Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claims 1-20 are presented for examination.

Specification
The disclosure is objected to because of the following informalities: 
Section [0022] recites “For example, if virtual machine 130 were shut down, migrated, or otherwise stopped, operation 200 may be used to identify current configuration information associated with the new invitation and compare that current configuration information with the stored registration information.” And should recite “For example, if virtual machine 130 were shut down, migrated, or otherwise stopped, operation 200 may be used to identify current configuration information associated with the new initiation and compare that current configuration information with the stored registration information.”
Section [0026] recites “Once executed registration operation 124 may be removed from virtual machine 132” and should recite “Once executed registration operation 124 may be removed from virtual machine 130”
Appropriate correction is required.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 1-18 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
Claim 1 recites “in response to a second initiation of the virtualized instance, comparing current configuration information associated with the subsequent initiation”  The reference to “the subsequent initiation” is indefinite.  The “subsequent initiation” of a virtualized instance could be after the first initiation or the second initiation or an initiation not within the comprising steps of the claim.  For purposes of examination the term “the subsequent initiation” is interpreted as “the second initiation” throughout the claim.
Dependent claims 2-9 are rejected for failing to cure the deficiency in claim 1.
Additionally, claim 3 recites “determining that the subsequent initiation is permitted when a match exists.”  The reference to “a match exists” is indefinite, since the items to be matched are not included.  For purposes of examination “a match” is interpreted as 0the match between the current configuration and registration information, based on “a match” cited in the previous paragraph of the claim.
Claim 10 recites “in response to a second initiation of the virtualized instance, comparing current configuration information associated with the subsequent initiation”  The reference to “the subsequent initiation” is indefinite.  The “subsequent initiation” of a virtualized instance could be after the first initiation or the second initiation or an initiation not within the comprising steps of the claim.  For purposes of examination the term “the subsequent initiation” is interpreted as “the second initiation” throughout the claim.
Dependent claims 11-18 are rejected for failing to cure the deficiency in claim 10.
Additionally, claim 12 recites “determining that the subsequent initiation is permitted when a match exists.”  The reference to “a match exists” is indefinite, since the items to be matched are not included.  For purposes of examination “a match” is interpreted as the match between the current configuration and registration information, based on “a match” cited in the previous paragraph of the claim.


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-6 and 10-15 are rejected under 35 U.S.C. 103 as being unpatentable over Gan (2019/0354675) in view of Scheifler (2009/0271472).

Regarding claim 1, Gan teaches
a method comprising: 
identifying a request for a first initiation of a virtualized instance from an image; in response to the request and the first initiation, initiating a process in the virtualized instance to determine registration information associated with the virtualized instance; (Gan [0113] In response to determining that a VM startup has been detected at decision point 802, at block 804 the process 800 begins a registration process by scanning one or both of the virtual machine image and the running virtual machine instance to obtain virtual machine information about the virtual machine instance) (Examiner Note: first initialization is the baseline VM – Gan [0043])
storing the registration information in the virtualized instance; (Gan [0114] At block 808, the process 800 stores the virtual machine information and the VM-ID locally, and reports each of the virtual machine information (including the calculated VM-ID) to the health check controller. )
in response to storing the registration information, (Gan [0114])
in response to a second initiation of the virtualized instance, (Gan, [0043] VM instance information of the production VM instance is collected during a startup process of the production VM instance within the deployed environment) comparing current configuration information associated with the subsequent initiation with the registration information stored in the virtualized instance to determine whether the subsequent initiation is permitted; and (Gan, [0030] When a deployed virtual machine attempts to register with the health check controller, the health check controller compares registration information received from the health check agent operating in the deployed virtual machine with the baseline registration information received from the local clone with the same VM-ID to verify the registration of the deployed virtual machine. If the baseline registration information received from the health check agent operating in the deployed virtual machine matches the baseline registration of the respective local clone, the deployed virtual machine may be considered uncorrupted and registration for system operation of the deployed virtual machine may be completed.  ) (Examiner Note: second initialization is the production VM)
in response to determining that the subsequent initiation is permitted, making an application associated with the image available to a user of the virtualized instance (Gan, [0098] The deployed virtual machine 508 also includes one or more application(s) 514 that perform the work of the deployed virtual machine 508.) (Examiner Note: Gan teaches permitting a virtual instance to be completed and therefore operational, the VM includes applications)
Gan does not teach deleting the process that determined the registration information.
However Scheifler teaches deleting the process that determined the registration information (Scheifler [0059] Once a process registration resource is no longer needed, a destroy method may be called to remove the process registration resource from the system.)
Scheifler teaches management of computing resources and process removal.  It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have combined Scheifler’s registration process removal with Gan’s Virtual machine usage because doing so reduces resources (frees up resources) to make a system more efficient and less expensive in some situations (Scheifler, [0025] The horizontal scalability of the platform may allow for the efficient delivery of resources and may support a pay-for-use (verses a pay-for-capacity) billing model.)

Regarding claim 2, Gan and Scheifler teach
the method of claim 1 further comprising, in response to determining that the subsequent initiation is not permitted, blocking an execution of the application associated with the image (Gan, [0030] Alternatively, if the baseline registration information received from the health check agent operating in the deployed virtual machine does not match the baseline registration of the respective local clone, the deployed virtual machine may be considered corrupted and registration for system operation of the deployed virtual machine may be denied. As such, virtual machines instantiated from corrupted virtual machine images may be prevented from having operational in-system access/authority and may be prevented from performing system-level operations.)

Regarding claim 3, Gan and Scheifler teach
the method of claim 1, wherein comparing the current configuration information associated with the subsequent initiation with the registration information stored in the virtualized instance to determine whether the subsequent initiation is permitted comprises: 
determining whether a match exists between the current configuration information and the registration information; 
determining that the subsequent initiation is permitted when a match exists (Gan [0030]  If the baseline registration information received from the health check agent operating in the deployed virtual machine matches the baseline registration of the respective local clone, the deployed virtual machine may be considered uncorrupted and registration for system operation of the deployed virtual machine may be completed.)

Regarding claim 4, Gan and Scheifler teach
the method of claim 1, wherein the virtualized instance comprises a virtual machine (Gan [0030] If the baseline registration information received from the health check agent operating in the deployed virtual machine matches the baseline registration of the respective local clone, the deployed virtual machine may be considered uncorrupted and registration for system operation of the deployed virtual machine may be completed.)

Regarding claim 5, Gan and Scheifler teach
the method of claim 1, wherein the registration information comprises a media access control (MAC) address and/or a virtual machine identifier (Gan, [0029] To establish/derive baseline information useable for verification of deployed virtual machines, the health check controller may interact with the local clone virtual machine instance. The health check agent in the local clone virtual machine operating in the secured sandbox network generates a unique virtual machine identifier (VM-ID) from the running virtual machine during virtual machine startup processing.)

Regarding claim 6, Gan and Scheifler teach
the method of claim 1, wherein the current configuration information comprises a media access control (MAC) address and/or virtual machine identifier (Gan,  [0114] Where the VM-ID and virtual machine information originates from the virtual machine within the production environment, the health check controller recognizes the origin of the registration)

Claims 10-15 are system claims for the method claims 1-6 and are rejected for the same reasons as claims 1-6.

Claims 7-9 and 16-18 are rejected under 35 U.S.C. 103 as being unpatentable over Gan (2019/0354675) in view of Scheifler (2009/0271472) in view of Raj (2013/0054948).

Regarding claim 7, Gan and Scheifler teach
the method of claim 1 further comprising … initiating the process to determine the registration information (Gan [0113] In response to determining that a VM startup has been detected at decision point 802, at block 804 the process 800 begins a registration process)
Gan teaches preventing access to resources (Gan, [0111] It is further understood that the process 800 may block the virtual machine from accessing resources of the deployed system until the initial validation operations are completed and), but does not teach preventing ingress and/or egress communications for one or more communication formats prior to.
However Raj teaches preventing ingress and/or egress communications for one or more communication formats prior to (Raj, [0061] At block 504, after receiving the image of the guest VM, the network connection between the boot server and the rest of the network is disabled  [0062] At block 508, the virtual machine is initialized, and the guest OS is booted at block 510.) (Examiner Note: the disabling occurs prior to initialization)
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have applied Raj’s network disable to Gan-Scheifler’s Virtual Machine integrity because doing so improves security by minimizing vulnerabilities in malicious or unauthorized code that might be running (Raj, [0003] More secure cloud computing services are provided through use of a reduced virtualization stack running on one or more production servers of a data center. … The production server virtualization stack is minimized to present fewer security vulnerabilities to malicious software running within a guest VM on the production server.)

Regarding claim 8, Gan, Scheifler and Raj teach
the method of claim 7 further comprising: in response to deleting the process that determined the registration information (Scheifler [0059] Once a process registration resource is no longer needed, a destroy method may be called to remove the process registration resource from the system.)
Gan teaches allowing access to resource once validation is complete (Gan [0111]).  Scheifler teaches computations performed in response to an initiation1, resources enabled2  and enabling ingress and/or egress communications (Scheifler [0202] In some embodiments, the agent server is started using a create command and performs a series of initialization steps and sets up a communication channel upon which it may receive further instructions)
Gan-Scheifler does not teach a response to the determination, and then enabling ingress and/or egress communications.
However Raj teaches in response to … determined (ing)… , enabling ingress and/or egress communications for the one or more communication formats (Raj, [0064] After rebooting into the clean mode, the boot server's network connection is re-enabled at block 516, following the boot server's attestation that it is running in the clean mode).  Raj requires determining that the boot is in clean mode, analogous to permitting the initiation, before enabling network connection.
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have applied Raj’s secure network boot to Gan-Scheifler’s Virtual Machine integrity because doing so improves security by minimizing vulnerabilities in malicious or unauthorized code (Raj, [0003] More secure cloud computing services are provided through use of a reduced virtualization stack running on one or more production servers of a data center. … The production server virtualization stack is minimized to present fewer security vulnerabilities to malicious software running within a guest VM on the production server.)

Regarding claim 9, Gan and Scheifler teach 
the method of claim 1 further comprising: 
wherein storing the registration information in the virtualized instance (Gan [0114] At block 808, the process 800 stores the virtual machine information and the VM-ID locally,) 
Gan does not teach encrypting the registration information, storing the encrypted registration information.  
However Raj teaches encrypting the registration information, storing the encrypted registration information (Raj, [0069] In some embodiments, a secure co-processor running on the boot server protects the boot server's whitelisted MAC address, to ensure that it is only accessible when the boot server is in clean mode. The whitelisted MAC address is encrypted and saved while the boot server is operating in clean mode. … 2) the boot server's boot configuration matches the configuration that was active (e.g., the clean mode) when the whitelisted MAC address was encrypted and saved. )
(Examiner Note: Registration information can include MAC address (see claim 5), and Raj teaches encrypting the MAC address)
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have applied Raj’s encryption to Gan-Scheifler’s Virtual Machine integrity because doing so improves security by requiring attestation (vouching of the information) before fully initiating a virtual instance (Raj, [0005] Isolation of the boot server from the network while the guest OS is booting ensures that any malicious software that corrupts the boot server is unable to attack other devices. The boot server is isolated through use of an attestation protocol, through which the boot server attests that it is in a clean mode when no guest VMs are executing on it. In some embodiments, the attestation mode uses the media access control (MAC) address of the boot server's network interface controller (NIC) as a secret,)

Claims 16-18 are system claims for the method claims 7-9 and are rejected for the same reasons as claims 7-9.


Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


Claim 19 is rejected under 35 U.S.C. 102(a)(1) as being anticipated by Gan (2019/0354675).

Regarding claim 19,  Gan teaches
a method comprising: 
in response to an initiation of a virtual machine, identifying current configuration information associated with the virtual machine; (Gan, [0029] To establish/derive baseline information useable for verification of deployed virtual machines, the health check controller may interact with the local clone virtual machine instance. The health check agent in the local clone virtual machine operating in the secured sandbox network generates a unique virtual machine identifier (VM-ID) from the running virtual machine during virtual machine startup processing.)
determining that the current configuration information matches registration information stored on the virtual machine during a second initiation of the virtual machine that occurred prior to the initiation; and  (Gan [0113] In response to determining that a VM startup has been detected at decision point 802, at block 804 the process 800 begins a registration process by scanning one or both of the virtual machine image and the running virtual machine instance to obtain virtual machine information about the virtual machine instance) 
in response to determining that the current configuration information matches the registration information, making an application associated with the registration information available to a user of the virtual machine (Gan, [0098] The deployed virtual machine 508 also includes one or more application(s) 514 that perform the work of the deployed virtual machine 508.) (Examiner Note: Gan teaches permitting a virtual instance which includes applications)

Claim 20 is rejected under 35 U.S.C. 103 as being unpatentable over Gan (2019/0354675) in view of Raj (2013/0054948).

Regarding claim 20, Gan teaches
the method of claim 19 further comprising: 
in response to determining that the current configuration information matches the registration information (Gan, [0030] When a deployed virtual machine attempts to register with the health check controller, the health check controller compares registration information received from the health check agent operating in the deployed virtual machine with the baseline registration information received from the local clone with the same VM-ID to verify the registration of the deployed virtual machine. If the baseline registration information received from the health check agent operating in the deployed virtual machine matches the baseline registration of the respective local clone, the deployed virtual machine may be considered uncorrupted and registration for system operation of the deployed virtual machine may be completed.)
Gan does not teach
disabling ingress and/or egress communications for one or more communication formats prior to identifying the current configuration information; and 
enabling ingress and/or egress communications for the one or more communication formats.
However Raj teaches disabling ingress and/or egress communications for one or more communication formats prior to identifying the current configuration information; and (Raj, [0061] At block 504, after receiving the image of the guest VM, the network connection between the boot server and the rest of the network is disabled  [0062] At block 508, the virtual machine is initialized, and the guest OS is booted at block 510.) (Examiner Note: the disabling occurs prior to initialization)
enabling ingress and/or egress communications for the one or more communication formats (Raj, [0064] After rebooting into the clean mode, the boot server's network connection is re-enabled at block 516, following the boot server's attestation that it is running in the clean mode).  Raj requires determining that the boot is in clean mode, analogous to permitting the initiation, before enabling network connection.
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have applied Raj’s secure network boot to Gan-Scheifler’s Virtual Machine integrity because doing so improves security by minimizing vulnerabilities in malicious or unauthorized code (Raj, [0003] More secure cloud computing services are provided through use of a reduced virtualization stack running on one or more production servers of a data center. … The production server virtualization stack is minimized to present fewer security vulnerabilities to malicious software running within a guest VM on the production server.)

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to BRUCE S ASHLEY whose telephone number is (571)270-0315. The examiner can normally be reached 9-5 PDT.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jay Kim can be reached on 571-272-3804. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/BRUCE S ASHLEY/Examiner, Art Unit 2494                                                                                                                                                                                                        


    
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
    

    
        1 (Scheifler, [0084] For example, data may be stored to a file system or database resource, or a computation may be performed by a VM in the customer's virtual system in response to a start operation directed to a process resource.)
        2 (Scheifler, [0033] Full programmatic life cycle control over all system resources and their structure, enabling services to dynamically flex their own platform resource usage at runtime without human intervention)