DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

This action is responsive to Applicant’s Amendment filed on 11/30/2020.
Claims 1-19 are presented for examination. Claims 1, 7 and 13 have been amended. 
Applicant’s amendments to the claims have overcome 112 rejections previously set forth in the Non-Final Office Action mailed 9/18/2020.

Examiner Notes
Examiner cites particular columns, paragraphs, figures and line numbers in the references as applied to the claims below for the convenience of the applicant. Although the specified citations are representative of the teachings in the art and are applied to the specific limitations within the individual claim, other passages and figures may apply as well. It is respectfully requested that, in preparing responses, the applicant fully consider the references in entirely as potentially teaching all or part of the claimed invention, as well as the context of the passage as taught by the prior art or disclosed by the examiner.

Claim Rejections - 35 USC § 112
The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a)  IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same,  and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.

The following is a quotation of the first paragraph of pre-AIA  35 U.S.C. 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention.


Claims 1-19 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement.  The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for pre-AIA  the inventor(s), at the time the application was filed, had possession of the claimed invention.

Regarding to Claim 1, the claimed limitation “the indication is absent of credentials used to authorize execution of the first script” at lines 15-16 is not supported by the specification. The specification does not state or imply the credentials used to authorize execution of the first script is not included in the indication, especially when the claimed invention includes limitations from lines 6-8 of Claim 1. Features of “some other indication of a validation of the credentials maybe stored or otherwise associated with the workflow 144” from [0016] of the specification and the context of [0016] only states the claimed indication can include something other than the credentials. It does not necessarily mean such indication does not include the credentials. The indication from [0016] can include both of credentials and something other than the credentials. Feature of “the generated workflows may incorporate the necessary credentials, permissions … do not have to be re-validated or verified” from [0017] does not provide sufficient support for the limitation having issue. Applicant may consider the indication can include the described permissions or parameters from [0017], and thus the indication can exclude the necessary component to automatically validate the script instead of the permissions or parameters from [0017], and thus the scope of current claimed invention does not involve with any permissions or parameters, let alone the claimed indication includes permissions or parameters. Thereby, [0017] does not provide sufficient support for limitation mentioned above. In addition, the specification does not provide enough description for the claimed credential cannot be part of the necessary permissions or parameters required to automatically validate the scripts execution described at [0017] (i.e., “permissions” or “parameters” from [0017] is possible to include the credentials, such as “parameters representing the credentials for each device in order to run” from [0018], emphasis added). Thereby, the limitation/feature related to “the indication is absent of credentials used to authorize execution of the first script” at lines 15-16 lacks of support from the specification.
Claims 2-6 are rejected for failing to cure the deficiency from their respective parent claim by dependency.

Regarding to Claim 7, Claim 7 is rejected under the same reason set forth in the rejection of Claim 1 above.
Claims 8-12 are rejected for failing to cure the deficiency from their respective parent claim by dependency.

Regarding to Claim 13, Claim 13 is rejected under the same reason set forth in the rejection of Claim 1 above.
Claims 14-19 are rejected for failing to cure the deficiency from their respective parent claim by dependency.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

Claims 1-2, 4-8, 10-14 and 17-19 are rejected under 35 U.S.C. 103 as being unpatentable over Kotian (US PGPUB 20170052776 A1) in view of Fedorenko et al. (US PGPUB 20060248466 A1, hereafter Fedorenko), Liu et al. (US PGPUB 20130031639 A1, hereafter Liu) and Bhosle et al. (US Patent 8505106 B1, hereafter Bhosle).
Kotian, Fedoreko and Liu were cited on the previous office action.

Regarding to Claim 1, Kotian discloses: a method comprising:
receiving, by a computing device, a first script defining at least one first function to be executed at a first computing component of a plurality of computing components deployed within a communications network (see step 406 of Fig. 4 and [0104]; “the plurality of scripts associated with the application are retrieved from the repository server 114 b based on the user 
validating, by the computing device, that the first script is authorized to implement the at least one first function at the plurality of computing components by executing the first script at the first computing component (see step 410 of Fig. 4 and [0104]; “the plurality of scripts associated with the application stored in the repository server 114 b are validated by executing the plurality of scripts in the first database 110”); and
when the first script is validated, performing operations by the computing device to consolidate the first script and a second script into a single component (see steps 410-414 of Fig. 4, [0104]; “at least one patch file comprising the at least one of the plurality of scripts are created upon successful validation of the plurality of scripts”. Also see “Considering that the validation of the five scripts were successful … creates the at least patch file comprising the five scripts along with the specific comments added by the user” from [0094]), where the second script defines at least one second function to be executed by a first computing component of the plurality of computing components (Fig. 1, the descriptions about scripts from [0002], [0050], [0054] and [0090]. Each of the plurality of scripts to be merged defines a function to be executed on the first database of a plurality of computing components). 

Kotian does not disclose: 
validating the first script is authorized is performed by identifying credentials associated with a first user requesting execution of the first script at the first computing component;
component comprised the first script and the second script is a single workflow, where the second script defines at least one second function to be executed by a second computing component of the plurality of computing components, and the single workflow contains an indication that said validating resulted in a validation that the first script is authorized to implement the at least one first function at plurality of computing components, and the indication is absent of credentials used to authorize execution of the first script; and
causing, by the single workflow, the first script to be executed at the first computing component without a re-validation of the credentials associated with the first user.

However, Fedorenko discloses:
performing operations by the computing device to consolidate the first script and a second script into a single workflow (see Figs. 7, 8, [0044] and [0050]; “the workflow language allows multiple scripts in different languages to be joined into a single workflow program. In this case, when the workflow program is executed on a management device, the workflow program will cause each embedded script to be executed on a data processing system that supports the script program language”), where the second script defines at least one second function to be executed by a second computing component of the plurality of computing components (see [0036], [0044] and [0053]; “each script within the workflow must be executed on separate data processing systems in a data center”. Also see [0031], [0046]; “each script in job 400 will be run on a single data processing system. In this example, each script accomplishes a different configuration goal”),
causing, by the single workflow, the first script to be executed at the first computing component (see [0036], [0044] and [0053]; “the workflow language allows multiple scripts in 
It would have been obvious to one with ordinary skill, in the art before the effective filing date of the claim invention, to modify the patch file merged from multiple scripts and executing target environment for the multiple scripts from Kotian by including merging multiple scripts into workflow and the ability of executing multiple script is a different corresponding target environment from Fedorenko, since it would provide a mechanism of a workflow program is able to coordinate parameters among the scripts merged from (see [0005] from Fedorenko) and it is obvious to one skilled in the art to substitute one type of implementation of executing the multiple scripts in one single target environment to another implementation of executing the multiple scripts in different target environment to achieve the predictable result (see [0104] from Kotian, [0051]-[0053] from Fedorenko; “In an embodiment, the workflow program is executed on only one data processing system” and “In another illustrative embodiment, each script within the workflow must be executed on separate data processing systems in a data center”).
Thereby, the combination of Kotian and Fedorenko discloses:
when the first script is validated, performing operations by the computing device to consolidate the first script and a second script into a single workflow (see steps 410-414 of Fig. 4, [0094], [0104] from Kotian and [0050] from Fedorenko; “Considering that the validation of the five scripts were successful … creates the at least patch file comprising the five scripts along with the specific comments added by the user” and “the workflow language allows multiple , 
causing, by the single workflow, the first script to be executed at the first computing component (see [0044] and [0053] from Fedorenko; “the workflow language allows multiple scripts in different languages to be joined into a single workflow program. In this case, when the workflow program is executed on a management device, the workflow program will cause each embedded script to be executed on a data processing system that supports the script program language” and “each script within the workflow must be executed on separate data processing systems in a data center”).

The combination of Kotian and Fedorenko does not disclose:
validating the first script is authorized is performed by identifying credentials associated with a first user requesting execution of the first script at the first computing component; and
the single workflow contains an indication that said validating resulted in a validation that the first script is authorized to implement the at least one first function at plurality of computing components, and the indication is absent of credentials used to authorize execution of the first script; and
the first script to be executed at the first computing component without a re-validation of the credentials associated with the first user.

However, Liu discloses: a method comprises:
executing a first script includes identifying credentials associated with a first user requesting execution of the first script at the first computing component (see step 230 of Fig. 2, Fig. 3, [0059]-[0060] and [0064]; “For example, once the security requirements (e.g. username and password) for the recorded script are established, the user may need to use the username and the password for the script only, in order to play the script”. Also see [0038]).
It would have been obvious to one with ordinary skill, in the art before the effective filing date of the claim invention, to modify the process of validating scripts to be merged into single workflow are authorized by executing the scripts at corresponding computing components from the combination of Kotian and Fedorenko by including execution of a script on a computing component includes identifying credentials associated with the user requesting execution of the script at the computing component from Liu, since it would provide a method of security mechanism of only executing script with credentials from a corresponding user.
Thereby, the combination of Kotian, Fedorenko and Liu discloses:
validating, by the computing device, that the first script is authorized to implement the at least one first function at the plurality of computing components by identifying credentials associated with a first user requesting execution of the first script at the first computing component (see step 410 of Fig. 4, [0104] from Kotian, step 230 of Fig. 2, Fig. 3, [0059]-[0060] and [0064] from Liu; “the plurality of scripts associated with the application stored in the repository server 114 b are validated by executing the plurality of scripts in the first database 110”. At the combination system, validating the first script is authorized to implement the first function at the first database by executing a secured first script at the first database which comprises a step of identifying credentials associated with the first user requesting execution of the first script at the first database).

The combination of Kotian, Fedorenko and Liu does not disclose:
the single workflow contains an indication that said validating resulted in a validation that the first script is authorized to implement the at least one first function at plurality of computing components, and the indication is absent of credentials used to authorize execution of the first script;
the first script to be executed at the first computing component without a re-validation of the credentials associated with the first user.

However, Bhosle discloses: a method of executing a script comprising:
an indication that validating resulted in validation that a script is authorized to implement a function at a device, and the indication is absent of information used to authorize execution of the script; the script to be executed at the device without a re-validation of the information associated with user (see lines 59-2 of cols. 6-7; “a response can be returned that includes a session identifier (ID) or other such validation token (also known as “trust token”) once a validation, authentication, or similar process is executed by the entity or a component or service in communication therewith. The session ID then can be included in subsequent requests from the scripting language, such that a validation or similar process does not have to be re-executed for each subsequent request”. A validation token, i.e., the claimed indication, is included in a script after the initial validation process for the script is completed, and thus the execution of the script later does not need to re-validate the authorization of the script any more). 


Thereby, the combination of Kotian, Fedorenko, Liu and Bhosle discloses the missing limitations from the combination of Kotian, Fedorenko and Liu.

Regarding to Claim 2, the rejection of Claim 1 is incorporated and further the combination of Kotian, Fedorenko, Liu and Bhosle discloses: wherein the first and second scripts are functionally independent from each other, written in different programming languages, or dependent on an output from a third script that is functionally independent from the first and second scripts (see [0005] from Fedorenko; “Each script may be written in a different programming language”).

Regarding to Claim 4, the rejection of Claim 1 is incorporated and further the combination of Kotian, Fedorenko, Liu and Bhosle discloses: wherein the workflow further contains an indication that the second script has been authorized to perform the at least one second function at the second computing device (see the analysis of Claim 1, the single workflow which contains those secured/trusted scripts would also contains an indication 

Regarding to Claim 5, the rejection of Claim 1 is incorporated and further the combination of Kotian, Fedorenko, Liu and Bhosle discloses: wherein the at least one first function is executed at the first computing component responsive to a request by the first user (see steps 406, 410 of Fig. 4, [0104] from Kotian; “At step 406, the plurality of scripts associated with the application are retrieved from the repository server 114 b based on the user selection” and “the plurality of scripts associated with the application stored in the repository server 114 b are validated by executing the plurality of scripts in the first database 110”. Also see Figs. 6, 8, [0036], [0050]-[0053] from Fedorenko; “each script within the workflow must be executed on separate data processing systems in a data center”. The system administrator or the first user writes the scripts and submits the scripts for merging into workflow for executing the each script in corresponding data processing system, and thus the script is executed in response to a request by the system administrator or the first user).

Regarding to Claim 6, the rejection of Claim 1 is incorporated and further the combination of Kotian, Fedorenko, Liu and Bhosle discloses: wherein the at least one first script is received as an input from the first user (see step 406 of Fig. 4, [0104] from Kotian; “At step 406, the plurality of scripts associated with the application are retrieved from the repository server 114 b based on the user selection”. Also see Figs. 6, 7, 8 and [0036] from Fedorenko. The scripts to be executed later with the workflows are written and then received from a user).

Regarding to Claim 7, Claim 7 is a system claim corresponds to method Claim 1 and is rejected for the same reason set forth in the rejection of Claim 1 above.

Regarding to Claim 8, the rejection of Claim 7 is incorporated and further Claim 8 is a system claim corresponds to method Claim 2 and is rejected for the same reason set forth in the rejection of Claim 2 above.

Regarding to Claim 10, the rejection of Claim 7 is incorporated and further Claim 10 is a system claim corresponds to method Claim 4 and is rejected for the same reason set forth in the rejection of Claim 4 above.

Regarding to Claim 11, the rejection of Claim 7 is incorporated and further Claim 11 is a system claim corresponds to method Claim 5 and is rejected for the same reason set forth in the rejection of Claim 5 above.

Regarding to Claim 12, the rejection of Claim 7 is incorporated and further Claim 12 is a system claim corresponds to method Claim 6 and is rejected for the same reason set forth in the rejection of Claim 6 above.

Regarding to Claim 13, Claim 13 is a product claim corresponds to method Claim 1 and is rejected for the same reason set forth in the rejection of Claim 1 above.

Regarding to Claim 14, the rejection of Claim 13 is incorporated and further Claim 14 is a product claim corresponds to method Claim 2 and is rejected for the same reason set forth in the rejection of Claim 2 above.

Regarding to Claim 16, the rejection of Claim 15 is incorporated and further Claim 16 is a product claim corresponds to method Claim 4 and is rejected for the same reason set forth in the rejection of Claim 4 above.

Regarding to Claim 17, the rejection of Claim 15 is incorporated and further Claim 17 is a product claim corresponds to method Claim 5 and is rejected for the same reason set forth in the rejection of Claim 5 above.

Regarding to Claim 18, the rejection of Claim 13 is incorporated and further Claim 18 is a product claim corresponds to method Claim 6 and is rejected for the same reason set forth in the rejection of Claim 6 above.

Regarding to Claim 19, the rejection of Claim 13 is incorporated and further the combination of Kotian, Fedorenko, Liu and Bhosle discloses: wherein the first script is written in a language selected from at least one of BASH, PERL, Powershell, and Python (see [0045] from Fedorenko; “In an example of the first function of the workflow program, a first program is configured using BASH scripts and a second program is configured using PERL scripts”).

Claims 3, 9 and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Kotian (US PGPUB 20170052776 A1) in view of Fedorenko et al. (US PGPUB 20060248466 A1, hereafter Fedorenko), Liu et al. (US PGPUB 20130031639 A1, hereafter Liu) and Bhosle et al. (US Patent 8505106 B1, hereafter Bhosle) and further in view of Leung et al. (US PGPUB 20080098386 A1, hereafter Leung).
Kotian, Fedorenko, Liu and Leung were cited on the previous office action.

Regarding to Claim 3, the rejection of Claim 1 is incorporated and further the combination of Kotian, Fedorenko, Liu and Bhosle discloses: validating that the second script may be used to implement the at least one second function at the second computing component by identifying credentials associated with a [second] user requesting execution of the second script (see step 410 of Fig. 4, [0104] from Kotian, [0031], [0053] from Fedorenko, Figs. 2, 3, [0059]-[0060] and [0064] from Liu; “the plurality of scripts associated with the application stored in the repository server 114 b are validated by executing the plurality of scripts in the first database 110” and “each script within the workflow must be executed on separate data processing systems in a data center”. At the combination system, validating the second script is authorized to implement the second function at the second data processing system by executing a secured second script at the second data processing system which comprises a step of identifying credentials associated with the user requesting execution of the second script at the second data processing system), wherein the credentials associated with the [second] user are different than the credentials used to directly access the second computing component (see [0038] from Liu, [0033]-[0034], [0046] from Fedorenko; “When appropriate, the workflow program causes the first script to be executed on the first data processing system. When 
causing the second script to be executed at the second computing component without re-validation of the credentials associated with the [second] user (see the analysis of Claim 1. At the combination system, the merged single workflow contains the multiple secured/trusted scripts also contains corresponding indication of the corresponding script is authorized to perform corresponding function at corresponding data processing system, and thus the execution of corresponding secured/trusted scripts caused by the single workflow would be performed without a re-validation of the credentials associated with the user)

The combination of Kotian, Fedorenko, Liu and Bhosle does not disclose: the credentials associated with a second user requesting execution of the second script, i.e., the first script and the second script are associated with different users’ credentials.
However, Leung discloses: scripts are created per user manner, i.e., a corresponding script is associated with a corresponding user; in addition each user is associated with a user identifier (see [0046]; “create one logic script per user”. Also see [0045]; “associates a user identifier with each of the users identified in the software legend”).
It would have been obvious to one with ordinary skill, in the art before the effective filing date of the claim invention, to modify multiple scripts generation process by from the 
Thereby, the combination of Kotian, Fedorenko, Liu, Bhosle and Leung discloses: validating that the second script may be used to implement the at least one second function at the second computing component by identifying credentials associated with a second user requesting execution of the second script (see step 410 of Fig. 4, [0104] from Kotian, [0031], [0053] from Fedorenko, Figs. 2, 3, [0038], [0059]-[0060], [0064] from Liu, [0045]-[0046] from Leung; “the plurality of scripts associated with the application stored in the repository server 114 b are validated by executing the plurality of scripts in the first database 110”, “each script within the workflow must be executed on separate data processing systems in a data center”, “the authentication feature may include the use of a wide range of variables, credentials, and activities, for example, user ID”, “associates a user identifier with each of the users identified in the software legend” and “create one logic script per user”. At the combination system, validating the second script is authorized to implement the second function at the second data processing system for the second user having associated user ID/ credentials by executing a secured second script at the second data processing system which comprises a step of identifying credentials associated with the second user requesting execution of the second script at the second data processing system), wherein the credentials associated with the second user are different than the credentials used to directly access the second computing component (see [0038] from Liu, [0033]-[0034], [0046] from Fedorenko, [0045]-[0046] from Leung; “When appropriate, the workflow program causes the first script to be executed on the first data processing system. When appropriate, the workflow program causes the second script to be executed on the second data processing system”. A corresponding script for a corresponding user contained in a single workflow is executed on its corresponding data processing system via the workflow instead of directly executed by the corresponding user of the corresponding script. Thereby, the credentials associated with the second user here at the combination system are different than the credentials used to directly access to the second data processing system); and
causing the second script to be executed at the second computing component without re-validation of the credentials associated with the second user (see the analysis of Claim 1, [0038] from Liu and [0045]-[0046] from Leung; “the authentication feature may include the use of a wide range of variables, credentials, and activities, for example, user ID”, “associates a user identifier with each of the users identified in the software legend” and “create one logic script per user”. At the combination system, the merged single workflow contains the multiple secured/trusted scripts for different users having different credentials also contains corresponding indication of the corresponding script is authorized to perform corresponding function at corresponding data processing system for corresponding user, and thus the execution of the second secured/trusted scripts caused by the single workflow would be performed without a re-validation of the corresponding credentials associated with the second user).

Regarding to Claim 9, the rejection of Claim 7 is incorporated and further Claim 9 is a system claim corresponds to method Claim 3 and is rejected for the same reason set forth in the rejection of Claim 3 above.

Regarding to Claim 15, the rejection of Claim 13 is incorporated and further Claim 15 is a product claim corresponds to method Claim 3 and is rejected for the same reason set forth in the rejection of Claim 3 above.

Response to Arguments
Applicant’s arguments, filled 11/30/2020, with respect to rejections of Claims 1-19 under 35 U.S.C. 103 have been full considered. New grounds of rejections are made based on the amended limitations.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Ekberg et al. (US PGPUB 20100325427 A1) discloses: a flag is set based on validation, and such flag grants future access to a service without performing a revalidation process (see Claim 14).
Votaw et al. (US PGPUB 20190014111 A1) discloses: an authorization token is generated after concluding a successful validation of access authority. Using such authorization token, repeated 
Arunachalam (US PGPUB 20130166622 A1) discloses: user permissions may be determined by user’s credentials, i.e., a user ID and password (see [0069]).
Hayton (US PGPUB 20140331060 A1) discloses: validating user’s credentials to confirm that the user is a validate system user with permissions to access resource or service (see [0091]).
Aiken et al. (US PGPUB 20060161783 A1) discloses: a set of credentials indicates permission levels for different applications (see [0033] and Claims 9, 17).


Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 


If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Emerson Puente can be reached on (571)272-3652.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


/Zhi Chen/
Patent Examiner, AU2196

/EMERSON C PUENTE/Supervisory Patent Examiner, Art Unit 2196