Notice of Pre-AIA  or AIA  Status
The present application is being examined under the pre-AIA  first to invent provisions. 

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of pre-AIA  35 U.S.C. 103(a) which forms the basis for all obviousness rejections set forth in this Office action:


Claims 1, 6-11, 15, 16, and 20 is/are rejected under pre-AIA  35 U.S.C. 103(a) as being unpatentable over “Lee” (US 8565422) in view of “McDonald” (US 8533161).

Regarding Claim 1:
Lee teaches:
A method for provisioning a multi-tenant cache server (Fig. 1; Col. 2, lines 61-65), comprising: 
… the cloud computing system (Col. 4, lines 7-14, “The processor 105 may be implemented using one or more of microprocessors, microcontrollers, processing cores and/or other computing resources spread across any number of distributed or integrated systems, including any number of "cloud-based" or other virtual systems”) comprising a cache cluster (Fig. 1, elements 130 and 102) to host the new multi-tenant cache (Col. 8, lines 29-34, “The unencrypted value of the current active key (AOrgKeyN) in cache 111 may be used by tenant applications 128 to create custom encrypted fields (task 314) on standard or custom objects during runtime, as described above. That is, the active OrgKey is used by the data processing engine 112 to encrypt the actual data (task 314), as appropriate”; i.e., utilize the cache element 111 to host at least a tenant application 128), wherein the cache cluster comprises a plurality of gateway nodes (Col. 4, lines 4-7, “The server 102 is implemented using one or more actual and/or virtual computing systems that collectively provide the dynamic application platform 110 for generating the virtual applications 128”) and a … cache [server] (Fig. 1, element 130);
provisioning an access control endpoint (Fig. 1, element 142; Col. 5, lines 23-26, “… each virtual application 128 generates dynamic web content that can be served to a browser or other client program 142 associated with its user device 140…”) associated with a reserved space on one or more cache servers (Fig. 1, elements 138 on element 130 detail a reserved space for different tenant applications in addition to table data 132, 133, and 135) …
providing a shared key (Col. 7, lines 22-29, “Users within the organization responsible for the release and deployment of tenant applications have access to only one half of the Master Key (P1MK) from the file system of the production server …”) and the access control endpoint to a client device (Fig. 1, element 142; Col. 5, lines 23-26, “… each virtual application 128 generates dynamic web content that can be served to a browser or other client program 142 associated with its user device 140…”); 
providing a private version of the shared key (Col. 7, lines 29-32, “The developer, on the other hand, can retrieve the other half of the Master Key (P2MK) from source code but cannot typically access the production machine’s file system”) to a gateway node from the plurality of gateway nodes (Col. 7, lines 39-46, “… server 102 retrieves the two component halves of the Master Key, namely P1MEK and P2MEK … Server 102 also retrieves the second half of the Master Key (P2MEK) from source code …”); and 
in response to the application passing the shared key as an input (Col. 7, lines 39-46, “… server 102 retrieves the two component halves of the Master Key, namely P1MEK and P2MEK … Server 102 also retrieves the second half of the Master Key (P2MEK) from source code … Having assembled the two Maser Key halves at runtime, process 200 combines the two halves to create the Master Key”), granting access to the reserved space via the gateway node having the private version of the shared key thereon (Col. 4, lines, 32-38, “This caching mechanism facilitates efficient runtime performance inasmuch as it is not necessary to fetch the encrypted version of the OrgKey from the database, and decrypt it with the Master Key (MK) before using it to encrypt (or decrypt) the actual data upon every request”; Col. 5, lines 58-63 & Col. 6, lines 21-33; Here, Lee discloses assembling a master key from two halves, where one halve, P2MEK, is located within application source code. Then, the master key is utilized to decrypt an organization key that enables access to a protected “reserved space” for a tenant at element 130).
Lee does not disclose:
receiving, at a computer system, a request to create a new multi-tenant cache on a cloud computing system for an application, … wherein the cache cluster comprises a plurality of gateway nodes and a plurality of cache servers;
McDonald teaches:
receiving, at a computer system, a request to create a new multi-tenant cache (Fig. 6, element 604; Col. 10, lines 5-12, “This page is viewable by accounts with the administrator and monitor roles. The page includes a table 602 listing the namespaces owned by the current tenant, and controls (e.g., links/buttons 604) are provided to enable the administrator to create a namespace, view or edit the settings for a listed namespace, or view statistics for a listed namespace”) on a cloud computing system for “A typical use environment is an enterprise, although the techniques may be implemented by a storage service provider or an entity that operates a storage cloud”), … wherein the cache cluster comprises a plurality of gateway nodes (Fig. 3, elements 310, 312, 314, 318, 320; Col. 3, lines 65-67, “… each node runs an instance 300 of the distributed application…” & Col. 4, lines 13-17; i.e., each storage node server has a respective gateway layer associated within) and a plurality of cache servers (Col. 3, lines 13-15, “storage node servers”; Col. 6, lines 22-24, “In addition, the request manage caches metadata manager entries for recently used files…”; i.e., each storage node includes a Request Manager (Fig. 3, element 324) that is enabled to cache metadata of recently used files);
	At the time of the invention it would have been obvious to one with ordinary skill in the art to modify Lee’s multi-tenant system by enhancing Lee’s multi-tenant server and database to be implemented utilizing a plurality of gateway nodes and cache servers upon receiving a request to create a multi-tenant cache environment, as taught by McDonald, in order to efficiently distribute storage across a network fabric in a redundant manner.
	The motivation is to implement a cache cluster structure by utilizing a plurality of gateway nodes and cache servers that provide efficient data storage capabilities to a multi-tenant environment via a redundant array of storage nodes. This further strengthens the environment by isolating storage issues stemming from one tenant’s partition to another tenant’s partition, thus ensuring that the failure of any one storage node has little impact on the cache cluster’s availability (McDonald, Col. 2, lines 47-67 & Col. 3, lines 1-3).

Regarding Claim 6:
The method of claim 1, wherein Lee in view of McDonald further teaches the plurality of cache servers comprises a ring network of server devices (McDonald, Fig. 2, elements 202; Col. 3, lines 62-65, “… the archive cluster application runs on a redundant array of independent nodes … that are networked together… as a cluster”), wherein the plurality of gateway nodes track location of data within the ring of network server devices (McDonald, Col. 4, lines 13-18, “The gateways provide native file services such as NFC 310 and SMB/CIFS 312 … The access layer 304 provides access to the archive”).
The motivation to reject claim 6 under McDonald is the same motivation used to reject claim 1 under McDonald in combination with Lee. 

Regarding Claim 7:
The method of claim 1, Lee in view of McDonald further comprising identifying the cache cluster to host the new multi-tenant cache based on a requested cache size included within the request to create the new multi-tenant cache (McDonald, Fig. 7, element 706).
The motivation to reject claim 7 under McDonald is the same motivation used to reject claim 1 under McDonald in combination with Lee. 

Regarding Claim 8:
The method of claim 7, Lee in view of McDonald further comprising establishing a per-tenant cache quota based upon the requested cache size included within the request to “The appropriate admin can lower or raise that quota, and he or she can assign as much quota as desired. The TLT can also specify a soft quota, which is a given percentage of the hard quota. A tenant is able to divide its quota among one or more namespaces, but the total assigned quota may not exceed that of the tenant. For accounting purposes, preferably the quota will measure the rounded up size of an ingested file to the nearest block size. A soft quota is typically a predetermined percentage (e.g., 85%) of a hard quota, but this value may be configurable”).
The motivation to reject claim 8 under McDonald is the same motivation used to reject claim 1 under McDonald in combination with Lee. 

Regarding Claim 10:
The method of claim 1, Lee in view of McDonald further comprising partitioning data of the reserved space across multiple cache servers of the plurality of cache servers such that each tenant associated with the new multi-tenant cache is assigned a uniquely named cache (McDonald, Col. 8, lines 23-32, “A tenant is able to divide its quota among one or more namespaces, but the total assigned quota may not exceed that of the tenant”; i.e., partitioning a reserved data space into unique namespaces), wherein partitioning data of the reserved space comprises assigning multiple domain names to a common virtual internet protocol (VIP) (McDonald, Col. 9, lines 15-28 discloses naming various tenants with unique internet protocol addresses).
The motivation to reject claim 10 under McDonald is the same motivation used to reject claim 1 under McDonald in combination with Lee. 

Regarding Claims 11 and 16:
System claim 11 and non-transitory computer readable medium claim 16 correspond to method claim 1 and contain additional generic computer components disclosed within Fig. 1 and Col. 4, lines 41-49 of Lee. However, claims 11 and 16 do not contain any further limitations than recited within claim 1, and are thus each rejected under the same rationale used to reject claim 1 above.

Regarding Claim 15:
The system of claim 11, Lee in view of McDonald further comprising instructions that, when executed by the at least one processor, cause the system to:  18FILED ELECTRONICALLYDocket No. 333616-US-CNT 
identify the cache cluster to host the new multi-tenant cache based on a requested cache size included within the request to create the new multi-tenant cache (McDonald, Fig. 7, element 706); and 
partition data of the reserved space such that each tenant associated with the new multi-tenant cache is assigned a uniquely named cache (McDonald, Col. 8, lines 23-32, “A tenant is able to divide its quota among one or more namespaces, but the total assigned quota may not exceed that of the tenant”; i.e., partitioning a reserved data space into unique namespaces), wherein partitioning data of the reserved space comprises assigning multiple domain names to a common virtual internet protocol (VIP) (McDonald, Col. 9, lines 15-28 discloses naming various tenants with unique internet protocol addresses).


Regarding Claim 20:
Non-transitory computer readable medium claim 20 corresponds to system claim 15 and contains no further limitations. Therefore claim 20 is rejected by applying the same rationale used to reject claim 15 above.

Claims 2-5, 12-14, and 17-19 is/are rejected under pre-AIA  35 U.S.C. 103(a) as being unpatentable over “Lee” (US 8565422) in view of “McDonald” (US 8533161) in further view of “Amradkar” (US 2010/0125612).

Regarding Claim 2:
Lee in view of McDonald teaches:
The method of claim 1, …
Lee in view of McDonald does not disclose:
… wherein granting access to the reserved space comprises:
returning a ticket to the client device for caching on the client device; and 
granting access to the reserved space based on validation of the ticket received from the client device.
Amradkar teaches:
… wherein granting access to the reserved space comprises:

granting access to the reserved space based on validation of the ticket received from the client device (Fig. 3, element 330 comprising element 361 being sent from client element 305 to online service element 310; ¶0046, “For example, multi-tenant resource instance 125 may communicate with authentication database 170 using request 171 and reply 172 to verify that users 155 and 156 have rights to access resources through instance 125 based on each user's corresponding validated security token. Thus, returning to FIG. 3, client 305 may send data request 330 along with signed security token 361 to online service 310 (which may be user-submitted service 106) to request data and resources from the service”).
	At the time of the invention it would have been obvious to one with ordinary skill in the art to modify Lee in view of McDonald’s multi-tenant system by enhancing Lee in view of McDonald’s system to incorporate a token-based authorization protocol to grant access to a tenant, as taught by Amradkar, in order to enhance the security of the system.
	The motivation is to prevent unauthorized users from accessing tenant spaces by incorporating a token-based authorization system that enables access only upon receiving a valid token.

Regarding Claim 3:
The method of claim 2, wherein Lee in view of McDonald in further view of Amradkar further teaches the ticket is associated with an expiration period during which the client “It will be understood that either user (or any other user not shown) may be denied access by authentication database 170 as having an invalid (e.g. expired) security token or invalid resource instance claim”).
The motivation to reject claim 3 is the same motivation used to reject claim 2 under Amradkar in combination with Lee in view of McDonald.

Regarding Claim 4:
The method of claim 3, Lee in view of McDonald in further view of Amradkar further comprising: 
receiving, from the client device, a request to access the reserved space, the request comprising the ticket cached on the client device (Amradkar, ¶0046, “Thus, returning to FIG. 3, client 305 may send data request 330 along with signed security token 361 to online service 310 (which may be user-submitted service 106) to request data and resources from the service”); and 
in response to determining that the expiration period has elapsed (Amradkar, ¶0026, “It will be understood that either user (or any other user not shown) may be denied access by authentication database 170 as having an invalid (e.g. expired) security token or invalid resource instance claim”), provide, to the client device, a rejection of the request to access the reserved space (Amradkar, ¶0026, “In such cases, reply 172 would include an indication of which users were denied access, and instead of sending the requested resources (e.g. 118C and 118D), a notification that access was denied would be sent”).


Regarding Claim 5:
The method of claim 2, wherein Lee in view of McDonald in further view of Amradkar further teaches the gateway node uses the private version of the shared key to decrypt user data to authenticate the client device prior to granting access to the reserved space (Lee, Col. 4, lines, 32-38, “This caching mechanism facilitates efficient runtime performance inasmuch as it is not necessary to fetch the encrypted version of the OrgKey from the database, and decrypt it with the Master Key (MK) before using it to encrypt (or decrypt) the actual data upon every request”; i.e., utilize the master key to decrypt an organization key that is utilized to provide access to reserved space to authenticated users).

Regarding Claims 12-14:
System claims 12-14 correspond to respective method claims 2, 3/4, and 5 and contain no further limitations. Therefore claims 12-14 are each rejected by applying the same rationale used to reject claims 2, 3/4, and 5 above, respectively.

Regarding Claims 17-19:
Non-transitory computer readable medium claims 17-19 correspond to respective method claims 2, 3/4, and 5 and contain no further limitations. Therefore claims 17-19 .

Claim 9 is/are rejected under pre-AIA  35 U.S.C. 103(a) as being unpatentable over “Lee” (US 8565422) in view of “McDonald” (US 8533161) in further view of “Nishikawa” (WO 2013/051056).

Regarding Claim 9:
Lee in view of McDonald teaches:
The method of claim 7, …
Lee in view of McDonald does not disclose:
… further comprising establishing a tenant bandwidth that identifies a number of transactions or size of transactions for a selected period of time included within the request to create the new multi-tenant cache.
Nishikawa teaches:
… further comprising establishing a tenant bandwidth that identifies a number of transactions or size of transactions for a selected period of time included within the request to create the new multi-tenant cache (¶0084, “In step S52 … an entry of a tenant to be added … is added … Contents of the fields regarding performances of the new tenant … are added from the SLA 5100. Specifically, the port bandwidth 515 … are written from the SLA for LU 5100 illustrated in FIG. 12”; ¶0052, “… the bandwidth of 2Gbps of each of the ports 21 and 22 are allocated”; i.e., allocate a transactional bandwidth of 2Gbps during a request to establish a new tenant).
	At the time of the invention it would have been obvious to one with ordinary skill in the art to modify Lee in view of McDonald’s multi-tenant system by enhancing Lee in view of McDonald’s system to provide an option for bandwidth requirements while establishing a tenant, as taught by Nishikawa, in order to give a user more flexibility when establishment the tenant.
	The motivation enable a user to select additional service levels, such as bandwidth requirements, during the establishment of a tenant environment. This allows the user to dictate the type of environment needed for specific applications, thus preventing the user from overcommitting to unnecessary resources during tenant creation.

Contact Information
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DANIEL B POTRATZ whose telephone number is (571)270-5329.  The examiner can normally be reached on M-F 10 A.M. - 6 P.M. CST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.  
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ashok Patel can be reached on 571-272-3972.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.





/DANIEL B POTRATZ/Primary Examiner, Art Unit 2491