Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
2.	EXAMINER’S NOTE: The claims have been reviewed and considered under the new guidance pursuant to the 2019 Revised Patent Subject Matter Eligibility Guidance (PEG 2019) issued January 7, 2019.
3.	This communication is in response to Applicant’s Preliminary Amendment filed on 24 June 2020. Claims 1-24 were cancelled. Claims 25-48 were added. Claims 25-48 remain pending. 

Information Disclosure Statement
4.	The Information Disclosure Statement respectfully submitted on 24 June 2020 has been considered by the Examiner.

Claim Objections
5.	Claim 29 is objected to because of the following informalities: The claim dependency for claim 29 is improper. Claim 29 is dependent upon a canceled claim, claim 4. Appropriate correction is required.

6.	Claim 31 is objected to because of the following informalities:  Claim 31 recites a communication circuit that is inactive in the claims. Appropriate correction is required.


Claim Rejections - 35 USC § 101
7.	35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.


Claims 37-48 are rejected under 35 U.S.C. 101 because the claims recite “a machine-readable storage media”. The machine-readable storage media defined within the Applicant’s specification in paragraph 0016 embodies signal-bearing media which does not exclude signals. While the specification discusses hardware embodiments to medium (i.e. volatile/non-volatile memory, a media disc, or other media device) the claim language does not  limit the interpretation of the media to just hardware/non-signal embodiments. 
Furthermore, in light of the board's decision precedential ruling that a computer-readable storage medium is not statutory subject matter, please look at Ex parte Mewherter, Appeal No. 2012-007692. 
Therefore, in order to overcome the 101 rejection, the Examiner suggest the following options to the Applicant: Replace machine-readable storage media with non-transitory machine-readable storage media or machine-readable storage device.

Claim Rejections - 35 USC § 103
7.	In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
8.	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

9.	Claims 25-28, 31, 37-40, and 43 are rejected under 35 U.S.C. 103 as being obvious over Sood et al. (Pub No. 2016/0337329) in view of Lango et al. (US Patent No. 9,953,168).
Referring to the rejection of claim 25, Sood et al. discloses a security server for securing a virtualization network function (VNF) image, the server comprising: (See Sood et al., para. 19 and Fig. 1)
Please note that in this example, a system, item 100 for processing network traffic at a network functions virtualization (NFV) network architecture, item 116 comprising an NFV orchestrator, item 104, a virtual infrastructure manager (VIM), item 106, an NFV infrastructure, item 108, and an security server (i.e. NFV security services controller, item 102) for managing and enforcing security monitoring and secure message transmission as part of the initialization process of a virtual network function (VNF) instance of the NFV network architecture, item 116. The NFV security services controller, item 102 provides a secure message that indicates to the VNF instance to perform a secure bootstrap.
a communication circuit to receive a VNF image from a VNF image server, wherein the VNF image includes a private key; (See Sood et al., para. 34 and 72-74)
Please note that in this example, a communication circuitry, item 218 receives an VNF image from an VNF image server (i.e. VIM, item 106), wherein the VNF image is signed with a private key and the public key is embedded into the NFV infrastructure, item 108 and accessed by the NFV security services agents.
and a security engine to: extract the private key from the VNF image; (See Sood et al., para. 35 and 75-78)
Please note that in this example, a security engine, item 224 extracts the private key from the signed VNF image to securely transmit VNF identification information to the VNF manager, item 410 and activate the message comprising a unique VNF instance identifier, IP address, and DNS) 
However, Sood et al. fails to disclose generate a wrapping cryptographic key, wrap the private key with wrapping cryptographic key to produce a wrapped private key, and replace the private key of the VNF image with the wrapped private key.
Lango et al. discloses a secure boot of virtualized computing instances for identifying and countering security threats using an intermediary guest manager that sits between a guest operating system and a hypervisor.
Lango et al. discloses generate a wrapping cryptographic key; (See Lango et al., Col. 5, lines 28-38)
Please note that in this example, a secure boot process has two phases wherein a data encryption key (DEK) is generated for encrypting an image and an image encryption module generates a wrapping cryptographic key (i.e. a key encryption key (KEK) for wrapping the DEK. 
Lango et al. discloses wrap the private key with wrapping cryptographic key to produce a wrapped private key; (See Lango et al., Col. 5, lines 38-45)
Please note that in this example, to protect the KEK, the image encryption module establishes a secure channel with the key management module by requesting to wrap the KEK with the account root key and produce a wrapped KEK back to the image encryption module.
Lango et al. discloses and replace the private key of the VNF image with the wrapped private key. (See Lango et al., Col. 5, lines 45-65)
Please note that in this example, upon receiving the wrapped KEK, the image encryption module generates a snapshot of the virtual machine which replaces the private key of the image with the wrapped KEK and produces an encrypted machine image.  
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date the claimed invention was made to combine Sood et al.’s modified with Lango et al.’s secure boot of virtualized computing instances for identifying and countering security threats using an intermediary guest manager that sits between a guest operating system and a hypervisor.
Motivation for such an implementation would enable secure wrapping of the key encryption key by the account root key to remain secured by the management device which allows the account root key to never be sent across the network in clear or in encrypted form. This will allow the account root key to remain in the management device and used to encrypt other data items which reduces the risk of the account root key being revealed or deciphered by malicious actors. (See Lango et al., Col. 2, lines 18-26) 

Referring to the rejection of claim 26, (Sood et al. modified by Lango et al.) discloses wherein the security engine is further to store the wrapping cryptographic key in a wrapping cryptographic key table maintained by the security engine. (See Lango et al., Col. 12, lines 10-33)
The rationale for combining Sood et al. in view of Lango et al. is the same as claim 25.

Referring to the rejection of claim 27, (Sood et al. modified by Lango et al.) discloses wherein to store the wrapping cryptographic key in the wrapping cryptographic key table comprises to: generate an identification value for the wrapping cryptographic key; (See Lango et al., Col. 7, lines 39-42) and store the wrapping cryptographic key and the identification in the wrapping cryptographic key table in association with each other. (See Lango et al., Col. 12, lines 44-56)
The rationale for combining Sood et al. in view of Lango et al. is the same as claim 25.
Referring to the rejection of claim 28, (Sood et al. modified by Lango et al.) discloses wherein: to generate the identification value comprises to generate a cryptographic hash of the wrapped private key, (See Lango et al., Col. 12, lines 23-56) and to store the identification in the wrapping cryptographic key table comprises to store the generated cryptographic hash of the wrapped private key in the wrapping cryptographic key table as an identification for the wrapping cryptographic key. (See Lango et al., Col. 14, lines 65-67 and Col. 15, lines 1-15)
The rationale for combining Sood et al. in view of Lango et al. is the same as claim 25.

Referring to the rejection of claim 31, (Sood et al. modified by Lango et al.)  discloses a network function virtualization (NFV) server for securing a VNF image, the NFV server comprising: (See Sood et al., para. 19 and Fig. 1)
Please note that in this example, a system, item 100 for processing network traffic at a network functions virtualization (NFV) network architecture, item 116 comprising an NFV orchestrator, item 104, a virtual infrastructure manager (VIM), item 106, an NFV infrastructure, item 108, and an security server (i.e. NFV security services controller, item 102) for managing and enforcing security monitoring and secure message transmission as part of the initialization process of a virtual network function (VNF) instance of the NFV network architecture, item 116. The NFV security services controller, item 102 provides a secure message that indicates to the VNF instance to perform a secure bootstrap.
a communication circuit; (See Sood et al., para. 34 and 72-74)
Please note that in this example, a communication circuitry, item 218 receives an VNF image from an VNF image server (i.e. VIM, item 106), wherein the VNF image is signed with a private key and the public key is embedded into the NFV infrastructure, item 108 and accessed by the NFV security services agents.
and a compute engine to execute a hypervisor to deploy the VNF image, (See Sood et al., para. 48 and 51)
Please note that in this example, the operator infrastructure, item 460 executes a hypervisor, item 462 to deploy the VNF image. 
However, Sood et al. fails to disclose wherein the VNF image includes a wrapped private key and a signature, generate a wrapping cryptographic key, wrap the private key with wrapping cryptographic key to produce a wrapped private key, and replace the private key of the VNF image with the wrapped private key.
Lango et al. discloses a secure boot of virtualized computing instances for identifying and countering security threats using an intermediary guest manager that sits between a guest operating system and a hypervisor.
Lango et al. discloses wherein the VNF image includes a wrapped private key and a signature, (See Lango et al., Col. 5, lines 28-38 and Col. 11, lines 48-52)
Please note that in this example, a secure boot process has two phases wherein a data encryption key (DEK) is generated for encrypting an image and an image encryption module generates a wrapping cryptographic key (i.e. a key encryption key (KEK) for wrapping the DEK and a message authentication code (MAC) is used as a signature combined with the public key used to sign the JWT and compare the results to authenticate a token.
Lango et al. discloses wherein the hypervisor is to: detect whether the VNF image is shutting down; (See Lango et al., Col. 9, lines 43-63)
Please note that in this example, a hypervisor, item 222 detects whether the image will be shut down once a threat is detected.
Lango et al. discloses generate, in response to a determination that the VNF image is shutting down, a cryptographic hash of the VNF image including new content relative to content of the VNF image at the time of deployment; (See Lango et al., Col., lines 44-56)
Please note that in this example, in response to whether the image is shutting down, a cryptographic checksum of the image to verify the ID number of the account root key during the time of deployment.
Lango et al. discloses retrieve the wrapped private key from the VNF image; (See Lango et al., Col. 5, lines 45-65)
Please note that in this example, upon receiving the wrapped KEK, the image encryption module generates a snapshot of the virtual machine which replaces the private key of the image with the wrapped KEK and produces an encrypted machine image.  
Lango et al. discloses transmit, via the communication circuit, the cryptographic hash of the VNF image including the new content and the wrapped private key to a security server; (See Lango et al., Col. 6, lines 43-50)
Please note that in this example, using the KEK the intermediary guest manager unwraps the DEK and uses the DEK to boot up the encrypted guest operating system. The intermediary guest manager generates a new DEK with which to wrap new root volume data and generates a new KEK with which to wrap both the original DEK and the new DEK for the root guest volume. The new KEK is handled in a similar manner as the original KEK.
Lango et al. discloses receive, via the communication circuit, an updated signature from the security server; (See Lango et al., Col. 11, lines 46-59)
Please note that in this example, a newly-generated updated keypair and certificate signature from the security server is sent to the image encryption module.
Lango et al. discloses and replace the signature of the VNF image with the updated signature. (See Lango et al., Col. 11, lines 60-65)
Please note that in this example, the image encryption module generates the newly-generated keypair and sends an updated certificate signature along with the image to establish a successful authentication.
The rationale for combining Sood et al. in view of Lango et al. is the same as claim 25.

Referring to the rejection of claim 37, (Sood et al. modified by Lango et al.) discloses one or more machine-readable storage media comprising a plurality of instructions stored thereon that, when executed, causes a security server to: (See Sood et al., para. 17)
Please note that in this example, a computer-readable storage media comprising instructions stored thereon, when executed by one or more processors.
receive a VNF image from a VNF image server, wherein the VNF image includes a private key; (See Sood et al., para. 34 and 72-74)
Please note that in this example, a communication circuitry, item 218 receives an VNF image from an VNF image server (i.e. VIM, item 106), wherein the VNF image is signed with a private key and the public key is embedded into the NFV infrastructure, item 108 and accessed by the NFV security services agents.
extract the private key from the VNF image; (See Sood et al., para. 35 and 75-78)
Please note that in this example, a security engine, item 224 extracts the private key from the signed VNF image to securely transmit VNF identification information to the VNF manager, item 410 and activate the message comprising a unique VNF instance identifier, IP address, and DNS) 
However, Sood et al. fails to disclose generate a wrapping cryptographic key, wrap the private key with wrapping cryptographic key to produce a wrapped private key, and replace the private key of the VNF image with the wrapped private key.
Lango et al. discloses a secure boot of virtualized computing instances for identifying and countering security threats using an intermediary guest manager that sits between a guest operating system and a hypervisor.
Lango et al. discloses generate a wrapping cryptographic key; (See Lango et al., Col. 5, lines 28-38)
Please note that in this example, a secure boot process has two phases wherein a data encryption key (DEK) is generated for encrypting an image and an image encryption module generates a wrapping cryptographic key (i.e. a key encryption key (KEK) for wrapping the DEK. 
Lango et al. discloses wrap the private key with wrapping cryptographic key to produce a wrapped private key; (See Lango et al., Col. 5, lines 38-45)
Please note that in this example, to protect the KEK, the image encryption module establishes a secure channel with the key management module by requesting to wrap the KEK with the account root key and produce a wrapped KEK back to the image encryption module.
Lango et al. discloses and replace the private key of the VNF image with the wrapped private key. (See Lango et al., Col. 5, lines 45-65)
Please note that in this example, upon receiving the wrapped KEK, the image encryption module generates a snapshot of the virtual machine which replaces the private key of the image with the wrapped KEK and produces an encrypted machine image.  
The rationale for combining Sood et al. in view of Lango et al. is the same as claim 25.

Referring to the rejection of claim 38, (Sood et al. modified by Lango et al.)  discloses wherein the plurality of instructions, when executed, further cause the security server to store the wrapping cryptographic key in a wrapping cryptographic key table maintained by the security engine. (See Lango et al., Col. 12, lines 10-33)
The rationale for combining Sood et al. in view of Lango et al. is the same as claim 25.
Referring to the rejection of claim 39, (Sood et al. modified by Lango et al.)  discloses wherein to store the wrapping cryptographic key in the wrapping cryptographic key table comprises to: generate an identification value for the wrapping cryptographic key; (See Lango et al., Col. 7, lines 39-42) and store the wrapping cryptographic key and the identification in the wrapping cryptographic key table in association with each other. (See Lango et al., Col. 12, lines 44-56)
The rationale for combining Sood et al. in view of Lango et al. is the same as claim 25.

Referring to the rejection of claim 40, (Sood et al. modified by Lango et al.) discloses wherein to: generate the identification value comprises to generate a cryptographic hash of the wrapped private key, (See Lango et al., Col. 12, lines 23-56) and store the identification in the wrapping cryptographic key table comprises to store the generated cryptographic hash of the wrapped private key in the wrapping cryptographic key table as an identification for the wrapping cryptographic key. (See Lango et al., Col. 12, lines 44-56)
The rationale for combining Sood et al. in view of Lango et al. is the same as claim 25.

Referring to the rejection of claim 43, (Sood et al. modified by Lango et al.)  discloses one or more machine-readable storage media comprising a plurality of instructions stored thereon that, when executed, causes a network function virtualization (NFV) server to: (See Sood et al., para. 17)
Please note that in this example, a computer-readable storage media comprising instructions stored thereon, when executed by one or more processors.
execute a hypervisor to deploy the VNF image, (See Sood et al., para. 48 and 51)
Please note that in this example, the operator infrastructure, item 460 executes a hypervisor, item 462 to deploy the VNF image. 
However, Sood et al. fails to disclose generate a wrapping cryptographic key, wrap the private key with wrapping cryptographic key to produce a wrapped private key, and replace the private key of the VNF image with the wrapped private key.
Lango et al. discloses a secure boot of virtualized computing instances for identifying and countering security threats using an intermediary guest manager that sits between a guest operating system and a hypervisor.
Lango et al. discloses wherein the VNF image includes a wrapped private key and a signature, (See Lango et al., Col. 5, lines 28-38 and Col. 11, lines 48-52)
Please note that in this example, a secure boot process has two phases wherein a data encryption key (DEK) is generated for encrypting an image and an image encryption module generates a wrapping cryptographic key (i.e. a key encryption key (KEK) for wrapping the DEK and a message authentication code (MAC) is used as a signature combined with the public key used to sign the JWT and compare the results to authenticate a token.
Lango et al. discloses detect whether the VNF image is shutting down; (See Lango et al., Col. 9, lines 43-63)
Please note that in this example, a hypervisor, item 222 detects whether the image will be shut down once a threat is detected.
Lango et al. discloses generate, in response to a determination that the VNF image is shutting down, a cryptographic hash of the VNF image including new content relative to content of the VNF image at the time of deployment; (See Lango et al., Col., lines 44-56)
Please note that in this example, in response to whether the image is shutting down, a cryptographic checksum of the image to verify the ID number of the account root key during the time of deployment.
Lango et al. discloses retrieve the wrapped private key from the VNF image; (See Lango et al., Col. 5, lines 45-65)
Please note that in this example, upon receiving the wrapped KEK, the image encryption module generates a snapshot of the virtual machine which replaces the private key of the image with the wrapped KEK and produces an encrypted machine image.  
Lango et al. discloses transmit the cryptographic hash of the VNF image including the new content and the wrapped private key to a security server; (See Lango et al., Col. 6, lines 43-50)
Please note that in this example, using the KEK the intermediary guest manager unwraps the DEK and uses the DEK to boot up the encrypted guest operating system. The intermediary guest manager generates a new DEK with which to wrap new root volume data and generates a new KEK with which to wrap both the original DEK and the new DEK for the root guest volume. The new KEK is handled in a similar manner as the original KEK.
Lango et al. discloses receive an updated signature from the security server; (See Lango et al., Col. 11, lines 46-59)
Please note that in this example, a newly-generated updated keypair and certificate signature from the security server is sent to the image encryption module.
Lango et al. discloses and replace the signature of the VNF image with the updated signature. (See Lango et al., Col. 11, lines 60-65)
Please note that in this example, the image encryption module generates the newly-generated keypair and sends an updated certificate signature along with the image to establish a successful authentication.
The rationale for combining Sood et al. in view of Lango et al. is the same as claim 25.

Allowable Subject Matter
10.	Claims 29, 32, 41, and 44 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims and the claim dependency for claim 29 must be in proper form and overcoming the 35 U.S.C. 101 rejection set forth above. 
11.	Dependent claims 30, 33-36, 42, and 44-48 are objected under the same rationale for being dependent upon an already objected claim. 
12.	The following is a statement of reasons for the indication of allowable subject matter:  wherein the communication circuit is further to receive (i) a cryptographic hash of the VNF image that includes new content and (ii) the wrapped private key included in the VNF image from the network function virtualization (NFV) server, and wherein the security engine is further to: generate a cryptographic hash of the received wrapped private key; retrieve the wrapping cryptographic key from the wrapping cryptographic key table based on the generated cryptographic hash of the received wrapped private key; unwrap the wrapped private key using the retrieved wrapping cryptographic key to obtain the private key; and generate an updated signature for the VNF image using the cryptographic hash of the received wrapped private key and the private key and wherein the hypervisor is further to: determine whether to authenticate the VNF image subsequent to deployment of the VNF image; generate, in response to a determination to authenticate the VNF image, a first cryptographic hash of the VNF image; obtain a public key of the VNF image; decrypt the signature of the VNF image using the public key to obtain a second hash of the VNF image that was previously generated; compare the first cryptographic hash and the second cryptographic hash; and authenticate the VNF image based on the comparison of first cryptographic hash and the second cryptographic hash.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to COURTNEY D FIELDS whose telephone number is (571)272-3871. The examiner can normally be reached IFP M-F 8am-4:30pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, SHEWAYE GELAGAY can be reached on (571)272-4219. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/COURTNEY D FIELDS/Examiner, Art Unit 2436                                                                                                                                                                                                        June 6, 2022

/SHEWAYE GELAGAY/Supervisory Patent Examiner, Art Unit 2436