DETAILED ACTION

Status of Claims
This action is in reply to the application filed on 05/26/2020.
Claims 1-20 are currently pending and have been examined.

	Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Interpretations
 The following is a quotation of 35 U.S.C. 112(f): 
(f) ELEMENT IN CLAIM FOR A COMBINATION.—An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.

The claims include one or more elements which are being interpreted as invoking 35 U.S.C. 112(f).
The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art. The broadest reasonable interpretation of a claim element is limited by the description in the specification when 35 U.S.C. 112(f), is invoked. As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f):
(A) the claim limitation uses the term “means” or “step” or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function;


(C) the term “means” or “step” or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function.
Absence of the word “means” (or “step”) in a claim creates a rebuttable presumption that the claim limitation is not to be treated in accordance with 35 U.S.C. 112(f). The presumption that the claim limitation is not interpreted under 35 U.S.C. 112(f), is rebutted when the claim limitation recites function without reciting sufficient structure, material or acts to entirely perform the recited function. This application includes one or more claim limitations that do not use the word “means,” but are nonetheless being interpreted under 35 U.S.C. 112(f) because the claim limitation(s) uses a generic placeholder that is coupled with functional language without reciting sufficient structure to perform the recited function and the generic placeholder is not preceded by a structural modifier. Such claim limitations are: 
“cloud resource management controller” in claims 1-7 and 15-20.
Because these claim limitations are being interpreted under 35 U.S.C. 112(f) they are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof.
If applicant does not intend to have the limitation(s) above interpreted under 35 U.S.C. 112(f), applicant may: (1) amend the claim limitation(s) to avoid it/them being interpreted under 35 U.S.C. 112(f) (e.g., by reciting sufficient structure to perform the claimed function); or (2) present a sufficient showing that the claim limitation(s) recite(s) sufficient structure to perform the claimed function so as to avoid it/them being interpreted under 35 U.S.C. 112(f).


Claim Objections
Claims 9-14 are objected to because of the following informalities: Minor grammatical error in first clause, correction: “The IHS of claim 8, wherein the cloud resource management enginefurther configured to”.  Appropriate correction is required.

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.

Claims 1-6, 8-13, and 15-19 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Flittner et al. (CloudInspector A Transparency-as-a-Service Solution for Legal Issues in Cloud Computing).

Claims 1, 8, and 15:
Flittner discloses the limitations as shown in the following rejections:
1. A cloud resource audit system, comprising: a plurality of datacenter hardware resources (Hosting Cloud Nodes (HCN)) (pg. 95, § III, para. 2; pg. 96, Fig. 1); 
a cloud resource management controller (“CloudInspector”, particularly Transparency Controller Module (TCM) + the Transparency Enhancement Module (TEM)), that is coupled to the plurality of datacenter hardware resources and that is configured to: allocate a first portion of the plurality of datacenter hardware resources to run one or more workloads (VMs and/or applications running thereon)  for a first end user (Tenant) on the first portion of the plurality of datacenter hardware resources; (pg. 95, § III; pg. 96, Fig. 1);
execute a first set of audit instructions (audit inquiry and/or tenet policies) to perform a first audit action (audit request/operation carried out by TEM) on one or more datacenter hardware resources included in the first portion of the plurality of datacenter hardware resources; and provide, in response to the first set of audit instructions being executed and the first audit action being performed, a first set of audit results to an audit terminal device (device of Tenant and/or Trusted Third Party (TTP) and/or Provider) (see at least pg. 96-97, § III-A and B; pg. 98, § V).

Claims 2-6, 9-13, and 16-19:
Flittner discloses the limitations as shown in the rejections above. Flittner further discloses the limitations as shown in the following rejections:
[claim 2, 9, 16] controller is configured to: obscure the first audit action from the first end user (pg. 95-96, § III and III-A) disclosing at that CloudInspector does not notify (obscures) Tenant of audit operations initiated by Provider queries and/or autonomously from triggered policies pushing audit trails directly to the external Trusted Third Party (TTP).
[claim 3, 10, 17] controller is configured to: cause the first portion of the plurality of datacenter hardware resources to run the one or more workloads for the first end user, wherein the executing the first set of audit instructions performs the first audit action during the running of the one or more workloads (see at least pg. 95, § III, para. 2; pg. 96, Fig. 1; pg. 96-97, § III-B).
[claim 4, 5, 11, 12, 18] controller is configured to: receive a second set of audit instructions from the audit terminal device; and store the second set of audit instructions…receive an update for the first set of audit instructions from the audit terminal device; and update the first set of audit instructions to provide an updated first set of audit instructions 
[claim 6, 13, 19] controller is configured to: monitor for a first condition (e.g. events and/or triggers/ and/or received inquiry) included in a first audit policy that is associated with the first set of audit instructions, wherein the first set of audit instructions are executed in response to the first condition being satisfied (see at least pg. 95-96, § III and III-A).

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 7, 14, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Flittner et al. (CloudInspector A Transparency-as-a-Service Solution for Legal Issues in Cloud Computing) in view of Lukacs (US 2017/0192810 A1).

Claims 7, 14, and 20:
Flittner discloses the limitations as shown in the rejections above. Flittner discloses that the TEM software shares HW node with concurrently executing Tenant VMs/applications (workloads) but does not describe the TEM preempting or otherwise utilizing resources allocated to the Tenant’s VMs and does not disclose the limitations of claims 7, 14, and 20.
Lukacs, however, discloses (¶0036, 0040-0041) analogous methods for auditing guest VMs (workloads) at a farm of client systems (datacenter hardware resources) including employing an “audit server to send instructions directly to an audited client system…to instruct VM audit engine 40 to perform a particular kind of audit, to inspect guest VM (¶0041)…engine 40 may select a target VM for  the audit instructions/ request (audit instructions) the engine reallocates a portion of hardware resources from running the one or more workloads (guest OS/applications) by injecting/”dropping” an audit agent driver into the VM to carry out audit operations (audit actions) within guest VM where “driver 48 executes within guest VM 32 having its own memory space and execution thread, driver 48 may use all resources available to guest OS 34 to perform an audit of guest VM” (¶0060) and subsequently “remove[s] audit driver 48 from guest VM 32 when audit driver 48 finishes execution, for instance, when the current audit operation is complete” (¶0059) (allocate the first sub-portion to the first audit action; and reallocate the first sub-portion back to the one or more workloads when the first audit action has completed).
It would have been obvious to  one of ordinary skill in the art at the time of the invention to modify Flittner to employ Lukacs’s audit agent injection “to increase the safety and reliability of the software audits. To avoid exposing auditing software to malicious human intervention and/or to malware infecting the audited client” (¶0064) and to increase the accuracy and efficiency of the auditing process (Lukacs ¶0061-0067).
.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant’s disclosure:
The following references are directed to auditing cloud resources: US 20150332280 A1; US 20120311344 A1; US 20120179646 A1;  US 20100325727 A1; “Trust is Good, Control is Better: Creating Secure Clouds by Continuous Auditing”; “Utilizing Third Party Auditing to Manage Trust in the Cloud”; “A  Case for the Accountable Cloud”.
Any inquiry of a general nature or relating to the status of this application or concerning this communication or earlier communications from the Examiner should be directed to Paul Mills 571-270-5482.  The Examiner can normally be reached on Monday-Friday 11:00am-8:00pm.  If attempts to reach the examiner by telephone are unsuccessful, the Examiner’s supervisor, Emerson Puente can be reached at 571-272-3652.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see  http://portal.uspto.gov/external/portal/pair .  Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866.217.9197 (toll-free). Any response to this action should be mailed to:
Commissioner of Patents and Trademarks
Washington, D.C.  20231
or faxed to 571-273-8300.
Hand delivered responses should be brought to the United States Patent and Trademark Office Customer Service Window:
Randolph Building
401 Dulany Street
Alexandria, VA 22314.
/P. M./
Paul Mills
03/22/2022

/EMERSON C PUENTE/Supervisory Patent Examiner, Art Unit 2196