DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
The Office Action is in response to claim amendments filed on 3/15/2022, wherein claims 1-20 are pending, claims 1, 6, and 16 are amended.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 1-5 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention.
The following claims are unclear and indefinite:
As for claim 1, it is unclear what is meant by “…wherein establishment of the isolated runtime environment comprises a plurality of phases including a preliminary phase and an additional phase…” because the claims does not have an establishment step, and thus unclear what is the wherein clause further limiting and relationship of establishment to launch claimed.  Furthermore, it is unclear if the preliminary phase and an additional phase are applicable to launch of the compute instance containing an isolated runtime environment or establishment of the isolated run-time environment and which subsequent steps are reasonably included in each phase. For the purpose of examination, Examiner assume the preliminary phase claimed is directed to operations performed by the hypervisor of the identified candidate virtualization host that performed one or more initialization operations of the candidate virtualization host and the hardware security device.
As for claims 2-5, they are rejected for failure to cure the claim upon which they depend.
As for claim 6, the claim “one or more records include a first record which indicates that a first phase of a multi-phase establishment…has been completed by a virtualization management component of the first virtualization host during one or more initialization operations of the first virtualization host” left it entirely unclear the relationship between “a first phase”, “a multi-phase” and “one or more initialization operations of the first virtualization host”.  Stated differently, under BRI, one or more initialization operations are not limited to 1 operation, nor all operations are part of the one or more initialization operations.  Leaving it unclear if one or more initialization operations is the first phase, or the indicator is generated during the one or more initialization operations.  Confusing the meaning of claim language further, applicant’s response dated 3/15/2022 asserted “…the ‘preliminary phase’ and ‘additional phase’ language may refer to ‘time interval 204 between transmittal of log records of phase-1 operations and receiving host approval’ as shown in Fig. 2…” (App. Arg. Pg. 12), when read facially, means both the preliminary phase and additional phase are referring a single interval 204 between transmittal of log records of phase-1 operations and receiving host approval, which would take preliminary phase as subsequent to initialization and other activities that generated the log record.   Looking at the specification, applicant alleged time interval 204, is “time interval 204 may elapse before a response …is received….the length of time interval 204 may vary….may comprise a few seconds or minutes….” (Specification, paragraph 53) which is an interval during which nothing happens.  Leaving it impossible for one of ordinary skill in the art before the effective filing date of the application to discern what are the preliminary phase and additional phases that are occurring in a time interval of waiting for response where nothing seems to happen.  Equally important, claim subsequently states “…in response to obtaining…cause the multi-phase establishment of the isolated runtime environment to be completed at the first virtualization host…” seem to imply the multi-phase establishment is completed/performed in response to obtaining.  Which would contradict with “…a first record which indicates that a first phase …” which clearly occurs before the in response step.  For the purpose of examination, Examiner assume there is an action performed by the hypervisor to instantiate a virtual environment the result of which is used to generate the first record, and the host approval indicator is based on the first record, and the action is performed right after the end of the first phase. 
Claim 16 contain similar defect as claim 6 above.  Thus, it is rejected under the same rationales.
As for claims 7-15 and 17-20, they are rejected for failure to cure the claim upon which they depend.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claim 6-7, 10-11, 15-16, and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Potlapally et al. (US PGPUB 2015/0007175), in view of Sahita et al. (US PGPUB 2018/0019875).

As for claim 6, Potlapally teaches a method, comprising:
performing, at one or more computing devices (Fig. 1 and paragraph 19):
identifying a first virtualization host for an isolated run-time environment of a client of a virtualized computing service (paragraph 30, “…the provisioning service 303 can select the host computing device 304…”);
causing one or more records generated by a security module of the first virtualization host to be transmitted to a first resource verifier (paragraph 31, “…it is provided to a network manager 312…”), wherein the one or more records include a first record which indicates that a first phase of a multi-phase establishment of an isolated run-time environment has been completed by a virtualization management component of the first virtualization host during one or more initialization operations of the first virtualization host (paragraph 30, “before launching the virtual machine, the process is suspended and a cryptographic measurement is obtained…”  Thus, while the prior art does not explicitly state it indicates that a first phase of a multi-phase establishment of an isolated runtime environment has been completed, the measured data is created and send for verification before launching the virtual machine, and the process is suspended and waiting subject to verification.  Thus, it would be obvious to a person of ordinary skill in the art before the effective filing date of the application to have recognized that the sending of the measured data, is an indication of the instantiation process reaching the specific point of the instantiation process because doing so allows improved granular checking for assurance of security of the secure environment.  Roth, paragraph 3.); and
in response to obtaining a host approval indicator from the first resource verifier, causing the multi-phase establishment of the isolated run-time environment to be completed at the first virtualization host (paragraph 46, “…if the cryptographic measurement matches…the virtual machine is launched…”).

Potlapally explicitly teaches launching of virtual machine (paragraph 46) and recognizes that virtual machines are launched in isolated environments and not compromised (paragraph 2, “…isolated instances (i.e., virtual machines)…obtain cryptographic assurance that the resources have not been tampered with by malicious users or otherwise compromised…”).  Thus, it would have been obvious to a person of ordinary skill in the art prior to effective filing date of the application to recognize the subset of resources is allocated for exclusive use by the isolated run-time environment and not accessible from programs running outside the isolated environment because accessing from programs outside is a form of tempering.  However in the interest of compact prosecution, examiner note Potlapally does not explicitly teach a subset of a first portion of memory, included in a set of resources of the virtualization host, is allocated for exclusive use by the isolated run-time environment and the subset is inaccessible from programs running outside the isolated run-time environment.
However, Sahita teaches a known method of secure access on hardware virtualization platform including a subset of a first portion of memory, included in a set of resources of the virtualization host, is allocated for exclusive use by the isolated run-time environment (paragraph 30, “…the execution environment for a VM may provide ….the components may operate, which may…be mapped into physical pages of memory 112…” and paragraph 38 “…VM 124 maybe configured to execute code independently, maybe securely isolated from VM 120 and VM 122, and may prevent components of VM 120 and 122 from performing operations that would alter, modify, read, or otherwise affect the components of VM 124…” Each VM is clearly mapped into a subset of physical pages of memory 112, wherein the content of VM 124 is secure because the system is capable of preventing outside software from reading or affect the components of VM 124 in anyway), and the subset is inaccessible from programs running outside the isolated run-time environment (paragraph 38, “…VM 124 maybe configured to execute code independently, maybe securely isolated from VM 120 and VM 122, and may prevent components of VM 120 and 122 from performing operations that would alter, modify, read, or otherwise affect the components of VM 124…”, preventing outside software from “alter, modify, read or otherwise affect” is understood as making it inaccessible as inaccessible is understood as not able to be read from the outside in light of the Specification (Specification, paragraph 22)). This known technique is applicable to the system of Potlapally as they both share characteristics and capabilities, namely, they are directed to isolation of virtual machine and utilizes TPM.
	One of ordinary skill in the art before the effective filing date of the application would have recognized that applying the known technique of Sahita would have yielded predictable results and resulted in an improved system.  It would have been recognized that applying the technique of Sahita to the teachings of Potlapally would have yielded predictable results because the level of ordinary skill in the art demonstrated by the references applied shows the ability to incorporate such VM isolation features into similar systems.  Further, applying a subset of memory allocated for exclusive use by VM where the memory is inaccessible to objects outside the VM to Potlapally with isolated partitions running VMs accordingly, would have been recognized by those of ordinary skill in the art as resulting in an improved system that would allow improved security enhancement to VMs (Sahita, paragraph 38).

As for claim 16, it is the product claim of claim 6 above.  Thus, it is rejected under the same rationales.

As for claim 7, Potlapally also teaches: 
obtaining, at the virtualized computing service via one or more programmatic interfaces, a network address of the first resource verifier, wherein said one or more records are transmitted to the network address (paragraph 31, “...once the cryptographic measurement 309 is obtained, it is provided to a network manager 312…”  While the prior art does not explicitly state the virtualized computing service obtains a network address of the first resource verifier, the prior art teaches the virtualized computing service sends the measurements to a network manager 312, which is external to the host computing device over a network.  The prior art further teaches the network can be implemented using commercially available protocols known to use network addresses to communicate with other entities on the network (paragraph 0052 and 56-0058).  Thus, it would be obvious to a person of ordinary skill in the art before the effective filing date of the application to recognize the TMP that measured and sending the data to the network manager has to have obtained the network address of the network manager because doing so allows fundamental communication and sending of data from one entity to another on a network).

As for claim 10, Potlapally also teaches transmitting, from the virtualized computing service to at least the first resource verifier, prior to implementation of the first phase at the first virtualization host, an example record which indicates that the first phase has been completed (paragraph 28, “the request may specify a particular configuration …has corresponding known and approved measurement values associated therewith…”  Thus, the approved measurement values are clearly known when the request is received, thus obviously prior to implementation of the first phase at the first virtualization host).

As for claim 11, Potlapally also teaches verifying, at the virtualized computing service prior to causing the multi-phase establishment of the isolated run-time environment to be completed, that the host approval indicator is from a pre-registered resource verifier which is included in a set of trusted resource verifiers (paragraph 69, “…the verifier 602 maybe a trusted user (e.g., trusted automated process)…” in view of paragraph 72, “if the credentials are verified…the user maybe considered a trusted user 708…”  Thus, the trusted user/trusted automated process is a form of pre-registered resource verifier because the credential needs to be verified first.).
As for claim 15, Potlapally teaches wherein the security module comprises a trusted platform module (TPM) (paragraph 15, “…cryptographic measurements maybe obtained using a trusted platform module (TPM)…”).

As for claim 19, Potlapally also teaches in response to determining, after the isolated run-time environment has been established, that a triggering condition for initiating an additional host verification operation associated with the isolated run-time environment has been met, cause another host approval indicator to be obtained from a resource verifier (paragraph 48.  “…may…update or patch the various resources…such updates…require new cryptographic measurements to be generated for those resources…generates the new cryptographic measurements…the trusted third party may then attest the new cryptographic measurements…”  update and patch are the triggering conditions for initiating an additional verification operation).

Claim 8, 13 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Potlapally et al. (US PGPUB 2015/0007175), in view of Roth et al. (US PGPUB 2016/0134623).

As for claim 8, Potlapally also teaches wherein the virtualized computing service comprises a set of resources at one or more data centers of a provider network (paragraph 33, “…a service provider …can maintain one or more resource centers 523 (e.g., data centers…).
While Potlapally teaches verification by a Network Manager separate from the provisioning Service 303 and Host Computing Device 304, each component of the environment can be executed on its own physical hardware, and it is not disclosed in the Specification what constitute “premise external to the provider network” (i.e., a different server, across a LAN, across a WAN, unspecified physical distance, etc.).  Thus, the network manager can reasonably be understood as premise external to the provider network.  Nevertheless, in the interest of compact prosecution, Examiner note Potlapally does not explicitly state the network manager’s relative location.
However, Roth teaches the resource verifier comprises a program running at a premise external to the provider network (paragraph 57, “…verifications of the integrity of the secure execution environment may performed by…the computing resource service provider, a third party…”  Thus, it is clear when provided by the third party, it is separate and distinct from the service provider that is understood as the provider network).
It would have been obvious to a person of ordinary skill in the art before the effective filing date of the application to incorporate Roth’s teaching of the resource verifier running at a premise external to the provider network to Potlapally’s teaching of a resource verifier separate and distinct from the provisioning service and the provider host computing devices because they are directed to the same cryptographic measurement based secure execution environment verification by the same assignee, Amazon, and because doing so improves the assurances of the security of data and applications operating within a computing resource provider (Roth, Paragraph 3).

As for claim 20, it contains similar limitations as claim 8 above.  Thus, it is rejected under the same rationales.

As for claim 13, Roth also teaches transmitting, in response to a programmatic request, a representation of a reference implementation of a resource verifier (paragraph 25.  all functionalities related to the secure execution environment can be provided to the customer in the form of library, interface, web service or other access methodology.  Library and web services are understood as a form of representation of a reference implementation.  The functionality includes verification.  See paragraph 23)


Claims 9 is rejected under 35 U.S.C. 103 as being unpatentable over Potlapally  and Sahita, in view of Richards et al. (US PGPUB 2015/0128240).
As for claim 9, Potlapally teaches in the virtualized computing service connected to a plurality of alternative resource verifiers including the first resource verifier and a second resource verifier (Fig. 2 and 3 and paragraphs 28 and 31).
Potlapally and Sahita do not explicitly teach obtaining a sequence in which individual ones are to be contacted in the event that a response from one or more of the alternative resource verifiers is not received within a time interval.
However, Richards teaches a known method of obtaining an indication of a sequence in which a sequence in which individual ones of the alternative resource verifiers are to be contacted by the virtualized computing service in the event that a response from one or more of the alternative resource verifiers to a transmission of a record is not received within a time interval (paragraph 77 in view of paragraph 82, “…pre-selection criteria…certain authenticators are contacted (with the rest as backup)…methodology for selecting and ordering authenticators. And “…the authenticator…only have a certain period of time in which to provide the authenticator’s response…”).  This known technique is applicable to the system of Potlapally and Sahita as they both share characteristics and capabilities, namely, they are directed to security focused authentication utilizing TPM.
One of ordinary skill in the art before the effective filing date of the application would have recognized that applying the known technique of Richards would have yielded predictable results and resulted in an improved system.  It would have been recognized that applying the technique of Richards to the teachings of Potlapally and Sahita would have yielded predictable results because the level of ordinary skill in the art demonstrated by the references applied shows the ability to incorporate such TPM based authentication features into similar systems.  Further, applying a sequence in which individual ones of the alternative resource verifiers are to be contacted in the event of a time out from waiting on response from one or more resource verifiers to Potlapally and Sahita with multiple cryptographic measurement verifiers related to the virtualized computing service accordingly, would have been recognized by those of ordinary skill in the art as resulting in an improved system that would allow improved reliability of the authentication results (Richards, paragraph 77).

Claims 12, 14, and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Potlapally and Sahita, in view of Ferguson et al. (US PGPUB 2016/0357988).

As for claim 12, while Potlapally teaches migration of VM instance in an automated manner (paragraph 25, “...allows for instances to be dynamically moved…”), Potlapally  and Sahita does not explicitly teach obtaining a resource verifier an approval indicator for the second virtualization host before migrating the VM.
However, Ferguson teaches a method of obtaining, at the virtualized computing service from a resource verifier prior to migrating the isolated run-time environment to a second virtualization host, an approval indicator for the second virtualization host (paragraphs 84-85 in view of paragraph 105-106.  A Key request by the migration target is performed before actual migration of VM (paragraphs 84-85).  Request for key includes verification of attestation certificate (paragraphs 105-106).  Thus, the approval indicator for attestation verification happens prior to migrating the VM).
It would have been obvious to a person of ordinary skill in the art before the effective filing date of the application to incorporate Ferguson’s teaching of obtaining an approval indicator for the second virtualization host before migration of VM to Potlapally and Sahita’s teaching of VM migration in a host attestation based secure execution environment because they are directed to cryptographic measurement/host attestation based secure execution environment verification and because doing so improves automation of the workflow to secure virtualized workloads on trusted computing base (Ferguson, paragraph 7).

As for claim 14, Ferguson also teaches prior to completion of the multi-phase establishment, causing one or more artifacts to be decrypted at the first virtualization host using at least a portion of the approval indicator, wherein the one or more artifacts include a machine image (paragraph 38.  Key for decrypting vTPM is distributed as part of state of the host satisfy the policy).

As for claim 17, Ferguson also teaches configuration settings of the isolated run-time environment do not permit input/output (I/O) operations to or from persistent storage (Abstract, and paragraph 233.  lower trust level renders it inaccessible to the component of the VM launched with higher trust level.  I/O port is taught to have associated trust level initially disclosed in Abstract.)

Claims 18 are rejected under 35 U.S.C. 103 as being unpatentable over Potlapally and Sahita, in view of Hoole et al. (US PGPUB 2007/0239987).

As for claim 18, while Potlapally teaches controlling access between the isolated run-time environment and other entities, Potlapally and Sahita does not explicitly teach a configuration settings of the isolated run0time environment do not permit network communication to external end points.
However, Hoole teaches a known method of isolated runtime environment including wherein configuration settings of the isolated run-time environment do not permit network communications between the isolated run-time environment and endpoints external to the isolated execution environment (paragraph 5, restricting undesired communications to those systems from other systems, including external end points, See. Fig. 2 and claim 6). This known technique is applicable to the system of Potlapally and Sahita as they both share characteristics and capabilities, namely, they are directed to security focused VM based application isolation in run-time environments implementations.
One of ordinary skill in the art before the effective filing date of the application would have recognized that applying the known technique of Hoole would have yielded predictable results and resulted in an improved system.  It would have been recognized that applying the technique of Hoole to the teachings of Potlapally and Sahita would have yielded predictable results because the level of ordinary skill in the art demonstrated by the references applied shows the ability to incorporate such run-time environment management features into systems.  Further, applying restricting communications from others to Potlapally and Sahita secure execution environment that restricts access accordingly, would have been recognized by those of ordinary skill in the art as resulting in an improved system that would allow improved capability to prevent any unauthorized communications between VMs which improve the system security and reliability (Hoole, paragraph 6).

Allowable Subject Matter
Claims 1-5 would be allowable if rewritten or amended to overcome the rejection(s) under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), 2nd paragraph, set forth in this Office action.

The following claim 1 drafted by the examiner and considered to distinguish patentably over the art of record in this application, and is presented to applicant for consideration: 
Claim 1 (Currently amended). A system, comprising:
one or more computing devices of a virtualized computing service;
wherein the one or more computing devices include instructions that upon execution on or across one or more processors cause the one or more computing devices to:
obtain an indication, via one or more programmatic interfaces, of (a) an automated resource verifier selected by a client of the virtualized computing service and (b) an encrypted version of a machine image to be used to launch a compute instance containing an isolated run-time environment, wherein the launch includes establishment of the isolated run-time environment comprises a plurality of phases including a preliminary phase and an additional phase;
identify, at a preliminary phase, a candidate virtualization host for launching the compute instance, wherein the candidate virtualization host comprises a hardware security device to generate a plurality of log records during the one or more initialization operations; 
cause one or more log records of the plurality of log records to be transmitted to the automated resource verifier, wherein the one or more log records include a first log record which indicates that the preliminary phase of establishing the isolated run-time environment has been completed by a hypervisor of the candidate virtualization host;
during the additional phase of establishment of the isolated run-time environment
obtain a host approval message from the automated resource verifier, wherein the host approval message includes a first key;
decrypt the encrypted version of the machine image using the first key;
cause the hypervisor to launch the compute instance using the decrypted version of the machine image and a set of resources of the candidate virtualization host, wherein the set of resources includes a first portion of a memory of the candidate virtualization host;
cause the hypervisor to perform the additional phase of establishment of the isolated run-time environment, wherein a subset of the first portion of memory is allocated for exclusive use by the isolated run-time environment in the additional phase, wherein the subset is inaccessible from programs running outside the isolated run-time environment, and wherein network communications with endpoints outside the candidate virtualization host are prohibited from the isolated run-time environment, and; and
perform, at the isolated run-time environment, one or more computations using a security artifact.

Response to Arguments
Applicant’s arguments with respect to claim(s) 6-20 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.
In addition, Applicant's arguments filed 3/15/2022 have been fully considered but they are not persuasive. 
Applicant argues in the remarks that:
Argument I:  “Independent claim 1…applicant’s claim 1 recites ….during one or more initialization operations…paragraph 20 of the written description….comprises a plurality of phases in at least some embodiments, including a preliminary phase (performed for example during initialization or boot operations of a virtualization host and its virtualization management software, prior to the launch of the parent compute instance…” (App. Arg. Pg. 12)
Argument II: “Applicant has amended claim 6 to clarify…for similar reasons as discussed above, with regard to claim 1, Applicant asserted that amended claim 6 is not indefinite…” (App. Arg. Pg. 13).
Examiner respectfully disagrees for the following reasons:
Regarding Arg. I, see paragraph 5 above.  In addition, Examiner note, claim 1 in particular has “…wherein establishment of the isolated run-time environment comprises a plurality of phases….” however, the claim limitation where the wherein clause occurs does not have an establishment step to further limit under the wherein clause.  Importantly, subsequent limitation claims “the additional phase of establishment of the isolated run-time environment…” Strangely, applicant’s argument states in part, “the ‘preliminary phase’ and ‘additional phase’ language may refer to ‘time interval 204 between transmittal of log records of phase -1 operation and receiving host approval,” which essentially argues the phases are the inbetween time where nothing other than transmittal of log records occurs, in which case it is even more unclear what part of the transmittal is preliminary and which is additional.  Moreover, given only some limitations are explicitly associated with a phase (i.e., …cause the hypervisor to perform the additional phase of…”), and the specification does not explicitly state which steps are definitely in which phase, it renders it impossible for a person of ordinary skill in the art to decipher which of the identify…transmit…obtain, decrypt…launch… steps belongs to the preliminary phase or additional phase.  Thus, the claim limitation still contains an indefiniteness issue that needs to be addressed.
Regarding Arg II, see paragraph 5 above and see examiner response to Arg I above.  In addition, and in contrast to claim 1.  No initialization operation is ever performed and no generating is performed prior to the recitation of first phase of a multi-phase establishment claimed.  More confusing, the claim subsequently states “in response to obtaining a host approval indicator from the first resource verifier, causing the multi-phase establishment to be completed at the first virtualization host…” implies the entire multi-phase establishment is in response to obtaining a host approval indicator.  Rendering it entirely unclear how to not only interpret first phase of a multi-phase establishment, but the intended limiting functionality of such a limitation and which limitation is it supposed to limit and be associated with.  As also mentioned in response to Arg. I, applicant’s argument also place further confusion to the meaning of the claimed terms.  Thus, rendering it entirely unclear what phase of a multi-phase establishment of an isolated runtime environment is considered to be the first phase.

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to KEVIN X LU whose telephone number is (571)270-1233.  The examiner can normally be reached on M-F 10am-6pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.  
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lewis Bullock can be reached on 5712723759.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/KEVIN X LU/
Examiner, Art Unit 2199

/LEWIS A BULLOCK  JR/Supervisory Patent Examiner, Art Unit 2199