PLATFORM FOR INFORMATION TECHNOLOGY MANAGEMENT AS A SERVICE

DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . This Office Action is in response to the Amendment filed on 12/05/2025. In the instant Amendment, claims 1, 8 and 15 are independent claims. Claims 1-20 have been examined and are pending. This Action is made FINAL. Response to Arguments Applicants’ arguments in the instant Amendment, filed on 03/01/2017, with respect to limitations listed below, have been fully considered but they are not persuasive. Applicant’s arguments: “Hanafee, Ghetti, and Agrawal, taken individually or in combination, fails to teach or suggest that “determine that a client entity unenrolls a computing environment in an information technology (IT) management service,” as recited in independent claims 1, 8 and 15.” The Examiner disagrees with the Applicants. The Examiner respectfully submits that Ghetti discloses determine that a client entity unenrolls a computing environment in an information technology (IT) management service (Ghetti: col. 25 lines 41-45 the cloud-based security platform 300 may provide an error message, notify a predetermined administrative user, generate a record of the transaction, block requests from that particular client module 104B, unenroll the client module 104B, etc.). More specifically, Getti discloses if, however, the FAFSS client module (e.g., end-point engine 203) determines that the cloud-based security platform has not responded (at step 1004) positively, then in one embodiment, the encryption CBK 111 (refer to FIG. 5 for details) perhaps was not generated by the FAFSS key service 400 and, hence, encryption cannot be successfully performed at the FAFSS client module. In one aspect, the FAFSS client module reverts back to step 1001, and the entire process is retriggered. In alternate aspects, the FAFSS client module displays a message to the user indicating one or more reasons why the encryption could not be successfully performed, and the process exits thereafter [col. 48 lines 3-15] and in some scenarios, the FAFSS server module provides one or more reasons related to the denial of the CBK. Thus, in one embodiment, the FAFSS client module displays (at step 1203) a message to the user indicating one or more reasons why the decryption could not be successfully performed, and reverts back to step 1201. Correspondingly, the end-point process 1200 exits thereafter [col. 50 lines 1-8]. Therefore, the examiner finds this argument not persuasive. Applicant’s arguments: “Hanafee, Ghetti, and Agrawal, taken individually or in combination, fails to teach or suggest that “delete the instance of the servicing application from the computing environment,” as recited in independent claims 1, 8 and 15.” The Examiner disagrees with the Applicants. The Examiner respectfully submits that Ghetti discloses delete the instance of the servicing application from the computing environment (Ghetti: col. 40 lines 11-14 the client module determines whether the policy requires removing user interface elements from the application running on the end user's computing device). More specifically, Getti discloses at step 607, in one embodiment, the client module determines whether a given policy requires blocking an action, such as preventing a web browser from posting information to a web application. If so, the client module proceeds to step 612, wherein the client module takes a predetermined action with respect to the application (e.g., cancels the action that the application running on the end user's computing device was about to take). For example, policy might require the client module to block the upload of a file to a web application, thereby securing the information by preventing it from being uploaded. If the policy does not require the client module to block the action, it continues to step 608 [col. 39 lines 64-67 through col. 40 lines 1-10] and a set of policies might include one rule requiring removal of a file upload button in step 609 and a separate rule that requires the client module to cancel file upload actions in steps 607 and 612, in case a user circumvents the removal of the UI element [col. 40 lines 24-28]. Therefore, the examiner finds this argument not persuasive. A substantially similar rejection to the previous non-final rejection follows below: Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary. Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention. Claims 1, 5-8, 12-15 and 19-20 are rejected under 35 U.S.C. 103 as being unpatentable over Hanafee et al. (“Hanafee,” US 11151253) in view of Ghetti et al. (“Ghetti,” US 9608809) and Agrawal et al. (“Agrawal,” US 11757934). Regarding claim 1: Hanafee discloses a computing system of a host provider, comprising: a client entity (Hanafee: col. 7 lines 15-19 computing devices); at least one memory that stores program code (Hanafee: fig. 5 item 508 memory); and a processing system, comprising at least one processor (Hanafee: fig. 5 item 506 processing unit), that receives the program code from the at least one memory and, in response to at least receiving the program code, to: a computing environment (Hanafee: fig. 1 item 110 cloud environment); generate an instance of a servicing application in the computing environment for the client entity (Hanafee: col. 3 lines 1-3 the cloud environment 110 provides the application instance to the user; col. 7 lines 4-6 the cloud controller 220 creates the application instance 204 and/or other applications for one or more users); retrieve a certificate of the servicing application from a first data structure in a secure storage device of the computing system (Hanafee: col. 3 lines 7-14 the application instance is provided with a certificate service component 120 [] a digital certificate that credentials the application instance as a trusted application instance; col. 5 lines 31-32 the certificate trust store 228 includes a listing of public keys for trusted applications). Hanafee does not explicitly disclose determine that a client entity enrolls a computing environment in an information technology (IT) management service, the servicing application having no pre-authorized permissions within the computing system, determine that a client entity unenrolls a computing environment in an information technology (IT) management service, and delete the instance of the servicing application from the computing environment. However, Ghetti discloses determine that a client entity enrolls a computing environment in an information technology (IT) management service (Ghetti: col. 60 lines 54-56 at step 1601, the enrollment service 201 generally determines whether the request is from a system administrator selecting users for silent enrollment; col 37 lines 40-42 many organizations manage their information technology with tools that can install software); the servicing application having no pre-authorized permissions within the computing system (Ghetti: col. 16 line 52-53 data access may be allowed based on authentication of users; lines 60-63 the authentication aspects [] may provide the ability to manage the rights of individuals who are able to access data and/or programs according to pre-defined policies/roles); determine that a client entity unenrolls a computing environment in an information technology (IT) management service (Ghetti: col. 25 lines 41-45 the cloud-based security platform 300 may provide an error message, notify a predetermined administrative user, generate a record of the transaction, block requests from that particular client module 104B, unenroll the client module 104B, etc.); and delete the instance of the servicing application from the computing environment (Ghetti: col. 40 lines 11-14 the client module determines whether the policy requires removing user interface elements from the application running on the end user's computing device). Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Ghetti with the system/method of Hanafee to include delete the instance of the servicing application from the computing environment. One would have been motivated to provide a cloud-based platform that orchestrates the management application of policies between the end user client and the server software (Ghetti: col. 4 lines 9-11). Hanafee in view of Ghetti does not explicitly disclose provide the certificate to an identity service associated with the computing system; receive, from the identity service, an application authentication token determined by the identity service based at least on the certificate and perform an operation in the computing environment by the instance of the servicing application based at least on the application authentication token providing authorization for the instance of the servicing application. However, Agrawal discloses provide the certificate to an identity service associated with the computing system (Agrawal: col. 9 lines 49-51 in step 4, user's web browser then sends the client certificate to the identity provider service which verifies the certificate using public-private key based authentication); receive, from the identity service, an application authentication token determined by the identity service based at least on the certificate (Agrawal: col. 9 lines 52-54 in step 5, once the certificate has been authenticated, the identity provider service returns an authentication token back to the requestor); and perform an IT management operation in the computing environment by the instance of the servicing application based at least on the application authentication token providing authorization for the instance of the servicing application (Agrawal: col. 9 lines 55-57 in step 6, the requestor retries the access to the SaaS/private enterprise applications with the authentication token and is granted access to the application; col. 11 lines 14-16 the threat level may, for example, be determined by an IT/Control plane receiving information indicative of potential threats). Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Agrawal with the system/method of Hanafee and Ghetti to include perform an operation in the computing environment by the instance of the servicing application based at least on the application authentication token providing authorization for the instance of the servicing application. One would have been motivated to securing user access to SaaS and/or private enterprise applications (Agrawal: col. 15 lines 5-6). Regarding claim 5: Hanafee in view of Ghetti and Agrawal discloses the computing system of claim 1. Ghetti further discloses wherein the servicing application is deployed to the computing system with no pre-authorized permissions via a secure application portal that is inaccessible outside of a domain of a host provider identifier (Ghetti: col. 16 line 52-53 data access may be allowed based on authentication of users; lines 60-63 the authentication aspects [] may provide the ability to manage the rights of individuals who are able to access data and/or programs according to pre-defined policies/roles; col. 22 lines 10-15 hypothetical corporate organization might define policy information regarding websites through its access control system. The FAFSS 100 system could use the policy knowledge in that access control system to restrict access to certain functionalities of various websites, such as file uploading). The motivation is the same that of claim 1 above. Regarding claim 6: Hanafee in view of Ghetti and Agrawal discloses the computing system of claim 5. Hanafee further discloses wherein the certificate is generated by the host provider identifier and written to the first data structure in the secure storage subsequent to the servicing application being deployed to the computing system (Hanafee: col. 4 lines 15-25 the certificate service component 210 is provided by a certificate service master 212. The certificate service master 212 is a permanent entity in the cloud that keeps a copy of the certificate service component 201. The certificate service master 212 provides the copy of the certificate service component 210 to the application instance 204 when the application instance 204 is initialized or opened in the cloud environment 202); and wherein the certificate is associated with the servicing application via the secure application portal (Hanafee: col. 4 lines 2-8 the application instance 204 is provided with a certificate service component 210 [] the digital certificate verifies the application instance as a trusted application instance). Regarding claim 7: Hanafee in view of Ghetti and Agrawal discloses the computing system of claim 1. Ghetti further discloses wherein the operation includes at least one of: altering of a configuration setting for at least one device associated with the computing environment; installing a software update associated with an instance of an application in the computing environment; creating or modifying a group in a directory for the computing environment; or altering an access policy for the computing environment (Agrawal: col. 15 lines 11-15 the extended enterprise browser will monitor the user endpoint for installations of alternate web browsers. If any of these installations are detected, then the extended enterprise browser will notify the IT operator against this security violation. Further it will prevent access to private enterprise applications when accessed via the extended enterprise Browser [enforcing a security rule]). The motivation is the same that of claim 1 above. Regarding claim 8: Hanafee discloses a method, performed by a computing system of a host provider, comprising: a client entity (Hanafee: col. 7 lines 15-19 computing devices); a computing environment (Hanafee: fig. 1 item 110 cloud environment); generating an instance of a servicing application in the computing environment for the client entity identifier (Hanafee: col. 3 lines 1-3 the cloud environment 110 provides the application instance to the user; col. 7 lines 4-6 the cloud controller 220 creates the application instance 204 and/or other applications for one or more users); retrieving a certificate of the servicing application from a first data structure in a secure storage device of the computing system (Hanafee: col. 3 lines 7-14 the application instance is provided with a certificate service component 120 [] a digital certificate that credentials the application instance as a trusted application instance; col. 5 lines 31-32 the certificate trust store 228 includes a listing of public keys for trusted applications). Hanafee does not explicitly disclose determine that a client entity enrolls a computing environment in an information technology (IT) management service, the servicing application having no pre-authorized permissions within the computing system, determine that a client entity unenrolls a computing environment in an information technology (IT) management service, and delete the instance of the servicing application from the computing environment. However, Ghetti discloses determine that a client entity enrolls a computing environment in an information technology (IT) management service (Ghetti: col. 60 lines 54-56 at step 1601, the enrollment service 201 generally determines whether the request is from a system administrator selecting users for silent enrollment; col 37 lines 40-42 many organizations manage their information technology with tools that can install software); the servicing application having no pre-authorized permissions within the computing system (Ghetti: col. 16 lines 60-63 the authentication aspects of the disclosed system may provide the ability to manage the rights of individuals who are able to access data and/or programs according to pre-defined policies/roles); determine that a client entity unenrolls a computing environment in an information technology (IT) management service (Ghetti: col. 25 lines 41-45 the cloud-based security platform 300 may provide an error message, notify a predetermined administrative user, generate a record of the transaction, block requests from that particular client module 104B, unenroll the client module 104B, etc.); and delete the instance of the servicing application from the computing environment (Ghetti: col. 40 lines 11-14 the client module determines whether the policy requires removing user interface elements from the application running on the end user's computing device). Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Ghetti with the system/method of Hanafee to include delete the instance of the servicing application from the computing environment. One would have been motivated to provide a cloud-based platform that orchestrates the management application of policies between the end user client and the server software (Ghetti: col. 4 lines 9-11). Hanafee in view of Ghetti does not explicitly disclose providing the certificate to an identity service associated with the computing system, receiving, from the identity service, an application authentication token determined by the identity service based at least on the certificate and performing an operation in the computing environment by the instance of the servicing application based at least on the application authentication token providing authorization for the instance of the servicing application. However, Agrawal discloses providing the certificate to an identity service associated with the computing system (Agrawal: col. 9 lines 49-51 in step 4, user's web browser then sends the client certificate to the identity provider service which verifies the certificate using public-private key based authentication); receiving, from the identity service, an application authentication token determined by the identity service based at least on the certificate (Agrawal: col. 9 lines 52-54 in step 5, once the certificate has been authenticated, the identity provider service returns an authentication token back to the requestor); and performing an IT management operation in the computing environment by the instance of the servicing application based at least on the application authentication token providing authorization for the instance of the servicing application (Agrawal: col. 9 lines 55-57 in step 6, the requestor retries the access to the SaaS/private enterprise applications with the authentication token and is granted access to the application; col. 11 lines 14-16 the threat level may, for example, be determined by an IT/Control plane receiving information indicative of potential threats). Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Agrawal with the system/method of Hanafee and Ghetti to include performing an operation in the computing environment by the instance of the servicing application based at least on the application authentication token providing authorization for the instance of the servicing application. One would have been motivated to securing user access to SaaS and/or private enterprise applications (Agrawal: col. 15 lines 5-6). Regarding claims 12-14: Claims 12-14 are similar in scope to claims 5-7, respectively, and are therefore rejected under similar rationale. Regarding claim 15: Hanafee discloses a computer-readable storage medium having program instructions recorded thereon that, when executed by at least one processor of a computing system of a host provider, perform a method comprising: a client entity (Hanafee: col. 7 lines 15-19 computing devices); a computing environment (Hanafee: fig. 1 item 110 cloud environment); generating an instance of a servicing application in the computing environment for the client entity identifier (Hanafee: col. 3 lines 1-3 the cloud environment 110 provides the application instance to the user; col. 7 lines 4-6 the cloud controller 220 creates the application instance 204 and/or other applications for one or more users); retrieving a certificate of the servicing application from a first data structure in a secure storage device of the computing system (Hanafee: col. 3 lines 7-14 the application instance is provided with a certificate service component 120 [] a digital certificate that credentials the application instance as a trusted application instance; col. 5 lines 31-32 the certificate trust store 228 includes a listing of public keys for trusted applications). Hanafee does not explicitly disclose determine that a client entity enrolls a computing environment in an information technology (IT) management service, the servicing application having no pre-authorized permissions within the computing system, determine that a client entity unenrolls a computing environment in an information technology (IT) management service, and delete the instance of the servicing application from the computing environment. However, Ghetti discloses determine that a client entity enrolls a computing environment in an information technology (IT) management service (Ghetti: col. 60 lines 54-56 at step 1601, the enrollment service 201 generally determines whether the request is from a system administrator selecting users for silent enrollment; col 37 lines 40-42 many organizations manage their information technology with tools that can install software); the servicing application having no pre-authorized permissions within the computing system (Ghetti: col. 16 line 52-53 data access may be allowed based on authentication of users; lines 60-63 the authentication aspects [] may provide the ability to manage the rights of individuals who are able to access data and/or programs according to pre-defined policies/roles); determine that a client entity unenrolls a computing environment in an information technology (IT) management service (Ghetti: col. 25 lines 41-45 the cloud-based security platform 300 may provide an error message, notify a predetermined administrative user, generate a record of the transaction, block requests from that particular client module 104B, unenroll the client module 104B, etc.); and delete the instance of the servicing application from the computing environment (Ghetti: col. 40 lines 11-14 the client module determines whether the policy requires removing user interface elements from the application running on the end user's computing device). Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Ghetti with the system/method of Hanafee to include delete the instance of the servicing application from the computing environment. One would have been motivated to provide a cloud-based platform that orchestrates the management application of policies between the end user client and the server software (Ghetti: col. 4 lines 9-11). Hanafee in view of Ghetti does not explicitly disclose providing the certificate to an identity service associated with the computing system, receiving, from the identity service, an application authentication token determined by the identity service based at least on the certificate and performing an IT management operation in the computing environment by the instance of the servicing application based at least on the application authentication token providing authorization for the instance of the servicing application. However, Agrawal discloses providing the certificate to an identity service associated with the computing system (Agrawal: col. 9 lines 49-51 in step 4, user's web browser then sends the client certificate to the identity provider service which verifies the certificate using public-private key based authentication); receiving, from the identity service, an application authentication token determined by the identity service based at least on the certificate (Agrawal: col. 9 lines 52-54 in step 5, once the certificate has been authenticated, the identity provider service returns an authentication token back to the requestor); and performing an IT management operation in the computing environment by the instance of the servicing application based at least on the application authentication token providing authorization for the instance of the servicing application (Agrawal: col. 9 lines 55-57 in step 6, the requestor retries the access to the SaaS/private enterprise applications with the authentication token and is granted access to the application; col. 11 lines 14-16 the threat level may, for example, be determined by an IT/Control plane receiving information indicative of potential threats). Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Agrawal with the system/method of Hanafee and Ghetti to include performing an operation in the computing environment by the instance of the servicing application based at least on the application authentication token providing authorization for the instance of the servicing application. One would have been motivated to securing user access to SaaS and/or private enterprise applications (Agrawal: col. 15 lines 5-6). Regarding claims 19-20: Claims 19-20 are similar in scope to claims 5-6, respectively, and are therefore rejected under similar rationale. Claims 2-3, 9-10 and 16-17 are rejected under 35 U.S.C. 103 as being unpatentable over Hanafee et al. (“Hanafee,” US 11151253) in view of Ghetti et al. (“Ghetti,” US 9608809), Agrawal et al. (“Agrawal,” US 11757934) and Schoen et al. (“Schoen,” US 2015/0281225). Regarding claim 2: Hanafee in view of Ghetti and Agrawal discloses the computing system of claim 1. Hanafee in view of Ghetti and Agrawal does not explicitly disclose wherein the processing system, in response to at least receiving the program code, associates, in a second data structure of the computing system, at least one minimal instance-specific permission with the instance of the servicing application that enable the servicing application to perform the operation in the computing environment. However, Schoen discloses wherein the processing system, in response to at least receiving the program code, associates, in a second data structure of the computing system, at least one minimal instance-specific permission with the instance of the servicing application that enable the servicing application to perform the operation in the computing environment (Schoen: par. 0062 that each service account that is created or retrieved comprises a set of minimally scoped access permissions needed to access or perform a service on a resource and/or asset as requested by the client). Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Schoen with the system/method of Hanafee, Ghetti and Agrawal to include minimal instance-specific permission with the instance of the servicing application that enable the servicing application to perform the operation in the computing environment. One would have been motivated to enhance network security by operating a service with machine generated authentication tokens for managing authentication tokens associated with one or more service accounts (Schoen: par. 0003). Regarding claim 3: Hanafee in view of Ghetti and Agrawal discloses the computing system of claim 1. Hanafee in view of Ghetti and Agrawal does not explicitly disclose wherein to generate the instance of the servicing application in the computing environment includes to generate a respective instance of the servicing application in at least one other of computing environments for different client entity identifiers. However, Schoen discloses wherein to generate the instance of the servicing application in the computing environment includes to generate a respective instance of the servicing application in at least one other of computing environments for different client entity identifiers (Schoen: par. 0018 the authentication token management system may further arranged to generate authentication tokens that are unique so that no two service accounts in the SaaS systems may have the same authentication token). Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Schoen with the system/method of Hanafee, Ghetti and Agrawal to include generate a respective instance of the servicing application in at least one other of computing environments for different client entity identifiers. One would have been motivated to enhance network security by operating a service with machine generated authentication tokens for managing authentication tokens associated with one or more service accounts (Schoen: par. 0003). Regarding claims 9-10: Claims 9-10 are similar in scope to claims 2-3, respectively, and are therefore rejected under similar rationale. Regarding claims 16-17: Claims 16-17 are similar in scope to claims 2-3, respectively, and are therefore rejected under similar rationale. Claims 4, 11 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Hanafee et al. (“Hanafee,” US 11151253) in view of Ghetti et al. (“Ghetti,” US 9608809), Agrawal et al. (“Agrawal,” US 11757934), Schoen et al. (“Schoen,” US 2015/0281225) and KOCH et al. (“Koch,” US 2023/0168992). Regarding claim 4: Hanafee in view of Ghetti, Agrawal and Schoen discloses the computing system of claim 3. Hanafee in view of Ghetti, Agrawal and Schoen does not explicitly disclose wherein to generate a respective instance of the servicing application in at least one other of computing environments includes to execute a subset of the respective instance of the servicing application in the at least one other computing environments and validate an execution result thereof prior to respective instances outside of the subset being executed. However, Koch discloses wherein to generate a respective instance of the servicing application in at least one other of computing environments includes to execute a subset of the respective instance of the servicing application in the at least one other computing environments and validate an execution result thereof prior to respective instances outside of the subset being executed (Koch: par. 0045 orchestrator 110 running testing process 112 can include orchestrator 110 performing testing of an identified target software application. Orchestrator 110 running testing process 112 can include orchestrator 110 testing a target software application running on a target computing environment on a test computing environment. Orchestrator 110 running testing process 112 to perform a software test can include orchestrator 110 varying a software application performance impacting parameter value impacting the performance of the software application on the test computing environment). Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Koch with the system/method of Hanafee, Ghetti, Agrawal and Schoen to include validate an execution result thereof prior to respective instances outside of the subset being executed. One would have been motivated to adjusting a software application performance impacting parameter value impacting performance of a software application running within a computing environment (Koch: par. 0001). Regarding claim 11: Claim 11 is similar in scope to claim 4, and is therefore rejected under similar rationale. Regarding claim 18: Claim 18 is similar in scope to claim 4, and is therefore rejected under similar rationale. Conclusion THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to Fahimeh Mohammadi whose telephone number is (571)270-7857. The examiner can normally be reached Monday - Friday 9:00 - 5:00. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu Pham can be reached at 5712705002. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /FAHIMEH MOHAMMADI/ Examiner, Art Unit 2439 /LUU T PHAM/Supervisory Patent Examiner, Art Unit 2439