PROVIDING NAME RESOLUTION SERVICES TO COMPONENTS EXECUTING IN A VIRTUALIZED ENVIRONMENT

DETAILED ACTION Claims 1, 4-8, 11-15, and 18-20 are pending in this application. Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claim 1 is rejected under 35 U.S.C. 103 as being unpatentable over U.S. Pat. No. 9,237,087 B1 issued to Risbood et al. in view of U.S. Pat. No. 10,944,714 B1 issued to Cosma and further in view of U.S. Pat. No. 7,296,155 B1 issued to Trostle et al. and further in view of U.S. Pub. No. 2009/0327517 A1 to Sivasubramanian et al. and further in view of U.S. Pub. No. 2021/0049049 A1 to Kuik et al. and further in view of U.S. Pub. No. 2017/0353496 A1 to Pai et al. As to claim 1, Risbood teaches a computer-implemented method, comprising: intercepting (the request is addressed to an external name resolution service, e.g., a conventional DNS service, and is intercepted by the name resolution service) a first network packet (packet/Packet 210) generated by an application executing in a virtualized environment (VM 110/VM A 202) provided by a host processing system, the first network packet comprising a request to resolve a name (name resolution service) (“...When the VM 110 sends a packet, the packet is forwarded to the communications process 106a. If the packet includes a name of a destination, e.g., instead of a network address of the destination, the communications process sends a request to the name resolution service to obtain the network address of the desired destination. In some implementations, the request is addressed to an external name resolution service, e.g., a conventional DNS service, and is intercepted by the name resolution service. The name resolution service receives the request, determines the network address of the destination that is named in the request, and provides the network address to the communications process 106a. Once the internal network address for the destination VM is obtained, the communications process 106a can transmit the packet to the destination VM, as identified by the obtained internal network address…As illustrated in FIG. 2, VM A 202 sends a packet 210 that is intended for VM B 204. The packet 210 identifies the recipient by the unique name assigned to VM B within the cluster, e.g., “database.example.” The unique name can have been assigned to VM B 204 by a name association system, e.g., name association system 116 of FIG. 1, when VM B 204 was launched by the user. A communications process 204 receives the packet 210 and submits a request to resolve the unique name of the recipient to a name resolution service 220. The name resolution service can execute within the communications process 204. Alternatively, the name resolution service 220 can execute independently of, e.g., on separate data processing apparatuses from, the communications process 204. In some implementations, the request submitted by the communications process 204 is addressed to an external name resolution service, e.g., a conventional DNS service, and is intercepted by the name resolution service 220…” Col. 5 Ln. 65-67, Col. 6 Ln. 1- 13, Ln. 51-67). Risbood is silent with reference to generating an application programming interface (API) call to a name resolution API, the name resolution API provided by a host operating system (OS) executing on the host processing system, receiving a response to the API call, generating a second network packet comprising a response to the request to resolve the name based, at least in part, on the response to the API call, wherein the response to the API call is generated based, at least in part, on a host name resolution policy that specifies name resolution on a per-application basis using a unique identifier associated with the application executing in the virtualized environment that made the request to resolve the name, wherein the same name resolution policy for the application is applied regardless of whether the application is executing in the virtualized environment or executing directly on the host processing system and providing the second network packet to the application. Cosma teaches generating an application programming interface (API) call to a name resolution API (“…An MDNRS 110 may implement one or more sets of programmatic interfaces 177 in some embodiments, which may be used by MDNRS clients of several types to submit requests (e.g., name resolution rule/policy administration or configuration related requests, name resolution requests, and the like) and receive corresponding responses. The programmatic interfaces 177 may include, for example, various application programming interfaces (APIs), command-line tools, web-based consoles, graphical user interfaces and so on…An application/service user may submit a name resolution request to the MDNRS 110 via programmatic interfaces 177 from a device 152 in one of at least two ways in the depicted embodiment…” Col. 6 Ln. 14-23; Col. 8 Ln. 33-36), receiving a response to the API call (“…An MDNRS 110 may implement one or more sets of programmatic interfaces 177 in some embodiments, which may be used by MDNRS clients of several types to submit requests (e.g., name resolution rule/policy administration or configuration related requests, name resolution requests, and the like) and receive corresponding responses. The programmatic interfaces 177 may include, for example, various application programming interfaces (APIs), command-line tools, web-based consoles, graphical user interfaces and so on…An application/service user may submit a name resolution request to the MDNRS 110 via programmatic interfaces 177 from a device 152 in one of at least two ways in the depicted embodiment…” Col. 6 Ln. 14-23; Col. 8 Ln. 33-36). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claim invention to modify the system of Risbood with the teaching of Cosma because the teaching of Risbood would improve the system of Cosma by providing sets of programmatic interfaces for seamless communication between software components. Trostle teaches the name resolution API (API call) provided by a host operating system (OS) (Host Operating System 218) executing on the host processing system (“…In general, in operation, application 216 executes and arrives at a point where the application needs to resolve a domain name into an IP address. The application 216 requests IPSEC layer to carry out the resolution, for example, by invoking an operating system function that performs resolution. For IPSEC layer 217 of host operating system 218 to service such a request to resolve a DNS name into an IP address, the IPSEC layer 217 first searches cache 232 for a matching DNS name. Otherwise, the destination IP address is used as the policy parameter… In block 302, a DNS name is received. For example, application 216 receives or generates a DNS name. For example, application 216 may receive a DNS name as user input, or may receive the DNS name as value returned from an API call to another application, or may self-generate the DNS name programmatically. Block 302 may also represent providing a DNS name to resolver 220 as part of a DNS resolution call…” Col. 3 Ln 32-41, Ln. 45-52). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claim invention to modify the system of Risbood and Cosma with the teaching of Trostle because the teaching of Trostle would improve the system of Risbood and Cosma by providing sets of programmatic interfaces for allowing host operating system to resolve DNS names. Sivasubramanian teaches generating a second network packet comprising a response to the request to resolve the name based, at least in part, on the response to the API call, wherein the response to the API call is generated based, at least in part, on a host name resolution policy that specifies name resolution on a per-application basis using a unique identifier associated with the application (the application identifier can specify a type of hosted application, e.g., an Adobe Flash server streaming application or a Real Network Helix server streaming application) (“…As will be further described below in reference to FIG. 8, where the requested content corresponds to a streaming media file, for example, the DNS server can use an application identifier included in a DNS portion of the first resource identifier to select an instance of an NCC for processing the streaming media file. In one embodiment, the application identifier can specify file type information for the content to be processed, and the DNS server selects an instance of an NCC that has a data streaming application capable of processing a request for the identified file type, e.g., an MPEG or Flash media file. In another embodiment, the application identifier can specify a type of hosted application, e.g., an Adobe Flash server streaming application or a Real Network Helix server streaming application, to be used to process the requested content. Based on that information, the DNS server resolves the DNS query by identifying an instance of an NCC that corresponds to the identified type of application for processing the requested content or that can dynamically cause creation of such an instance. Still further, in another embodiment, the application identifier can specify a specific instance of an application, e.g., Company's Flash server, specified by a content provider for example. Based on that information, the DNS server then resolves the DNS query by identifying the IP address of a specific instance of an NCC that has the application required to process the requested content. Yet further, in another embodiment, the DNS portion of the first resource identifier can have a separate file type identifier which provides the file type information for use by the DNS server in selecting an appropriate instance of an NCC device for servicing the requested content…” paragraph 0040), and providing the second network packet to the application (return/21 CNAME) (“…In further reference to FIG. 4, the specific DNS server can utilize a variety of information in selecting a resource cache component or an instance of an NCC. In one illustrative embodiment, the DNS server can use the additional information in the DNS portion of the resource identifier (which is used to resolve the DNS query by the DNS server) to return an IP address of a resource cache component or an instance of an NCC. As generally described above, the additional information can include, without limitation, client identifiers, such as client identification codes, content provider identifiers, such as content provider identification codes, executable code for processing resource identifiers, such as script-based instructions, and the like. In addition or alternatively, the additional information can include file type identifiers and/or application identifiers which can include file type information, as well as information pertaining to a type of hosted application for processing the requested content or a specific instance of a hosted application desired for processing the requested content…Alternatively, if at decision block 704 the DNS server is not authoritative, at block 808, the DNS server component selects and transmits an alternative resource identifier. As described above, the DNS server component can utilize a data store to identify an appropriate CNAME as a function of the current DNS query, including for example the application identifier in the DNS portion of the URL or CNAME. Additionally, the DNS server component can also implement additional logical processing to select from a set of potential CNAMES. At block 710, different DNS server components 118, 124, 130 receive a DNS query corresponding to the CNAME. The routine 700 then returns to decision block 704 and continues to repeat as appropriate…” paragraph 0039/0066/0067). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claim invention to modify the system of Risbood, Cosma and Trostle with the teaching of Sivasubramanian because the teaching of Sivasubramanian would improve the system of Risbood, Cosma and Trostle by providing response to a query that is dedicated to the requestor. Kuik teaches the application executing in the virtualized environment (Application Containers 112) that made the request to resolve the name (DNS lookup) (“…As described in more detail in FIG. 2, the application containers 112 may perform a DNS lookup to identify the location of the nearest database instance 114 based on the name of the database instance 114 provided in the ranked list 124. However, in some examples the application containers 112 may only be provided with an indication or name of only the nearest database instance 114 as opposed to the ranked list 124…As illustrated, the application containers 112 running on cluster node 108(1) may have received an indication that database instance 114(1) is running locally on the cluster node 108(1), and that the database instance 114(1) is the nearest instance maintaining the data set replica 116(1). Accordingly, the application containers 112 running on cluster node 108(1) may access the data set replica 116(1) maintained by the database instance 114(1). As further illustrated, the application containers 112 running on cluster node 108(2) may receive an indication that the nearest database instance 114(1) is running on cluster node 108(1), and access the data set replica 116(1) that is maintained by the database instance 114(1). Further, in some examples, if the nearest database instance 114 fails, the application containers 112 may begin accessing the next highest ranked database instance 114 in the ranked list 124 provided by the virtual workload orchestration component 104…” paragraphs 0041/0042). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claim invention to modify the system of Risbood, Cosma, Trostle and Sivasubramanian with the teaching of Kuik because the teaching of Kuik would improve the system of Risbood, Cosma, Trostle and Sivasubramanian by providing a technology that allows multiple virtual instances of computing resources (like servers, storage, or networks) to run on a single physical machine, improving resource utilization and management. Pai teaches wherein the same name resolution policy (shared DNS) for the application is applied regardless of whether the application is executing in the virtualized environment (virtualized security isolation/ isolated containers/Containers 130) or executing directly on the host processing system (host system/Host Operating System 102) (“… Accordingly, by activating containers to access untrusted network resources, the hardware-based virtualized security isolation techniques described herein create two or more separate instances of an operating system or contained runtime environment, each with network connectivity. By monitoring data and operations performed within these contained runtime environments, the hardware-based virtualized security isolation techniques described herein are configured to prevent any untrusted network resources from being accessed by the host operating system. The hardware-based virtualized security isolation techniques described herein additionally enable a host system to scan and share DNS and Hypertext Transfer Protocol (HTTP) information from the secure host operating system to improve web browsing performance or other network activity within the one or more of the isolated containers…Container manager 118 is also configured to share DNS and Hypertext Transfer Protocol (HTTP) information from the host operating system 102 to improve web browsing performance or other network activity within the one or more of the isolated containers. In one or more embodiments, container manager 118 maintains a cache of DNS queries made from earlier instances where container 130 accessed network resources, as well as HTTP data such as Internet data files or web site cookies that enable future requests in a container to access untrusted web sites to remember one or more of previous user preferences, configurations, or settings…” paragraphs 0017/0089). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claim invention to modify the system of Risbood, Cosma, Trostle, Sivasubramanian and Kuik with the teaching of Pai because the teaching of Pai would improve the system Risbood, Cosma, Trostle, Sivasubramanian and Kuik by providing a technique for access and using a Domain Name Service from varying number of clients (containers and host operating system) and thus allowing for ubiquitous or versatile computing. Claim 4 is rejected under 35 U.S.C. 103 as being unpatentable over U.S. Pat. No. 9,237,087 B1 issued to Risbood et al. in view of U.S. Pat. No. 10,944,714 B1 issued to Cosma and further in view of U.S. Pat. No. 7,296,155 B1 issued to Trostle et al. and further in view of U.S. Pub. No. 2009/0327517 A1 to Sivasubramanian et al. and further in view of U.S. Pub. No. 2021/0049049 A1 to Kuik et al. and further in view of U.S. Pub. No. 2017/0353496 A1 to Pai et al. as applied to claim 1 above, and further in view of U.S. Pub. No. 2019/0342397 A1 to Laibson. As to claim 4, Risbood as modified by Cosma, Trostle, Sivasubramanian, Kuik and Pai teaches the computer-implemented method of claim 1, however it is silent with reference to wherein the API call to the name resolution API is generated in association with a user account used to execute the application in the virtualized environment. Laibson teaches wherein the API call to the name resolution API is generated in association with a user account used to execute the application in the virtualized environment (“…The portal of the emulation system may be a public facing portal with a GUI that enables users to interface with the emulation system, creating user and account profiles, project profiles, subscription details, viewing request detail information, and so on. The portal of the emulation system may be separate from other components of the emulation system but may be able to access the same data stores and search engines as the other components. The portal may include a number of features, including user registration, company/account management, subscription management, project management, an API request dashboard, and client virtual private cloud creation and management…The portal of the emulation system may allow for user registration. This may enable the users of the emulation system to create individual user accounts. These user accounts may be tied to a user profile which stores information specific to an individual user… The portal 110 of the emulation system computing device 100 may be a public facing portal 110 with a GUI that enables users to interface with the emulation system computing device 100, creating user and account profiles, project profiles, subscription details, viewing request detail information, and so on. The portal 110 of the emulation system computing device 100 may be separate from other components of the emulation system computing device 100 but may be able to access the same data stores and search engines as the other components of the emulation system computing device 100. The portal 110 may be implemented as a serverless application. The portal 110 may include a number of features, including user registration, company/account management, subscription management, project management, an API request dashboard, and client virtual private cloud creation and management. The portal 110 of the emulation system computing device 100 may allow for user registration. This may enable the users of the emulation system computing device 100 to create individual user accounts. These user accounts may be tied to a user profile which stores information specific to an individual user…” paragraphs 0061/0062/0074). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claim invention to modify the system of Risbood, Cosma, Trostle, Sivasubramanian, Kuik and Pai with the teaching of Laibson because the teaching of Risbood, Cosma, Trostle, Sivasubramanian, Kuik and Pai would improve the system of Laibson by creating individual user and account profiles to allow for controlled and secure access to computing resources. Claim 5 is rejected under 35 U.S.C. 103 as being unpatentable over U.S. Pat. No. 9,237,087 B1 issued to Risbood et al. in view of U.S. Pat. No. 10,944,714 B1 issued to Cosma and further in view of U.S. Pat. No. 7,296,155 B1 issued to Trostle et al. and further in view of U.S. Pub. No. 2009/0327517 A1 to Sivasubramanian et al. and further in view of U.S. Pub. No. 2021/0049049 A1 to Kuik et al. and further in view of U.S. Pub. No. 2017/0353496 A1 to Pai et al. as applied to claim 1 above, and further in view of WO 2007035544 A1 to Miloushev et al. As to claim 5, Risbood as modified by Cosma, Trostle, Sivasubramanian, Kuik and Pai teaches the computer-implemented method of claim 1, however it is silent with reference to wherein the first network packet is intercepted at a location in the virtualized environment between a bond interface and a virtual network adapter. Miloushev teaches wherein the first network packet is intercepted (intercepted) at a location in the virtualized environment (virtual machine) between a bond interface (virtual interface) and a virtual network adapter (virtual network adapter) (“…In the preferred embodiment, virtual network interfaces are implemented by combining two types of objects, a virtual interface factory, such as VNFACl, and a virtual interface instance, such as VNIl. The virtual interface factory is preferably attached to each virtual machine and creates one virtual interface instance for each virtual network adapter configured on its virtual machine. The factory configures each virtual interface instance with the MAC address of its respective virtual network adapter, thereby allowing the instance to intercepted all outbound traffic from that adapter. The virtual interface instance VNIl is also configured with information sufficient to establish connection with its counterpart, the virtual interface instance VNI3 using the physical network available in the hardware system. VNIl intercepts outgoing traffic from vNICl and forwards it to VNI3 which channels the packets into vNIC3, optionally modifying packet headers to support the tunneling abstraction. Traffic in the opposite direction is handled the same way…” ). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claim invention to modify the system of Risbood, Cosma, Trostle, Sivasubramanian, Kuik and Pai with the teaching of Miloushev because the teaching of Miloushev would improve the system of Risbood, Cosma, Trostle, Sivasubramanian, Kuik and Pai by providing a virtual interface factory for allowing for the interception of all outbound traffic from that network adapter for better traffic analysis. Claim 6 is rejected under 35 U.S.C. 103 as being unpatentable over U.S. Pat. No. 9,237,087 B1 issued to Risbood et al. in view of U.S. Pat. No. 10,944,714 B1 issued to Cosma and further in view of U.S. Pat. No. 7,296,155 B1 issued to Trostle et al. and further in view of U.S. Pub. No. 2009/0327517 A1 to Sivasubramanian et al. and further in view of U.S. Pub. No. 2021/0049049 A1 to Kuik et al. and further in view of U.S. Pub. No. 2017/0353496 A1 to Pai et al. as applied to claim 1 above, and further in view of U.S. Pub. No. 2018/0157524 A1 to Saxena et al. As to claim 6, Risbood as modified by Cosma, Trostle, Sivasubramanian, Kuik and Pai teaches the computer-implemented method of claim 1, however it is silent with reference to wherein the first network packet is intercepted based, at least in part, upon a protocol and a port number specified by the first network packet. Saxena teaches wherein the first network packet is intercepted based, at least in part, upon a protocol and a port number specified by the first network packet (“…User-level API hooking can be applied in various ways to implement a firewall feature. In an embodiment, user-level API hooking is used to identify certain packet header information. For example, the user-space virtualization layer could be configured to intercept an IP address and/or port number being passed within a User Datagram Protocol (UDP) packet by hooking into the SendTo/RecvFrom functions, which may contain IP addresses and port number information. The corresponding SendTo/RecvFrom functions can then be allowed or blocked based on a pre-configured set of rules that are part of a configuration file of the user-space virtualization layer…Other features that may be implemented using user-level API hooking include a micro-name resolution system (along the lines of DNS client), where name resolution functionality is implemented within the application, micro-web security that acts as a web traffic analyzer, and a micro-proxy server that acts as an application level proxy server…” paragraphs 0085/0108). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claim invention to modify the system of Risbood, Cosma, Trostle, Sivasubramanian, Kuik and Pai with the teaching of Saxena because the teaching of Saxena would improve the system of Risbood, Cosma, Trostle, Sivasubramanian, Kuik and Pai by providing a User-level API hooking for identifying and processing certain packet header information (Saxena paragraph 0085). Claim 7 is rejected under 35 U.S.C. 103 as being unpatentable over U.S. Pat. No. 9,237,087 B1 issued to Risbood et al. in view of U.S. Pat. No. 10,944,714 B1 issued to Cosma and further in view of U.S. Pat. No. 7,296,155 B1 issued to Trostle et al. and further in view of U.S. Pub. No. 2009/0327517 A1 to Sivasubramanian et al. and further in view of U.S. Pub. No. 2021/0049049 A1 to Kuik et al. and further in view of U.S. Pub. No. 2017/0353496 A1 to Pai et al. as applied to claim 1 above, and further in view of U.S. Pub. No. 2019/0158459 A1 Vaikar. As to claim 7, Risbood as modified by Cosma, Trostle, Sivasubramanian, Kuik and Pai teaches the computer-implemented method of claim 1, however it is silent with reference to wherein the first network packet is intercepted based, at least in part, upon a guest name resolution policy. Vaikar teaches wherein the first network packet is intercepted based (DNS request interceptor), at least in part, upon a guest name resolution policy (DNS caches) (“…FIG. 3 depicts a now chart showing processing DNS queries and DNS replies, and synchronizing DNS caches. In step 310, hypervisor receives a DNS query front a virtual machine, and a DNS request interceptor intercepts the DNS query. An example of a query is query 220A that is depicted in FIG. 2, that is sent from VM1 120 with a request to resolve an IP address liar a particular domain name called OneWebsite.com…In step 320, the DNS request interceptor parses the received DNS query, and extracts the particular domain name from the query. Then, the DNS request interceptor, determines whether a local DNS cache includes an entry for the particular domain name. If it does, then the DNS request interceptor checks whether an IP address has been resolved for the particular domain name and stored in the local DNS cache. This may be performed by checking whether the local DNS cache includes an entry for the particular domain, and if so, whether the entry includes a particular IP address that has been resolved for the particular domain name…If the entry is stored in the local DNS cache and the particular IP address has been resolved for the particular domain name, then step 340 is performed. Otherwise, step 350 is performed…” paragraphs 0038-0040). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claim invention to modify the system of Risbood, Cosma, Trostle, Sivasubramanian, Kuik and Pai with the teaching of Vaikar because the teaching of Vaikar would improve the system of Risbood, Cosma, Trostle, Sivasubramanian, Kuik and Pai by providing a DNS cache for easy and quick access to name resolution information. Claims 8 and 15 are rejected under 35 U.S.C. 103 as being unpatentable over U.S. Pat. No. 9,237,087 B1 issued to Risbood et al. in view of U.S. Pat. No. 7,296,155 B1 issued to Trostle et al. and further in view of U.S. Pub. No. 2009/0327517 A1 to Sivasubramanian et al. and further in view of U.S. Pub. No. 2021/0049049 A1 to Kuik et al. and further in view of U.S. Pub. No. 2017/0353496 A1 to Pai et al. As to claim 8, Risbood teaches a computer-readable storage medium having computer-executable instructions stored thereupon that, when executed by a processing system, cause the processing system to: intercept a request to resolve a name from a component executing within a virtualized environment provided by the processing system (name resolution service) (“...When the VM 110 sends a packet, the packet is forwarded to the communications process 106a. If the packet includes a name of a destination, e.g., instead of a network address of the destination, the communications process sends a request to the name resolution service to obtain the network address of the desired destination. In some implementations, the request is addressed to an external name resolution service, e.g., a conventional DNS service, and is intercepted by the name resolution service. The name resolution service receives the request, determines the network address of the destination that is named in the request, and provides the network address to the communications process 106a. Once the internal network address for the destination VM is obtained, the communications process 106a can transmit the packet to the destination VM, as identified by the obtained internal network address…As illustrated in FIG. 2, VM A 202 sends a packet 210 that is intended for VM B 204. The packet 210 identifies the recipient by the unique name assigned to VM B within the cluster, e.g., “database.example.” The unique name can have been assigned to VM B 204 by a name association system, e.g., name association system 116 of FIG. 1, when VM B 204 was launched by the user. A communications process 204 receives the packet 210 and submits a request to resolve the unique name of the recipient to a name resolution service 220. The name resolution service can execute within the communications process 204. Alternatively, the name resolution service 220 can execute independently of, e.g., on separate data processing apparatuses from, the communications process 204. In some implementations, the request submitted by the communications process 204 is addressed to an external name resolution service, e.g., a conventional DNS service, and is intercepted by the name resolution service 220…” CoL 5 Ln. 65-67, Col. 6 Ln. 1- 13, Ln. 51-67). Risbood is silent with reference to forward the request from the virtualized environment to an operating system executing on the processing system and execute a user process on the processing system to request resolution of the name from the operating system executing on the processing system, wherein the user process requests resolution of the name by making an application programming interface (API) call to a name resolution API provided by the operating system executing on the processing system, the name resolution API configured to generate a response to the API call based, at least in part, on a host name resolution policy that specifies name resolution on a per-application basis using a unique identifier associated with the component executing in the virtualized environment that made the request to resolve the name, provide a response to the request to the component executing within the virtualized environment based on a response received from the user process and wherein the same name resolution policy for the application is applied regardless of whether the application is executing in the virtualized environment or executing directly on the host processing system. Trostle teaches forward the request from the virtualized environment to an operating system executing on the processing system (Host Operating System 218) and execute a user process (Application 216) on the processing system to request resolution of the name from the operating system executing on the processing system (“…In general, in operation, application 216 executes and arrives at a point where the application needs to resolve a domain name into an IP address. The application 216 requests IPSEC layer to carry out the resolution, for example, by invoking an operating system function that performs resolution. For IPSEC layer 217 of host operating system 218 to service such a request to resolve a DNS name into an IP address, the IPSEC layer 217 first searches cache 232 for a matching DNS name. Otherwise, the destination IP address is used as the policy parameter… In block 302, a DNS name is received. For example, application 216 receives or generates a DNS name. For example, application 216 may receive a DNS name as user input, or may receive the DNS name as value returned from an API call to another application, or may self-generate the DNS name programmatically. Block 302 may also represent providing a DNS name to resolver 220 as part of a DNS resolution call…” Col. 3 Ln 32-41, Ln. 45-52). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claim invention to modify the system of Risbood with the teaching of Trostle because the teaching of Trostle would improve the system of Risbood by providing sets of programmatic interfaces for allowing host operating system to resolve DNS names. Sivasubramanian teaches wherein the user process requests resolution of the name by making an application programming interface (API) call to a name resolution API (DNS query), the name resolution API configured to generate a response to the API call based, at least in part, on a host name resolution policy that specifies name resolution on a per-application basis using a unique identifier associated with the component (the application identifier can specify a type of hosted application, e.g., an Adobe Flash server streaming application or a Real Network Helix server streaming application) (“…As will be further described below in reference to FIG. 8, where the requested content corresponds to a streaming media file, for example, the DNS server can use an application identifier included in a DNS portion of the first resource identifier to select an instance of an NCC for processing the streaming media file. In one embodiment, the application identifier can specify file type information for the content to be processed, and the DNS server selects an instance of an NCC that has a data streaming application capable of processing a request for the identified file type, e.g., an MPEG or Flash media file. In another embodiment, the application identifier can specify a type of hosted application, e.g., an Adobe Flash server streaming application or a Real Network Helix server streaming application, to be used to process the requested content. Based on that information, the DNS server resolves the DNS query by identifying an instance of an NCC that corresponds to the identified type of application for processing the requested content or that can dynamically cause creation of such an instance. Still further, in another embodiment, the application identifier can specify a specific instance of an application, e.g., Company's Flash server, specified by a content provider for example. Based on that information, the DNS server then resolves the DNS query by identifying the IP address of a specific instance of an NCC that has the application required to process the requested content. Yet further, in another embodiment, the DNS portion of the first resource identifier can have a separate file type identifier which provides the file type information for use by the DNS server in selecting an appropriate instance of an NCC device for servicing the requested content…” paragraph 0040). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claim invention to modify the system of Risbood, and Trostle with the teaching of Sivasubramanian because the teaching of Sivasubramanian would improve the system of Risbood, and Trostle by providing response to a query that is dedicated to the requestor. Kuik teaches the component executing in the virtualized environment (Application Containers 112) that made the request to resolve the name (DNS lookup) (“…As described in more detail in FIG. 2, the application containers 112 may perform a DNS lookup to identify the location of the nearest database instance 114 based on the name of the database instance 114 provided in the ranked list 124. However, in some examples the application containers 112 may only be provided with an indication or name of only the nearest database instance 114 as opposed to the ranked list 124…As illustrated, the application containers 112 running on cluster node 108(1) may have received an indication that database instance 114(1) is running locally on the cluster node 108(1), and that the database instance 114(1) is the nearest instance maintaining the data set replica 116(1). Accordingly, the application containers 112 running on cluster node 108(1) may access the data set replica 116(1) maintained by the database instance 114(1). As further illustrated, the application containers 112 running on cluster node 108(2) may receive an indication that the nearest database instance 114(1) is running on cluster node 108(1), and access the data set replica 116(1) that is maintained by the database instance 114(1). Further, in some examples, if the nearest database instance 114 fails, the application containers 112 may begin accessing the next highest ranked database instance 114 in the ranked list 124 provided by the virtual workload orchestration component 104…” paragraphs 0041/0042/0049), and provide a response to the request to the component executing within the virtualized environment based on a response received from the user process (return) (“…To determine an address for the cluster node 108 on which the nearest database instance 114 is executing, the application containers 112 may perform a DNS lookup 202 with a DNS server 204. For instance, the application 112 may forward or provide the name (e.g., domain name) of the nearest database instance 114 to the DNS server 204 in a DNS lookup request 202. The DNS server may then find an entry in a DNS table 206 that corresponds to name of the nearest database instance 114. The address may comprise an IP address, a MAC address, and/or any other type of address by which the nearest database instance 114 may be located. The DNS server 204 may identify the corresponding address and return the address to the application 112 on the cluster node 108(1)…” paragraph 0049). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claim invention to modify the system of Risbood, Trostle and Sivasubramanian with the teaching of Kuik because the teaching of Kuik would improve the system of Risbood, Trostle and Sivasubramanian by providing a technology that allows multiple virtual instances of computing resources (like servers, storage, or networks) to run on a single physical machine, improving resource utilization and management. Pai teaches wherein the same name resolution policy (shared DNS) for the application is applied regardless of whether the application is executing in the virtualized environment (virtualized security isolation/ isolated containers/Containers 130) or executing directly on the host processing system (host system/Host Operating System 102) (“… Accordingly, by activating containers to access untrusted network resources, the hardware-based virtualized security isolation techniques described herein create two or more separate instances of an operating system or contained runtime environment, each with network connectivity. By monitoring data and operations performed within these contained runtime environments, the hardware-based virtualized security isolation techniques described herein are configured to prevent any untrusted network resources from being accessed by the host operating system. The hardware-based virtualized security isolation techniques described herein additionally enable a host system to scan and share DNS and Hypertext Transfer Protocol (HTTP) information from the secure host operating system to improve web browsing performance or other network activity within the one or more of the isolated containers…Container manager 118 is also configured to share DNS and Hypertext Transfer Protocol (HTTP) information from the host operating system 102 to improve web browsing performance or other network activity within the one or more of the isolated containers. In one or more embodiments, container manager 118 maintains a cache of DNS queries made from earlier instances where container 130 accessed network resources, as well as HTTP data such as Internet data files or web site cookies that enable future requests in a container to access untrusted web sites to remember one or more of previous user preferences, configurations, or settings…” paragraphs 0017/0089). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claim invention to modify the system of Risbood, Trostle, Sivasubramanian and Kuik with the teaching of Pai because the teaching of Pai would improve the system Risbood, Trostle, Sivasubramanian and Kuik by providing a technique for access and using a Domain Name Service from varying number of clients (containers and host operating system) and thus allowing for ubiquitous or versatile computing. As to claim 15, see the rejection of claim 8 above. Claims 11 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over U.S. Pat. No. 9,237,087 B1 issued to Risbood et al. in view of U.S. Pat. No. 7,296,155 B1 issued to Trostle et al. and further in view of U.S. Pub. No. 2009/0327517 A1 to Sivasubramanian et al. and further in view of U.S. Pub. No. 2021/0049049 A1 to Kuik et al. and further in view of U.S. Pub. No. 2017/0353496 A1 to Pai et al. as applied to claims 8 and 15 above, and further in view of U.S. Pub. No. 2019/0342397 A1 to Laibson. As to claim 11, Risbood as modified by Trostle, Sivasubramanian, Kuik and Pai teaches the computer-readable storage medium of claim 8, however it is silent with reference to wherein the API call to the name resolution API is made in association with a user account that was used to execute the component within the virtualized environment. Laibson teaches wherein the API call to the name resolution API is made in association with a user account that was used to execute the component within the virtualized environment (“…The portal of the emulation system may be a public facing portal with a GUI that enables users to interface with the emulation system, creating user and account profiles, project profiles, subscription details, viewing request detail information, and so on. The portal of the emulation system may be separate from other components of the emulation system but may be able to access the same data stores and search engines as the other components. The portal may include a number of features, including user registration, company/account management, subscription management, project management, an API request dashboard, and client virtual private cloud creation and management…The portal of the emulation system may allow for user registration. This may enable the users of the emulation system to create individual user accounts. These user accounts may be tied to a user profile which stores information specific to an individual user… The portal 110 of the emulation system computing device 100 may be a public facing portal 110 with a GUI that enables users to interface with the emulation system computing device 100, creating user and account profiles, project profiles, subscription details, viewing request detail information, and so on. The portal 110 of the emulation system computing device 100 may be separate from other components of the emulation system computing device 100 but may be able to access the same data stores and search engines as the other components of the emulation system computing device 100. The portal 110 may be implemented as a serverless application. The portal 110 may include a number of features, including user registration, company/account management, subscription management, project management, an API request dashboard, and client virtual private cloud creation and management. The portal 110 of the emulation system computing device 100 may allow for user registration. This may enable the users of the emulation system computing device 100 to create individual user accounts. These user accounts may be tied to a user profile which stores information specific to an individual user…” paragraphs 0061/0062/0074). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claim invention to modify the system of Risbood and Trostle, Sivasubramanian, Kuik and Pai with the teaching of Laibson because the teaching of Laibson would improve the system of Risbood and Trostle, Sivasubramanian, Kuik and Pai by creating individual user and account profiles to allow for controlled and secure access to computing resources. As to claim 18, see the rejection of claim 11 above. Claim 12 is rejected under 35 U.S.C. 103 as being unpatentable over U.S. Pat. No. 9,237,087 B1 issued to Risbood et al. in view of U.S. Pat. No. 7,296,155 B1 issued to Trostle et al. and further in view of U.S. Pub. No. 2009/0327517 A1 to Sivasubramanian et al. and further in view of U.S. Pub. No. 2021/0049049 A1 to Kuik et al. and further in view of U.S. Pub. No. 2017/0353496 A1 to Pai et al. as applied to claim 8 above, and further in view of WO 2007035544 A1 to Miloushev et al. As to clam 12, Risbood as modified by Trostle, Sivasubramanian, Kuik and Pai teaches the computer-readable storage medium of claim 8, however it is silent with reference to wherein the request is intercepted at a location in the virtualized environment between a bond interface and a virtual network adapter. Miloushev teaches wherein the request is intercepted at a location in the virtualized environment between a bond interface (virtual interface) and a virtual network adapter (virtual network adapter) (“…In the preferred embodiment, virtual network interfaces are implemented by combining two types of objects, a virtual interface factory, such as VNFACl, and a virtual interface instance, such as VNIl. The virtual interface factory is preferably attached to each virtual machine and creates one virtual interface instance for each virtual network adapter configured on its virtual machine. The factory configures each virtual interface instance with the MAC address of its respective virtual network adapter, thereby allowing the instance to intercepted all outbound traffic from that adapter. The virtual interface instance VNIl is also configured with information sufficient to establish connection with its counterpart, the virtual interface instance VNI3 using the physical network available in the hardware system. VNIl intercepts outgoing traffic from vNICl and forwards it to VNI3 which channels the packets into vNIC3, optionally modifying packet headers to support the tunneling abstraction. Traffic in the opposite direction is handled the same way…” ). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claim invention to modify the system of Risbood and Trostle, Sivasubramanian, Kuik and Pai with the teaching of Miloushev because the teaching of Miloushev would improve the system of Risbood and Trostle, Sivasubramanian, Kuik and Pai by providing a virtual interface factory for allowing for the interception of all outbound traffic from that network adapter for better traffic analysis. Claims 13 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over U.S. Pat. No. 9,237,087 B1 issued to Risbood et al. in view of U.S. Pat. No. 7,296,155 B1 issued to Trostle et al. and further in view of U.S. Pub. No. 2009/0327517 A1 to Sivasubramanian et al. and further in view of U.S. Pub. No. 2021/0049049 A1 to Kuik et al. and further in view of U.S. Pub. No. 2017/0353496 A1 to Pai et al. as applied to claim 8 and 15 above, and further in view of U.S. Pub. No. 2018/0157524 A1 to Saxena et al. As to clam 13, Risbood as modified by Trostle, Sivasubramanian, Kuik and Pai teaches the computer-readable storage medium of claim 8, however it is silent with reference to wherein the request is intercepted based, at least in part, upon a protocol and a