DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This office action is in response to amendments filed 19 April 2021.
Claims 1-4, 6-12, and 14-20 are pending. Claims 5, and 13 are cancelled.

Response to Arguments
Applicant’s arguments, see page 8 of the remarks filed 19 April 2021, with respect to the rejections made to claims 7, and 15 under 35 U.S.C. 112b have been fully considered and are persuasive. The rejections have been withdrawn. 

Applicant’s arguments, see pages 9-12 of the remarks filed 19 April 2021, with respect to the rejections made to claims 1, 9, and 17 under 35 U.S.C. 103 have been fully considered but are moot because the arguments do not specifically challenge the new reference (Mohamed, cited below) applied to the limitations at issue. Further, the applicant alleges on page 11 of the remarks that “’itself’ in the statement ‘authenticates itself with a remote entity’ is not the bootloader agent, but the enclave.” However, the examiner would point out that Roth teaches that the same entity that “authenticates itself with a remote entity” further “retrieves encrypted code…and executes the decrypted code” ([0082], Lines 9-16). Since the bootloader performs the steps of retrieving encrypted code through downloading, and executing decrypted code (see for example, [0026], Lines 1-6), it is clear that “itself” refers to the bootloader agent, and not to the enclave as the applicant alleges, as the enclave does not go on to perform retrieval of encrypted code nor does it execute decrypted code. Nowhere does Roth teach that the enclave retrieves encrypted code and executes decrypted code.

Applicant’s arguments, see page 12 of the remarks filed 19 April 2021, with respect to the rejections made to claims 2-4, 6-8, 10-12, 14-16, and 18-20 under 35 U.S.C. 103 have been fully considered but are not persuasive because claims 1, 9, and 17 are not allowable, and thus, their dependent claims are not allowable for the same rationale.

Applicant’s additional arguments, see pages 12-14 of the remarks filed 19 April 2021, with respect to the rejections made to claims 7, and 15 under 35 U.S.C. 103 have been fully considered and are persuasive. The rejections have been withdrawn. 

Claim Objections
Claims 1, 9, and17 are objected to because of the following informalities (line numbers correspond to claim 1): In line 8, “interfaces” should read “interfaces with”.  Appropriate correction is required.

Allowable Subject Matter
Claims 7, and 15 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims, and if the objections to the claims are resolved.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-3, 9-11, and 17-19 is/are rejected under 35 U.S.C. 103 as being unpatentable over Roth et al. Pub. No.: US 2018/0232517 A1 (hereafter Roth), in view of Bollay et al. Patent No.: US 8,856,308 B1 (hereafter Bollay), in view of Mohamed et al. Pub. No.: US 2013/0111460 A1 (hereafter Mohamed), in view of Lam et al. Patent No.: US 6,272,677 B1 (hereafter Lam).

Roth, Bollay, and Lam were cited in the previous PTO-892 dated 19 January 2021.

Regarding claim 1, Roth teaches the invention substantially as claimed, including:
A computer-implemented method for managing a monitoring agent ([0080], Lines 1-3: FIG. 5 is a flow chart illustrating an example of a process 500 for installation and operation of a monitoring agent in accordance with various embodiments) in an operating system of a virtual computing instance ([0036], Lines 14-16: Customers may run an operating system and/or applications (i.e., the monitoring agent described above) on the virtual machines of the customer), the method comprising: 
initiating a startup process of the operating system of the virtual computing instance ([0080], Lines 10-13: In 502, an instance is started such as a virtual machine instance of a virtual computer system service of a computing resource service provider (i.e., starting a virtual machine instance starts the operating system of the virtual machine instance)); 
…starting a monitoring agent lifecycle service of the monitoring agent ([0026], Lines 1-6: The enclave 112 of the present disclosure may further have a monitoring agent 114 in the form of executable code (i.e., monitoring agent “core”) for monitoring activity of applications within the enclave 112, and, in some embodiments, may have a bootloader agent 116 (i.e., “monitoring agent lifecycle service”) for installing and launching the monitoring agent 114)… 
registering the monitoring agent lifecycle service as an agent with an external service ([0083], Lines 9-16: A bootloader agent is executed by processors in memory of a computer system to establish the enclave with the code that generates cryptographic key material, authenticates itself with a remote entity, retrieves encrypted code from the remote entity for running the monitoring agent that may be decrypted using some of the generated cryptographic key material, and executes the decrypted code (i.e., in authenticating itself with the remote entity prior to downloading the code for running the monitoring agent, the bootloader agent is known to, or “registered” with the remote entity, thereby allowing the bootloader agent to be authenticated by the remote entity))…; 
after the monitoring agent lifecycle service has been registered with the external service, downloading and installing…a monitoring agent core of the monitoring agent from the external service to the virtual computing instance by the monitoring agent lifecycle service ([0081], Lines 1-3: In 504, the system performing the process 500 receives a request to monitor the instance using a monitoring agent (i.e., the monitoring agent is requested, or “needed”). [0083], Lines 1-11: In 508, the monitoring agent may be installed within the enclave…In some embodiments, a bootloader agent is i.e., “downloading”) that may be decrypted…and executes the decrypted code (i.e., code for running a monitoring agent is downloaded and installed by the bootloader agent 116 into an enclave). [0094], Lines 5-14: The monitoring agent 702…may be instantiated as part of the virtual machine instance 710. An advantage of running the monitoring agent 702 within the enclave 704 as a part of the virtual machine instance 710 may be that enclave 704 provides assurances that the monitoring agent 702 cannot be viewed or tampered with by outside entities (i.e., monitoring agents are downloaded and installed within enclaves that are themselves within virtual machine instances)); and 
performing a monitoring operation of the virtual computing instance by the monitoring agent core of the monitoring agent ([0084], Lines 1-3: In 510, the system performing the process 500 determines whether the monitoring agent is properly monitoring the instance (i.e., execution of the decrypted code in the previous step causes the monitoring agent to perform monitoring operations on the virtual machine instance)).

While Roth teaches starting up a virtual machine instance and starting a bootloader agent that downloads and installs a monitoring agent, Roth does not explicitly disclose:
as part of the startup process of the operating system, starting a monitoring agent lifecycle service of the monitoring agent in the virtual computing instance.

However, Bollay teaches:
as part of the startup process of the operating system, starting a monitoring agent lifecycle service of the monitoring agent in the virtual computing instance (Column 4, Lines 46-47: As used herein the term “agent installer” (i.e., “monitoring agent lifecycle service”) refers to a program or application that is arranged to install agents on hosts (i.e., virtual machines (Column 4, Lines 1-3) or “virtual computing instances” including guest operating systems (see Column 3, Lines 52-61)). Column 4, Lines 17-22: Agents may be arranged to provide a variety of network management services for nodes in a floating network, including…network application monitoring (i.e., agent installers install “monitoring agents”). Column 26, Lines 17-24: If the host is a cloud instance, the agent installer may be previously installed as part of the software image that is used for provisioning the cloud instance (i.e., agent installer is installed in the virtual machine hosts)…when the cloud instance or virtual machine boots up, or is otherwise activated, the agent installer may execute (i.e., agent installers execute as part of the booting of the virtual machine. Booting “loads and starts the computer’s more complicated operating system and prepares it for use” (see Microsoft Computer Dictionary Fifth edition “boot1” page 69) and therefore, a boot process of a virtual machine includes “starting” the guest operating system of the virtual machine)).

It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to have simply substituted the agent installers of Bollay which execute during a startup process of an operating system of a virtual machine, with the bootloader agent of Roth, to arrive at the claimed limitation of executing a bootloader agent to download and install a monitoring agent within an enclave of a virtual machine during a startup process of an operating system of a virtual machine, since 1) Roth contains a bootloader agent that downloads and installs a monitoring agent into an enclave of a virtual machine, which differs from the claimed device in that it does not explicitly recite that the bootloader agent executes during startup of the virtual machine operating system, 2) Bollay’s agent installers install monitoring agents into virtual machines during startup of a guest operating system of a virtual machine, and 3) one of ordinary skill in the art could have substituted the agent installers of Bollay with the bootloader agents of Roth, since they are analogous elements that perform a similar functions of downloading/installing agents into virtual machines, to arrive at the predictable result of a bootloader agent that executes as part of the booting of a guest operating system to download and install a monitoring agent into a virtual machine (see MPEP 2143(B)).


While Roth teaches registering, or authenticating a bootloader agent with a remote entity that provides encrypted code to the bootloader agent to run monitoring agents within enclaves, and Bollay teaches an agent installer running in a virtual computing instance, the combination of Roth and Bollay does not explicitly disclose:
registering the monitoring agent lifecycle service as an agent with an external service an external service that interfaces and supports multiple monitoring agents using credentials for the monitoring agent lifecycle service;

However, Mohamed teaches:
registering the [agent lifecycle service] as an agent with an external service that interfaces and supports multiple [agents] using credentials for the [agent lifecycle service] ([0004], Lines 1-22: The installation of applications (i.e., “agents”, such as the monitoring agents described in Roth above) on computing devices is known…a user interacts with an application store (i.e., “external service”) to browse applications and select one or more of the applications for installation on the mobile device (i.e., app store interfaces/supports multiple applications)…The user may be asked for credentials for an account that may be charged for the downloading of the application…Upon providing the credentials and confirmation(s), if any, a downloader agent (i.e., “agent lifecycle service”, such as the monitoring agent lifecycle service of Roth above) on the mobile device authenticates with the application store (i.e., “external service”, which the downloader agent is authenticated, or “registered” with as an agent, and which supports multiple ) and downloads an application package for the application);

It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to have combined Mohamed’s teaching of a downloader agent application that registers itself with an external application store supporting multiple different applications using user provided credentials before downloading an application, with the combination of Roth and Bollay’s teaching of registering a monitoring agent lifecycle service agent with an external service that retrieves and executes a monitoring agent, with a reasonable expectation of success, since they are analogous application retrieval systems. Such a combination results in a system having a bootloader agent, as in the combination of Roth and Bollay, which authenticates itself with an external app store supporting a plurality of apps using credentials. One of ordinary skill would have been motivated to make this combination to ensure that only authorized users having requisite credentials are authorized to download certain applications using the downloader agent, ensuring that a user account remains secure.

While Roth teaches downloading and installing a monitoring agent core in a virtual computing instance, the combination of Roth, Bollay, and Mohamed does not explicitly disclose:
downloading and installing a latest version of a monitoring agent core of the monitoring agent from the external service.

However, Lam teaches:
downloading and installing a latest version of a [agent core] of the [agent] from the external service (Column 3, Lines 38-41: The automatic detection and distribution of updated code version level for an agent system in accordance with an exemplary embodiment of the present invention is described with reference to the flow diagram of FIG. 2 (i.e., detection of an updated, or “latest” code version causes the distribution, or “downloading and installing” of the updated version from an “external” server (See Column 4, Lines 4-6) to a Java Virtual Machine. See Fig. 1B, Java Virtual Machine 1 (14), or Java Virtual Machine 2 (16))).

It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to have combined Lam’s teaching of downloading and installing an upgrade to the level of code of an agent executing within a JVM, with the combination of Roth, Bollay, and Mohamed’s teaching of a VM executing a monitoring agent, with a reasonable expectation of success, since they are analogous virtualized systems that similarly execute agent programs within virtual machines. Such a combination would result in a system that ensures that a bootloader agent operating within a virtual machine to download a monitoring agent core, as in Roth, detects and downloads an updated, or latest version of the monitoring agent core, as in Lam. One of ordinary skill would have been motivated to make this combination so that agents can be updated to be ready to properly respond to requests (Lam Column 4, Lines 35-40).

Regarding claim 2, Roth teaches:
after the monitoring agent core has been installed and running in the virtual computing instance, shutting down the monitoring agent lifecycle service of the monitoring agent in the virtual computing instance ([0064], Lines 6-14: The hypercall may cause executable code of a bootloader agent to be written to a memory of host computers system or memory allocated to the virtual machine instance. In this example, when the executable code is executed, it may cause the instantiation of an enclave and the installation and the launching of the monitoring agent within the enclave. In some of these embodiments, the executable code may then be erased after the enclave is created and the monitoring agent is launched (i.e., erasing executable code of the bootloader agent causes the bootloader agent to stop executing, or to “shut down”)). 

Regarding claim 3, Bollay teaches:
starting a bootstrap program of the operating system, wherein the monitoring agent lifecycle service is bundled in the bootstrap program (Column 26, Lines 22-24: When the cloud instance or virtual machine boots up, or is otherwise activated, the agent installer may execute (i.e., execution of the agent installer is part of, or “bundled” with the booting of the guest operating system. A bootstrap loader, or “program” is typically “run when a computer is switched on (booted)” (see the Microsoft Computer Dictionary Fifth edition, “bootstrap loader”, page 69). Therefore, by booting a guest operating system, a bootstrap loader, or “program” is started to boot the guest operating system and execute the bundled agent installer)).  

Regarding claims 9-11, they are computer program product claims that contain limitations similar to those of method claims 1-3, respectively, and are therefore rejected for at least the same rationale. Roth further teaches the additional limitations of a non-transitory computer-readable storage medium containing program instructions for method...wherein execution of the program instructions by one or more processors of the computer system causes the one or more processors to perform steps (Claim 16, Lines 1-4: A non-transitory computer-readable storage medium having stored thereon executable instructions that, as a result of being executed by one or more processors of a computer system, cause the computer system to at least...).

Regarding claims 17-19, they are system claims that contain limitations similar to those of method claims 1-3 respectively, and are therefore rejected for at least the same rationale. Roth further teaches the additional limitations of memory; and at least one processor ([0136], Lines 11-22: Where a system includes computerized devices, each such device can include hardware elements... including, for example, a central processing unit...Such a system may also include storage devices, such as...random access memory).

Claims 4, 6, 12, and 14 are rejected under 35 U.S.C. 103 as being unpatentable over Roth, in view of Bollay, in view of Mohamed, in view of Lam, as applied to claims 1, and 9 above, and in further view of Iikura et al. Pub. No.: US 2016/0154665 A1 (hereafter Iikura).

Iikura was cited in the previous PTO-892 dated 19 January 2021.

Regarding claim 4, while Roth teaches a bootloader agent acting as a “monitoring agent lifecycle service”, the combination of Roth, Bollay, Mohamed and Lam does not explicitly disclose:
after the monitoring agent lifecycle service has been started, registering the monitoring agent lifecycle service as a startup service for the virtual computing instance. 

However, Iikura teaches:
after the monitoring agent lifecycle service has been started, registering the monitoring agent lifecycle service as a startup service for the virtual computing instance ([0057], Lines 1-5: The virtual machine creation instructing unit 117 of the management server 1 deploys the virtual machines 3 based on, for example, the template information 131 (i.e., template information defines services required to deploy, or “startup” a virtual machine) to which the description of the monitoring definition has been added. [0064], Lines 1-5: When the initial process executing unit 221 (i.e., “monitoring agent lifecycle service”) of a virtual machine 3 recognizes that the virtual machine 3 is a newly created virtual machine 3, the initial process executing unit 221 installs a monitoring agent in the new virtual i.e., during deployment of a new virtual machine, a monitoring agent lifecycle service is started to download and install a monitoring process based on a template). [0057], Lines 9-14: Furthermore, for example, the virtual machine creation instructing unit 117 stores the template information created by the template changing unit 116 as template information 231 in the information storage area 231 of the physical machine 2 (i.e., by storing the template information in an additional step after deployment, the virtual machine creation instructing unit “registers” the new template, including the associated initial process executing unit used to download/install the monitoring agent, with the physical machine 2 after the initial process executing unit is used to download/install the monitoring agent)).

It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to have combined Iikura’s teaching of registering a template associated with a monitoring agent and an initial process executing unit used to download/install the monitoring agent within a virtual machine, with the combination of Roth, Bollay, Mohamed, and Lam’s teaching of downloading/installing a monitoring agent within a virtual machine using a bootlogger agent, with a reasonable expectation of success, since they are analogous virtualized systems that similarly detail the downloading and installation of monitoring agents within virtual machines. Such a combination results in a system that downloads and installs a monitoring agent within a virtual machine using a bootlogger agent, as in Roth, and subsequently registering the monitoring agent and bootlogger agent as a template at a physical machine. One of ordinary skill would have been motivated to make this combination to maintain templates of virtual machines having registered therein necessary bootlogger agents and monitoring agents for use in quickly and simply constructing virtual machine systems (Iikura [0004]).

Regarding claim 6, while Roth teaches a bootloader agent acting as a “monitoring agent lifecycle service”, the combination of Roth, Bollay, Mohamed, and Lam does not explicitly disclose:
after the monitoring agent core has been downloaded, registering the monitoring agent core as a system startup service of the virtual computing instance. 

However, Iikura teaches:
after the monitoring agent core has been downloaded, registering the monitoring agent core as a system startup service of the virtual computing instance ([0057], Lines 1-5: The virtual machine creation instructing unit 117 of the management server 1 deploys the virtual machines 3 based on, for example, the template information 131 to which the description of the monitoring definition has been added (i.e., monitoring definition is based on monitoring design information that includes a specification of a necessary monitoring agent (see FIG.3)). [0064], Lines 1-5: When the initial process executing unit 221 of a virtual machine 3 recognizes that the virtual machine 3 is a newly created virtual machine 3, the initial process executing unit 221 installs a monitoring agent in the new virtual machine 3 (i.e., during deployment of a new virtual machine, a necessary monitoring agent is downloaded and installed by an initial process execution unit on the new virtual machine based on the template). [0057], Lines 9-14: Furthermore, for example, the virtual machine creation instructing unit 117 stores the template information created by the template changing unit 116 as template information 231 in the information storage area 231 of the physical machine 2 (i.e., by storing the template information in an additional step after deployment, the virtual machine creation instructing unit “registers” the new template, including the associated monitoring agent, with the physical machine 2 after the monitoring agent has been downloaded/installed as part of the initial startup of the virtual machine)).

It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to have combined Iikura’s teaching of registering a template associated with a monitoring agent and an initial process executing unit used to download/install the monitoring agent within a virtual machine, with the combination of Roth, Bollay, Mohamed, and Lam’s teaching of downloading/installing a monitoring agent within a virtual machine using a bootlogger agent, with a reasonable expectation of success, since they are analogous virtualized systems that similarly detail the downloading and installation of monitoring agents within virtual machines. Such a combination results in a system that downloads and installs a monitoring agent within a virtual machine using a bootlogger agent, as in Roth, and subsequently registering the monitoring agent and bootlogger agent as a template at a physical machine. One of ordinary skill would have been motivated to make this combination to maintain templates 

Regarding claims 12, and 14, they are computer program product claims that contain similar limitations to those of method claims 4, and 6, and are therefore rejected for at least the same rationale.

Claims 8, 16, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Roth, in view of Bollay, in view of Mohamed, in view of Lam, as applied to claims 1, 9, and 17 above, and in further view of Hoff et al. Pub. No.: US 2013/0263088 A1 (hereafter Hoff).

Hoff was cited in the previous PTO-892 dated 19 January 2021.

Regarding claim 8, while Roth teaches a monitoring application used to monitor an application of a virtual machine, the combination of Roth, Bollay, Mohamed and Lam does not explicitly disclose:
downloading and installing a plugin for collecting metrics of an application from the external service when the application is discovered to be running in the virtual computing instance. 

However, Hoff teaches:
downloading and installing a plugin ([0048], Lines 1-4: WebPI agent 534 uses libraries and an application programming interface (API) of the web platform installer to read the aggregated feed 318 to determine which dependencies and plugins to download and install) for collecting metrics of an application from the external service ([0031], Lines 21-25: Each of the plugins may have any suitable functionality. For instance, one or more of the plugins may perform diagnostic operations (e.g., monitoring for problem(s), identifying source(s) of problem(s), debugging, profiling, controlling, etc.) (i.e., collecting “metrics”) with respect to an application) when the application is discovered to be running in the virtual computing instance ([0003], Lines 4-9: The configuration information indicates that designated plugin(s) selected from one or more plugins, which are stored in a location that is accessible to deployed i.e., applications run within virtual machines (see [0075]). An agent plugin contains and runs the downloaded dynamic plugins (see [0028], and Fig. 5) in a similar way to how the claimed monitoring agent contains and runs the installed plugins illustrated in Fig. 3)). 

It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to have combined Hoff’s teaching of downloading a plugin to operate within an agent to monitor an application running within a virtual machine, with the combination of Roth, Bollay, Mohamed, and Lam’s teaching of using monitoring agents to monitor applications running within virtual machines, with a reasonable expectation of success, since they are analogous virtualized systems that similarly monitor applications running within virtual machines. Such a combination results in a system that uses an agent to monitor applications running in virtual machine, as in Roth, by downloading plugins that run within the agent, as in Hoff. One of ordinary skill would have been motivated to make this combination so that plugins may be utilized to add designated capabilities to software applications while reducing the size of the application itself (Hoff [0001]).

Regarding claims 16, and 20, they are computer program product and system claims respectively, which contain similar limitations to those of method claim 8, and are therefore rejected for at least the same rationale.

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to MICHAEL W AYERS whose telephone number is (571)272-6420.  The examiner can normally be reached on M-F 8:30-5 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Meng-Ai An can be reached on 5712723756.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/MICHAEL W AYERS/Examiner, Art Unit 2195