DETAILED ACTION

1. 	This Office Action is in response to an application filed on Jan. 24, 2019. The original filing includes claims 1-20. Therefore, Claims 1-20 are presented for examination. Now claims 1-20 are pending.


2.	Examiner's Note: When determining the scope of a claim directed to a computer-implemented instruction containing certain programming, the examiner should first look to the relationship between the programming and the intended computer system. Where the programming performs some function with respect to the computer with which it is associated, a functional relationship will be found. For instance, a claim to computer-implemented instruction programmed with attribute data objects that perform the function of facilitating retrieval, addition, and removal of information in the intended computer system, establishes a functional relationship such that the claimed attribute data objects are given patentable weight. See Lowry, 32 F.3d at 1583-84, 32 USPQ2d at 1035. 
However, where the claim as a whole is directed conveying a message or meaning to a human reader independent of the intended computer system, and/or the computer-readable medium merely serves as a support for information or data, no functional relationship exists. For example, a claim to transmitting requests for the security operation to a central security controller for the communications, security operation is executed at the central security controller for the different microservices/serverless functions, or requests for the security operation are application programming interface (API) calls for the security operation, … utilizes the intended computer system merely as a support for the information. Such claims are directed toward conveying meaning to the human reader rather may not be given patentable weight. 


Notice of Pre-AIA  or AIA  Status
3.	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.

Drawings
4. 	The drawing filed on 01/24/2019 are accepted.

Oath/Declaration
5. 	For the record, the Examiner acknowledges that the Oath/Declaration submitted on 02/22/2019 has been accepted. 

Information Disclosure Statement/
6.	No information disclosure statements (IDS) were submitted before the mailing date of a first Office Action on the merits. Accordingly, no information disclosure statements are being considered by the examiner.
Priority
7.	Applicant Claims NO priority on the instant application.

Claim Rejections - 35 USC § 102
8.	The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention.

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

9.	Claims 1-4, 6-11, 13-18 and 20 are rejected under 35 U.S.C. 102 (a) (2) as being anticipated by Shulman et al. U.S. 2019/0312899 hereinafter “Shulman” Filed Oct. 16, 2018.

Regarding claim 1, Shulman teaches: A computer-implemented method for executing a security operation for microservices/serverless functions of a microservices-based/serverless application running on a physical infrastructure (Shulman teaches method for protecting serverless applications running on computers, see abstract and ¶ [0132]), the method comprising:
receiving communications at different microservices/serverless functions of the microservices-based/serverless application (Shulman in FIG. 4 teaches receiving communications at different serverless applications, function code, see FIG. 4 in conjunction with ¶¶ [0052 and 0132-0133], “The serverless runtime environment, upon receiving a related event, triggers the execution of the serverless function, providing the function with the event data”; “the event requests into an event queue 406. For each event, an invoker 408, that invokes a runtime environment 410”); 
transmitting requests for the security operation to a central security controller for the communications from the different microservices/serverless functions of the microservices-based/serverless application so that the security operation is executed at the central security controller for the different microservices/serverless functions (Shulman first see FIG. 4 and related texts, then see ¶¶ [0097 and 0133], “one of the steps employed by the Firewall is to inspect the serverless function input and output”; “The controller organizes the event requests into an event queue 406. For each event, an invoker 408, that invokes a runtime environment 410 … Each serverless runtime environment 410 includes the function code 412 that is be executed, a serverless application firewall 414 and a behavioral protection engine 416”);
receiving results of the security operation from the central security controller at the different microservices/serverless functions of the microservicesbased/serverless application; and executing a task associated with the communications at the different microservices/serverless functions of the microservices-based/serverless application based on the results of the security operation from the central security controller (Shulman first see FIG. 3 items 306-314 and related texts, then see ¶¶ [0142 and 0133], “the Serverless Application Firewall inspects the event data (input) of the serverless function so as to ascertain whether the input contains malicious, suspicious or abnormal data. At decision step 306 the firewall determines whether the input is safe. If the input is unsafe, then at step 308 an action (security action) is taken”; “the Behavioral Protection Engine monitors the behavior and actions of the … function during execution thereof. At decision step 312, the engine decides whether the behavior is safe/normal or unsafe/abnormal”).

Regarding claim 2, Shulman further teaches: wherein the different microservices/serverless functions are coded using different computer programming languages (Shulman see ¶ [0009], “serverless function is typically programmed and deployed using command line interface (CLI) tools, an example of which is a serverless framework. In most cases, the deployment is serverless function can be written in different programming languages, such as JavaScript, Python, Java, and the like”).

Regarding claim 3, Shulman further teaches: wherein each of the different microservices/serverless functions is not programmed to execute the security operation (Shulman discloses that code functions are executed by runtime environment and protection engine monitor the original serverless function that are different functions that are programed differently that reads on applicant’s limitations, see ¶ [0053], “When code of a serverless function is executed by the serverless runtime environment, the serverless Behavioral Protection Engine monitors the behavior of the original serverless function” also see ¶ [0055-0064], “the instant serverless application firewall, inspects serverless functions' event data, when an event trigger occurs, in serverless runtime environments. Event data is the raw input that the function receives upon execution-these are argnments related to the event trigger type, used for the function's execution”, also see ¶ [0133]).

Regarding claim 4, Shulman further teaches: wherein the requests for the security operation are application programming interface (API) calls for the security operation (Shulman, see ¶ [0140], “The behavioral engine monitors the incoming data that arrives in response to the outbound API call”).

Regarding claim 6, Shulman further teaches: further comprising executing the security operation at the central security controller in response to each of the requests to produce the results of the security operation (Shulman, first see FIG. 4 item 404 and FIG. 3 item 306 and 312 along with ¶¶ [0140-0142], “Enter the Serverless Behavioral Protection Engine. The serverless behavioral protection engine makes sure that any malicious behavior, such as the malicious behavior caused by the aforementioned poisoned data will be blocked and will not harm the system. The behavioral engine monitors the incoming data that arrives in response to the outbound API call. Having learned normal validation operation), “Serverless Application Firewall inspects the event data (input) of the serverless function so as to ascertain whether the input contains malicious, suspicious or abnormal data. At decision step 306 the firewall determines whether the input is safe”).

Regarding claim 7, Shulman further teaches: further comprising monitoring data in the central security controller to collect data traffic information regarding the different microservices/serverless functions of the microservices-based/serverless application (Shulman, first see FIG. 3 item 310 along with ¶¶ [0131-0135], “providing a set of unwanted behaviors and actions; (c) categorizing the monitored behaviors and actions as belonging or not belonging to the set of predefined unwanted behaviors; (d) taking an action when the monitored behaviors and actions are included in the set of unwanted behaviors and actions”; “there is provided a system for protecting a serverless application, the system including: (a) a serverless application firewall configured to inspect input of the serverless function so as to ascertain whether the input contains malicious, suspicious or abnormal data; and (b) a behavioral protection engine configured to monitor behaviors and actions of the serverless functions during execution thereof”).

Regarding claim 8, this claim defines a computer readable storage medium claim that corresponds to method claim 1 and does not define beyond limitations of claim 1. Therefore, claim 8 is rejected with the same rational as in the rejection of claim 1. Furthermore, Shulman in para. [0110] discloses storage medium where the storage medium executes instructions from a storage medium.

Regarding claim 9, this claim defines a computer readable storage medium claim that corresponds to method claim 2 and does not define beyond limitations of claim 2. Therefore, claim 9 is rejected with the same rational as in the rejection of claim 2. Furthermore, Shulman in para. [0110] discloses storage medium where the storage medium executes instructions from a storage medium.

Regarding claim 10, this claim defines a computer readable storage medium claim that corresponds to method claim 3 and does not define beyond limitations of claim 3. Therefore, claim 10 is rejected with the same rational as in the rejection of claim 3. Furthermore, Shulman in para. [0110] discloses storage medium where the storage medium executes instructions from a storage medium.

Regarding claim 11, this claim defines a computer readable storage medium claim that corresponds to method claim 4 and does not define beyond limitations of claim 4. Therefore, claim 11 is rejected with the same rational as in the rejection of claim 4. Furthermore, Shulman in para. [0110] discloses storage medium where the storage medium executes instructions from a storage medium.

Regarding claim 13, this claim defines a computer readable storage medium claim that corresponds to method claim 6 and does not define beyond limitations of claim 6. Therefore, claim 13 is rejected with the same rational as in the rejection of claim 6. Furthermore, Shulman in para. [0110] discloses storage medium where the storage medium executes instructions from a storage medium.
Regarding claim 14, this claim defines a computer readable storage medium claim that corresponds to method claim 7 and does not define beyond limitations of claim 7. Therefore, claim 14 is rejected with the same rational as in the rejection of claim 7. Furthermore, Shulman in para. [0110] discloses storage medium where the storage medium executes instructions from a storage medium.

Regarding claim 15, this claim defines a system claim that corresponds to method claim 1 and does not define beyond limitations of claim 1. Therefore, claim 15 is rejected with the same rational as in the rejection of claim 1. Furthermore, Shulman in para. [0110] discloses memory and processor.

Regarding claim 16, this claim defines a system claim that corresponds to method claim 2 and does not define beyond limitations of claim 2. Therefore, claim 16 is rejected with the same rational as in the rejection of claim 2. Furthermore, Shulman in para. [0110] discloses memory and processor.

Regarding claim 17, this claim defines a system claim that corresponds to method claim 3 and does not define beyond limitations of claim 3. Therefore, claim 17 is rejected with the same rational as in the rejection of claim 3. Furthermore, Shulman in para. [0110] discloses memory and processor.

Regarding claim 18, this claim defines a system claim that corresponds to method claim 4 and does not define beyond limitations of claim 4. Therefore, claim 18 is rejected with 

Regarding claim 20, this claim defines a system claim that corresponds to method claim 6 and does not define beyond limitations of claim 6. Therefore, claim 20 is rejected with the same rational as in the rejection of claim 6. Furthermore, Shulman in para. [0110] discloses memory and processor.

Claim Rejections - 35 USC § 103
10.	In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
11.	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


12.	The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.

13.	This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
14.	Claims 5, 12, and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Shulman et al. U.S. 2019/0312899 hereinafter “Shulman” Filed Oct. 16, 2018 in view of Ford et al. US 2019/0034625 hereinafter “Ford” Filed Jul. 25, 2018. 

Regarding claim 5, Shulman teaches all the limitations of claim 1. Shulman teaches security operation but Shulman does not explicitly discloses: wherein the security operation is one of a data validation operation and a data sanitization operation 
However Ford teaches: wherein the security operation is one of a data validation operation and a data sanitization operation (Ford, first see FIG. 2 item 218 along with ¶ [0034] where Ford discloses data sanitization, then see ¶¶ [0075 and 0076] where Ford discloses data validation, “the event validator 604 module may be implemented to perform data validation operations on data associated with a particular event).
Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Shulman with the teaching of Ford because the use of Ford’s idea (Ford, see abstract) could provide Shulman (Shulman, see abstract) the ability to perform communication analysis, when the services architecture is capable of performing data sanitization and data validation as part of services architecture, “the pluggable capabilities 212 may include capability '1' 214 ( e.g., basic firewall), capability '2' 216 (e.g., general web protection), capability '3' 218 (e.g., data sanitization), and so forth through 

Regarding claim 12, this claim defines a computer readable storage medium claim that corresponds to method claim 5 and does not define beyond limitations of claim 5. Therefore, claim 12 is rejected with the same rational as in the rejection of claim 5. Furthermore, Shulman in para. [0110] discloses storage medium where the storage medium executes instructions from a storage medium.

Regarding claim 19, this claim defines a system claim that corresponds to method claim 5 and does not define beyond limitations of claim 5. Therefore, claim 19 is rejected with the same rational as in the rejection of claim 5. Furthermore, Shulman in para. [0110] discloses memory and processor.

Examiner note:
15.	In the case of amending the Claimed invention, Applicant is respectfully requested to indicate the portion(s) of the specification which dictate(s) the structure relied on for proper interpretation and also to verify and ascertain the metes and bounds of the claimed invention. This will assist in expediting compact prosecution.  MPEP 714.02 recites: “Applicant should also specifically point out the support for any amendments made to the disclosure. See MPEP § 2163.06. An amendment which does not comply with the provisions of 37 CFR 1.121(b), (c), (d), and (h) may be held not fully responsive. See MPEP § 714.”  Amendments not pointing to specific support in the disclosure may be deemed as not complying with provisions of 37 C.F.R.  1.131(b), (c), (d), and (h) and therefore held not fully responsive.  Generic .

Conclusion
16.	The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
EMBERSON et al. US 20190251279 A1- “STORAGE LAYER DATA SECURITY”, where discloses storage layer data security, including: receiving, at a computer system from a client computing device among one or more client computing devices, a dataset; deconstructing the dataset to identify portions of the dataset corresponding to metadata and portions of the dataset corresponding to storage data; determining that the metadata or the storage data are not in compliance with a security policy.
PATNALA et al. US 20200137125 A1- “MANAGING COMPUTER SECURITY SERVICES FOR CLOUD COMPUTING PLATFORMS”, discloses receiving, by a main controller, a security policy from a client device, the client device being associated with a set of computing applications hosted by one or more independent, private virtual clusters on one or more cloud computing platforms, the main controller residing outside the one or more virtual clusters, each of the one or more virtual clusters to be served by a security gateway system residing within the one or more cloud computing platforms.
Bernat et al. US 10623386 B1- “Secret sharing data protection in a storage system”, discloses a plurality of storage devices, data protection may include, for each of the plurality of storage devices: encrypting data of the storage device using the device key for the storage device; and encrypting the device key for the storage device using a master secret; generating a plurality of shares from the master secret; and storing the encrypted data, the encrypted device key, and a separate share of the plurality of shares in each storage device.


Any inquiry concerning this communication or earlier communications from the examiner should be directed to KHALIL NAGHDALI whose telephone number is (571) 272-9884. The examiner can normally be reached on M-F 8 AM-5 PM.
If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, KRISTINE L KINCAID can be reached on (571) 272-4063. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272- 1000.
/KHALIL NAGHDALI/
Primary Examiner, Art Unit 2437