DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This Office Action is in response to the Amendment filed on 05/312022.
In the instant Amendment, claims 1, 11, 16 and 20 have been amended.
Claims 1, 11 and 20 are independent claims. 
Claims 1-20 have been examined and are pending. 
This Action is made FINAL.


Response to Arguments
The Terminal Disclaimer filed on 05/31/2022 and approved by OPLC. Double Patenting is withdrawn. 
	Applicant’s arguments, see Applicant Arguments/Remarks Made in an Amendment, filed 05/31/2022 with respect to the rejections of claims 1-20 have been fully considered but are not persuasive.
As to independent claims 1, 11 and 20, Applicants stated in arguments that the combination of Martineau fails to teach or suggest “the introspection security policy specifies at least one of a portion of the trusted execution environment (TEE) that is exposed to the introspection module.” (Applicant Arguments/Remarks, 05/31/2022, page 9).
The Examiner disagrees with the Applicants. The Examiner respectfully that Martineau does discloses the cited limitations. For example, Martineau discloses the introspection security policy specifies at least one of a portion of the TEE that is exposed to the introspection module (Martineau: par 0039; introspection administrative script includes rules or conditions written by a systems administrator or software developer in introspection system application; par 0021; the conditions are defined in the introspection system application to expose the state of program operations of one or more software components operating within an operating system; par 0023; runtime environment can be divided into multiple partitions within computing device).
As to independent claims 1, 11 and 20, Applicants stated in arguments that the combination of Martineau and Lukacs fails to teach or suggest “generate an introspection result for the workload." (Applicant Arguments/Remarks, 05/31/2022, page 11).
The Examiner disagrees with the Applicants. The Examiner respectfully that the Martineau does discloses the cited limitations. For example, Martineau discloses generate an introspection result for the workload (Martineau: par 0044; the information gathered and stored by introspection analyzer include, for example, trace data, diagnostic memory dumps, run reports, results of execution of all exposed internal values, and the like […] introspection analyzer automatically triggers a memory dump request; par 0048; introspection analyzer queries the exposed state of operation […] at decision […] if the conditions are satisfied by the state of program operations of software components of monitored system application, introspection system application generate a memory dump).
As to independent claims 1, 11 and 20, Applicants stated in arguments that the combination of Martineau and Lukacs fails to teach or suggest “the introspection result is one of a passing result or a failing result." (Applicant Arguments/Remarks, 05/31/2022, page 11).
The Examiner disagrees with the Applicants. The Examiner respectfully that the Martineau does discloses the cited limitations. For example, Martineau discloses the introspection result is one of a passing result or a failing result (Martineau: par 0044; introspection analyzer automatically triggers a memory dump request; par 0048; introspection analyzer queries the exposed state of operation […] at decision […] if the conditions are satisfied by the state of program operations of software components of monitored system application, introspection system application generate a memory dump).
Applicant further clarify the claimed invention by exchanged the AND condition to OR condition. Therefore, to map the claim teaching, examiner only need to modify one condition. The examiner will adjust the Claim Rejections from 35 USC § 103 into 35 USC § 102.
The Examiner respectfully suggests that the claims be further amended and details in the specification be incorporated to distinguish the claimed invention over prior art of record.  Should the Applicant desire an interview to further clarify the claim interpretation/rejections, please contact the Examiner at (313) 446-6644 to schedule an interview.
Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claims 1, 10-11 and 20 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Martineau et al. (“Martineau,” US 20140068341, published on 03/06/2014)	

Regarding Claim 1;
Martineau discloses a system comprising: 
a memory; a processor in communication with the memory (Martineau: fig. 4); 
a supervisor (Martineau: par 0029; Hypervisor performs standard operating system functions [according Claim 10: supervisor is a hypervisor]); and 
a trusted execution environment (TEE) (Martineau: par 0021; fig. 2; one or more program instructions within computing device of virtual computing environment), wherein the TEE includes an introspection module, the TEE configured to (Martineau: par 0037; one operating system executing within virtual computing environment include multiple introspection system application; par 0038; introspection system application includes introspection administrative script, introspection analyzer, introspection memory dump module and introspection debug information generator): 
execute the introspection module on a workload according to an introspection security policy (Martineau: par 0039; introspection administrative script includes rules or conditions written by a systems administrator or software developer in introspection system application, describing a plurality of conditions [i.e. security policy] under which a memory dump should be triggered by introspection system application based on whether the conditions are satisfied during execution of monitored system application), and 
generate an introspection result for the workload (Martineau: par 0044; the information gathered and stored by introspection analyzer include, for example, trace data, diagnostic memory dumps, run reports, results of execution of all exposed internal values, and the like […] introspection analyzer automatically triggers a memory dump request; par 0048; if the conditions are satisfied […] introspection system application generate a memory dump),
wherein the introspection security policy specifies at least one of a portion of the TEE that is exposed to the introspection module or at least one of an accelerator or a device the introspection module has access to (Martineau: par 0039; introspection administrative script includes rules or conditions [i.e. security policy] written by a systems administrator or software developer in introspection system application; par 0021; the conditions are defined in the introspection system application to expose the state of program operations of one or more software components operating within an operating system; par 0023; runtime environment can be divided into multiple partitions within computing device), and
the introspection module is configured to validate the workload, wherein the introspection result is one of a passing result or a failing result (Martineau: par 0044;fig. 3;  introspection analyzer automatically triggers a memory dump request; par 0048; introspection analyzer queries the exposed state of operation […] at decision […] if the conditions are satisfied by the state of program operations of software components of monitored system application, introspection system application generate a memory dump).

Regarding Claim 10; 
Martineau discloses the system of Claim 1, wherein the supervisor is a hypervisor (Martineau: par 0029; fig. 1; Hypervisor performs standard operating system functions).

Regarding Claim 11; 

Martineau discloses a method comprising: 
provisioning a trusted execution environment (TEE) with a workload (Martineau: par 0021; fig. 2; one or more program instructions within computing device of virtual computing environment; par 0027; a clustered computer systems operating within virtual computing environment to manage application program introspection of one or more software program components that are executed in software system application), 
wherein the TEE includes an introspection module (Martineau: par 0037; one operating system executing within virtual computing environment include multiple introspection system application; par 0038; introspection system application includes introspection administrative script, introspection analyzer, introspection memory dump module and introspection debug information generator); 
executing the introspection module on the workload according to an introspection security policy (Martineau: par 0039; introspection administrative script includes rules or conditions written by a systems administrator or software developer in introspection system application, describing a plurality of conditions [i.e. security policy] under which a memory dump should be triggered by introspection system application based on whether the conditions are satisfied during execution of monitored system application), 
wherein the introspection security policy specifies at least one of a portion of the TEE that is exposed to the introspection module or at least one of an accelerator or a device the introspection module has access to (Martineau: par 0039; introspection administrative script includes rules or conditions [i.e. security policy] written by a systems administrator or software developer in introspection system application; par 0021; the conditions are defined in the introspection system application to expose the state of program operations of one or more software components operating within an operating system; par 0023; runtime environment can be divided into multiple partitions within computing device);
generating an introspection result for the workload (Martineau: par 0044; the information gathered and stored by introspection analyzer include, for example, trace data, diagnostic memory dumps, run reports, results of execution of all exposed internal values, and the like […] introspection analyzer automatically triggers a memory dump request; par 0048; if the conditions are satisfied […] introspection system application generate a memory dump),
wherein the introspection result is one of a passing result and a failing result (Martineau: par 0044;fig. 3;  introspection analyzer automatically triggers a memory dump request; par 0048; introspection analyzer queries the exposed state of operation […] at decision […] if the conditions are satisfied by the state of program operations of software components of monitored system application, introspection system application generate a memory dump).

	
Regarding Claim 20; 
This Claim recites a non-transitory machine-readable medium that perform the same steps as method of Claim 11, and has limitations that are similar to Claim 11, thus are rejected with the same rationale applied against claim 11.  



Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 2-4, 6, 9, 12-14 and 17-18 are rejected under 35 U.S.C. 103 as being patentable Martineau et al. (US 20140068341) in view of Lukacs et al. (“Lukacs,” US 9596261, published on 03/14/2017)
Regarding Claim 2
Martineau discloses the system of Claim 1,
Martineau discloses all the limitations as recited above, but do not explicitly disclose wherein the failing result indicates that the workload is a compromised workload.
However, in an analogous art, Lukacs discloses introspection notifications system/method that includes:
 wherein the failing result indicates that the workload is a compromised workload (Lukacs: Col 18, lines 13-25; fig. 11; determine whether the occurrence of the respective type of trigger event within the monitored guest VM is indicative of a security threat […] when the current trigger event indicates a threat, CSM take security measures against the respective guest process/guest VM).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Lukacs with the method/system of Martineau to include wherein the failing result indicates that the workload is a compromised workload. One would have been motivated to enable a computer security module to protect a set of guest virtual machines against computer security threats (Lukacs: abstract).

Regarding Claim 3;
The combination of Martineau and Lukacs disclose the system of Claim 2,
Lukacs discloses wherein the compromised workload attempts to perform at least one memory access that matches a predetermined malicious pattern (Lukacs: Col 18, lines 16-20; determination made according to computer security heuristics, and may include corroborating the current event with other facts, e.g., a history of previous introspection notifications received from the same guest process and/or the same guest VM; col 18, lines 59-65; Heuristics manager is configured to use the information received from filters to determine whether the monitored guest VM is subject to a computer security threat).
  One would have been motivated to enable a computer security module to protect a set of guest virtual machines against computer security threats (Lukacs: abstract).

Regarding Claim 4;
The combination of Martineau and Lukacs disclose the system of Claim 3,
Lukacs discloses wherein the introspection module includes an instruction to compare the at least one memory access to the predetermined malicious pattern (Lukacs: Col 13, lines 32-38; introspection notification control register include a field configured to store a memory address of the respective data structure. Software such as CSM or hypervisor may thus selectively activate individual trigger events by writing to the section of memory indicated by the trigger map pointer; Col 18, lines 16-20; determination made according to computer security heuristics, and may include corroborating the current event with other facts, e.g., a history of previous introspection notifications received from the same guest process and/or the same guest VM; col 18, lines 59-65; Heuristics manager is configured to use the information received from filters to determine whether the monitored guest VM is subject to a computer security threat).
 One would have been motivated to enable a computer security module to protect a set of guest virtual machines against computer security threats (Lukacs: abstract).

Regarding Claim 6; 
Martineau discloses the system of Claim 1,
Martineau discloses all the limitations as recited above, but do not explicitly disclose wherein the portion of the TEE that is exposed to the introspection module includes an address of the TEE that the introspection module has access to.
However, in an analogous art, Lukacs discloses introspection notifications system/method that includes:
wherein the portion of the TEE that is exposed to the introspection module includes an address of the TEE that the introspection module has access to (Lukacs: Col 2, lines 39-48; the computer security program is configured to determine whether an occurrence of a trigger event within a virtual machine exposed on the host system is indicative of a computer security threat. The hardware processor comprises a first register and a second register, wherein the hardware processor is configured to perform memory address translations according to a content of the first register and to deliver introspection notifications according to a content of the second register; Col 8, lines 4-11; introspection comprises gathering information about software executing within a virtual machine. Examples of introspection include, among others, determining whether software executing within the respective VM performs certain actions, such as executing certain processor instructions, accessing certain hardware resources, using certain services of the OS, accessing certain memory locations, etc.).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Lukacs with the method/system of Martineau to include wherein the portion of the TEE that is exposed to the introspection module includes an address of the TEE that the introspection module has access to. One would have been motivated to enable a computer security module to protect a set of guest virtual machines against computer security threats (Lukacs: abstract).

Regarding Claim 9; 
Martineau discloses the system of Claim 1,
Martineau disclose wherein the introspection module is configured to process the introspection result and generate an introspection report (Martineau: par 0044; the information gathered and stored by introspection analyzer include, for example, trace data, diagnostic memory dumps, run reports, results of execution of all exposed internal values, and the like […] introspection analyzer automatically triggers a memory dump request by transmitting introspection report to introspection memory dump module; par 0048; if the conditions are satisfied […] introspection system application generate a memory dump), and wherein the introspection module is configured to send the introspection report to a host (Martineau: par 0044; transmitting introspection report to introspection memory dump module).
Martineau discloses all the limitations as recited above, but do not explicitly disclose wherein the host is a cloud service provider.
However, in an analogous art, Lukacs discloses introspection notifications system/method that includes:
wherein the host is a cloud service provider (Lukacs: Col 6, lines 49-51; using a hypervisor to manage multiple virtual machines is common in applications such as cloud computing and server consolidation).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Lukacs with the method/system of Martineau to include wherein the host is a cloud service provider. One would have been motivated to enable a computer security module to protect a set of guest virtual machines against computer security threats (Lukacs: abstract).

Regarding Claim 12;
This Claim recites a method that perform the same steps as system of Claim 2, and has limitations that are similar to Claim 2, thus are rejected with the same rationale applied against claim 2.  




	Regarding Claim 13;
This Claim recites a method that perform the same steps as system of Claim 3, and has limitations that are similar to Claim 3, thus are rejected with the same rationale applied against claim 3.  

Regarding Claim 14;
This Claim recites a method that perform the same steps as system of Claim 6, and has limitations that are similar to Claim 6, thus are rejected with the same rationale applied against claim 6.  

Regarding Claim 17; 
This Claim recites a method that perform the same steps as system of Claim 9, and has limitations that are similar to Claim 9, thus are rejected with the same rationale applied against claim 9.  

Regarding Claim 18; 
Martineau discloses the method of Claim 17,
Martineau discloses all the limitations as recited above, but do not explicitly disclose wherein the host is a cloud service provider, and wherein the host sends an instruction to the TEE based on the report.
However, in an analogous art, Lukacs discloses introspection notifications system/method that includes:
wherein the host is a cloud service provider (Lukacs: Col 6, lines 49-51; using a hypervisor to manage multiple virtual machines is common in applications such as cloud computing and server consolidation), and wherein the host sends an instruction to the TEE based on the report (Lukacs: Col 18, lines 23-27; when the current trigger event indicates a threat, CSM take security measures against the respective guest process/guest VM. Such measures include blocking or quarantining the respective process)
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Lukacs with the method/system of Martineau to include wherein the host is a cloud service provider, and wherein the host sends an instruction to the TEE based on the report. One would have been motivated to enable a computer security module to protect a set of guest virtual machines against computer security threats (Lukacs: abstract).
 
Claim 5 is rejected under 35 U.S.C. 103 as being patentable over Martineau et al. (US 20140068341) in view of Natanzon et al. (“Natanzon,” US 20200250144, published on 08/06/2020)

Regarding Claim 5; 
Martineau discloses the system of Claim 1, 
Martineau disclose all the limitations as recited above, but do not explicitly disclose wherein the TEE is an encrypted virtual machine.
However, in an analogous art, Natanzon discloses storage system/method that includes:
wherein the TEE is an encrypted virtual machine (Natanzon: par 0133; IO requests from a virtual machine comprising non-deduplicatable data, e.g., an encrypted virtual machine)
 	       Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Natanzon with the method/system of Martineau to include wherein the TEE is an encrypted virtual machine. One would have been motivated to utilize a content-based mapping generated based on a content of the target data to identify a corresponding physical address for storing the target data (Natanzon: abstract).

Claims 7 and 15 are rejected under 35 U.S.C. 103 as being patentable over Martineau et al. (US 20140068341) in view of Sonnek et al. (Sonnek,” US 20140096131, published on 04/03/2014)

Regarding Claim 7; 
Martineau discloses the system of Claim 1, 
Martineau discloses wherein the portion of the TEE is a first portion of memory associated with the TEE (Martineau: par 0023; runtime environment can be divided into multiple partitions within computing device. In this case, each logical partition operates like an independent operating system executing its own operating environment (i.e., virtual machine) to manage application program introspection of one or more software program components that are executed in computing device).
Martineau discloses all the limitations as recited above, but do not explicitly disclose wherein the introspection security policy is configured to restrict access to a second portion of memory associated with the TEE.  
However, in an analogous art, Sonnek discloses virtual machine services system/method that includes:
wherein the introspection security policy is configured to restrict access to a second portion of memory associated with the TEE (Sonnek: par 0024; fig. 1; an authentication mechanism can be used to uniquely identify each of the codepacks and an associated security policy; par 0033; security policy can be modified to grant a codepack greater access and/or to restrict the access assigned to the codepack; par 0045; VM states obtained from physical memory pages and/or a number of virtual storage devices; par 0034; a codepack has configurations that deny access such that the device is unknown if a codepack does not have configurations regarding the particular device). 
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Sonnek with the method/system of Martineau to include wherein the introspection security policy is configured to restrict access to a second portion of memory associated with the TEE. One would have been motivated to allow the number of service modules to communicate with each other, a computing device, and a manager. A number of embodiments can also include a virtual machine monitor to enforce an isolation policy within the system (Sonnek: abstract).

Regarding Claim 15; 
Martineau discloses the method of Claim 11,
Martineau discloses wherein the portion of the TEE is a first portion of memory associated with the TEE (Martineau: par 0023; runtime environment can be divided into multiple partitions within computing device. In this case, each logical partition operates like an independent operating system executing its own operating environment (i.e., virtual machine) to manage application program introspection of one or more software program components that are executed in computing device).
Martineau discloses all the limitations as recited above, but do not explicitly disclose the method comprising granting read access to the first portion of memory and restricting access to a second portion of memory associated with the TEE.
  However, in an analogous art, Sonnek discloses virtual machine services system/method that includes:
the method comprising granting read access to the first portion of memory and restricting access to a second portion of memory associated with the TEE (Sonnek: par 0021; the manager can include a privileged VM that manages the operations of the number of codepacks; par 0024; fig. 1; an authentication mechanism can be used to uniquely identify each of the codepacks and an associated security policy; par 0033; security policy can be modified to grant a codepack greater access and/or to restrict the access assigned to the codepack; par 0045; VM states obtained from physical memory pages and/or a number of virtual storage devices; par 0026; a virtual machine monitor can grant a first codepack a number of privileges that can allow the first codepack access to a virtual storage device; par 0034; a codepack has configurations that deny access such that the device is unknown if a codepack does not have configurations regarding the particular device). 
 Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Sonnek with the method/system of Martineau to include the method comprising granting read access to the first portion of memory and restricting access to a second portion of memory associated with the TEE. One would have been motivated to allow the number of service modules to communicate with each other, a computing device, and a manager. A number of embodiments can also include a virtual machine monitor to enforce an isolation policy within the system (Sonnek: abstract).

Claim 8 is rejected under 35 U.S.C. 103 as being patentable over Martineau et al. (US 20140068341) in view of Lukacs et al. (US 9596261) and further in view of Straub et al. (“Straub,” US 20200371903, filed on 11/18/2019)

Regarding Claim 8; 
Martineau discloses the system of Claim 1,
Martineau discloses all the limitations as recited above, but do not explicitly disclose wherein the accelerator is one of a cryptographic accelerator configured to perform cryptographic operations; wherein the device is one of a memory device and a graphics processing unit. 
However, in an analogous art, Lukacs discloses introspection notifications system/method that includes:
wherein the accelerator is one of a cryptographic accelerator configured to perform cryptographic operations (Lukacs: Col 3, lines 64-66; computer security module executing at the level of the hypervisor and protecting the set of virtual machines against computer security threats; Col 8, lines 4-11; introspection comprises gathering information about software executing within a virtual machine. Examples of introspection include, among others, determining whether software executing within the respective VM performs certain actions, such as executing certain processor instructions, accessing certain hardware resources, using certain services of the OS, accessing certain memory locations, etc.); wherein the device is one of a memory device and a graphics processing unit (Lukacs: Col 6, lines 9-12; Memory unit comprise volatile computer-readable media storing data/signals accessed or generated by processor in the course of carrying out instructions; Col 6, lines 18-20; output devices include display devices such as monitors and speakers, among others, as well as hardware interfaces/adapters such as graphic cards).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Lukacs with the method/system of Martineau to include wherein the accelerator is one of a cryptographic accelerator configured to perform cryptographic operations; wherein the device is one of a memory device and a graphics processing unit. One would have been motivated to enable a computer security module to protect a set of guest virtual machines against computer security threats (Lukacs: abstract).
The combination of Martineau and Lukacs disclose all the limitations as recited above, but do not explicitly disclose a network accelerator configured to increase a speed of information flow between the introspection module and a host.
However, in an analogous art, Straub discloses tests while running an application system/method that includes:
a network accelerator configured to increase a speed of information flow between the introspection module and a host (Straub: par 0063; introspection may allow software testing system to suggest to users to increase or decrease the number of tests, increase or decrease the number of software process flows, modify individual nodes or software process flows, or otherwise adapt software testing of an application to meet or adapt to a variety of different testing criteria, external system variations, end user requests, system variations). 
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Straub with the method/system of Martineau and Lukacs to include a network accelerator configured to increase a speed of information flow between the introspection module and a host. One would have been motivated to adapt testing, either pre or post production, to allow, user interactions of one or more running software applications to be used to provide feedback on which additional tests to add and/or subtract automatically to testing sequences (Straub: abstract).

Claim 16 is rejected under 35 U.S.C. 103 as being patentable over Martineau et al. (US 20140068341) in view of Cornwell et al. (“Cornwell,” US 7,869,277, published on 01/11/2011)

Regarding Claim 16; 
Martineau discloses the method of Claim 11,
Martineau discloses all the limitations as recited above, but do not explicitly disclose wherein the first portion of memory includes dynamically loaded information, and wherein the second portion of the memory includes at least one of confidential information or unchanged static information.  
However, in an analogous art, Cornwell discloses managing data system/method that includes:
wherein the first portion of memory includes dynamically loaded information, and wherein the second portion of the memory includes at least one of confidential information or unchanged static information (Cornwel: Col 1, lines 44-48; fig. 3; a block of the first memory may include data. At least a portion of data in the block of the first memory may be written to the second memory. A portion of data written to the second memory may include data to be unchanged by the received data to the block).  
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Cornwell with the method/system of Martineau to include wherein the first portion of memory includes dynamically loaded information, and wherein the second portion of the memory includes at least one of confidential information or unchanged static information. One would have been motivated to processes may use a first memory, a second memory, and a memory controller. The second memory is at least as large as a block of the first memory (Cornwel: abstract).
  
Claim 19 is rejected under 35 U.S.C. 103 as being patentable over Martineau et al. (US 20140068341) in view of Lukacs et al. (US 9596261) and further in view of Williams et al. (“Williams,” US 20140047315, published on 02/13/2014)

Regarding Claim 19; 
In combination of Martineau and Lukacs disclose the method of Claim 17, 
Martineau discloses wherein the introspection security policy further specifies a guideline for the introspection module (Martineau par 0039; introspection administrative script includes rules or conditions written by a systems administrator or software developer in introspection system application describing a plurality of conditions);
the introspection module sends the introspection result (Martineau: par 0048; fig. 3; introspection system application indicates whether the one or more conditions are satisfied by the state of program operations of software components of monitored system application. If the conditions are satisfied by the state of program operations of software components of monitored system application, introspection system application generate a memory dump).
Martineau in combination with Lukacs disclose wherein the introspection security policy further specifies a guideline for the introspection module; the introspection module sends the introspection result as recited above, but do not explicitly disclose a reporting guideline; sends the result directly to the host through an application programming interface (API) according to the reporting guideline.  
However, in an analogous art, Williams discloses managing data system/method that includes:
a reporting guideline (Williams: par 0069; a report containing the rule's message); sends the result directly to the host through an application programming interface (API) according to the reporting guideline (Williams: par 00337; using a network API (Application Programming Interface), allowing other software and websites to send a block of text to be analyzed, and receive analysis results). 
 		Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Williams with the method/system of Martineau in combination with Lukacs to include a reporting guideline; sends the result directly to the host through an application programming interface (API) according to the reporting guideline.  
 One would have been motivated to consist of a pattern and a message. A group of rules is applied to a block of text to generate a report that binds messages with sites in the text where the corresponding rule patterns matched (Williams: abstract).



Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to CHAO WANG whose telephone number is (313)446-6644.  The examiner can normally be reached on Monday-Friday 7:30-4:30PM EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu Pham  can be reached on (571)270-5002. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


/C.W./Examiner, Art Unit 2439   


/JAHANGIR KABIR/Primary Examiner, Art Unit 2439