DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claims 1-3 and 5-20 are presented for examination.
Claim(s) 4 has/have been canceled.
Responsive to communication filed on 27 July 2022.

Response to Arguments
Applicant's arguments filed 27 July 2022 have been fully considered but they are not persuasive. 

Applicant argues on page 9 of the remarks:  Regarding claim 1, Banerjee (US 2014/0282518) does not obviate the claimed “perform one or more tests on the machine image, wherein the one or more tests validate the machine image for compliance with one or more policies,” because Banerjee is directed toward performing one or more tests on a request for a VM image, rather than performing one or more tests that validate a VM image for compliance with policies.

Examiner’s response:  The Examiner respectfully disagrees.  Banerjee is not merely limited to performing testing on or validating a VM image request.  Rather, Banerjee discloses testing the VM image itself for compliance with policies (e.g., abstract, “embodiments of the invention evaluate virtual machine images launched in cloud-based environments for compliance with a policy”).
Banerjee disclose reconfiguring a virtual machine image (¶ 38, “enforcing policy-based compliance in attaching a reconfigured virtual machine image”).  After reconfiguring a VM image, a request to attach the VM image to a different storage resource is received (¶ 38, “a user reconfigures a virtual machine image instance that has complied with policy when launched, but the user now requests to attach that virtual machine image to a different storage resource”).  A policy management engine intercepts the request and ensures compliance with policy requirements (Id.).
A person having ordinary skill in the art would have found the claimed testing one or more VM images to validate compliance with policies obvious in view of Banerjee’s disclosure of testing a VM image for compliance with policies responsive to a request to use a VM image after the VM image is reconfigured.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


Claim(s) 1-3, 5-11, and 14-20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Sethuramalingam et al. (US 9,792,141) and further in view of Behrendt et al. (US 2019/0018715).

Regarding claim 1, Sethuramalingam et al. teaches: A system, comprising: one or more processors and one or more memories to store computer-executable instructions that, when executed, cause the one or more processors to: 
determine that a trigger for a machine image build process has occurred (col. 2:5-10, “More generally, the configuration specified for an image may include one or more triggering conditions that, when satisfied by current status information, cause the generating process for the image to be initiated” and col. 7:3-6, “When the triggering conditions are satisfied or the VMIG service otherwise determines to initiate the generating process (e.g., based on a corresponding instruction that is currently or previously received from the client)”), wherein the trigger comprises an arrival of a scheduled time (col. 4:52-55, “The VMIG service may further perform additional automated operations to determine when to initiate the generating process for a particular generated VMI, such as to schedule the process to occur at a specified time”), an availability of one or more updated components of a machine image (col. 1:59-62, “configuration information specified for the image may cause the generating process for the image to be triggered when one or more of the underlying construction components changes”), or an availability of one or more updated policies or tests associated with the machine image build process (col. 2:54-58, “one or more configuration scripts or other sets of executable that when executed set or modify policies or other settings (e.g., to set user permissions and other access controls, to specify firewall policies and other security-related and/or access policies, etc.)”); 
perform the machine image build process responsive to the trigger, wherein the machine image build process generates the machine image, wherein the machine image comprises a plurality of operating system components supporting execution of an application (col. 2:14-20, “the executable software images being manufactured are virtual machine images (e.g., images that are bootable or otherwise loadable by a hosted virtual machine in a particular virtualization environment, and that each include operating system software and optionally software for one or more application programs”), and wherein the machine image is compliant with one or more policies (col. 11:29-40, “The module 121 then further performs interactions 269 to retrieve any specified configuration scripts 141a and to cause them to be executed within the executing base VMI, such as to specify policies, to set indicated parameters or other settings, etc. In some embodiments, the module 121 may perform further activities to perform one or more validations tests on the generated VMI 133a”); and 
distribute the machine image to one or more compute instances in a multi- tenant provider network (col. 11:45-50, “the module 121 may further perform one or more optional interactions 281 with the VMIG Deployment module 127 to cause the generated VMI 133a to be automatically deployed, such as to be executed on behalf of client A”), wherein the one or more compute instances are launched using the machine image (col. 3:65-67 and col. 4:1-2, “the VMIG service may be configured to execute or otherwise deploy a generated VMI of a client on behalf of the client”), and wherein the application is executed on the one or more compute instances launched using the machine image (col. 1:15-20, “Each such hosted virtual machine may be a software simulation acting as a distinct logical computing system that provides users with the illusion that they are the sole operators and administrators of a given hardware computing resource”).
Sethuramalingam et al. do not teach as clearly as Behrendt et al. teach: the machine image comprises a plurality of operating system components (¶ 59, “the application code is compiled together with its runtime and the previously identified dependencies (operating system components) into a lightweight bootable virtual machine image 430”).
It would have been obvious to a person having ordinary skill in the art, at the effective filing date of the invention, to have applied the known technique of the machine image comprises a plurality of operating system components, as taught by Behrendt et al., in the same way to the VM image, as taught by Sethuramalingam et al.. Both inventions are in the field of creating VM images, and combining them would have predictably resulted in “facilitating event-driven processing using unikernels”, as indicated by Behrendt et al. (¶ 3).
Sethuramalingam et al. and Behrendt et al. do not teach, however, Banerjee et al. teach: perform one or more tests on the virtual machine image, wherein the one or more tests validate the virtual machine image for compliance with the one or more policies (abstract, “embodiments of the invention evaluate virtual machine images launched in cloud-based environments for compliance with a policy”; ¶ 38, “a user reconfigures a virtual machine image instance that has complied with policy when launched, but the user now requests to attach that virtual machine image to a different storage resource”; ¶ 38, “enforcing policy-based compliance in attaching a reconfigured virtual machine image”).
It would have been obvious to a person having ordinary skill in the art, at the effective filing date of the invention, to have applied the known technique of perform one or more tests on the virtual machine image, wherein the one or more tests validate the virtual machine image for compliance with the one or more policies, as taught by Banerjee et al., in the same way to the virtual machine image, as taught by Sethuramalingam et al. and Behrendt et al.. Both inventions are in the field of generating VM images, and combining them would have predictably resulted in a system configured to “evaluate virtual machine images launched in cloud-based environments for compliance with a policy”, as indicated by Banerjee et al. (¶ 2).

Regarding claim 2, Behrendt et al. teaches: the plurality of operating system components are determined using a plurality of package dependencies of the application (¶ 59, “This includes an analysis of the application code to identify its dependencies and the use of required operating system functions or components. Based on that analysis, the application code is compiled together with its runtime and the previously identified dependencies (operating system components) into a lightweight bootable virtual machine image 430”), and wherein the machine image excludes one or more additional operating system components not indicated by the plurality of package dependencies (¶ 59, “The old or outdated application code unikernel may then be garbage collected asynchronously 455 from the image store.”).

Regarding claim 3, Sethuramalingam et al. teaches: The system as recited in claim 1, wherein the one or more memories store additional computer-executable instructions that, when executed, cause the one or more processors to: perform one or more tests on the machine image (col. 4:20-25, “Additional automated operations that the VMIG service may be configured to perform for some or all generated VMIs that it manufactures may include testing and other validation of such generated VMIs in at least some embodiments and situations”), wherein the one or more tests validate the image for use with the application (col. 4:32-38, “all generated VMIs may be tested by initiating a boot or other startup of the generated VMI to determine if that process succeeds (assuming that the generated VMI is a bootable image), including to verify that any software programs of the generated VMI that are configured to execute on boot have their execution occur without error”).

Claim(s) 5-11, 14-17, and 19-20 correspond(s) to claim(s) 1 and 2-3, and differ(s) only in statutory category. Therefore, it/they is/are rejected for the same reasons. 

Regarding claim 18, Banerjee et al. teaches: The one or more non-transitory computer-readable storage media as recited in claim 15, further comprising additional program instructions that, when executed on or across the one or more processors, perform: performing an additional machine image build process responsive to generation of the machine image (¶ 66, “A builder may be provided able to subscribe to events from the data store, and build bootable, lightweight, customized virtual machine images leveraging a library operating system (unikernel) approach”), wherein the additional machine image build process generates an additional machine image, wherein the additional machine image comprises a customized version of the machine image (¶ 67, “creating a new, customized parameterized virtual machine image by the builder component, including the uploaded program code, necessary operating system component or functionality, and used libraries (unikernel) based on the associated metadata”).

Claim(s) 13 is/are rejected under 35 U.S.C. 103 as being unpatentable over Sethuramalingam et al. and Behrendt et al., as applied above, and further in view of Banerjee et al. (US 2014/0282518).

Regarding claim 13, Sethuramalingam et al. and Behrendt et al. do not teach, however, Banerjee et al. teach: the one or more recipients comprise one or more accounts in a multi-tenant provider network, and wherein the machine image is provided to the one or more accounts based at least in part on access privileges associated with the machine image (¶ 19, “By tying identity, image assessments, and data sensitivity together into definable and enforceable policies, the policy management engine provides control over who launches what virtual machine images in a cloud network and accesses sensitive data.”).
It would have been obvious to a person having ordinary skill in the art, at the effective filing date of the invention, to have applied the known technique of the one or more recipients comprise one or more accounts in a multi-tenant provider network, and wherein the machine image is provided to the one or more accounts based at least in part on access privileges associated with the machine image, as taught by Banerjee et al., in the same way to the virtual machine image, as taught by Sethuramalingam et al. and Behrendt et al.. Both inventions are in the field of generating VM images, and combining them would have predictably resulted in a system configured to “evaluate virtual machine images launched in cloud-based environments for compliance with a policy”, as indicated by Banerjee et al. (¶ 2).

Claim(s) 12 is/are rejected under 35 U.S.C. 103 as being unpatentable over Sethuramalingam et al. and Behrendt et al., as applied above, and further in view of Taylor et al. (US 2021/0019163).

Regarding claim 12, Sethuramalingam et al. and Behrendt et al. do not teach, however, Taylor et al. et al. teach: sending a notification of a pendency of the machine image build process; and receiving a response to the notification, wherein the response comprises user input approving the machine image build process, and wherein the machine image build process is performed based at least in part on the response to the notification (¶ 21, “the administrative console 113 can provide a web-based user interface to allow an administrative user to approve or block distribution of updated application images 129 to virtual machines 143 managed by the administrative user”).
It would have been obvious to a person having ordinary skill in the art, at the effective filing date of the invention, to have applied the known technique of sending a notification of a pendency of the machine image build process; and receiving a response to the notification, wherein the response comprises user input approving the machine image build process, and wherein the machine image build process is performed based at least in part on the response to the notification, as taught by Taylor et al., in the same way to the virtual machine image, as taught by Sethuramalingam et al. and Behrendt et al.. Both inventions are in the field of generating VM images, and combining them would have predictably resulted in a system configured to “configure the management agent to download and install the application image”, as indicated by Taylor et al. (abstract).

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Ding et al. (US 2021/0073018) discloses validating an updated VM image prior to publishing the VM image (abstract and ¶ 29).
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JACOB D DASCOMB whose telephone number is (571)272-9993. The examiner can normally be reached M-F 9:00-5:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lewis Bullock can be reached on 5712723759. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/JACOB D DASCOMB/           Primary Examiner, Art Unit 2199