DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Continued Examination Under 37 CFR 1.114
A request for continued examination (RCE) under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on July 21, 2021 has been entered.
 Response to Amendments
	This office action is responsive to application 15/934,412 where the Applicant filed an RCE on August 23, 2021 for the corresponding amendments filed on July 21, 2021.  Claims 1, 10, 12, 14-15, and 17-19 were amended, claims 22-24 were added as new claims, and claim 11 was cancelled.  Claims 1, 3, 5-10, 12-15, and 17-24 remain pending in the application.
Response to Arguments
	The Examiner has fully considered the Applicant’s arguments filed with the RCE, and the Examiner responds as provided below.
	Regarding the Applicant’s response at pages 8-9 of the Remarks that concerns the § 103 rejection of independent claims 1, 10, and 19, the Applicant’s arguments in conjunction with the claim amendments are persuasive, and the Examiner conducted a 
Allowable Subject Matter
Claims 1, 3, 5-10, 12-15, and 17-24 are allowed.
The following is the Examiner’s statement of reasons for allowance.  The closest prior art references identified by the Examiner are: 1) “Schultz” (US 2018/0314846), 
2) “Fadel” (US 2015/0347200), 3) “Ghosh” (US 2010/0122343), 4) “Tan” (US 2015/0356294), 5) “Shaposhnik” (US 2018/0041477), 6) “Yamada” (US 2014/0281376), 7) “Harper” (US 2016/0065680), 8) “Degioanni” (US 2018/0255100), 9) “Kumar” (US 2017/0214550), 10) “Kellerman” (US 2014/0115718), 11) “Hallyn” (Linux Capabilities: Making Them Work), 12) “Brumley” (Privtrans: Automatically Partitioning Programs for Privilege Separation), 13) “Anonymous I” (Sidecar-container-based-crawler plugin sandbox), and 14) “Anonymous II” (Safe System State Extraction via Plugin Sandboxing); and newly cited 15) “Gerebe” (US 2016/0342786) and 16) “Stopel” (US 2017/0098071).  
1) Schultz discloses guest runtime environments (GRE), which includes a sidecar container, where a security policy of the GRE specifies restrictions and/or permissions for activities that may be performed within the scope of the execution of the GRE, including what the GRE’s guest software may do within the GRE.  2) Fadel discloses a plug-in as a sandboxed process that has been restricted within a restricted operating environment (e.g., sandbox) that limits the process of the plug-in to a set of 3) Ghosh discloses an operating system kernel that provides separation between different containers and between the containers and the host.  
4) Tan discloses the mitigation of side-effects and the protection of a container by addressing a security concern by making a table to always be a read-only table within a sandbox.  5) Shaposhnik discloses a computing environment that relies upon iptables.  
6) Yamada discloses a container that is given minimal privileges and priorities to operate.  7) Harper discloses Linux containers that isolate groups of application processes and their corresponding kernel services into shielded sandbox-like containers.  8) Degioanni discloses a guest container that exists on a cloud platform.  9) Kumar discloses that containers may be deployed according to Linux Containers (LXC), which is an operating-system-level virtualization method for running multiple isolated containers on a control host using a single Linux kernel.  10) Kellerman discloses virtualized computer system that employs a trusted virtual machine container and an untrusted virtual machine container.  11) Hallyn discloses the Linux capability model that provides programs with capabilities.  12) Brumley discloses privilege separation that partitions a single program into two programs.  13) Anonymous I discloses privilege separation, capabilities, and iptables within a sandbox environment.  14) Anonymous II discloses system state extraction software within a system for securing third-party plugins.  15) Gerebe discloses a method for handling resource requests between two software containers.  16) Stopel discloses a dummy container that is designed to trap any attempt to infect other containers executed in the same environment with a malicious code generated by an APP container.

Accordingly, the prior art of record, when taken individually or in combination, fails to teach or suggest the subject matter recited in independent claims 1, 10, and 19.  Therefore, claims 1, 10, and 19 are deemed allowable over the prior art of record.  The 
Any comments considered necessary by Applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to D'ARCY WINSTON STRAUB whose telephone number is (303)297-4405. The examiner can normally be reached Monday-Friday 9:00-5:00 Mountain Time.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, ASHOKKUMAR B PATEL can be reached on (571)272-3972. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-



/D'Arcy Winston Straub/Examiner, Art Unit 2491                                                                                                                                                                                                        
/DANIEL B POTRATZ/Primary Examiner, Art Unit 2491