DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .  This action is in response to the communication filed on 5/11/2020. Claims 1-20 are pending in this application.
Examiner Note
If applicant has any questions or wishes to amend claims, applicant is encouraged to contact the examiner to ensure that any proposed amendments would overcome current rejection(s). The examiner can normally be reached at (571)270-3863 or michael.keller@uspto.gov, Monday-Friday, 9 AM - 10 PM EST, and examiner is happy assist applicant as needed to provide any help/feedback, thank you.
Priority
This application is effectively filed 5/11/2020. The assignee of record is SAP SE. The listed inventor(s) is/are: Fahlbusch, Jannick Stephan; Lenhard, Joerg.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.

4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
Claims 1-6, 8-13, 15-19 is/are rejected under 35 U.S.C. 103 as being unpatentable over Boshev et al. (US 10198330 B2, published 2/5/2019; hereinafter Bos) in view of Brooker et al. (US 11146569 B1, filed 6/28/2018; hereinafter Bro).
For Claim 1, Bos teaches a computer-implemented method performed by a computer system having a memory and at least one hardware processor (Bos Fig. 1 and related description), the computer-implemented method comprising: 
receiving, by a management system of a cloud service provider, a user request for creation of an instance of an application platform of the cloud service provider in a user environment within a distributed computing system (Bos Claim 7 receiving, from a client, a first ticket requesting enablement of disaster recovery for the first instance of the cloud-based application deployed at the first cloud platform landscape), the user environment being dedicated to a user account hosted by the distributed computing system (Bos Fig. 3 and related description, please see Bos Fig. 3 screenshot below, thank you:

    PNG
    media_image1.png
    628
    522
    media_image1.png
    Greyscale

), the user request comprising credential data configured to provide the management system with [information] for accessing the user environment (Bos Fig. 3 “accounts” and Bos Col 4 Ln 58 – Col 5 Ln 9 upon deployment of the second instance of the cloud-based application 122 at the second cloud platform landscape 120, the disaster recovery engine 150 can replicate, at a second database 124 at the second cloud platform landscape 120, data from the first database 114. In doing so, the second instance of the cloud-based application 122 at the second cloud platform landscape 120 can serve a fully operational copy of the first instance of the cloud-based application 112. It should be appreciated that the same or similar configurations can be applied to the first instance of the cloud-based application 112 and the second instance of the cloud-based application 122. Configurations for the cloud-based application can include, for example, a custom domain for the cloud-based application, permissions (e.g., administrators, developers), subscriptions (e.g., to other applications and/or accounts), and destinations (e.g., connectivity to other applications));
deploying, by the management system, the instance of the application platform of the cloud service provider to a workload cluster in the user environment based on the received user request using the credential data to access the user environment (Bos Fig. 3 “accounts” and Bos Col 4 lines 45-56 disaster recovery engine 150 can generate and deploy a fully operational copy of the cloud-based application at another cloud platform landscape. For example, as shown in FIG. 1, the disaster recovery engine 150 can generate and deploy a second instance of the cloud-based application 122 at the second cloud platform landscape 120. Alternately and/or additionally, the second instance of the cloud-based application 122 can be deployed separately (e.g., by a third-party) and the disaster recovery engine 150 can be configured to determine when the second instance of the cloud-based application 122 is deployed at the second cloud platform landscape 120), the instance of the application platform being deployed to be run in the workload cluster in the user environment to provide, from within the user environment, one or more cloud services of the cloud service provider to one or more users associated with the user account (Bos Col 6 Lns 34-36 deploying locally, Bos Col 6 Lns 49-51 deploying at second cloud based platform landscape. Please see Bos Fig. 4 screen shot below, thank you:

    PNG
    media_image2.png
    745
    309
    media_image2.png
    Greyscale

).
Bos does not explicitly teach the user request comprising credential data configured to provide the management system with limited permission for accessing the user environment, the limited 
However, Bro teaches the user request comprising credential data configured to provide the management system with limited permission for accessing the user environment, the limited permission restricting the management system from full administrative privileges in accessing the user environment (Bro Col 20 Lns 37-43 where a user attempts to access a task-based service implemented in an environment of the system 110, the worker manager 140 may limit the abilities of the environment to match privileges of the user, based on authentication information in the request to access the service).
Bro and Bos are analogous art because they are both related to user work environments.
Before the effective filing date of the claimed invention it would have been obvious to one of ordinary skill in the art to use the authentication and privilege techniques of Bro with the system of Bos because even if vulnerabilities were to exist within code executing a service, those vulnerabilities could not be exploited to gain access to additional privileges (Bro Col 20 Lns 48-51).
For Claim 2, Bos-Bro teaches the computer-implemented method of claim 1, wherein the deployed instance of the application platform is configured to: receive another user request for creation of a database instance from a computing device of a user, the user being associated with the user account (Bos Claim 7 a second ticket requesting installation); and create the database instance in the workload cluster in the user environment based on the other user request (Bos Claim 7 a second ticket requesting an installation of the second database and/or a configuration of the first database for replication).
For Claim 3, Bos-Bro teaches the computer-implemented method of claim 2, wherein the limited permission restricts the management system from accessing user environment data stored in the user environment, the user environment data having been stored in the user environment based on use of the database instance by the user associated with the user account (Bos Col 17 Lns 9-16 if the user code of the task is available in the local cache of one of the virtual machine instances (e.g., codes 158G, 158H, which are stored on the instance 158 but do not belong to any individual containers), the worker manager 140 may create a new container on such an instance, assign the container to the task, and cause the user code of the task to be loaded and executed in the container).
For Claim 4, Bos-Bro teaches the computer-implemented method of claim 2, wherein the database instance is configured to perform one or more predictive analytics functions (Bos Claim 8 wherein the replicating of at least the portion of the data from the first database at the first cloud platform landscape includes requesting a transfer of quotas from the first cloud platform landscape to the second cloud platform landscape, and wherein the quotas include an allocation of resources amongst the first instance of the cloud-based application, the second instance of the cloud-based application, the first database, the second database, and the custom domain of the cloud-based application).
For Claim 5, Bos-Bro teaches the computer-implemented method of claim 2, wherein the deployed instance of the application platform is configured to: detect a failure of the database instance (Bos Col 3 Lns 29-37 failure); and performing a database recovery operation in response to the detecting of the failure of the database instance (Bos Col 3 Lns 29-37 In the event of a failure at the primary cloud platform landscape (e.g., as a result of a natural and/or manmade disaster), the secondary instance of the cloud-based application can replace the primary instance of the cloud-based application. That is, the secondary instance of the cloud-based application is able to provide the same functionalities as the primary instance of the cloud-based application, when the primary instance of the cloud-based application is unavailable).
For Claim 6, Bos-Bro teaches the computer-implemented method of claim 1, wherein the management system resides in a provider environment within the distributed computing system, the provider environment being separate from the user environment and dedicated to a cloud service provider account hosted by the distributed computing system, the cloud service provider account being different from the user account and belonging to the cloud service provider, and the cloud service provider having full administrative privileges in accessing the provider environment (Bos Col 4 Ln 58 – Col 5 Ln 9 upon deployment of the second instance of the cloud-based application 122 at the second cloud platform landscape 120, the disaster recovery engine 150 can replicate, at a second database 124 at the second cloud platform landscape 120, data from the first database 114. In doing so, the second instance of the cloud-based application 122 at the second cloud platform landscape 120 can serve a fully operational copy of the first instance of the cloud-based application 112. It should be appreciated that the same or similar configurations can be applied to the first instance of the cloud-based application 112 and the second instance of the cloud-based application 122. Configurations for the cloud-based application can include, for example, a custom domain for the cloud-based application, permissions (e.g., administrators, developers), subscriptions (e.g., to other applications and/or accounts), and destinations (e.g., connectivity to other applications). The second instance of the cloud-based application 122 can be configured by the disaster recovery engine 150 and/or a third party.).
For Claim 8, the claim is substantially similar to claim 1 and therefore is rejected for the same reasoning set forth above. 
For Claim 9, the claim is substantially similar to claim 2 and therefore is rejected for the same reasoning set forth above. 
For Claim 10, the claim is substantially similar to claim 3 and therefore is rejected for the same reasoning set forth above. 
For Claim 11, the claim is substantially similar to claim 4 and therefore is rejected for the same reasoning set forth above. 
For Claim 12, the claim is substantially similar to claim 5 and therefore is rejected for the same reasoning set forth above. 
For Claim 13, the claim is substantially similar to claim 6 and therefore is rejected for the same reasoning set forth above. 
For Claim 15, the claim is substantially similar to claim 1 and therefore is rejected for the same reasoning set forth above. 
For Claim 16, the claim is substantially similar to claim 2 and therefore is rejected for the same reasoning set forth above. 
For Claim 17, the claim is substantially similar to claim 3 and therefore is rejected for the same reasoning set forth above. 
For Claim 18, the claim is substantially similar to claim 4 and therefore is rejected for the same reasoning set forth above. 
For Claim 19, the claim is substantially similar to claim 6 and therefore is rejected for the same reasoning set forth above. 

Claims 7, 14, & 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Bos-Bro as applied to claim 1 above, and further in view of Ryman et al. (US 20210119874 A1, filed 10/22/2019; hereinafter Rym).
For Claim 7, Bos-Bro teaches the computer-implemented method of claim 1, Bos-Bro does not explicitly teach further comprising: detecting, by the management system, a software update for the application platform; and updating, by the management system, the instance of the application platform in the workload cluster in the user environment based on the software update using the credential data to access the user environment in response to the detecting of the software update.
However, Rym teaches detecting, by the management system, a software update for the application platform (Rym ¶ 0023 determining whether the use can install certain applications); and 
updating, by the management system, the instance of the application platform in the workload cluster in the user environment based on the software update using the credential data to access the user environment in response to the detecting of the software update (Rym ¶ 0023 whether a non-administrator user has access to certain operating system settings, LAN settings, password policies, which applications are installed on the client device, whether the use can install certain applications on the client device 106, and other policies that can control, restrict, or enable certain features of the operating system of a client device 106).
Rym and Bos-Bro are analogous art because they are both related to user privileges.
Before the effective filing date of the claimed invention it would have been obvious to one of ordinary skill in the art to use the restriction techniques of Rym with the system of Bos-Bro to allow for control of certain aspects of a client device (Rym ¶ 0023).
For Claim 14, the claim is substantially similar to claim 7 and therefore is rejected for the same reasoning set forth above. 
For Claim 20, the claim is substantially similar to claim 7 and therefore is rejected for the same reasoning set forth above. 

Citation of Pertinent Prior Art
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure is listed below, thank you:
i. US 8424058 B2, Claims 9. In a service mediator that provides services to an end-user application, a method comprising: receiving at the service mediator from an end-user application a request for a service of a backend server, wherein the end-user application is one of multiple enterprise widgets, limited featured applications that execute on a widget runtime environment on a computing platform of an enterprise, the enterprise widgets available to a user authenticated on the computing platform, the widget runtime environment to execute on the computing platform to provide an execution platform on the computing platform including services shared by the enterprise widgets including the service mediator, each enterprise widget including functionality to access enterprise data from one or more backend servers of the enterprise; determining at the widget runtime environment via the service mediator that the request for the service requires security information; determining at the widget runtime environment via the service mediator that the request from the end-user application is missing the required security information; obtaining the required security information not included in the request from a security information source separate from the end-user application; injecting the required security information into the request; and forwarding the request for the service to the backend server to cause the backend server to authenticate the end-user application with the security information injected by the service mediator.

Conclusion
Any inquiry concerning communications from the examiner should be directed to Michael Keller at (571)270-3863 or michael.keller@uspto.gov.  If attempts to reach the examiner are unsuccessful, the examiner’s supervisor, Brian Gillis can be reached on 571-272-7952. 

/MICHAEL A KELLER/
Primary Patent Examiner, Art Unit 2446