DETAILED ACTION
The instant application having Application No. 16/746,202 filed on 17 January 2020 where claims 1-20 are presented for examination by the examiner.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Examiner Notes
Examiner cites particular paragraphs or columns and lines in the references as applied to the claims below for the convenience of the applicant. Although the specified citations are representative of the teachings in the art and are applied to the specific limitations within the individual claim, other passages and figures may apply as well. It is respectfully requested that, in preparing responses, the applicant fully consider the references in entirety as potentially teaching all or part of the claimed invention, as well as the context of the passage as taught by the prior art or disclosed by the examiner.

Allowable Subject Matter
Claim 6-7, 12-14, and 19 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.


Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-4 are rejected under 35 U.S.C. 103 as being unpatentable over Wang, Xianlei (U.S. 2018/0124051) (Hereinafter Wang) in view of Miller et al. (2006/0074618) (Hereinafter Miller).
As per claim 1, Wang discloses a method of enabling remote access to a virtual machine (VM) running in a host and managed by a VM management server, from a remote computing device (see for example Wang, this limitation is disclosed such that VNC is used for providing remote control of a virtual machine; paragraph [0003]. The serving end of a VNC connection request from a user is a virtual machine on a server; paragraphs [0063], [0067]. The VNC connection is made to a console; paragraph [0076]), the method comprising:
in response to a request to access the console of the VM from the remote computing device, issuing a request for a first ticket, the first ticket including an identifier of the host in which the VM is running (see for example Wang, this limitation is disclosed such that there is a token in the connection request; paragraph [0023]);
upon receiving the first ticket, issuing a request for a second ticket to access a proxy server (see for example Wang, this limitation is disclosed such that a proxy server obtains the token in the connection request; paragraph [0023]. The proxy server is further configured to send challenge information and receive a second response value; paragraph [0025]); and
upon receiving the second ticket, transmitting a uniform resource locator (URL) identifying the proxy server and the second ticket to the remote computing device (see for example Wang, this limitation is disclosed such that upon receiving the connection request from the client, the URL of the proxy server and the token in the VNC connection information is sent to the client; paragraph [0028]),
wherein the remote computing device accesses through the URL and the proxy server (see for example Wang, this limitation is disclosed such that the client is operable to establish a connection to the proxy server according to the URL of the proxy server and the token; paragraphs [0028], [0063]).
Although Wang discloses the limitation wherein the remote computing device accesses through the URL and the proxy server, Wang does not explicitly teach that a remote computing device accesses a console of a VM.
However, Miller discloses that a remote computing device accesses a console of a VM (see for example Miller, this limitation is disclosed such that a web interface is provided for administration and virtual machine remote console utility (VMRC, console interface) for each of a plurality of virtual machines. These tools are used to remotely access a virtual [machine] environment from a single machine; paragraph [0097]. The VMs are hosted on a physical machine; paragraph [0036]).

It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method as taught by Wang by connecting to a virtual machine console as taught by Miller because it would enhance the teaching of Wang with a known tool, the virtual machine remote console utility, that can be used remotely to enable direct access to a virtual environment (as suggested by Miller, see for example paragraph [0097]).
As per claim 2, Wang in view of Miller discloses the method of claim 1, wherein the URL includes a public IP address of the proxy server (see for example Wang, this limitation is disclosed such that the URL of the proxy server includes IP address information; paragraph [0028]).
As per claim 3, Wang in view of Miller discloses the method of claim 2, wherein the URL is a WebSocket URL having a first end to which a WebSocket connection is established with the remote computing device and a second end to which a public interface of the proxy server is connected (see for example Wang, this limitation is disclosed such that the WEBSOCKET protocol is used; paragraph [0067]).
As per claim 4, Wang in view of Miller discloses the method of claim 3, wherein the request for the second ticket includes the first ticket (see for example Wang, this limitation is disclosed such that when the proxy obtains the token, it sends the token to the controller for performing the authentication; paragraph [0023]).

Claim 5 is rejected under 35 U.S.C. 103 as being unpatentable over Wang (U.S. 2018/0124051) in view of Miller (2006/0074618) as applied to claim 4 above, and further in view of Hussain et al. (U.S. 10,645,172) (Hereinafter Hussain).
As per claim 5, Wang in view of Miller discloses the method of claim 4 (see rejection of claim 4 above), wherein the remote computing device issues commands via the WebSocket URL (see for example Wang, this limitation is disclosed such that the WEBSOCKET protocol is used; paragraph [0067]), but does not explicitly teach opening a console of a VM and entering line commands into the console of the VM.
However, Hussain discloses opening a console of a VM and entering line commands into the console of the VM (see for example Hussain, this limitation is disclosed such that a remote desktop application opens an SSH console to a computing instance and uses a command line interface; col.7 lines {21}-{50}).
Wang in view of Miller is analogous art with Hussain because they are from the same field of endeavor, remote access.
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method as taught by Wang in view of Miller by opening and interacting with a command line terminal console as taught by Hussain because it would enhance the teaching of Wang in view of Miller with an effective means of overcoming difficulties with interacting with remote computing instances (as suggested by Hussain, see for example col.7 lines {21}-{50}).

Claims 8-11 are rejected under 35 U.S.C. 103 as being unpatentable over Wang (U.S. 2018/0124051) in view of Frederick et al. (U.S. 2020/0280846) (Hereinafter Frederick), and further in view of Ramarathinam et al. (U.S. 2012/0096271) (Hereinafter Ramarathinam).
As per claim 8, Wang discloses a method of enabling remote access to a console of a virtual machine (VM) running in a host and managed by a VM management server, from a remote computing device (see for example Wang, this limitation is disclosed such that VNC is used for providing remote control of a virtual machine; paragraph [0003]. The serving end of a VNC connection request from a user is a virtual machine on a server; paragraphs [0063], [0067]. The VNC connection is made to a console; paragraph [0076]), the method comprising: 
in response to a request to access a proxy server through which the console of the VM is accessed from the remote computing device, wherein the request includes a first ticket including an identifier of the host in which the VM is running, returning a second ticket that permits access to the proxy server (see for example Wang, this limitation is disclosed such that there is a token in the connection request; paragraph [0023]. A proxy server obtains the token in the connection request; paragraph [0023]. The proxy server is further configured to send challenge information and receive a second response value; paragraph [0025]. Upon receiving the connection request from the client, the URL of the proxy server and the token in the VNC connection information is sent to the client; paragraph [0028]).
Wang does not explicitly teach mapping a first ticket to a second ticket, and verifying that a third ticket transmitted by a remote computing device matches the second ticket
However, Frederick discloses mapping a first ticket to a second ticket (see for example Frederick, this limitation is disclosed such that an extension of OAuth allows for linking a first partner actor and its first authorization by sending a second token that also includes a first token paragraphs [0006]-[0007]); and 
verifying that a third ticket transmitted by a remote computing device matches the second ticket (see for example Frederick, this limitation is disclosed such that a third authorization request sends a third token that also comprises the second token and identifies a first partner actor and second partner actor, providing permissions in the complex token that can verified; paragraphs [0006]-[0007]).
Wang in view of Frederick is analogous art because they are from the same field of endeavor, remote access.
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method as taught by Wang by including initial tokens in other tokens to link entities as taught by Frederick because it would enhance the teaching of Wang with an effective means of providing a union or intersection of permissions for a subject client (as suggested by Frederick, see for example paragraph [0008]).
Although Wang in view of Frederick discloses verifying that a third ticket transmitted by a remote computing device matches the second ticket, Wang in view of Frederick does not explicitly teach upon verifying, forwarding mouse, keyboard, and screen (MKS) traffic from a remote computing device to a host and forwarding MKS traffic from the host to the remote computing device
However, Ramarathinam discloses upon verifying, forwarding mouse, keyboard, and screen (MKS) traffic from the remote computing device to the host and forwarding MKS traffic from the host to the remote computing device (see for example Ramarathinam, this limitation is disclosed such that when a client requests a remote desktop, the client is authorized paragraphs [0052], [0103]).
Wang in view of Frederick is analogous art with Ramarathinam because they are from the same field of endeavor, remote access.
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method as taught by Wang in view of Frederick by forwarding authorized mouse, keyboard, and screen output through an intermediary as taught by Ramarathinam because it would enhance the teaching of Wang in view of Frederick with an effective means of securing services at a virtualization host (as suggested by Ramarathinam, see for example paragraph [0148]).
As per claim 9, Wang in view of Frederick, further in view of Ramarathinam discloses the method of claim 8, wherein said mapping includes storing the first ticket in association with the second ticket (see for example Frederick, this limitation is disclosed such that an extension of OAuth allows for linking a first partner actor and its first authorization by sending a second token that also includes a first token to the first actor partner (i.e. “storing the first ticket in association with the second ticket”); paragraphs [0006]-[0007]).
As per claim 10, Wang in view of Frederick, further in view of Ramarathinam discloses the method of claim 9, further comprising: upon verifying that the second ticket matches the third ticket, extracting the identifier of the host from the first ticket that is stored in association with the second ticket (see for example Frederick, this limitation is disclosed such that entities and tokens in each delegation, as well as relationships between entities, are identified using auditing; paragraph [0027]).
the first ticket includes a WebSocket URL, which has a first end to which a WebSocket connection is established with the remote computing device and a second end to which a public interface of the proxy server is connected (see for example Wang, this limitation is disclosed such that the WEBSOCKET protocol is used; paragraph [0067]).

Claims 15-17 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Wang (U.S. 2018/0124051) in view of Miller (2006/0074618), further in view of Ramarathinam (U.S. 2012/0096271), and further in view of Lean et al. (U.S. 2008/0031141) (Hereinafter Lean).
As per claim 15, Wang discloses a computer system comprising: 
a memory configured to store executable code for remotely accessing a virtual machine (VM) running in a host (see for example Wang, this limitation is disclosed such that VNC is used for providing remote control of a virtual machine; paragraph [0003]. The serving end of a VNC connection request from a user is a virtual machine on a server; paragraphs [0063], [0067]. The VNC connection is made to a console; paragraph [0076]. Disclosed method is implemented using a memory storing computer execution instructions; paragraph [0049]); and 
a processor configured to execute the code (see for example Wang, this limitation is disclosed such that a processor executes the computer execution instructions in the memory; paragraph [0049]) to: 
issue a request to a VM management server to access the VM (see for example Wang, this limitation is disclosed such that a VNC connection request is made from a user to a virtual machine on a server; paragraphs [0041], [0063]);
upon receiving a ticket in response to the request, establish a communication channel using a URL specified in the ticket (see for example Wang, this limitation is disclosed such that there is a token in the connection request; paragraph [0023]. Upon receiving the connection request from the client, the URL of the proxy server and the token in the VNC connection information is sent to the client; paragraph [0028]. The client is operable to establish a connection to the proxy server according to the URL of the proxy server and the token; paragraphs [0028], [0063]);
transmit the ticket through the communication channel for authentication (see for example Wang, this limitation is disclosed such that authentication occurs over the connection with the proxy server using the token; paragraph [0015]); and
upon being authenticated, issue commands through the communication channel (see for example Wang, this limitation is disclosed such that instructions are processed using the proxy server; paragraph [0049]).
Although Wang discloses a memory configured to store executable code for remotely accessing a virtual machine (VM) running in a host, Wang does not explicitly teach remotely accessing a console of a virtual machine (VM).
However, Miller discloses remotely accessing a console of a virtual machine (VM) (see for example Miller, this limitation is disclosed such that a web interface is provided for administration and virtual machine remote console utility (VMRC, console interface) for each of a plurality of virtual machines. These tools are used to remotely access a virtual [machine] paragraph [0097]. The VMs are hosted on a physical machine; paragraph [0036]).
Wang in view of Miller is analogous art because they are from the same field of endeavor, remote access.
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method as taught by Wang by connecting to a virtual machine console as taught by Miller because it would enhance the teaching of Wang with a known tool, the virtual machine remote console utility, that can be used remotely to enable direct access to a virtual environment (as suggested by Miller, see for example paragraph [0097]).
Although Wang in view of Miller discloses issuing a request to a VM management server to access the VM, and upon being authenticated, issuing commands through a communication channel, Wang in view of Miller does not explicitly teach issuing a request to a VM management server to access mouse, keyboard, and screen (MS) of the VM, and generating a display screen based on mouse, keyboard, and screen (MKS) traffic returned in response to the commands.
However, Ramarathinam discloses issuing a request to a VM management server to access mouse, keyboard, and screen (MS) of the VM, and generating a display screen based on mouse, keyboard, and screen (MKS) traffic returned in response to the commands However, Ramarathinam discloses upon verifying, forwarding mouse, keyboard, and screen (MKS) traffic from the remote computing device to the host and forwarding MKS traffic from the host to the remote computing device (see for example Ramarathinam, this limitation is disclosed such that when a client requests a remote desktop, the client is authorized with a virtualization host and once authorized, user screen, keyboard, and mouse output is collected and forwarded with an intermediary on the host to the remote desktop; paragraphs [0052], [0103]).

It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method as taught by Wang in view of Miller by forwarding authorized mouse, keyboard, and screen output through an intermediary as taught by Ramarathinam because it would enhance the teaching of Wang in view of Miller with an effective means of securing services at a virtualization host (as suggested by Ramarathinam, see for example paragraph [0148]).
	Although Wang in view of Miller, further in view of Ramarathinam discloses upon receiving a ticket in response to a request, establishing a communication channel using a URL specified in the ticket, transmitting the ticket through the communication channel for authentication and upon being authenticated, issuing commands through the communication channel and generating a display screen based on mouse, keyboard, and screen (MKS) traffic returned in response to the commands, Wang in view of Miller, further in view of Ramarathinam does not explicitly teach that a communication channel is a full-duplex communication channel.
	However, Lean discloses that a communication channel is a full-duplex communication channel (see for example Lean, this limitation is disclosed such that a remote desktop session exists as a full duplex session; paragraph [0022]).
Wang in view of Miller, further in view of Ramarathinam is analogous art with Lean because they are from the same field of endeavor, remote access.
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method as taught by Wang in view of Miller, further paragraph [0022]).
As per claim 16, Wang in view of Miller, further in view of Ramarathinam, further in view of Lean discloses the computer system of claim 15, wherein the URL includes a public IP address of a proxy server that communicates with the host in which the VM is running (see for example Wang, this limitation is disclosed such that the URL of the proxy server includes IP address information; paragraph [0028]).
As per claim 17, Wang in view of Miller, further in view of Ramarathinam, further in view of Lean discloses the method of claim 16, wherein the full-duplex communication channel is a WebSocket connection and the URL is a WebSocket URL having a first end to which the WebSocket connection is established and a second end to which a public interface of the proxy server is connected (see for example Wang, this limitation is disclosed such that the WEBSOCKET protocol is used; paragraph [0067]).
As per claim 20, Wang in view of Miller, further in view of Ramarathinam, further in view of Lean discloses the computer system of claim 15, wherein the VM is provisioned in a cloud computing system (see for example Wang, this limitation is disclosed such that platform is cloud based; paragraph [0067]).

Claim 18 is rejected under 35 U.S.C. 103 as being unpatentable over Wang (U.S. 2018/0124051) in view of Miller (2006/0074618), further in view of Ramarathinam (U.S.  as applied to claim 15 above, and further in view of Hussain (U.S. 10,645,172).
As per claim 18, Wang in view of Miller, further in view of Ramarathinam, further in view of Lean discloses the computer system of claim 15 (see rejection of claim 15 above), but does not explicitly teach the limitation wherein commands issued include commands for opening a console of a VM and entering line commands into the console of the VM.
However, Hussain discloses the limitation wherein commands issued include commands for opening the console of the VM and entering line commands into the console of the VM (see for example Hussain, this limitation is disclosed such that a remote desktop application opens an SSH console to a computing instance and uses a command line interface; col.7 lines {21}-{50}).
Wang in view of Miller, further in view of Ramarathinam, further in view of Lean is analogous art with Hussain because they are from the same field of endeavor, remote access.
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method as taught by Wang in view of Miller, further in view of Ramarathinam, further in view of Lean by opening and interacting with a command line terminal console as taught by Hussain because it would enhance the teaching of Wang in view of Miller, further in view of Ramarathinam, further in view of Lean with an effective means of overcoming difficulties with interacting with remote computing instances (as suggested by Hussain, see for example col.7 lines {21}-{50}).

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JONATHAN R LABUD whose telephone number is (571)270-5174. The examiner can normally be reached Monday - Thursday 10am-4pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, EMERSON PUENTE can be reached on (571)272-3652. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/JONATHAN R LABUD/            Examiner, Art Unit 2196