DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.


Claim(s) 1, 2, 8, 9 and15 is/are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Lee et al. (Pub 20160366185) (hereafter Lee).

As per claim 1, Lee teaches:
A method of secure attestation of a workload deployed in a virtualized computing system, the virtualized computing system including a host cluster and a virtualization management server, the host cluster having hosts and a virtualization layer executing on hardware platforms of the hosts, the method comprising: ([Paragraph 36], There can be a different attestation server 16 for different clusters of cloud servers 18, enabling scalability of the system 10. The attestation server 16 can be responsible for security monitoring and attestation while the cloud controller 14 is responsible for management. This division of responsibilities between the attestation server 16 the cloud controller 14 achieves better scalability, since an additional attestation server 16 can be added to handle more cloud servers 18.  [Paragraph 14], A cloud server for security health monitoring and attestation of virtual machines in cloud computing systems is also provided. The cloud server includes a software entity to be protected (e.g., virtual machine or process), a system software layer that manages the software entities and assigns resources to them (e.g., hypervisor or operating system), a plurality of network interface controllers, a plurality of random access memories, a plurality of central processing units, and a plurality of cache memories.)
launching, in cooperation with a security module of a host, a guest as a virtual machine (VM) managed by the virtualization layer, the security module generating an attestation report from at least a portion of the VM loaded into memory of the host; ([Paragraph 55], The customer 12 could want to check the integrity of both the host platform 41 and the VM 42 before launching the VM 42 in the cloud…  A standard TPM chip can be used, and integrated into the hardware platform. The measurement can be done in two phases. First, the cloud server's platform configuration (hypervisor, host OS, etc.) is measured (i.e., hashed) during the cloud server bootup. Second, the VM image can be measured before VM 42 launch. The attestation server 16 can have full knowledge of the attested software, and the correct pre-calculated hash values of its executable files.  [Paragraph 47], The cloud controller 14 knows the current mapping of all the VMs to their assigned cloud servers 18, and can therefore add cloud server identifier I to the attestation request upon sending the request to the attestation server 16. The attestation server 16 then requests security monitoring measurements (rM) from the specific cloud server 18 where the VM 42 is running. The cloud server 18 collects the required measurements M, calculates the quote Q3 as the hash value of (Vid, rM, M and nonce N3), and sends these values back to the attestation server 16. The attestation server 16 checks the signature and hash values, interprets the measurements M and property P, and generates the attestation report R. This attestation report is signed by the attestation server 16 and transmitted securely to the cloud controller 14, and then signed by the cloud controller 14 and transmitted back to the customer 12. Three different nonces N1, N2 and N3 are used to prevent replay attacks over the three communication channels between each successive pair of servers, for each attestation request.  [Paragraph 56], The VM introspection tool 52 located in the hypervisor's 40 monitor module 44 can probe into the target VM's memory region to obtain the running tasks list. This information can be written into the trust evidence registers 64 (or encrypted and hashed, then written to untrusted RAM memory, with a pointer, a length value and a cryptographic key written into the trust evidence registers 64) and transmitted back to the attestation server 16. The customer 12 can compare this actual task list in the returned attestation report and compare it with the report the customer 12 gets from querying the corrupted guest OS, to detect the malware running in customer's 12 VM 42.)
sending the attestation report from the security module to a trust authority; ([Paragraph 12], The attestation server generates an attestation report based on the verification and interpretation of the security measurement information.  [Paragraph 45], The unforgeable signatures of the measurements and the attestation report can be sent between the place of collection in the cloud server 18, the attestation server 16, cloud controller 14, and the customer 12. [Paragraph 40], The trust module 46 is responsible for server authentication using an identity key 56, crypto operations using a crypto engine 58, key generator 60 and random number generation 62 (“RNG”), and secure measurement storage using a plurality of trust evidence registers 64. By using separate trust evidence registers 64 to store the security health measurements (trust evidence), the RAM 34 need not be included in the trust module 46 or in the system's Trusted Computing Base.  [Paragraph 65], The attestation server 16 and client can be implemented by OpenAttestation. The attestation server 16 can have the following modules: (1) oat database stores information about the cloud servers and measurements; (2) oat appraiser is responsible for triggering attestations and reporting the measurements; (3) oat PrivacyCA provides public-key certificates for the cloud servers 18. Furthermore, oat api is modified to extend the APIs with more parameters, such as security properties and VM id.  [Paragraph 48], For secure storage, the trust module 46 provides trust evidence registers 64 with attestation measurements, which are only accessible to the trust module 46 and monitor module 44. Accesses to the databases in the cloud controller 18 and the attestation server 16 are also protected to ensure data confidentiality and integrity.)
receiving, in response to verification of the attestation report by the trust authority, a secret from the trust authority at the security module; and 
providing the secret from the security module to the guest.  ([Paragraph 45], In a distributed architecture where communication is over untrusted networks, the protocols are an essential part of the security architecture because they establish trust between the customer and the cloud provider, and between different computers in the cloud system. The unforgeable attestation protocol in the present application has secure communications between the customer 12, cloud controller 14, attestation server 16, and cloud servers 18. The unforgeable signatures of the measurements and the attestation report can be sent between the place of collection in the cloud server 18, the attestation server 16, cloud controller 14, and the customer 12.  [Paragraph 47], Referring now to FIG. 3, an attestation protocol diagram 86 illustrates the attestation protocol in greater detail. Initially, the customer 12 sends an attestation request to the cloud controller 14. The attestation request includes the VM identifier, Vid, the desired security properties P and a nonce N1. The cloud controller 14 knows the current mapping of all the VMs to their assigned cloud servers 18, and can therefore add cloud server identifier I to the attestation request upon sending the request to the attestation server 16. The attestation server 16 then requests security monitoring measurements (rM) from the specific cloud server 18 where the VM 42 is running. The cloud server 18 collects the required measurements M, calculates the quote Q3 as the hash value of (Vid, rM, M and nonce N3), and sends these values back to the attestation server 16. The attestation server 16 checks the signature and hash values, interprets the measurements M and property P, and generates the attestation report R. This attestation report is signed by the attestation server 16 and transmitted securely to the cloud controller 14, and then signed by the cloud controller 14 and transmitted back to the customer 12. Three different nonces N1, N2 and N3 are used to prevent replay attacks over the three communication channels between each successive pair of servers, for each attestation request.  [Paragraph 51], For secure communications between the servers in system 10, SSL can first authenticate sender and receiver using their public-private key-pairs, and then generate symmetric session keys for encrypting the messages passed between each pair of servers. For example, FIG. 3 shows the communications between the customer 12 and the cloud controller 14 protected with a symmetric session key K.sup.x, between the cloud controller 14 and the attestation server 16 with a symmetric session key K.sup.y, and between the attestation server 16 and cloud server 18 with symmetric session key K.sup.z.  [Paragraph 5], The cloud provider places the VM in a virtualized cloud server, and allocates a specified amount of physical resources (CPU, memory, disk, networking, etc.) to the VM.)

As per claim 2, rejection of claim 1 is incorporated:
Lee teaches wherein the step of launching comprises: 
establishing a secure channel between the guest and the security module; and 
sending, from the guest to the security module over the secure channel, a request to generate the attestation report. ([Paragraph 45], In a distributed architecture where communication is over untrusted networks, the protocols are an essential part of the security architecture because they establish trust between the customer and the cloud provider, and between different computers in the cloud system. The unforgeable attestation protocol in the present application has secure communications between the customer 12, cloud controller 14, attestation server 16, and cloud servers 18. The unforgeable signatures of the measurements and the attestation report can be sent between the place of collection in the cloud server 18, the attestation server 16, cloud controller 14, and the customer 12.  [Paragraph 47], Referring now to FIG. 3, an attestation protocol diagram 86 illustrates the attestation protocol in greater detail. Initially, the customer 12 sends an attestation request to the cloud controller 14. The attestation request includes the VM identifier, Vid, the desired security properties P and a nonce N1. The cloud controller 14 knows the current mapping of all the VMs to their assigned cloud servers 18, and can therefore add cloud server identifier I to the attestation request upon sending the request to the attestation server 16. The attestation server 16 then requests security monitoring measurements (rM) from the specific cloud server 18 where the VM 42 is running. The cloud server 18 collects the required measurements M, calculates the quote Q3 as the hash value of (Vid, rM, M and nonce N3), and sends these values back to the attestation server 16. The attestation server 16 checks the signature and hash values, interprets the measurements M and property P, and generates the attestation report R. This attestation report is signed by the attestation server 16 and transmitted securely to the cloud controller 14, and then signed by the cloud controller 14 and transmitted back to the customer 12. Three different nonces N1, N2 and N3 are used to prevent replay attacks over the three communication channels between each successive pair of servers, for each attestation request.  [Paragraph 51], For secure communications between the servers in system 10, SSL can first authenticate sender and receiver using their public-private key-pairs, and then generate symmetric session keys for encrypting the messages passed between each pair of servers. For example, FIG. 3 shows the communications between the customer 12 and the cloud controller 14 protected with a symmetric session key K.sup.x, between the cloud controller 14 and the attestation server 16 with a symmetric session key K.sup.y, and between the attestation server 16 and cloud server 18 with symmetric session key K.sup.z.  [Paragraph 5], The cloud provider places the VM in a virtualized cloud server, and allocates a specified amount of physical resources (CPU, memory, disk, networking, etc.) to the VM.)

As per claims 8 and 9.  These are non-transitory computer readable medium claims corresponding to the method claims 1 and 2.  Therefore, rejected based on similar rationale.

As per claim 15.  This is a system claim corresponding to the method claim 1.  Therefore, rejected based on similar rationale. 
 
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


Claim(s) 3, 6, 7, 10, 13, 14, 16, 19 and 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Lee in view of Guim Bernat et al. (Pub 20210144517) (hereafter Guim).


As per claim 3, rejection of claim 1 is incorporated:
However, Lee does not explicitly disclose wherein the virtualized computing system includes an orchestration control plane integrated with the virtualization layer and including at least one master server and a pod VM controller, and wherein the VM is a pod VM that includes a container engine supporting execution of containers therein.
Guim teaches wherein the virtualized computing system includes an orchestration control plane integrated with the virtualization layer and including at least one master server and a pod VM controller, and wherein the VM is a pod VM that includes a container engine supporting execution of containers therein.  ([Paragraph 422], In a further example, a method for implementing a technique for attestation of data may be implemented within an edge computing network.  [Paragraph 788], a configuration where a node exposes a smartcard/TPM interface for performing general purpose encrypt/decrypt over a TLS/OSCORE tunnel. [Paragraph 151], FIG. 9 illustrates various compute arrangements deploying containers in an edge computing system. As a simplified example, system arrangements 910, 920 depict settings in which a container manager (e.g., container managers 911, 921, 931) is adapted to launch containerized pods, functions, and functions-as-a-service instances through execution via compute nodes (915 in arrangement 910), or to separately execute containerized virtualized network functions through execution via compute nodes (923 in arrangement 920). This arrangement is adapted for use of multiple tenants in system arrangement 930 (using compute nodes 936), where containerized pods (e.g., pods 912), functions (e.g., functions 913, VNFs 922, 936), and functions-as-a-service instances (e.g., FaaS instance 915) are launched within virtual machines (e.g., VMs 934, 935 for tenants 932, 933) specific to respective tenants (aside the execution of virtualized network functions).  [Paragraph 166], In an example of FaaS, a container is used to provide an environment in which function code is executed. The container may be any isolated-execution entity such as a process, a Docker or Kubernetes container, a virtual machine, etc. Within the edge computing system, various datacenter, edge, and endpoint (including mobile) devices are used to “spin up” functions (e.g., activate and/or allocate function actions) that are scaled on demand.  [Paragraph 817], The group appoints a master node (e.g., orchestrator, etc.) that manages group membership, joins members to the group using a group key generation method, and issues group certificates that may be used to authenticate signatures formed using the various private keys of the members.  [Paragraph 148], In the example of FIG. 8, an edge computing system 800 is extended to provide for orchestration of multiple applications through the use of containers (a contained, deployable unit of software that provides code and needed dependencies) in a multi-owner, multi-tenant environment. A multi-tenant orchestrator may be used to perform key management, trust anchor management, and other security functions related to the provisioning and lifecycle of the trusted ‘slice’ concept in FIG. 7.)
It would have been obvious to a person with ordinary skill in the art before the effective filing date of the invention, to combine the teachings of Lee wherein a guest/customer virtual machine is launched via virtualization layer in cooperation with a security module, security module generates an attestation report based on VM memory loaded within the host, attestation report is transmitted/sent for validation/verification and secret/secure/sensitive information is received and provided to the guest based on verification, into teachings of Guim wherein attestation of data via TPM is provided to secure communication and data of a virtualized environment which leverages master server/node, pod VM and containerization to isolate tenants/customers, because this would enhance the teachings of Lee wherein by leveraging containers/podVMs to orchestrate plurality of application through the use of containers, applications/containers/pod VMs can be dynamically deployed as a deployable unit within a multi-tenant environment thus improving deployment while ensuring security.

As per claim 6, rejection of claim 3 is incorporated:
Guim teaches wherein the guest comprises the pod VM controller, and wherein the secret includes transport layer security (TLS) data verifying the identity of the pod VM controller.  ([Paragraph 788], Secure hardware mechanisms may be used in an edge compute environment to not only provide crypto-primitives, but also to support relevant crypto-services (e.g., TLS-aaS, DTLS-aaS), fully programmable to the characteristics of the available hardware and deployment. Security features such as Intel® SGX™ can be used to improve security for D/TLS-aaS by hosting these workloads in an enclave/domain, and exposing a network interface for use. Further, tunneling and hop-by-hop protection may be applied to enable a caller to fully apply D/TLS to protect the request/response to the X-aaS interaction. This may be offered through security tunneling as a service where OSCORE may be the service and TLS protects access to the node; or a configuration where a node exposes a smartcard/TPM interface for performing general purpose encrypt/decrypt over a TLS/OSCORE tunnel. [Paragraph 151], FIG. 9 illustrates various compute arrangements deploying containers in an edge computing system. As a simplified example, system arrangements 910, 920 depict settings in which a container manager (e.g., container managers 911, 921, 931) is adapted to launch containerized pods, functions, and functions-as-a-service instances through execution via compute nodes (915 in arrangement 910), or to separately execute containerized virtualized network functions through execution via compute nodes (923 in arrangement 920). This arrangement is adapted for use of multiple tenants in system arrangement 930 (using compute nodes 936), where containerized pods (e.g., pods 912), functions (e.g., functions 913, VNFs 922, 936), and functions-as-a-service instances (e.g., FaaS instance 915) are launched within virtual machines (e.g., VMs 934, 935 for tenants 932, 933) specific to respective tenants (aside the execution of virtualized network functions).  [Paragraph 166], In an example of FaaS, a container is used to provide an environment in which function code is executed. The container may be any isolated-execution entity such as a process, a Docker or Kubernetes container, a virtual machine, etc. Within the edge computing system, various datacenter, edge, and endpoint (including mobile) devices are used to “spin up” functions (e.g., activate and/or allocate function actions) that are scaled on demand.  [Paragraph 817], The group appoints a master node (e.g., orchestrator, etc.) that manages group membership, joins members to the group using a group key generation method, and issues group certificates that may be used to authenticate signatures formed using the various private keys of the members.  [Paragraph 148], In the example of FIG. 8, an edge computing system 800 is extended to provide for orchestration of multiple applications through the use of containers (a contained, deployable unit of software that provides code and needed dependencies) in a multi-owner, multi-tenant environment. A multi-tenant orchestrator may be used to perform key management, trust anchor management, and other security functions related to the provisioning and lifecycle of the trusted ‘slice’ concept in FIG. 7.)

As per claim 7, rejection of claim 3 is incorporated:
Guim teaches wherein the guest comprises the pod VM, and wherein the secret includes transport layer security (TLS) data verifying the identity of the pod VM. ([Paragraph 788], Secure hardware mechanisms may be used in an edge compute environment to not only provide crypto-primitives, but also to support relevant crypto-services (e.g., TLS-aaS, DTLS-aaS), fully programmable to the characteristics of the available hardware and deployment. Security features such as Intel® SGX™ can be used to improve security for D/TLS-aaS by hosting these workloads in an enclave/domain, and exposing a network interface for use. Further, tunneling and hop-by-hop protection may be applied to enable a caller to fully apply D/TLS to protect the request/response to the X-aaS interaction. This may be offered through security tunneling as a service where OSCORE may be the service and TLS protects access to the node; or a configuration where a node exposes a smartcard/TPM interface for performing general purpose encrypt/decrypt over a TLS/OSCORE tunnel. [Paragraph 151], FIG. 9 illustrates various compute arrangements deploying containers in an edge computing system. As a simplified example, system arrangements 910, 920 depict settings in which a container manager (e.g., container managers 911, 921, 931) is adapted to launch containerized pods, functions, and functions-as-a-service instances through execution via compute nodes (915 in arrangement 910), or to separately execute containerized virtualized network functions through execution via compute nodes (923 in arrangement 920). This arrangement is adapted for use of multiple tenants in system arrangement 930 (using compute nodes 936), where containerized pods (e.g., pods 912), functions (e.g., functions 913, VNFs 922, 936), and functions-as-a-service instances (e.g., FaaS instance 915) are launched within virtual machines (e.g., VMs 934, 935 for tenants 932, 933) specific to respective tenants (aside the execution of virtualized network functions).  [Paragraph 166], In an example of FaaS, a container is used to provide an environment in which function code is executed. The container may be any isolated-execution entity such as a process, a Docker or Kubernetes container, a virtual machine, etc. Within the edge computing system, various datacenter, edge, and endpoint (including mobile) devices are used to “spin up” functions (e.g., activate and/or allocate function actions) that are scaled on demand.  [Paragraph 817], The group appoints a master node (e.g., orchestrator, etc.) that manages group membership, joins members to the group using a group key generation method, and issues group certificates that may be used to authenticate signatures formed using the various private keys of the members.  [Paragraph 148], In the example of FIG. 8, an edge computing system 800 is extended to provide for orchestration of multiple applications through the use of containers (a contained, deployable unit of software that provides code and needed dependencies) in a multi-owner, multi-tenant environment. A multi-tenant orchestrator may be used to perform key management, trust anchor management, and other security functions related to the provisioning and lifecycle of the trusted ‘slice’ concept in FIG. 7.)

As per claims 10, 13 and 14.  These are non-transitory computer readable medium claims corresponding to the method claims 3, 6 and 7.  Therefore, rejected based on similar rationale.

As per claims 16, 19 and 20.  These are system claims corresponding to the method claims 3, 7 and 7.  Therefore, rejected based on similar rationale. 

Allowable Subject Matter
Claims 4, 5, 11, 12, 17 and 18 objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.


Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DONG U KIM whose telephone number is (571)270-1313. The examiner can normally be reached 9:00am - 5:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Emerson Puente can be reached on 5712723652. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/DONG U KIM/Primary Examiner, Art Unit 2196