DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claims 1, 2, 4, 9-12, 14, 17, 19 and 20 are pending in this application.
Claims 1 and 11 are currently amended.
Claims 3, 5-8, 13, 15, 16 and 18 are cancelled.

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 7/16/2021 has been entered.

Response to Arguments
The previous 103 rejection to the claims 1, 2, 4, 9-12, 14, 17 and 19-20 have been withdrawn in response to the applicants’ amendments/remarks.

Allowable Subject Matter
Claims 1, 2, 4, 9-12, 14, 17, 19 and 20 are allowed.

EXAMINER’S AMENDMENT
An examiner’s amendment to the record appears below. Should the changes and/or additional be unacceptable to applicants, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of issue fee.
Authorization for this examiner's amendment was given in email communication with Anthony Laurentano (reg. no. 38,220) on 8/11/2021.
  
The application has been amended as follows:
IN THE CLAIMS

Claim 1: (Currently Amended) An apparatus for booting a virtual machine, comprising: 
an access unit for accessing a virtual disk corresponding to a virtual machine that exists in a virtualization area and controlling input and output of data stored in the virtual disk, using a trap generated by a trap generation unit, wherein the access unit accesses the virtual disk using an access privilege that has a higher level than an access privilege with which the virtual machine is allowed to access the virtual disk; 
an extraction unit for extracting data used for booting from the virtual disk, wherein the data used for booting includes a plurality of files used for booting the virtual machine and data about a sequence in which the plurality of files are loaded; 
a verification unit for extracting a trusted boot image from a trusted boot image storage element, wherein the trusted boot image includes a plurality of files used for booting and data about a sequence in which the plurality of files are loaded, and an entirety of the plurality of files of the trusted boot image with an entirety of the plurality of files the virtual machine, and if the entirety of the plurality of files the virtual machine are identical to the entirety of the plurality of files of the trusted image based on the comparison, then the integrity of the data is verified, wherein the verification unit verifies the integrity by checking whether the data about the sequence in which the plurality files are loaded  from the virtual disk is identical to the data about the sequence in which the plurality of files are loaded, stored in the trusted boot image, through comparison, 
a boot image restoration unit for determining whether the data used for booting the virtual machine has been forged based on a result of verifying the integrity, and restoring the data used for booting using the trusted boot image stored in the image storage element when it is determined that the data used for booting has been forged,
 a memory for storing information associated with the access unit, the extraction unit, the verification unit, and the boot image restoration unit, and 
a hardware processor for processing and executing the information associated with the 2Application No.: 15/069,094Docket No.: HY7-106RCE3 access unit, the extraction unit, the verification unit, and the boot image restoration unit, 
wherein at least the access unit, the trap generation unit, the extraction unit, the trusted boot image storage element, and the verification unit form part of a hypervisor a hash value of the data about the sequence in which the plurality of files are loaded from the virtual disk with a hash value of the data about the sequence in which the plurality of the files the trusted boot image.


Claim 11: (Currently Amended) A method for booting a virtual machine, comprising:

	accessing a virtual disk with an access unit, corresponding to a virtual machine that exists in a virtualization area, using a trap generated by a trap generation unit, wherein the access unit accesses the virtual disk using an access privilege that has a higher level than an access privilege with which the virtual machine is allowed to access the virtual disk;

	extracting data used for booting from the virtual disk with an extraction unit, wherein the data used for booting includes a plurality of files used for booting the virtual machine and data about a sequence in which the plurality files are loaded;

	extracting a trusted boot image from a trusted boot image storage element with a verification unit, wherein the trusted boot image includes a plurality of files used for booting and data about a sequence in which the files are loaded, and verifying integrity of the data used for booting by comparing at once an entirety of the plurality of files of the trusted boot image with an entirety of the plurality of files the virtual machine, and if the entirety of the plurality of files of the data used for the virtual machine are identical to the entirety of the plurality of files of the trusted image based on the comparison, then the integrity of the data is verified;

 	determining whether the data used for booting the virtual machine has been forged based on a result of verifying the integrity; and

	restoring the data used for booting using the trusted boot image stored in the image storage when it is determined that the data used for booting has been forged,

	wherein at least the access unit, the trap generation unit, the extraction unit, the trusted boot image storage element, and the verification unit form part of a hypervisor a hash value of the data about the sequence in which the plurality of files are loaded from the virtual disk with a hash value of the data about the sequence in which the plurality of files of the trusted boot image.


Examiner’s Statement for Reasons for Allowance
The following is an examiner’s statement of reasons for allowance:

Regarding independent claims 1 and 11,

Mao et al. (Patent No.: US 8,176,336 B1) teaches an access unit for accessing a virtual disk corresponding to a virtual machine that exists in a virtualization area and controlling input and output of data stored in the virtual disk; a verification unit for extracting a trusted boot image from image storage, wherein the trusted boot image includes a plurality of files used for booting and data about a sequence in which the plurality of files are loaded, and verifying integrity of the data used for booting by comparing the plurality of files of the trusted boot image with the plurality of files of the data used for booting, and if the files of the data used for booting are identical to the files of the trusted image based on the comparison, then the integrity of the data is verified –e.g. see, col. 7, lines 1-11; lines 61-67; col. 8, lines 1-10 of Mao.

	Bealkowski et al. (Pub. No.: US 2013/0151831 A1) teaches controlling input and output of data stored in the virtual disk using a trap generated by a trap generation unit-e.g. see, [0039], [0051] of Bealkowski.

	Hanna (Pub. No.: US 2010/0070800 A1) teaches a boot image restoration unit for determining whether the data used for booting has been forged based on a result of verifying the integrity, and restoring the data used for booting using the trusted boot image stored in the image storage when it is determined that the data used for booting has been forged-e.g. see, [0070], Fig. 5A, 5B, [0071], [0072] of Hanna.

However, the prior art of record does not teach or render obvious:
the limitations in independent claims 1 and 11 specific to the other limitations combination with:

wherein at least the access unit, the trap generation unit, the extraction unit, the trusted boot image storage element, and the verification unit form part of a hypervisor and wherein the verification unit verifies the integrity by comparing a hash value of the data about the sequence in which the plurality of files are loaded from the virtual disk with a hash value of the data about the sequence in which the plurality of the files are loaded of the trusted boot image.

Dependent claims 2, 4, 9, 10, 12, 14, 17, 19 and 20 are allowed as they depend from allowable independent claim 1 or 11.

Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee. Such submissions should be clearly labeled "Comments on Statement of Reasons for Allowance".


Conclusion


Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached on 571-272-3739.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


SUMAN DEBNATH
Patent Examiner
Art Unit 2495



/S.D/Examiner, Art Unit 2495                                                                                                                                                                                                        

/HENRY TSANG/Primary Examiner, Art Unit 2495