DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
The present application, final filed on June 24, 2020, is accepted.
Claims 1 – 20 are being considered on the merits.

Drawings
The drawings, filed on June 24, 2020, are accepted.

Specification
The specification, filed on June 24, 2020, is accepted.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1–6, 8–17 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over US 20180137299 A1 to Porter et al., (hereinafter, “Porter”) in view of US 20190312939 A1 to Noble.
Regarding claim 1, Porter teaches a system comprising: an application trusted execution environment ("TEE") instance; [Porter, para. 5 discloses the actions of launching a root enclave; accessing an enclave manifest by the root enclave, wherein the enclave manifest specifies, for each of a plurality of component enclaves, a particular role for the respective component enclave; and instantiating each of the component enclaves, each component enclave configured to perform its respective role; wherein the root enclave and component enclaves form an enclave pod.] a first cloud service of a trusted cloud provider, wherein the first cloud service is configured to: receive an encrypted disk image, wherein the trusted cloud provider has access to the encrypted disk image, and launch the application trusted execution environment instance; [Porter, para. 7 discloses accessing a first enclave manifest by the first root enclave, wherein the first enclave manifest specifies, for each of a plurality of first component enclaves, a particular role for the respective first component enclave; instantiating each of the first component enclaves, each first component enclave configured to perform its respective role; wherein the first root enclave and first component enclaves form a first enclave pod; providing first data to the first component enclaves; launching a second root enclave. Para. 58 discloses the process 400 creates a master enclave in on-premise/private cloud environment (402). For example, a customer creates their master enclave, in empty form (without code or data) using a provided toolkit in on-premises/private cloud environment under their full control. The customer signs the master enclave its own private key and adds its public key to the package of the master enclave. The customer then activates an enclave management service from a public cloud provider, selects the task to provision for a cloud enclave pod, and specifies how the enclaves in the cloud are to be managed.] a second cloud service of a first alternate cloud provider configured to: launch a first attestation service instance from an attestation disk image, wherein the attestation disk image includes a secret, and the first alternate cloud provider has access to the secret, and provide the secret to the application TEE instance; [Porter, para. 7 discloses accessing a second enclave manifest by the second root enclave, wherein the second enclave manifest specifies, for each of a plurality of second component enclaves, a particular role for the respective second component enclave; instantiating each of the second component enclaves, each second component enclave configured to perform its respective role; wherein the second root enclave and second component enclaves form a second enclave pod; and providing second data to the second component enclaves, wherein the second data is different from the first data. Para. 58 discloses the process 400 creates a master enclave in on-premise/private cloud environment (402). For example, a customer creates their master enclave, in empty form (without code or data) using a provided toolkit in on-premises/private cloud environment under their full control. The customer signs the master enclave with its own private key and adds its public key to the package of the master enclave. The customer then activates an enclave management service from a public cloud provider, selects the task to provision for a cloud enclave pod, and specifies how the enclaves in the cloud are to be managed.] and a third cloud service of a second alternate cloud provider configured to: launch a second attestation service instance from the attestation disk image, wherein the attestation disk image includes the secret, and the second alternate cloud provider has access to the secret, and provide the secret to the application TEE instance; [Porter, para. 62 discloses the process 400 provisions code and data into other enclaves from master enclave (410). For example, as the customer's enclave joins the system of enclaves in the cloud, code and data are deployed via the master enclave to all other enclaves in the system as specified by the customer (regions, hierarchical relationship, availability, etc.) As each new enclave in a pod is instantiated, it has to attest its' origin and state to existing members of the pod based on the enclave's attestation flows. A customer can then interact with its system of enclaves to execute sensitive code or process sensitive data without separately managing encryption and complicated key management. The customer has assurance that their sensitive code and data are protected in the public cloud while in use, and confidentiality and integrity are enforced while at rest.], but Porter does not teach wherein one of the second cloud service and the third cloud service provide the secret to the application TEE instance when the other of the second cloud service and third cloud service is unavailable.
	However, Noble does teach wherein one of the second cloud service and the third cloud service provide the secret to the application TEE instance when the other of the second cloud service and third cloud service is unavailable. [Noble, para. 55 discloses the client device again requests data through data manager 120. At 260, data manager 130 analyzes the current status of the blockchain 130 in light of the request to determine optimal cloud service(s) 160 for retrieving the requested data. Because conditions changed, e.g., latency, costs, a particular cloud service is unavailable, etc., data manager 120 now determines that cloud service 160b is currently optimal for the request, and, at 265, requests client data from cloud service 160b. At 270, cloud service 160b transmits the requested data to data manager 120, which then provides the data to client device 140 at 275.]
	Therefore, it would have been obvious to one of ordinary skill in the art before the effective filling date to combine Noble’s system with Porter’s system, with a motivation to determine which cloud services 160a-160c are compatible with the data request from client device 140. [Noble, para. 55]

As per claim 2, modified Porter teaches the system of claim 1, wherein at least one of the second cloud service and the third cloud service is configured to obtain a cryptographic measurement associated with the application TEE instance. [Porter, para. 36 discloses the enclaves 110 and 120 can be instantiated by any appropriate enclave instantiation process. Once the pod of enclaves is established, the root enclave 110 can communicate with a remote verifier/secret provisioner 130 to obtain the secrets, e.g., binaries and data, for provisioning. The remote verifier 130 verifies the root enclave 110, which then asserts the identity of the manifest 112 it is enforcing. If the verifier 130 determines the identity of the root enclave 110 and that of the manifest 112 the root enclave 110 it is enforcing is acceptable, the verifier 130 provisions the necessary secrets. The individual components of the enclave pod 100 can also generate additional secrets. In some implementations, the generated and provisioned secrets can be sealed to the manifest 112 and the component enclave identity]

As per claim 3, modified Porter, teaches the system of claim 2, wherein the cryptographic measurement identifies characteristics of the application TEE instance including at least one of a type of the TEE instance, a version of the TEE instance, and a description of software components loaded into the TEE instance. [Porter, para. 37 discloses Each component enclave 120 in a pod 100 has one role. A role is the meta-functionality implemented by the enclave 120, and is an arbitrary string. Each component enclave 120 knows its own role, and knows roles of other component enclaves 120 it communicates with. Component enclaves 120, in some implementations, do not know, nor are they required to know, the identities of the other component enclaves 120. The role-to-identity mapping is provided by the manifest 112, and is enforced by the root enclave 112. Thus, when a component enclave 120 needs to communicate with another component enclave, the determination of which enclave to communicate with is role dependent. Para. 38 discloses the manifest 112 has three main purposes. First, the manifest 112 describe the enclave pod 100 to the remote verifier 130. Second, the manifest 112 allows component enclaves 120 to communicate with each other based on their roles rather than their identities. Finally, the manifest 112 allows component enclaves 120 to seal secrets to the pod configuration, in addition to sealing them to their own identity.]

As per claim 4, modified Porter teaches the system of claim 2, wherein the cryptographic measurement further includes an integrity code to validate the cryptographic measurement. [Porter, para. 36 discloses once the pod of enclaves is established, the root enclave 110 can communicate with a remote verifier/secret provisioner 130 to obtain the secrets, e.g., binaries and data, for provisioning. The remote verifier 130 verifies the root enclave 110, which then asserts the identity of the manifest 112 it is enforcing. If the verifier 130 determines the identity of the root enclave 110 and that of the manifest 112 the root enclave 110 it is enforcing is acceptable, the verifier 130 provisions the necessary secrets. The individual components of the enclave pod 100 can also generate additional secrets. In some implementations, the generated and provisioned secrets can be sealed to the manifest 112 and the component enclave identity]

As per claim 5, modified Porter teaches the system of claim 2, wherein at least one of the second cloud service and the third cloud service is configured to validate the application TEE instance. [Porter, para. 62 discloses the process 400 provisions code and data into other enclaves from master enclave (410). For example, as the customer's enclave joins the system of enclaves in the cloud, code and data are deployed via the mater enclave to all other enclaves in the system as specified by the customer (regions, hierarchical relationship, availability, etc.) As each new enclave in a pod is instantiated, it has to attest its' origin and state to existing members of the pod based on the enclave's attestation flows. A customer can then interact with its system of enclaves to execute sensitive code or process sensitive data without separately managing encryption and complicated key management. The customer has assurance that their sensitive code and data are protected in the public cloud while in use, and confidentiality and integrity are enforced while at rest.]

As per claim 6, modified Porter teaches the system of claim 5, wherein the at least one of the second cloud service and the third cloud service is configured to provide the secret responsive to validating the application TEE instance. [Porter, para. 36 discloses the enclaves 110 and 120 can be instantiated by any appropriate enclave instantiation process. Once the pod of enclaves is established, the root enclave 110 can communicate with a remote verifier/secret provisioner 130 to obtain the secrets, e.g., binaries and data, for provisioning. The remote verifier 130 verifies the root enclave 110, which then asserts the identity of the manifest 112 it is enforcing. If the verifier 130 determines the identity of the root enclave 110 and that of the manifest 112 the root enclave 110 it is enforcing is acceptable, the verifier 130 provisions the necessary secrets. The individual components of the enclave pod 100 can also generate additional secrets. In some implementations, the generated and provisioned secrets can be sealed to the manifest 112 and the component enclave identity.]

As per claim 8, modified Porter teaches the system of claim 1, wherein the second cloud service and the third cloud service are public clouds, and wherein the first cloud service is a private cloud. [Porter, Para. 55 discloses When a customer is running hybrid cloud deployment, the customer may desire to protect their sensitive code or data from the public cloud provider. To accomplish this goal, the hybrid cloud allows customer to bind their secrets to the components they have full control over in their on-premises environment. This mechanism enables the customer to leverage the power of public cloud for other, less sensitive, code and data while keeping control of high-value data and code by running it locally. Likewise, the cloud provider may want to offload some sensitive tasks to run on the customer's data center or other cloud to comply with the regulations or offer customers more flexibilities, while still maintaining the trusted relationship with outsourced functionality by virtue of linking it to the customer's workloads that continue to reside in the public cloud. Para. 58 discloses generating multiple enclaves in a hybrid cloud. The process 400 creates a master enclave in on-premise/private cloud environment (402). For example, a customer creates their master enclave, in empty form (without code or data) using a provided toolkit in on-premises/private cloud environment under their full control. The customer signs the master enclave its own private key and adds its public key to the package of the master enclave. The customer then activates an enclave management service from a public cloud provider, selects the task to provision for a cloud enclave pod, and specifies how the enclaves in the cloud are to be managed]

Regarding claim 9, Porter teaches a method comprising: uploading an encrypted disk image to a first cloud service of a trusted cloud provider, the trusted cloud provider has access to the encrypted disk image; [Porter, para. 7 discloses accessing a first enclave manifest by the first root enclave, wherein the first enclave manifest specifies, for each of a plurality of first component enclaves, a particular role for the respective first component enclave; instantiating each of the first component enclaves, each first component enclave configured to perform its respective role; wherein the first root enclave and first component enclaves form a first enclave pod; providing first data to the first component enclaves; launching a second root enclave.] launching an application trusted execution environment ("TEE") instance on the first cloud service of a trusted cloud provider; [Porter, para. 5 discloses the actions of launching a root enclave; accessing an enclave manifest by the root enclave, wherein the enclave manifest specifies, for each of a plurality of component enclaves, a particular role for the respective component enclave; and instantiating each of the component enclaves, each component enclave configured to perform its respective role; wherein the root enclave and component enclaves form an enclave pod.]launching a first attestation service instance from an attestation disk image on a second cloud service of a first alternate cloud provider, wherein the attestation disk image includes a secret, wherein the first alternate cloud provider has access to the secret; [Porter, para. 7 discloses accessing a second enclave manifest by the second root enclave, wherein the second enclave manifest specifies, for each of a plurality of second component enclaves, a particular role for the respective second component enclave; instantiating each of the second component enclaves, each second component enclave configured to perform its respective role; wherein the second root enclave and second component enclaves form a second enclave pod; and providing second data to the second component enclaves, wherein the second data is different from the first data. Para. 58 discloses the process 400 creates a master enclave in on-premise/private cloud environment (402). For example, a customer creates their master enclave, in empty form (without code or data) using a provided toolkit in on-premises/private cloud environment under their full control. The customer signs the master enclave its own private key and adds its public key to the package of the master enclave. The customer then activates an enclave management service from a public cloud provider, selects the task to provision for a cloud enclave pod, and specifies how the enclaves in the cloud are to be managed.] launching a second attestation service instance from the attestation disk image on a third cloud service of a second alternate cloud provider, wherein the attestation disk image includes the secret, wherein the second alternate cloud provider has access to the secret; [Porter, para. 62 discloses the process 400 provisions code and data into other enclaves from master enclave (410). For example, as the customer's enclave joins the system of enclaves in the cloud, code and data are deployed via the mater enclave to all other enclaves in the system as specified by the customer (regions, hierarchical relationship, availability, etc.) As each new enclave in a pod is instantiated, it has to attest its' origin and state to existing members of the pod based on the enclave's attestation flows. A customer can then interact with its system of enclaves to execute sensitive code or process sensitive data without separately managing encryption and complicated key management. The customer has assurance that their sensitive code and data are protected in the public cloud while in use, and confidentiality and integrity are enforced while at rest.], but Porter does not teach providing, by one of the second cloud service and the third cloud service, the secret to the application TEE instance when the other of the second cloud service and third cloud service is unavailable.
However, Noble does teach providing, by one of the second cloud service and the third cloud service, the secret to the application TEE instance when the other of the second cloud service and third cloud service is unavailable. [Noble, para. 55 discloses the client device again requests data through data manager 120. At 260, data manager 130 analyzes the current status of the blockchain 130 in light of the request to determine optimal cloud service(s) 160 for retrieving the requested data. Because conditions changed, e.g., latency, costs, a particular cloud service is unavailable, etc., data manager 120 now determines that cloud service 160b is currently optimal for the request, and, at 265, requests client data from cloud service 160b. At 270, cloud service 160b transmits the requested data to data manager 120, which then provides the data to client device 140 at 275.]
	Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling date to combine Noble’s system with Porter’s system, with a motivation to determine which cloud services 160a-160c are compatible with the data request from client device 140. [Noble, para. 55]

	Regarding claim 10, it recites features similar to features in claim 2, therefore it is rejected in the similar manner.

Regarding claim 11 – 12, they recite features similar to features in claim 5 – 6, therefore they are rejected in the similar manner.

Regarding claim 13, Porter teaches providing, by the first cloud service, the first portion of the secret to the application TEE instance; and providing, by the second cloud service, the second portion of the secret to the application TEE instance. [Porter, para. 46 discloses the component enclave 120 obtains the package, validates the signature with the root public ECDSA key that is part of the package, and sends back the attestation statement that includes: the component enclave 120 role as stated in the manifest; the component enclave 120 component ECDH public key (cDH_pub); the component enclave 120 component ECIES public key (cIES_pub); the root enclave ECDSA public key received in the previous step (rDSA_pub); and the challenge received in the previous step. The package is signed with the component enclave 120 ECIES private key and includes an attestation statement that will include the integrity measurement that describes the state of the component enclave 120. Para. 49 discloses each component enclave has an ECDH key-pair and an EC-IES key-pair that is certified by the ECDSA key of the root enclave. Thereafter, any two enclaves in the pod 100 can establish a secure connection using these certified ECDH keys. Each of the enclaves ensures that the peer's ECDH key is certified by the same ECDSA key.] The remaining features recited are similar to features in claim 9, therefore it is rejected in the similar manner.

Regarding claim 14, it recites features similar to features in claim 2, therefore it is rejected in the similar manner.

Regarding claim 15, it recites features similar to features in claim 5, therefore it is rejected in the similar manner.

As per claim 16, modified Porter teaches the method of claim 15, wherein the first cloud provider forwards validation information to the second cloud provider. [Porter, para. 58 discloses a customer creates their master enclave, in empty form (without code or data) using a provided toolkit in on-premises/private cloud environment under their full control. The customer signs the master enclave its own private key and adds its public key to the package of the master enclave. The customer then activates an enclave management service from a public cloud provider, selects the task to provision for a cloud enclave pod, and specifies how the enclaves in the cloud are to be managed. Para. 59 discloses the process 400 uploads the empty enclave as a master enclave (404). The master enclave is uploaded to the cloud service. The master enclave, once instantiated, enables other cloud enclaves to validate the proof of possession of a key that a master enclave is signed with using a public key that is shared as part of the same transaction.]

Regarding claim 17, it recites features similar to features in claim 6, therefore it is rejected in the similar manner.

As per claim 20, modified Porter teaches the method of claim 13, further comprising: obtaining, by the first attestation service instance, a first cryptographic measurement associated with the application TEE instance; and obtaining, by the second attestation service instance, a second cryptographic measurement associated with the application TEE instance. [Porter, para. 46 discloses the component enclave 120 obtains the package, validates the signature with the root public ECDSA key that is part of the package, and sends back the attestation statement that includes: the component enclave 120 role as stated in the manifest; the component enclave 120 component ECDH public key (cDH_pub); the component enclave 120 component ECIES public key (cIES_pub); the root enclave ECDSA public key received in the previous step (rDSA_pub); and the challenge received in the previous step. The package is signed with the component enclave 120 ECIES private key and includes an attestation statement that will include the integrity measurement that describes the state of the component enclave 120. Para. 49 discloses each component enclave has an ECDH key-pair and an EC-IES key-pair that is certified by the ECDSA key of the root enclave. Thereafter, any two enclaves in the pod 100 can establish a secure connection using these certified ECDH keys. Each of the enclaves ensures that the peer's ECDH key is certified by the same ECDSA key.]

Claim 7 is rejected under 35 U.S.C. 103 as being unpatentable over US 20180137299 A1 to Porter in view of US 20190312939 A1 to Noble in further view of US 20160350535 A1 to Garcia.
Regarding claim 7, modified Porter teaches the system of claim 1, but Porter does not teach wherein the application TEE instance is an encrypted virtual machine, the trusted cloud provider is restricted from accessing the secret, the first alternate cloud provider is restricted from accessing the encrypted disk image, and the second alternate cloud provider is restricted from accessing the encrypted disk image.
However, Garcia does teach wherein the application TEE instance is an encrypted virtual machine [Garcia, para. 26 discloses an original virtual machine image 110a is shown instantiated at a local computing platform 160. Although shown instantiated at a local computing platform, it shall be understood that virtual machine image 110a may be instantiated at any computing device including a single physical computing device such as a server computer or personal computer. Para. 27 discloses an encryption module 122 (e.g., TrueCrypt) encrypts the original virtual machine image 110a to create an encrypted virtual machine image 110b. As previously mentioned, the encryption module 122 can encrypt the system partition of the virtual machine image 110a on which an operating system (or other information to access the operating system) is installed. The encryption module can also encrypt all other portions/drives of the virtual machine image 110a. The resulting encrypted virtual machine image 110b may therefore include an encrypted drives 114b as well as an encryption boot loader 112b that may be required to call the encryption module 122 to perform preauthorization prior to booting the operating system from the encrypted virtual machine image 110b.] the trusted cloud provider is restricted from accessing the secret, the first alternate cloud provider is restricted from accessing the encrypted disk image, and the second alternate cloud provider is restricted from accessing the encrypted disk image. [Garcia, para. 76 discloses secret data need not be stored in non-volatile memory on the systems that need to use the secret data (e.g., the client). The secret data can be securely retrieved from remote servers, used, and then discarded. Trustees can be queried and prompted on demand of the secret data to authorize or deny the requests, which can immediately release or restrict access the secret data. The release of the managed secret data can be temporarily or permanently locked when a system or a network detects a potential threat or compromise. The trustee who has the authority to release the secret data to the requesting client application does not necessarily need or have access to the raw secret data itself, which can be extremely advantageous in the event of a separation of employment or responsibility of the trustee. Furthermore, the server on which the secret data is stored may not have access to the secret data, allowing secret information to be held on third party servers or cloud servers.]
	Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling date to combine Garcia’s system with modified Porter’s system, with a motivation that a trustee who has the authority to release the secret data to the requesting client application does not necessarily need or have access to the raw secret data itself, which can be extremely advantageous in the event of a separation of employment or responsibility of the trustee. Furthermore, the server on which the secret data is stored may not have access to the secret data, allowing secret information to be held on third party servers or cloud servers
 [Garcia, para. 76]

Claims 18 – 19 are rejected under 35 U.S.C. 103 as being unpatentable over US 20180137299 A1 to Porter et al., (hereinafter, “Porter”) in view of US 20190312939 A1 to Noble in further view of US 20210091952 A1 to Wentz.
Regarding claim 18, modified Porter teaches the method of claim 13, but modified Porter does not teach further comprising combining, by the application TEE instance, the first portion of the secret and the second portion of the secret to recover a complete secret.
However, Wentz does teach comprising combining, by the application TEE instance, the first portion of the secret and the second portion of the secret to recover a complete secret. [Wentz, para. 64 discloses at least a secret generator 204a-b includes at least a first secret generator having at least a first secret share of the module-specific secret and at least a second secret generator having a second secret share of the module-specific secret. A secret share, as defined herein, is a portion of module-specific secret that may be combined with at least one other such secret share to produce module-specific secret, but which is insufficient by itself to determine overall module-specific secret. At least a first secret share and at least a second secret share may be combined to create module-specific secret only upon production of output by at least a first secret generator module and at least a second secret generator module;]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling date to combine Wentz’s system with Porter’s system, with a motivation to be combined as secret shares to produce module-specific secret. Each of at least a first secret generator module and at least a second secret generator module may be manufactured or produced by a different entity, and subsequently combined to produce at least a secret generator module 104a-b; as a result, no one manufacturer may be in a position to discover module-specific secret, while each such manufacturer may be capable of verifying authenticity of a secret share generated by that manufacturer's secret generation module, a proof based thereon, or the like. [Wentz, para. 64]

As per claim 19, modified Porter does teach the method of claim 18, further comprising: accessing, by the application TEE instance, the encrypted disk image using the complete secret; [Porter, para. 62 discloses as the customer's enclave joins the system of enclaves in the cloud, code and data are deployed via the mater enclave to all other enclaves in the system as specified by the customer (regions, hierarchical relationship, availability, etc.)] and completing, by the application TEE instance, start up. [Porter, para. 62 discloses As each new enclave in a pod is instantiated, it has to attest its' origin and state to existing members of the pod based on the enclave's attestation flows. A customer can then interact with its system of enclaves to execute sensitive code or process sensitive data without separately managing encryption and complicated key management. The customer has assurance that their sensitive code and data are protected in the public cloud while in use, and confidentiality and integrity are enforced while at rest.]

Conclusion
Pertinent prior art made of record however not relied upon includes:
US 20190155956 A1 to Kesarwani et al. teaches:
“Methods, systems and computer program products for association rule mining of an encrypted database are provided herein. A computer-implemented method includes receiving, at a first cloud computing environment, encrypted transaction data that are encrypted using an encryption scheme which provides additive homomorphism, wherein the transaction data comprise a plurality of combinations of two or more elements of a set of elements, receiving, at the first cloud computing environment, encrypted query data that are encrypted using the encryption scheme, wherein the query data comprise at least one of an element and a combination of two or more elements of the set of elements which are the subject of a query seeking a determination of whether at least one of the element and the combination of two or more elements is frequent, and computing addition of the encrypted query data with the encrypted transaction data.”
US 20200380149 A1 to Ramesh et al. teaches:
“Techniques are disclosed relating to securely storing data at a computing device that is managed by an external entity. In some embodiments, a computing device maintains a first file system volume having data that is accessible to a user of the computing device and that is not managed by an entity external to the computing device. The computing device receives, from the entity external, a first request to configure the computing device to store data that is accessible to the user and managed by the external entity. In response to the first request, the computing device creates a second distinct file system volume to store the data managed by the external entity. In response to a second request from the external entity, the computing device subsequently removes the second file system volume.”
	
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Phuc Pham whose telephone number is (571)272-8893. The examiner can normally be reached Monday - Thursday 7:30 AM - 4:30 PM; Friday 8:00 AM - 12:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kambiz Zand can be reached on (571)272-3811. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/P.P./Patent Examiner, Art Unit 2434    

/NOURA ZOUBAIR/Primary Examiner, Art Unit 2434