DETAILED ACTION 
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Arguments
Applicant’s arguments regarding the 35 USC § 103 rejections have been fully considered but are not persuasive. Applicant’s remarks are related to newly amended claim limitations and have been fully addressed in the rejections recited below. The newly amended claim language has been rejected by the addition of the Overton reference.

Claim Rejections – 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 1-20 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
The following claim language is unclear and indefinite:
As per claim 1, it is unclear what is meant by “wherein the indication comprises one or more signals corresponding to a data structure referencing the first storage block and the second storage block” (i.e. there are two “indications” in the referenced claim; the “indication” in the first cause of claim 1 and the “indication” in the last clause of claim 1)  and it is unclear which “indication” the wherein clause applies to. Examiner has interpreted the wherein clause to apply to the second indication. Appropriate correction is required. Independent claims 11 and 16 contain similar language and are rejected for the same reasons as claim 1. Independent claims 2-10, 12-15, and 17-20 are rejected due to their dependency on claims 1, 11, and 16 respectively.

Double Patenting
	The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees.   A nonstatutory obviousness-type double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); and  In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321© or 1.321(d) may be used to overcome an actual or provisional rejection based on a nonstatutory double patenting ground provided the conflicting application or patent either is shown to be commonly owned with this application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. 
Effective January 1, 1994, a registered attorney or agent of record may sign a terminal disclaimer. A terminal disclaimer signed by the assignee must fully comply with 37 CFR 3.73(b).
Claims 1-20 are provisionally rejected on the ground of nonstatutory obviousness-type double patenting as being unpatentable over claims 1-20 of copending Application No. 15656012.  Although the conflicting claims are not identical, they are not patentably distinct from each other because both applications comprise substantially the same elements and cover the same subject matter. As can be seen from the table below, taking claim 1 as exemplary, both claims have similar features.
This is a provisional obviousness-type double patenting rejection because the conflicting claims have not in fact been patented.
Instant Application: 16585228
Copending Application: 15656012
Claim 1, 11 and 16: A method comprising:
              receiving, by a guest program from a hypervisor, an indication that identifies a first storage block of a first virtual machine, wherein the first storage block is write protected by the hypervisor;
         








   identifying, by the guest program, a second storage block of a second virtual machine; and
        



  copying, by the guest program, data of the first storage block to the second storage block, wherein the data of the first storage block and data of the second storage block are encrypted using different cryptographic inputs.




           Providing, by the guest program, an indication to the hypervisor of completion of the copying, wherein the indication comprises one or more signals corresponding to a data structure referencing the first storage block and the second storage block.





	In regards to claims 2-10, 12-15 and 17-20, see the art applied in the art rejections below in view of the following motivations:  
	For claims Claim 2-8, 12-15 and 17-20, in combination of claim 1 of the Application in view of  Powell et al. (United States Patent Application Publication 20170277898) in view of Tsirkin (United States Patent Application Publication 20150242159) and Overton et al. (United States Patent 9069477) (as mapped in the art rejection below): The combination of Powell-Tsirkin and Overton are analogous because they are each related memory management for virtual machines. Powell teaches migration of encrypted virtual machines (Powell, [0021], the security module supports migration of the guest VM to another processing system while maintaining the confidentiality of the guest VM's secure data while the guest VM is migrated to another processing system. For example, in response to a request from the requestor to migrate the guest VM to the requestor, the security module can generate transport encryption keys and encrypt the guest VM, including its secure data, with the transport encryption keys. The security module then provides the encrypted guest VM to the requestor, which decrypts the guest VM, re-encrypts the guest VM with a locally generated address space encryption key, and executes the guest VM. By encrypting the guest VM prior to migration, the security module protects the secure data of the guest VM during the migration process) and thus would be obvious in view of claim 1 to securely migrate a VM. Tsirkin also teaches a method of secure virtual machine migration. (Abstract, Systems and methods for reducing network traffic in virtual machine live migration. An example method may comprise: intercepting, by a first computer system, a write access to a memory page by a virtual machine undergoing live migration from the first computer system to a second computer system; storing a copy of the memory page in a memory before allowing the virtual machine to modify the memory page; identifying data to be transmitted to the second computer system responsive to comparing the memory page and the copy of the memory page; and transmitting the data to the second computer system). Overton teaches managing updates to memory allocations for virtual servers. (Abstract, Multiple memory pointers may refer to a primary page storing a definitive copy of data. When that data is to be modified, a copy on write operation creates a second copy in another memory page which may then be modified and updates memory pointers accordingly. When data within two or more memory pages is identical to data within a primary page, a collapse on write operation updates memory pointers to refer to the primary page and de-allocates the duplicative and now unused memory pages; Column 4, Lines 35-38, as individual processes such as application instances in a virtual server environment continue to make changes to memory pages 118, the copy on write operation may result in significantly increased memory page usage; and Column 5, Lines 22-36, the memory page 118(1) retains its original data, and now the memory pages 118(2)-(4) contain modified copies of that original data. Continued activity by one or more of the processes results in modification of the data such that the contents of memory pages 118(2)-(4) are identical. As a result, a collapse on write operation is initiated between memory pages 118(2)-(4).  At 410, the memory pages 118(2)-(4) have been collapsed using a collapse on write operation into the memory page 118(3). As a result, the memory pages 118(2) and 118(4) may be de-allocated and used for storage of other data. After further activity by the processes pointing to the memory pages 118, the data within the memory page 118(1) and 118(3) are now identical. Another collapse on write operation is initiated between these two pages). It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention that based on the combination, the teachings of Powell would be modified with the write-protection mechanism taught by Tsirkin and the copy-on-write memory management mechanisms taught by Overton in order to manage virtual machine migration. Therefore, it would have been obvious to combine the teachings of Powell, Tsirkin, and Overton.

	In regards to claims 9 and 10, in combination of claim 1 of the application in view of Powell-Tsirkin-Overton (as outlined in the art rejection below) and in further view of Hudzia et al. (United States Patent Application Publication 20160328257) (as outlined in the art rejection below)- The combination of Powell-Tsirkin-Overton and Hudzia are analogous because they are each related to secure virtual machine migration and memory management. Powell and Tsirkin both teach migration of encrypted virtual machines including managing memory associated with the migrating virtual machine. Overton teaches a method of memory management for virtual servers. Hudzia teaches efficient virtual machine migration including managing memory associated with the migrating virtual machine. ([0003], Respective bitmaps are calculated for at least some of the workloads, wherein (i) a bitmap of a workload is statistically indicative of a cardinality of the set of memory pages used by the workload, (ii) a union of two or more bitmaps is statistically indicative of the cardinality of a union of the sets of memory pages used by the two or more corresponding workloads, and (iii) an intersection of first and second bitmaps is statistically indicative of an overlap between respective first and second sets of memory pages used by the corresponding workloads. A decision is made to migrate a selected workload from a source compute node to a destination compute node, based on one or more of the bitmaps; and [0004], the selection criterion aims to maximize a number of the memory pages that are used by the selected workload and can be deduplicated on the destination compute node following migration of the selected workload. In another embodiment, calculating the bitmaps includes calculating a node-level bitmap for the destination compute node by calculating the union of the bitmaps of the existing workloads on the destination node, and deciding to migrate the workload includes evaluating the selection criterion based on the node-level bitmap of the destination compute node). It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention that based on the combination, the teachings of the combination of Powell-Tsirkin-Overton would be modified with the known method taught by Hudzia in order to manage virtual machine migration. Therefore, it would have been obvious to combine the teachings of Powell-Tsirkin-Overton and Hudzia.

	Claims 1-20 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-20 of U.S. Patent No. 10719255. 
	Although the claims at issue are not identical, they are not patentably distinct from each other because both the application and the patent comprise substantially the same elements and cover the same subject matter. As can be seen from the table below, taking claim 1 as exemplary, claims 1, 2, and 12 of the patent has similar features.
Instant Application: 16585228
US Patent: 10719255
Claims 1, 11 and 16: A method comprising:
              receiving, by a guest program from a hypervisor, an indication that identifies a first storage block of a first virtual machine, wherein the first storage block is write protected by the hypervisor;
            identifying, by the guest program, a second storage block of a second virtual machine; and
          

              copying, by the guest program, data of the first storage block to the second storage block, wherein the data of the first storage block and data of the second storage block are encrypted using different cryptographic inputs; and 
           


           
               providing, by the guest program, an indication to the hypervisor of completion of the copying, wherein the indication comprises one or more signals corresponding to a data structure referencing the first storage block and the second storage block.

 .



In regards to claims 2-10, 12-15 and 17-20, see the art applied in the art rejections below in view of the following motivations:  
	For claims Claim 2-8, 12-15 and 17-20, In combination of claims 1, 2 and 12 of the Patent in view of Powell et al. (United States Patent Application Publication 20170277898) in view of Tsirkin (United States Patent Application Publication 20150242159) and Overton et al. (United States Patent 9069477) (as mapped in the art rejection below): The combination of Powell-Tsirkin and Overton are analogous because they are each related memory management for virtual machines. Powell teaches migration of encrypted virtual machines (Powell, [0021], the security module supports migration of the guest VM to another processing system while maintaining the confidentiality of the guest VM's secure data while the guest VM is migrated to another processing system. For example, in response to a request from the requestor to migrate the guest VM to the requestor, the security module can generate transport encryption keys and encrypt the guest VM, including its secure data, with the transport encryption keys. The security module then provides the encrypted guest VM to the requestor, which decrypts the guest VM, re-encrypts the guest VM with a locally generated address space encryption key, and executes the guest VM. By encrypting the guest VM prior to migration, the security module protects the secure data of the guest VM during the migration process) and thus would be obvious in view of claim 1 to securely migrate a VM. Tsirkin also teaches a method of secure virtual machine migration. (Abstract, Systems and methods for reducing network traffic in virtual machine live migration. An example method may comprise: intercepting, by a first computer system, a write access to a memory page by a virtual machine undergoing live migration from the first computer system to a second computer system; storing a copy of the memory page in a memory before allowing the virtual machine to modify the memory page; identifying data to be transmitted to the second computer system responsive to comparing the memory page and the copy of the memory page; and transmitting the data to the second computer system). Overton teaches managing updates to memory allocations for virtual servers. (Abstract, Multiple memory pointers may refer to a primary page storing a definitive copy of data. When that data is to be modified, a copy on write operation creates a second copy in another memory page which may then be modified and updates memory pointers accordingly. When data within two or more memory pages is identical to data within a primary page, a collapse on write operation updates memory pointers to refer to the primary page and de-allocates the duplicative and now unused memory pages; Column 4, Lines 35-38, as individual processes such as application instances in a virtual server environment continue to make changes to memory pages 118, the copy on write operation may result in significantly increased memory page usage; and Column 5, Lines 22-36, the memory page 118(1) retains its original data, and now the memory pages 118(2)-(4) contain modified copies of that original data. Continued activity by one or more of the processes results in modification of the data such that the contents of memory pages 118(2)-(4) are identical. As a result, a collapse on write operation is initiated between memory pages 118(2)-(4).  At 410, the memory pages 118(2)-(4) have been collapsed using a collapse on write operation into the memory page 118(3). As a result, the memory pages 118(2) and 118(4) may be de-allocated and used for storage of other data. After further activity by the processes pointing to the memory pages 118, the data within the memory page 118(1) and 118(3) are now identical. Another collapse on write operation is initiated between these two pages). It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention that based on the combination, the teachings of Powell would be modified with the write-protection mechanism taught by Tsirkin and the copy-on-write memory management mechanisms taught by Overton in order to manage virtual machine migration. Therefore, it would have been obvious to combine the teachings of Powell, Tsirkin, and Overton.

	In regards to claims 9 and 10: Claims 1-2 and 12 of the patent in view of Powell-Tsirkin-Overton (as outlined in the art rejection below) and in further view of Hudzia et al. (United States Patent Application Publication 20160328257) (as outlined in the art rejection below)- The combination of Powell-Tsirkin-Overton and Hudzia are analogous because they are each related to secure virtual machine migration and memory management. Powell and Tsirkin both teach migration of encrypted virtual machines including managing memory associated with the migrating virtual machine. Overton teaches a method of memory management for virtual servers. Hudzia teaches efficient virtual machine migration including managing memory associated with the migrating virtual machine. ([0003], Respective bitmaps are calculated for at least some of the workloads, wherein (i) a bitmap of a workload is statistically indicative of a cardinality of the set of memory pages used by the workload, (ii) a union of two or more bitmaps is statistically indicative of the cardinality of a union of the sets of memory pages used by the two or more corresponding workloads, and (iii) an intersection of first and second bitmaps is statistically indicative of an overlap between respective first and second sets of memory pages used by the corresponding workloads. A decision is made to migrate a selected workload from a source compute node to a destination compute node, based on one or more of the bitmaps; and [0004], the selection criterion aims to maximize a number of the memory pages that are used by the selected workload and can be deduplicated on the destination compute node following migration of the selected workload. In another embodiment, calculating the bitmaps includes calculating a node-level bitmap for the destination compute node by calculating the union of the bitmaps of the existing workloads on the destination node, and deciding to migrate the workload includes evaluating the selection criterion based on the node-level bitmap of the destination compute node). It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention that based on the combination, the teachings of the combination of Powell-Tsirkin-Overton would be modified with the known method taught by Hudzia in order to manage virtual machine migration. Therefore, it would have been obvious to combine the teachings of Powell-Tsirkin-Overton and Hudzia.
 
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claim 1-8 and 11-20 are rejected under 35 U.S.C. 103 as being unpatentable over Powell et al. (United States Patent Application Publication 20170277898) in view of Tsirkin (United States Patent Application Publication 20150242159) and Overton et al. (United States Patent 9069477).
As per claim 1, Powell teaches the invention substantially as claimed including, a method comprising: 
	receiving, by a guest program from a hypervisor ([0058], The SM firmware 132 supports sending a guest VM via a sending state 664. In particular, in response to a send start command from the hypervisor 243), an indication that identifies a first storage block of a first virtual machine ([0058-0059], The SM firmware 132 supports sending a guest VM via a sending state 664. In particular, in response to a send start command from the hypervisor 243, the SM firmware 132 receives and verifies one or more of the PEK and chip keys for the processing system that is to receive the guest VM. In response to authenticating the one or more keys, the SM firmware transitions the guest VM to the sending state 664 and sends a copy of the guest VM to the target processing system); 
	identifying, by the guest program, a second storage block of a second virtual machine ([0058-0059], The SM firmware 132 supports sending a guest VM via a sending state 664…the SM firmware 132 receives and verifies one or more of the PEK and chip keys for the processing system that is to receive the guest VM. …the SM firmware transitions the guest VM to the sending state 664 and sends a copy of the guest VM to the target processing system); and 
	copying, by the guest program, data of the first storage block to the second storage block ([0058-0059], the SM firmware transitions the guest VM to the sending state 664 and sends a copy of the guest VM to the target processing system), wherein the data of the first storage block and data of the second storage block are encrypted using different cryptographic inputs ([0021], The security module then provides the encrypted guest VM to the requestor, which decrypts the guest VM, re-encrypts the guest VM with a locally generated address space encryption key, and executes the guest VM; and [0048], In response to authenticating the requestor 433, the security module 130 encrypts the software entity using the transport key. In some embodiments, the security module 130 first decrypts the information at the secure address space 125 for the software entity, then re-encrypts the information using the transport key. At 444, the security module 130 provides the encrypted software entity to the requestor 433, which decrypts the software entity, re-encrypts the software entity using a locally generated AS encryption key, and executes the software entity); and 
	providing, by the guest program, an indication to the hypervisor of completion of the copying ([0058], the SM firmware 132 supports sending and receiving guest VMs to and from other processing systems in a secure fashion, thereby supporting server migration and other operations. The SM firmware 132 supports sending a guest VM via a sending state 664…the SM firmware transitions the guest VM to the sending state 664 and sends a copy of the guest VM to the target processing system. Upon completion, the sent copy of the VM is placed in a sent state 665, and the SM firmware 132 returns the guest VM at the processing system 100 to the running state 663; Examiner Note: In response to the guest VM being placed in a “sent state,” the SM firmware 132 is able to return the guest VM to a running state. Thus the placement of the VM in the “sent state” notifies that hypervisor (i.e. SM firmware 132) that the copying is complete).

	Powell fails to specifically teach, wherein the first storage block is write protected by the hypervisor; and wherein the indication comprises one or more signals corresponding to a data structure referencing the first storage block and the second storage block.
	However, Tsirkin teaches, wherein the first storage block is write protected by the hypervisor ([0010], the host migration agent of the origin hypervisor … may track the changes to the virtual machine memory pages, by write-protecting a plurality of memory pages so that a memory modification attempt would trigger a memory protection fault that may be intercepted by the hypervisor).
	Powell and Tsirkin are analogous because they are both related to secure virtual machine migration. Powell teaches migration of encrypted virtual machines (Powell, [0021], the security module supports migration of the guest VM to another processing system while maintaining the confidentiality of the guest VM's secure data while the guest VM is migrated to another processing system. For example, in response to a request from the requestor to migrate the guest VM to the requestor, the security module can generate transport encryption keys and encrypt the guest VM, including its secure data, with the transport encryption keys. The security module then provides the encrypted guest VM to the requestor, which decrypts the guest VM, re-encrypts the guest VM with a locally generated address space encryption key, and executes the guest VM. By encrypting the guest VM prior to migration, the security module protects the secure data of the guest VM during the migration process). Tsirkin also teaches a method of secure virtual machine migration. (Abstract, Systems and methods for reducing network traffic in virtual machine live migration. An example method may comprise: intercepting, by a first computer system, a write access to a memory page by a virtual machine undergoing live migration from the first computer system to a second computer system; storing a copy of the memory page in a memory before allowing the virtual machine to modify the memory page; identifying data to be transmitted to the second computer system responsive to comparing the memory page and the copy of the memory page; and transmitting the data to the second computer system). It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention that based on the combination, the teachings of Powell would be modified with the write-protection mechanism taught by Tsirkin in order to manage virtual machine migration. Therefore, it would have been obvious to combine the teachings of Powell and Tsirkin. 

	Although Tsirkin teaches providing an indication using a data structure ([0026],  with respect to tracking the memory modifications (e.g., by another thread), the origin host migration agent may, periodically or responsive to a pre-defined event, transmit to the destination host the memory pages that have been marked as modified in memory tracking data structure 175). The combination of Powell-Tsirkin fails to specifically teach, wherein the indication comprises one or more signals corresponding to a data structure referencing the first storage block and the second storage block.
	However, Overton teaches, wherein the indication comprises one or more signals corresponding to a data structure referencing the first storage block and the second storage block (Column 3, Lines 24-29,  provides the copy on write operation. During a copy on write operation, contents of an existing memory page are copied to a second memory page, and the second memory page may be updated; Column 4, Lines 24-33, Three pointers 116 designated A, B, and C refer to this memory page. In this illustration, suppose that the process associated with pointer C will change the data within the memory page 118(1). A copy on write operation 202 takes place, leaving the memory page 118(1) intact and creating a copy of the memory page 118(2). The A and B pointers remain associated with the original memory page 118(1) while the C pointer now refers to the memory page 118(2). The contents of the memory page 118(2) may now be modified by the process associated with pointer C; and Column 7, Lines 24-36, a bit comparison between the first memory page 118(1) and the second memory page 118(2) is initiated. This bit comparison compares individual bits within the memory pages to one another. When at 708 the bits match, the process proceeds to 710. For example, where the memory pages are stored within content addressable memory, the contents of those memory pages may be directly compared to determine duplicates. At 710, the second memory page 118(2) is designated as a duplicate of the first memory page 118(1). As described above, the memory pointers 116 currently pointing to 118(2) may be updated to point to 118(1) and the memory page 118(2) may then be de-allocated).

	The combination of Powell-Tsirkin and Overton are analogous because they are each related memory management for virtual machines. Powell and Tsirkin teach methods of  migration of encrypted virtual machines including managing memory associated with a migrating virtual machine. Overton teaches managing updates to memory allocations for virtual servers. (Abstract, Multiple memory pointers may refer to a primary page storing a definitive copy of data. When that data is to be modified, a copy on write operation creates a second copy in another memory page which may then be modified and updates memory pointers accordingly. When data within two or more memory pages is identical to data within a primary page, a collapse on write operation updates memory pointers to refer to the primary page and de-allocates the duplicative and now unused memory pages; Column 4, Lines 35-38, as individual processes such as application instances in a virtual server environment continue to make changes to memory pages 118, the copy on write operation may result in significantly increased memory page usage; and Column 5, Lines 22-36, the memory page 118(1) retains its original data, and now the memory pages 118(2)-(4) contain modified copies of that original data. Continued activity by one or more of the processes results in modification of the data such that the contents of memory pages 118(2)-(4) are identical. As a result, a collapse on write operation is initiated between memory pages 118(2)-(4).  At 410, the memory pages 118(2)-(4) have been collapsed using a collapse on write operation into the memory page 118(3). As a result, the memory pages 118(2) and 118(4) may be de-allocated and used for storage of other data. After further activity by the processes pointing to the memory pages 118, the data within the memory page 118(1) and 118(3) are now identical. Another collapse on write operation is initiated between these two pages). It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention that based on the combination, the teachings of the combination of Powell-Tsirkin would be modified with the known method taught by Overton in order to manage updates to memory pages caused by the activity of virtual machines. Therefore, it would have been obvious to combine the teachings of Powell-Tsirkin and Overton. 

As per claim 2, Powell teaches, wherein the guest program is executed by a third virtual machine ([0018], the security module can authenticate itself to external processing systems, such as the processing system of a software owner (referred to as the requestor processing system) that wishes to execute software at the processing system including the security module; and [0047], The requestor 433 initiates the migration at 440 by sending a request to the processing system 100 to migrate the software entity) and has access to guest storage of the first virtual machine and guest storage of the second virtual machine ([0018], in response to receiving a request to execute a guest VM, the security module can provide to the requestor a platform key that is unique to the security module. The requestor can authenticate the key according to conventional key authentication techniques and, in response to determining that the key is authentic, provide the processing system of the security module the guest VM to be executed; and [0058], In response to authenticating the one or more keys, the SM firmware transitions the guest VM to the sending state 664 and sends a copy of the guest VM to the target processing system).

As per claim 3, Tsirkin teaches, wherein the copying is performed in response to a processing device receiving a modification for the first storage block (s) ([0010], the hypervisor may transmit to the destination host the memory pages that have been marked as modified; and [0037], the host migration agent may, at block 365, identify the data that needs to be transmitted to the destination host, by comparing the stored copy of the memory page and the actual memory page to determine whether the page needs to be transmitted to the destination), and wherein the modification is applied to the second storage block after the copying ([0037], the host migration agent may determine that the number of memory units (e.g., bytes) which are different in the stored copy of the memory page and the actual memory page exceeds the second pre-defined threshold value, and hence the contents of the memory page need to be transmitted to the destination).

As per claim 4, Powell teaches, wherein the data of the first storage block is encrypted by a hardware device ([0021], the security module can generate transport encryption keys and encrypt the guest VM, including its secure data, with the transport encryption key; [0022], The security module is independent of the processor cores of the processor, either physically by employing separate hardware from the processor cores to execute its operations; and [0030], the security module 130 executes security module (SM) firmware 132 to control its operations. In some embodiments, the operations of the SM firmware 132 described herein can instead be hardwired into the circuitry of the security module 130) and the data is accessible to the guest program in a decrypted form ([0016], the security module manages authentication and encryption keys for the processor. In particular, the security module can authenticate itself to other processing systems, such as processing systems providing software to be executed at the processor, can generate keys for encrypting address spaces for the provided software, and also can securely import and export information at the encrypted address spaces to and from the processing system) is inaccessible to the hypervisor in the decrypted form ([0017], the encryption is performed at a memory controller of the processing system, wherein the security module provides the encryption keys directly to the memory controller, such that the hypervisor cannot access the encryption keys; and [0022], The security module is independent of the processor cores of the processor, either physically by employing separate hardware from the processor cores to execute its operations, or logically, by executing its operations using the same hardware as the processor cores, but in a different mode of execution so that software executing at the processor cores cannot access data of the security module).

As per claim 5, Powell teaches, wherein the different cryptographic inputs comprise different location dependent cryptographic inputs that correspond to host physical addresses of the first and second storage blocks ([0030], the SM firmware 132 generates and maintains a set of keys and associated signatures, and restricts access to those keys and signatures to prevent exploitation. For ease of description, the term "key" is used herein to refer to an authentication or encryption key, as well as any certificate, or certificate chain, that signs the key. In the example of FIG. 1, the SM firmware 132 generates and maintains five sets of keys: platform keys 134, transport keys 135, chip keys 136, launch integrity keys 137, and address space (AS) encryption keys 126; [0031], [0031] The chip keys 136 are one or more keys that are uniquely associated with the processor 102 itself; [0032], The platform keys 134 are one or more keys that are associated with the processing system 100…The PEK is thereby uniquely associated both with the processor 102 (via the chip key signature) and with the software platform provided by the processing system 100 (via generation of the PEK during initialization). The PEK may also be signed by other entities, such as an owner of the processing system 100 to uniquely associate the PEK with the owner).

As per claim 6, Powell teaches, wherein the first storage block and the second storage block are decrypted by a hardware device using cryptographic keys that are inaccessible to the hypervisor ([0017], the encryption is performed at a memory controller of the processing system, wherein the security module provides the encryption keys directly to the memory controller, such that the hypervisor cannot access the encryption keys; and [0022], The security module is independent of the processor cores of the processor, either physically by employing separate hardware from the processor cores to execute its operations, or logically, by executing its operations using the same hardware as the processor cores, but in a different mode of execution so that software executing at the processor cores cannot access data of the security module), wherein each of the cryptographic keys is based on a common cryptographic input shared by multiple virtual machines ([0033], In some embodiments the platform keys 134 also include one or more public keys that can be shared with other devices and software according to a conventional key exchange protocol) and a location dependent cryptographic input ([0021], The security module then provides the encrypted guest VM to the requestor, which decrypts the guest VM, re-encrypts the guest VM with a locally generated address space encryption key, and executes the guest VM)

As per claim 7, Powell teaches, wherein the first storage block is a guest memory page of the first virtual machine and the second storage block is a guest memory page of a second virtual machine ([0004], the hypervisor maintains isolation of VM information by maintaining separate memory page tables and other logical entities for each VM; and [0035], the processing system 100 implements a security scheme whereby the security designation for information (whether the information is to be cryptographically protected) is assigned based on control bits included with the memory address corresponding to where the information is stored at the memory 120 or corresponding to the type of information (e.g., instructions or data)…the control bits are set by the processing system 100 so that particular types of information, such as instruction information, or page table information that provides a mapping of virtual addresses to physical addresses of the memory 120, are designated as secured information).

As per claim 8, Powell teaches, further comprising verifying, by the guest program, that the second storage block provided by the hypervisor is not in use by a virtual machine ([0046], The indication of execution permission can take any of a number of forms, such as a code value that unlocks a locked portion of the software entity, crucial data that allows the software entity to perform useful work for the requestor 333, and the like).

As per claim 11, this is the “system claim” corresponding to claim 1 and is rejected for the same reasons. The same motivation used in the rejection of claim 1 is applicable to the instant claim. 
As per claim 12, this claim is similar to claim 2 and is rejected for the same reasons.
As per claim 13, this claim is similar to claim 3 and is rejected for the same reasons.
As per claim 14, this claim is similar to claim 4 and is rejected for the same reasons.
As per claim 15, this claim is similar to claim 5 and is rejected for the same reasons.
As per claim 16, this is the “non-transitory machine-readable storage medium claim” corresponding to claim 1 and is rejected for the same reasons. The same motivation used in the rejection of claim 1 is applicable to the instant claim. 
As per claim 17, this claim is similar to claim 2 and is rejected for the same reasons.
As per claim 18, this claim is similar to claim 3 and is rejected for the same reasons.
As per claim 19, this claim is similar to claim 4 and is rejected for the same reasons.
As per claim 20, this claim is similar to claim 5 and is rejected for the same reasons.

	Claims 9 and 10 are rejected under 35 U.S.C. 103 as being unpatentable over Powell-Tsirkin-Overton as applied to claim 1 and in further view of Hudzia et al. (United States Patent Application Publication 20160328257).
As per claim 9, the combination of Powell-Tsirkin-Overton fails to specifically teach, wherein the indication that identifies the first storage block comprises a guest physical memory address of a deduplicated memory page and the copying reduplicates the deduplicated memory page.
	However, Hudzia teaches, wherein the indication that identifies the first storage block comprises a guest physical memory address of a deduplicated memory page ([0016], "coordinator," makes migration decisions based on statistical selection criteria relating to the sets of memory pages used by the VM to be migrated, the intended destination node and/or the source node on which the VM currently runs. The selection criteria aim to improve the performance of local deduplication processes carried out by the nodes; and [0041], hypervisor 64 in each compute node 24 performs deduplication among the memory pages used by the various VMs 60 of the compute node) and the copying reduplicates the deduplicated memory page ([0018], the coordinator chooses the VM to be migrated, and/or the destination node, so as to maximize the overlap between the memory pages used by the VM and the memory pages used by the VMs already running on the destination node. This criterion increases the number of pages that can be deduplicated on the destination node).

	The combination of Powell-Tsirkin-Overton and Hudzia are analogous because they are each related to secure virtual machine migration and memory management. Powell and Tsirkin both teach migration of encrypted virtual machines including managing memory associated with the migrating virtual machine. Overton teaches a method of memory management for virtual servers. Hudzia teaches efficient virtual machine migration including managing memory associated with the migrating virtual machine. ([0003], Respective bitmaps are calculated for at least some of the workloads, wherein (i) a bitmap of a workload is statistically indicative of a cardinality of the set of memory pages used by the workload, (ii) a union of two or more bitmaps is statistically indicative of the cardinality of a union of the sets of memory pages used by the two or more corresponding workloads, and (iii) an intersection of first and second bitmaps is statistically indicative of an overlap between respective first and second sets of memory pages used by the corresponding workloads. A decision is made to migrate a selected workload from a source compute node to a destination compute node, based on one or more of the bitmaps; and [0004], the selection criterion aims to maximize a number of the memory pages that are used by the selected workload and can be deduplicated on the destination compute node following migration of the selected workload. In another embodiment, calculating the bitmaps includes calculating a node-level bitmap for the destination compute node by calculating the union of the bitmaps of the existing workloads on the destination node, and deciding to migrate the workload includes evaluating the selection criterion based on the node-level bitmap of the destination compute node). It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention that based on the combination, the teachings of the combination of Powell-Tsirkin-Overton would be modified with the known method taught by Hudzia in order to manage virtual machine migration. Therefore, it would have been obvious to combine the teachings of Powell-Tsirkin-Overton and Hudzia. 

As per claim 10, Powell-Tsirkin-Overton fails to specifically teach, further comprising: detecting, by the guest program, that the first storage block is a duplicate of one or more storage blocks of the second virtual machine; and providing, by the guest program, an indication to the hypervisor to cause the one or more storage blocks to reference a storage location of the first storage block.
	However, Hudzia teaches, further comprising: 
	detecting, by the guest program, that the first storage block is a duplicate of one or more storage blocks of the second virtual machine ([0004], deciding to migrate the selected workload includes choosing one or both of the selected workload and the destination compute node, based on a selection criterion that is defined over one or more of the bitmaps and aims to maximize the overlap between the memory pages used by the selected workload and the memory pages used by existing workloads on the destination compute node); and 
	providing, by the guest program, an indication to the hypervisor to cause the one or more storage blocks to reference a storage location of the first storage block ([0071], module 88 selects a VM to be migrated from this compute node, and a destination node to which the VM is to be migrated, at a selection step 112. The selection is made based on the VM bitmaps and the node bitmaps, and aims to maximize the deduplication efficiency on the destination node and/or to minimize the deduplication loss on the overloaded node).
	The same motivation used in the rejection of claim 9 is applicable to the instant claim.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure and is as follows:
Sing (United States Patent 9798486) {Discusses file system replication using deduplicated source systems).
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MELISSA A HEADLY whose telephone number is (571)272-1972. The examiner can normally be reached Monday- Friday 9-5:30pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lewis Bullock can be reached on 571-272-3759. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/LEWIS A BULLOCK  JR/Supervisory Patent Examiner, Art Unit 2199                                                                                                                                                                                                        
MELISSA A. HEADLY
Examiner
Art Unit 2199