DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.


Claims 12-15 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter. Claim 12 recites “…A machine-readable storage medium…”. The broadest reasonable interpretation of a claim drawn to a storage medium (also called machine readable medium and other such variations) typically covers forms of non-transitory tangible media and transitory propagating signals per se in view of the ordinary and customary meaning of computer readable media, particularly when the specification is absent an explicit definition or is silent. See MPEP 2111.01. When the broadest reasonable interpretation of a claim covers a signal per se, the claim must be rejected under 35 U.S.C. § 101 as covering non-statutory subject matter. The Examiner suggests amending the claim to include non-transitory computer-readable storage medium.


Claim Rejections - 35 USC § 112
Claims 1-11 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.

Claim 1 recites the limitation "wherein acquiring the measurement comprises…".  There is insufficient antecedent basis for this limitation in the claim. Appropriate correction is required.

Claim 3 recites “…initiating the measurement of the given layer in response to a request to start…”. There is insufficient basis for this limitation in the claim. Appropriate correction is required.

Claims 7, 10, 11 recite “…performing the measurement of the metadata…”. There is insufficient basis for this limitation in the claim. Appropriate correction is required.


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over Bacher et al (Pub. No. US 2020/0250319) in view of Gerebe et al (Pub. No. US 2019/0156023).


As per claim 1, Bacher discloses a method comprising: in a computer system, acquiring a first measurement corresponding to a software container, wherein acquiring the measurement comprises a hardware processor of the computer system measuring a given layer of a plurality of layers of a layered file system structure corresponding to the software container, the given layer comprises a plurality of files, and the first measurement comprises a measurement of the plurality of files (…container engine calls the container runtime environment comprising a hypervisor…hypervisor starts the kernel…in a layer of the software container…providing a first layered software container image and transforming all files…of each layer of the first layered software container image into a volume…the volume may comprise a set of blocks…encrypting each block of the set of blocks of a portion of the layers, storing each encrypted set of the blocks as a layer of an encrypted container image…see par. 82-83). Bacher does not explicitly disclose storing the first measurement in a secure memory of the computer system, wherein a content of the secure memory is used to verify an integrity of the software container. However Gerebe discloses storing the first measurement in a secure memory of the computer system, wherein a content of the secure memory is used to verify an integrity of the software container (…a memory to store a software container image…to launch the security agent based on the request, authenticate the contents of the software container image…see par. 47). Therefore one ordinary skill in the art would have found it obvious before the effective filling date of the claimed invention to use Gerebe in Bacher for including the above limitations because one ordinary skill in the art would recognize it would improve security of the software container by adding a layer that includes the security agent to the software container…see Gerebe, par. 28.


As per claim 2, the combination of Bacher and Gerebe discloses wherein: the first measurement corresponds to an image of the container; and the given layer corresponds to a base layer of the plurality of layers (Bacher: see par. 82).


As per claim 3, the combination of Bacher and Gerebe discloses initiating the measurement of the given layer in response to a request to start an instantiation of the software container (Gerebe: upon receiving a request to instantiate the software container image…see par. 46-47). The motivation for claim 3 is the same motivation as in claim 1 above.


As per claim 4, the combination of Bacher and Gerebe discloses measuring metadata associated with the container to provide a second measurement: and storing the second measurement in the secure memory such that the content includes the first measurement and the second measurement (Bacher: see par. 66).


As per claim 5, the combination of Bacher and Gerebe discloses wherein: the metadata is associated with an image of the container (Bacher: see par. 64).


As per claim 6, the combination of Bacher and Gerebe discloses wherein the metadata comprises data representing at least one of an entry point command corresponding to a request to start an instantiation of the container, a signature corresponding to the image, a certificate corresponding to the image, or a manifest of the image (Gerebe: see par. 46-47). The motivation for claim 6 is the same motivation as in claim 1 above.


As per claim 7, the combination of Bacher and Gerebe discloses performing the measurement of the metadata and the measurement of the given layer in response to a verification request (Bacher: see par. 82-83).


As per claim 8, the combination of Bacher and Gerebe discloses wherein: the metadata is associated with an instantiation of the container (Bacher: see par. 43).


As per claim 9, the combination of Bacher and Gerebe discloses wherein the metadata comprises data representing at least one of an image identifier for a base layer of the plurality of layers, a list of the plurality of layers, an open port number, a mapped volume identifier, an environment variable, a command, an argument, a security option, a network setting, a name space or a privilege (Bacher: see par. 64).


As per claim 10, the combination of Bacher and Gerebe discloses performing the measurement of the metadata during a runtime of the container corresponding to the instantiation of the container; and performing the measurement of the given layer before the instantiation of the container (Bacher: see par. 43-45).


As per claim 11, the combination of Bacher and Gerebe discloses performing the measurement of the metadata in response to a request to start another instantiation of the container (Bacher: see par. 66).


As per claim 12, Bacher discloses a machine-readable storage medium that stores instructions that, when executed by a machine, cause the machine to: in association with a load-time of a container, measure each layer of a plurality of layers of a container image to provide a plurality of first measurements; in association with a run-time of the container, measure an overlay file system to provide a second measurement (…container engine calls the container runtime environment comprising a hypervisor…hypervisor starts the kernel…in a layer of the software container…providing a first layered software container image and transforming all files…of each layer of the first layered software container image into a volume…the volume may comprise a set of blocks…encrypting each block of the set of blocks of a portion of the layers, storing each encrypted set of the blocks as a layer of an encrypted container image…see par. 82-83). Bacher does not explicitly disclose store the plurality of first measurements in a secure memory, wherein a content of the secure memory is used to verify an integrity of the container; store the second measurement in the secure memory such that the content includes the plurality of first measurements and the second measurement. However Gerebe discloses store the plurality of first measurements in a secure memory, wherein a content of the secure memory is used to verify an integrity of the container; store the second measurement in the secure memory such that the content includes the plurality of first measurements and the second measurement (…a memory to store a software container image…to launch the security agent based on the request, authenticate the contents of the software container image…see par. 47). Therefore one ordinary skill in the art would have found it obvious before the effective filling date of the claimed invention to use Gerebe in Bacher for including the above limitations because one ordinary skill in the art would recognize it would improve security of the software container by adding a layer that includes the security agent to the software container…see Gerebe, par. 28.


As per claim 13, the combination of Bacher and Gerebe discloses wherein the instructions, when executed by the machine, further cause the machine to measure a plurality of layers of the overlay file system corresponding to the image and measure a container layer of the overlay file system (Bacher: see par. 70-73, 82-83).


As per claim 14, the combination of Bacher and Gerebe discloses wherein the instructions, when executed by the machine, further cause the machine to measure metadata representing the overlay file system (Bacher: see par. 70-73, 82-83).


As per claim 15, the combination of Bacher and Gerebe discloses wherein the metadata comprises data representing at least one of an image identifier for a base layer of the plurality of layers, a list of the plurality of layers, an open port number, a mapped volume identifier, an environment variable, a command, an argument, a security option, a network setting, a name space or a privilege (Bacher: see par. 64).


As per claim 16, Bacher discloses a system comprising: a hardware security module comprises a secure memory to store content used to verify an integrity of a container; a processor; and a memory to store instructions that, when executed by the processor, cause the processor to: measure each layer of a plurality of layers of a lower directory of an overlay file system corresponding to the container to provide a plurality of first measurements; measure a container layer of an upper directory of the overlay file system to provide a second measurement (…the secure software container includes layers…the lowest layer comprises a file A and the next upper layer comprises a file B…see par. 70-73…providing a first layered software container image and transforming all files…of each layer of the first layered software container image into a volume…the volume may comprise a set of blocks…encrypting each block of the set of blocks of a portion of the layers, storing each encrypted set of the blocks as a layer of an encrypted container image…see par. 82-83). Bacher does not explicitly disclose store the plurality of first measurements and the second measurement in the secure memory. However Gerebe discloses store the plurality of first measurements and the second measurement in the secure memory (…the security server stores the first and second received cryptographic fingerprint in a repository…see par. 43-47). Therefore one ordinary skill in the art would have found it obvious before the effective filling date of the claimed invention to use Gerebe in Bacher for including the above limitations because one ordinary skill in the art would recognize it would improve security of the software container by adding a layer that includes the security agent to the software container…see Gerebe, par. 28.


As per claim 17, the combination of Bacher and Gerebe discloses wherein the instructions, when executed by the processor, further cause the processor to: measure first metadata representing information about the container to provide a third measurement; measure second metadata representing information about an instantiation of the container to provide a fourth measurement (Bacher: see par. 70-73, 82-83); and store the third measurement and the second measurement in the secure memory (Gerebe: see par. 43-47). The motivation for claim 17 is the same motivation as in claim 16 above.


As per claim 18, the combination of Bacher and Gerebe discloses wherein the instructions, when executed by the processor, further cause the processor to: measure the first metadata in response to a command to start the instantiation of the container; and measure the second metadata in response to a predetermined event (Gerebe: see par. 46-48). The motivation for claim 18 is the same motivation as in claim 16 above.


As per claim 19, the combination of Bacher and Gerebe discloses wherein the predetermined event comprises an event initiated at periodic intervals, or an event to start another instantiation of the container (Gerebe: see par. 46-47). The motivation for claim 19 is the same motivation as in claim 16 above.


As per claim 20, the combination of Bacher and Gerebe discloses wherein the instructions, when executed by the processor, further cause the processor to measure a file of an instantiation of the container in response to a file access request to provide a third measurement, and store the third measurement in the secure memory (Gerebe: see par. 43-47). The motivation for claim 20 is the same motivation as in claim 16.





Conclusion

The prior art made of record and not relied upon is considered pertinent to applicant's disclosure (see PTO-form 892).
The following Patents and Papers are cited to further show the state of the art at the time of Applicant’s invention with respect to integrity measurement of software component.


Marquardt et al (Pat. No. US 10055578); “Secure Software Containers”;

-Teaches a user request to create a software container identify a specific application to be executed in the software container…the identity of the application may be stored in the security token…see col.4 lines 8-15.


Any inquiry concerning this communication or earlier communications from the examiner should be directed to GHAZAL B SHEHNI whose telephone number is (571)270-7479. The examiner can normally be reached Mon-Fri 9am-5pm PCT.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Philip Chea can be reached on 5712723951. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/GHAZAL B SHEHNI/Primary Examiner, Art Unit 2499