Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Detailed Action

This office action is responsive to communication filed on 05/19/2021. Claims 1 - 20 have been examined.   


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claims 1, 4, 9, 12, 17 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Spiers et al. (US20120265976A1) hereinafter Spiers in view of McGuire et al. (US9594922B1) hereinafter McGuire, and further in view of Zeng et al. (US20180025049A1) hereinafter Zeng.

As per claim 1. A method of managing a cloud platform for implementing a plurality of cloud components, the method comprising: (Spiers, par0028 teaches this disclosure describes various techniques for creating a trusted environment in an untrusted cloud environment. The trusted environment may form a basis for an illustrative architecture that may allow extending an organization's infrastructure using, e.g., infrastructure as a service (IaaS) cloud resources. The disclosure illustrates a combination of elements (e.g., pieces of hardware and/or software), together with a process in which they are deployed, managed, and operated, that may be used to create a trusted environment in accordance with various aspects of the disclosure. The initial state of the environment may be considered and verified separately as well as all together so that the environment can be trusted (e.g., such that the risks associated with such environment are acceptable for the organization). The initial state of the environment may include internal organization infrastructure 302 (e.g., the hardware and/or software that enables connectivity to the cloud provider facility 304 and cloud demilitarized zone (DMZ) 306), cloud provider infrastructure 304, organization's encrypted operating system (OS) template, and/or an initial empty virtual private cloud (VPC) 308 environment dedicated to the organization).
(Spiers, par0048 teaches each of the systems in FIGS. 3-5, 12A, and 12B may include a tenant data center 302 and a cloud provider data center 304. A cloud provider may be an organization that creates a cloud platform used by one or more tenants [first and second tenants] to execute computational workloads. A tenant may be a user or an organization that uses the cloud platform to execute its computational workloads. The tenant data center 302 may include computer hardware (e.g., one or more computing devices 101) and software controlled by a tenant. The cloud provider data center 304 may include computer hardware (e.g., one or more computing devices 101) and software controlled by the cloud provider. The cloud provider data center 304 may provide a computational service permitting one or more tenants [first and second tenants] to execute computational workloads using virtual machines (VMs). A cloud provider may also be one of the tenants).
receiving, by a first cloud component, a zone token, (Spiers, par0159 teaches a first computing system (e.g., a cloud orchestrator system 318 at cloud zone 306 and/or organization network 302) may transmit (see step 1002A) via an encrypted channel a first token to a second computing system (e.g., computing system 334 [first cloud component] in communication with VPC 308)).
receiving, by the first cloud component and from a user computing system, a task request indicating a first task; (Spiers, par0147 teaches in block 804, the method may include receiving a create measured virtual machine request comprising authentication information. For example, the virtualization platform 334[first cloud component]  may receive a request, which includes an authentication code U, to create a Measured VM 342).
(Spiers, par0159 teaches a first computing system (e.g., a cloud orchestrator system 318 at cloud zone 306 and/or organization network 302) may transmit (see step 1002A) via an encrypted channel a first token to a second computing system (e.g., computing system 334 [first cloud component] in communication with VPC 308)).
executing the first task by the first cloud component, wherein executing the first task comprises: (Spiers, par0148 teaches In block 806, the method may include, in response to the request, creating a measured virtual machine based on the authentication information. For example, the virtualization platform 334 may create a Measured VM 342).
selecting a data unit (Spiers, par0054 teaches  the cloud orchestrator 318 may be implemented as a web application deployed using standard stack 3 within the organization to provide web user interface for users to access [selecting data] cloud resources as well as web services to support cloud DMZ resources).
sending a request message to a second cloud component, the request message, a second data unit, a second data unit, the second data unit being (Spiers, par0159 teaches in one example, the organization network 302 may transmit the first token to the cloud zone 306, which then transmits the first token to a computing system in the cloud infrastructure 310. The computing system 334[first cloud component] may instruct (see step 1002B) the VPC 308 [second cloud component] to power on the VM instance 342A by starting the VM, which starts the VM BIOS, which invokes a custom PXE loader, as described herein).
(Spiers, par0165 teaches The virtual machine instance 342A in the cloud environment (e.g., virtual private cloud 308) may then access resources and data stored in the cloud zone 306 and organization network 302, as a result of having been securely instantiating, booted, and authenticated).
and a description; (Spiers, par0138 teaches a potential additional strength in securing the cloud environment (e.g., virtual private cloud 308) may be a result of comparing and cross-referencing the collected logs with the internal logs describing the expected state of the environment…By comparing and correlating the cloud orchestrator logs describing expected state of the environment with logs obtained via internal and external monitoring, we may be able to detect events such as:).
of a subtask of the first task, executing the subtask (Spiers, par0043 teaches the process of establishing a root of trust in the cloud provider's environment may be accomplished by, for example, one or more efforts: assessing service providers using assessment tailored towards cloud providers; negotiating contracts establishing contractual relationship between the organization and the cloud provider including all the obligation and penalties; and/or assessing risk based on the results of the previous two items as well as the elements described in FIGS. 3-5, 12A, and 12B that may be used to access the cloud in order to determine if level of risk posed by factors that are outside of the organization's control are acceptable).
          Spiers does not  explicitly disclose wherein the zone token comprises a first user identifier indicating a first user and a first zone identifier (ID) indicating a first zone; associated with the first zone ID; comprising the first zone ID; the first zone ID.
( McGuire, col7 ln48-65 teaches at 222, a token [zone token] can be generated based on encrypting the name value pairs (e.g., user identifier [a first user identifier indicating a first user], access zone identifier [a first zone identifier (ID) indicating a first zone], timestamp, encryption salt, etc.) using a current encryption key. It can be appreciated that the current encryption key is common to all nodes of the cluster……At 232, it can be determined if the token can be decrypted using the current encryption key. For example, a valid decrypted token will have name value pairs that make sense to the node, for example, a user identifier, zone identifier, the set of salt, and other discriminative information that allows the node to easily determine, without a separate table lookup, that the token has been decrypted using a valid key).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of wherein the zone token comprises a first user identifier indicating a first user and a first zone identifier (ID) indicating a first zone; associated with the first zone ID; comprising the first zone ID; the first zone ID, as taught by McGuire, in the method of  Spiers, so if a client is authenticated in a distributed file system, a token 
 can be provided that can then be included in the header parameter of subsequent requests from the client, see McGuire, col1 ln37-40.
          Spiers and McGuire do not  explicitly disclose comprising a first persistence, at the first persistence, of the first cloud component, the first cloud component comprising 
          Zeng however discloses comprising a first persistence, at the first persistence, of the first cloud component, the first cloud component comprising a first persistence for, the first data unit being associated with, at the first persistence; and associated with, of the second cloud component, comprising a second persistence separate from the first persistence, from the second persistence, at the second persistence. ( Zeng, Fig. 2, par0070, 0097. Par0070 teaches as shown in FIG. 2, a network 20 includes: a first data server 203, a second data server 202, and one or more application servers 201, where the second data server 202 is in communication connection with the first data server 203 and the one or more application servers 201, the one or more application servers 201 are configured to provide an application service, the first data server 203 [first cloud component] is configured to provide a first persistence [first persistence] layer service, including first data [first data, the second data server 202 [second cloud component] is configured to provide a second persistence [second persistence] layer service, including second data. Par0097 teaches according to an implementation manner shown in FIG. 3A, in one aspect, implementing the second persistence layer service by a cloud VM may implement on-demand data resource assignment; in another aspect, the second data server 202 including the second persistence layer service that has a transaction management function and the first data server 203 including an original cloud first persistence layer service host on different VMs, which avoids that the second persistence layer service that has a transaction management function occupies a data processing resource for the original first persistence layer service, and therefore avoids impact on the original first persistence layer service).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of comprising a first persistence, at the first persistence, of the first cloud component, the first cloud component comprising a first persistence for, the first data unit being associated with, at the first persistence; and associated with, of the second cloud component, comprising a second persistence separate from the first persistence, from the second persistence, at the second persistence, as taught by Zeng, in the method of  Spiers and McGuire, so as to provide a unified database access interface to an application a persistence layer service is used to shield a different database deployment form, a version difference, and/or a different database provider, see Zeng par0004.

As per claim 4.  Spiers, McGuire and Zeng disclose the method of claim 1.  
          Spiers discloses further comprising: sending the zone token to the first cloud component; (Spiers, par0159 teaches a first computing system (e.g., a cloud orchestrator system 318 at cloud zone 306 and/or organization network 302) may transmit (see step 1002A) via an encrypted channel a first token to a second computing system (e.g., computing system 334 [first cloud component] in communication with VPC 308)).
 determining a second cloud component that is associated with the first zone: and sending the zone token to the second cloud component. (Spiers, par0159 teaches in one example, the organization network 302 may transmit the first token to the cloud zone 306, which then transmits the first token to a computing system in the cloud infrastructure 310. The computing system 334[first cloud component] may instruct (see step 1002B) the VPC 308 [second cloud component] to power on the VM instance 342A by starting the VM, which starts the VM BIOS, which invokes a custom PXE loader, as described herein).

As per claim 9. A cloud platform system for implementing a plurality of cloud components, the cloud platform system comprising: (Spiers, par0028 teaches this disclosure describes various techniques for creating a trusted environment in an untrusted cloud environment. The trusted environment may form a basis for an illustrative architecture that may allow extending an organization's infrastructure using, e.g., infrastructure as a service (IaaS) cloud resources. The disclosure illustrates a combination of elements (e.g., pieces of hardware and/or software), together with a process in which they are deployed, managed, and operated, that may be used to create a trusted environment in accordance with various aspects of the disclosure. The initial state of the environment may be considered and verified separately as well as all together so that the environment can be trusted (e.g., such that the risks associated with such environment are acceptable for the organization). The initial state of the environment may include internal organization infrastructure 302 (e.g., the hardware and/or software that enables connectivity to the cloud provider facility 304 and cloud demilitarized zone (DMZ) 306), cloud provider infrastructure 304, organization's encrypted operating system (OS) template, and/or an initial empty virtual private cloud (VPC) 308 environment dedicated to the organization).
at least one computing device comprising a memory and a processor, wherein the at least one computing device is programmed to perform operations comprising: (Spiers, par0011 teaches a computing apparatus is disclosed comprising one or more processors and one or more memories (e.g., tangible, non-transitory computer memory) storing computer executable instructions that, when executed, cause the apparatus to perform one or more of the aforementioned steps).
receiving, by a first cloud component, a zone token, (Spiers, par0159 teaches a first computing system (e.g., a cloud orchestrator system 318 at cloud zone 306 and/or organization network 302) may transmit (see step 1002A) via an encrypted channel a first token to a second computing system (e.g., computing system 334 [first cloud component] in communication with VPC 308)).
a first tenant (Spiers, par0048 teaches each of the systems in FIGS. 3-5, 12A, and 12B may include a tenant data center 302 and a cloud provider data center 304. A cloud provider may be an organization that creates a cloud platform used by one or more tenants [first and second tenants] to execute computational workloads. A tenant may be a user or an organization that uses the cloud platform to execute its computational workloads. The tenant data center 302 may include computer hardware (e.g., one or more computing devices 101) and software controlled by a tenant. The cloud provider data center 304 may include computer hardware (e.g., one or more computing devices 101) and software controlled by the cloud provider. The cloud provider data center 304 may provide a computational service permitting one or more tenants [first and second tenants] to execute computational workloads using virtual machines (VMs). A cloud provider may also be one of the tenants).
receiving, by the first cloud component and from a user computing system, a task request indicating a first task; (Spiers, par0147 teaches in block 804, the method may include receiving a create measured virtual machine request comprising authentication information. For example, the virtualization platform 334[first cloud component]  may receive a request, which includes an authentication code U, to create a Measured VM 342).
associated with the zone token (Spiers, par0159 teaches a first computing system (e.g., a cloud orchestrator system 318 at cloud zone 306 and/or organization network 302) may transmit (see step 1002A) via an encrypted channel a first token to a second computing system (e.g., computing system 334 [first cloud component] in communication with VPC 308)).
executing the first task by the first cloud component, wherein executing the first task comprises: (Spiers, par0148 teaches In block 806, the method may include, in response to the request, creating a measured virtual machine based on the authentication information. For example, the virtualization platform 334 may create a Measured VM 342).
a first data unit, the first cloud component; (Spiers, par0149 teaches  the virtualization platform 334 may generate measurement values based on measuring the Measured VM 342].
accessing a first data unit; and (Spiers, par0150 teaches in block 810, the method may include communicating a quote generated based on the first measurement and the second measurement for attesting to authenticity of the virtualization platform and of the measured virtual machine. In a further example, the quote may be generated based on a third measurement of a secure tunnel. For example, virtualization platform 334 may instruct the TPM 344 to generate a TPM quote based on one or more measurements stored in the PCRs, and may cause the TPM 344 and Measured VM 342 to deliver the TPM quote to the boot server 330).
sending a request message to a second cloud component, of the second cloud component, the request message, a second data unit, the second data unit being. (Spiers, par0159 teaches in one example, the organization network 302 may transmit the first token to the cloud zone 306, which then transmits the first token to a computing system in the cloud infrastructure 310. The computing system 334[first cloud component] may instruct (see step 1002B) the VPC 308 [second cloud component] to power on the VM instance 342A by starting the VM, which starts the VM BIOS, which invokes a custom PXE loader, as described herein).
by the second cloud component at least in part by accessing (Spiers, par0165 teaches The virtual machine instance 342A in the cloud environment (e.g., virtual private cloud 308) may then access resources and data stored in the cloud zone 306 and organization network 302, as a result of having been securely instantiating, booted, and authenticated).
and a description; (Spiers, par0138 teaches a potential additional strength in securing the cloud environment (e.g., virtual private cloud 308) may be a result of comparing and cross-referencing the collected logs with the internal logs describing the expected state of the environment…By comparing and correlating the cloud orchestrator logs describing expected state of the environment with logs obtained via internal and external monitoring, we may be able to detect events such as).
of a subtask of the first task, executing the subtask (Spiers, par0043 teaches the process of establishing a root of trust in the cloud provider's environment may be accomplished by, for example, one or more efforts: assessing service providers using assessment tailored towards cloud providers; negotiating contracts establishing contractual relationship between the organization and the cloud provider including all the obligation and penalties; and/or assessing risk based on the results of the previous two items as well as the elements described in FIGS. 3-5, 12A, and 12B that may be used to access the cloud in order to determine if level of risk posed by factors that are outside of the organization's control are acceptable).
          Spiers does not  explicitly disclose wherein the zone token comprises a first user identifier indicating a first user and a first zone identifier (ID) indicating a first zone; associated with the first zone ID; comprising the first zone ID.
          McGuire however discloses  wherein the zone token comprises a first user identifier indicating a first user and a first zone identifier (ID) indicating a first zone; associated with the first zone ID; comprising the first zone ID ( McGuire, col7 ln48-65 teaches at 222, a token [zone token] can be generated based on encrypting the name value pairs (e.g., user identifier [a first user identifier indicating a first user], access zone identifier [a first zone identifier (ID) indicating a first zone], timestamp, encryption salt, etc.) using a current encryption key. It can be appreciated that the current encryption key is common to all nodes of the cluster……At 232, it can be determined if the token can be decrypted using the current encryption key. For example, a valid decrypted token will have name value pairs that make sense to the node, for example, a user identifier, zone identifier, the set of salt, and other discriminative information that allows the node to easily determine, without a separate table lookup, that the token has been decrypted using a valid key).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of wherein the zone token comprises a first user identifier indicating a first user and a first zone identifier (ID) indicating a first zone; associated with the first zone ID; comprising the first zone ID, as taught by McGuire, in the system of  Spiers, so if a client is authenticated in a distributed file system, a token  can be provided that can then be included in the header parameter of subsequent requests from the client, see McGuire, col1 ln37-40.
          Spiers and McGuire do not  explicitly disclose the first cloud component, the first cloud component comprising a first persistence for; the first data unit being associated with, at the first persistence, comprising a second persistence separate from the first persistence, from the second persistence, at the second persistence.
          Zeng however discloses the first cloud component, the first cloud component comprising a first persistence for; the first data unit being associated with, at the first persistence, comprising a second persistence separate from the first persistence, from the second persistence, at the second persistence. ( Zeng, Fig. 2, par0070, 0097. Par0070 teaches as shown in FIG. 2, a network 20 includes: a first data server 203, a second data server 202, and one or more application servers 201, where the second data server 202 is in communication connection with the first data server 203 and the one or more application servers 201, the one or more application servers 201 are configured to provide an application service, the first data server 203 [first cloud component] is configured to provide a first persistence [first persistence] layer service, including first data [first data, the second data server 202 [second cloud component] is configured to provide a second persistence [second persistence] layer service, including second data. Par0097 teaches according to an implementation manner shown in FIG. 3A, in one aspect, implementing the second persistence layer service by a cloud VM may implement on-demand data resource assignment; in another aspect, the second data server 202 including the second persistence layer service that has a transaction management function and the first data server 203 including an original cloud first persistence layer service host on different VMs, which avoids that the second persistence layer service that has a transaction management function occupies a data processing resource for the original first persistence layer service, and therefore avoids impact on the original first persistence layer service).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of the first cloud component, the first cloud component comprising a first persistence for; the first data unit being associated with, at the first persistence, comprising a second persistence separate from the first persistence, from the second persistence, at the second persistence, as taught by Zeng, in the system of  Spiers and McGuire, so as to provide a unified database access interface to an application a persistence layer service is used to shield a different database deployment form, a version difference, and/or a different database provider, see Zeng par0004.

As per claim 12.  Spiers, McGuire and Zeng disclose the system of claim 9.  
          Spiers discloses the operations further comprising: sending the zone token to the first cloud component; (Spiers, par0159 teaches a first computing system (e.g., a cloud orchestrator system 318 at cloud zone 306 and/or organization network 302) may transmit (see step 1002A) via an encrypted channel a first token to a second computing system (e.g., computing system 334 [first cloud component] in communication with VPC 308)).
determining a second cloud component that is associated with the first zone; and sending the zone token to the second cloud component. (Spiers, par0159 teaches in one example, the organization network 302 may transmit the first token to the cloud zone 306, which then transmits the first token to a computing system in the cloud infrastructure 310. The computing system 334[first cloud component] may instruct (see step 1002B) the VPC 308 [second cloud component] to power on the VM instance 342A by starting the VM, which starts the VM BIOS, which invokes a custom PXE loader, as described herein).

As per claim 17. A non-transitory machine-readable medium comprising instructions thereon that, when executed by at least one processor, cause the at least one processor to perform operations comprising: (Spiers, par0011 teaches a computing apparatus is disclosed comprising one or more processors and one or more memories (e.g., tangible, non-transitory computer memory) storing computer executable instructions that, when executed, cause the apparatus to perform one or more of the aforementioned steps).
(Spiers, par0159 teaches a first computing system (e.g., a cloud orchestrator system 318 at cloud zone 306 and/or organization network 302) may transmit (see step 1002A) via an encrypted channel a first token to a second computing system (e.g., computing system 334 [first cloud component] in communication with VPC 308)).
receiving, by the first cloud component and from a user computing system, a task request indicating a first task; (Spiers, par0147 teaches in block 804, the method may include receiving a create measured virtual machine request comprising authentication information. For example, the virtualization platform 334[first cloud component]  may receive a request, which includes an authentication code U, to create a Measured VM 342).
associated with the zone token (Spiers, par0159 teaches a first computing system (e.g., a cloud orchestrator system 318 at cloud zone 306 and/or organization network 302) may transmit (see step 1002A) via an encrypted channel a first token to a second computing system (e.g., computing system 334 [first cloud component] in communication with VPC 308)).
executing the first task by the first cloud component, wherein executing the first task comprises: (Spiers, par0148 teaches In block 806, the method may include, in response to the request, creating a measured virtual machine based on the authentication information. For example, the virtualization platform 334 may create a Measured VM 342).
a first tenant, a second tenant (Spiers, par0048 teaches each of the systems in FIGS. 3-5, 12A, and 12B may include a tenant data center 302 and a cloud provider data center 304. A cloud provider may be an organization that creates a cloud platform used by one or more tenants [first and second tenants] to execute computational workloads. A tenant may be a user or an organization that uses the cloud platform to execute its computational workloads. The tenant data center 302 may include computer hardware (e.g., one or more computing devices 101) and software controlled by a tenant. The cloud provider data center 304 may include computer hardware (e.g., one or more computing devices 101) and software controlled by the cloud provider. The cloud provider data center 304 may provide a computational service permitting one or more tenants [first and second tenants] to execute computational workloads using virtual machines (VMs). A cloud provider may also be one of the tenants).
accessing a first data unit; and (Spiers, par0150 teaches in block 810, the method may include communicating a quote generated based on the first measurement and the second measurement for attesting to authenticity of the virtualization platform and of the measured virtual machine. In a further example, the quote may be generated based on a third measurement of a secure tunnel. For example, virtualization platform 334 may instruct the TPM 344 to generate a TPM quote based on one or more measurements stored in the PCRs, and may cause the TPM 344 and Measured VM 342 to deliver the TPM quote to the boot server 330).
sending a request message to a second cloud component, the request message, a second data unit, the second data unit being. (Spiers, par0159 teaches in one example, the organization network 302 may transmit the first token to the cloud zone 306, which then transmits the first token to a computing system in the cloud infrastructure 310. The computing system 334[first cloud component] may instruct (see step 1002B) the VPC 308 [second cloud component] to power on the VM instance 342A by starting the VM, which starts the VM BIOS, which invokes a custom PXE loader, as described herein).
by the second cloud component at least in part by accessing (Spiers, par0165 teaches The virtual machine instance 342A in the cloud environment (e.g., virtual private cloud 308) may then access resources and data stored in the cloud zone 306 and organization network 302, as a result of having been securely instantiating, booted, and authenticated).
and a description; (Spiers, par0138 teaches a potential additional strength in securing the cloud environment (e.g., virtual private cloud 308) may be a result of comparing and cross-referencing the collected logs with the internal logs describing the expected state of the environment…By comparing and correlating the cloud orchestrator logs describing expected state of the environment with logs obtained via internal and external monitoring, we may be able to detect events such as:).
of a subtask of the first task, executing the subtask (Spiers, par0043 teaches the process of establishing a root of trust in the cloud provider's environment may be accomplished by, for example, one or more efforts: assessing service providers using assessment tailored towards cloud providers; negotiating contracts establishing contractual relationship between the organization and the cloud provider including all the obligation and penalties; and/or assessing risk based on the results of the previous two items as well as the elements described in FIGS. 3-5, 12A, and 12B that may be used to access the cloud in order to determine if level of risk posed by factors that are outside of the organization's control are acceptable).

          McGuire however discloses  wherein the zone token comprises a first user identifier indicating a first user and a first zone identifier (ID) indicating a first zone; the first zone ID; comprising the first zone ID; ( McGuire, col7 ln48-65 teaches at 222, a token [zone token] can be generated based on encrypting the name value pairs (e.g., user identifier [a first user identifier indicating a first user], access zone identifier [a first zone identifier (ID) indicating a first zone], timestamp, encryption salt, etc.) using a current encryption key. It can be appreciated that the current encryption key is common to all nodes of the cluster……At 232, it can be determined if the token can be decrypted using the current encryption key. For example, a valid decrypted token will have name value pairs that make sense to the node, for example, a user identifier, zone identifier, the set of salt, and other discriminative information that allows the node to easily determine, without a separate table lookup, that the token has been decrypted using a valid key).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of wherein the zone token comprises a first user identifier indicating a first user and a first zone identifier (ID) indicating a first zone; the first zone ID; comprising the first zone ID; associated with the first zone ID, as taught by McGuire, in the non-transitory machine-readable medium of  Spiers, so if a client is authenticated in a distributed file system, a 
          Spiers and McGuire do not  explicitly disclose the first cloud component, the first cloud component comprising a first persistence for; the first data unit being associated with, at the first persistence; and associated with, of the second cloud component, comprising a second persistence separate from the first persistence, from the second persistence, at the second persistence.
          Zeng however discloses the first cloud component, the first cloud component comprising a first persistence for; the first data unit being associated with, at the first persistence; and associated with, of the second cloud component, comprising a second persistence separate from the first persistence, from the second persistence, at the second persistence. ( Zeng, Fig. 2, par0070, 0097. Par0070 teaches as shown in FIG. 2, a network 20 includes: a first data server 203, a second data server 202, and one or more application servers 201, where the second data server 202 is in communication connection with the first data server 203 and the one or more application servers 201, the one or more application servers 201 are configured to provide an application service, the first data server 203 [first cloud component] is configured to provide a first persistence [first persistence] layer service, including first data [first data], the second data server 202 [second cloud component] is configured to provide a second persistence [second persistence] layer service, including second data. Par0097 teaches according to an implementation manner shown in FIG. 3A, in one aspect, implementing the second persistence layer service by a cloud VM may implement on-demand data resource assignment; in another aspect, the second data server 202 including the second persistence layer service that has a transaction management function and the first data server 203 including an original cloud first persistence layer service host on different VMs, which avoids that the second persistence layer service that has a transaction management function occupies a data processing resource for the original first persistence layer service, and therefore avoids impact on the original first persistence layer service).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of the first cloud component, the first cloud component comprising a first persistence for; the first data unit being associated with, at the first persistence; and associated with, of the second cloud component, comprising a second persistence separate from the first persistence, from the second persistence, at the second persistence, as taught by Zeng, in the non-transitory machine-readable medium of  Spiers and McGuire, so as to provide a unified database access interface to an application a persistence layer service is used to shield a different database deployment form, a version difference, and/or a different database provider, see Zeng par0004.

As per claim 20.  Spiers, McGuire and Zeng disclose the medium of claim 17.  
          Spiers further discloses the operations further comprising: sending the zone token to the first cloud component; (Spiers, par0159 teaches a first computing system (e.g., a cloud orchestrator system 318 at cloud zone 306 and/or organization network 302) may transmit (see step 1002A) via an encrypted channel a first token to a second computing system (e.g., computing system 334 [first cloud component] in communication with VPC 308)).
 determining a second cloud component that is associated with the first zone; and sending the zone token to the second cloud component. (Spiers, par0159 teaches in one example, the organization network 302 may transmit the first token to the cloud zone 306, which then transmits the first token to a computing system in the cloud infrastructure 310. The computing system 334[first cloud component] may instruct (see step 1002B) the VPC 308 [second cloud component] to power on the VM instance 342A by starting the VM, which starts the VM BIOS, which invokes a custom PXE loader, as described herein).

Claims 2, 10 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Spiers in view of McGuire, further in view of Zeng, and further in view of Gupta et al. (US20200136825A1) hereinafter Gupta.

As per claim 2.  Spiers, McGuire and Zeng disclose the method of claim 1. 
          Spiers discloses further comprising: before receiving the task request, receiving, by the first cloud component and (Spiers, par0147 teaches in block 804, the method may include receiving a create measured virtual machine request comprising authentication information. For example, the virtualization platform 334[first cloud component]  may receive a request, which includes an authentication code U, to create a Measured VM 342).
(Spiers, par0072 teaches In an example, the cloud provider may create and maintain a trusted and verifiable inventory of valid attestation identity keys (AIK). AIKs may be a public/private key pair. This inventory of keys may identify which public key is associated with which TPM. The inventory may also identify which physical infrastructure 338 contains a particular TPM 344 having a particular AIK public key. The cloud provider may provide each tenant with the inventory using a trusted verifiable process so that the tenant is aware of valid public keys (e.g., AIK, TPM transport session key), and which TPM corresponds to a particular physical infrastructure 338. For example, the tenant may store the key inventory in internal database 233).
          Spiers does not  explicitly disclose wherein the request comprising the first zone ID; to reference the first zone ID.
          McGuire however discloses  the request comprising the first zone ID; to reference the first zone ID ( McGuire, col7 ln48-65 teaches at 222, a token [zone token] can be generated based on encrypting the name value pairs (e.g., user identifier [a first user identifier indicating a first user], access zone identifier [a first zone identifier (ID) indicating a first zone], timestamp, encryption salt, etc.) using a current encryption key. It can be appreciated that the current encryption key is common to all nodes of the cluster……At 232, it can be determined if the token can be decrypted using the current encryption key. For example, a valid decrypted token will have name value pairs that make sense to the node, for example, a user identifier, zone identifier, the set of salt, and other discriminative information that allows the node to easily determine, without a separate table lookup, that the token has been decrypted using a valid key).

          Spiers, McGuire and Zeng do not  explicitly disclose a request to add a first tenant; the request to add the first tenant; of the first tenant; of the first cloud component to the first zone; and responsive to to the first zone, associating at least one data unit, of the first zone, the at least one data unit; comprising the first data unit.
          Gupta however discloses  a request to add a first tenant; the request to add the first tenant; of the first tenant (Gupta, par0042 teaches he provisioner 240 may be configured to allocate access to resources on the one or more of the data centers 245 to the tenant via a client device associated with the tenant.  The provisioner 240 may be configured to grant the tenant access to some or all of the data centers 245 ("accessible data centers") in some or all of the logical zones 230 ("accessible logical zones").  
In some embodiments, the provisioner 240 exclusively grants the tenant access 
to one or more of the accessible data centers 245.  The provisioner 240 may be 
configured to create a universally unique identifier ("UUID") for the tenant.  
The provisioner 240 may be configured to store the tenant information, such as 
the tenant UUID, a public cloud UUID associated with the public cloud 210, the 
accessible logical zones, and the accessible data centers as a data entry in a 
database such as the hybrid cloud database 265 or some other database). 
(Gupta, par0066-0067 teaches at operation 408, the host server determines whether the request specifies a first logical zone.  The host server may receive a tenant UUID or a private cloud UUID.  The host server may search for a first logical zone in a data entry corresponding to the tenant UUID or the private cloud UUID.  The data entry may be located in the database).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of a request to add a first tenant; the request to add the first tenant; of the first tenant; of the first cloud component to the first zone; and responsive to to the first zone, associating at least one data unit, of the first zone, the at least one data unit; comprising the first data unit, as taught by Gupta, in the method of  Spiers, McGuire and Zeng, so virtual computing systems allow several operating systems and several software applications to be safely run at the same time on the virtual machines of a single host machine, 
thereby increasing resource utilization and performance efficiency, see Gupta, par0002.

As per claim 10.  Spiers, McGuire and Zeng disclose the system of claim 9. 
          Spiers  further discloses the operations further comprising: before receiving the task request, receiving, by the first cloud component and (Spiers, par0147 teaches in block 804, the method may include receiving a create measured virtual machine request comprising authentication information. For example, the virtualization platform 334[first cloud component]  may receive a request, which includes an authentication code U, to create a Measured VM 342).
from an identity and access management system of the cloud platform, (Spiers, par0072 teaches in an example, the cloud provider may create and maintain a trusted and verifiable inventory of valid attestation identity keys (AIK). AIKs may be a public/private key pair. This inventory of keys may identify which public key is associated with which TPM. The inventory may also identify which physical infrastructure 338 contains a particular TPM 344 having a particular AIK public key. The cloud provider may provide each tenant with the inventory using a trusted verifiable process so that the tenant is aware of valid public keys (e.g., AIK, TPM transport session key), and which TPM corresponds to a particular physical infrastructure 338. For example, the tenant may store the key inventory in internal database 233).
          Spiers does not  explicitly disclose the request comprising the first zone ID; to reference the first zone ID.
          McGuire however discloses  the request comprising the first zone ID; to reference the first zone ID ( McGuire, col7 ln48-65 teaches at 222, a token [zone token] can be generated based on encrypting the name value pairs (e.g., user identifier [a first user identifier indicating a first user], access zone identifier [a first zone identifier (ID) indicating a first zone], timestamp, encryption salt, etc.) using a current encryption key. It can be appreciated that the current encryption key is common to all nodes of the cluster……At 232, it can be determined if the token can be decrypted using the current encryption key. For example, a valid decrypted token will have name value pairs that make sense to the node, for example, a user identifier, zone identifier, the set of salt, and other discriminative information that allows the node to easily determine, without a separate table lookup, that the token has been decrypted using a valid key).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of the request comprising the first zone ID; to reference the first zone ID, as taught by McGuire, in the system of  Spiers, so if a client is authenticated in a distributed file system, a token  can be provided that can then be included in the header parameter of subsequent requests from the client, see McGuire, col1 ln37-40.
          Spiers, McGuire and Zeng do not  explicitly disclose a request to add a first tenant; the request to add the first tenant; of the first tenant; of the first cloud component to the first zone; and responsive to to the first zone, associating at least one data unit, of the first zone, the at least one data unit; comprising the first data unit.
          Gupta however discloses  a request to add a first tenant; the request to add the first tenant; of the first tenant (Gupta, par0042 teaches he provisioner 240 may be configured to allocate access to resources on the one or more of the data centers 245 to the tenant via a client device associated with the tenant.  The provisioner 240 may be configured to grant the tenant access to some or all of the data centers 245 ("accessible data centers") in some or all of the logical zones 230 ("accessible logical zones").  
In some embodiments, the provisioner 240 exclusively grants the tenant access 
to one or more of the accessible data centers 245.  The provisioner 240 may be 
configured to create a universally unique identifier ("UUID") for the tenant.  
The provisioner 240 may be configured to store the tenant information, such as 
the tenant UUID, a public cloud UUID associated with the public cloud 210, the 
accessible logical zones, and the accessible data centers as a data entry in a 
database such as the hybrid cloud database 265 or some other database). 
of the first cloud component to the first zone; and responsive to the first zone, associating at least one data unit, of the first zone, the at least one data unit; comprising the first data unit. (Gupta, par0066-0067 teaches at operation 408, the host server determines whether the request specifies a first logical zone.  The host server may receive a tenant UUID or a private cloud UUID.  The host server may search for a first logical zone in a data entry corresponding to the tenant UUID or the private cloud UUID.  The data entry may be located in the database).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of a request to add a first tenant; the request to add the first tenant; of the first tenant; of the first cloud component to the first zone; and responsive to to the first zone, associating at least one data unit, of the first zone, the at least one data unit; comprising the first data unit, as taught by Gupta, in the system of  Spiers, McGuire and Zeng, so virtual computing systems allow several operating systems and several software applications to be safely run at the same time on the virtual machines of a single host machine, 
thereby increasing resource utilization and performance efficiency, see Gupta, par0002.

As per claim 18.  Spiers, McGuire and Zeng disclose the medium of claim 17. 
          Spiers further discloses the operations further comprising: before receiving the task request, receiving, by the first cloud component and (Spiers, par0147 teaches in block 804, the method may include receiving a create measured virtual machine request comprising authentication information. For example, the virtualization platform 334[first cloud component]  may receive a request, which includes an authentication code U, to create a Measured VM 342).
from an identity and access management system, (Spiers, par0072 teaches in an example, the cloud provider may create and maintain a trusted and verifiable inventory of valid attestation identity keys (AIK). AIKs may be a public/private key pair. This inventory of keys may identify which public key is associated with which TPM. The inventory may also identify which physical infrastructure 338 contains a particular TPM 344 having a particular AIK public key. The cloud provider may provide each tenant with the inventory using a trusted verifiable process so that the tenant is aware of valid public keys (e.g., AIK, TPM transport session key), and which TPM corresponds to a particular physical infrastructure 338. For example, the tenant may store the key inventory in internal database 233).
          Spiers does not  explicitly disclose the request comprising the first zone ID; to reference the first zone ID.
          McGuire however discloses  the request comprising the first zone ID; to reference the first zone ID ( McGuire, col7 ln48-65 teaches at 222, a token [zone token] can be generated based on encrypting the name value pairs (e.g., user identifier [a first user identifier indicating a first user], access zone identifier [a first zone identifier (ID) indicating a first zone], timestamp, encryption salt, etc.) using a current encryption key. It can be appreciated that the current encryption key is common to all nodes of the cluster……At 232, it can be determined if the token can be decrypted using the current encryption key. For example, a valid decrypted token will have name value pairs that make sense to the node, for example, a user identifier, zone identifier, the set of salt, and other discriminative information that allows the node to easily determine, without a separate table lookup, that the token has been decrypted using a valid key).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of the request comprising the first zone ID; to reference the first zone ID, as taught by McGuire, in the non-transitory machine-readable medium of  Spiers, so if a client is authenticated in a distributed file system, a token  can be provided that can then be included in the header parameter of subsequent requests from the client, see McGuire, col1 ln37-40.
          Spiers, McGuire and Zeng do not  explicitly disclose a request to add a first tenant; the request to add the first tenant; of the first tenant; of the first cloud component to the first zone; and responsive to to the first zone, associating at least one data unit, of the first zone, the at least one data unit; comprising the first data unit.
          Gupta however discloses  a request to add a first tenant; the request to add the first tenant; of the first tenant (Gupta, par0042 teaches he provisioner 240 may be configured to allocate access to resources on the one or more of the data centers 245 to the tenant via a client device associated with the tenant.  The provisioner 240 may be configured to grant the tenant access to some or all of the data centers 245 ("accessible data centers") in some or all of the logical zones 230 ("accessible logical zones").  
In some embodiments, the provisioner 240 exclusively grants the tenant access 
to one or more of the accessible data centers 245.  The provisioner 240 may be 
configured to create a universally unique identifier ("UUID") for the tenant.  
The provisioner 240 may be configured to store the tenant information, such as 
the tenant UUID, a public cloud UUID associated with the public cloud 210, the 
accessible logical zones, and the accessible data centers as a data entry in a 
database such as the hybrid cloud database 265 or some other database). 
of the first cloud component to the first zone; and responsive to the first zone, associating at least one data unit, of the first zone, the at least one data unit; comprising the first data unit. (Gupta, par0066-0067 teaches at operation 408, the host server determines whether the request specifies a first logical zone.  The host server may receive a tenant UUID or a private cloud UUID.  The host server may search for a first logical zone in a data entry corresponding to the tenant UUID or the private cloud UUID.  The data entry may be located in the database).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of a request to add a first tenant; the request to add the first tenant; of the first tenant; of the first cloud component to the first zone; and responsive to to the first zone, associating at least one data unit, of the first zone, the at least one data unit; comprising the first data unit, as taught by Gupta, in the non-transitory machine-readable medium of Spiers, McGuire and Zeng, so virtual computing systems allow several operating systems and several software applications to be safely run at the same time on the virtual machines of a single host machine, thereby increasing resource utilization and performance efficiency, see Gupta, par0002.

Claims 3, 11 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Spiers in view of McGuire, further in view of Zeng, further in view of Gupta, and further in view of Beiter (US10218703B2) hereinafter Beiter.

As per claim 3.  Spiers, McGuire, Zeng and Gupta disclose the method of claim 2.  
          Spiers does not  explicitly disclose to the first zone, the request comprising the first zone ID.
          McGuire however discloses  to the first zone, the request comprising the first zone ID ( McGuire, col7 ln48-65 teaches at 222, a token [zone token] can be generated based on encrypting the name value pairs (e.g., user identifier [a first user identifier indicating a first user], access zone identifier [a first zone identifier (ID) indicating a first zone], timestamp, encryption salt, etc.) using a current encryption key. It can be appreciated that the current encryption key is common to all nodes of the cluster……At 232, it can be determined if the token can be decrypted using the current encryption key. For example, a valid decrypted token will have name value pairs that make sense to the node, for example, a user identifier, zone identifier, the set of salt, and other discriminative information that allows the node to easily determine, without a separate table lookup, that the token has been decrypted using a valid key).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of to the first zone, the request comprising the first zone ID, as taught by McGuire, in the method of  Spiers, so if a client is authenticated in a distributed file system, a token  can 
          Spiers, McGuire, Zeng and Gupta do not  explicitly disclose further comprising: determining that a second tenant at the second cloud component depends on the first tenant; and sending, to the second cloud component, a request to add the second tenant.
          Beiter however discloses  further comprising: determining that a second tenant at the second cloud component depends on the first tenant; and sending, to the second cloud component, a request to add the second tenant. (Beiter, col6 Ln58 col7 Ln3 teaches in response to a request from the first tenant for the resource of the second tenant, the tenant-to-tenant privilege management engine 314 can determine (at 504), based on the tenant privilege representation 310, whether the first tenant is permitted to access the resource of the second tenant. In other examples, the request from the first tenant may be a request to add a sub-tenant of the second tenant, or to remove a sub-tenant from the second tenant, or to perform another task with respect to the second tenant. In response to such other request, the tenant-to-tenant privilege management engine 314 can similarly consult the tenant privilege representation 310 to determine whether or not the request can be granted).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality further comprising: determining that a second tenant at the second cloud component depends on the first tenant; and sending, to the second cloud component, a request to add the second tenant, as taught by Beiter, in the method of  Spiers, McGuire, Zeng and Gupta, 

As per claim 11.  Spiers, McGuire, Zeng and Gupta disclose the system of claim 10.  
          Spiers does not  explicitly disclose to the first zone, the request comprising the first zone ID.
          McGuire however discloses  to the first zone, the request comprising the first zone ID ( McGuire, col7 ln48-65 teaches at 222, a token [zone token] can be generated based on encrypting the name value pairs (e.g., user identifier [a first user identifier indicating a first user], access zone identifier [a first zone identifier (ID) indicating a first zone], timestamp, encryption salt, etc.) using a current encryption key. It can be appreciated that the current encryption key is common to all nodes of the cluster……At 232, it can be determined if the token can be decrypted using the current encryption key. For example, a valid decrypted token will have name value pairs that make sense to the node, for example, a user identifier, zone identifier, the set of salt, and other discriminative information that allows the node to easily determine, without a separate table lookup, that the token has been decrypted using a valid key).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of to the first zone, the request comprising the first zone ID, as taught by McGuire, in the system of Spiers, so if a client is authenticated in a distributed file system, a token  can 
          Spiers, McGuire, Zeng and Gupta do not  explicitly disclose further comprising: determining that a second tenant at the second cloud component depends on the first tenant; and sending, to the second cloud component, a request to add the second tenant.
          Beiter however discloses  further comprising: determining that a second tenant at the second cloud component depends on the first tenant; and sending, to the second cloud component, a request to add the second tenant. (Beiter, col6 Ln58 col7 Ln3 teaches in response to a request from the first tenant for the resource of the second tenant, the tenant-to-tenant privilege management engine 314 can determine (at 504), based on the tenant privilege representation 310, whether the first tenant is permitted to access the resource of the second tenant. In other examples, the request from the first tenant may be a request to add a sub-tenant of the second tenant, or to remove a sub-tenant from the second tenant, or to perform another task with respect to the second tenant. In response to such other request, the tenant-to-tenant privilege management engine 314 can similarly consult the tenant privilege representation 310 to determine whether or not the request can be granted).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality further comprising: determining that a second tenant at the second cloud component depends on the first tenant; and sending, to the second cloud component, a request to add the second tenant, as taught by Beiter, in the system of Spiers, McGuire, Zeng and Gupta, 

As per claim 19.  Spiers, McGuire, Zeng and Gupta disclose the medium of claim 18.  
          Spiers does not  explicitly disclose to the first zone, the request comprising the first zone ID.
          McGuire however discloses  to the first zone, the request comprising the first zone ID ( McGuire, col7 ln48-65 teaches at 222, a token [zone token] can be generated based on encrypting the name value pairs (e.g., user identifier [a first user identifier indicating a first user], access zone identifier [a first zone identifier (ID) indicating a first zone], timestamp, encryption salt, etc.) using a current encryption key. It can be appreciated that the current encryption key is common to all nodes of the cluster……At 232, it can be determined if the token can be decrypted using the current encryption key. For example, a valid decrypted token will have name value pairs that make sense to the node, for example, a user identifier, zone identifier, the set of salt, and other discriminative information that allows the node to easily determine, without a separate table lookup, that the token has been decrypted using a valid key).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of to the first zone, the request comprising the first zone ID, as taught by McGuire, in the non-transitory machine-readable medium of  Spiers, so if a client is authenticated in a 
          Spiers, McGuire, Zeng and Gupta do not  explicitly disclose further comprising: determining that a second tenant at the second cloud component depends on the first tenant; and sending, to the second cloud component, a request to add the second tenant.
          Beiter however discloses  further comprising: determining that a second tenant at the second cloud component depends on the first tenant; and sending, to the second cloud component, a request to add the second tenant. (Beiter, col6 Ln58 col7 Ln3 teaches in response to a request from the first tenant for the resource of the second tenant, the tenant-to-tenant privilege management engine 314 can determine (at 504), based on the tenant privilege representation 310, whether the first tenant is permitted to access the resource of the second tenant. In other examples, the request from the first tenant may be a request to add a sub-tenant of the second tenant, or to remove a sub-tenant from the second tenant, or to perform another task with respect to the second tenant. In response to such other request, the tenant-to-tenant privilege management engine 314 can similarly consult the tenant privilege representation 310 to determine whether or not the request can be granted).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality further comprising: determining that a second tenant at the second cloud component depends on the first tenant; and sending, to the second cloud component, a request to add the second tenant, as taught by Beiter, in the medium of  Spiers, McGuire, Zeng and Gupta, .

Claims 5 and 13 are rejected under 35 U.S.C. 103 as being unpatentable over Spiers in view of McGuire, further in view of Zeng, and further in view of Nguyen et al. (US20160063060A1) hereinafter Nguyen.

As per claim 5.  Spiers, McGuire and Zeng disclose the method of claim 1. 
          Spiers, McGuire and Zeng  do not explicitly disclose wherein a first tenant at the first cloud component is assigned to a third zone and a second tenant at the first cloud component is assigned to the first zone. further comprising: receiving. by the first cloud component. a request to merge the first zone and the third zone: identifying. by the first cloud component. a set of data units associated with a third zone ID; and associating. by the first cloud component. the set of data units with the first zone ID.
          Nguyen however discloses wherein a first tenant at the first cloud component is assigned to a third zone and a second tenant at the first cloud component is assigned to the first zone. further comprising: (Nguyen, par0061 teaches in some embodiments, merger 138 merges the plurality of zone subsets split from a single zone back into the single zone.  During the peak phase of one or more zone subsets split from a zone, load balancer 134 may detect when a zone subset is not experiencing a high load).
receiving, by the first cloud component. a request to merge the first zone and the third zone: (Nguyen, par0061 teaches in response to detecting that the zone subset is not experiencing a high load, merger 138 merges the plurality of zone subsets split from a zone back into the zone, where the zone is in the normal phase.  For example and in 
reference to FIG. 4, in response to determining that zone subset 402 is not 
experiencing a high load, merger 138 may merge zone subsets 402 and 404 into 
single zone 302.  In particular merger 138 may merge the disjoint set of data 
sources in each of zone subsets 402 and 404 into single zone 302.  The single 
zone includes each of the data sources in the plurality of zone subsets).
identifying, by the first cloud component. a set of data units associated with a third zone ID; and (Nguyen, par0058 teaches plitter 136 assigns a third subset of data sources belonging to zone subset 302 to zone subset 402 and assigns a fourth subset of data sources belonging to zone subset 302 to zone subset 404, where the zone subsets have disjoint sets of data sources.  In particular, zone subset 402 includes the 
third subset of data sources 108 and 113, and zone subset 404 includes the 
fourth subset of data sources 109 and 114.  The third subset of data sources is 
disjoint from the fourth subset of data sources).
associating. by the first cloud component. the set of data units with the first zone ID. (Nguyen, par0059 teaches splitter 136 assigns clients to the zone subsets split 
from zone subset 302.  For example, splitter 136 may assign client 105 to zone 
subset 402 and may assign client 102 to zone subset 404.  In such an example, 
data federation engine 132 submits federated queries issued by client 105 to 
one or more data sources in zone subset 402 (and not zone subset 404), and 
submits federated queries issued by client 102 to one or more data sources in 
zone subset 404 (and not zone subset 402).


As per claim 13.  Spiers, McGuire and Zeng disclose the system of claim 9. 
          Spiers, McGuire and Zeng  do not explicitly disclose wherein a first tenant at the first cloud component is assigned to a third zone and a second tenant at the first cloud component is assigned to the first zone. further comprising: receiving. by the first cloud component. a request to merge the first zone and the third zone: identifying. by the first cloud component. a set of data units associated with a third zone ID; and associating. by the first cloud component. the set of data units with the first zone ID.
          Nguyen however discloses wherein a first tenant at the first cloud component is assigned to a third zone and a second tenant at the first cloud component is assigned to the first zone. further comprising: (Nguyen, par0061 teaches in some embodiments, merger 138 merges the plurality of zone subsets split from a single zone back into the single zone.  During the peak phase of one or more zone subsets split from a zone, load balancer 134 may detect when a zone subset is not experiencing a high load).
receiving, by the first cloud component. a request to merge the first zone and the third zone: (Nguyen, par0061 teaches in response to detecting that the zone subset is not experiencing a high load, merger 138 merges the plurality of zone subsets split from a zone back into the zone, where the zone is in the normal phase.  For example and in 
reference to FIG. 4, in response to determining that zone subset 402 is not 
experiencing a high load, merger 138 may merge zone subsets 402 and 404 into 
single zone 302.  In particular merger 138 may merge the disjoint set of data 
sources in each of zone subsets 402 and 404 into single zone 302.  The single 
zone includes each of the data sources in the plurality of zone subsets).
identifying, by the first cloud component. a set of data units associated with a third zone ID; and (Nguyen, par0058 teaches plitter 136 assigns a third subset of data sources belonging to zone subset 302 to zone subset 402 and assigns a fourth subset of data sources belonging to zone subset 302 to zone subset 404, where the zone subsets have disjoint sets of data sources.  In particular, zone subset 402 includes the 
third subset of data sources 108 and 113, and zone subset 404 includes the 
fourth subset of data sources 109 and 114.  The third subset of data sources is 
disjoint from the fourth subset of data sources).
associating. by the first cloud component. the set of data units with the first zone ID. (Nguyen, par0059 teaches splitter 136 assigns clients to the zone subsets split 
from zone subset 302.  For example, splitter 136 may assign client 105 to zone 
subset 402 and may assign client 102 to zone subset 404.  In such an example, 
data federation engine 132 submits federated queries issued by client 105 to 
one or more data sources in zone subset 402 (and not zone subset 404), and 
submits federated queries issued by client 102 to one or more data sources in 
zone subset 404 (and not zone subset 402).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of wherein a first tenant at the first cloud component is assigned to a third zone and a second tenant at the first cloud component is assigned to the first zone. further comprising: receiving. by the first cloud component. a request to merge the first zone and the third zone: identifying. by the first cloud component. a set of data units associated with a third zone ID; and associating. by the first cloud component. the set of data units with the first zone ID, as taught by Nguyen, in the system of  Spiers, McGuire and Zeng, so a federated server may receive a federated query from the client and send each source query embedded in the federated query to the appropriate data source for execution, the federated server may return a result of the federated query by retrieving results from the applicable data sources, see Nguyen par0004.

Claims 6 and 14 are rejected under 35 U.S.C. 103 as being unpatentable over Spiers in view of McGuire, further in view of Zeng, further in view of Nguyen, further in view of Peddada et al. (US20190340251A1) hereinafter Peddada, and further in view of Ezerzer (US20030093533 A1) hereinafter Ezerzer.
  
As per claim 6.  Spiers, McGuire, Zeng and Nguyen disclose the method of claim 5.
          Spiers further discloses with the first zone (Spiers, par0159 teaches a first computing system (e.g., a cloud orchestrator system 318 at cloud zone 306 and/or organization network 302) may transmit (see step 1002A) via an encrypted channel a first token to a second computing system).
          Spiers does not  explicitly disclose with the first zone ID.
          McGuire however discloses  with the first zone ID ( McGuire, col7 ln48-65 teaches at 222, a token [zone token] can be generated based on encrypting the name value pairs (e.g., user identifier [a first user identifier indicating a first user], access zone identifier [a first zone identifier (ID) indicating a first zone], timestamp, encryption salt, etc.) using a current encryption key. It can be appreciated that the current encryption key is common to all nodes of the cluster……At 232, it can be determined if the token can be decrypted using the current encryption key. For example, a valid decrypted token will have name value pairs that make sense to the node, for example, a user identifier, zone identifier, the set of salt, and other discriminative information that allows the node to easily determine, without a separate table lookup, that the token has been decrypted using a valid key).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of with the first zone ID, as taught by McGuire, in the method of  Spiers, so if a client is authenticated in a distributed file system, a token  can be provided that can then be included in the header parameter of subsequent requests from the client, see McGuire, col1 ln37-40.

          Peddada however discloses from a first database and writing the set of data units to a second database associated. (Peddada, par0029 teaches upon receiving a migration request (e.g., from a cloud client 105 or through automation based on a predetermined criteria), a first database (e.g., the source database) may migrate one or more data records to a second database (e.g., the target database). For example, a cloud client 105 may select to migrate data from the first database to the second database based on a higher processing power or system speed of the second database compared to the first database, in order to move the physical data storage closer geographically to one or more users of the cloud client 105, for compliance reasons, to alleviate data storage constraints at the first database, or a combination thereof, and may accordingly transmit the migration request to the first database).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of from a first database and writing the set of data units to a second database associated, as taught by Peddada in the method of Spiers, McGuire, Zeng and Nguyen, so users may develop applications on the cloud platform to handle the storage, management, and processing of data. In some cases, the cloud platform may utilize a multi-tenant database system, see Peddada par0002.
          Spiers, McGuire, Zeng, Nguyen and Peddada do not explicitly disclose wherein associating the set of data units; comprises erasing the set of data units.
(Ezerzer, par0012 teaches the second resource may erase the generated sensitive data after transmitting it to the database, and the fourth resource may erase the information obtained from the database after the fourth resource no longer needs the obtained information).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of associating the set of data units; comprises erasing the set of data units, as taught by Ezerzer , in the method of Spiers, McGuire, Zeng, Nguyen and Peddada, so to keep the information protected, the enterprise may not want to entrust a copy of its database to the telecommunications service provider or to an unsecure server, see Ezerzer par0009.

As per claim 14.  Spiers, McGuire, Zeng and Nguyen disclose the system of claim 13.
          Spiers further discloses with the first zone (Spiers, par0159 teaches a first computing system (e.g., a cloud orchestrator system 318 at cloud zone 306 and/or organization network 302) may transmit (see step 1002A) via an encrypted channel a first token to a second computing system).
          Spiers does not  explicitly disclose with the first zone ID.
          McGuire however discloses  with the first zone ID ( McGuire, col7 ln48-65 teaches at 222, a token [zone token] can be generated based on encrypting the name value pairs (e.g., user identifier [a first user identifier indicating a first user], access zone identifier [a first zone identifier (ID) indicating a first zone], timestamp, encryption salt, etc.) using a current encryption key. It can be appreciated that the current encryption key is common to all nodes of the cluster……At 232, it can be determined if the token can be decrypted using the current encryption key. For example, a valid decrypted token will have name value pairs that make sense to the node, for example, a user identifier, zone identifier, the set of salt, and other discriminative information that allows the node to easily determine, without a separate table lookup, that the token has been decrypted using a valid key).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of with the first zone ID, as taught by McGuire, in the system of  Spiers, so if a client is authenticated in a distributed file system, a token  can be provided that can then be included in the header parameter of subsequent requests from the client, see McGuire, col1 ln37-40.
          Spiers, McGuire, Zeng and Nguyen do not  explicitly disclose from a first database and writing the set of data units to a second database associated.
          Peddada however discloses from a first database and writing the set of data units to a second database associated. (Peddada, par0029 teaches upon receiving a migration request (e.g., from a cloud client 105 or through automation based on a predetermined criteria), a first database (e.g., the source database) may migrate one or more data records to a second database (e.g., the target database). For example, a cloud client 105 may select to migrate data from the first database to the second database based on a higher processing power or system speed of the second database compared to the first database, in order to move the physical data storage closer geographically to one or more users of the cloud client 105, for compliance reasons, to alleviate data storage constraints at the first database, or a combination thereof, and may accordingly transmit the migration request to the first database).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of from a first database and writing the set of data units to a second database associated, as taught by Peddada in the system of Spiers, McGuire, Zeng and Nguyen, so users may develop applications on the cloud platform to handle the storage, management, and processing of data. In some cases, the cloud platform may utilize a multi-tenant database system, see Peddada par0002.
          Spiers, McGuire, Zeng, Nguyen and Peddada do not explicitly disclose wherein associating the set of data units; comprises erasing the set of data units.
          Ezerzer however discloses wherein associating the set of data units; comprises erasing the set of data units. (Ezerzer, par0012 teaches the second resource may erase the generated sensitive data after transmitting it to the database, and the fourth resource may erase the information obtained from the database after the fourth resource no longer needs the obtained information).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of associating the set of data units; comprises erasing the set of data units, as taught by Ezerzer , in the system of Spiers, McGuire, Zeng, Nguyen and Peddada, so to keep the information protected, the enterprise may not want to entrust a copy of its database to .

Claims 7 and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Spiers in view of McGuire, further in view of Zeng, further in view of Nguyen, and further in view of Lachambre et al. (US20190251180A1) hereinafter Lachambre, and further in view of Ezerzer.
  
As per claim 7.  Spiers, McGuire, Zeng and Nguyen disclose the method of claim 5.
          Spiers further discloses with the first zone (Spiers, par0159 teaches a first computing system (e.g., a cloud orchestrator system 318 at cloud zone 306 and/or organization network 302) may transmit (see step 1002A) via an encrypted channel a first token to a second computing system).
          Spiers does not  explicitly disclose with the first zone ID.
          McGuire however discloses  with the first zone ID ( McGuire, col7 ln48-65 teaches at 222, a token [zone token] can be generated based on encrypting the name value pairs (e.g., user identifier [a first user identifier indicating a first user], access zone identifier [a first zone identifier (ID) indicating a first zone], timestamp, encryption salt, etc.) using a current encryption key. It can be appreciated that the current encryption key is common to all nodes of the cluster……At 232, it can be determined if the token can be decrypted using the current encryption key. For example, a valid decrypted token will have name value pairs that make sense to the node, for example, a user identifier, zone identifier, the set of salt, and other discriminative information that allows the node to easily determine, without a separate table lookup, that the token has been decrypted using a valid key).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of with the first zone ID, as taught by McGuire, in the method of  Spiers, so if a client is authenticated in a distributed file system, a token  can be provided that can then be included in the header parameter of subsequent requests from the client, see McGuire, col1 ln37-40.
          Spiers, McGuire, Zeng and Nguyen do not  explicitly disclose from a first database schema and writing the set of data units to a second database schema associated.
          Lachambre however discloses from a first database schema and writing the set of data units to a second database schema associated. (Lachambre, par0065 teaches [0065] In further detail, a database migrator may identify a first database maintained using a first schema for a client (265). The first database may include one or more data objects maintained using the first schema. The first schema may specify a syntax specification for classifying well-formed data objects and a structural relationship among the data objects to one another. The database migrator may receive a request to update schema from the client. The request to update schema may specify the first database and may include a second schema. The second schema may specify a syntax specification and a structural relationship different from the first schema).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of 
          Spiers, McGuire, Zeng, Nguyen and Lachambre do not explicitly disclose wherein associating the set of data units; comprises erasing the set of data units.
          Ezerzer however discloses wherein associating the set of data units; comprises erasing the set of data units. (Ezerzer, par0012 teaches the second resource may erase the generated sensitive data after transmitting it to the database, and the fourth resource may erase the information obtained from the database after the fourth resource no longer needs the obtained information).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of associating the set of data units; comprises erasing the set of data units, as taught by Ezerzer , in the method of Spiers, McGuire, Zeng, Nguyen and Lachambre, so to keep the information protected, the enterprise may not want to entrust a copy of its database to the telecommunications service provider or to an unsecure server, see Ezerzer par0009.

As per claim 15.  Spiers, McGuire, Zeng and Nguyen disclose the system of claim 13.
          Spiers further discloses with the first zone (Spiers, par0159 teaches a first computing system (e.g., a cloud orchestrator system 318 at cloud zone 306 and/or organization network 302) may transmit (see step 1002A) via an encrypted channel a first token to a second computing system).
          Spiers does not  explicitly disclose with the first zone ID.
          McGuire however discloses  with the first zone ID ( McGuire, col7 ln48-65 teaches at 222, a token [zone token] can be generated based on encrypting the name value pairs (e.g., user identifier [a first user identifier indicating a first user], access zone identifier [a first zone identifier (ID) indicating a first zone], timestamp, encryption salt, etc.) using a current encryption key. It can be appreciated that the current encryption key is common to all nodes of the cluster……At 232, it can be determined if the token can be decrypted using the current encryption key. For example, a valid decrypted token will have name value pairs that make sense to the node, for example, a user identifier, zone identifier, the set of salt, and other discriminative information that allows the node to easily determine, without a separate table lookup, that the token has been decrypted using a valid key).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of with the first zone ID, as taught by McGuire, in the system of Spiers, so if a client is authenticated in a distributed file system, a token  can be provided that can then be included in the header parameter of subsequent requests from the client, see McGuire, col1 ln37-40.
          Spiers, McGuire, Zeng and Nguyen do not  explicitly disclose from a first database schema and writing the set of data units to a second database schema associated.
(Lachambre, par0065 teaches [0065] In further detail, a database migrator may identify a first database maintained using a first schema for a client (265). The first database may include one or more data objects maintained using the first schema. The first schema may specify a syntax specification for classifying well-formed data objects and a structural relationship among the data objects to one another. The database migrator may receive a request to update schema from the client. The request to update schema may specify the first database and may include a second schema. The second schema may specify a syntax specification and a structural relationship different from the first schema).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of from a first database schema and writing the set of data units to a second database schema associated, as taught by Lachambre in the system of Spiers, McGuire, Zeng and Nguyen, so to migrate an existing database from one schema to another schema under current techniques, modifications of the existing database recorded in a transaction log may be replicated onto a mirror database, see Lachambre par0002.
          Spiers, McGuire, Zeng, Nguyen and Lachambre do not explicitly disclose wherein associating the set of data units; comprises erasing the set of data units.
          Ezerzer however discloses wherein associating the set of data units; comprises erasing the set of data units. (Ezerzer, par0012 teaches the second resource may erase the generated sensitive data after transmitting it to the database, and the fourth resource may erase the information obtained from the database after the fourth resource no longer needs the obtained information).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of associating the set of data units; comprises erasing the set of data units, as taught by Ezerzer, in the system of Spiers, McGuire, Zeng, Nguyen and Lachambre, so to keep the information protected, the enterprise may not want to entrust a copy of its database to the telecommunications service provider or to an unsecure server, see Ezerzer par0009.

Claims 8 and 16 are rejected under 35 U.S.C. 103 as being unpatentable over Spiers in view of McGuire, further in view of Zeng, further in view of Nguyen, and further in view of Kopylovitz et al. (US20120191667A1) hereinafter Kopylovitz.

As per claim 8.  Spiers, McGuire, Zeng and Nguyen disclose the method of claim 5.
          Spiers does not  explicitly disclose the first zone ID.
          McGuire however discloses  the first zone ID ( McGuire, col7 ln48-65 teaches at 222, a token [zone token] can be generated based on encrypting the name value pairs (e.g., user identifier [a first user identifier indicating a first user], access zone identifier [a first zone identifier (ID) indicating a first zone], timestamp, encryption salt, etc.) using a current encryption key. It can be appreciated that the current encryption key is common to all nodes of the cluster……At 232, it can be determined if the token can be decrypted using the current encryption key. For example, a valid decrypted token will have name value pairs that make sense to the node, for example, a user identifier, zone identifier, the set of salt, and other discriminative information that allows the node to easily determine, without a separate table lookup, that the token has been decrypted using a valid key).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of the first zone ID, as taught by McGuire, in the method of  Spiers, so if a client is authenticated in a distributed file system, a token can be provided that can then be included in the header parameter of subsequent requests from the client, see McGuire, col1 ln37-40.
          Spiers, McGuire, Zeng and Nguyen do not  explicitly disclose wherein associating the set of data units with; comprises modifying a first record of a first data unit of the set of data units to include.
          Kopylovitz however discloses wherein associating the set of data units with; comprises modifying a first record of a first data unit of the set of data units to include. (Kopylovitz, par0048 teaches in some implementations a Data Integrity Field (DIF) is appended to data units…. FIG. 7 is a schematic illustration showing an example of a DIF tuple appended to a data unit, in this example an 8 byte DIF tuple is appended to a 512 byte block of data).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of wherein associating the set of data units with; comprises modifying a first record of a first data unit of the set of data units to include, as taught by Kopylovitz, in the method of  

As per claim 16.  Spiers, McGuire and Zeng and Nguyen disclose the system of claim 13.
          Spiers does not  explicitly disclose the first zone ID.
          McGuire however discloses  the first zone ID ( McGuire, col7 ln48-65 teaches at 222, a token [zone token] can be generated based on encrypting the name value pairs (e.g., user identifier [a first user identifier indicating a first user], access zone identifier [a first zone identifier (ID) indicating a first zone], timestamp, encryption salt, etc.) using a current encryption key. It can be appreciated that the current encryption key is common to all nodes of the cluster……At 232, it can be determined if the token can be decrypted using the current encryption key. For example, a valid decrypted token will have name value pairs that make sense to the node, for example, a user identifier, zone identifier, the set of salt, and other discriminative information that allows the node to easily determine, without a separate table lookup, that the token has been decrypted using a valid key).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of the first zone ID, as taught by McGuire, in the system of  Spiers, so if a client is authenticated in a distributed file system, a token can be provided that can then be 
          Spiers, McGuire, Zeng and Nguyen do not  explicitly disclose wherein associating the set of data units with; comprises modifying a first record of a first data unit of the set of data units to include.
          Kopylovitz however discloses wherein associating the set of data units with; comprises modifying a first record of a first data unit of the set of data units to include. (Kopylovitz, par0048 teaches in some implementations a Data Integrity Field (DIF) is appended to data units…. FIG. 7 is a schematic illustration showing an example of a DIF tuple appended to a data unit, in this example an 8 byte DIF tuple is appended to a 512 byte block of data).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of wherein associating the set of data units with; comprises modifying a first record of a first data unit of the set of data units to include, as taught by Kopylovitz, in the system of  Spiers, McGuire, Zeng and Nguyen, so the use of a virtualized storage system enables to present to the user a logical space for data storage while the storage system itself handles the process of mapping it to the actual physical location, see Kopylovitz par0002.



Conclusion
The prior art made of record and not relied upon is considered pertinent are -
• Amiri et al. (US20170223026A1) – Related art in the area of a method that comprise of receiving a web service request for accessing a resource of a web service, identifying a zone for the web service request and identifying a security token provider based on the access token.
• Wilson et al. (US9781122B1) – Related art in the area of providing cloud-based identity and access management, the system receives a request from a client for an identity management service, authenticates the request, and accesses a microservice based on the request..
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MONISHWAR MOHAN whose telephone number is (571)272-2907.  The examiner can normally be reached on Monday - Thursday 7:00 am - 5:00 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, William Trost can be reached on (571) 272-7872.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for 






/M.M./Examiner, Art Unit 2442                                                                                                                                                                                                        


/WILLIAM G TROST IV/Supervisory Patent Examiner, Art Unit 2442