PNG
    media_image1.png
    340
    340
    media_image1.png
    Greyscale
United States Patent and Trademark Office    
        
            
                                
            
        
    

Commissioner for Patents
United States Patent and Trademark Office
P.O. Box 1450
Alexandria, VA 22313-1450
www.uspto.gov











BEFORE THE PATENT TRIAL AND APPEAL BOARD


Application Number: 16/427,481
Filing Date: 31 May 2019
Appellant(s): VMware, Inc.



__________________
Arvind Reddy
Reg. No. 63,007
For Appellants


EXAMINER’S ANSWER





This is in response to the appeal brief filed 15 June 2022.

 (1) Grounds of Rejection to be Reviewed on Appeal
Every ground of rejection set forth in the Office action dated 16 December 2021 from which the appeal is taken is being maintained by the examiner except for the grounds of rejection (if any) listed under the subheading “WITHDRAWN REJECTIONS.”  New grounds of rejection (if any) are provided under the subheading “NEW GROUNDS OF REJECTION.”

The following ground(s) of rejection are applicable to the appealed claims.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(d):
(d) REFERENCE IN DEPENDENT FORMS.—Subject to subsection (e), a claim in dependent form shall contain a reference to a claim previously set forth and then specify a further limitation of the subject matter claimed. A claim in dependent form shall be construed to incorporate by reference all the limitations of the claim to which it refers.

Claim 21 is rejected under 35 U.S.C. 112(d) or pre-AIA  35 U.S.C. 112, 4th paragraph, as being of improper dependent form for failing to further limit the subject matter of the claim upon which it depends, or for failing to include all the limitations of the claim upon which it depends.  Claim 21 recites “wherein the package file is exported from a management service”; however, claim 15 likewise recites “unpackage a package file exported from a management service,” such that the dependent limitation of claim 21 does not further limit the subject matter of claim 15.  Applicant may cancel the claim(s), amend the claim(s) to place the claim(s) in proper dependent form, rewrite the claim(s) in independent form, or present a sufficient showing that the dependent claim(s) complies with the statutory requirements.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claims 1-2, 8-9, 15-16 and 21 are rejected under 35 U.S.C. 103 as being unpatentable over Betzler et al., U.S. 2017/0154189 A1 (hereinafter referred to as “Betzler”) and Satoh, Yoshimi, U.S. 10,687,187 B2 (hereinafter referred to as “Satoh”) in view of Polar Seminario, Jorge A., U.S. 2017/0220404 A1 (hereinafter referred to as “Polar Seminario”), Wang et al., U.S. 2013/0086130 A1 (hereinafter referred to as “Wang”) and Lo et al., U.S. 2008/0098387 A1 (hereinafter referred to as “Lo”), and in further view of Kulkarni et al., U.S. 2019/0317747 A1 (hereinafter referred to as “Kulkarni”), Gregorovic et al., U.S. 2012/0137138 A1 (hereinafter referred to as “Gregorovic”) and Vyas et al., U.S. 2018/0109387 A1 (hereinafter referred to as “Vyas”).

Regarding claim 1, Betzler teaches: A system for validating factory provisioning of computing devices (Betzler, e.g., Abs., “method for automated approval of a non-compliance of a modified configuration of a computer system with one or more compliance rules …” See also, e.g., ¶72, “compliance management system 300 may also check the base OS … control the modification e.g. of the configurations of virtual machines … provided in form of packages … installing executable software elements, like applications (APPs), and/or by modifying the settings of the respective configurations …”), comprising:
	a computing device comprising a processor and a memory (Betzler, e.g., FIG. 8);
	a virtual machine stored in the memory, the virtual machine having an operating system installed in the virtual machine (Betzler, e.g., FIG. 1, elements 102; see also, e.g., ¶72, describing one or more of type 2 hypervisors running on a “base” OS and type 1 hypervisors running directly on hardware and comprising an OS), the operating system being in a factory state that matches a factory image of the operating system (Betzler, e.g., ¶72, “hypervisor may for example be implemented in form of a hosted, i.e. type 2, hypervisor running on a base operation system (OS) … compliance management system 300 may also check the base OS …” Examiner’s note: an OS in a “base” state is being interpreted as consistent with a “factory image” in the absence of more specific definition or example in the Specification, wherein both “base” and “factory” are both generally consistent with “default”);
	machine-readable instructions stored in the memory allocated to the virtual machine that, when executed by the processor, cause the virtual machine to at least (Betzler, e.g., ¶74, “installation component 205 may transfer installation packages to the VM 104 and execute the installation of the respective packages …” and ¶75, “compliance management system 300 may further comprise an execution component 304 for executing local commands on VM …” Examiner’s note: these citations show that both the package and installation thereof and the compliance verification of the results of the installation of the package occur via the local (i.e. on VM) execution of instructions at least temporarily stored at the VM (i.e. locally for local execution)):
	[unpack] a package file exported from a management service, the package file (Betzler, e.g., FIG. 1, package management system 200 via which a pattern is exported from a pattern repository to hypervisor 102. See also, e.g., ¶¶28 (“‘package management system’ may denote a set of functions, in particular implemented in software … automating the process of installing ... packages”) and 72 (“package management system 200 may control the modification e.g. of the configurations of virtual machines 104, 106, 108 using pre-approved modification patterns 700 provided in the form of packages”). Examiner’s note: a “set of functions” that performs functions including retrieving and supplying a package to a target hypervisor is interpreted as consistent with a “service” that exports the package to the target) containing: at least one application to be installed on the virtual machine (Betzler, e.g., ¶72, “control the modification e.g. of the configurations of virtual machines [] using pre-approved modification patterns 700 provided in form of packages … modified by installing executable software elements, like applications …”), a configuration file containing at least one setting for the operating system or the at least one application and at least one respective value for the at least one setting (Betzler, e.g., ¶72, “configurations of virtual machines [] may for example be modified by … modifying the settings of the respective configurations …” and ¶74, “post installation configuration component 208 may read post-installation instructions and configure the OS of VM 104 as well as other subsystems of VM 104 …” See also, e.g., ¶81, “instructions 706 of the modification pattern specifying … which modifications of the configuration settings are to be applied to the computer system …” Examiner’s note: the instructions comprising the modifications of the configuration settings are interpreted as the configuration file. See also, e.g., ¶54, “packages may contain installation and configuration files for implementing the modifications …” Examiner further notes that the configuration file taught by Betzler specifically references a setting, and necessarily implicitly references a value as a change is made to the specific setting, and the value is representative of either the finished state of the setting after the configuration or some representation of the delta or change of the setting in view of the configuration thereof), and a post-installation script (Betzler, e.g., ¶74, “post installation configuration component 208 may read post-installation instructions and configure the OS of VM 104 as well as other subsystems of VM 104 …” Examiner notes that FIG. 7 and ¶81 of Betzler indicate that the instructions are part of a pre-approved modification pattern comprising a package including additionally the application and configuration file / information; Examiner notes also that one or more instructions are broadly consistent with a script, but that a more particular recitation of a script including the specific features recited in the claim is disclosed below with respect to Wang and Lo);
	install the at least one application on the virtual machine (Betzler, e.g., ¶76, “installation component may transfer a package comprising a pre-approved modification pattern from a pattern repository 120 to the target OS … execute an installation of one or more installable elements on the target OS …”); …
	configure the operating system based on the at least one respective value for the at least one setting (Betzler, e.g., ¶76, “post-installation configuration component may execute a post-installation modification of the configuration settings of the target OS …”);
	confirm installation of the at least one application on the virtual machine; confirm that configuration of the operating system matches the configuration file (Betzler, e.g., ¶75, “modified VM 104’ may for example be the result of a pre-approved modification pattern applied to the VM 104 … results of the execution of the respective local commands may be received by a result recover 306 … may write the results of the remote execution to a local file … results may be compared with results expected for a compliant configuration of VM 104’ by a result verification component 308 … For each detected non-compliance matching a pre-approved non-compliance, an automated approval may be performed …” Examiner’s note: a pre-approved modification pattern is the package comprising the installation components and the configurations; two possibilities are present in Betzler – that the installation results in compliance, or the non-compliance is consistent with a type of non-compliance that is already approved as acceptable. Both are interpreted as “successful” installations (i.e. those not requiring further approval of unexpected results and/or rollback of the installation). The result matching the pattern is the one consistent with the configuration file).
	Betzler does not teach rendering an indication in a user interface that installation of the application and configuration of the operating system was successful. However, Satoh does teach: render in a user interface an indication that installation of the at least one application and configuration of the operating system was successful (Satoh, e.g., FIG. 17, showing a visually displayed indication of successful installation; Examiner’s note: the configuration of the OS is shown as part of the installation process per Betzler. This in combination with the success display message of Satoh discloses this limitation) for the purpose of informing the user of successful installation(s) (Satoh, e.g., 13:19-36).
	Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the system and method for managing compliant and non-compliant computing system configuration modifications as taught by Betzler to provide for rendering an indication in a user interface that installation of the application and configuration of the operating system was successful because the disclosure of Satoh shows that it was known to those of ordinary skill in the pertinent art to improve a system and method for managing compliant and non-compliant computing system configuration modifications to provide for rendering an indication in a user interface that installation of the application and configuration of the operating system was successful for the purpose of informing the user of successful installation(s) (Satoh, Id.).
	Betzler in view of Satoh does not teach unpacking the installation file at or prior to installation. However, Polar Seminario does teach: unpack [a package file] (Polar Seminario, e.g., ¶350, “updater program 2152 will unpack … the decrypted package onto a temporary location … and run the installation script …”) for the purpose of preparing a downloaded package for installation activities (Polar Seminario, e.g., ¶¶346-352).
	Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the system and method for managing compliant and non-compliant computing system configuration modifications as taught by Betzler in view of Satoh to provide for unpacking the installation file at or prior to installation because the disclosure of Polar Seminario shows that it was known to those of ordinary skill in the pertinent art to improve a system and method for managing compliant and non-compliant computing system configuration modifications to provide for unpacking the installation file at or prior to installation for the purpose of preparing a downloaded package for installation activities (Polar Seminario, Id.).
	Betzler in view of Satoh and Polar Seminario does not teach a post-installation script executed in response to installation of the application and analysis of the output thereof to confirm installation. However, Wang does teach: a post-installation script … to check for the at least one respective value for the at least one setting … wherein the machine-readable instructions that cause the virtual machine to confirm installation of the at least one application on the virtual machine further cause the virtual machine to at least: in an instance in which the at least one application is installed on the virtual machine, execute the post-installation script; and analyze output generated by the post-installation script to confirm installation (Wang, e.g., ¶67, “user may implement a program or script to perform the non-interactive installation of the pertinent application … Tasks may include … invoking the installation, analyzing the logs to assess whether the attempt to install was successful …” Examiner’s note: the script of Wang is a post-installation script in that it performs at least some tasks after installation operations have been completed, and analyzes log data generated during the installation to determine whether installation was successful. Further note that the disclosure of Wang describes the authoring, use, and interconnection of individual building blocks into task topologies comprising pluralities of blocks, and defines each block as including an executable script component (see, e.g., Wang at ¶¶28-36)) for the purpose of reviewing installation logs to assess whether installation was successful or not (Wang, e.g., ¶67).
	Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the system and method for managing compliant and non-compliant computing system configuration modifications as taught by Betzler in view of Satoh and Polar Seminario to provide for a post-installation script executed in response to installation of the application and analysis of the output thereof to confirm installation because the disclosure of Wang shows that it was known to those of ordinary skill in the pertinent art to improve a system and method for managing compliant and non-compliant computing system configuration modifications to provide for a post-installation script executed in response to installation of the application and analysis of the output thereof to confirm installation for the purpose of reviewing installation logs to assess whether installation was successful or not (Wang, Id.).
	Betzler and Satoh in view of Polar Seminario and Wang do not teach that post-installation verification comprises checking whether at least one registry key value matches a setting value. However, Lo does teach: [a post-installation script] comprising at least one registry key to check … analyze output generated by [the post-installation script] to confirm installation based at least in part on determining whether a value of the at least one registry key matches the at least one respective value for the at least one setting (Lo, e.g., ¶14, “data structure 104 may be any one or more files … capable of storing data relevant to installations of modules 110 … data structure 104 may also include one or more success criteria for at least one of the modules 110. The success criteria may … include a value expected to be returned by an installer of a module 110 upon its execution to ensure success, a registry key and/or registry key value/setting expected to be present in registry 112 upon a successful installation …” See also, e.g., ¶15, “data structure may be at least partially generated by an application, such as state machine 106, which may be adapted to read plurality of modules 110 … and write data structure 104 to store at least some installation information …” Note also ¶16, “state machine 106 may be any sort of process or thread adapted to … execute … installation instructions of module 110 … write results of the executions to registry 112 and/or log file 114 … further adapted to compare success criteria … to the execution results written by state machine 106 …” Examiner’s note: that the instructions for performing the post-installation operations of determining the registry key values and comparing them to an expected value may comprise a script is disclosed more specifically above with respect to Wang) for the purpose of validating whether installation of one or more modules is successful based on determining whether an observed registry value is consistent with an expected registry key value (Lo, ibid.).
	Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the system and method for managing compliant and non-compliant computing system configuration modifications as taught by Betzler and Satoh in view of Polar Seminario and Wang to provide that post-installation verification comprises checking whether at least one registry key value matches a setting value because the disclosure of Lo shows that it was known to those of ordinary skill in the pertinent art to improve a system and method for managing compliant and non-compliant computing system configuration modifications to provide that post-installation verification comprises checking whether at least one registry key value matches a setting value for the purpose of validating whether installation of one or more modules is successful based on determining whether an observed registry value is consistent with an expected registry key value (Lo, Id.).
	Betzler and Satoh in view of Polar Seminario, Wang and Lo do not more particularly teach that confirming installation of the application on the virtual machine is based upon an error code returned by an application installer. However, Kulkarni does teach: [confirming installation of the application on the virtual machine] based upon an error code returned by an application installer of the at least one application (Kulkarni, e.g., ¶35, “At step 418, the computer implemented method 400 provides a notification of successful install or error if the installation failed … the notification may include one or more error codes …” Examiner’s note: the Specification provides that “validation application 243 could monitor the progress of a client application installer 223. If the client application installer 243 exits with no error codes, then the validation application 243 can conclude that the application installed successfully. Likewise, if the client application installer 243 exits with an error code, then the validation application can conclude that the application failed to install successfully” (see Spec. at ¶37). That is, confirmation of a successful install is based on a return of no error code, and a confirmation of a failed install is determined based on a returned error code, consistent with the above citation to Kulkarni) for the purpose of ensuring an application has been successfully installed and providing information regarding that success or the reasons for a failure to a user (Kulkarni, ibid.).
	Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the system and method for managing compliant and non-compliant computing system configuration modifications as taught by Betzler and Satoh in view of Polar Seminario, Wang and Lo to provide that confirming installation of the application on the virtual machine is based upon an error code returned by an application installer because the disclosure of Kulkarni shows that it was known to those of ordinary skill in the pertinent art to improve a system and method for managing compliant and non-compliant computing system configuration modifications to provide that confirming installation of the application on the virtual machine is based upon an error code returned by an application installer for the purpose of ensuring an application has been successfully installed and providing information regarding that success or the reasons for a failure to a user (Kulkarni, Id.).
	Betzler and Satoh in view of Polar Seminario, Wang, Lo and Kulkarni do not more particularly teach that confirming installation of the application on the virtual machine comprises determining that the application is installed in a correct location on the virtual machine. However, Gregorovic does teach: [instructions that cause the virtual machine to confirm installation of the application comprises … confirming installation based at least on determining …] that the at least one application is installed in a correct location on the virtual machine (Gregorovic, e.g., ¶21, “package verification engine 202 can verify … that the package’s files are installed in the correct locations, and the like …” Examiner’s note: that the installation is performed on a virtual machine is taught at least in Betzler, cited above) for the purpose of ensuring that an application has been installed in the appropriate location according to installation requirements (Gregorovic, ibid.).
	Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the system and method for managing compliant and non-compliant computing system configuration modifications as taught by Betzler and Satoh in view of Polar Seminario, Wang, Lo and Kulkarni to provide that confirming installation of the application on the virtual machine comprises determining that the application is installed in a correct location on the virtual machine because the disclosure of Gregorovic shows that it was known to those of ordinary skill in the pertinent art to improve a system and method for managing compliant and non-compliant computing system configuration modifications to provide that confirming installation of the application on the virtual machine comprises determining that the application is installed in a correct location on the virtual machine for the purpose of ensuring that an application has been installed in the appropriate location according to installation requirements (Gregorovic, Id.).
	Betzler and Satoh in view of Polar Seminario, Wang, Lo, Kulkarni and Gregorovic do not more particularly teach validating the package file based on a cryptographic signature generated using a private encryption key from a public-private key pair of the management service. However, Vyas does teach: validate the package file based upon a cryptographic signature generated using a private encryption key from a public-private key pair of the management service (Vyas, e.g., ¶23, “validation service 204 may acquire a public key from release bot 104 and receive validation data 116 including a digital signature of code 112, the digital signature being created using a private key matching to the public key in a key pair … Validation service 204 may decrypt the digital signature to restore the first hash value using the public key. Further, validation service 204 may retrieve a second hash value that had been provided to the validation service 204 as known hash of the code. Validation service 204 may then compare the first hash value to determine whether the code is altered or [tampered] …”) for the purpose of ensuring that any installed code has not been altered (Vyas, ibid.).
	Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the system and method for managing compliant and non-compliant computing system configuration modifications as taught by Betzler and Satoh in view of Polar Seminario, Wang, Lo, Kulkarni and Gregorovic to provide for validating the package file based on a cryptographic signature generated using a private encryption key from a public-private key pair of the management service because the disclosure of Vyas shows that it was known to those of ordinary skill in the pertinent art to improve a system and method for managing compliant and non-compliant computing system configuration modifications to provide for validating the package file based on a cryptographic signature generated using a private encryption key from a public-private key pair of the management service for the purpose of ensuring that any installed code has not been altered (Vyas, Id.).

Claims 8 and 15 are rejected for the reasons given in the rejection of claim 1 above. Examiner notes that with respect to claim 8, Betzler further teaches: A method for validating factory provisioning of computing devices (Betzler, e.g., ¶86, “The present invention may be a … method …”); and with respect to claim 15, Betzler further teaches: A non-transitory, computer-readable medium comprising machine-readable instructions for validating factory provisioning of computing devices, wherein the machine-readable instructions, when executed by a processor, cause a virtual machine hosted by a computing device to (Betzler, e.g., ¶86, “The present invention may be … a computer program product … may include a computer readable storage medium (or media) having compute readable program instructions thereon for causing a processor to carry out aspects of the present invention”).

Regarding claim 2, the rejection of claim 1 is incorporated, and Polar Seminario further teaches: wherein the machine-readable instructions, when executed by the processor, further cause the virtual machine to at least verify that the package file is a valid package file (Polar Seminario, e.g., ¶350, “if the updater determines the decrypted package is authentic (i.e. the information in the header information matches the information on the more server’s package list 2108) …” Examiner’s note: verification of a valid package as envisioned in the claim is consistent with at least a verification of trust/authenticity (see Spec. at ¶32)).

Claims 9 and 16 are rejected for the reasons given in the rejection of claim 2 above.
Regarding claim 21, the rejection of claim 15 is incorporated, and Betzler further teaches wherein the package file is exported from a management service (Betzler, e.g., FIG. 1, package management system 200 via which a pattern is exported from a pattern repository to hypervisor 102. See also, e.g., ¶¶28 (“‘package management system’ may denote a set of functions, in particular implemented in software … automating the process of installing ... packages”) and 72 (“package management system 200 may control the modification e.g. of the configurations of virtual machines 104, 106, 108 using pre-approved modification patterns 700 provided in the form of packages”). Examiner’s note: a “set of functions” that performs functions including retrieving and supplying a package to a target hypervisor is interpreted as consistent with a “service” that exports the package to the target).

Claims 4-6, 11-13 and 18-20 are rejected under 35 U.S.C. 103 as being unpatentable over Betzler and Satoh in view of Polar Seminario, Wang and Lo, and in further view of Kulkarni, Gregorovic, Vyas and Emejulu et al., U.S. 2013/0332919 A1 (hereinafter referred to as “Emejulu”).

Regarding claim 4, the rejection of claim 1 is incorporated, but Betzler and Satoh in view of Polar Seminario, Wang and Lo, and in further view of Kulkarni, Gregorovic and Vyas do not teach measuring an amount of time spent unpacking a package file and displaying on a user interface an indication of that time. However, Emejulu does teach: wherein: the indication is a first indication; and the machine-readable instructions, when executed by the processor, further cause the virtual machine to at least: measure an amount of time spent unpacking the package file; and render in the user interface a second indication that comprises the amount of time spent unpacking the package file (Emejulu, e.g., ¶37, “TTV module 314 may collect and/or record a timestamp as installation data 322 and/or otherwise initiate a timer to record a time duration associated with one or more phases of the installation process. At the end of the installation process, TTV module 314 may collect and/or record a timestamp as installation data 322 and/or otherwise terminate a timer recording the duration of the installation process …” See also, e.g., ¶33, “series of installation instructions may include one or more phases of installation routines or sub-routines such as … extracting various files and/or code …” and ¶38, “TTV module 314 may also be configured to … output the TTV information, in raw or tallied form … to the user/administrator or other entity …” Examiner’s note: “extracting” is consistent with “unpacking” (see similar comparison at Spec. ¶33)) for the purpose of measuring and analyzing an amount of time required to perform one or more phases of an installation process (Emejulu, ibid.).
	Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the system and method for managing compliant and non-compliant computing system configuration modifications as taught by Betzler and Satoh in view of Polar Seminario, Wang and Lo, and in further view of Kulkarni, Gregorovic and Vyas to provide for measuring an amount of time spent unpacking a package file and displaying on a user interface an indication of that time because the disclosure of Emejulu shows that it was known to those of ordinary skill in the pertinent art to improve a system and method for managing compliant and non-compliant computing system configuration modifications to provide for measuring an amount of time spent unpacking a package file and displaying on a user interface an indication of that time for the purpose of measuring and analyzing an amount of time required to perform one or more phases of an installation process (Emejulu, Id.).

Regarding claim 5, the rejection of claim 1 is incorporated, but Betzler and Satoh in view of Polar Seminario, Wang and Lo, and in further view of Kulkarni, Gregorovic and Vyas do not teach measuring an amount of time spent installing an application and displaying on a user interface an indication of that time. However, Emejulu does teach: wherein: the indication is a first indication; and the machine-readable instructions, when executed by the processor, further cause the virtual machine to at least: measure an amount of time spent installing the at least one application; and render in the user interface a second indication that comprises the amount of time spent installing the at least one application (Emejulu, e.g., ¶37, “TTV module 314 may collect and/or record a timestamp as installation data 322 and/or otherwise initiate a timer to record a time duration associated with one or more phases of the installation process. At the end of the installation process, TTV module 314 may collect and/or record a timestamp as installation data 322 and/or otherwise terminate a timer recording the duration of the installation process …” See also, e.g., ¶33, “series of installation instructions may include one or more phases of installation routines or sub-routines such as … installation of various components or modules of application 306 …” and ¶38, “TTV module 314 may also be configured to compute a total TTV value associated with the installation process … output the TTV information, in raw or tallied form … to the user/administrator or other entity …”) for the purpose of measuring and analyzing an amount of time required to perform one or more phases of an installation process (Emejulu, ibid.).
	Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the system and method for managing compliant and non-compliant computing system configuration modifications as taught by Betzler and Satoh in view of Polar Seminario, Wang and Lo, and in further view of Kulkarni, Gregorovic and Vyas to provide for measuring an amount of time spent installing an application and displaying on a user interface an indication of that time because the disclosure of Emejulu shows that it was known to those of ordinary skill in the pertinent art to improve a system and method for managing compliant and non-compliant computing system configuration modifications to provide for measuring an amount of time spent installing an application and displaying on a user interface an indication of that time for the purpose of measuring and analyzing an amount of time required to perform one or more phases of an installation process (Emejulu, Id.).

Regarding claim 6, the rejection of claim 1 is incorporated, but Betzler and Satoh in view of Polar Seminario, Wang and Lo, and in further view of Kulkarni, Gregorovic and Vyas do not teach measuring an amount of time spent performing installation-related configuration operations and displaying on a user interface an indication of that time. However, Emejulu does teach: wherein: the indication is a first indication; and the machine-readable instructions, when executed by the processor, further cause the virtual machine to at least: measure an amount of time spent configuring the operating system; and render in the user interface a second indication that comprises the amount of time spent configuring the operating system (Emejulu, e.g., ¶37, “TTV module 314 may collect and/or record a timestamp as installation data 322 and/or otherwise initiate a timer to record a time duration associated with one or more phases of the installation process. At the end of the installation process, TTV module 314 may collect and/or record a timestamp as installation data 322 and/or otherwise terminate a timer recording the duration of the installation process …” See also, e.g., ¶33, “series of installation instructions may include one or more phases of installation routines or sub-routines such as … configuring various components of application 306 …” and ¶38, “TTV module 314 may also be configured to … output the TTV information, in raw or tallied form … to the user/administrator or other entity …” Examiner’s note: Betzler more specifically discloses that the configuration operation may pertain directly to the OS; Emejulu discloses that any phase of the installation process, including configuration phases, may have the elapsed time thereof recorded for logging and/or display. The combination discloses the precise limitation recited by claim 6) for the purpose of measuring and analyzing an amount of time required to perform one or more phases of an installation process (Emejulu, ibid.).
	Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the system and method for managing compliant and non-compliant computing system configuration modifications as taught by Betzler and Satoh in view of Polar Seminario, Wang and Lo, and in further view of Kulkarni, Gregorovic and Vyas to provide for measuring an amount of time spent performing installation-related configuration operations and displaying on a user interface an indication of that time because the disclosure of Emejulu shows that it was known to those of ordinary skill in the pertinent art to improve a system and method for managing compliant and non-compliant computing system configuration modifications to provide for measuring an amount of time spent performing installation-related configuration operations and displaying on a user interface an indication of that time for the purpose of measuring and analyzing an amount of time required to perform one or more phases of an installation process (Emejulu, Id.).

Claims 11-13 and 18-20 are rejected for the reasons given in the rejections of claims 4-6 above.

Claims 7 and 14 are rejected under 35 U.S.C. 103 as being unpatentable over Betzler and Satoh in view of Polar Seminario, Wang and Lo, and in further view of Kulkarni, Gregorovic, Vyas and Wong et al., U.S. 2013/0055155 A1 (hereinafter referred to as “Wong”).

Regarding claim 7, the rejection of claim 1 is incorporated, but Betzler and Satoh in view of Polar Seminario, Wang and Lo, and in further view of Kulkarni, Gregorovic and Vyas do not teach rendering an element on a user interface allowing a user to select a specific package file for installation. However, Wong does teach: wherein the machine-readable instructions, when executed by the processor, further cause the virtual machine to at least render in the user interface an interface element that allows a user to select the package file (Wong, e.g., ¶37, “administrator can select the ‘Software Bundles’ button 518. Selecting the software bundles button 518 causes the user interface shown in 5D to be displayed … two-tier menu 510 includes a two-tiered structure for selecting the upgrade bundles to be applied to the selected targets …”) for the purpose of facilitating the installation of one or more software bundles to one or more target devices (Wong, ibid.).
	Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the system and method for managing compliant and non-compliant computing system configuration modifications as taught by Betzler and Satoh in view of Polar Seminario, Wang and Lo, and in further view of Kulkarni, Gregorovic and Vyas to provide for rendering an element on a user interface allowing a user to select a specific package file for installation because the disclosure of Wong shows that it was known to those of ordinary skill in the pertinent art to improve a system and method for managing compliant and non-compliant computing system configuration modifications to provide for rendering an element on a user interface allowing a user to select a specific package file for installation for the purpose of facilitating the installation of one or more software bundles to one or more target devices (Wong, Id.).

Claim 14 is rejected for the reasons given in the rejection of claim 7 above.













(2) Response to Argument

Brief Summary of the Claimed Subject Matter
	Claim 1 sets forth:
	A system for validating factory provisioning of computing devices, comprising: 
a computing device comprising a processor and a memory; a virtual machine stored in the memory, the virtual machine having an operating system installed in the virtual machine, the operating system being in a factory state that matches a factory image of the operating system; machine-readable instructions stored in the memory allocated to the virtual machine that, when executed by the processor, cause the virtual machine to at least: 
unpack a package file exported from a management service, the package file containing: 
at least one application to be installed on the virtual machine, a configuration file containing at least one setting for the operating system or the at least one application and at least one respective value for the at least one setting, and a post-installation script comprising at least one registry key to check for the at least one respective value for the at least one setting; 
validate the package file based upon a cryptographic signature generated using a private encryption key from a public-private key pair of the management service; …

	At issue in this appeal is the highlighted portion of the claim, which requires that a package file be validated based upon a cryptographic signature generated using a private encryption key from a public-private key pair of the management service. The Specification provides:
	Next at step 306, the validation application 243 can verify the package file 229. For example, the package file 229 can contain a cryptographic signature generated using a private encryption key from a public-private key-pair of the management service 113. The cryptographic signature could be verified using the respective public-key of the management service 113 to determine whether the package file 229 was generated by the management service 113 or an untrusted entity (Spec. [0032]).
	The Specification additionally provides a brief description of the management service:
	Various applications or other functionality can be executed in the computing environment 203 according to various embodiments. The components executed on the computing environment 203 can include the management service 213, the management console 216, as well as other applications, services, processes, systems, engines, or functionality not discussed in detail herein (Spec. [0011]).

	The management service claimed may therefore comprise an “application, service, process, system, engine, or functionality” that performs the functions described, to include providing a public-private key pair and exporting a package.

Brief Summary of the Prior Art
	For brevity, only the Vyas reference will be summarized, as the sufficiency of the teachings of the remaining references is not disputed in the Appeal Brief with particularity.
	Vyas teaches a containerized computing environment in which a software application can be developed by a plurality of developers (Vyas at [0009]) and released as a software product that can be executed as a self-contained application on nodes in a cloud, which may be host computers or virtual machines (Vyas at [0010]). Vyas further discloses a release bot for performing actions associated with releasing code in the form of containerized applications (Vyas at [0011]) and a validation service for determining a validation status of the code in the pod (id.).
	Validation service may check the integrity of the code (Vyas at [0023]). Validation service 204 “may acquire a public key from release bot 104 and receive validation data 116 including a digital signature of code 112, the digital signature being created using a private key matching to the public key in a key pair” (id.). 
Validation service 204 may decrypt the digital signature to restore the first hash value using the public key. Further, validation service 204 may retrieve a second hash value that had been provided to the validation service 204 as known hash of the code. Validation service may then compare the first hash value with a second hash value to determine whether the code is altered or tempered (id.).
	In sum, Vyas discloses a method whereby a package (the software product) is validated based upon a cryptographic signature (i.e. the digital signature) using the public key of a public-private key pair of the management service (i.e. the release bot).

Response to Arguments
I. Vyas, in Combination with the Remaining References, Renders the Independent Claims Obvious Under 35 U.S.C. § 103
	Appellants assert that Vyas fails to teach “validate the package file based upon a cryptographic signature generated using a private encryption key from a public-private key pair of the management service” as recited in claim 1, and further asserts that Vyas teaches away from claim 1 in this regard (App. Br. 10, emphasis in original). Appellants more particularly assert that Vyas teaches a validation service 204 decrypting a digital signature, while claim 1 requires validating a cryptographic signature using a public-private key pair of the management service (id.). “Validating a cryptographic signature does not require decryption as is required by the Vyas validation service 204” (id., emphasis in original). Finally, Appellants assert that “the Office Action does not argue how decryption of a digital signature anticipates validating a cryptographic signature in the package file that was generated using a private encryption key from a public-private key-pair of the management service that exported the package file” (id. at 10-11).
	Examiner first notes that neither the language of claim 1, nor the detailed description provided in the Specification, require that the validation of the cryptographic signature be accomplished without decrypting said cryptographic signature (see the highlighted portion of claim 1 above, and Spec. at [0032]). The claim recites validating the package file based upon a cryptographic signature generated using a private encryption key from a public-private key pair of the management service. The Specification does not further describe the process in terms of how the validation is specifically performed.
	In Vyas, the release bot 104 acts as the management service, as it performs functions similar to the management service, such as release deployment and key management (see Fin. Act. at 14 and Vyas at [0009-11, 0023]). The validation service acquires the public key from the release bot, wherein the private key of the key pair is used to generate the digital signature (id.). That is, the key pair is provided by release bot 104; the private key of the key pair is used to generate the digital signature; the public key of the key pair is used to decrypt the received digital signature; and the decrypted digital signature is compared against a known good hash value to determine whether the code is altered (id.). Accordingly, the disclosure of Vyas unambiguously teaches the validation process as set forth in claim 1.
In view of the foregoing, the assertion that Vyas teaches away from claim 1 is unsupported, as is the assertion that validating the cryptographic signature does not require decryption thereof. More particularly, in view of the above discussion, given the silence of the claim as to the method of validating the cryptographic signature, the argument that validating does not require decryption is unsupported, and an argument that the reference teaches away from a claim limitation based on an unclaimed feature is unpersuasive.

Conclusion
	Pursuant to the remarks above, Examiner asserts that the rejection of claim 1 under 35 U.S.C. § 103 should be sustained. As Appellants’ arguments regarding similar independent claims 8 and 15 rely on the same arguments, Examiner asserts that the rejections thereof should likewise be sustained. And as Appellants’ arguments that the remaining claims are patentable rely on the argument that the independent claims are patentable, with no additional argument pertaining to any further dependent claim, Examiner further asserts that the rejections of the dependent claims be likewise sustained.

For the above reasons, it is believed that the rejections should be sustained.
Respectfully submitted,
/Andrew M. Lyons/Examiner, Art Unit 2191                                                                                                                                                                                                        
Conferees:
/WEI Y ZHEN/Supervisory Patent Examiner, Art Unit 2191                                                                                                                                                                                                        
/EMERSON C PUENTE/Supervisory Patent Examiner, Art Unit 2196                                                                                                                                                                                                        

Requirement to pay appeal forwarding fee.  In order to avoid dismissal of the instant appeal in any application or ex parte reexamination proceeding, 37 CFR 41.45 requires payment of an appeal forwarding fee within the time permitted by 37 CFR 41.45(a), unless appellant had timely paid the fee for filing a brief required by 37 CFR 41.20(b) in effect on March 18, 2013.