DETAILED ACTION
This Office Action is in response to the amendment filed 05/18/2022.  
In the instant amendment, claims 1-10 were amended; claims 11-20 are cancelled; claims 21-30 are new; claims 1, 22 and 27 are independent claims; Claims 1-10 and 21-30 are pending in this application. THIS ACTION IS MADE FINAL. 

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Arguments
Applicant’s arguments in regard to “wherein a given level of the plurality of levels in the hierarchy is associated with a level of access to one or more of the shared infrastructure services,” with respect to claim(s) 1, 22 and 27 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.
Applicant’s arguments in the instant Amendment, filed 05/18/2022 with respect to the limitations below, have been fully considered but they are not persuasive. 
Applicant argues on pages 10-12, that Factor fails to explicitly disclose or suggest “a nested tenancy model that permits a hierarchy having a plurality of levels.” 
The Examiner disagrees with the applicant. Factor discloses handling a client request in a hierarchical multi-tenant data storage system, the method comprising processing a request in subtasks, wherein a subtask is executed with a minimal set of privileges associated with a specific subtenant; extracting a claimed n-level hierarchy of a tenant and sub-tenant identities from the request; extracting authentication signatures or credentials that correspond to a level in the hierarchy; for a first level in the hierarchy, sending the request to a dedicated subtenant authenticator with privilege to validate credentials for a subtenant at the first level; and receiving a confirmation from the dedicated subtenant authenticator, whether the request is authentic, (See Factor, [0008]-[0010]). 
Applicant argues on page 12, the cited prior art fails to explicitly disclose or suggest “a cloud product or service product. The specification defines a cloud product to be software that is accessible to its tenants and is useable to perform functions for such tenants and a service product is a software that is operable to access, change, and/or manage data on behalf of cloud products and/or tenants of cloud products.” 
The Examiner disagrees with the applicants. The Examiner respectfully submits that Factor discloses a cloud product that is software that is accessible to its tenants and is useable to perform functions for such tenants (see Factor, [0058], [0084], FIG 6C). Factor discloses a service product which is software that is operable to access, change, and/or manage data on behalf of cloud products and/or tenants of cloud products (see (see Factor, [0058], [0084], FIG 6C).
Therefore, in view of the above reasons the Examiner maintains the rejection with the prior art references. 
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-3, 5-9, 11-12, 15, 17-22 and 24-30 are rejected under 35 U.S.C. 103 as being unpatentable over Factor et al (“Factor,” US 20140330869 as disclosed in the IDS filed 01/18/2021) in view of Gillum et al (“Gilum,” US 20140007178). 

Regarding claim 1, Factor discloses a method, comprising:
implementing, by a computer system, a platform for providing data protection scopes to shared infrastructure services according to a nested tenancy model that permits a hierarchy having a plurality of levels, (Factor, FIG’s 2, 3A, 4A, as described by paragraphs [0026]-[0044], describes implementing, by a computer system a multi-level multi-tenant storage system with a security gateway platform for providing data protection scopes to shared infrastructure services according to a nested tenancy model that permits a hierarchy having a plurality of levels)
receiving, by the computer system, a first request to provision, for a particular shared infrastructure service, a first data protection scope for a cloud product having a first set of tenants; (Factor, FIG’s 2, 3A, 4A, as described by paragraphs [0026]-[0044], describes receiving, by the computer system, a first request to provision for a certain shared infrastructure service a first data protection scope as defined as a limited set of privileges for that level in a tenant hierarchy for a resource on the cloud [cloud product] having a first set of tenants)
in response to the first request, provisioning the first data protection scope for the cloud product; (Factor, FIG’s 2, 3A, 4A, as described by paragraphs [0026]-[0044], describes in response to the first request, provisioning the first data protection scope as defined as a limited set of privileges for said level for the cloud service [product] at n-levels)
receiving, by the computer system, a second request to provision, for the particular shared infrastructure service, a second data protection scope for a service product; and (Factor, FIG’s 2, 3A, 4A, as described by paragraphs [0026]-[0044] discloses receiving, by the computer system, a second request to provision for the particular shared infrastructure service, a second data protection scope for a service product as defined as another set of limited privileges for another level in the tenant hierarchy of an n-level hierarchy). 
in response to the second request, provisioning the second data protection scope for the service product (Factor, FIG’s, 2, 3A, 4A as described by paragraphs [0026]-[0044] describes in response to the second request, provisioning the second data protection scope as defined as a limited set of privileges for the service product at n-level of the tenant hierarchy). 
Factor fails to explicitly disclose at a top-most level of the hierarchy; wherein a given level, of the plurality of levels in the hierarchy, is associated with a level of access to one or more of the shared infrastructure services; wherein the top-most level of the hierarchy is associated with a particular level of access to the particular shared infrastructure service.  
However, in an analogous art, Gillum discloses at a top-most level of the hierarchy; (Gillum, [0016], [0026], [0036], FIG 1 shows a root level [top most] as shown in item 110 of the hierarchy in FIG 1; [0024] describe security permissions associated with each logical scope)
wherein a given level, of the plurality of levels in the hierarchy, is associated with a level of access to one or more of the shared infrastructure services; (Gillum, [0004] & [0011]-[0019] describe access paradigms as levels of access to a cloud service; [0024] describe security permissions associated with each logical scope)
wherein the top-most level of the hierarchy is associated with a particular level of access to the particular shared infrastructure service; (Gillum, [0016], [0026], [0036], FIG 1 shows a root level [top most] as shown in item 110 of the hierarchy in FIG 1; [0004] & [0011]-[0021] describe access paradigms as levels of access to a cloud service; [0024] describe security permissions associated with each logical scope)
Therefore, it would have been obvious to one of ordinary skill in the art before the
effective filing date of the claimed invention to combine the teachings of Gillum with the method and system of Factor to include at a top-most level of the hierarchy; wherein a given level, of the plurality of levels in the hierarchy, is associated with a level of access to one or more of the shared infrastructure services; wherein the top-most level of the hierarchy is associated with a particular level of access to the particular shared infrastructure service;. One would have been motivated to manage hosted resources using logical scopes (Gillum, [0004]). 

Regarding claim 2, Factor and Gillum disclose the method of claim 1. 
Factor further discloses further comprising:
provisioning, by the computer system, a third data protection scope for a particular one of the first set of tenants, wherein the second data protection scope is provisioned at a next level of the hierarchy; (Factor, [0035]-[0044] describes provisioning, by the computer for the shared infrastructure service, an n-level data protection scope for the storage resources (e.g. storage media, communication bandwidth, processing power etc) [service product] in the context of a second particular cloud resource by a negotiated terms of service; [0043] in particular discloses in a multi-level multi-tenant storage system, the security gateway 310 may be implemented to parse the incoming requests and verify the requests' validity by way of dedicated tenant authentication processes, having a limited set of privileges for a level in the tenant hierarchy. An identifier may be provided that corresponds to the relevant tenant and has the permissions to perform authentication for an identified level so that the spawned process performs the authentication at the corresponding level. At tenant level, the security gateway 310 may extract the corresponding authentication data and pass the data to authenticator 320 spawned for that level; [0008], [0030], [0035]-[0037], [0042] describes sub-tenants).
wherein the third data protection scope is provisioned subordinately to the first data protection scope in the hierarchy, (Factor, [0035]-[0044] describes provisioning, by the computer for the shared infrastructure service, an n-level data protection scope for the storage resources (e.g. storage media, communication bandwidth, processing power etc) [service product] in the context of a second particular cloud resource by a negotiated terms of service; [0043] in particular discloses in a multi-level multi-tenant storage system, the security gateway 310 may be implemented to parse the incoming requests and verify the requests' validity by way of dedicated tenant authentication processes, having a limited set of privileges for a level in the tenant hierarchy. An identifier may be provided that corresponds to the relevant tenant and has the permissions to perform authentication for an identified level so that the spawned process performs the authentication at the corresponding level. At tenant level, the security gateway 310 may extract the corresponding authentication data and pass the data to authenticator 320 spawned for that level; [0008], [0030], [0035]-[0037], [0042] describes sub-tenants).

Regarding claim 5, Factor and Gillum disclose the method of claim 1.
Factor further discloses further comprising:
provisioning, by the computer system, a fourth data protection scope for a particular cloud product accessing the particular shared infrastructure service in the context of the service product; (Factor, [0035]-[0044] describes provisioning, by the computer for the shared infrastructure service, an n-level data protection scope for the storage resources (e.g. storage media, communication bandwidth, processing power etc) [service product] in the context of a second particular cloud resource by a negotiated terms of service; [0043] in particular discloses in a multi-level multi-tenant storage system, the security gateway 310 may be implemented to parse the incoming requests and verify the requests' validity by way of dedicated tenant authentication processes, having a limited set of privileges for a level in the tenant hierarchy. An identifier may be provided that corresponds to the relevant tenant and has the permissions to perform authentication for an identified level so that the spawned process performs the authentication at the corresponding level. At tenant level, the security gateway 310 may extract the corresponding authentication data and pass the data to authenticator 320 spawned for that level; [0008], [0030], [0035]-[0037], [0042] describes sub-tenants).
wherein the fourth data protection scope is provisioned subordinately to the second data protection scope in the hierarchy, (Factor, [0035]-[0044] describes provisioning, by the computer for the shared infrastructure service, an n-level data protection scope for the storage resources (e.g. storage media, communication bandwidth, processing power etc) [service product] in the context of a second particular cloud resource by a negotiated terms of service; [0043] in particular discloses in a multi-level multi-tenant storage system, the security gateway 310 may be implemented to parse the incoming requests and verify the requests' validity by way of dedicated tenant authentication processes, having a limited set of privileges for a level in the tenant hierarchy. An identifier may be provided that corresponds to the relevant tenant and has the permissions to perform authentication for an identified level so that the spawned process performs the authentication at the corresponding level. At tenant level, the security gateway 310 may extract the corresponding authentication data and pass the data to authenticator 320 spawned for that level; [0008], [0030], [0035]-[0037], [0042] describes sub-tenants).

Regarding claim 6, Factor and Gillum disclose the method of claim 5. 
Factor further discloses further comprising:
provisioning, by the computer system, a fifth data protection scope for a particular tenant of the particular cloud product accessing the particular shared infrastructure service in the context of the service product; (Factor, [0035]-[0044] describes provisioning, by the computer for the shared infrastructure service, an n-level data protection scope for the storage resources (e.g. storage media, communication bandwidth, processing power etc) [service product] in the context of a second particular cloud resource by a negotiated terms of service; [0043] in particular discloses in a multi-level multi-tenant storage system, the security gateway 310 may be implemented to parse the incoming requests and verify the requests' validity by way of dedicated tenant authentication processes, having a limited set of privileges for a level in the tenant hierarchy. An identifier may be provided that corresponds to the relevant tenant and has the permissions to perform authentication for an identified level so that the spawned process performs the authentication at the corresponding level. At tenant level, the security gateway 310 may extract the corresponding authentication data and pass the data to authenticator 320 spawned for that level; [0008], [0030], [0035]-[0037], [0042] describes sub-tenants).
wherein the fifth data protection scope is provisioned subordinately to the fourth data protection scope in the hierarchy, (Factor, [0035]-[0044] describes provisioning, by the computer for the shared infrastructure service, an n-level data protection scope for the storage resources (e.g. storage media, communication bandwidth, processing power etc) [service product] in the context of a second particular cloud resource by a negotiated terms of service; [0043] in particular discloses in a multi-level multi-tenant storage system, the security gateway 310 may be implemented to parse the incoming requests and verify the requests' validity by way of dedicated tenant authentication processes, having a limited set of privileges for a level in the tenant hierarchy. An identifier may be provided that corresponds to the relevant tenant and has the permissions to perform authentication for an identified level so that the spawned process performs the authentication at the corresponding level. At tenant level, the security gateway 310 may extract the corresponding authentication data and pass the data to authenticator 320 spawned for that level; [0008], [0030], [0035]-[0037], [0042] describes sub-tenants)..

Regarding claim 7, Factor and Gillum disclose the method of claim 1. 
Factor further discloses further comprising:
provisioning, by the computer system, a single-tenant data protection scope at the top-most level of the hierarchy; (Factor, [0029]-[0030], describes provisioning, by the computer system, a single-tenant data protection scope)
wherein there are no data protection scopes provisioned subordinately to the single-tenant data protection scope, (Factor, [0029]-[0030], describes wherein there are no data protection scopes provisioned by sub-tenants to the single-tenant data protection scope)

Regarding claim 8, Factor and Gillum disclose the method of claim 1.
Factor further discloses further comprising:
receiving, by the computer system, an access request from a remote computer system to access information associated with a particular data protection scope at a particular level of the hierarchy; (Factor, [0053], discloses a request for accessing resources at the first server system; [0043] describes to access information association with a particular data protection scope at a particular level of the hierarchy). 
wherein the access request is received via a URL that indicates the particular data protection scope, (Factor, [0036] describes receiving an access request via a URL that indicates the particular data protection scope)

Regarding claim 9, Factor and Gillum disclose the method of claim 1. 
Factor further discloses further comprising:
receiving, by the computer system, an access request from a remote computer system to access information associated with a particular data protection scope at a particular level of the hierarchy; (Factor, [0035]-[0044] describes provisioning, by the computer for the shared infrastructure service, an n-level data protection scope for the storage resources (e.g. storage media, communication bandwidth, processing power etc) [service product] in the context of a second particular cloud resource by a negotiated terms of service; [0043] in particular discloses in a multi-level multi-tenant storage system, the security gateway 310 may be implemented to parse the incoming requests and verify the requests' validity by way of dedicated tenant authentication processes, having a limited set of privileges for a level in the tenant hierarchy. An identifier may be provided that corresponds to the relevant tenant and has the permissions to perform authentication for an identified level so that the spawned process performs the authentication at the corresponding level. At tenant level, the security gateway 310 may extract the corresponding authentication data and pass the data to authenticator 320 spawned for that level).
wherein the access request includes an indicator of whether the particular data protection scope is authorized to submit the request. (Factor, [0035]-[0044] describes provisioning, by the computer for the shared infrastructure service, an n-level data protection scope for the storage resources (e.g. storage media, communication bandwidth, processing power etc) [service product] in the context of a second particular cloud resource by a negotiated terms of service; [0043] in particular discloses in a multi-level multi-tenant storage system, the security gateway 310 may be implemented to parse the incoming requests and verify the requests' validity by way of dedicated tenant authentication processes, having a limited set of privileges for a level in the tenant hierarchy. An identifier may be provided that corresponds to the relevant tenant and has the permissions to perform authentication for an identified level so that the spawned process performs the authentication at the corresponding level. At tenant level, the security gateway 310 may extract the corresponding authentication data and pass the data to authenticator 320 spawned for that level; [0046] describes the gatekeeper may be implemented to limit access to tenant data or parameters stored on shared storage by verifying that the request submitted by request processor is associated with a tenant that is authorized to access the target data. To accomplish this, the gatekeeper verifies that the process ID of the request processor that submitted the request is associated with (e.g. matches) the proper tenant ID associated with the requested data).

Regarding claim 21, Factor discloses a non-transitory, computer-readable storage medium storing program instructions that are capable of being executed by a computer system to perform operations comprising:
implementing a platform for providing data protection scopes to shared infrastructure services according to a nested tenancy model that permits a hierarchy having a plurality of levels, (Factor, FIG's 2, 3A, 4A, as described by paragraphs [0026]-[0044], describes implementing, by a computer system a multi-level multi-tenant storage system with a security gateway platform for providing data protection scopes to shared infrastructure services according to a nested tenancy model that permits a hierarchy having a plurality of levels)
receiving a first request to provision, for a particular shared infrastructure service, a first data protection scope for a cloud product having a first set of tenants; (Factor, FIG's 2, 3A, 4A, as described by paragraphs [0026]-[0044], describes receiving, by the computer system, a first request to provision for a certain shared infrastructure service a first data protection scope as defined as a limited set of privileges for that level in a tenant hierarchy for a resource on the cloud [cloud product] having a first set of tenants)
in response to the first request, provisioning the first data protection scope for the cloud product (Factor, FIG's 2, 3A, 4A, as described by paragraphs [0026]-[0044], describes in response to the first request, provisioning the first data protection scope as defined as a limited set of privileges for said level for the cloud service [product] at n levels)
receiving a second request to provision, for the particular shared infrastructure service, a second data protection scope for a service product; (Factor, FIG's 2, 3A, 4A, as described by paragraphs [0026]-[0044] discloses receiving, by the computer system, a second request to provision for the particular shared infrastructure service, a second data protection scope for a service product as defined as another set of limited privileges for another level in the tenant hierarchy of an n-level hierarchy).
and in response to the second request, provisioning the second data protection scope for the service product (Factor, FIG's, 2, 3A, 4A as described by paragraphs [0026]-[0044] describes in response to the second request, provisioning the second data protection scope as defined as a limited set of privileges for the service object at n-level of the tenant hierarchy).
Factor fails to explicitly disclose at the top-most level of the hierarchy; wherein a given level, of the plurality of levels in the hierarchy, is associated with a level of access to one or more of the shared infrastructure services; at a top-most level of the hierarchy, wherein the top-most level of the hierarchy is associated with a particular level of access to the particular shared infrastructure service. 
However, in an analogous art, Gillum discloses at the top-most level of the hierarchy; (Gillum, [0016], [0026], [0036], FIG 1 shows a root level [top most] as shown in item 110 of the hierarchy in FIG 1; [0024] describe security permissions associated with each logical scope)
wherein a given level, of the plurality of levels in the hierarchy, is associated with a level of access to one or more of the shared infrastructure services; (Gillum, [0004] & [0011]-[0019] describe access paradigms as levels of access to a cloud service; [0024] describe security permissions associated with each logical scope)
at a top-most level of the hierarchy, wherein the top-most level of the hierarchy is associated with a particular level of access to the particular shared infrastructure service, (Gillum, [0016], [0026], [0036], FIG 1 shows a root level [top most] as shown in item 110 of the hierarchy in FIG 1; [0004] & [0011]-[0021] describe access paradigms as levels of access to a cloud service; [0024] describe security permissions associated with each logical scope)
Therefore, it would have been obvious to one of ordinary skill in the art before the
effective filing date of the claimed invention to combine the teachings of Gillum with the method and system of Factor to include at a top-most level of the hierarchy; wherein a given level, of the plurality of levels in the hierarchy, is associated with a level of access to one or more of the shared infrastructure services; wherein the top-most level of the hierarchy is associated with a particular level of access to the particular shared infrastructure service;. One would have been motivated to manage hosted resources using logical scopes (Gillum, [0004]). 

Regarding claim 22, Factor and Gillum disclose the non-transitory, computer-readable medium of claim 21. 
Factor further discloses wherein the operations further comprise:
wherein the third data protection scope is provisioned subordinately to the first data protection scope in the hierarchy, (Factor, [0035]-[0044], [0042] describe wherein the operations further comprise: wherein the third data protection scope is provisioned subordinately to the first data protection scope in the hierarchy)
provisioning a third data protection scope for a particular one of the first set of tenants, wherein the second data protection scope is provisioned at a next level of the hierarchy; (Factor, [0035]-[0044], [0042] describe provisioning a third data protection scope for a particular one of the first set of tenants, wherein the second data protection scope is provisioned at a next level of the hierarchy)

Regarding claim 24, Factor and Gillum disclose the non-transitory, computer-readable medium of claim 22. 
Factor further discloses wherein provisioning the third data protection scope includes storing an indicator of a trust relationship between the particular one of the first set of tenants and the cloud product, (Factor, [0035]-[0044], describe wherein provisioning the third data protection scope includes storing an indicator of a trust relationship between the particular one of the first set of tenants and the cloud product)
Regarding claim 25, Factor and Gillum disclose the non-transitory, computer-readable medium of claim 21. 
wherein the operations further comprise: provisioning a fourth data protection scope for a particular cloud product accessing the particular shared infrastructure service in the context of the service product, (Factor, [0035]-[0044] describe wherein the operations further comprise: provisioning a fourth data protection scope for a particular cloud product accessing the particular shared infrastructure service in the context of the service product)
wherein the fourth data protection scope is provisioned subordinately to the second data protection scope in the hierarchy, (Factor, [0035]-[0044] describe wherein the fourth data protection scope is provisioned subordinately to the second data protection scope in the hierarchy)

Regarding claim 26, Factor and Gillum disclose the non-transitory, computer-readable medium of claim 25. 
Factor further discloses wherein the operations
further comprise:
provisioning a fifth data protection scope for a particular tenant of the particular cloud product accessing the particular shared infrastructure service in the context of the service product, (Factor, [0035]-[0044], [0042] describes provisioning a fifth data protection scope for a particular tenant of the particular cloud product accessing the particular shared infrastructure service in the context of the service product)
wherein the fifth data protection scope is provisioned subordinately to the fourth data protection scope in the hierarchy, (Factor, [0035]-[0044], [0042] describes wherein the fifth data protection scope is provisioned subordinately to the fourth data protection scope in the hierarchy)

Regarding claim 27, Factor discloses a method, comprising:
implementing, by a computer system, a platform for providing data protection scopes to shared infrastructure services according to a nested tenancy model that permits a hierarchy having a plurality of levels, (Factor, Figures 2, 3A, 4A; [0026]-[0044] describes implementing, by a computer system, a platform for providing data protection scopes to shared infrastructure services according to a nested tenancy model that permits a hierarchy having a plurality of levels)
wherein the shared infrastructure services include a particular shared infrastructure service that is accessible to a plurality of tenants of the computer system based on the nested tenancy model; (Factor, Figures 2, 3A, 4A; [0026]-[0044] describes wherein the shared infrastructure services include a particular shared infrastructure service that is accessible to a plurality of tenants of the computer system based on the nested tenancy model)
receiving, by the computer system, a first request to provision, for the particular shared infrastructure service, a first data protection scope for a first cloud product having a first set of tenants, (Factor, Figures 2, 3A, 4A; [0026]-[0044] describes receiving, by the computer system, a first request to provision, for the particular shared infrastructure service, a first data protection scope for a first cloud product having a first set of tenants)
wherein the first cloud product is accessible to the first set of tenants and usable to perform functions for the first set of tenants via the computer system; (Factor, Figures 2, 3A, 4A; [0026]-[0044] describes wherein the first cloud product is accessible to the first set of tenants and usable to perform functions for the first set of tenants via the computer system)
in response to the first request, provisioning the first data protection scope for the first cloud product; (Factor, Figures 2, 3A, 4A; [0026]-[0044] describes in response to the first request, provisioning the first data protection scope for the first cloud product at a top-most level of the hierarchy)
receiving, by the computer system, a second request to provision, for the particular shared infrastructure service, a second data protection scope for a service product, (Factor, Figures 2, 3A, 4A; [0026]-[0044] describes receiving, by the computer system, a second request to provision, for the particular shared infrastructure service, a second data protection scope for a service product)
wherein the service product is operable to access data, via the computer system, for one or more cloud products; (Factor, Figures 2, 3A, 4A; [0026]-[0044] describes wherein the service product is operable to access data, via the computer system, for one or more cloud products) and
in response to the second request, provisioning the second data protection scope for the service product, (Factor, Figures 2, 3A, 4A; [0026]-[0044] describes in response to the second request, provisioning the second data protection scope for the service product at the top-most level of the hierarchy)
Factor fails to explicitly disclose at the top-most level of the hierarchy.
However, in an analogous art, Gillum discloses at the top-most level of the hierarchy, (Gillum, [0016], [0026], [0036], FIG 1 shows a root level [top most] as shown in item 110 of the hierarchy in FIG 1; [0024] describe security permissions associated with each logical scope where the scope is the root level [top-most])	
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Gillum with the
method and system of Factor to include a top-most level of a hierarchy. One would have been motivated to manage hosted resources using logical scopes (Gillum, [0004]). 

Regarding claim 28, Factor and Gillum disclose the method of claim 27. 
Factor further discloses further comprising:
provisioning, by the computer system, a single-tenant data protection scope at the top-most level of the hierarchy; (Factor, [0029]-[0030] describes further comprising:
provisioning, by the computer system, a single-tenant data protection scope at the top-most level of the hierarchy)
wherein there are no data protection scopes provisioned subordinately to the single-tenant data protection scope, (Factor, [0029]-[0030] describe wherein there are no data protection scopes provisioned by sub-tenants to the single-tenant data protection scope)

Regarding claim 29, Factor and Gillum disclose the method of claim 27. 
Factor further discloses further comprising: 
receiving, by the computer system, an access request from a remote computer system to access information associated with a particular data protection scope at a particular level of the hierarchy, (Factor, [0053], [0043] describe further comprising: 
receiving, by the computer system, an access request from a remote computer system to access information associated with a particular data protection scope at a particular level of the hierarchy)
wherein the access request is received via a URL that indicates the particular data protection scope, (Factor, [0036] describes wherein the access request is received via a URL that indicates the particular data protection scope)

Regarding claim 30, Factor and Gillum disclose the method of claim 27. 
Factor discloses further comprising:
receiving, by the computer system, an access request from a remote computer system to access information associated with a particular data protection scope at a particular level of the hierarchy, (Factor, [0035]-[0044] describe further comprising:
receiving, by the computer system, an access request from a remote computer system to access information associated with a particular data protection scope at a particular level of the hierarchy)
wherein the access request includes an indicator of whether the particular data protection scope is authorized to submit the access request, (Factor, [0035]-[0044], describes wherein the access request includes an indicator of whether the particular data protection scope is authorized to submit the access request)

Claims 3 and 23 are rejected under 35 U.S.C. 103 as being unpatentable over Factor et al (“Factor,” US 20140330869 as disclosed in the IDS filed 01/18/2021) in view of Gillum et al (“Gillum,” US 20140007178) in view of Li et al (“Li,” “A Refined RBAC Model for Cloud Computing,” 2012 IEEE/ACIS 11th International Conference on Computer and Information Science,” Pages 43-48 as disclosed in the IDS filed 01/18/2021)

Regarding claim 3, Factor and Gillum disclose the method of claim 2. 
Factor and Gillum fail to explicitly disclose wherein provisioning the first data protection scope includes generating a cloud product identifier for the cloud product; and wherein provisioning the third data protection scope includes generating a cloud product tenant identifier for the particular one of the first set of tenants, wherein the cloud product tenant identifier includes the cloud product identifier. 
However, in an analogous art, Li discloses wherein provisioning the first data protection scope includes generating a cloud product identifier for the cloud product; and (Li, FIG 3 shows protected objects in Amazon EC2 with an ID of type string which is a product identifier for the cloud product)
wherein provisioning the third data protection scope includes generating a cloud product tenant identifier for the particular one of the first set of tenants, wherein the cloud product tenant identifier includes the cloud product identifier, (Li, Page 45, Left Column, Second Paragraph:  protection mechanism based on the role-based access (RBAC) control model,  Page 44, Section II: Security Risks for cloud providers, Page 46, Right Column, Under Roles: the entire structure of roles finally form a hierarchy, Page 46, Section IV. Using RBAC in the Cloud, Right Column, when more roles are designed, they can be organized into hierarchies to facilitate their management, page 46, Right Column; Access to Data and Services, Section IV, Subsections Protected Objects and Sessions; Figures 1-4 describe a cloud product tenant identifier in a multi-tenant environment with a tenant identifier).
Therefore, it would have been obvious to one of ordinary skill in the art before the
effective filing date of the claimed invention to combine the teachings of Li with the method and system of Factor and Gillum to include wherein provisioning the first data protection scope includes generating a cloud product identifier for the cloud product, wherein provisioning the third data protection scope includes generating a cloud product tenant identifier for the particular one of the first set of tenants, wherein the cloud product tenant identifier includes the cloud product identifier. One would have been motivated to provide a protection mechanism based on the Role Based Access Control (RBAC) model for cloud services (Li, Page 43, Last Paragraph, Right Column). 

Regarding claim 23, Factor and Gillum disclose the non-transitory, computer-readable medium of claim 22. 
Factor and Gillum fail to explicitly disclose wherein provisioning the first data protection scope includes generating a cloud product identifier for the cloud product; wherein provisioning the third data protection scope includes generating a cloud product tenant identifier for the particular one of the first set of tenants, wherein the cloud product tenant identifier includes the cloud product identifier. 
However, in an analogous art, Li discloses wherein provisioning the first data protection scope includes generating a cloud product identifier for the cloud product; (Li, FIG 3 describes wherein provisioning the first data protection scope includes generating a cloud product identifier for the cloud product) and
wherein provisioning the third data protection scope includes generating a cloud product tenant identifier for the particular one of the first set of tenants, wherein the cloud product tenant identifier includes the cloud product identifier (Li, Page 45, Left
Column, Second Paragraph: protection mechanism based on the role-based access
(RBAC) control model, Page 44, Section II: Security Risks for cloud providers, Page 46,
Right Column, Under Roles: the entire structure of roles finally form a hierarchy, Page
46, Section IV. Using RBAC in the Cloud, Right Column, when more roles are designed,
they can be organized into hierarchies to facilitate their management, page 46, Right
Column; Access to Data and Services, Section IV, Subsections Protected Objects and
Sessions; Figures 1-4 describe a cloud product tenant identifier in a multi-tenant
environment with a tenant identifier).
Therefore, it would have been obvious to one of ordinary skill in the art before the
effective filing date of the claimed invention to combine the teachings of Li with the
method and system of Factor and Gillum to include wherein provisioning the first data protection scope includes generating a cloud product identifier for the cloud product; and wherein provisioning the third data protection scope includes generating a cloud product tenant identifier for the particular one of the first set of tenants, wherein the cloud product tenant identifier includes the cloud product identifier. One would have been motivated to provide a protection mechanism based on the Role Based Access Control (RBAC) model for cloud services (Li, Page 43, Last Paragraph, Right Column)

Claim 4 is rejected under 35 U.S.C. 103 as being unpatentable over Factor et al (“Factor,” US 20140330869 as disclosed in the IDS filed 01/18/2021) in view of Gillum et al (“Gillum,” US 20140007178) and further in view of Guigli et al (“Guigli,” US 9813303). 

Regarding claim 4, Factor and Gillum disclose the method of claim 2. 
Factor further discloses wherein provisioning the third data protection scope (Factor, [0035]-[0044] describes provisioning, by the computer for the shared infrastructure service, an n-level data protection scope for the storage resources (e.g. storage media, communication bandwidth, processing power etc) [service product] in the context of a second particular cloud resource by a negotiated terms of service). 
Factor and Gillum fail to explicitly disclose includes storing an indicator of a trust relationship between the particular one of the first set of tenants and the cloud product, 
However, in an analogous art, Guigli discloses includes storing an indicator of a trust relationship between the particular one of the first set of tenants and the cloud product, (Guigli, Col. 4, Lines 34-37; Col. 5, Lines 1-35 describes storing an indicator of a trust relationship between the particular one of the first set of tenants and the cloud service; FIG 6 and associated text describes indicating a trust relationship by using a trust registration service)
Therefore, it would have been obvious to one of ordinary skill in the art before the
effective filing date of the claimed invention to combine the teachings of Guigli with the method and system of Factor and Gillum to include wherein provisioning the third data protection scope includes storing an indicator of a trust relationship between the particular one of the first set of tenants and the cloud product. One would have been motivated to enable tenants deploying virtual machines on a cloud service provider’s platform can retain control of their cloud network topology and Kerberos realm, while still securely accessing services from computer resources joined to the cloud service provider’s realm or domain (Guigli, Col. 1, Lines 7-13).   

Claims 10 is rejected under 35 U.S.C. 103 as being unpatentable over Factor et al (“Factor,” US 20140330869 as disclosed in the IDS filed 01/18/2021) in view of Gillum et al (“Gillum,” US 20140007178) and further in view of Weissman et al (“Weissman,” US 6212524). 

Regarding claim 10, Factor and Gillum disclose the method of claim 1. 
Factor and Gillum fail to explicitly disclose wherein the particular shared infrastructure service includes a shared template service operable to: provide one or more selectable database templates that define data types supported for a non-relational database accessible to an application; service a request from the application to manipulate a particular data type defined by a selected database template; in response to the request from the application, identify a set of data manipulation language (DML) instructions based on the selected database template; and issue the identified set of DML instructions to the nonrelational database.
However, in an analogous art, Weismann discloses wherein the particular shared infrastructure service includes a shared template service operable to: provide one or more selectable database templates that define data types supported for a non-relational database accessible to an application; (Weismann, Col. 10, Lines 24-42, FIG 2, element 210; Col. 3, Lines 16-19 and Col. 9. Lines 51-55, describe a consultant using an enterprise manager that defines from where the data in the schema is to be derived and how the data is to be put and selected in a datamart to associate each piece of data with a semantic meaning. Semantic definitions are templates which are selected for converting staging tables data according to predefined semantics. A semantic template defines how a particular type of data is populated into the datamart. Source systems from which the data for the datamart is pulled include non-relational databases or object databases). 
service a request from the application to manipulate a particular data type defined by a selected database template; in response to the request from the application, identify a set of data manipulation language (DML) instructions based on the selected database template; (Weismann, Col. 11, Lines 1-30; FIG 2, element 204 describes wherein the extraction process 204 loads from source systems into datamart according to SQL statements and semantic definitions that are used to generate and populate the dataset). 
and issue the identified set of DML instructions to the nonrelational database, (Weismann, Col. 11, Lines 11-17; FIG 2 elements 260-270, SQL statements issued to source system and results loaded into staging tables). 
Therefore, it would have been obvious to one of ordinary skill in the art before the
effective filing date of the claimed invention to combine the teachings of Weismann with the method and system of Factor and Gillum to include wherein the particular shared infrastructure service includes a shared template service operable to: provide one or more selectable database templates that define data types supported for a non-relational database accessible to an application; service a request from the application to manipulate a particular data type defined by a selected database template; in response to the request from the application, identify a set of data manipulation language (DML) instructions based on the selected database template; and issue the identified set of DML instructions to the nonrelational database. One would have been motivated to create databases, loading and accessing data in the databases that were created (Weissman, Col. 1, Lines 45-48).  








Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JAMES J WILCOX whose telephone number is (571)270-3774. The examiner can normally be reached M-F: 8 A.M. to 5 P.M..
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu T. Pham can be reached on (571)270-5002. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/JAMES J WILCOX/Examiner, Art Unit 2439                                                                                                                                                                                                        


/LUU T PHAM/Supervisory Patent Examiner, Art Unit 2439