DETAILED ACTION
This office action is in response to claims and remarks filed 7 October 2022.
Claims 1-6, 8-13, and 15-22 are pending.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Examiner’s Note
The previous office action (filed 7 June 2022) indicated on page 2 that claims 15-20 were allowed. However, as discussed in the interview conducted 28 September 2022, this indication was a typographical error, and claims 15-20 were not allowed since the previous office action went on to reject claims 15-20 under 35 U.S.C. 103. The examiner apologizes for any confusion this may have caused.

Response to Arguments
Applicant’s arguments, see pages 7-9 of the remarks filed 7 October 2022, with respect to the rejection of claims 1-6, 8-13, and 15-22 under 35 U.S.C. 103 have been fully considered but are considered moot because the arguments do not specifically challenge the new reference (Khan, cited below) used to reject the limitations at issue in the new ground of rejection.

Claim Objections
Claims 1, and 8 are objected to because of the following informalities (line numbers correspond to claim 1): In lines 13-14, “an endpoint” should read “the endpoint” .  Appropriate correction is required.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 3-5, 8, and 21 are rejected under 35 U.S.C. 103 as being unpatentable over Wu et al. Pub. No.: US 2021/0224094 A1 (hereafter Wu), in view of Khan et al. Patent No.: US 8,307,415 B2 (hereafter Khan), in view of Lee et al. Pub. No.: US 2013/0227565 A1 (hereafter Lee).

Wu and Lee were cited in the previous PTO-892 dated 7 June 2022.

Regarding claim 1, Wu teaches the invention substantially as claimed, including:
A system, comprising: 
a hypervisor (Fig. 1, Hypervisor 126); 
a virtual machine (VM) (Fig. 1: VM 110a, 110b) including a kernel (Fig. 1: OS 124a, or 124b (i.e., OS 124a and b comprise “kernels” because “a kernel is “the core of an operating system” (see Microsoft Computer Dictionary Fifth Edition, Page 300 “kernel”)) and an application (Fig. 1: Application 114a, Application 112b), wherein the VM is in communication with the hypervisor ([0022] Host 100 is illustrated as running two VMs, a first VM 110a and a second VM 110b under the control of a hypervisor 126 (i.e., the hypervisor at least “communicates” with the VMs in order to control them)); 
a host system (Fig. 1: Host 100) including a memory and one or more processors, wherein the one or more processors are in communication with the memory ([0022] Host 100 may be implemented as one or more computing devices 900 which is described in relation to Fig. 9. [0050] Computing device 900 has at least a processor 902 and a memory area 904 (or memory 904) that holds program code 910. [0053] Processor 902 may include any quantity of processing units and may be programmed to execute any components of program code 910 (i.e., processor 902 “communicates” with memory 904 to execute the code)) and the host system hosts the VM and the hypervisor ([0022] Host 100 is illustrated as running (i.e., “hosting”) two VMs, a first VM 110a and a second VM 110b under the control of a hypervisor 126); and 
wherein the one or more processors is configured to perform: 
creating…a first socket accessible to the application (Fig. 1: Port 116a, 116b. [0023] Application 114 a will use (i.e., “access”) at least port 116 a, application 114 b will use at least port 116 b (i.e., ports 116a and 116b represent first ports). [0004] A port is a logical connection between two end points. For example, a virtual private network (VPN) client connects to a VPN server over a port. A socket is one end point of a connection, and a way to “plug in” an application to a logical connection. Each VM will obtain its own internet protocol (IP) address, which will be different than the host machine's IP address. A socket address is the combination of an IP address and a port number (i.e., each port is indicative of at least one “socket” acting as an endpoint of communication); 
creating a second socket (Fig. 1: Port 116n) at the host system in communication with an endpoint ([0022] Three ports are illustrated, a native host port 116 n (i.e., port at the “host system” 100). [0023] For routing traffic to/from remote node 104 (i.e., “endpoint”), both of applications 114 a and 114 b will also use port 116 n); 
creating a virtual communication channel…based on the location of the endpoint, to transmit inputs/outputs (I/Os) received from the application through the virtual channel to the endpoint via the second socket ([0022] One or both of VMs 110 a and 110 b will need to communicate with a remote node 104 (i.e., “endpoint”) across a network 102, which may be the internet, and may use internet protocol (IP) for traffic (e.g., communication messages). Three ports are illustrated, a native host port 116 n (i.e., port at the “host system” 100). [0023] For routing traffic (i.e., input/output) to/from remote node 104, both of applications 114 a and 114 b will also use port 116 n (i.e., a communication channel between applications 114a/114b and remote node 104 is established through ports 116n, and 116a/b using IP address, or “locations” of the virtual machines and endpoints (see also [0004]))).  

	While Wu discloses establishing communication between a host socket and a guest socket, Wu does not explicitly disclose:
determining, by the kernel, whether an endpoint, which is requested by the application, exists;
determining, by the kernel, a location of the endpoint;

However, in analogous art, Khan teaches:
determining, by the kernel, whether an endpoint, which is requested by the application, exists; determining, by the kernel, a location of the endpoint ([Column 3, Lines 1-15] The system embodying aspects of the invention includes a remote endpoint lookup component 108…the endpoint lookup component 108 executes in kernel mode 110 of the operating system 112 of the source computer 104 (i.e., the kernel of source computer 104, representative of a virtual machine of Wu that is the source of a communication requested by an associated application, executes the remote endpoint lookup component 108)…In operation, remote endpoint lookup component 108 receives an outbound request 106 originated by source computer 104. The request includes a local endpoint of the source computer 104 originating the request and the remote endpoint of a destination computer 120 to receive the request. The remote endpoint lookup component 108 determines the address of the remote endpoint included in the outbound request 106 (i.e., in performing the lookup, the remote endpoint lookup component 108 determines both that the endpoint exists (the existence of the address of the endpoint confirms that the endpoint exists) and a location (address) of the endpoint));

It would have been obvious to a person having ordinary skill in the art before the effective filing date of the invention to have combined Khan’s teaching of a kernel performing a remote endpoint lookup that both confirms that an endpoint exists, and determines an address of the endpoint, with Wu’s teaching of communicating input/output between an application and an endpoint using a communication channel between a guest socket and a host socket, to realize, with a reasonable expectation of success, a system that enables communication between an endpoint and application via guest and host sockets, as in Wu, using an address of the endpoint determined by a kernel, as in Khan. A person of ordinary skill would have been motivated to make this combination to improve security in network applications (Khan Column 1, Lines 5-32).

	While Wu discloses establishing communication between a host socket and a guest socket, the combination of Wu and Khan does not explicitly disclose:
creating, via the kernel, a first socket;
creating a virtual communication channel between the hypervisor and the kernel of the VM connecting the first socket to the hypervisor; and 
configuring the hypervisor…to transmit inputs/outputs (I/Os) received from the application through the virtual channel to the endpoint via the second socket.

However, in analogous art, Lee teaches:
creating, via the kernel, a first socket ([0029] The application management apparatus 100 includes…guest application managing units 120 and 130 installed to operate on one or more guest OSs (first guest OS and second guest OS). [0030] The guest application managing unit 120 may include…a guest communication unit 1 (GCU1) 125. [0046] The guest OS is booted according to a command from the virtual machine monitor 140 and the guest port 125a is also launched during this process (i.e., guest port 125a is created on the GCUI 125 of the guest OS));
creating a virtual communication channel between the hypervisor and the kernel of the VM connecting the first socket to the hypervisor ([0044] Fig. 2 may be an example of implementing communication between the HCU 115 and the GCUI 125 by using socket communication as an example of the IPC (i.e., Fig. 2 illustrates a communication path, or channel, connecting guest port 125a of guest OS 120 and VMM 140 (hypervisor), and connecting VMM 140 to host port 115a)); and 
configuring the hypervisor…to transmit inputs/outputs (I/Os) received from the application through the virtual channel to the endpoint via the second socket ([0057] The guest application managing unit 120 transfers the downloading result information to the host application managing unit 110 in operations 210, 211, and 212. The downloading result information may include the application information (ApplicationInfo) generated during the operation 209 and information of whether the downloading is successful. The GAM transfers the downloading result information including the downloading result and/or the application information to the GCU in operation 210. The GCU transfers the downloading result information including the downloading result and/or the application information to the HCU 115 in operation 211, and the HCU 115 transfers the received downloading result information to the HAM 112 (i.e., a type of “endpoint”) in conjunction with the application information in operation 212 (i.e., GCU1 transfers, or communicates downloading results/application information representing input/output from the downloaded application to HCU using the socket communication channel established between guest port125a and host port 115a via VMM 140 as illustrated in Fig. 2, which is then transmitted to the HAM 112 acting as a type of endpoint)).

It would have been obvious to a person having ordinary skill in the art before the effective filing date of the invention to have combined Lee’s teaching of communicating input/output between an application and an endpoint using a socket communication channel established via a guest port, VMM, and host port, with the combination of Wu and Khan’s teaching of communicating input/output between an application and an endpoint using a communication channel between a guest socket and a host socket, to realize, with a reasonable expectation of success, a system that enables communication between an endpoint and application via guest and host sockets, as in Wu, using a communication channel established between the guest and host sockets, and a VMM, as in Lee. A person of ordinary skill would have been motivated to make this combination to improve management of applications operating on guest OSes (Lee [0009]).

Regarding claim 3, Wu further teaches:
the first socket is a network socket (0004] A port is a logical connection between two end points. For example, a virtual private network (VPN) client connects to a VPN server over a port. A socket is one end point of a connection, and a way to “plug in” an application to a logical connection (i.e., connecting to a network via a socket makes the socket a “network socket”)).  

Regarding claim 4, Wu further teaches:
a second VM hosted on the host system; and wherein the second VM is the endpoint ([0031] Fig. 4a illustrates exemplary traffic routine (e.g., port forwarding) for incoming and outgoing external traffic with integrated virtual machine and host networking. [0034] Incoming external traffic 402 is received on host port 8080n…incoming external traffic 402 is routed to port 8080a on VM 110a. Application 114a is thus able to receive incoming external traffic 402 from network 102 (i.e., VM 110a is hosted on the same host as VM 110b which originates the outgoing external traffic 404, and represents an “endpoint”)).

Regarding claim 5, Wu further teaches:
receiving a packet via the second socket; and sending the packet to the application via the first socket ([0034] Incoming external traffic 402 (i.e., packets) is received on host port 8080n (i.e., port 8080n is indicative of a second “socket”). Host port 8080n has an assigned port number 8080 and corresponds to port 8080a. Based at least on port reservations 130 and receiving incoming external traffic 402 on host port 8080n, incoming external traffic 402 is routed to port 8080a (i.e., port 8080a is indicative of a first “socket”) on VM 110 a. Application 114 a is thus able to receive incoming external traffic 402 from network 102 (i.e., traffic is sent to the application via the ports)).

Regarding claim 8, it is a method claim comprising limitations similar to those of claim 1. They are therefore rejected for at least the same rationale.

Regarding claim 21, Wu further teaches:
the endpoint is one of a plurality of endpoints in communication with the application ([0005] In order for applications within VMs to communicate with remote nodes across a network (i.e., virtual machine applications communicate with multiple remote nodes), a solution is needed to ensure that incoming network traffic is routed to the proper application within the proper VM), and each of the plurality of endpoints is one of located local to the VM, located local to the host, located on another VM residing on the host, or located external to the host ([0022] One or both of VMs 110 a and 110 b will need to communicate with a remote node 104 (i.e., remote nodes 104, or “endpoints” are external to host 100 as illustrated in Fig. 1) across a network 102, which may be the internet, and may use internet protocol (IP) for traffic (e.g., communication messages).

Claims 2, 6, 9-10, and 12-13 are rejected under 35 U.S.C. 103 as being unpatentable over Wu, in view of Khan, in view of Lee, as applied to claims 1, and 8 above, and in further view of Shah Pub. No.: US 2012/0198440 A1 (hereafter Shah).

Shah was cited in the previous PTO-892 dated 7 June 2022.

Regarding claim 2, Lee further teaches:
creating, via the kernel, a third socket…notifying the hypervisor, via the kernel, that the third socket is requesting a connection to the host system; and connecting the [hypervisor to the kernel] ([0046] The guest OS is booted according to a command from the virtual machine monitor 140, and the guest port 125a is also launched during this process. If the guest port 125a is launched, the guest port 125a may generate a socket (i.e., third socket) to connect to the host port 115a. The guest port 125a may request the connection to the host port 115a and wait for a response. If the host port 115a receives the connection request in the socket, the host port 115a sets up the connection and notifies the connection set-up to the HCU 115 (i.e., connection between host port 115a and guest port 125a via VMM 140 is set up in response to the request for connection from the guest port 125a of the guest OS)).

	While Lee creates a connection between a host OS and a hypervisor in response to a request from the host OS to connect, the combination of Wu, Khan, and Lee does not explicitly disclose:
creating, via the kernel, a third socket accessible to the application…creating a forth socket at the hypervisor; and connecting the forth socket to the third socket.

However, in analogous art, Shah teaches:
creating, via the kernel, a third socket accessible to the application…creating a forth socket at the hypervisor; and connecting the forth socket to the third socket ([0023] In embodiments of the invention, a transport mechanism is provided that creates a plurality of dedicated VM-hypervisor channels 130 for communication between the hypervisor 110 and the VM userspace or kernelspace of a VM OS 104. More specifically, in some embodiments, the transport mechanism may enable communication between the host machine userspace and/or kernelspace and the VM userspace and/or kernelspace. To implement the dedicated VM-hypervisor communication channels 130 of embodiments of the invention, the hypervisor 110 and VM 102 cooperate to install a paravirtualized device that enables the multiple communication channels 130 by exposing one or more ports to the VM 102 (i.e., ports, indicative of “a third socket” is created and exposed to guest applications of the VM userspace and/or kernelspace as described below). [0024] On the hypervisor 110 side, a new communication device 114 is exposed separately for each VM 102 that the hypervisor 110 manages. This emulated communication device 114 is capable of having one or more ports (i.e., a port indicative of a “fourth socket” is created on the hypervisor side. Or in other words, “at” the hypervisor) whose number and purpose can be specified by an administrator of the hypervisor 110 To associate a port with a specific purpose, an administrator may provide a ‘name’ for the port. Then, guest applications, if they find a port name they are interested in, know which ports are meant for them (i.e., the ports are accessible by the guest applications)).

	It would have been obvious to a person having ordinary skill in the art before the effective filing date of the invention to have combined Shah’s teaching of establishing multiple connections between guest applications of an operating system of a VM and a hypervisor via respective ports, with the combination of Wu, Khan, and Lee’s teaching of establishing a communication path between a guest OS and a hypervisor, to realize, with a reasonable expectation of success, a system that establishes a plurality of connections between guest applications and hypervisors using ports accessible by the guest application and they hypervisor, as in Shah, to enable communication in response to a request, as in Lee. A person of ordinary skill would have been motivated to make this combination so that communication between VM and hypervisor may be accomplished without there being a network between them, or between different administrators with different security protocols, without the use of architecture dependent hypercalls (Shah [0005]).

Regarding claim 6, while Lee discloses communication between a guest OS kernel and a hypervisor, the combination of Wu, Khan, and Lee does not explicitly disclose:
the kernel communicates with the hypervisor through a virtual I/O device.  

However, in analogous art, Shah teaches:
the kernel communicates with the hypervisor through a virtual I/O device ([0023] In embodiments of the invention, a transport mechanism is provided that creates a plurality of dedicated VM-hypervisor channels 130 for communication between the hypervisor 110 and the VM userspace or kernelspace of a VM OS 104. More specifically, in some embodiments, the transport mechanism may enable communication between the host machine userspace and/or kernelspace and the VM userspace and/or kernelspace. To implement the dedicated VM-hypervisor communication channels 130 of embodiments of the invention, the hypervisor 110 and VM 102 cooperate to install a paravirtualized device (i.e., virtualized I/O device) that enables the multiple communication channels 130 by exposing one or more ports to the VM 102 (i.e., communication between kernelspace and hypervisor is performed using the paravirtualized device)).  

It would have been obvious to a person having ordinary skill in the art before the effective filing date of the invention to have combined Shah’s teaching of communicating between kernel space of a VM and a hypervisor via a paravirtualized I/O device, with the combination of Wu, Khan, and Lee’s teaching of establishing a communication path between a guest OS and a hypervisor, to realize, with a reasonable expectation of success, a system that performs communication between a guest OS and a hypervisor, as in Lee, via a paravirtualized I/O device, as in Shah. A person of ordinary skill would have been motivated to make this combination so that communication between VM and hypervisor may be accomplished without there being a network between them, or between different administrators with different security protocols, without the use of architecture dependent hypercalls (Shah [0005]).

Regarding claims 9-10, and 12-13, they are method claims comprising limitations similar to those of claims 2-3, and 5-6 respectively, and are therefore rejected for at least the same rationale.

Claim 11 is rejected under 35 U.S.C. 103 as being unpatentable over Wu, in view of Khan, in view of Lee, in view of Shah as applied to claim 9, and in further view of Subhraveti Pub. No.: US 2018/0007178 A1 (hereafter Subhraveti).

Subhraveti was cited in the previous PTO-892 dated 7 June 2022.

Regarding claim 11, while Wu discloses a first socket accessible by an application, the combination of Wu, Khan, Lee, and Shah does not explicitly disclose:
the first socket is an UNIX socket.  

	However, in analogous art, Subhraveti teaches:
the first socket is an UNIX socket ([0040] A ‘best’ (e.g. most efficient, available, fastest, etc.) medium of network communication for any two or more applications can be determined (e.g. when an application comes up in the network or any triggering event, on a periodic basis, etc.). Example network communication media include, inter alia: TCP/IP, Infiniband RDMA, UNIX sockets, shared memory, etc. (i.e., communication between source and endpoint applications running on different VMs is performed between a “first” and second UNIX socket));

It would have been obvious to a person having ordinary skill in the art to have simply substituted the UNIX sockets described in Subhraveti with the network sockets described in the combination of Wu, Khan, Lee, and Shah, because (1) Wu describes communication between a source VM application and a remote endpoint via at least a port indicative of a network socket accessible to the application, which differs from the claimed device by substitution of a UNIX socket for Wu’s network socket, (2) UNIX sockets and their functions of enabling communication between a source VM application and an endpoint application are described in Subhraveti, and (3) a person of ordinary skill could have substituted the UNIX socket of Subhraveti with the network socket of Wu, with the predictable result of enabling a source VM application to communicate with a remote endpoint via at least a port indicative of a UNIX socket accessible to the application.

Claims 15, 16, 19, and 22 are rejected under 35 U.S.C. 103 as being unpatentable over Wu, in view of Khan, in view of Lee, in view of Shah.

Regarding claim 15, Wu teaches the invention substantially as claimed, including:
A system, comprising: 
a hypervisor (Fig. 1, Hypervisor 126); 
a virtual machine (VM) (Fig. 1: VM 110a, 110b) in communication with the hypervisor using a virtual control plane ([0022] Host 100 is illustrated as running two VMs, a first VM 110a and a second VM 110b under the control of a hypervisor 126 (i.e., the hypervisor at least “communicates” with the VMs in order to control them via a “control” plane)); 
a host system (Fig. 1: Host 100) including a memory and one or more processors, wherein the one or more processors are in communication with the memory ([0022] Host 100 may be implemented as one or more computing devices 900 which is described in relation to Fig. 9. [0050] Computing device 900 has at least a processor 902 and a memory area 904 (or memory 904) that holds program code 910. [0053] Processor 902 may include any quantity of processing units and may be programmed to execute any components of program code 910 (i.e., processor 902 “communicates” with memory 904 to execute the code)) and the host system hosts the VM and the hypervisor ([0022] Host 100 is illustrated as running (i.e., “hosting”) two VMs, a first VM 110a and a second VM 110b under the control of a hypervisor 126); and 
wherein the one or more processors is configured to perform: 
…a first socket [that] is available for connection at the virtual machine (VM) (Fig. 1: Port 116a, 116b. [0023] Application 114 a will use at least port 116 a (i.e., port 116a represents a first port that is “available” for use by application 114a of VM 110a), application 114 b will use at least port 116 b (i.e., ports 116a and 116b represent first ports). [0004] A port is a logical connection between two end points. For example, a virtual private network (VPN) client connects to a VPN server over a port. A socket is one end point of a connection, and a way to “plug in” an application to a logical connection. Each VM will obtain its own internet protocol (IP) address, which will be different than the host machine's IP address. A socket address is the combination of an IP address and a port number (i.e., each port is indicative of at least one “socket” acting as an endpoint of communication); 
creating a second socket (Fig. 1: Port 116n) available for connection at the host system ([0022] Three ports are illustrated, a native host port 116 n (i.e., port at the “host system” 100). [0023] For routing traffic to/from remote node 104, both of applications 114 a and 114 b will also use port 116 n); 
…based on the location of the endpoint, to transmit inputs/outputs (I/Os) ([0022] One or both of VMs 110 a and 110 b will need to communicate with a remote node 104 (i.e., “endpoint”) across a network 102, which may be the internet, and may use internet protocol (IP) for traffic (e.g., communication messages). Three ports are illustrated, a native host port 116 n (i.e., port at the “host system” 100). [0023] For routing traffic (i.e., input/output) to/from remote node 104, both of applications 114 a and 114 b will also use port 116 n (i.e., a communication channel between applications 114a/114b and remote node 104 is established through ports 116n, and 116a/b using IP address, or “locations” of the virtual machines and endpoints (see also [0004])))…

While Wu discloses establishing communication between a host socket and a guest socket, Wu does not explicitly disclose:
determining, by the kernel, whether an endpoint, which is requested by the application, exists;
determining, by the kernel, a location of the endpoint;

However, in analogous art, Khan teaches:
determining, by the kernel, whether an endpoint, which is requested by the application, exists; determining, by the kernel, a location of the endpoint ([Column 3, Lines 1-15] The system embodying aspects of the invention includes a remote endpoint lookup component 108…the endpoint lookup component 108 executes in kernel mode 110 of the operating system 112 of the source computer 104 (i.e., the kernel of source computer 104, representative of a virtual machine of Wu that is the source of a communication requested by an associated application, executes the remote endpoint lookup component 108)…In operation, remote endpoint lookup component 108 receives an outbound request 106 originated by source computer 104. The request includes a local endpoint of the source computer 104 originating the request and the remote endpoint of a destination computer 120 to receive the request. The remote endpoint lookup component 108 determines the address of the remote endpoint included in the outbound request 106 (i.e., in performing the lookup, the remote endpoint lookup component 108 determines both that the endpoint exists (the existence of the address of the endpoint confirms that the endpoint exists) and a location (address) of the endpoint));

It would have been obvious to a person having ordinary skill in the art before the effective filing date of the invention to have combined Khan’s teaching of a kernel performing a remote endpoint lookup that both confirms that an endpoint exists, and determines an address of the endpoint, with Wu’s teaching of communicating input/output between an application and an endpoint using a communication channel between a guest socket and a host socket, to realize, with a reasonable expectation of success, a system that enables communication between an endpoint and application via guest and host sockets, as in Wu, using an address of the endpoint determined by a kernel, as in Khan. A person of ordinary skill would have been motivated to make this combination to improve security in network applications (Khan Column 1, Lines 5-32).

While Wu discloses creating a first and second socket at the VM and host respectively, the combination of Wu, and Khan does not explicitly disclose:
receiving a notification, via the virtual control plane, that a first socket is available for connection;
configuring the hypervisor to transmit inputs/outputs (I/Os)

However, in analogous art, Lee teaches:
receiving a notification, via the virtual control plane, that a first socket is available for connection ([0046] The guest OS is booted according to a command from the virtual machine monitor 140, and the guest port 125a is also launched during this process. If the guest port 125a is launched, the guest port 125a may generate a socket (i.e., first socket is generated and “available”) to connect to the host port 115a. The guest port 125a may request the connection to the host port 115a and wait for a response. If the host port 115a receives the connection request in the socket, the host port 115a sets up the connection and notifies the connection set-up to the HCU 115 (i.e., the connection request represents a notification that a first socket at the guest OS is available, and since the request “controls” generation of a connection, it is considered to be received “via a control plane”)).
configuring the hypervisor to transmit inputs/outputs (I/Os) ([0057] The guest application managing unit 120 transfers the downloading result information to the host application managing unit 110 in operations 210, 211, and 212. The downloading result information may include the application information (ApplicationInfo) generated during the operation 209 and information of whether the downloading is successful. The GAM transfers the downloading result information including the downloading result and/or the application information to the GCU in operation 210. The GCU transfers the downloading result information including the downloading result and/or the application information to the HCU 115 in operation 211, and the HCU 115 transfers the received downloading result information to the HAM 112 (i.e., a type of “endpoint”) in conjunction with the application information in operation 212 (i.e., GCU1 transfers, or communicates downloading results/application information representing input/output from the downloaded application to HCU using the socket communication channel established between guest port125a and host port 115a via VMM 140 as illustrated in Fig. 2, which is then transmitted to the HAM 112 acting as a type of endpoint)).

It would have been obvious to a person having ordinary skill in the art before the effective filing date of the invention to have combined Lee’s teaching of, upon receiving notification of a generated port at a guest OS, communicating input/output between an application and an endpoint using a socket communication channel established via a guest port, VMM, and host port, with the combination of Wu and Khan’s teaching of communicating input/output between an application and an endpoint using a communication channel between a guest socket and a host socket, to realize, with a reasonable expectation of success, a system that enables communication between an endpoint and application via guest and host sockets, as in Wu, upon notification of generation of the guest socket and using a communication channel established between the guest and host sockets, and a VMM, as in Lee. A person of ordinary skill would have been motivated to make this combination to improve management of applications operating on guest OSes (Lee [0009]).

While Lee discloses transmitting I/Os from a guest OS port and a VMM, the combination of Wu, Khan, and Lee does not explicitly disclose:
creating a virtual socket connection including a first end and a second end, where the first end impersonates the first socket and the second end is located at the hypervisor; and 
…transmit inputs/outputs (I/Os) received via the second end of the virtual socket connection to the second socket.

However, in analogous art, Shah teaches:
creating a virtual socket connection including a first end and a second end, where the first end impersonates the first socket and the second end is located at the hypervisor; and…transmit inputs/outputs (I/Os) received via the second end of the virtual socket connection to the second socket ([0023] In embodiments of the invention, a transport mechanism is provided that creates a plurality of dedicated VM-hypervisor channels 130 (i.e., “virtual socket connection”) for communication (i.e., transmission of I/O) between the hypervisor 110 and the VM userspace or kernelspace of a VM OS 104. More specifically, in some embodiments, the transport mechanism may enable communication between the host machine userspace and/or kernelspace and the VM userspace and/or kernelspace. To implement the dedicated VM-hypervisor communication channels 130 of embodiments of the invention, the hypervisor 110 and VM 102 cooperate to install a paravirtualized device that enables the multiple communication channels 130 by exposing one or more ports to the VM 102 (i.e., ports, representative of a “first end” of a VM-hypervisor channel and indicative of “impersonated sockets” is created and exposed to, or is “available for connection with” guest applications of the VM userspace and/or kernelspace as described below). [0024] On the hypervisor 110 side, a new communication device 114 is exposed separately for each VM 102 that the hypervisor 110 manages. This emulated communication device 114 is capable of having one or more ports (i.e., a port indicative of a “second end” of a VM-hypervisor channel is created on the hypervisor side, or in other words, “at” the hypervisor) whose number and purpose can be specified by an administrator of the hypervisor 110).

	It would have been obvious to a person having ordinary skill in the art before the effective filing date of the invention to have combined Shah’s teaching of establishing a connection between guest applications of an operating system of a VM and a hypervisor via respective ports at either end of the connection, with the combination of Wu, Khan, and Lee’s teaching of establishing a communication path between a guest OS and a hypervisor, to realize, with a reasonable expectation of success, a system that establishes a virtual connection between guest applications and hypervisors using ports accessible by the guest application and the hypervisor, as in Shah, to enable communication in response to a request, as in Lee. A person of ordinary skill would have been motivated to make this combination so that communication between VM and hypervisor may be accomplished without there being a network between them, or between different administrators with different security protocols, without the use of architecture dependent hypercalls (Shah [0005]).

Regarding claims 16, 19, and 22 they comprise limitations similar to those of claims 13, 10 and 11, and 21 respectively, and are therefore rejected for at least the same rationale.

Claim 17 is rejected under 35 U.S.C. 103 as being unpatentable over Wu, in view of Khan, in view of Lee, in view of Shah, as applied to claim 15 above, and in further view of Heiney et al. Patent No.: US 6,401,109 B1 (hereafter Heiney).

Heiney was cited in the previous PTO-892 dated 7 June 2022.

Regarding claim 17, while Wu teaches a virtual machine application communicating with an endpoint via a socket, the combination of Wu, Khan, Lee, and Shah does not explicitly disclose:
creating a third socket, wherein the third socket is a virtual socket; 
sending a descriptor of the third socket to the VM to reconfigure the first socket from a network socket to a virtual socket; 
connecting the third socket to the first socket, wherein the application is unaware the configuration of the first socket has changed.  

	However, in analogous art, Heiney teaches:
creating a third socket, wherein the third socket is a virtual socket; sending a descriptor of the third socket to the VM to reconfigure the first socket from a network socket to a virtual socket (Abstract: A virtual socket (i.e., “third socket”) replaces the usual JAVA physical socket for interprocess communication between two JAVA processes resident on a single system. The virtual socket is created by loading and making use of the standard-in, standard out process associated with the underlying platform so that data, rather than objects, can be passed from one Java process to another. Column 8, Lines 39-43: At step 82 a virtual socket is established (i.e., creating a third, “virtual socket”) for the client connected to that particular thread. Details are shown in FIG. 9. At step 83 the standard in and standard out of the operating system in use on the server system 11 is obtained for the virtual socket process (i.e., standard in and standard out represent “descriptors” of the virtual socket)); 
connecting the third socket to the first socket, wherein the application is unaware the configuration of the first socket has changed (Column 9, Lines 59-62: Wherein communication is established between said first JAVA virtual machine and said second JAVA virtual machine without using a JAVA physical socket connection (i.e., communication from the VM is performed without the VM being aware that the physical socket has been replaced)).  

	It would have been obvious to a person having ordinary skill in the art before the effective filing date of the invention to have combined Heiney’s teaching of replacing a physical java socket with a virtual socket to connect java virtual machine applications, with the combination of Wu, Khan, Lee, and Shah’s teaching of a virtual machine application communicating with an endpoint via a socket, to realize, with a reasonable expectation of success, a system implementing communication between a virtual machine application and an endpoint, as in Wu, that replaces a physical socket with a virtual socket, as in Heiney. A person of ordinary skill would have been motivated to make this combination so that communication performance can be improved by avoiding overhead (Heiney Column 1, Lines 32-36).

Claim 18 is rejected under 35 U.S.C. 103 as being unpatentable over Wu, in view of Khan, in view of Lee, in view of Shah, as applied to claim 15 above, and in further view of Cheshire Pub. No.: US 2014/0214958 A1 (hereafter Cheshire).

Cheshire was cited in the previous PTO-892 dated 7 June 2022.

Regarding claim 18, while Wu discloses virtual machine hosts, the combination of Wu, Khan, Lee, and Shah does not explicitly disclose:
receiving a request for information regarding services available at the host system; 
querying the host system for available services; 
responding to the request.

However, in analogous art, Cheshire teaches:
receiving a request for information regarding services available at the host system (Claim 1: Receiving a first query message from a querying host, the first query message requesting information regarding service instances available on a link); 
querying the host system for available services ([0053] The private network 140 includes a link 142, on which a hybrid proxy 100 and two exemplary host devices (Service-Providing Device (SPD) A 120 and SPD B 122) operate. In the example of FIG. 1, the hybrid proxy 100 may function as a router, and perform routing functionality for the link 142 on which it operates. As will be described in further detail below, the SSD 130 may search for services provided by SPD A 120 and SPD B 122 by communicating with the hybrid proxy 100. Claim 1: Transmitting a second query message on the link (i.e., querying the service providing hosts 120 and 122); receiving one or more messages responsive to the second query message, wherein the one or more responsive messages indicate service instances available on the link); 
responding to the request (Claim 1: Generating a response message based on the one or more responsive messages, wherein the response message indicates the service instances available on the link; and transmitting the response message to the querying host).

It would have been obvious to a person having ordinary skill in the art before the effective filing date of the invention to have combined Cheshire’s teaching of querying hosts for service availability, with the combination of Wu, Khan, Lee, and Shah’s teaching of hosts, to realize, with a reasonable expectation of success, a system that provides virtual machine hosts, as in Wu, which queries the hosts for available services, as in Cheshire. A person of ordinary skill would have been motivated to make this combination so that improvements in service discovery techniques may be realized (Cheshire [0006]).

Claim 20 is rejected under 35 U.S.C. 103 as being unpatentable over Wu, in view of Khan, in view of Lee, in view of Shah, as applied to claim 15 above, and in further view of Subhraveti.

Regarding claim 20, while Wu discloses a first socket accessible by an application, the combination of Wu, Khan, Lee, and Shah does not explicitly disclose:
the first socket is an UNIX socket.

	However, in analogous art, Subhraveti teaches:
the first socket is an UNIX socket ([0040] A ‘best’ (e.g. most efficient, available, fastest, etc.) medium of network communication for any two or more applications can be determined (e.g. when an application comes up in the network or any triggering event, on a periodic basis, etc.). Example network communication media include, inter alia: TCP/IP, Infiniband RDMA, UNIX sockets, shared memory, etc. (i.e., communication between source and endpoint applications running on different VMs is performed between a “first” and second UNIX socket));

It would have been obvious to a person having ordinary skill in the art to have simply substituted the UNIX sockets described in Subhraveti with the network sockets described in the combination of Wu, Lee, and Shah, because (1) Wu describes communication between a source VM application and a remote endpoint via at least a port indicative of a network socket accessible to the application, which differs from the claimed device by substitution of a UNIX socket for Wu’s network socket, (2) UNIX sockets and their functions of enabling communication between a source VM application and an endpoint application are described in Subhraveti, and (3) a person of ordinary skill could have substituted the UNIX socket of Subhraveti with the network socket of Wu, with the predictable result of enabling a source VM application to communicate with a remote endpoint via at least a port indicative of a UNIX socket accessible to the application.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Barabash et al. Pub. No.: US 2014/0119373 A1 discloses a hypervisor that, upon receiving a VM’s packet, performs a location lookup to find out which physical location a destination VM is hosted.
Jiang et al. Pub. No.: US 2019/0132296 A1 discloses communication between nodes on different hosts provided by way of a tunnel between endpoints which packets are sent by a hypervisor using addresses of the endpoints to send the packets through the tunnel.

Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to MICHAEL W AYERS whose telephone number is (571)272-6420. The examiner can normally be reached M-F 8:30-5 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Meng-Ai An can be reached on 5712723756. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/MICHAEL W AYERS/Primary Examiner, Art Unit 2195