PNG
    media_image1.png
    340
    340
    media_image1.png
    Greyscale
United States Patent and Trademark Office    
        
            
                                
            
        
    

Commissioner for Patents
United States Patent and Trademark Office

P.O. Box 1450
Alexandria, VA 22313-1450
www.uspto.gov











BEFORE THE PATENT TRIAL AND APPEAL BOARD


Application Number: 15/500,918
Filing Date: 31 Jan 2017
Appellant(s): HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP



__________________
Dan C. Hu
Reg. No. 40,025
For Appellant


EXAMINER’S ANSWER





This is in response to the appeal brief filed 02/15/2022 appealing final office action mailed on 09/07/2021.
(1) Grounds of Rejection to be Reviewed on Appeal
Every ground of rejection set forth in the Office action dated 09/07/2021 from which the appeal is taken is being maintained by the examiner except for the grounds of rejection (if any) listed under the subheading “WITHDRAWN REJECTIONS.”  New grounds of rejection (if any) are provided under the subheading “NEW GROUNDS OF REJECTION.”

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 8-11, 16-17, 20, 22, and 26-27 is/are rejected under 35 U.S.C. 103 as being unpatentable over Spiers et al (US 2012/0266231) hereinafter Spiers in view of Kawarai et al. (US 2005/0265356) hereinafter Kawarai. 
Regarding claim 8, Spiers teaches a method comprising: receiving, by a system comprising a hardware processor from a client device (i.e. a computing device having a processor, [0031]), a request for attestation of a back-end network (i.e. the tenant requests to create and verify integrity and authenticity (attestation) of a VM, as well as the hardware and software running the VM, [0050]), the request including a back-end network configuration requirement (i.e. (i.e. request may include the networking settings (e.g., VIP address I), tenant-specified configurations, to create the virtual machine, [0089]). providing, by the system, the client device with data verifying that the back-end network meets the back-end network configuration requirement (i.e. deem the Measured VM, the virtualization platform, and the infrastructure on which the platform is running to be authentic and configured as expected for the tenant to deliver the to the Measured VM, [0127]).
However, Spiers does not explicitly disclose responsive to the request, obtaining, by the system from a network controller that controls the back-end network, a back-end network topology that specifies a plurality of network elements included in the back-end network, and links between the plurality of network elements; sending, by the system to each respective network element of the plurality of network elements specified by the obtained back-end network topology, a request for attestation of a network element configuration of the respective network element; receiving, by the system from each respective network element of the plurality of network elements responsive to the request for attestation of the network element configuration sent to the respective network element, response data that specifies the network element configuration of the respective network element, the network element configuration including data specifying links between the respective network element and other network elements, and including a port forwarding rule used by the respective network element to handle network traffic; verifying, by the system, that the response data received from each network element included in the back-end network meets the back-end network configuration requirement included in the request for attestation of the back-end network.
However, Kawarai teaches responsive to the request, obtaining, by the system from a network controller that controls the back-end network, a back-end network topology that specifies a plurality of network elements included in the back-end network (i.e. obtains the addresses of nodes constituting the virtual LAN to be verified and the number of hops from the verification requesting NE from first reply packets to verify the topology, [0108]), and links between the plurality of network elements (i.e. obtains the connectivity and interconnections on the virtual LAN to be verified, [0048]). All the information obtained by the verification requesting NE performed after the verification requesting NE sends a first request packets ([0014], a first request packet that including a count value indicating the number of communication hops across nodes and an initial value of the count to each of its adjacent nodes that belong to the virtual LAN and are adjacent which corresponds to the “back-end network configuration requirement”) to verify the topology which corresponds to the “responsive to the request”; sending, by the system to each respective network element of the plurality of network elements specified by the obtained back-end network topology, a request for attestation of a network element configuration of the respective network element (i.e. the verification requesting NE multicasts request packets for keeping track of virtual LAN configuration, [0067]); receiving, by the system from each respective network element of the plurality of network elements responsive to the request for attestation of the network element configuration sent to the respective network element, response data that specifies the network element configuration of the respective network element (i.e. the verification requesting NE can receive second reply packets from the nodes on the route up to the node N9 with the maximum hops, [0123]), the network element configuration including data specifying links between the respective network element and other network elements (i.e. reply packets includes states of interconnections of nodes, [0123]), and including a port forwarding rule used by the respective network element to handle network traffic (i.e. the reply packet may include the sending port number as well as the sender address and the number of a receiving port through which the request packet was received as well as the replying node address, [0013] and see a table on lower right in FIG. 6); verifying, by the system, that the response data received from each network element included in the back-end network meets the back-end network configuration requirement included in the request for attestation of the back-end network (i.e. reply packets are sent from nodes other than the verification requesting NE to the verification requesting NE. Thus, the verification requesting NE has to enter a reply packet receiving mode immediately after multicasting request packets to verify virtual LAN configuration, [0073]). Therefore, after sending a request to verify the configuration of the nodes in the virtual LAN, the verification requesting NE receives a reply packet and extracts necessary information from the reply packets to verify the virtual LAN configuration, ([0048]).
Based on Spiers in view of Kawarai it would have been obvious to one of ordinary skilled in the art before the effective filing date of the claimed invention to utilize the teaching of Kawarai to the system of Spiers in order to enhance the trusted cloud environment of Spiers system.

Regarding claim 9, Spiers teaches the back-end configuration requirement includes a back-end network configuration requirement and a back-end software configuration requirement (i.e. cloud orchestrator deem the Measured VM, the virtualization platform , and the infrastructure on which the platform is running to be authentic and configured as expected for the tenant to deliver the to the Measured VM, [0127]); and wherein each network element configuration includes network element network configuration data and network element software data (i.e. the TPM creates the TPM quote as a function of a, a set of one or more of the measurement values (e.g., software version, configuration information, hardware type, etc.) stored in the PCR registers, [0122]).

Regarding claim 10, Spiers teaches the back-end network and computing device are included in a software defined network controlled by the network controller (i.e. an organization computer network, [0013]).

Regarding claim 11, Spiers teaches the instructions further cause the hardware processor to: receive, from the client device, a request for attestation of the computing device (i.e. a tenant of the cloud use for remote attestation. Remote attestation may include a process of remotely verifying the integrity and authenticity of cloud infrastructure, [0041]); and provide computing device attestation proof to the client device in response to the request for attestation of the computing device (i.e. the TPM creates the TPM quote as a function of a, a set of one or more of the measurement values (e.g., software version, configuration information, hardware type, etc.) stored in the PCR registers, [0122]).

Regarding claim 16, the limitations of claim 16 are similar to the limitations of claim 8. Spiers further teaches a non-transitory storage medium storing instructions that, when executed by the hardware processor, cause the hardware processor to (i.e. a non-transitory computer-readable storage medium storing computer-executable instructions, which when executed by an apparatus, claim 22). Therefore, the limitations of claim 16 are rejected in the analysis of claim 8 above, and the claim is rejected on that basis.

Regarding claim 17, Spiers teaches the verifying comprises verifying that the plurality of elements use a particular type of encryption on data (i.e. The secure tunnel may allow the instance to access the organization's own network and resources located either in the cloud DMZ 306 or elsewhere in the organization 302 over a network connection that may transparently encrypt all information transmitted through it. This may allow for data stored in the cloud or transmitted over the network in the cloud to be fully encrypted, [0173]).

Regarding claim 20, Spiers does not explicitly disclose wherein the network element configuration received from each respective network element of the plurality of network elements comprises a port forwarding rule used by the respective network element to forward network traffic through the back- end network.
However, Kawarai teaches wherein the network element configuration received from each respective network element of the plurality of network elements comprises a port forwarding rule used by the respective network element to forward network traffic through the back- end network (i.e. the reply packet may include the sending port number as well as the sender address and the number of a receiving port through which the request packet was received as well as the replying node address, [0013] and see a table on lower right in FIG. 6).Therefore, the limitations of claim 20 are rejected in the analysis of claim 16 above, and the claim is rejected on that basis.

Regarding claim 22, Spiers the plurality of network elements comprises routers or switches (i.e. router 314, and router 314 may communicate with a router 324 of cloud provider data center 304, [0058]). 9 
 
Regarding claims 26-27, the limitations of claims 26-27 are similar to the limitations of claims 10-11. Therefore, the limitations of claims 26-27 are rejected in the analysis of claims 10-11 above, and the claims are rejected on that basis.

Claims 12-13, 21 and 28-29 is/are rejected under 35 U.S.C. 103 as being unpatentable over Spiers et al (US 2012/0266231) hereinafter Spiers in view of Kawarai et al. (US 2005/0265356) hereinafter Kawarai and further in view of Mick et al. (US 20130304903) hereinafter Mick. 
Regarding claim 12, Spiers in view of Kawarai teach the limitations of claims 8 above.
However, Spiers in view of Kawarai do not explicitly disclose wherein the back-end network configuration requirement comprises a request for attestation of isolation of each network element included in the back-end network from network traffic of at least one other client device. 
However, Mick teaches wherein the back-end network configuration requirement comprises a request for attestation of isolation of each network element included in the back-end network from network traffic of at least one other client device network (i.e. network traffic between VM instances belonging to the same VLAN is always open but the system can enforce isolation of network traffic between different projects by enforcing one VLAN per project, [0099]).
 Based on Spiers in view of Kawarai and further in view of Mick it would have been obvious to one of ordinary skilled in the art before the effective filing date of the claimed invention to utilize the teaching of Mick to the system of Spiers and Kawarai in order to improve secure environment of Spiers and Kawarai system.

Regarding claim 13, Spiers in view of Kawarai teach the limitations of claims 8 above including the limitation verify that the response data received from each network element meets the back-end configuration requirement (i.e. reply packets are sent from nodes other than the verification requesting NE to the verification requesting NE. Thus, the verification requesting NE has to enter a reply packet receiving mode immediately after multicasting request packets to verify virtual LAN configuration, Kawarai, [0073]), communicating data of the first client in the back-end network (i.e. he VPN may use a digital certificate, username/unique token, and password to create a secure channel for the traffic, Spiers, [0059]). Therefore, after sending a request to verify the configuration of the nodes in the virtual LAN, the verification requesting NE receives a reply packet and extracts necessary information from the reply packets to verify the virtual LAN configuration, Kawarai ([0048]). 
However, Spiers in view of Kawarai do not explicitly disclose the client device is associated with a first client, the request for attestation of the back-end network comprises a request for attestation of isolation of each network element included in the back-end network from network traffic of a second client, a communication of the network traffic of the second client through the back-end network is isolated from communication of network traffic of the first client through the back-end network.
However, Mick teaches the client device is associated with a first client (i.e. user device, Fig. 1, item, 102), a request for attestation of a back-end network, the request including a back-end configuration requirement relating to isolation of network traffic of a first client (i.e. a security group specifies which incoming network traffic should be delivered to all VM instances in the group, all other incoming traffic being discarded, [0146]), wherein the verifying comprises verifying that the network traffic of the first client communicated through the back-end network is isolated from network traffic of a second client communicated through the back-end network (i.e. network traffic between VM instances belonging to the same VLAN is always open but the system can enforce isolation of network traffic between different projects by enforcing one VLAN per project, [0099]).
Based on Spiers in view of Kawarai and further in view of Mick it would have been obvious to one of ordinary skilled in the art before the effective filing date of the claimed invention to utilize the teaching of Mick to the system of Spiers and Kawarai in order to improve secure environment of Spiers and Kawarai system.
Regarding claim 21, Spiers in view of Kawarai do not explicitly disclose the client device is associated with a first client, wherein the request for attestation of the back-end network comprises a request for attestation of isolation of each network element included in the back-end network from network traffic of a second client, and wherein the verifying comprises verifying that a communication of the network traffic of the second client through the back-end network is isolated from a communication of network traffic of the first client through the back-end network.
However, Mick teaches the client device is associated with a first client, wherein the request for attestation of the back-end network comprises a request for attestation of isolation of each network element included in the back-end network from network traffic of a second client (i.e. a security group specifies which incoming network traffic should be delivered to all VM instances in the group, all other incoming traffic being discarded, [0146]), and wherein the verifying comprises verifying that a communication of the network traffic of the second client through the back-end network is isolated from a communication of network traffic of the first client through the back-end network (i.e. network traffic between VM instances belonging to the same VLAN is always open but the system can enforce isolation of network traffic between different projects by enforcing one VLAN per project, [0099]).
Based on Spiers in view of Kawarai and further in view of Mick it would have been obvious to one of ordinary skilled in the art before the effective filing date of the claimed invention to utilize the teaching of Mick to the system of Spiers and Kawarai in order to improve secure environment of Spiers and Kawarai system.

 Regarding claims 28, the limitations of claim 28 are similar to the limitations of claim 21. Therefore, the limitations of claim 28 are rejected in the analysis of claim 21 above, and the claim is rejected on that basis.

Regarding claim 29, Spiers in view of Kawarai do not explicitly disclose verifying that the communication of the network traffic of the second client through the back-end network is isolated from the communication of the network traffic of the first client through the back- end network comprises obtaining a network configuration of the second client from the network controller.
However, Mick teaches the verifying that the communication of the network traffic of the second client through the back-end network is isolated from the communication of the network traffic of the first client through the back- end network comprises obtaining a network configuration of the second client from the network controller (i.e. a security group specifies which incoming network traffic should be delivered to all VM instances in the group, all other incoming traffic being discarded, [0146])). Therefore, the limitations of claim 29 are rejected in the analysis of claims 21 and 28 above, and the claim is rejected on that basis.

Claims 14-15 and 23-25 is/are rejected under 35 U.S.C. 103 as being unpatentable over Spiers et al (US 2012/0266231) hereinafter Spiers in view of Kawarai et al. (US 2005/0265356) hereinafter Kawarai and Mick et al. (US 20130304903) hereinafter Mick and further in view of Kulka et al. (US 2014/0013451) hereinafter Kulka.
Regarding the limitation of claim 14, Spiers in view of Kawarai and further in view of Mick teach the limitations of claim 13 above.
However, Spiers in view of Kawarai and further in view of Mick do not explicitly disclose generate obfuscated response data based on the response data received from each network element, and wherein the data verifying that the back-end network meets the back-end configuration requirements includes the obfuscated response data.
However, Kulka teaches generate obfuscated response data based on the response data received from each network element, and wherein the data verifying that the back-end network meets the back-end configuration requirements includes the obfuscated response data (i.e. Data obfuscation can be used to modify, manipulate, or change sensitive data originating from one or more backend systems before presentation to an end user, [0002]).
Based on Spiers in view of Kawarai and Mick and further in view of Kulka it would have been obvious to one of ordinary skilled in the art before the effective filing date of the claimed invention to utilize the teaching of Kulka to the system of Spiers, Kawarai and Mick in order to improve capability of the trusted environment of Spiers, Kawarai and Mick system.

Regarding claim 15, Spiers teaches the back-end configuration requirement further specifies a first version of a software application (i.e. a create Measured VM request includes the networking settings (e.g., VIP address I), tenant-specified configurations, to create the virtual machine, [0089]); the network element configuration received from a given network element specifies that the given network element is running a second version of the software application, the second version being different from the first version (i.e. a measurement may be of at least one of a configuration parameter (e.g., software version, hardware, etc.) of a device or software, or of a configuration that the tenant may wish to authenticate prior to communicating with the device, [0083]); and the data verifying that the back-end network meets the back-end configuration requirement specifies that each network element included in the back-end network is running the first version of the software application, (i.e. the tenant may determine measurements of a configuration of the virtualization platform match an expected configuration, in the manner provided above, to determine whether to authenticate the platform, [0146]).

Regarding claims 23, the limitations of claim 23 are similar to the limitations of claim 14. Therefore, the limitations of claim 23 are rejected in the analysis of claim14 above, and the claim is rejected on that basis.

Regarding claim 24, Spiers in view of Kawarai and further in view of Mick do not explicitly disclose the obfuscated response data is generated by reducing a granularity of at least one measurement included in the network element configuration.
However, Kulka teaches the obfuscated response data is generated by reducing a granularity of at least one measurement included in the network element configuration (i.e. the intended obfuscation output for another user such as the employee's manager ("Jane Doe"), may be intended to allow the manager to only see the reporting hierarchy and the salary group only, [0063]). 
Based on Spiers in view of Kawarai and Mick and further in view of Kulka it would have been obvious to one of ordinary skilled in the art before the effective filing date of the claimed invention to utilize the teaching of Kulka to the system of Spiers, Kawarai and Mick in order to improve capability of the trusted environment of Spiers, Kawarai and Mick system.

Regarding claim 25, the limitations of claim 25 are similar to the limitations of claims 15. Therefore, the limitations of claim 25 are rejected in the analysis of claims 15 above, and the claim is rejected on that basis.















(2) Response to Argument

Appellant argues
    A verification NE multicasting request packets in Kawarai does not satisfy the "sending" subject matter in claim 8.
In response to appellant’s argument Kawarai in paragraph [0108], teaches the verification requesting NE sends first request packets to verify topology hop by hop across a virtual LAN to be verified and obtains the addresses of nodes constituting the virtual LAN to be verified and the number of hops from the verification requesting NE from first reply packets to verify the topology. Which means the information including the addresses of the nodes obtained to verify the topology can tell the hop by hop interconnections of the nodes in the topology. After all information such as addresses of nodes, the number of hops, the connectivity and interconnections obtained by the verification requesting NE, in paragraph [0067] the verification requesting NE multicasts request packets for keeping track of virtual LAN configuration. 
Kawarai refers to determining a topology of a virtual LAN after the verification NE multicasts request packets.
In response to appellant’s argument the multicasts request packets sent by the verification requesting NE after the verification requesting NE receives all information such as addresses of nodes, the number of hops, the connectivity and interconnections from the first reply packets for the first request packets sent by the verification requesting NE and in [0123], the verification requesting NE can receive second reply packets from the nodes on the route up to the node N9 with the maximum hops for the multicasts request packets sent. Therefore, Kawarai refers to determining a topology of a virtual LAN before the verification NE multicasts request packets.
The Examiner erred in asserting that Kawarai teaches the subject matter in the "verifying" clause of claim 8.
In response to appellant’s argument Kawarai [0073]) teaches reply packets are sent from nodes other than the verification requesting NE to the verification requesting NE. Thus, the verification requesting NE has to enter a reply packet receiving mode immediately after multicasting request packets that including a count value indicating the number of communication hops across nodes and an initial value of the count to each of its adjacent nodes that belong to the virtual LAN and are adjacent to verify virtual LAN configuration. And also, in [0048], after sending a request to verify the configuration of the nodes in the virtual LAN, the verification requesting NE receives a reply packet and extracts necessary information from the reply packets to verify the virtual LAN configuration, and the request packet.
Kawarai does not teach the limitations of claim 20 “the network element configuration received from each respective network element of the plurality of network elements comprises a port forwarding rule used by the respective network element to forward network traffic through the back- end network.”
In response to the appellant’s argument Kawarai in [0013] and a table on lower right in FIG. 6 teaches the reply packet may include the sending port number as well as the sender address and the number of a receiving port through which the request packet was received as well as the replying node address. Since the main purpose of port forwarding rule to send a packet from one device to the other, packet that includes the sending port number as well as the sender address and the number of a receiving port has the same purpose. 
In response to appellant’s argument regarding claim 16, since the appellant uses the same reason for arguing claim 16 as previously presented for claim 8, the response provided above regarding claim 8 is applied to claim 16 as well.  
Mick fails to provide any teaching of claim 13 limitation “verifying that the network traffic of the first client communicated through the back-end network is isolated from network traffic of a second client communicated through the back-end network”
In response to the appellant’s argument Mick in paragraph [0146], teaches a security group specifies which incoming network traffic should be delivered to all VM instances in the group, all other incoming traffic being discarded and also in [0099] network traffic between VM instances belonging to the same VLAN is always open but the system can enforce isolation of network traffic between different projects by enforcing one VLAN per project. Therefore, the system has to verify whether network traffic between VM instances belonging to the same VLAN or not, if not it enforces isolation of network traffic. 
In response to appellant’s argument regarding claims 12, 21, 28-29, since the appellant uses the same reasons for arguing claims 12, 21, 28-29 as previously presented for claims 8 and 13, the response provided above regarding claims 8 and 13 are applied to claims 12, 21, 28-29 as well.  


For the above reasons, it is believed that the rejections should be sustained.
Respectfully submitted,
/AYELE WOLDEMARIAM/
Examiner, Art Unit 2447 
5/18/2022


Conferees:
/SURAJ M JOSHI/Primary Examiner, Art Unit 2447                                                                                                                                                                                                        
/JOON H HWANG/Supervisory Patent Examiner, Art Unit 2447                                                                                                                                                                                                        

Requirement to pay appeal forwarding fee.  In order to avoid dismissal of the instant appeal in any application or ex parte reexamination proceeding, 37 CFR 41.45 requires payment of an appeal forwarding fee within the time permitted by 37 CFR 41.45(a), unless appellant had timely paid the fee for filing a brief required by 37 CFR 41.20(b) in effect on March 18, 2013.