PNG
    media_image1.png
    172
    172
    media_image1.png
    Greyscale
United States Patent and Trademark Office
Commissioner for Patents
United States Patent and Trademark Office
P.O. Box 1450
Alexandria, VA 22313-1450
www.uspto.gov











BEFORE THE BOARD OF PATENT APPEALS
AND INTERFERENCES



Application Number: 16/950,006
Filing Date: November 17, 2010
Appellant(s): Stoler et al


__________________
Adam S. Boger
Reg. No. 71,337
For Appellant


EXAMINER'S ANSWER






This is in response to the appeal brief filed 04/13/2022 appealing from the Office Action mailed 06/25/2021 as Final Office Action.

(1)   Grounds of Rejection to be Reviewed on Appeal
Every ground of rejection set forth in the Office action dated 06/25/2021 from which the appeal is taken is being maintained by the Examiner except for the grounds of rejection (if any) listed under the subheading “WITHDRAWN REJECTIONS.”  New grounds of rejection (if any) are provided under the subheading “NEW GROUNDS OF REJECTION.”
1.	WITHDRAWN REJECTIONS
Double Patenting Rejections of claims 21-40 have been withdrawn.
Appellant’s Argument:  As to the double patenting rejections of claims 21-40, the Appellant submits that the instant claims are different than claims of the reference US patent No. 10, 878,119, and the rejections should be reversed (Appeal brief, 04/13/2022, pages 7, 15-16). 
Examiner’s Response:  The Examiner is withdrawing the double patenting rejections based on the Appellant’s remarks.
(2)   Response to Argument
The Rejection of independent claims 21 and 31, under 35 U.S.C. § 103: 
Appellant’s Argument:  As to the rejections of independent claims 21 and 31, the Appellant submits that the cited art does not teach claim limitations and the rejections should be reversed. 
Providing support, the Appellant gave a summary of the claimed subject matter and described the scope of the claims 21 and 31. Then provided discussion of PriorArt, Banerjee and Planivel’s teaching, to differentiate the claimed invention over PriorArt.
Appellant’s Argument: (a) The Appellant submits that Banerjee does not teach the limitation, “determining, based on the obtained one or more configuration parameters, that the virtualized execution instance is permitted to perform operations on a virtualized host environment beyond an environment of the virtualized execution instance.”  The Appellant added that, Banerjee discloses “systems and methods for scanning data stored on cloud computing platforms ... from computing systems external to the cloud computing instances.” Banerjee defines a “security scan” as “any suitable security assessment, analysis, and/or scan of stored data.” Banerjee provides, as an example of a security scan, a “data loss prevention scan.” The characteristics of a scan (such as the scope of a scan, the prioritization of a scan, or security policy used when scanning) can depend on the ownership of the data volume or of a cloud computing instance corresponding to the data volume. Such ownership can be identified from user account information or inferred from access or change information.” Banerjee does not disclose “eliminating any possibility of [an] operation being performed beyond [the operation’s] dedicated environment.” Banerjee does not concern “operations” -- Banerjee concerns scanning data volumes in accordance with unspecified, generic data loss (Appeal brief, 04/13/2022, pages 8-10). Providing further evidence, how system/method of Banerjee differs substantially from the claimed subject matter, the Appellant submits that the security scans of Banerjee concern data. In contrast, claims 21 and 31 recite a determination that concerns “a virtualized execution instance,” (Appeal brief, 04/13/2022, pages 10-11).
Examiner’s Response:  The Examiner respectfully disagrees with the Appellant.  As to the rejections of claims 21 and 31, the Examiner submits that applied prior art teaches the limitations of the claims as addressed in the rejections. Specifically, Banerjee discloses the above addressed limitation. 
While the Appellant emphasis on that Banerjee does not concern the limitation “operations” but concern generic data loss, the claim limitation does not refine as to what kind of “operations” that is permitted to perform that claim scope is directed to. One of ordinary skill in the art would understand that performing “operations” is the most generic way to capture the scope that the claimed “virtualized execution instance” has possibility of performing any type of function beyond its allocated/configured environment, such as, any type access to data/resource or performing a function/application in the allocated instance.
The Examiner asserts that teaching of Banerjee discloses similar problem and solution as the claimed invention. The claimed invention’s virtual execution instance configuration and access permission is directed to providing development (e.g., DevOps) platform tool to a client (i.e. user or user-operated application) in a cloud environment, and for that process, scans the cloud environment for configuration and manage access permission (please see the paragraphs 00116, 00124-0125, 00145, of the instant application’s discloser). Banerjee teaches of a plurality of cloud computing instances and the data volumes/resources associates with the ach instances (see Banerjee, col 2, lines 28-40), and a scan and monitoring of requested application service to prohibit sensitive data from being used and/or transmitted in specified scenarios access to sensitive information [i.e. possibility of operation beyond its dedicated environment] (see Banerjee, col 7, lines 10-14, lines 36-37).
The Examiner agrees with the Appellant that Banerjee’s scanning process and data access controlling process is “depend on the ownership of the data volume or of a cloud computing instance corresponding to the data volume. Such ownership can be identified from user account information or inferred from access or change information” as the Appellant stated (Appeal brief, 04/13/2022, page 9),” and such teaching can be found in Banerjee (see Banerjee, col 9, lines 26-34). However, the Examiner does not agree with that this system/method substantially differs from claim limitation of claims 21 and 31, and does not equate to the conclusion that Banerjee does not teach the concept of “dedicated environment” of an “operation” associated with “a virtualized execution instance.” Even though, the claim limitations do not refine, the disclosure of the instant application recites that the permission and operations of a virtualized instance is associated with a client identity (see paragraph 0145 of the instant application), where the client identity is a user or user-operated application (see paragraph 0145 of the instant application). Therefore, in light of the specification, one of ordinary skill in the art would understand that the claimed “dedicated environment” of an “operation” associated with “a virtualized execution instance,” are “depend on the ownership [of a user] of the data volume or of a cloud computing instance corresponding to the data volume,” exactly same as Banerjee’s teaching.
Therefore, Banerjee’s teaching clearly reads on the claim limitation.
Appellant’s Argument: (b) The Appellant submits that Palanivel does not disclose or suggest the limitation, “determining, based on the determination that the virtualized execution instance is permitted to perform operations on the virtualized host environment beyond the environment of the virtualized execution instance, that the virtualized execution instance presents a privilege vulnerability,” as recited in claims 21 and 31 (Appeal brief, 04/13/2022, page 11). Providing evidence, the Appellant stated that, in general, Palanivel concerns systems and methods that “allow a cloud service provider to employ DevOps personnel to facilitate incident management and software/firmware deployment in cloud computing environments while satisfying data control policies that govern the access to restricted data and the control plane of the cloud computing environments.” Palanivel discloses providing “Just-in-time (JIT) access to DevOps personnel to resolve an incident ... subject to review and approval by the operating personnel.””! The JIT access can be “both limited in scope (i.e., the level of access permitted) as well as limited in time (i.e., the JIT access is revoked after a set period of time),” (Appeal brief, 04/13/2022, pages 12-13). Palanivel discloses granting DevOps personnel access to a production environment. In contrast, the abovementioned elements of claims 21 and 31 recite “determining ... that the virtualized execution instance presents a privilege vulnerability” (Appeal brief, 04/13/2022, page 13).
Examiner’s Response:  The Examiner respectfully disagrees with the Appellant.  As to the rejections of claims 21 and 31, the Examiner submits that applied prior art teaches the limitations of the claims as addressed in the rejections. Specifically, Palanivel discloses the above addressed limitation. 
The Examiner asserts that teaching of Palanivel discloses similar problem and solution as the claimed invention. The claimed invention’s virtual execution instance configuration and access permission is directed to providing development (e.g., DevOps) platform tool to a client (i.e. user or user-operated application) in a cloud environment, and for that process, scans the cloud environment for configuration and manage access permission (please see the paragraphs 00116, 00124-0125, 00145, of the instant application’s discloser). 
The Examiner agrees with the Appellant that Palanivel concerns systems and methods that “allow a cloud service provider to employ DevOps personnel to facilitate incident management and software/firmware deployment in cloud computing environments, while satisfying data control policies that govern the access to restricted data and the control plane of the cloud computing environments,” as the Appellant stated (Appeal brief, 04/13/2022, page 13). Therefore, there is no “contrast,” but similarities between the claimed limitation/invention and the process of Palanivel.  Therefore, Banerjee’s teaching clearly reads on the claim limitation.
Appellant’s Argument: (c) The Appellant submits that the rejections of claim 21 and 31 does not provide any rationale in support of combining Palanivel with Banerjee (Appeal brief, 04/13/2022, page 13).
Examiner’s Response:  The Examiner submits that the statement of the combination logic is omitted by an error in the final office action, mailed out on 06/25/2021, when the rejection was copied from the non-final rejection, mailed out on 02/08/2021. The combination logic is clearly stated in the non-final rejection (pages 6-7 for claim 21, and pages 11-12 for claim 31), and since the ground of rejection has not been changed in the final office action, the cited combination logics are remained valid for the rejections of the final rejection.
Based on the above discussion, the Examiner respectfully submits that Appellant’s analysis of PriorArt is not correct, and applied PriorArt teaches the limitations of claim 21 and 31, and therefore, the rejections of claims 21 and 31 is proper. 
Rejection of dependent Claims 22-30 and 32-40, under 35 U.S.C. § 103: 
Appellant’s Argument:  As to the rejection of dependent claims 22-30 and 22-40, claims are allowable by virtue of dependence of allowable claims 21 or 31.
Examiner’s Response:  The Examiner respectfully disagrees with the Appellant. The rejection of dependent claims 22-30 and 22-40 are proper at least based on the rationale and response presented to the argument for their respective base claims, and the reference applied to the claims.
(3) Conclusion
For the above reasons, it is believed that the rejection should be sustained.


Respectfully submitted,

/JAHANGIR KABIR/Primary Examiner, Art Unit 2439                                                                                                                                                                                                        

Conferees:

/KARI L SCHMIDT/Primary Examiner, Art Unit 2439                                                                                                                                                                                                        



/LUU T PHAM/Supervisory Patent Examiner, Art Unit 2439                                                                                                                                                                                                        


Requirement to pay appeal forwarding fee.  In order to avoid dismissal of the instant appeal in any application or ex parte reexamination proceeding, 37 CFR 41.45 requires payment of an appeal forwarding fee within the time permitted by 37 CFR 41.45(a), unless Appellant had timely paid the fee for filing a brief required by 37 CFR 41.20(b) in effect on March 18, 2013.