DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


Claim(s) 1-8, 10, 12, and 13 is/are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Iancu et al. in US Patent Application Publication № 2019/0342390, hereinafter called Iancu.
In regard to claim 1, Iancu teaches a system for managing a distributed database across multiple cloud provider systems, the system comprising: at least one processor operatively connected to a memory (paragraph 0140); 
and a provisioning component, executed by the at least one processor, configured to accept user specification of configuration for the distributed database across multiple cloud provider systems (“In other words, the user/customer using UI layer 710 specifies the intent of the orchestration, with the modules in API layer 720 then performing various underlying tasks associated with the intent without requiring the user/customer to either specify or be aware of the underlying tasks.” Paragraph 0132; note that multiple cloud providers are contemplated, this is taught in at least paragraph 0056, “In step 210, orchestration server 150 maintains a node-map data reflecting the corresponding nodes currently provisioned for multiple data services” and paragraph 0079, “FIG. 3B depicts the manner in which distributed databases (example data services) are hosted in multiple cloud infrastructures in one embodiment. […] However, the features of the present disclosure can be implemented for universes spanning multiple availability zones and/or regions and/or cloud infrastructures” Pargraph 0079), wherein the provisioning component is further configured to: 
configure the distributed database across multiple cloud provider systems based on the user specification at least in part by: 
configuring a replica set (“Distributed database 300 automatically shards, replicates and load-balances these database tables across the nodes in the universe, while respecting user-intent such as cross-AZ or region placement requirements, desired replication factor, and so on. Distributed database 300 automatically handles failures ( e.g., node, availability zone or region failures), and re-distributes and re-replicates data back to desired levels across the remaining available nodes while still respecting any data placement requirements” paragraph 0072) including electable nodes (i.e. read-write nodes) and read-only nodes (“The read replica is a cluster of nodes that maintains a read-only copy of the data in an asynchronous manner from the nodes in the primary cluster (shown in FIG. 3A).” paragraph 0090) across multiple cloud provider systems (“In step 210, orchestration server 150 maintains a node-map data reflecting the corresponding nodes currently provisioned for multiple data services.” Paragraph 0058).
In regard to claims 12 and 13, they are substantially similar to claim 1, and accordingly are rejected under similar reasoning.

In regard to claim 2, Iancu further teaches that the electable nodes are deployed across one or more geographical regions associated with one or more cloud provider systems (“Specifically, four data services labeled D1, D2, D3 and D4 are shown in FIG. 3B with the corresponding nodes (shown as squares) distributed among three availability zones Z1, Z2 and Z3 within geographical regions R1 and R2 in cloud infrastructure C1.” Paragraph 0080) and the read-only nodes are deployed across one or more geographic regions associated with the one or more cloud provider systems (“It may be appreciated that the user/customer may select (in display area 480) a combination of providers and/or regions for the read replica different from that selected (in display area 440) for the primary cluster.” Paragraph 0091).
In regard to claim 3, Iancu further teaches that configuring a replica set across multiple cloud provider systems comprises: 
deploying at least one electable node at a first cloud provider system; and deploying at least one read-only node at a second cloud provider system different from the first cloud provider system (“It may be appreciated that the user/customer may select (in display area 480) a combination of providers and/or regions for the read replica different from that selected (in display area 440) for the primary cluster.” Paragraph 0091, wherein “In response to the user/customer selecting button 490 in FIG. 4C, orchestration server 150 then performs one or more underlying tasks for creating the customer specified universe/distributed database” paragraph 0092).

In regard to claim 4, Iancu further teaches that configuring a replica set across multiple cloud provider systems further comprises: deploying a first electable node at the first cloud provider system; and deploying a second electable node at a third cloud provider system different from the first cloud provider system (i.e. at different providers, “It may be appreciated that the user/customer may select any desired number and/or combination of desired providers and/or regions and/or nodes in the interface of display area 440.” Paragraph 0087, wherein such selections are implemented as described in paragraph 0092).

In regard to claim 5, Iancu further teaches that configuring a replica set across multiple cloud provider systems comprises: configuring the replica set across a first set of cloud provider systems (i.e. at different providers, “It may be appreciated that the user/customer may select any desired number and/or combination of desired providers and/or regions and/or nodes in the interface of display area 440.” Paragraph 0087, wherein such selections are implemented as described in paragraph 0092); and reconfiguring the replica set across a second set of cloud provider systems different from the first set (“Such an architecture providing a level
of indirection allows for changes to provisioned nodes for each data service without forcing changes to the higher level applications/consumer systems that send the access requests.” Paragraph 0063, “Such an architecture providing a level of indirection that allows for changes to provisioned nodes for each distributed database without forcing changes to the consumer systems/higher level applications is highly desirable in data services (such as distributed databases), where the elasticity, mobility and ease of reconfiguration provides the customers a great deal of potential flexibility, whether it is scaling their universes up or down, migrating to a new set of instances with more resources, shifting workloads across regions or zones, or spanning across multiple clouds.” Paragraph 0115).

In regard to claim 6, Iancu further teaches that configuring a replica set across multiple cloud provider systems comprises: managing networking rules that enable (i.e. by facilitating) communication and/or data transfer between the multiple cloud provider systems (i.e. node-map, “In step 210, orchestration server 150 maintains a node-map data reflecting the corresponding nodes currently provisioned for multiple data services. In one embodiment, the node-map data is in the form of a mapping between user understandable identifiers of data services to corresponding sets of IP addresses of the collection of nodes (universe) provisioned for the data services in cloud infrastructures 110 and 120.” Paragraph 0056; “Thus, orchestration server 150 operates as a name server that translates user friendly identifiers to IP addresses needed for locating and accessing data services with the underlying network protocols. A consumer system is accordingly relieved of the burden of tracking the details (e.g. IP addresses) of the nodes forming the universe hosting a specific data service. Such an architecture providing a level of indirection allows for changes to provisioned nodes for each data service without forcing changes to the higher level applications/consumer systems that send the access requests.” Paragraph 0063).

In regard to claim 7, Iancu further teaches that configuring a replica set across multiple cloud provider systems comprises: managing communication and/or data transfer between the multiple cloud provider systems using IP access lists.

In regard to claim 8, Iancu further teaches that managing communication and/or data transfer between the multiple cloud provider systems using IP access lists comprises: monitoring updates or changes to a master IP access list (i.e. node-map); and propagating the updates or changes to at least one IP access list associated with at least one of the multiple cloud provider systems (“According to one more aspect of the present disclosure, each node (in cloud infrastructures) is identified by a corresponding IP (Internet Protocol) address in the nodemap data maintained by a name server. The node-map data is propagated is propagated to an external DNS (Domain Name System) server such that consumer systems can thereafter access the IP addresses of nodes providing each data service by interfacing with the external DNS server.” Paragraph 0034; note that “In the following description, the term "consumer system" is used to refer to any system (such as nodes of cloud infrastructures 110/120 or end user systems 160) executing higher level applications designed to consume/access the basic data provided by data services provisioned in cloud infrastructures.” Paragraph 0050).

In regard to claim 10, Iancu further teaches that: a communication link between a first cloud provider system and a second cloud provider system of the multiple cloud provider systems (i.e. network, as shown in element 130 of figure 1).


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim(s) 9 is/are rejected under 35 U.S.C. 103 as being unpatentable over Iancu as applied to claim 6 above, and further in view of Madden in US Patent Application Publication № 2018/0359323, hereinafter called Madden.
In regard to claim 9, Iancu teaches the system of claim 6, as above. However, he fails to teach that the networking rules include at least one rule that prevents peering connections between the multiple cloud provider systems.
Madden teaches that the networking rules include at least one rule that prevents peering connections between the multiple cloud provider systems (“Service peering exchange 301 applies policies 332, as described below, to determine whether the service request is allowed. If so, service peering exchange 301 forwards the service request to service endpoint 314. If not, service peering exchange 301 drops the service request” paragraph 0074).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the instant invention to modify the multi-node network database system taught by Iancu to include the application of policies to prevent peering, as taught by Madden. One would have been motivated to do so in order to prevent visibility into service traffic that was not directed at a particular gateway, as taught by Madden in paragraph 0076 (“In this way, policies 332 prevent service peering exchange 301 from providing visibility into service traffic by service gateways 312 other than for service traffic directed to each service gateway.”) 


Claim(s) 11 is/are rejected under 35 U.S.C. 103 as being unpatentable over Iancu as applied to claim 10 above, and further in view of Dierks & Rescorla in the RFC document “The Transport Layer Security (TLS) Protocol Version 1.2”, hereinafter called Dierks.
In regard to claim 11, Iancu teaches the system of claim 10, as above. However, he fails to expressly teach that data communication via the communication link is encrypted with TLS (transport layer security).
Dierks teaches that data communication via the communication link is encrypted with TLS (transport layer security). (“This document specifies Version 1.2 of the Transport Layer Security (TLS) protocol. The TLS protocol provides communications security over the Internet. The protocol allows client/server applications to communicate in a way that is designed to prevent eavesdropping, tampering, or message forgery.” Page 1)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the instant invention to modify the TCP/IP-based network communication system taught by Iancu to include the encryption with TLS, as taught by Dierks. It would have been obvious because it represents the application of a known technique (i.e. TLS encryption of a TCP/IP connection, as taught by Dierks, “The primary goal of the TLS protocol is to provide privacy and data integrity between two communicating applications. The protocol is composed of two layers: the TLS Record Protocol and the TLS Handshake Protocol. At the lowest level, layered on top of some reliable transport protocol (e.g., TCP [TCP]), is the TLS Record Protocol” page 4 paragraph 1) to a known system (i.e. the TCP/IP communication link taught by Iancu, “Network 110 may be implemented using protocols such as Transmission Control Protocol (TCP) and/or Internet Protocol (IP), well known in the relevant arts.” Paragraph 0043) ready for improvement to yield predictable results (i.e. the TLS connection will be layered on top of the TCP connection, as suggested by Dierks). One would have been motivated to do so in order to provide privacy and data integrity between two communicating applications, as taught by Dierks (Page 4, paragraph 1)

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
US Patent Application Publication № 2017/0032010 teaches a system which allows for a distributed database with both electable and read-only nodes.
US Patent Application Publication № 2017/0344618 teaches a system which provides a cloud service for running a distributed database
US Patent Application Publication № 2021/0326161 teaches a system which provisions an application between multiple cloud infrastructure services.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to ARTHUR GANGER whose telephone number is (571)272-0270. The examiner can normally be reached 10:00 AM - 7:30 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Robert Beausoliel can be reached on (571) 272-3645. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/ROBERT W BEAUSOLIEL JR/Supervisory Patent Examiner, Art Unit 2167