DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
The present application, filed on March 27, 2019, is accepted.
Claims 1 – 20 are being considered on the merits.

Drawings
The drawings, filed on March 27, 2019, are accepted.

Specification
The specification, filed on March 27, 2019, is accepted.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1 – 5, 9, and 12 – 16  are rejected under 35 U.S.C. 103 as being unpatentable over US 20160098263 A1 to Spivak et al., (hereinafter, “Spivak”) in view of US 20130007889 A1 to McCloy in view of GB 2575670 A to Gordon et al., (hereinafter, “Gordon”).
Regarding claim 1, Spivak teaches a computer system for providing a platform as a service (PaaS), said computer system comprising at least one memory device storing computer-readable instructions and at least one microprocessor coupled to said at least one memory device for executing said computer-readable instructions, said at least one microprocessor configured to: 
(a) deploy a virtual machine (VM); [Spivak, para. 24 discloses deployment director 320 may provision VMs (identified as stem cell VMs 324.sub.1 to 324.sub.M) to host functional components of cloud computing platform application 200, such as cloud controller 202, application execution agents 206, health manager 208, router, 204, service provisioner 210, etc] (b) deploy a stemcell operating-system in said VM; [Blender, para. 24 discloses Stem cell VMs 324.sub.1 to 324.sub.M are VMs created based on a pre-defined VM template (referred to as "stem cell") that includes a base operating system, an agent 322, and supporting libraries, runtimes, and/or applications. Agents 322 coordinate with deployment director 320 to configure stem cell VMs 324.sub.1 to 324.sub.M to perform various roles of cloud computing platform application 200], but Spivak does not teach (c) deploy an encryption addon in said VM, wherein said encryption addon comprises an addon core, a pre-filesystem-creation callout and a pre-filesystem-mounting callout; (d) deploy over a device driver of a raw persistent storage device, an encrypt-decrypt kernel module contained in a setup code of said addon core; (e) in advance of creating a filesystem on said raw persistent storage device accessible in said VM, execute said pre-filesystem-creation callout for encrypting said raw persistent storage device to obtain a corresponding encrypted raw persistent storage device; (f) create said filesystem on said encrypted raw persistent storage device; and (g) deploy a secure data service configured on said filesystem for storing and accessing data as encrypted data-at-rest related to said PaaS
However, McCloy does teach (c) deploy an encryption addon in said VM, wherein said encryption addon comprises an addon core, [a pre-filesystem-creation callout and a pre-filesystem-mounting callout;] [McCloy, para. 29 discloses where an end-user system receives a software installation package including encrypted source code. The software installation package may also include various combinations of encrypted support files, encrypted libraries, or encrypted compilers or other executable files. The software installation package may be received, for example, from a storage device or over a network. Para. 34 discloses the compiler is included in the encrypted portion of an installation package. In alternative embodiments, the compiler is resident in firmware accessible by the temporary virtual machine. In such embodiments, a TPM or VTPM may be used to verify the authenticity and integrity of the compiler] (d) deploy over a device driver of a raw persistent storage device, an encrypt-decrypt kernel module contained in a setup code of said addon core; [McCloy, para. 31 discloses the end-user system creates a temporary virtual machine. The temporary virtual machine is created such that the end-user does not have access to the temporary virtual machine. In some embodiments, the temporary virtual machine is a system only virtual machine that runs an operating system and operating system support programs, but does not run any extraneous applications. The temporary virtual machine may be a copy of an operating system for a virtual machine that hosts a current version of an application in the installation package. Para. 33 discloses if the check at block 308 determines that the temporary virtual machine is trusted, then at block 310 the source code for the application, along with any other support files, library files or compilers used to build the application are decrypted by the temporary virtual machine into memory or storage accessible only by the temporary virtual machine] 
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling to combine McCloy’s system with modified Spivak’s system, with a motivation to build or rebuild an application from a trusted source code escrow and protecting the source code maker from unintended disclosure of the source code by not letting the end-user have access to any unencrypted copies of the source code. [McCloy, para. 12]
Spivak in view of McCloy does not teach a pre-filesystem-creation callout and a pre-filesystem-mounting callout; (e) in advance of creating a filesystem on said raw persistent storage device accessible in said VM, execute said pre-filesystem-creation callout for encrypting said raw persistent storage device to obtain a corresponding encrypted raw persistent storage device; (f) create said filesystem on said encrypted raw persistent storage device and  (g) deploy a secure data service configured on said filesystem for storing and accessing data as encrypted data-at-rest related to said PaaS
However, Gordon does teach a pre-filesystem-creation callout [Gordon, page 3 lines 27 – 33 discloses an encryption device comprising: an interface for connecting to a host device; at least one processor; and computer program code executable by said at least one processor, wherein the computer program code, when executed by said at least one processor, causes the encryption device: to receive at least one file for processing from the host device via the interface; to receive a disconnection request; and optionally in response to the disconnection request: to perform an encryption or decryption operation on said at least one file.] and a pre-filesystem-mounting callout; [Gordon, page 27 lines 1 – 10 discloses the encryption device receives a file from a host device via a mass storage interface and stores it in the file storage with file system level encryption, as is described below in more detail in relation to FIG. 11b. After a disconnection request is received (S1102), the encryption device disconnects (or is disconnected) from the host device (S1104). After disconnection, the file (or files) is identified by analysis of the data received from the host device (essentially, ‘mounting’ the file system), in step S1106. The file is loaded from file storage (S1108) and decrypted using the file system encryption key (SS1110). These two steps are typically combined in a single call to the internal file system. The file is decrypted portion by portion and/or sector by sector, if need be, using the file system level key (S1114) as it is read out of storage] (e) in advance of creating a filesystem on said raw persistent storage device accessible in said VM, execute said pre-filesystem-creation callout for encrypting said raw persistent storage device to obtain a corresponding encrypted raw persistent storage device; [Gordon, page 3 lines 27 – 33 discloses an encryption device comprising: an interface for connecting to a host device; at least one processor; and computer program code executable by said at least one processor, wherein the computer program code, when executed by said at least one processor, causes the encryption device: to receive at least one file for processing from the host device via the interface; to receive a disconnection request; and optionally in response to the disconnection request: to perform an encryption or decryption operation on said at least one file.] (f) create said filesystem on said encrypted raw persistent storage device. [Gordon, page 5 lines 9 – 13 discloses the encryption device is caused to create a file system structure in the file storage module, preferably either prior to connecting to the host device or in response to connecting to (or receiving a connection request from) the host device. Preferably the encryption device is also caused to format the file storage module before creating the file system structure] (g) deploy a secure data service configured on said filesystem for storing and accessing data as encrypted data-at-rest related to said PaaS [Gordon, page 5 lines 15 – 29 discloses to add filing system level encryption to each file, optionally using a first encryption standard, as (or when) it is stored in the file storage module using a filing system encryption key; to remove the filing system level encryption from each file, optionally using the first encryption standard, as it is read out of the file storage module using the filing system encryption key. Optionally performing the (main) encryption or decryption operation (for files which are destined for a less secure environment) comprises using a second encryption standard (algorithm and/or key size) to encrypt or decrypt each file. The second encryption standard may be stronger than the first, at least in terms of at least one of a plurality of metrics such as key size, algorithm type, and so on, but for simplicity it is preferably the same. Either encryption standard is preferably relatively quick to apply and is preferably a symmetric key algorithm such as AES, triple-DES or plain DES, and is preferably efficient enough to be used transparently or on-the-fly while saving the file(s). The second encryption standard in some cases may be a public/private key algorithm such as RSA and PGP. Accordingly, at no point is data stored on the device in an unencrypted form.]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling to combine Gordon’s system with modified Spivak’s system, with a motivation to provide a synergy in that the disconnection request which allows the processing to be instructed without requiring a dedicated interface, protocol, or software on the host device, also allows the encryption and decryption to be carried out in a more secure fashion, since there is no flow of data taking place between the host device and encryption device while they are disconnected. Thus, the encryption device is able to perform the most sensitive cryptographic operations without significant fear of electronic intrusion from the host device. [Gordon, Page 4 lines 2 – 8]

As per claim 2, modified Spivak teaches the computer system of claim 1, wherein said secure data service is used by an application code developed on said PaaS. [Spivak, para. 29 discloses In addition to provisioning stem cell VMs, deployment director 320 may request infrastructure platform 308 to dynamically create and delete temporary VMs, referred to as workers 330, which perform one or more processing tasks that facilitate deployment. In one embodiment, for example, workers 330 may be created to perform software compilation for component applications and/or libraries to be deployed on stem cell VMs 324.sub.1 to 324.sub.M. Workers 330 are configured with a similar configuration as stem cell VMs 324.sub.1 to 324.sub.M (e.g., have an identical virtual hardware specification, architecture, and/or configuration) to enable compiled software to execute on stem cell VMs 324.sub.1 to 324.sub.M. Results of processing tasks (e.g., software compilation) and other cached data may be stored in an object store 332 (e.g., blob store) used to hold artifacts generated during the deployment process. Further, deployment director 320 may utilize a set of services 328 (e.g., run in one or more VMs) to facilitate orchestration of the deployment process.]

Regarding claim 3, modified Spivak teaches the computer system of claim 1, but Spivak does not teach wherein said encryption addon further comprises a teardown code.
However, McCloy does teach wherein said encryption addon further comprises a teardown code. [McCloy, para. 37 discloses the temporary virtual machine is destroyed. Destruction of the temporary virtual machine also destroys any unencrypted copies of the source code, support files, libraries, and compilers etc. that were present on the virtual machine.]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling to combine McCloy’s system with Spivak’s system, with a motivation to build or rebuild an application from a trusted source code escrow and protecting the source code maker from unintended disclosure of the source code by not letting the end-user have access to any unencrypted copies of the source code. [McCloy, para. 12]

Regarding claim 4, modified Spivak teaches the computer system of claim 1, but modified Spivak does teach wherein said pre-filesystem-mounting callout is executed in advance of mounting said filesystem, said executing of said pre-filesystem-mounting callout resulting in decrypting of said encrypted data-at-rest.
However, Gordon does teach wherein said pre-filesystem-mounting callout is executed in advance of mounting said filesystem, said executing of said pre-filesystem-mounting callout resulting in decrypting of said encrypted data-at-rest. [Gordon, page 27 lines 1 – 10 discloses the encryption device receives a file from a host device via a mass storage interface and stores it in the file storage with file system level encryption, as is described below in more detail in relation to FIG. 11b. After a disconnection request is received (S1102), the encryption device disconnects (or is disconnected) from the host device (S1104). After disconnection, the file (or files) is identified by analysis of the data received from the host device (essentially, ‘mounting’ the file system), in step S1106. The file is loaded from file storage (S1108) and decrypted using the file system encryption key (SS1110). These two steps are typically combined in a single call to the internal file system. The file is decrypted portion by portion and/or sector by sector, if need be, using the file system level key (S1114) as it is read out of storage]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling to combine Gordon’s system with modified Spivak’s system, with a motivation to provide a synergy in that the disconnection request which allows the processing to be instructed without requiring a dedicated interface, protocol, or software on the host device, also allows the encryption and decryption to be carried out in a more secure fashion, since there is no flow of data taking place between the host device and encryption device while they are disconnected. Thus, the encryption device is able to perform the most sensitive cryptographic operations without significant fear of electronic intrusion from the host device. [Gordon, Page 4 lines 2 – 8]

Regarding claim 5, modified Spivak teaches the computer system of claim 4, but modified Spivak does not teach wherein said pre-filesystem-mounting callout obtains a key from a key manager for said decrypting.
	However, McCloy does teach wherein said pre-filesystem-mounting callout obtains a key from a key manager for said decrypting. [McCloy, para. 30 discloses the end-user system receives an encryption key. The encryption key is one that is used to decrypt the source code and other files that were encrypted in the software installation package received at block 302. In some embodiments, the encryption key is received electronically over a network, such as in an email message or other electronically transmitted message. Para. 33 discloses at block 310 the source code for the application, along with any other support files, library files or compilers used to build the application are decrypted by the temporary virtual machine into memory or storage accessible only by the temporary virtual machine. Fig.3 discloses decrypt, on the VM, source code using encryption key]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling to combine McCloy’s system with Spivak’s system, with a motivation to build or rebuild an application from a trusted source code escrow and protecting the source code maker from unintended disclosure of the source code by not letting the end-user have access to any unencrypted copies of the source code. [McCloy, para. 12]

Regarding claim 9, modified Spivak teaches the computer system of claim 1, but Spivak does not teach wherein said encrypting is symmetric and said pre-filesystem-creation callout stores a key for said encrypting in a key manager.
However, McCloy does teach wherein said encrypting is symmetric and said pre-filesystem-creation callout stores a key for said encrypting in a key manager. [McCloy, para. 19 discloses the end-user obtains encryption key or keys 120. In some embodiments, the end-user obtains the encryption key 120 from escrow agent 150 upon the occurrence of an event that triggers the release of the encryption key 120. Examples of such events include, but are not limited to the software vendor going out of business or ceasing support of application 109. Alternatively, the end-user may obtain the encryption key 120 from the software vendor if the software vendor is willing to provide the encryption key 120 to the end-user. Para. 16 discloses Encrypted data 110 is encrypted using one or more encryption keys 120. In general, any form of encryption now known or developed in the future may be used to perform the encryption.]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling to combine McCloy’s system with modified Spivak’s system, with a motivation to build or rebuild an application from a trusted source code escrow and protecting the source code maker from unintended disclosure of the source code by not letting the end-user have access to any unencrypted copies of the source code. [McCloy, para. 12]

Regarding claims 12 – 16, they recite features similar to features in claims 1 – 5, therefore they are rejected in the similar manner.

Claim 10 is rejected under 35 U.S.C. 103 as being unpatentable over US 20160098263 A1 to Spivak et al., (hereinafter, “Spivak”) in view of US 20130007889 A1 to McCloy in further view of US 20190207828 A1 to Bon.
Regarding claim 10, modified Spivak teaches the computer system of claim 1, but modified Spivak does not teach wherein said PaaS is architected utilizing a Cloud Foundry model. 
However, Bon does teach wherein said PaaS is architected utilizing a Cloud Foundry model. [Bon, para. 24 discloses Cloud Foundry platform system is powered by Core OSS Cloud foundry which is Open source Platform as a Service]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling to combine Bon’s system with modified Spivak’s system, with a motivation to allow the developer to provide, manage and scale their application in the cloud as hassle free process. [Bon, para. 24]

Claim 11 is rejected under 35 U.S.C. 103 as being unpatentable over US 20160098263 A1 to Spivak et al., (hereinafter, “Spivak”) in view of US 20130007889 A1 to McCloy in further view of US 9804855 B1 to Paningipalli et al., (hereinafter, “Paningipalli”).
Regarding claim 11, modified Spivak teaches the computer system of claim 1, but modified Spivak doest not teach wherein said filesystem is one of an ext4 filesystem, a JFS filesystem, a ReiserFS filesystem and a Btrfs filesystem.
However, Paningipalli does teach wherein said filesystem is one of an ext4 filesystem, a JFS filesystem, a ReiserFS filesystem and a Btrfs filesystem. [Paningipalli, col. 6 lines 8 – 19 discloses the Linux operating system supports a variety of file systems. Some examples includes the extended file systems ext2, ext3 and ext4. In addition, Linux supports XFS, JFS, ReiserFS, btrfs, UBIFS, JFFS2, and YAFFS, SquashFS, and so forth. The OS X operating system from Apple Inc. supports the Hierarchical File System (HFS). Other varieties of files systems supported by multiple operating systems are also possible and contemplated.]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling to combine Paningipalli’s system with modified Spivak’s system, with a motivation to store and retrieve data on storage media in file systems. The data is organized in identifiable pieces known as files. The files are organized into groups known as directories and subdirectories. File systems include at least a directory structure and utilities or logic for providing read/write functionality, security, user permission access, data integrity maintenance and so forth. [Paningipalli, col. 5 lines 46 – 52]

Allowable Subject Matter
Claims 6 – 8 and 17 – 20 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Phuc Pham whose telephone number is (571)272-8893. The examiner can normally be reached Monday - Thursday 7:30 AM - 4:30 PM; Friday 8:00 AM - 12:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kambiz Zand can be reached on (571)272-3811. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/P.P./Patent Examiner, Art Unit 2434                                                                                                                                                                                                        

/NOURA ZOUBAIR/Primary Examiner, Art Unit 2434