Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED DESCRIPTION
1.	Claims 1-20 are pending.
Drawings
2.	The drawings filed on 12/24/2020  have been accepted by the Examiner.
	Examiner’s Notes


3.	Examiner cites particular columns and line numbers in the references as applied to the claims below for the convenience of the applicant. Although the specified citations are representative of the teachings in the art and are applied to the specific limitations within the individual claim, other passages and figures may apply as well. It is respectfully requested that, in preparing responses, the applicant fully consider the references in entirety as potentially teaching all or part of the claimed invention, as well as the context of the passage as taught by the prior art or disclosed by the examiner.
						Specification
4.	The disclosure is objected to because the use of the trademark “Java”, “Perl”, “Python”, “JavaSCript”, “Swift” have  been noted in this application.  It should be capitalized wherever it appears and be accompanied by the generic terminology.
Although the use of trademarks is permissible in patent applications, the proprietary nature of the marks should be respected and every effort made to prevent their use in any manner which might adversely affect their validity as trademarks.
Appropriate correction is required. 

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):

(B)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.

The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention. 

5.	Claims 9-16 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention.
Claims 9 recites the limitation “ a first computing node of the plurality of compute nodes”
And claim 10 recites the limitation “wherein the plurality of compute node”. 
Claim 9 recites limitation as “a plurality of compute units” not “compute nodes”. 
It is not clear from the claim languages that it indicates which compute nodes or is it compute node or compute units? 
The Examiner interprets the limitation in claim 9 “a plurality of compute nodes” instead of “a plurality of compute units”.
The depended claims reject under the same reason as claim 9 and 10.
Appropriate correction is required.
Claim 17 recites the limitation “processing business logic by the tool chain”. It is not clear that the claim indicates which tool chain, attestable tool chain or any other tool chain.  
The claim 17 recites the limitation “an attestable tool chain”.
The Examiner interprets the limitation as ““processing business logic by the attestable tool chain”.
The depended claims reject under the same reason as claim 17.
Appropriate correction is required.


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


6.	Claims 1-20  are rejected under 35 U.S.C. 103 as being unpatentable over Bursell ( US 20220035904) and further in view of Gupta (US-20200134192)
As per claim 1, Bursell ( US 20220035904) discloses: One or more non-transitory computer-readable storage mediums having stored thereon executable computer program instructions that, when executed by one or more processors, cause the one or more processors to perform operations comprising (Abstract, [0006]  [0030] [0034] [0057] :
receiving code for processing of a secure workload of a tenant ([0025] “A virtual machine image may include both an operating system and one or more user space programs. The virtual machine image may be loaded onto a computing device (e.g., 110C) and may be managed by a hypervisor. A container image may include a user space program (e.g., application) along with a file system that contains the executable code, runtime, system tools, system libraries, and other programs to support the execution of the user space program”) where the user space program (application) that are executed by the computing device”)  Abstract, “loading executable code into the trusted execution environment, wherein the executable code controls access to protected content and wherein the protected content comprises executable image data; and causing the executable code to execute in the trusted execution environment to analyze data of a second computing device and to provide the second computing device access to the protected content.”) where loading executable code is receiving code for processing and trusted execution environment is the secure workload of a tenant [0006] FIG. 3 depicts a block diagram of an example computing device with one or more components and modules for establishing a trusted execution environment, in accordance with one or more aspects of the present disclosure; and [0029] shows trusted execution environment is used as user space process (workload of a tenant) and trusted execution environment provides code execution, storage confidentiality  and integrity protection and isolate protected content [0029] [0042] A trusted network may include security enhanced features that restrict access and use of network 160A to particular users and devices of an organization (e.g., intranet of a business entity).
selecting at least a first compute node of a plurality of compute nodes to provide computation for the workload (Abstract, [0014] “a management device of the computing environment (e.g., provisioning server) may select one of the computing devices external to the trusted network to function as the data exchange device. The selection may be based on one or more attributes of the computing devices”) [0031] ;
processing the code by an attestable tool chain to generate machine code for the first compute node, [0101] where first computing device (first computing node) execute the executable code (processing the code) inherently  generating the machine code and the first computing device process the  code by performing attestation ([0101] “ the processor of the first computing device may receive a request from a third computing device to establish the trusted execution environment in the first computing device. In either example, the processor may perform remote attestation of hardware and code of the first computing device and configure the encrypted memory area and an area of the processor for the trusted execution environment”) code of the first computing device is the code [0112] and the language of claim 4;
including: performing one or more conversions of the code by one or more convertors to generate converted code (Abstract, where the executable code  is executed by the processor and inherently performing conversions of the code  to generate converted code; [0013]  [0014] [0015] the hardware/processor of the trusted execution environment (TEE) execute one or more processes (acts as a convertors) and inherently generating executed code (converted code) as claimed;
and generating an attestation  associated with each code conversion [0078] “ Attestation data 313A-B may be based on the configuration of computing device…Attestation data obtained or generated by the hardware platform (e.g., processor, memory, firmware, BIOS) and be the same or similar to integrity data (e.g., hash or signature of executable code) [0080] [0081] shows attestation module perform operations in trusted execution environment in all phase to execute the process and provide attestation data that is specific execution clearly indicates attestation is associated with each code conversion (execution) as claimed; this is the first state where the executed code (machine code) is generated by the processor (converter) [0079] [0032]
and in a second stage, receiving machine code [0024]  “Each of the images 116 may be capable of being loaded onto a computing device and may be executed to perform one or more computing tasks” where image contains machine code ([024] “The information within images 116 may indicate the state of the image and may include executable data (e.g., executable instructions, commands, machine code)…  Each of the images 116 may be capable of being loaded onto a computing device and may be executed to perform one or more computing tasks.”)  and Abstract clearly shows receiving machine code for the first computing device (first compute  node) as claimed,.
providing each of the attestations from the first stage and the second stage for verification [0032] “The remote attestation operations are discussed in more detail in regards to FIG. 3 and may enable the data exchange device to verify to each of the other computing devices the integrity and confidentiality of trusted execution environment 120”) [0077] [0079] .
Bursell discloses receiving application, space program and executable code (Abstract, [0025]) and convert executable code to executed code in execution environment ([0024).
 Bursell does not specifically disclose the application or the programs are source code.  However, in an analogous art Gupta discloses source code are received and process for secure workload and compiler (converter) compiles into the compiled code (converted code).  Gupta [0041] “ a particular primary 306 or secondary 308 memory device may be implemented to store firmware source code, compiled firmware code, firmware update code, or a combination thereof. To continue the example, the firmware source code may be compiled into compiled firmware code and subsequently provided as a firmware update package… “the firmware code, whether in its source or compiled form, may be digitally signed with a private key to generate an associated digital signature. In certain embodiments, the resulting digital signature may be used to attest to the authenticity and integrity of its associated firmware code”), compilation is shown in [0019] [0037] [0041] [0046] [0059]. 
Therefore it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention was made to incorporate the teaching of Gupta with the method of Bursell.  The modification would be obvious because one of the ordinary skill in the art would be motivated to provide improved security profiling operation, processor efficiency and thus the efficiency of the information handling system (Gupta [0025]).
As per claim 2 the rejection of claim 1 is incorporated and further Bursell disclose: runtime stage for the processing of the code (Bursell, [0025] [0034] [0037] [0052]).
Bursell does not specifically disclose a build stage and the processing source code. However, in an analogous art Gupta disclose the above limitation (Gupta, [0019], [0041] “More particularly, software providers typically compile files on a centralized build server”). The modification would be obvious because one of the ordinary skill in the art would be motivated to provide improved security profiling operation, processor efficiency and thus the efficiency of the information handling system (Gupta [0025].
 As per claim 3 the rejection of claim 1 is incorporated and further Bursell disclose:
herein the attestations from the first stage and the second stage represent a chain of attestations between the received  code and the generated machine code for the first compute node [0078] [0101] [0112] . Gupta discloses the source code Gupta, [0019], [0041].
The modification would be obvious because one of the ordinary skill in the art would be motivated to provide improved security profiling operation, processor efficiency and thus the efficiency of the information handling system (Gupta [0025].
As per claim 4 the rejection of claim 1 is incorporated and further Bursell disclose:
 wherein each attestation of the first stage includes at least a measurement or identity of received code, a measurement or identity of converted code, and an attestation of a convertor that converted the received code into the converted code [0054] [0077] [0078] [0079] [0082] [0095] [0104] [0109] [0115].
As per claim 5 the rejection of claim 1 is incorporated and further Bursell disclose:
wherein at least a first attestation of the first stage further includes one or more security assertions [0076] [0078] [0079]  [0013] [0014] [0032] .
As per claim 6 the rejection of claim 4 is incorporated and further Bursell disclose: wherein the first stage further includes performing one or more inspections of the code and generating an attestation associated with each code inspection [0079] .
Gupta discloses inspection of the source code by attestation (Gupta, [0018] [0019] [0046] [0048]). The modification would be obvious because one of the ordinary skill in the art would be motivated to provide improved security profiling operation, processor efficiency and thus the efficiency of the information handling system (Gupta [0025].
As per claim 7 the rejection of claim 1 is incorporated and further Bursell disclose: wherein the attestation of the second stage includes at least an attestation of received machine code and an attestation of the first compute node [0032] [0077] [0078] [0079].
As per claim 8 the rejection of claim 1 is incorporated and further Bursell disclose: further comprising executable computer program instructions that, when executed by one or more processors, cause the one or more processors to perform operations comprising one of the following: receiving secure data in response to the attestations of the first stage and the second stage for verification; and performing computation of the secure workload utilizing the received secure data (Abstract, [0004] [0013] [0014] [0016] [0017] [0020] [0031] [0077] to [0080], [0103].
Claim 9 is the system claims corresponding to claims 1 and rejected under the same reason set forth in connection of the rejection of claim 1above.
As per claim 10 the rejection of claim 9 is incorporated and further Bursell discloses:
Plurality of computer nodes include one or more processing devices, one or more hardware accelerators or both (Bursell, [0001] [0013], [0015] [0018] [0023] [0030] [0119] [0125].
11-16 are the system claims corresponding to claims 2-7 and rejected under the same reason set forth in connection of the rejection of claim 2-7 above. 
Claims 17-20 are rejected under the same reason  of claims 1, 3, 4 and 7 respectively. 


Conclusion
7.	The prior art made or record and not relied upon is considered pertinent to applicant’s disclosure.
 
Caldarale et al (US 20220027458) discloses; receiving, by a host operating system, a source code file from the guest operating system; and compiling by the host operating system the source code file into an executable file in the execution environment in the secure sandbox.  Enterprises have highly demanding computing environments in terms of security, reliability and performance, requiring computing systems that are secure, adaptable.

Chibon (US 20210334367) discloses: In another example, a method is disclosed. The method comprises receiving, by a first processor device, a first source code fragment representing a difference between a first source code file of a first software distribution and a second source code file of a second software distribution. The method further comprises determining that the first source code fragment matches any security profile of one or more security profiles, wherein each security profile of the one or more security profiles corresponds to an approved security algorithm. The method also comprises, responsive to determining that the first source code fragment matches any security profile of the one or more security profiles, generating an approval notification indicating that the first source code fragment comprises the approved security algorithm.

IGNATCHENKO (US 20150039891) discloses: execute the code for the secure zone on the first virtual machine, the computer processor is further configured to: establish a connection to a client device; verify that the client device is allowed to establish a connection to the task being executed on the second virtual machine; and pass the established connection to the client device to the task being executed on the second virtual machine. requesting an attestation certificate from the administrator device; and verifying that the attestation certificate is issued by a trusted attestation service provider.

Title: SCOBA: source code based attestation on custom software , author: L Gu, et al, published on 2010.

Title: Software component certification, author: J Morris, et al, published on 2001.

8.	Any inquiry concerning this communication or earlier communications from the examiner should be directed to CHAMELI DAS whose telephone number is (571)272-3696.  The examiner can normally be reached on Monday-Friday from 8:00 am to 4:00 pm (ET).

Examiner interviews are available via telephone and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor Mr. Emerson Puente can be reached at (571) 272-3652.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/CHAMELI DAS/           Primary Examiner, Art Unit 2196