DETAILED ACTION
Continued Examination under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 11/30/2020, for application 15/375,593 has been entered.
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This Office Action is in response to the Amendment filed on 11/30/2020. In the instant amendment: Claims 1, 8 and 15 have been amended and claims 1, 8 and 15 are independent claims. Claims 1-20 have been examined and are pending. 
Examiner’s Notes: 
In attempt to promote compact prosecution, the examiner contacted applicant’s representative, Mr. Rory D. Rankin (Reg. No.: 47,884), via email on May 3, 2021 to discuss possible Examiner’s Amendment. However, the applicant and the examiner were unable to reach an agreement. 

Response to Arguments
Applicants' arguments in the instant Amendment, filed on 11/30/2020, with respect to limitations listed below, have been fully considered but they are not persuasive.
Applicant Argues: Potlapally and Kaplan do not teach “in response to detect a request to provision, in a secure environment, a guest virtual machine (VM), the system is configured to ... in response to receiving an indication, prior to executing the guest VM, that the first integrity value is valid” of amended claim 1. See Remarks at 12 (emphasis original). 
The examiner respectfully disagrees because these arguments are not persuasive. 
In the Advisory Action dated 11/18/2020, the Examiner explained that Potlapally FIG. 4, col. 12: 9-21 was analogous to FIGs 6-7 and ¶¶ [0047]-[0048] of the Specification (reproduced below for convenience). In fact, Applicant’s elaborate citation of Potlapally at page 11 of the Remarks further reinforces Examiner’s position that Potlapally teaches these embodiments. 
Turning now to FIG. 7, one embodiment of a method 700 for resuming a guest VM is shown. A system detects a request to resume a guest VM (block 705). In response to detecting the request, the system retrieves a stored integrity check value 20corresponding to the guest VM from a protected region of memory (block 710). The system also decrypts the encrypted guest register state of the guest VM and computes a new integrity check value from the guest register state (block 715). 

If the new integrity check value matches the stored integrity check value25(conditional block 720, "yes" leg), then the system restores the guest register state and resumes the guest VM (block 725). If the new integrity check value does not match the stored integrity check value (conditional block 725, "no" leg), then the system prevents the guest VM from being resumed (block 730). After blocks 725 and 730, method 700 ends. 
See Specification FIGs 6-7, ¶¶ [0047]-[0048] (emphasis added). 
is a new, pristine, “fresh” instance of the guest VM different from all prior instances, images or states of the guest VM, and that an integrity check was performed against such a “fresh” guest VM before its execution. The claim only requires “to provision…a guest virtual machine”—referring to a generic guest virtual machine that includes resuming (i.e., executing) an archived state of a guest VM. The claim need to adequately describe a “fresh” instance of guest VM and distinguish this “fresh” guest VM from Potlapally’s “archived initial state,” “archived terminal state” and/or “previously defined state” of the guest VM. See Potlapally FIGs 4, 8 and col. 12: 9-21; col. 13: 57-60; col. 23:3-10 (“[V]irtualization module 160 may be configured to initialize the virtual machine(s) 200 according to the archived initial state. In various embodiments, archiving the initial state may include generating hash measurements of the state of the computation (e.g., at one or more checkpoints in the computation). In some embodiments, the hash measurements of the computation state can be compared to the recorded hash measurements at each checkpoint. Based on the comparison, the system can identify when any checkpoint in the process has failed to match and can thus provide information about which portions of the process of the repeatable computation have been successfully repeated and which have not.”) (emphasis added). As Potlapally teaches comparing hash values of archived initial or other states of the VM prior to launching or completing VM computations, Potlapally in view of Kaplan teach the amended claim 1. 
Furthermore, applicant alleges that Colsea does not teach “store the second integrity check value in a protected region of the memory inaccessible to a hypervisor” of See Remarks at 14 (emphasis original). Contrary to these assertions, Colsea explains that “a protected storage module (PSM) 30 [is] configured to securely store sensitive information. Such a PSM may comprise a persistent memory configured so that software executing on the respective client system may not overwrite a content of the persistent memory.” See Colsea ¶ [0034] (emphasis added). Accordingly, Colsea teaches “store the second integrity check value in a protected region of the memory inaccessible to a hypervisor” of claim 6.
In conclusion, applicant’s argument are unpersuasive and the rejection of claim 1 is maintained. Similarly, rejection of independent claims 8 and 15, which recite similar matter to claim 1, is also maintained.  

Claim Rejection- 35 U.S.C. § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness
rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 5, 8, and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Potlapally et al., (“Potlapally,” US 9294282 patented Mar. 22, 2016) in view of Kaplan et al. (“Kaplan,” US 20150248357, published Sept. 3, 2015).  
Regarding claim 1, Potlapally discloses a secure virtual machine system, comprising: 
Potlapally FIG. 1, col. 5: 12-16. An example of a system that may be configured to implement virtualized computing is illustrated in FIG. 1. In the illustrated embodiment, physical system 100, such as may be implemented on a host computing device 101, includes a processor 110 coupled to a system memory 120.); 
wherein in response to detecting a request to provision, in a secure environment, a guest virtual machine (VM), the system is configured to (Potlapally FIG. 4, col. 12: 25-31. For example, when requesting that a virtual machine 200 be created or initialized, via web services interface 230 or otherwise, a client might specify that the virtual machine 200 should be configured for repeatable computing.): 
compute a first integrity check value from the guest VM prior to executing the guest VM; in response to receiving an indication, prior to executing the guest VM, that the first integrity check value is valid (Potlapally FIG. 4, col. 12: 9-21; col. 13: 57-60, col. 23:3-10.   [V]irtualization module 160 may be configured to initialize the virtual machine(s) 200 according to the archived initial state. For example, the virtualization module may compare the hash measurements recorded during the original execution of the computation against the hash measurements obtained during the repeat of the computation in order to determine whether the results of the computation match. In various embodiments, archiving the initial state may include generating hash measurements of the state of the computation (e.g., at one or more checkpoints in the computation). In some embodiments, the hash measurements of the computation state can be compared to the recorded hash measurements at each checkpoint. Based on the comparison, the system can identify when any checkpoint in the process has failed to match and can thus provide information about which portions of the process of the repeatable computation have been successfully repeated and which have not. [Note that the system can compare hash of both initial and other states of a VM].); 
in response to detecting a request to exit the guest VM (Potlapally FIG. 4, col. 14: 38-42. At some point, the repeatable computation terminates (block 408). For example, termination may occur upon notification by the client, upon the occurrence of some client defined event (e.g., the termination of a particular application 245), or according to some other circumstance.)): 
compute a second integrity check value based at least in part on a guest register state of the guest VM (Potlapally FIG. 4, col. 15: 4-9. In at least some embodiments, the terminal state of the identified resources may be archived by including a hash measurement of the state of the computing environment produced. The hash measurement may be signed using a crypto graphic key embedded in the TPM to ensure that the state of the device is accurate and verifiable, as previously described.);  and 
encrypt, by the memory controller with the first encryption key [unique to the guest VM], at least a portion of the guest register state of the of the guest VM when storing the guest register state to the memory (Potlapally FIG. 4, col. 15: 4-9. In at least some embodiments, the terminal state of the identified resources may be archived by including a hash measurement of the state of the computing environment produced. The hash measurement may be signed using a crypto graphic key embedded in the TPM to ensure that the state of the device is accurate and verifiable, as previously described.). 
Potlapally does not explicitly disclose: 
unique to the guest VM into the memory controller in a manner that prevents a hypervisor from accessing the encryption key; and initiate execution of the guest VM, wherein initiating said execution comprises encrypting the guest VM, by the memory controller, with the first encryption key when storing the guest VM in the memory. 
However, in an analogous art, Kaplan discloses a system wherein: 
load, by a security processor of the one or more processors, a first encryption key unique to the guest VM into the memory controller in a manner that prevents a hypervisor from accessing the encryption key (Kaplan FIG. 2, [0019] . For example, in some embodiments, the encryption module stores a unique key for each VM being executed by the processor. In some scenarios, the keys for the VMs can be generated by a security module separate from processor cores of the processing system, so that software executing at the processor cores, including the hypervisor, cannot access the keys.)
and initiate execution of the guest VM, wherein initiating said execution comprises encrypting the guest VM, by the memory controller, with the first encryption key when storing the guest VM in the memory (Kaplan FIG. 2, [0035] [A] VM is registered as follows: the VM owner establishes a secure communication channel (not shown at FIG. 2) with the security module 130. An identification value, designated a “VMID' and a security key, designated a “VMKEY', are generated for the VM. This generation can be done at the security module 130. The security module 130 ensures that each of the VMKEY and VMID values are unique to the corresponding VM. The VM owner encrypts an image of the corresponding VM and provides it to the hypervisor 252, which stores the encrypted image as secure data at the memory 120. Thus, in the illustrated example, the secure information 225 includes the VM image for the VM250.). 
Therefore, it would have been obvious to one of ordinary skill in the art on or before the effective filing date of the claimed invention to combine the teachings Kaplan with the teachings of Potlapally to include: load, by a security processor of the one or more processors, a first encryption key unique to the guest VM into the memory controller in a manner that prevents a hypervisor from accessing the encryption key, to provide users with a means for securing execution of virtual machines through where the hypervisor cannot access the virtual machine encryption key. (See Kaplan [0019]).
Regarding claim 5, Potlapally and Kaplan disclose the VM system of claim 1. 
Potlapally discloses a remote computer (Potlapally co. 5: 63-67; col. 6: 1-3. For example, in the context of the Amazon Elastic Compute Cloud (EC2) service, individual virtual machines 200 may correspond to “instances, and the state of various virtual machines 200 (e.g., their applications, data, and configuration) may correspond to Amazon Machine Images” or AMIs.). 
Kaplan further discloses wherein the guest VM is an encrypted VM on a remote computer (Kaplan FIG. 1, [0018]. Because the VMs may be executed by distinct users (e.g. different customers), it is desirable that the VMs be isolated from each other such that oneVM cannot access the information (instructions and data) employed by anotherVM. [T]he encryption module of the memory controller is employed to cryptographically protect the information of each VM from access by the hypervisor or by other executing VMS..).
Kaplan FIG. 2, [0035] [A] VM is registered as follows: the VM owner establishes a secure communication channel (not shown at FIG. 2) with the security module 130. An identification value, designated a “VMID' and a security key, designated a “VMKEY', are generated for the VM. This generation can be done at the security module 130. The security module 130 ensures that each of the VMKEY and VMID values are unique to the corresponding VM. The VM owner encrypts an image of the corresponding VM and provides it to the hypervisor 252, which stores the encrypted image as secure data at the memory 120. Thus, in the illustrated example, the secure information 225 includes the VM image for the VM250.).
The motivation is the same as that of claim 1 above. 
Regarding claim 8, claim 8 is directed to a method corresponding to the virtual machine system of claim 1. Claim 8 is similar in scope to claim 1 and is therefore rejected under similar rationale. 
Regarding claim 15, claim 15 is directed to a non-transitory computer readable storage medium corresponding to the virtual machine system of claim 1. Claim 15 is similar in scope to claim 1 and is therefore rejected under similar rationale. 
Claims 2, 4, 6, 9, 11, 12, 13, 16, 18, 19 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Potlapally et al., (“Potlapally,” US 9294282 patented Mar. 22, 2016) in view of Kaplan et al. (“Kaplan,” US 20150248357, published Sept. 3, 2015) and Colsea et al. (“Colsea,” US 20160164880, published June 9, 2014).  
Regarding claim 2, Potlapally and Kaplan disclose the VM system of claim 1. Potlapally further discloses the system is further configured to: to detecting a request to exit the guest VM (Potlapally FIG. 4, col. 14: 38-42. At some point, the repeatable computation terminates (block 408). For example, termination may occur upon notification by the client, upon the occurrence of some client defined event (e.g., the termination of a particular application 245), or according to some other circumstance.)), the system is further configured to:
 store a second portion of the set of [VMCBs] in an unencrypted state (Potlapally col. 15: 10-17. In the illustrated embodiment, virtualization module 160 may be configured to capture the state of virtual machine 200 within storage 500 as terminal state 504. Virtualization module may also be configured to copy the state of other elements for storage within terminal state 504, such as virtual network 210 and/or virtual storage 220 (not shown in FIG. 5B). [Note signing the hash of the terminal state is optional].) .
Kaplan further discloses encrypt, by the memory controller with the first encryption key unique to the guest VM (Kaplan FIG. 2, [0019] . For example, in some embodiments, the encryption module stores a unique key for each VM being executed by the processor. In some scenarios, the keys for the VMs can be generated by a security module separate from processor cores of the processing system, so that software executing at the processor cores, including the hypervisor, cannot access the keys.); 
a set of intercept indications indicating whether a processor is to intercept a corresponding event (Kaplan [0043]. In other embodiments, the processing system 102 may designate or reserve particular VM tag values for DMA requests, and any attempt by a DMA request to access secure information corresponding to a different VM tag may cause generation of an error notification at the processing system 102. This ensures that DMA requests cannot be use. [Note “intercept events can be faults, interruptions, or other instructions.” See Specification at [0033]] ). 
Potlapally and Kaplan do not explicitly disclose:
a first portion of a set of virtual machine control blocks (VMCBs), wherein the VMCBs comprise: the guest register state of the guest VM. 
However, in an analogous art, Colsea discloses a first portion of a set of virtual machine control blocks (VMCBs), wherein the VMCBs comprise: the guest register state of the guest VM (Colsea [0050]-[0051]. Such setting up may include, among others, configuring virtualized hardware devices of secure VM 52, and setting up data structures used by hypervisor 40 to manage execution of VM 52. Some client systems use a virtual machine state object (VMSO) to represent the current state of each virtualized processor exposed on the respective client system. Exemplary VMSOs include the virtual machine control structure (VMCS) on Intel(R) platforms, and the virtual machine control block (VMCB) on AMDR) platforms. In some embodiments, the guest-state area of the VMSO includes contents of the control registers (e.g., CRO, CR3, etc.), instruction pointer (e.g., RIP), general-purpose registers (e.g., EAX, ECX, etc.), and status registers (e.g., EFLAGS) of the virtual processor of the respective guest VM, among others.). 
Therefore, it would have been obvious to one of ordinary skill in the art on or before the effective filing date of the claimed invention to combine the teachings of Colsea with the teachings of Potlapally and Kaplan to include: a first portion of a set of virtual machine control blocks (VMCBs), wherein the VMCBs comprise: the guest See Colsea [0050]).
Regarding claim 4, Potlapally, Kaplan and Colsea disclose the VM system of claim 2. Colsea further discloses wherein the hypervisor communicates with the guest VM through the unencrypted state of the second portion of VMCBs (Colsea [0050]. Hypervisor 40 may then proceed to set up secure VM 52 (step 222). Such setting up may include, among others, configuring virtualized hardware devices of secure VM 52, and setting up data structures used by hypervisor 40 to manage execution of VM 52. Some client systems use a virtual machine state object (VMSO) to represent the current state of each virtualized processor exposed on the respective client system. Exemplary VMSOs include the virtual machine control structure (VMCS) on Intel(R) platforms, and the virtual machine control block (VMCB) on AMDR) plat forms [note VMCB’s does not have to be encrypted.].). 
The motivation is the same as that of claim 2 above. 
Regarding claim 6, Potlapally, Kaplan and Colsea disclose disclose the VM system of claim 4.  
Colsea discloses a secure VM system, wherein the system is further configured to: 
store the second integrity check value in a protected region of the memory inaccessible to a hypervisor; and 3 / 17Application Serial No. 15/375,593 - Filed December 12, 2016in response to detecting a request to resume the guest VM, validate the second integrity check value prior to restoring, with a second encryption key [unique to the guest VM], the guest register state from the encrypted guest register state stored in the memory (Colesa [0034], [0081]. [A] protected storage module (PSM) 30 [is] configured to securely store sensitive information. Such a PSM may comprise a persistent memory configured so that software executing on the respective client system may not overwrite a content of the persistent memory. In one exemplary embodiment, a step 342 checks the integrity of hypervisor 40, for instance by loading hypervisor 40 into memory, computing a hash of a memory image of hypervisor 40, and comparing the hash to a reference hash of hypervisor 40 stored in protected storage module 30 (such a reference hash may be determined upon installation of hypervisor 40 [i.e. the state of the hypervisor prior to the current launch]). A hash match may indicate that the image loaded in memory is identical to the original image loaded at installation, thus confirming the integrity of hypervisor 40. A hash mismatch typically indicates that hypervisor 40 has been tampered with, usually by malware. When integrity is confirmed, a step 348 may launch hypervisor 40 into execution. When hypervisor 40 does not pass the integrity check, for instance if the hash computed in step 342 does not match the reference hash of hypervisor 40 stored in protected storage module 30, a step 346 may take anti-malware measures. Such as alerting a user of client system 12 and/or blocking or otherwise restricting further execution of secure VM launch module 60. [For unique key, see Kaplan [0019]]). 
Therefore, it would have been obvious to one of ordinary skill in the art on or before the effective filing date of the claimed invention to combine the teachings of Colesa with the teachings of Potlapally and Kaplan to include: store the second integrity check value in a protected region of the memory inaccessible to a hypervisor; and 3 / 17Application Serial No. 15/375,593 - Filed December 12, 2016in response to detecting a request to resume the guest VM, validate the second integrity check value prior to restoring, with a second encryption key unique to the guest VM, the See Colesa [0081].)
Regarding claim 9, claim 9 is directed to a method corresponding to the virtual machine system of claim 2. Claim 9 is similar in scope to claim 2 and is therefore rejected under similar rationale.
Regarding claim 11, claim 11 is directed to a method corresponding to the virtual machine system of claim 4. Claim 11 is similar in scope to claim 4 and is therefore rejected under similar rationale.
Regarding claim 12, Potlapally, Kaplan and Colsea disclose the method of claim 11. Potlapally further discloses a remote computer (Potlapally co. 5: 63-67; col. 6: 1-3. For example, in the context of the Amazon Elastic Compute Cloud (EC2) service, individual virtual machines 200 may correspond to “instances, and the state of various virtual machines 200 (e.g., their applications, data, and configuration) may correspond to Amazon Machine Images” or AMIs.). 
Kaplan further discloses wherein the guest VM is an encrypted VM on a remote computer (Kaplan FIG. 1, [0018]. Because the VMs may be executed by distinct users (e.g. different customers), it is desirable that the VMs be isolated from each other such that oneVM cannot access the information (instructions and data) employed by anotherVM. [T]he encryption module of the memory controller is employed to cryptographically protect the information of each VM from access by the hypervisor or by other executing VMS..).
the request to provision is a request to provision the guest VM on the remote computer in the secure environment (Kaplan FIG. 2, [0035] [A] VM is registered as follows: the VM owner establishes a secure communication channel (not shown at FIG. 2) with the security module 130. An identification value, designated a “VMID' and a security key, designated a “VMKEY', are generated for the VM. This generation can be done at the security module 130. The security module 130 ensures that each of the VMKEY and VMID values are unique to the corresponding VM. The VM owner encrypts an image of the corresponding VM and provides it to the hypervisor 252, which stores the encrypted image as secure data at the memory 120. Thus, in the illustrated example, the secure information 225 includes the VM image for the VM250.).
The motivation is the same as that of claim 11 above. 
Regarding claim 13, claim 13 is directed to a method corresponding to the virtual machine system of claim 6. Claim 13 is similar in scope to claim 6 and is therefore rejected under similar rationale. 
Regarding claim 16, claim 16 is directed to a non-transitory computer readable storage medium corresponding to the virtual machine system of claim 2. Claim 16 is similar in scope to claim 2 and is therefore rejected under similar rationale. 
Regarding claim 18, claim 18 is directed to a non-transitory computer readable storage medium corresponding to the virtual machine system of claim 4. Claim 18 is similar in scope to claim 4 and is therefore rejected under similar rationale. 
Regarding claim 19, claim 19 is directed to a non-transitory computer readable storage medium corresponding to the method of claim 12. Claim 19 is similar in scope to claim 12 and is therefore rejected under similar rationale. 
Regarding claim 20, claim 20 is directed to a non-transitory computer readable storage medium corresponding to the virtual machine system of claim 6. Claim 20 is similar in scope to claim 6 and is therefore rejected under similar rationale. 
Claims 3, 10, and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Potlapally et al., (“Potlapally,” US 9294282 patented Mar. 22, 2016) in view of Kaplan et al. (“Kaplan,” US 20150248357, published Sept. 3, 2015) and Alexander et al. (“Alexander,” US 20170171164, filed Dec. 14, 2015). 
Regarding claim 3, Potlapally and Kaplan disclose the system of claim 1. Potlapally and Kaplan do not explicitly disclose: wherein the system receives the indication that the first integrity check value is valid from an owner of the encrypted guest VM. 
However, in an analogous art, Alexander discloses a system, wherein the system receives the indication that the first integrity check value is valid from an owner of the encrypted guest VM (Alexander [0075], [0080]. The HMC 710 further instructs the hypervisor to deploy the virtual server 15A using a preconfigured boot image, as shown at block 830. For example, the HMC 710 configures the boot image to encrypt the data within the virtual server 15A using a predetermined encryption key and/or encryption scheme, as shown at block 832. [I]nitialization, the HMC 710 validates the hypervisor and boot-image being deployed, Such as by comparing a hash value of the hypervisor and/or the boot-image with predetermined hash value.). 
Therefore, it would have been obvious to one of ordinary skill in the art on or before the effective filing date of the claimed invention to combine the teachings of Alexander with the teachings of Potlapally and Kaplan to include: wherein the system receives the indication that the first integrity check value is valid from an owner of the encrypted guest VM, to provide users with a means for launching a secure, encrypted guest VM upon a successful validation of a predetermined hash value. (See Alexander [0080]). 
Regarding claim 10, claim 10 is directed to a method corresponding to the virtual machine system of claim 3. Claim 10 is similar in scope to claim 3 and is therefore rejected under similar rationale. 
Regarding claim 17, claim 17 is directed to a non-transitory computer readable storage medium corresponding to the virtual machine system of claim 3. Claim 17 is similar in scope to claim 3 and is therefore rejected under similar rationale. 



Claims 7 and 14 are rejected under 35 U.S.C. 103 as being unpatentable over Potlapally et al., (“Potlapally,” US 9294282 patented Mar. 22, 2016) in view of Kaplan et al. (“Kaplan,” US 20150248357, published Sept. 3, 2015), Colsea et al. (“Colsea,” US 20160164880, published June 9, 2014) and Neiger et al. (“Neiger,” US 20060005084, published Jan. 5, 2006).  
Regarding claim 7, Potlapally, Kaplan and Colsea disclose the VM system of claim 4. Potlapally, Kaplan, and Colea does not explicitly disclose: wherein the set of 
 However, in an analogous art, Neiger further discloses wherein the set of intercept indications identifies: fault, interrupt, exception and trap events that are enabled for the guest VM detected (Neiger [0040]. [P]roces 200 begins with processing logic detecting an initial fault (referred to as fault 1) during operation of a VM (processing block 202). At processing block 204, processing logic stores fault information, [which may] includes information identifying the fault such as a fault identifier and a fault type (e.g., external interrupt, internal interrupt, NMI, exception, etc.) and, in one embodiment, also an error code and/or other information associated with the fault); and 
a mechanism for exiting the guest VM if an enabled event is detected (Neiger [0041]. At decision block 206, processing logic determines whether fault n is associated with a VM exit (i.e., a corresponding execution control indicator is set to a VM exit value to require that fault n cause a VM exit). If fault n is associated with a VM exit, processing logic generates a VM exit (processing block 210). 
Therefore, it would have been obvious to one of ordinary skill in the art on or before the effective filing date of the claimed invention to combine the teachings of Neiger with the teachings of Potlapally, Kaplan and Colsea to include: wherein the system receives the indication that the first integrity check value is valid from an owner of the encrypted guest VM, to provide users with a means for analyzing the type of VM machine faults during VM launching or exiting. (See Neiger [0040]
Regarding claim 14, claim 14 is directed to a method corresponding to the virtual machine system of claim 7. Claim 14 is similar in scope to claim 7 and is therefore rejected under similar rationale. 


Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to EDWARD LONG whose telephone number is (571)272-8961. The examiner can normally be reached on Monday to Friday, 9 AM - 6 PM EST (Alternate Fridays).
If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, Luu Pham can be reached on 571 270 5002. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like 



/EDWARD  LONG/
Examiner, Art Unit 2439



/LUU T PHAM/           Supervisory Patent Examiner, Art Unit 2439