Notice of Pre-AIA  or AIA  Status
1.	The present application is being examined under the pre-AIA  first to invent provisions. 

2.	Claims 1–20 are presented for examination in a continuation application filed on 07/23/2021.

This instant application 17/383,528 is a continuation of 15/961,077, filed on 04/24/2018, now Pat. No. 11,093,271.

15/961,077 is a continuation of 15/074,035, filed on 03/18/2016, now Pat. No. 9,990,222.


Drawings
3.	The drawings were received on 07/23/2021.  These drawings are acceptable.


Double Patenting
4.	The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees.  A nonstatutory double patenting rejection is appropriate where the claims at issue are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); and In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on a nonstatutory double patenting ground provided the reference application or patent either is shown to be commonly owned with this application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).
The USPTO internet Web site contains terminal disclaimer forms which may be used.  Please visit http://www.uspto.gov/forms/.  The filing date of the application will determine what form should be used.  A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission.  For more information about eTerminal Disclaimers, refer to http://www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.  


5.	Claims 1–2, 6–9, 13–16, and 20 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1, 8, and 15 of US 9,990,222 B2 (“issued ’222 patent”) in view of (1) Fitzgerald et al., US 2008/0134176 A1 (“Fitzgerald”) and (2) Omelyanchuk et al., US 7,865,893 B1 (“Omelyanchuk”).

6.	Although the claims at issue are not identical, they are not patentably distinct (nonobvious) from each other, because at least some of the subject matter claimed in the instant application is already fully disclosed in the issued ’668 patent.

Additionally, it would have been obvious to a person of ordinary skill in the art at the time the invention was made to additionally modify claims 2, 6–7, 9, 13–14, 16, and 20 with the teachings of (1) Fitzgerald and (2) Omelyanchuk to arrive at the respective limitations of these dependent claims so as to provide for a distributed control and monitoring of host device/system across different host architectures and virtualization schemes.


Examiner Notes
7.	Examiner refers to and explicitly cites particular pages, sections, figures, paragraphs or columns and lines in the references as applied to Applicant’s claims to the extent practicable to streamline prosecution.
Although the cited portions of the references are representative of the best teachings in the art and are applied to meet the specific limitations of the claims, other uncited but related teachings of the references may be equally applicable as well.  It is respectfully requested that, in preparing responses to the rejections, the Applicant fully considers not only the cited portions of the references, but also the references in their entirety, as potentially teaching, suggesting or rendering obvious all or one or more aspects of the claimed invention.

Abbreviations
8.	Where appropriate, the following abbreviations will be used when referencing Applicant’s submissions and specific teachings of the reference(s):
i.	figure / figures:		Fig. / Figs.
ii.	column / columns:		Col. / Cols.
iii.	page / pages:			p. / pp.



References Cited
9.	(A)	Fitzgerald et al., US 2008/0134176 A1 (“Fitzgerald”).
	(B)	Omelyanchuk et al., US 7,865,893 B1 (“Omelyanchuk”).
	(C)	Wookey et al., US 2007/0171921 A1 (“Wookey”).


Notice re prior art available under both pre-AIA  and AIA 
10.	In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

A.
11.	Claims 1–2, 6, 8–9, 13, and 15–16 are rejected under 35 U.S.C. 103 as being unpatentable over (A) Fitzgerald in view of (B) Omelyanchuk.
See “References Cited” section, above, for full citations of references.

12.	Regarding claim 1, (A) Fitzgerald teaches/suggests the invention substantially as claimed, including:
	“A method, comprising:
	receiving, ... at least one compliance rule from a management service”
(Fig. 1 and ¶ 41: each execution platform 101 includes a host or virtual machine monitor (host/VMM 103) running on that platform. The host/VMM 103 can be implemented with conventional or custom technology, so as to allow a virtual machine (guests/VM 107) to run therein;
¶ 225: getting compliance policies regarding a target VM;
¶ 198: VM host system can be checked for policy adherence using similar techniques;
¶ 57: to execute policy-based checking of the VMs, as well as their respective hosts (such as host/VMM 103) and/or the requestor);


	“receiving, ... a host environment data object generated by a host management component executed in the host device, the host environment data object specifying host parameters detected for the host device and hypervisor parameters detected for the hypervisor component of the host device”
(¶ 31: management information includes metadata about the VM itself, VM logs, and VM events ( e.g., such as creation, execution, snapshoting, templating), as well as metadata about the host and host environment ( e.g., such as vendor, version, location, author, usage, licensing and other such pertinent host data);
¶ 283: applying 807 the compliance policies against the content metadata of VM;
¶ 289: getting 901 content metadata of the target VM; getting 903 compliance policies regarding VM content; arbitrating 905 the compliance policies for priority, conflict, or deadlocks; and applying 907 the content compliance policies against the content metadata of VM);


	“determining, ... a violation of the at least one compliance rule identified based on at least one of the host parameters and the hypervisor parameters”
(¶ 227: an “execution-watcher” functionality. In such an embodiment, the process 403 operates to periodically examine the running guest/VM 107. If the guest/VM 107 becomes non-compliant for any reason (e.g., based on policy), then process 403 can implement one or more remedial actions;
¶ 228: once the VM is running, the execution-watcher checks (e.g., on a configurable time interval) that the VM is in policy-compliance. If not, remedial action can be taken (e.g., by operation of process 403 itself, or other processes of the managed system, such as the enforce process 800;
¶ 198: VM host system can be checked for policy adherence using similar techniques;
¶ 57: to execute policy-based checking of the VMs, as well as their respective hosts (such as host/VMM 103) and/or the requestor); and

	“performing, ... an action based on the violation of the at least one compliance rule”
(¶¶ 227–228: implement one or more remedial actions).


	
Fitzgerald does not teach that the receiving, determining and performing steps are performed by “a guest management component executed within a guest virtual machine executed by a host device” and “wherein the hypervisor component relays the host environment data object from the host management component to the guest management component.”


(B) Omelyanchuk however teaches or suggests: that the receiving, determining and performing steps are performed by 
“a guest management component executed within a guest virtual machine executed by a host device” and
“wherein the hypervisor component relays the host environment data object from the host management component to the guest management component.”
(Col. 9, lines 53–55: control and monitoring functions may be distributed among the VMM, the primary VM, HOS and secondary VM' s depending on the hardware and software (e.g., HOS) architecture;
Col. 9, lines 37–40: guest operating system in that secondary Virtual Machine receives the status of the host operating system and the corresponding VM gets a corresponding privilege level).


It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to further combine the teachings of Omelyanchuk with those of Fitzgerald to implement policy compliance checking and enforcement functions in the guest OS of the host device/system. The motivation or advantage to do so is to provide for a distributed control and monitoring of host device/system across different host architectures and virtualization schemes.


13.	Regarding claim 2, Fitzgerald teaches/suggests:
“wherein the action comprises transmitting an application programming interface (API) call from the guest management component to at least one of: the hypervisor component, the host component, and a host operating system of the host device”
(¶ 87: The request handler module 219 can be implemented, for example, using a command line or shell (e.g., DOS command line), web services, APIs, and other such suitable interfaces;
¶ 121: Ask specified host via external interface (e.g., Web Service, API, Command line) to stop a LogicalVM).

14.	Regarding claim 6, Fitzgerald and Omelyanchuk teach/suggest:
“transmitting, by the guest management component, a notification of the violation to at least one of: a user of the host device, and an administrator of an enterprise computing environment comprising the host device”
(¶¶ 199–202: If Policy is violated, one or more of several ( configured) actions may be performed .... Notify Administrator (e.g., email, SNMP, message to console)).


15.	Regarding claims 8–9 and 13, they are the corresponding system claims reciting similar limitations of commensurate scope as the method of claims 1–2 and 6, respectively. Therefore, they are rejected on the same basis as claims 1–2 and 6 above, and further including the following:

	Fitzgerald teaches/suggests:
“a host device comprising a processor, at least one hardware storage device storing instructions executable by the at least one processor, wherein the instructions, when executed by the at least one processor ...”
(Fig. 1 and ¶¶ 10–11).

16.	Regarding claims 15–16, they are the corresponding computer program product claims reciting similar limitations of commensurate scope as the method of claims 1–2, respectively. Therefore, they are rejected on the same basis as claims 1–2 above.


B.
17.	Claims 7, 14, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over (A) Fitzgerald in view of (B) Omelyanchuk, as applied to claims 1, 8 and 15 above, and further in view of (C) Wookey.

18.	Regarding claim 7, Fitzgerald and Omelyanchuk do not teach “wherein the action comprises instructing the hypervisor component to disable data sharing between the host device and the virtual machine.”

(C) Wookey however teaches or suggests:
“wherein the action comprises instructing the hypervisor component to disable data sharing between the host device and the virtual machine”
(¶ 352: mapping of client drives to shared folders on the virtual machine;
¶ 478: the virtualization software 8921 and/or virtualization layer 8922 disables access to a file system, or portion thereof, of the computing device 8910).


It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Wookey with those of Fitzgerald and Omelyanchuk, to disable access to the file system and thus preventing reading/writing to shared folders.  The motivation or advantage to do so is to restrict VM access to shared data based on policy violations or security requirements (see Fitzgerald, ¶ 9: allowing the target VM to execute in an isolated environment).

19.	Regarding claim 14, it is the corresponding system claim reciting similar limitations of commensurate scope as the method of claim 7. Therefore, it is rejected on the same basis as claim 7 above.

20.	Regarding claim 20, it is the corresponding computer program product claim reciting similar limitations of commensurate scope as the method of claim 7. Therefore, it is rejected on the same basis as claim 7 above.


Allowable Subject Matter
21.	Claims 3–5, 10–12, and 17–19 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.


Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to BENJAMIN C WU whose telephone number is (571)270-5906.  The examiner can normally be reached on Monday through Friday, 8:30 A.M. to 5:00 P.M..

Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Meng-Ai An can be reached on (571)272-3756.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/BENJAMIN C WU/Primary Examiner, Art Unit 2195                                                                                                                                                                                                        
December 10, 2022