DETAILED ACTION
Claims 1-20 are pending. Claims 1-20 have been examined and are rejected. 
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 
Response to Arguments
Applicant’s arguments and amendments, filed on 7/2/2021 and supplemental filed on 7/12/2021, with respect to the rejection of the claims, under USC 103, have been fully considered but are moot in view of the new grounds of rejection necessitated by Applicant’s amendment. 
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1-20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Soulhi (US 20090172771) in view of Tulasi (US 8248958), and further with Martinez (US 20140280961).
Regarding Claim 1:
Soulhi discloses – A system, comprising:

at least one processor and a memory storing program instructions that cause the at least one processor to implement a system resource manager, configured to: (Soulhi; Paragraph [52] - Management infons can be stored and manipulated in one or more nodes of a system, and can include a processor 902 (or multiple processor cores), memory 904, one or more secondary storage devices 906 and an interface unit 908 to facilitate communications between network node 900 and the rest of the network.)

identify a remote validation agent to validate the policy according to a policy type of the policy, wherein the policy type is determined from the hierarchy maintained in the data store, the remote validation agent is associated with the policy type, and (Soulhi; Paragraph [24-25, 39-40] - A management architecture that provides methods and systems for managing policies that control network resources. The system applies situation semantics in the context of policy based network management that provides a framework and mechanism for representing states-of-affairs using situation semantics for both successful policy enforcements to management objects (MOs) representing any network resource. The situation engine 300 provides a framework and mechanism for representing states-of-affairs using situation semantics for both successful policy enforcements, where the policy server 200 can inform the situation engine 300 by 
Soulhi does not explicitly disclose –validation of the policy includes evaluating the policy for syntactic or semantic errors. More specifically, Soulhi (Paragraph [24-25, 39-40, 51-52]) discloses systems and methods for situation semantics based management of policy enabled communication systems that provides methods and systems for managing policies that control network resources, but does not explicitly disclose where validation of the policy includes evaluating the policy for syntactic or semantic errors, which is disclosed by Tulasi (see below)
Tulasi discloses – validation of the policy includes evaluating the policy for syntactic or semantic errors; (Tulasi; Column 5[Lines 16-26], Column 7[Lines 47-49], Column 8[Lines 25-45] - elements of an enterprise network 2 that are managed using a device management system 10. a policy is a set of one or more rules that specify conditions as well as corresponding actions that cause a network device to operate in a particular manner upon satisfaction of the condition. prior to deploying the configuration data to the managed element, element manager 90 selects and applies an appropriate one of schemas 102 to validate that the configuration data entered by administrator 12 conforms to syntax and semantics published by a manufacturer of the device being managed.)
It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to combine the systems and methods for situation semantics based management of policy enabled communication systems of Soulhi that provides methods and systems for managing policies that control network resources, with the remote validation of 
Soulhi-Tulasi does not explicitly disclose – send a request to initiate validation of the policy to the remote validation agent that comprises validation information for the policy. More specifically, Soulhi (Paragraph [24-25, 39-40, 51-52]) discloses systems and methods for situation semantics based management of policy enabled communication systems that provides methods and systems for managing policies that control network resources, and, furthermore, Tulasi (Column 5[Lines 16-26], Column 8[Lines 25-45]) discloses remote validation of network device configuration using a device management system that provides a mechanism for testing and verifying the functionality of network elements by performing a semantic validation of policies, but does not explicitly disclose send a request to initiate validation of the policy to the remote validation agent that comprises validation information for the policy, which is disclosed by Martinez (see below)
Martinez discloses – send a request to initiate validation of the policy to the remote validation agent that comprises validation information for the policy; (Martinez; Paragraph [11, 90-91, 106] - A management module of that manages the cloud-computing service comprises provisioning the cloud-computing service for a virtual private cloud, releasing the cloud-computing service for the virtual private cloud, accounting for usage of the cloud-computing service in the virtual private cloud, or monitoring the cloud-computing service. Upon receipt of a provisioning request, an asset repository is queried to extract 
It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to combine the systems and methods for situation semantics based management of policy enabled communication systems of Soulhi that provides methods and systems for managing policies that control network resources, and the remote validation of network device configuration using a device management system of Tulasi that provides a mechanism for testing and verifying the functionality of network elements by performing a semantic validation of policies, with the systems and methods for cloud computing abstraction layers of Martinez that provides a cloud-computing service from a cloud-computing environment comprising a plurality of cloud-computing resources that determines the correct placement of a computer workload or workflow to an appropriate cloud-computing service based on the profile or characteristics of the computer workload that allows for rapid and dynamic deployment and scaling of cloud-computing services, and ensures the cloud-computing resource is placed in the appropriate cloud-computing service, where the combination of elements according to known methods would yield a predictable result. (Martinez; Paragraph [7-9, 15])

upon receipt of the validation result that indicates that the policy is valid, apply the policy to the one resource data object. (Martinez; Paragraph [11, 90-91] - Upon receipt of a provisioning request, an asset repository is queried to extract all relevant metamodel information for the deployable assets, and queries a cloud model to match the type(s) of cloud-computing resource instance with an appropriate provisioning request. Upon a successful match, a policy management engine within governor module is queried to ensure current policies allow for provisioning the cloud-computing resource from a cloud-computing environment, thereby providing "valid" or "right" placement, consistent with the handling of policy and the metamodel framework. A topology interpreter examines the request for the relationships of the cloud-computing resource 

Regarding Claim 2:
Soulhi-Tulasi-Martinez further discloses – The system of claim 1, wherein the system resource manager is further configured to: 
prior to the receipt of the request to apply the policy: (Martinez; Paragraph [9, 16, 103-104] - Discloses a system that provides cloud-computing services from a cloud-computing environment comprising a plurality of cloud-computing resources, including a monitor module responsible for monitoring the status and utilization of one or more clouds, and deploy one or more remote monitor collectors to the clouds to collect and transmit such information to the monitor module.)
receive a request to create the policy; (Martinez; Paragraph [29, 76-79] - A method for identifying the cloud-computing resource for performing the computer workload that may be based on a computer workload score determined by a scoring logic and may be editable or may be dynamically updated at or near real-time. The method enables a policy-driven infrastructure as a service (IaaS) event bus, which is comprised of a policy engine, metamodel, reporting system, and workflow engine; and allows for the creation of business policies, such that said business policies can be reflected into a dynamic information technology environment and expressed across internal and external information technology infrastructure and allows policies to be created. The metamodel allows the system to abstract business user definition from technical definition and allows an enterprise to track information about information technology resources and allows business users to arbitrarily define elements of data to track and create policy 
send a request to initiate syntactic validation of the policy to the same remote validation agent or a different remote validation agent; (Martinez; Paragraph [11, 90-91] - Upon receipt of a provisioning request, an asset repository is queried to extract all relevant metamodel information for the deployable assets, and queries a cloud model to match the type(s) of cloud-computing resource instance with an appropriate provisioning request. Upon a successful match, a policy management engine within governor module is queried to ensure current policies allow for provisioning the cloud-computing resource from a cloud-computing environment, thereby providing "valid" or "right" placement, consistent with the handling of policy and the metamodel framework. A topology interpreter examines the request for the relationships of the cloud-computing resource instance(s) being requested and the access list assignments for the instance(s), and then passes the information to provisioning agent.)
receive a different validation result from the same remote validation agent or the different remote validation agent that was sent the request to initiate syntactic validation, wherein the different validation result indicates that the policy is syntactically valid; and Martinez; Paragraph [11, 90-91] - Upon receipt of a provisioning request, an asset repository is queried to extract all relevant metamodel information for the deployable assets, and queries a cloud model to match the type(s) of cloud-computing resource instance with an appropriate provisioning request. Upon a successful match, a policy management engine within governor module is queried to ensure current policies allow for provisioning the cloud-computing resource from a cloud-computing environment, thereby providing "valid" or "right" placement, consistent with the handling of policy 
create a policy object in the data store that is available for application. (Martinez; Paragraph [133, 150-151] - A service binding models a software-as-a-service (SaaS) type offering and encapsulates the information needed to configure user-access to services, authenticate, bind to services, and the like. A policy will be applied as defined by standard policy types, resolved, and applied by modules of the system, and also enables additional policy types and definitions, with possible extensions to existing models, that may be added to support the software application store. The system further enables deploying of a blueprint that may map the logical design to a set of available resources within the hybrid cloud environment, using a deployment policy. Evaluation from the deployment policy results in the set of valid cloud resources for each container or workload of the application blueprint. From this the meta-scheduler may generate a set of prioritized deployment plans by creating a decision tree of deployment options that corresponds to the blueprint container hierarchy.)
Regarding Claim 3:
Soulhi-Tulasi-Martinez further discloses – The system of claim 1, 
wherein the data store is a hierarchical data store, and (Soulhi; Paragraph [24-25, 39-40, 51-52] - Methods and systems for managing policies that control network resources which includes a situation engine. Policy Decision Points (PDPs), which can be implemented as policy servers 200, Resource Admission Control Subsystem (RACS) providing generic policy-based transport control services to applications and Policy Enforcement Points 
wherein to apply the policy to the one resource data object, the system resource manager is configured to link a policy data object for the policy in the hierarchical data store to the one resource data object. (Martinez; Paragraph [133, 150-151] - A service binding models a software-as-a-service (SaaS) type offering and encapsulates the information needed to configure user-access to services, authenticate, bind to services, and the like. A policy will be applied as defined by standard policy types, resolved, and applied by modules of the system, and also enables additional policy types and definitions, with possible extensions to existing models, that may be added to support the software application store. The system further enables deploying of a blueprint that may map the logical design to a set of available resources within the hybrid cloud environment, using a deployment policy. Evaluation from the deployment policy results in the set of valid cloud resources for each container or workload of the application blueprint. From this the meta-scheduler may generate a set of prioritized deployment plans by creating a 
Regarding Claim 4:
Soulhi-Tulasi-Martinez further discloses – The system of claim 1, 
wherein the system is a provider network that implements a plurality of different network-based services, wherein the resources are implemented as part of the different network-based services, (Martinez; Paragraph [9, 16, 76-79, 103] - Discloses a system that provides cloud-computing services from a cloud-computing environment comprising a plurality of cloud-computing resources, including a policy engine module configured to enforce a policy on the cloud-computing service through the management module that provides a policy-driven infrastructure as a service (IaaS) event bus, which is comprised of a policy engine, metamodel, reporting system, and workflow engine to manage resources.)
and wherein the system resource manager is implemented as another one of the network-based services. (Martinez; Paragraph [11, 90-91, 106] - A management module of the cloud-computing service that manages provisioning the cloud-computing service for a virtual private cloud, releasing the cloud-computing service for the virtual private cloud, accounting for usage of the cloud-computing service in the virtual private cloud, or monitoring the cloud-computing service. Upon receipt of a provisioning request, an asset repository is queried to extract all relevant metamodel information for the deployable assets, and queries a cloud model to match the type(s) of cloud-computing resource instance with an appropriate provisioning request. The management module comprises a governor module and policy management that applies constraints, conditions, non-security policies, and security policies on cloud-computing resources 

Regarding claims 5 and 14:
Soulhi discloses – A method, comprising:
performing, by one or more computing devices: 
detecting a policy validation event for a policy applicable to manage one or more resources in a distributed system, wherein respective resource data objects corresponding to a plurality of resources in the distributed system including the one or more resources are maintained in a hierarchical data structure in a hierarchical data store, wherein the respective resource data objects identify policies including the policy applicable to the resources in the distributed system, and (Soulhi; Paragraph [24-25, 39-40, 51-52] - Methods and systems for managing policies that control network resources which includes a situation engine. Policy Decision Points (PDPs), which can be implemented as policy servers 200, Resource Admission Control Subsystem (RACS) providing generic policy-based transport control services to applications and Policy Enforcement Points (PEPs) 210 are switching and routing transport components. The situation engine 300 provides a framework and mechanism for representing states-of-affairs using situation semantics for both successful policy enforcements, where the policy server 200 can inform the situation engine 300 by providing it with management infons reflecting the policy enforcement results and where the policy server 200 may be a PEP for another policy server in the case of a network which is controlled with hierarchical policies. The management infon states or conveys that a plurality of management objects in a 
wherein the hierarchical data structure groups the policies based on their respective policy types; (Soulhi; Paragraph [24-25, 39-40] - A management architecture that provides methods and systems for managing policies that control network resources. The system applies situation semantics in the context of policy based network management that provides a framework and mechanism for representing states-of-affairs using situation semantics for both successful policy enforcements to management objects (MOs) representing any network resource. The situation engine 300 provides a framework and mechanism for representing states-of-affairs using situation semantics for both successful policy enforcements, where the policy server 200 can inform the situation engine 300 by providing it with management infons reflecting the policy enforcement results and where the policy server 200 may be a PEP for another policy server in the case of a network which is controlled with hierarchical policies.)
identifying a remote validation agent to use to validate the policy according to a policy type of the policy, wherein the policy type is determined from the hierarchical data structure, the remote validation agent is associated with the policy type, and (Soulhi; Paragraph [24-25, 39-40] - A management architecture that provides methods and systems for managing policies that control network resources. The system applies situation semantics in the context of policy based network management that provides a framework and mechanism for representing states-of-affairs using situation semantics for both successful policy enforcements to management objects (MOs) representing any network resource. The situation engine 300 provides a framework and mechanism for 
Soulhi does not explicitly disclose –validation of the policy includes evaluating the policy for syntactic or semantic errors. More specifically, Soulhi (Paragraph [24-25, 39-40, 51-52]) discloses systems and methods for situation semantics based management of policy enabled communication systems that provides methods and systems for managing policies that control network resources, but does not explicitly disclose where validation of the policy includes evaluating the policy for syntactic or semantic errors, which is disclosed by Tulasi (see below)
Tulasi discloses – validation of the policy includes evaluating the policy for syntactic or semantic errors; (Tulasi; Column 5[Lines 16-26], Column 7[Lines 47-49], Column 8[Lines 25-45] - elements of an enterprise network 2 that are managed using a device management system 10. a policy is a set of one or more rules that specify conditions as well as corresponding actions that cause a network device to operate in a particular manner upon satisfaction of the condition. prior to deploying the configuration data to the managed element, element manager 90 selects and applies an appropriate one of schemas 102 to validate that the configuration data entered by administrator 12 conforms to syntax and semantics published by a manufacturer of the device being managed.)
It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to combine the systems and methods for situation semantics based 
Soulhi-Tulasi does not explicitly disclose – sending validation information for the policy to the remote validation agent to validate the policy. More specifically, Soulhi (Paragraph [24-25, 39-40, 51-52]) discloses systems and methods for situation semantics based management of policy enabled communication systems that provides methods and systems for managing policies that control network resources, and, furthermore, Tulasi (Column 5[Lines 16-26], Column 8[Lines 25-45]) discloses remote validation of network device configuration using a device management system that provides a mechanism for testing and verifying the functionality of network elements by performing a semantic validation of policies, but does not explicitly disclose sending validation information for the policy to the remote validation agent to validate the policy, which is disclosed by Martinez (see below)
Martinez discloses – sending validation information for the policy to the remote validation agent to validate the policy, (Martinez; Paragraph [11, 90-91, 106] - A management module of that manages the cloud-computing service comprises provisioning the cloud-computing service for a virtual private cloud, releasing the cloud-computing service for the virtual private cloud, accounting for usage of the cloud-computing service in the virtual private cloud, or monitoring the cloud-computing service. Upon receipt of a 
It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to combine the systems and methods for situation semantics based management of policy enabled communication systems of Soulhi that provides methods and systems for managing policies that control network resources, and the remote validation of network device configuration using a device management system of Tulasi that provides a mechanism for testing and verifying the functionality of network elements by performing a semantic validation of policies, with the systems and methods for cloud computing abstraction layers of Martinez that provides a cloud-computing service from a cloud-computing environment comprising a plurality of cloud-computing resources that determines the correct placement of a computer workload or workflow to an appropriate cloud-computing service based on the profile or characteristics of the computer workload that allows for rapid and dynamic deployment and scaling of cloud-computing services, and ensures the cloud-computing resource is placed in the appropriate cloud-computing service, where the combination of elements according to known methods would yield a predictable result. (Martinez; Paragraph [7-9, 15]) 

allowing or denying a policy action that triggered the policy validation event according to the received validation result. (Martinez; Paragraph [11, 90-91] - Upon receipt of a provisioning request, an asset repository is queried to extract all relevant metamodel information for the deployable assets, and queries a cloud model to match the type(s) of cloud-computing resource instance with an appropriate provisioning request. Upon a successful match, a policy management engine within governor module is queried to ensure current policies allow for provisioning the cloud-computing resource from a cloud-computing environment, thereby providing "valid" or "right" placement, consistent with the handling of policy and the metamodel framework. A topology interpreter examines the request for the relationships of the cloud-computing resource instance(s) being requested and the access list assignments for the instance(s), and then passes the information to provisioning agent.)

Regarding Claims 6 and 16:
Soulhi-Tulasi-Martinez further discloses – The method of claim 5, 
wherein the validation of the policy initiated at the remote validation agent is a semantic policy evaluation that evaluates content of the policy to determine whether the policy is enforceable. (Soulhi; Paragraph [24-25, 39-40] - A management architecture that provides methods and systems for managing policies that control network resources. The system applies situation semantics in the context of policy based network management that provides a framework and mechanism for representing states-of-affairs using situation semantics for both successful policy enforcements to management objects (MOs) representing any network resource. The situation engine 300 provides a framework and mechanism for representing states-of-affairs using situation semantics for both successful policy enforcements, where the policy server 200 can inform the situation engine 300 by providing it with management infons reflecting the policy enforcement results and where the policy server 200 may be a PEP for another policy server in the case of a network which is controlled with hierarchical policies.)
Regarding Claims 7 and 18:
Soulhi-Tulasi-Martinez further discloses – The non-transitory, computer-readable storage medium of claim 14, 
wherein the detecting a policy validation event, the identifying the remote validation agent, the receiving the validation result, and the allowing or denying the policy action are performed by a resource manager for the distributed system, and wherein the program instructions cause the one or more computing devices to further implement: (Soulhi; 
receiving, at the remote validation agent, the validation information for the policy; (Martinez; Paragraph [11, 90-91] - Upon receipt of a provisioning request, an asset repository is queried to extract all relevant metamodel information for the deployable assets, and queries a cloud model to match the type(s) of cloud-computing resource instance with an appropriate provisioning request. Upon a successful match, a policy management engine within governor module is queried to ensure current policies allow for provisioning the cloud-computing resource from a cloud-computing environment, thereby providing "valid" or "right" placement, consistent with the handling of policy and the metamodel framework. A topology interpreter examines the request for the relationships of the cloud-computing resource instance(s) being requested and the access list assignments for the instance(s), and then passes the information to provisioning agent.)

sending, by the remote validation agent, the validation result to the resource manager indicating whether the policy is valid. (Martinez; Paragraph [11, 90-91] - Upon receipt of a provisioning request, an asset repository is queried to extract all relevant metamodel information for the deployable assets, and queries a cloud model to match the type(s) of cloud-computing resource instance with an appropriate provisioning request. Upon a successful match, a policy management engine within governor module is queried to ensure current policies allow for provisioning the cloud-computing resource from a cloud-computing environment, thereby providing "valid" or "right" placement, consistent with the handling of policy and the metamodel framework. A topology 
Examiner's note: Claim 7 appears to disclose broader claim limitations similar to the claim language of claim 18, except in method claim form. Therefore claim 7 is rejected for the same reasons as claim 18.
Regarding Claim 8: 
Soulhi-Tulasi-Martinez further discloses – The method of claim 7, further comprising:
prior to evaluating the policy, obtaining, by the remote validation agent, additional information for the policy from one or more sources. (Soulhi; Paragraph [24-25, 39-40] - A management architecture that provides methods and systems for managing policies that control network resources. The system applies situation semantics in the context of policy based network management that provides a framework and mechanism for representing states-of-affairs using situation semantics for both successful policy enforcements to management objects (MOs) representing any network resource. The situation engine 300 provides a framework and mechanism for representing states-of-affairs using situation semantics for both successful policy enforcements, where the policy server 200 can inform the situation engine 300 by providing it with management infons reflecting the policy enforcement results and where the policy server 200 may be a PEP for another policy server in the case of a network which is controlled with hierarchical policies.)
Regarding Claim 9:
Soulhi-Tulasi-Martinez further discloses – The method of claim 8, 

Regarding Claim 10:
Soulhi-Tulasi-Martinez further discloses – The method of claim 5, 
wherein the policy validation event is triggered in response to an attempt to modify of one of the resources, and (Martinez; Paragraph [11, 90-91] - Upon receipt of a provisioning request, an asset repository is queried to extract all relevant metamodel information for the deployable assets, and queries a cloud model to match the type(s) of cloud-computing resource instance with an appropriate provisioning request. Upon a successful match, a policy management engine within governor module is queried to ensure current policies allow for provisioning the cloud-computing resource from a cloud-computing environment, thereby providing "valid" or "right" placement, consistent with the handling of policy and the metamodel framework. A topology interpreter examines the request for the relationships of the cloud-computing resource instance(s) being requested and the access list assignments for the instance(s), and then passes the information to provisioning agent.)
wherein the policy action allows or denies the modification to the resource. (Martinez; Paragraph [11, 90-91, 106] - A management module of the cloud-computing service that manages provisioning the cloud-computing service for a virtual private cloud, releasing 
Regarding Claim 11:
Soulhi-Tulasi-Martinez further discloses – The method of claim 5,
wherein the policy indicates one of synchronous or asynchronous processing behavior for the validation of the policy. (Martinez; Paragraph [11, 90-91] - Upon receipt of a provisioning request, an asset repository is queried to extract all relevant metamodel information for the deployable assets, and queries a cloud model to match the type(s) of cloud-computing resource instance with an appropriate provisioning request. Upon a successful match, a policy management engine within governor module is queried to ensure current policies allow for provisioning the cloud-computing resource from a cloud-computing environment, thereby providing "valid" or "right" placement, consistent with the handling of policy and the metamodel framework. A topology interpreter examines the request for the relationships of the cloud-computing resource 
Regarding Claim 12:
Soulhi-Tulasi-Martinez further discloses – The method of claim 5, 
wherein the policy is associated with a network endpoint that identifies the remote validation agent, (Martinez; Paragraph [11, 90-91] - Upon receipt of a provisioning request, an asset repository is queried to extract all relevant metamodel information for the deployable assets, and queries a cloud model to match the type(s) of cloud-computing resource instance with an appropriate provisioning request. Upon a successful match, a policy management engine within governor module is queried to ensure current policies allow for provisioning the cloud-computing resource from a cloud-computing environment, thereby providing "valid" or "right" placement, consistent with the handling of policy and the metamodel framework. A topology interpreter examines the request for the relationships of the cloud-computing resource instance(s) being requested and the access list assignments for the instance(s), and then passes the information to provisioning agent.)
wherein the validation information is sent to the network endpoint to initiate the validation at the remote validation agent. (Martinez; Paragraph [11, 90-91] - Upon receipt of a provisioning request, an asset repository is queried to extract all relevant metamodel information for the deployable assets, and queries a cloud model to match the type(s) of cloud-computing resource instance with an appropriate provisioning request. Upon a successful match, a policy management engine within governor module is queried to ensure current policies allow for provisioning the cloud-computing resource from a cloud-computing environment, thereby providing "valid" or "right" placement, 
Regarding Claims 13 and 17:
Soulhi-Tulasi-Martinez further discloses – The method of claim 5, 
wherein the validation result indicates that the policy is valid, and (Martinez; Paragraph [11, 90-91] - Upon receipt of a provisioning request, an asset repository is queried to extract all relevant metamodel information for the deployable assets, and queries a cloud model to match the type(s) of cloud-computing resource instance with an appropriate provisioning request. Upon a successful match, a policy management engine within governor module is queried to ensure current policies allow for provisioning the cloud-computing resource from a cloud-computing environment, thereby providing "valid" or "right" placement, consistent with the handling of policy and the metamodel framework. A topology interpreter examines the request for the relationships of the cloud-computing resource instance(s) being requested and the access list assignments for the instance(s), and then passes the information to provisioning agent.)
wherein allowing or denying a policy action that triggered the policy validation event according to the received validation result comprises: (Martinez; Paragraph [9, 16, 76-79, 103] - Discloses a system that provides cloud-computing services from a cloud-computing environment comprising a plurality of cloud-computing resources, including a policy engine module configured to enforce a policy on the cloud-computing service through the management module that provides a policy-driven infrastructure as a service (IaaS) 
upon determining that the policy is valid, updating the hierarchical data structure to store a policy data object corresponding to the policy or link a policy data object to at least one of the respective resource data objects in the hierarchical data structure. (Soulhi; Paragraph [24-25, 39-40, 51-52] - Methods and systems for managing policies that control network resources which includes a situation engine. Policy Decision Points (PDPs), which can be implemented as policy servers 200, Resource Admission Control Subsystem (RACS) providing generic policy-based transport control services to applications and Policy Enforcement Points (PEPs) 210 are switching and routing transport components. The situation engine 300 provides a framework and mechanism for representing states-of-affairs using situation semantics for both successful policy enforcements, where the policy server 200 can inform the situation engine 300 by providing it with management infons reflecting the policy enforcement results and where the policy server 200 may be a PEP for another policy server in the case of a network which is controlled with hierarchical policies. The management infon states or conveys that a plurality of management objects in a network element, management objects (MOs) represent any network resources. Instances of policy enforcement in the communications network are stored as management infons, e.g., in an infon repository 716.)
Examiner's note: Claim 17 appears to disclose broader claim limitations similar to the claim language of claim 13, except in non-transitory computer-readable storage medium form. Therefore claim 17 is rejected for the same reasons as claim 13.
Regarding Claim 15:

wherein the policy type is one of a plurality of policy types, and (Soulhi; Paragraph [24-25, 39-40] - A management architecture that provides methods and systems for managing policies that control network resources. The system applies situation semantics in the context of policy based network management that provides a framework and mechanism for representing states-of-affairs using situation semantics for both successful policy enforcements to management objects (MOs) representing any network resource. The situation engine 300 provides a framework and mechanism for representing states-of-affairs using situation semantics for both successful policy enforcements, where the policy server 200 can inform the situation engine 300 by providing it with management infons reflecting the policy enforcement results and where the policy server 200 may be a PEP for another policy server in the case of a network which is controlled with hierarchical policies.)
wherein the validation of the policy initiated at the remote validation agent is a syntactic policy evaluation that evaluates the policy with respect to a policy schema for the policy type to determine whether the policy conforms to the policy schema. (Soulhi; Paragraph [24-25, 39-40] - A management architecture that provides methods and systems for managing policies that control network resources. The system applies situation semantics in the context of policy based network management that provides a framework and mechanism for representing states-of-affairs using situation semantics for both successful policy enforcements to management objects (MOs) representing any network resource. The situation engine 300 provides a framework and mechanism for representing states-of-affairs using situation semantics for both successful policy 
Regarding Claim 19:
Soulhi-Tulasi-Martinez further discloses – The non-transitory, computer-readable storage medium of claim 14, 
wherein the policy action is an action to enforce the policy, wherein the validation result indicates that the policy is valid, and wherein, in allowing or denying a policy action that triggered the policy validation event according to the received validation result, the program instructions cause the one or more computing devices to implement: (Martinez; Paragraph [9, 16, 76-79, 103] - Discloses a system that provides cloud-computing services from a cloud-computing environment comprising a plurality of cloud-computing resources, including a policy engine module configured to enforce a policy on the cloud-computing service through the management module that provides a policy-driven infrastructure as a service (IaaS) event bus, which is comprised of a policy engine, metamodel, reporting system, and workflow engine to manage resources.)
upon determining that the policy is valid, enforcing the policy with respect to a least one of the one or more resources. (Soulhi; Paragraph [24-25, 39-40, 51-52] - Methods and systems for managing policies that control network resources which includes a situation engine. Policy Decision Points (PDPs), which can be implemented as policy servers 200, Resource Admission Control Subsystem (RACS) providing generic policy-based transport control services to applications and Policy Enforcement Points (PEPs) 210 are switching and routing transport components. The situation engine 300 provides a framework and 
Regarding Claim 20:
Soulhi-Tulasi-Martinez further discloses – The non-transitory, computer-readable storage medium of claim 14, 
wherein the distributed system is a provider network that implements a plurality of different network-based services, wherein the one or more resources are implemented as part of the different network-based services, and (Martinez; Paragraph [11, 90-91, 106] - A management module of the cloud-computing service that manages provisioning the cloud-computing service for a virtual private cloud, releasing the cloud-computing service for the virtual private cloud, accounting for usage of the cloud-computing service in the virtual private cloud, or monitoring the cloud-computing service. Upon receipt of a provisioning request, an asset repository is queried to extract all relevant metamodel information for the deployable assets, and queries a cloud model to match the type(s) of cloud-computing resource instance with an appropriate provisioning request. The management module comprises a governor module and policy management that applies constraints, conditions, non-security policies, and security policies on cloud-
wherein the detecting a policy validation event, the identifying the remote validation agent, the receiving the validation result, and the allowing or denying the policy action are performed by a resource manager for the distributed system implemented as another one of the network-based services. (Martinez; Paragraph [11, 90-91, 106] - A management module of the cloud-computing service that manages provisioning the cloud-computing service for a virtual private cloud, releasing the cloud-computing service for the virtual private cloud, accounting for usage of the cloud-computing service in the virtual private cloud, or monitoring the cloud-computing service. Upon receipt of a provisioning request, an asset repository is queried to extract all relevant metamodel information for the deployable assets, and queries a cloud model to match the type(s) of cloud-computing resource instance with an appropriate provisioning request. The management module comprises a governor module and policy management that applies constraints, conditions, non-security policies, and security policies on cloud-computing resources and cloud-computing services being managed by a cloud-computing platform. Based on the application of the constraints, conditions, and policies, policy engine instructs action engine to issue management actions to provisioning module.)
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). 
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MICHAEL J LI whose telephone number is (571) 270-0623. The examiner can normally be reached on M-F 9-5:30.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Nicholas Taylor can be reached on (571) 272-3889. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see https://ppair-

ML
Examiner
Art Unit 2457



/NICHOLAS R TAYLOR/Supervisory Patent Examiner, Art Unit 2457