Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 3 and 10 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
With regard to claims 3 and 10, the instant claims presents “reestablishing the communication channel initiated from the on-premises appliance,” where it is unclear what entity is performing the reestablishing and what is the condition for the reestablishing (the instant claim language appears to require the reestablishing based on the connection status, where this would have the reestablishing performed regardless of the connection status, but instead would somehow otherwise be based on the status).  For purposes of prosecution, the instant claim is being treated in a manner similar to paragraph [0084] of the disclosure, where based on the connection status indicating a loss of connectivity, the reestablishing is performed.


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim(s) 1-20 is/are rejected under 35 U.S.C. 103 as being unpatentable over US 2018/0183762 (Fetvadjiev) in view of “stunnel: Securing the Insecure with SSL and Creating SSL Tunnels,” posted at < https://www.suse.com/c/stunnel-securing-insecure-ssl-and-creating-ssl-tunnels/> on 9/5/2008 (Stunnel).
With regard to claim 1, Fetvadjiev discloses a computer-implemented method for secure hybrid cloud connectivity between an application in a public cloud service and an on-premises service supported by an on-premises appliance, the method comprising: 
launching a public cloud gateway appliance in the public cloud service (Fetvadjiev: Figure 1); and 
establishing, using an outbound port, a communication channel from the on-premises appliance to the public cloud gateway appliance that is secured (Fetvadjiev: Figure 1 and Paragraphs [0024], [0027], and [0033].  The connection through the network between the gateways 124 and 184 (on-premises appliance and public cloud gateway appliance, respectively) can be made using a tunnel, where one of ordinary skill in the art would have recognized that a tunnel would provide a secure connection between the two devices.).
Fetvadjiev fails to disclose expressly, but Stunnel teaches:
that the public cloud gateway appliance configured with security information associated with the on-premises appliance (Stunnel: Page 2, create the certificate, “The certificate/key section.”  As shown in Stunnel, it was known to have one side listening on a port, with the other side using a certificate on the port.  Which device performs the listening and the providing of a certificate (which device is a client) constitutes a design choice, where in this case, the choice would be to have the public cloud appliance using the certificate (security information) while the on-premises appliance would be set as the client (listener);
that the channel is secured based on the security information associated with the on-premises appliance and the contact information associated with the public cloud gateway appliance (Stunnel: Page 2, Create the certificate.  The certificate is used, where a tunnel would be established based on the identity of the two endpoints (to determine the ends of the tunnel) and the certificate.).
Accordingly, it would have been obvious to one of ordinary skill in the art at the time of filing to provide a certificate or other security information to the cloud gateway and to establish the tunnel using this information and identity information of the cloud gateway to ensure that the tunnel is appropriately secure, such that any endpoint that establishes a connection can be established to be trusted (Stunnel: Pages 1-2, “Introduction to SSL security.”).
Fetvadjiev fails to teach, but Official Notice is taken that it would have been well-known in the art at the time of filing to provide the on-premises appliance with contact information associated with the public cloud gateway appliance (more specifically, the providing of information to a system that is being connected to (such as the client of Stunnel) of system(s) to accept connections from was well-known in the art).  Accordingly, it would have been obvious to one of ordinary skill in the art at the time of filing to configure the on-premises appliance with contact information (e.g. an address) associated with the public cloud server to ensure that the on-premises appliance only accepts communications from acceptable partners, such that communications from entities that are not defined in the client would be dropped immediately, thus avoiding different types of attacks and only further evaluating packets from trusted communication partners.


With regard to claim 2, Fetvadjiev in view of Stunnel teaches receiving an API command from the application in the public cloud service at the on-premises service over the communication channel. wherein the API command comprises a command to manage one or more virtual computing devices (Fetvadjiev: Paragraphs [0028] and [0033]).

With regard to claim 3, Fetvadjiev fails to teach, but Official Notice is taken that it would have been well-known in the art at the time of filing to monitor a connection status of the communication channel, and reestablish the communication channel initiated from the on-premises appliance to the public cloud gateway appliance based on the connection status (more specifically, the monitoring of connections, such as from a client-side (Stunnel: Page 2, create the certificate, “The certificate/key section.”), and reestablishing the connection based on a connection status (such as reconnecting if a connection fails) was well-known in the art.).  Accordingly, it would have been obvious to one of ordinary skill in the art at the time of filing to monitor a connection status and reestablish the channel from the on-premises appliance to the public cloud gateway appliance to provide an automatic means to correct temporary disconnections, such that the reconnection would not need to be manually performed.  Further, it is noted that the endpoint of the connection performing the monitoring and the reconnection would constitute a design choice.

With regard to claim 4, Fetvadjiev in view of Stunnel teaches wherein the public cloud gateway appliance, after being launched in the public cloud service, enters into a listening mode to await a connection request without initiating an outbound connection to the on-premises appliance (Stunnel: Page 2, create the certificate, “The certificate/key section.”).

With regard to claim 5, Fetvadjiev in view of Stunnel teaches the security information associated with the on-premises appliance comprises a security certificate for the on-premises appliance (Page 2, create the certificate, “The certificate/key section.”).

With regard to claim 6, Fetvadjiev in view of Stunnel, as applied in claim 1, above, teaches wherein the contact information associated with the public cloud gateway appliance comprises security information for authenticating the public cloud gateway appliance (as addressed in claim 1 above, the contact information is being addressed as being, for example, an address, where such would constitute “security information” in as much detail as required by the instant claim, as it serves to ensure that a communication partner is using a trusted (secure) address.).

With regard to claim 7, Fetvadjiev in view of Stunnel teaches that the security information associated with the on-premises appliance comprises information necessary to authenticate the on-premises appliance (Stunnel: Page 2, create the certificate, “The certificate/key section.”  The certificate is used, and thus is necessary, for authenticating the endpoints.).

With regard to claims 8-20, the instant claims are similar to claims 1-7, and are thus rejected for similar reasons.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SCOTT B CHRISTENSEN whose telephone number is (571)270-1144. The examiner can normally be reached Monday through Friday, 6AM to 2PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, John Follansbee can be reached on (571) 272-3964. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

SCOTT B. CHRISTENSEN
Examiner
Art Unit 2444



/SCOTT B CHRISTENSEN/Primary Examiner, Art Unit 2444