PNG
    media_image1.png
    172
    172
    media_image1.png
    Greyscale
United States Patent and Trademark Office
Commissioner for Patents
United States Patent and Trademark Office
P.O. Box 1450
Alexandria, VA 22313-1450
www.uspto.gov











BEFORE THE BOARD OF PATENT APPEALS
AND INTERFERENCES



Application Number: 16/950,003
Filing Date: November 17, 2010
Appellant(s): Stoler et al


__________________
Adam S. Boger
Reg. No. 71,337
For Appellant


EXAMINER'S ANSWER




This is in response to the appeal brief filed 04/13/2022 appealing from the Office Action mailed 06/18/2021 as Final Office Action.
(1)   Grounds of Rejection to be Reviewed on Appeal
Every ground of rejection set forth in the Office action dated 06/18/2021 from which the appeal is taken is being maintained by the Examiner except for the grounds of rejection (if any) listed under the subheading “WITHDRAWN REJECTIONS.”  New grounds of rejection (if any) are provided under the subheading “NEW GROUNDS OF REJECTION.”
1.	WITHDRAWN REJECTIONS
Double Patenting Rejections of claims 21, 22, and 25-42 have been withdrawn.
Appellant’s Argument:  As to the double patenting rejections of claims 21, 22, and 25-42, the Appellant submits that the board should reverse the double patenting rejection (Appeal brief, 04/13/2022, page 5). However, the Appellant has not presented any arguments or discussion as, in the appeal brief, as to why such decision should be made. 
Examiner’s Response: Giving the consideration that Appellant has omitted the argument of reversing double patenting, by an error, The Examiner has taken consideration of the argument presented in the Appeal Brief of the related application 16/950,006, and the argument presented previously in the Applicant [i.e. Appellant] Argument/Remarks, submitted on 11/16/2021, for the instant application, and withdrawing the double patenting rejections.

(2)   Response to Argument
The Rejection of independent claims 21 and 31, and dependent claims 22, 25-30, 32, 34, 35, 37 and 39, under 35 U.S.C. § 103: 
Appellant’s Argument:  As to the rejections of independent claims 21 and 31, the Appellant submits that the cited art does not teach claim limitations and the rejections should be reversed. 
Providing support, the Appellant gave a summary of the claimed subject matter and described the scope of the claims 21 and 31. Then provided discussion of PriorArt, Banerjee and Planivel’s teaching, to differentiate the claimed invention over PriorArt.
Appellant’s Argument: (a) The Appellant submits that Banerjee and Palanivel do not teach or suggest the limitation, “a determination that the virtualized execution instance has access to the prohibited data element, the determination being based on the prohibited data element being provisioned to the virtualized execution instance.”  
The Appellant added that, Palanivel concerns systems and methods that “allow a cloud service provider to employ DevOps personnel to facilitate incident management and software/firmware deployment in cloud computing environments while satisfying data control policies that govern the access to restricted data and the control plane of the cloud computing environments.” Palanivel’s control policies concern “who can access restricted data.” That is, Palanivel teaches data control policies dependent on user identities: “access to restricted data is available only to individuals who satisfy the requirements dictated by the data control policies.” Palanivel does not teach or suggest data control policies targeted to virtualized execution instances. Furthermore, Palanivel teaches access decisions based on the operations that a user intends to perform,” not whether a “virtualized execution instance” has access to a prohibited data element. Accordingly, Palanivel does not disclose determining whether a virtualized execution instance has access to a prohibited data element. Palanivel discloses providing “Just-in-time (JIT) access to DevOps personnel to resolve an incident. Palanivel discloses implementing data control policies using automated operations, remote operations, Just-in-Time sessions, and escort sessions. Access decisions depend on the operations the DevOps user intends to perform. So, Palanivel does not cure the acknowledged deficiencies of Banerjee. (Appeal brief, 04/13/2022, pages 6-8).
Examiner’s Response:  The Examiner agrees with the Appellant on the subject of the characterization of the systems and methods of Palanivel; who can access restricted data,” and “access to restricted data is available only to individuals who satisfy the requirements dictated by the data control policies.” However, The Examiner respectfully disagrees with the Appellant that Palanivel does not teach or suggest the above mentioned claim limitation.
The Examiner asserts that teaching of Palanivel discloses similar problem and solution as the claimed invention. The claimed invention’s virtual execution instance configuration and access permission is directed to providing development (e.g., DevOps) platform tool to a client (i.e. user or user-operated application) in a cloud environment, and for that process, scans the cloud environment for configuration and manage access permission (please see the paragraphs 00116, 00124-0125, 00145, of the instant application’s discloser). 
Palanivel teaches the limitation “a determination that the virtualized execution instance has access to the prohibited data element, the determination being based on the prohibited data element being provisioned to the virtualized execution instance.”  As stated in the final office action, and the advisory action, Palanivel discloses of a data control policy where verifying access request of user to determine authorized person in DevOps platform-based production environment of a cloud computing environment [i.e. virtualized execution instance], and controls who can restricted data (see Palanivel: pars 0005, 0018-0020). Palanivel further discloses DevOps facilitating process where the system gives the DevOps personnel the ability to access restricted data, by changing configuration of unapproved access to restricted data access (see Palanivel: par 0022).
As addressed above that the instant invention’s access of “virtualized execution instance” is directed to providing development (e.g., DevOps) platform tool to a client (i.e. user or user-operated application) in a cloud environment, Palanivel, teaches exactly the same features. Simply, reviewing the claim limitation, it may seem that the access control/restriction is directed to the “virtualized execution instance.” However, in light of mentioned specification of the instant application, the access control/restriction is directed to the “virtualized execution instance” that is associated with a specific user to provide user level privilege in a cloud based into cloud-based, virtual computing/development environments, which exactly Palanivel teaches.
Giving the consideration of it Palanivel’s teaching would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Palanivel with the method/system of Banerjee for the benefit of providing a user with a means for applying a data control policy to determine the condition of restricting data access in cloud computing exist or not, for allowing or disallowing decision to data/memory access (Palanivel: pars 0005, 0018-0020).
Based on the above discussion, the Examiner respectfully submits that Appellant’s analysis of PriorArt is not correct, and applied PriorArt teaches the limitations of claim 21 and 31, and therefore, the rejections of claims 21 and 31 is proper. 
Rejection of dependent Claims 22-30 and 32-41, under 35 U.S.C. § 103:
Appellant’s Argument:  As to the rejection of dependent claims 22-30 and 22-41, claims are allowable by virtue of dependence of allowable claims 21 or 31.
Examiner’s Response:  The Examiner respectfully disagrees with the Appellant. The rejection of dependent claims 22-30 and 22-41 are proper at least based on the rationale and response presented to the argument for their respective base claims, and the reference applied to the claims.
Rejection of dependent Claim 33, under 35 U.S.C. § 103:
Appellant’s Argument:  As to the rejection of dependent claim 33, the Appellant submits that the applied PriroArt Palanivel does not teach the limitation, and makes the similar argument to the above mentioned independent claims that the Palanivel’s teaching is directed to control/restrict access of users, that is user as DevOps personnel.
Examiner’s Response:  The Examiner respectfully disagrees with the Appellant. The Examiner asserts that applied PriroArt Palanivel teaches the limitations, and the rejection is proper. As stated above for the independent claims, Palanivel discloses of a data control policy where verifying access request of user to determine authorized person in DevOps platform-based production environment of a cloud computing environment [i.e. virtualized execution instance], and controls who can restricted data (see Palanivel: pars 0005, 0018-0020). Palanivel further discloses DevOps facilitating process where the system gives the DevOps personnel the ability to access restricted data, by changing configuration of unapproved access to restricted data access (see Palanivel: par 0022).
Rejection of dependent Claims 38 and 41, under 35 U.S.C. § 103: 
Appellant’s Argument:  As to the rejection of dependent claims 38 and 41, the Appellant submits the applied PriroArt do not teach the claims’ limitations, specifically, the applied PriroArt Banerjee and Palanivel does not teach the limitation of claim 41. and makes the similar argument to the above mentioned independent claims.
Examiner’s Response:  The Examiner respectfully disagrees with the Appellant. Applied PriorArt teaches the limitation of claims 38 and 41.  As to claim 41, While Banerjee teaches of cloud computing instances creating and managing process identifies sensitive data that requires prohibiting from being used and/or transmitted (see Banerjee, col 2, lines 28-40, col 7, lines 10-14, lines 36-37), Palanivel teaches of a data control policy where verifying access request of user to determine authorized person in DevOps platform-based production environment of a cloud computing environment [i.e. virtualized execution instance], and controls who can restricted data (see Palanivel: pars 0005, 0018-0020). Palanivel further discloses DevOps facilitating process where the system gives the DevOps personnel the ability to access restricted data, and changing configuration of access to restricted data under the development environment (see Palanivel: par 0022). Therefore, applied PriorArt’s teaching reads on the limitation, and the rejections are proper.
Rejection of dependent Claims 40 and 42, under 35 U.S.C. § 103: 
Appellant’s Argument:  As to the rejection of dependent claims 40 and 42, the Appellant submits applied PriorArt do not teach the claims’ limitations, specifically, that the applied PriorArt Banerjee and Palanivel does not teach the limitation of claim 42. and makes the similar argument to the above mentioned independent claims.
Examiner’s Response:  The Examiner respectfully disagrees with the Appellant. Applied PriorArt teaches the limitation of claims 40 and 42.  As to claim 42, While Banerjee teaches creating and managing process cloud computing instances to access requested application service and resources applying security policy and procedure protecting sensitive information. Where, the security policy and procedure includes prohibit sensitive data from being used and/or transmitted in specified scenarios (see Banerjee, col 2, lines 28-40, col 7, lines 10-14, lines 36-37), Palanivel teaches of a data control policy where verifying access request of user to determine authorized person in DevOps platform-based production environment of a cloud computing environment [i.e. virtualized execution instance], and controls who can restricted data (see Palanivel: pars 0005, 0018-0020). Palanivel further discloses DevOps facilitating process where the system gives the DevOps personnel the ability to access restricted data, and changing configuration of access to restricted data under the development environment (see Palanivel: par 0022). Therefore, applied PriorArt’s teaching reads on the limitation, and the rejections are proper.
Rejection of dependent Claim 36, under 35 U.S.C. § 103: 
Appellant’s Argument:  As to the rejection of dependent claim 36, the Appellant submits that Gill does not cure the deficiencies of Palanivel or Banerjee that is presented for independent claims. Gill discloses virtual disks managed by control virtual machines.  Gill discloses determining write permissions depending upon ownership information stored in a database. Gill does not teach or suggest basing a determination of whether a virtualized execution instance has access to prohibited data elements on a prohibited data element being mounted in the virtualized execution instance, as recited in claim 36.
Examiner’s Response:  The Examiner respectfully disagrees with the Appellant. As addressed above for the independent claims that there is not no deficiencies of the combination Palanivel and Banerjee, which applied to the rejections of the independent claims. Also, Gill teaches the limitation of claim 36. Gill teach of a virtualization environment with Docker modules. Calls into the volume plugin when a volume is to be mounted or unmounted to maintain configuration data for the control virtual machine and to maintain health information for entities in a system. Therefore, Gill teaching reads on the limitation, and the rejection is proper.
(3) Conclusion
For the above reasons, it is believed that the rejection should be sustained.

Respectfully submitted,

/JAHANGIR KABIR/Primary Examiner, Art Unit 2439                                                                                                                                                                                                        


Conferees:

/KARI L SCHMIDT/Primary Examiner, Art Unit 2439   



/LUU T PHAM/Supervisory Patent Examiner, Art Unit 2439                                                                                                                                                                                                                                                                               





                                                                                                                              

Requirement to pay appeal forwarding fee.  In order to avoid dismissal of the instant appeal in any application or ex parte reexamination proceeding, 37 CFR 41.45 requires payment of an appeal forwarding fee within the time permitted by 37 CFR 41.45(a), unless Appellant had timely paid the fee for filing a brief required by 37 CFR 41.20(b) in effect on March 18, 2013.