Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

EXAMINER'S AMENDMENT
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.

The application has been amended as follows: 

(Currently Amended). A method performed by a computing node in a computing system, the method comprising:
receiving at the computing node: (i) information that identifies a user, and (ii) a task originating from the user that is scheduled for execution on the computing node;
transmitting a request for a task token to a server, wherein the task token is a token specific to the task, and wherein the request for the task token includes: (i) the information that identifies the user, and (ii) a task identifier (ID) that identifies the task;
receiving the task token from the server, wherein the task token incorporates the information that identifies the user and the task ID, and the task token is digitally signed;
executing the task on the computing node, wherein executing the task includes:
transmitting a request for a data access token to the server, wherein the data access token is a token required to access data stored in a data storage system, and wherein the request for the data access token includes the task token;
in response to transmitting the request for the data access token, receiving the data access token from the server; and
;
wherein the method further comprises: using a private key to obtain a digital signature by digitally signing information that includes both the task ID and an identifier of the computing node, and then including the digital signature in the request for the task token and/or in the request for the data access token.
2. (Original) The method of claim 1, wherein the computing system is a distributed computing system, wherein the computing node is one of a plurality of computing nodes in the distributed computing system, and wherein the information that identifies the user and the task are both received from a resource manager responsible for scheduling tasks on the computing nodes.
3. (Original) The method of claim 2, further comprising: upon completion of executing the task, transmitting to the resource manager an indication that the task is complete.
4. (Original) The method of claim 3, wherein the indication that the task is complete comprises an indication that computing resources used to execute the task are now available for use to execute another task.
5. (Original) The method of claim 3, wherein before execution of the task or before execution of the task is complete, the method further comprises: the computing node transmitting the task ID to the resource manager to identify the task.
6. (Original) The method of claim 1, wherein the information that identifies the user of the computing system comprises a user credential, wherein the user credential originates from a user input at a user device.
7. (Original) The method of claim 1, wherein a digital signature of the task token incorporates both the information that identifies the user and the task ID.
8. (Canceled)
9. (Original) The method of claim 1, wherein the data access token incorporates the task ID and/or the information identifying the user. 

11. (Currently Amended) A computing node comprising:
a processor; 
a memory; and 
at least one network interface;
wherein the at least one network interface is to:
receive both (i) information that identifies a user, and (ii) a task originating from the user that is scheduled for execution on the computing node; 
transmit a request for a task token to a server, wherein the task token is a token specific to the task, and wherein the request for the task token includes: (i) the information that identifies the user, and (ii) a task identifier (ID) that identifies the task; and
receive the task token from the server, wherein the task token incorporates the information that identifies the user and the task ID, and the task token is digitally signed;
wherein the processor is to execute the task on the computing node, and during the execution of the task the at least one network interface is to:
transmit a request for a data access token to the server, wherein the data access token is a token required to access data stored in a data storage system, and wherein the request for the data access token includes the task token;
in response to transmitting the request for the data access token, receive the data access token from the server; and
transmit the data access token to the data storage system to access the data;
wherein the processor is to: use a private key to obtain a digital signature by digitally signing information that includes both the task ID and an identifier of the computing node, and then include the digital signature in the request for the task token and/or in the request for the data access token.
12. (Original) The computing node of claim 11, wherein the computing node is one of a plurality of computing nodes in a distributed computing system, and wherein the information that identifies the user and the task are both to be received from a resource manager responsible for scheduling tasks on the computing nodes.
13. (Original) The computing node of claim 12, wherein upon completion of executing the task, the at least one network interface is to: transmit to the resource manager an indication that the task is complete.
14. (Original) The computing node of claim 13, wherein the indication that the task is complete comprises an indication that computing resources used to execute the task are now available for use to execute another task.
15. (Original) The computing node of claim 13, wherein before execution of the task or before execution of the task is complete, the at least one network interface is to: transmit the task ID to the resource manager to identify the task.
16. (Original) The computing node of claim 11, wherein the information that identifies the user of the computing system comprises a user credential, wherein the user credential originates from a user input at a user device.
17. (Original) The computing node of claim 11, wherein a digital signature of the task token incorporates both the information that identifies the user and the task ID.
18. (Canceled)
19. (Original) The computing node of claim 11, wherein the data access token incorporates the task ID and/or the information identifying the user. 
20. (Original) The computing node of claim 12, wherein the information that identifies the user and that is to be received from the resource manager is: (i) incorporated into a submission token that originates from the user, or (ii) incorporated into a token that originates from a workflow scheduler.
Reasons for Allowance
The following is an examiner’s statement of reasons for allowance: The prior art of record (in particular, the combination of Chang et al. US Pub. No.: 2014/0208119 A1, in view of Georgiadis et al. US Pub. No.: 2018/0137512 A1 does not disclose, with respect to independent claims 1 and 11, the claimed limitation: “wherein the method further comprises: using a private key to obtain a digital signature by digitally signing information that includes both the task ID and an identifier of the computing node, and then including the digital signature in the request for the task token and/or in the request for the data access token,” as claimed. Rather, Chang discloses, controlling exposure of sensitive data and operation using process bound security tokens in cloud computing environment.  Similarly, Georgiadis discloses network node authentication.  Accordingly, claims 1-7, 9-17 and 19-20 are allowed.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to NEGA WOLDEMARIAM whose telephone number is (571)270-7478.  The examiner can normally be reached on Monday to Friday, 8am-5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey Pwu can be reached on 5712726798.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained 






/NEGA WOLDEMARIAM/Examiner, Art Unit 2433                                    

/JEFFREY C PWU/Supervisory Patent Examiner, Art Unit 2433