DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Arguments
Applicant's arguments filed 9/16/20 have been fully considered but they are not persuasive. Applicant discloses that the prior art, Zhang, does not disclose the features in claim 1. Examiner disagrees and maintains that the prior art, Zhang, discloses the features of accessing permissions that can be stored in a manner that they can be obtained if the component attempts to access the one or more accessible components, thereby allowing access to the one or more accessible components to be determined based on access permissions that are readily available (see Para. 0040 and 0049). 
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
Claims 1-3, 5-10, 12-17, 19-21 and are rejected under 35 U.S.C. 103 as being unpatentable over Zhang (US 20090271844) in view of Marino (US 9729579) in view of Asal (US 20060259764). 
As per claims 1, 8 and 15, Zhang discloses a method comprising: 
receiving a container corresponding to executable code and permissions of the container to access resources of a computation environment (Zhang, Para. 0040, one or more accessible components (e.g., accessible resources) which a component may attempt to access are determined so that one or more access permissions can be stored in a manner that they can be obtained if the component attempts to access the one or more accessible components, thereby allowing access to the one or more accessible components to be determined based on access permissions that have already been determined.);
 in response to the receiving of the container, executing a container manager resident in a memory of the computation environment to verify the permissions of the container and verify authenticity of the container (Zhang, Para. 0049, an access monitoring component 102 becomes operable on the device (executing a container manager) when the component 106 is executing (in response to receiving the container) to calculate access permission of the component 106 (to verify the container); also Para. 0083), 
wherein the container manager is verified by a boot loader of the computation environment (Zhang, Para. 0080, The integrity of the access monitoring component can, for example, be verified by the first trusted component and/or a second trusted component which its own integrity has been verified (e.g., a trusted boot loader can verify the integrity of the computer program code for a access monitoring component before allowing it to be initiated).); 
(Marino, Col 5, lines 24-30, security policy may include a set of rules that define a whitelist of application containers allowed to deploy on a host computing system 206 in FIG. 2, permissions for resources used by whitelisted application containers on host computing system 206, and/or configurations of whitelisted application containers allowed to deploy concurrently on host computing system.  Col 8, lines 29-41, authentication module may verify that application container meets the certain trustworthiness threshold by confirming an identity of application container. Authentication module may verify that application container contains the expected application to be deployed. Authentication module may confirm an integrity level of application container by identifying a version of application container and/or ensuring that the version of application container has been digitally signed through a code signing process; Also, Col 10, lines 2-5, whitelist 402(2) may define permissions for application containers 218(1) and 218(4) when running on a host computing system 206); and 
providing, by the processing device, access to one or more resources of the computation environment using [the one or more registers] according to the permissions of the container (Marino, Col 5, lines 24-30, security policy may include a set of rules that define a whitelist of application containers allowed to deploy on a host computing system 206 in FIG. 2, permissions for resources used by whitelisted application containers on host computing system 206, and/or configurations of whitelisted application containers allowed to deploy concurrently on host computing system. Also, Col 10, lines 2-5, whitelist 402(2) may define permissions for application containers 218(1) and 218(4) when running on a host computing system 206.  Also, Col 11, lines 43-48, the policy-enforcement proxy may then check a security policy for the privileges of the application container. The security policy may define rules for access to resources on host computing systems and/or configurations of application containers running on host computing systems); and
Therefore, it is obvious to one ordinary skilled in the art before the effective filing date of the claimed invention to incorporate the teachings of Marino with the system and method of Zhang given the benefit of utilizing virtualization to allow multiple applications to run on a single operating system within a host computing system (such as a server or virtual machine).
Zhang and Marino do not expressly disclose the claimed one or more registers; and 
transferring, by a processing device, control of the processing device from the container manager to the container.
However, Asal discloses one or more registers (Asal, Para. 0008, lines 4-5, a register configured to store an entry point address to the first program (i.e., container application). Also, Para. 0034, lines 7-9, … the register may also be implemented as a dedicated external register, or as a memory mapped register located within secure memory 120…); and
transferring, by a processing device, control of the processing device from the container manager to the container (Asal, Para.0030, transferring control using a secure transfer control register; Also Para. 0032, The transfer of control from the non-secure program to the secure program also causes a change in the security level of the system performing the method. The system thus transitions from a non-secure level of operation when executing the non-secure program, to a secure level of operation when executing the secure program).
Therefore, it is obvious to one ordinary skilled in the art before the effective filing date of the claimed invention to incorporate the teachings of Asal with the combination of the system and method of Zhang and Marino given the benefit of Asal’s register would be updated by storing the address of the program (i.e., the white-listed program/application container, having the permission to access resources, described in Marino) while having the benefit of  transferring control between programs of different security levels.
As per claims 2, 9 and 16, Zhang discloses the method of claim 1, further comprising: 
receiving data from the container (Zhang, Para. 0040, one or more accessible components (e.g., accessible resources) which a component may attempt to access are determined so that one or more access permissions can be stored in a manner that they can be obtained if the component attempts to access the one or more accessible components, thereby allowing access to the one or more accessible components to be determined based on access permissions that have already been determined.), 
wherein the data is for a second container (Zhang, Para. 0054, an accessible component can represent a communication port allowing communication with an external entity  (e.g., a network, a server). An accessible component can effectively allow the component to communicate with the component, an accessible component can represent a resource and/or subcomponent of the component, and so on.); and 
Zhang, Para. 0058, a database component to store various profiles including, for example, application-based, user-based, and context-based profiles.). 
As per claims 3, 10 and 17, Zhang discloses the method of claim 2, further comprising: 
receiving the second container after a completion of an execution of the container (Zhang, Para. 0053- 0054, access to the accessible component granted to component 106 (receiving the second container after a completion of an execution)), wherein the second container corresponds to additional executable code (An accessible component can effectively allow the component to communicate with the component, an accessible component can represent a resource and/or subcomponent of the component); and 
providing the data from the another memory of the computation environment to the second container in response to an identification of the second container matching the identification of the second container in the another memory of the computation environment (Zhang, Para. 0104, The integrity verification service may check the measured value against the known value and if they match, the client application can access the object.). 
As per claims 5, 12 and 19, Zhang discloses the method of claim 1, further comprising: 
receiving, from the container, a request to receive data from a component that is external to the computation environment (Zhang, Para. 0048, the stored access permissions can allow the access monitoring system to readily determine whether access should be granted or denied to the component if the component attempts and/or requests to access any one of the accessible components); and 
storing an indication of the request to receive data into another memory of the computation environment, wherein the another memory is accessed by the component that is external to the computation environment (Zhang, Para. 0058, a database component to store various profiles including, for example, application-based, user-based, and context-based profiles.). 
As per claims 6, 13 and 20, Zhang discloses the method of claim 1, further comprising: 
executing the container (Zhang, Para. 0045, component may attempt to access one or more of the accessible components when it is operational (e.g., when the component is being executed on a device as an executable component). Generally, the component can be any component of the computing environment which is operable to attempt to access and/or access an accessible component of the computing environment.); and 
after the executing of the container, storing state information associated with the container in another memory of the computation environment (Zhang, Para. 0058, a database component to store various profiles including, for example, application-based, user-based, and context-based profiles.). 
As per claims 7 and 14, Zhang and Asal do not disclose; however, Marino discloses the method of claim 1, wherein the verification of the authenticity of the container corresponds to a verification of a cryptographic signature of the container (Marino, Col 8, lines 34-41, authentication module may confirm an integrity level of application container by identifying a version of application container and/or ensuring that the version of application container has been digitally signed through a code signing process; Also, Col 8, Lines 49-51, the term "code signing" generally refers to a process of digitally signing a file containing code through the use of cryptography.).
Therefore, it is obvious to one ordinary skilled in the art before the effective filing date of the claimed invention to incorporate the teachings of Marino with the system and method of Zhang and Asal given the benefit of utilizing virtualization to allow multiple applications to run on a single operating system within a host computing system (such as a server or virtual machine).
As per claim 21, Zhang discloses the method of claim 1, further comprising:
in response to transferring control to the container, executing the container to verify the container manager (Zhang, Para. 0049, an access monitoring component 102 becomes operable on the device (executing a container manager) when the component 106 is executing (in response to receiving the container) to calculate access permission of the component 106 (to verify the container); also Para. 0083). 
Claims 4, 11, 18 and 22 are rejected under 35 U.S.C. 103 as being unpatentable over Zhang (US 20090271844) in view of Marino (US 9729579) in view of Asal (US 20060259764) in view of Bravery (US 20120180039). Bravery is cited in the IDS filed 3/8/18.
As per claims 4, 11 and 18, Zhang, Marino and Asal do not disclose; however, Bravery discloses the method of claim 1, the method further comprising: 
receiving a version number associated with the container manager (Bravery, Para. 0078, the software applications and version numbers will be identified and compared to the list of software applications and version numbers that have been tested to work with the process software. Those software applications that are missing or that do not match the correct version will be upgraded with the correct version numbers.); and 
executing the container based on a comparison of the version number associated with the container manager and another version number associated with the container manager stored in the container (Bravery, Para. 0078-0081, The servers are checked to see if they contain software that includes the operating system (OS), applications, and network operating systems (NOS), together with their version numbers that have been tested with the process software). 
Therefore, it is obvious to one ordinary skilled in the art to incorporate the teachings of Bravery with the system and method of Zhang, Marino and Asal given the benefit of providing a system and method for multi-tenant enabling a service, where the service includes a plurality of service components using a virtualization environment.
As per claim 22, Zhang, Marino and Asal do not disclose; however, Bravery discloses the method of claim 1, further comprising: 
receiving a first version number associated with the container manager (Bravery, Para. 0078, the software applications and version numbers will be identified and compared to the list of software applications and version numbers that have been tested to work with the process software. Those software applications that are missing or that do not match the correct version will be upgraded with the correct version numbers.);
executing the container to verify the container manager by comparing the first version number and a second version number stored in the container, wherein the container manager is verified in response to a match between the first version number and the second version number (Bravery, Para. 0078-0081, The servers are checked to see if they contain software that includes the operating system (OS), applications, and network operating systems (NOS), together with their version numbers that have been tested with the process software). 
Therefore, it is obvious to one ordinary skilled in the art to incorporate the teachings of Bravery with the system and method of Zhang, Marino and Asal given the benefit of providing a system and method for multi-tenant enabling a service, where the service includes a plurality of service components using a virtualization environment.

Conclusion
Pertinent Prior art of Record: 
Gladwin (US 20130014254): A method for responding to a security threat for a maintenance free storage container begins by a dispersed storage (DS) processing module identifying a security threat for the maintenance free storage container, wherein the maintenance free storage container allows for multiple storage servers of a plurality of storage servers to be in a failure mode without replacement.
Nonaka (US 20030046238): A SAM receives a secure container in which content data encrypted with content key data, the encrypted content key data, and UCP data designating a handling policy of the content data are stored, and determines at least one of the purchase mode and the usage mode of the content data based on the UCP data.
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  

Any inquiry concerning this communication or earlier communications from the examiner should be directed to ANGELA R HOLMES whose telephone number is (571)270-3357.  The examiner can normally be reached on Monday-Friday 8:00AM-4:00PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Yin-Chen Shaw can be reached on 571-272-8878.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to 

/ANGELA R HOLMES/
Examiner, Art Unit 2498    

/YIN CHEN SHAW/Supervisory Patent Examiner, Art Unit 2498