and 21 are considered allowable but there are remaining rejected claims that need to be canceled or further prosecuted.

Claims 9, 10, 17 and 20 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.


Claims 7, 8, 11-15, 18 and 19 are rejected under 35 U.S.C. 102(a)(1) and 102 (a)(2) as being anticipated by Baldwin et al. (US PGPUB No. 2010/0082991) [hereinafter “Baldwin”].

As per claim 7, Baldwin teaches a system, comprising: memory to store instructions which, as a result of being executed by one or more processors of the system, cause the system to at least: instantiate a first virtual machine to manage a secret for an application running on a second virtual machine ([0018], key manager servicing other application virtual machines in the network), the first virtual machine controlled by a controlling domain ([0063], key manager controlled by hypervisor, VMM and TPM); validate, by the controlling domain, a request to perform an operation associated with the application running on the second virtual machine using the secret ([0048], insuring that certain conditions/integrity metrics are satisfied before allowing cryptographic/key/secret operations – this includes metrics on the application VM and the service driver see [0060]); and fulfill the request, based at least in part on the validation, using the secret ([0048], releasing the key to service driver and application VM so that secure services can be performed for the application VM).

As per claim 8, Baldwin teaches the system of claim 7, wherein validating the request further comprises comparing a state of one or more processes running on the second virtual machine to a set of valid states of the one or more processes ([0048], insuring that certain conditions/integrity metrics are satisfied – this includes metrics on the application VM, i.e. process, and the service driver see [0060]).

As per claim 11, Baldwin teaches the system of claim 7, wherein the instructions, as a result of being executed by one or more processors of the system, further cause the system to use a cryptographic module in a virtualized computing system to secure the secret ([0061], using the TPM protected sealing to encrypt copies of the keys at the service driver, TPM can be virtualized for domain).

As per claim 12, Baldwin teaches the system of claim 11, wherein the cryptographic module is a trusted platform module ([0061], TPM mechanism provides encryption), wherein the secret is accessible by a cryptographic key ([0061], encrypted key means it is accessible only by decryption with key).

As per claim 13, Baldwin teaches the system of claim 11, wherein the system of claim 7, wherein the instructions, as a result of being executed by one or more processors of the system, further cause the system to retrieve metadata associated with the application running on the second virtual machine, wherein the metadata includes information to access the secret ([0061], metrics and log data, i.e. metadata associated with application, passed to key manager to access keys).

As per claim 14, Baldwin teaches a non-transitory computer-readable storage medium having stored thereon executable instructions that, as a result of being executed by one or more processors of a computer system, cause the computer system to at least: instantiate a first virtual machine to manage a secret for an application running on a see also ([0061], sealing mechanism prevents access outside of domain, i.e. particular service driver and associated application VM); use a controlling domain to validate a request to perform an operation using the secret  ([0063], key manager and other virtualized components controlled by hypervisor, VMM and TPM see also [0144]) ([0048], insuring that certain conditions/integrity metrics are satisfied before allowing cryptographic/key/secret operations – this includes metrics on the application VM and the service driver see [0060]); and fulfill the request, based at least in part on the validation, using the secret ([0048], releasing the key to service driver and application VM so that secure services can be performed for the application VM).

As per claim 15, Baldwin teaches the non-transitory computer-readable storage medium of claim 14, wherein the controlling domain manages the first virtual machine ([0039], VMM/hypervisor manages all virtualized components including key manager see [0063]).

As per claim 18, Baldwin teaches the non-transitory computer-readable storage medium of claim 14, wherein the controlling domain is a hypervisor that manages the first virtual machine ([0039], VMM/hypervisor manages all virtualized components including key manager see [0063]).

As per claim 19, Baldwin teaches the non-transitory computer-readable storage medium of claim 14, wherein the secret is accessible using a key ([0061], encrypted copy of key, i.e. accessible by key, stored in the system like at the service driver).

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claim 16 is rejected under 35 U.S.C. 103 as being unpatentable over Baldwin in view of Sengupta et al. (US PGPUB No. 2015/0003453) [hereinafter “Sengupta”].



Baldwin does not explicitly teach a uniform resource locator (URL), by the controlling domain, to the application running on the second virtual machine, wherein the URL is useable to provide a resource.  Sengupta teaches a uniform resource locator (URL), by the controlling domain, to the application running on the second virtual machine, wherein the URL is useable to provide a resource ([0006], identifying services between computers in the VM network using URL’s).  
At the time of filing, it would have been obvious to one of ordinary skill in the art to combine Baldwin with the teachings of Sengupta, a uniform resource locator (URL), by the controlling domain, to the application running on the second virtual machine, wherein the URL is useable to provide a resource, to allow for an established protocol of communication between virtualized nodes/computers.

Response to Arguments
Applicant notes that there might have been an agreement that these amendments as filed would place the application in condition for allowance. Examiner notes that the amended claim 1 and dependent claims have been marked as allowable subject matter. However, independent claims 7 and 14 have not been amended and remains rejected.

With respect to Applicant’s arguments in the remarks filed 11/5/2020, Examiner notes that they are directed generally at Baldwin and the two limitations “validating, by the control domain, a request to perform an operation associated with the application running on the second virtual machine using the secret” and “using a controlling domain to validate a request to perform an operation using the secret”. No further reasoning is provided. Examiner maintains that Baldwin teaches these limitations and directs Applicant’s attention the 102 rejections above.

Examiner is open to conducting an after-final interview to discuss new amendments to overcome the current rejection or place the application in condition for allowance and/or discuss how to incorporate the claims marked as allowable subject matter. 

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Singh et al. (US PGPUB No. 2012/0054744) and Staker et al. (US PGPUB No. 2012/0179916) both disclose using virtualized modules and machines to provide security in VM environments.  Wan et al. (Building Trust into Cloud Computing Using Virtualization of TPM," doi: 10.1109/MINES.2012.82, 2012, pp. 59-63) discloses virtualizing system modules to provide security and key management. Zhang et al. (US PGPUB No. 2009/0125974) discloses comparing hashes of VM processes. Benny et al. (US PGPUB No. 2013/034385) discloses hypervisors implementing address routing for VM applications.

THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to PETER C SHAW whose telephone number is (571)270-7179.  The examiner can normally be reached on Max Flex.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Carl Colin can be reached on 571-272-3862.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for 






/PETER C SHAW/Primary Examiner, Art Unit 2493                                                                                                                                                                                                        January 11, 2021