DETAILED ACTION
Claims 1-3, 6-11, 14-18 and 20-22 are pending. Claims 1, 9 and 17 have been amended. Claims 5, 13 and 19 are cancelled. Claims 4 and 12 have been previously cancelled.
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This final office action is in response to the applicant’s response received on 02/18/2026, for the advisory office action mailed on 02/10/2026.
Examiner’s Notes
Examiner has cited particular columns and line numbers, paragraph numbers, or figures in the references as applied to the claims below for the convenience of the applicant. Although the specified citations are representative of the teachings in the art and are applied to the specific limitations within the individual claim, other passages and figures may apply as well. It is respectfully requested from the applicant, in preparing the responses, to fully consider the references in entirety as potentially teaching all or part of the claimed invention, as well as the context of the passage as taught by the prior art or disclosed by the examiner.
This re-opened non-final is based on the pre-appeal brief conference decision made on 03/12/2026 for the pre-appeal brief conference request filed on 02/18/2026. The claim amendment filed on 01/19/2026 were not entered and the rejection below are based on the claim amendments filed on 08/26/2025.
Response to Arguments
Applicant's arguments filed 02/18/2026 regarding rejection made under 35 U.S.C. § 103 have been fully considered.
Applicant argues Gan doesn’t teach “randomly selected at runtime” see applicant’s remarks pp. 2-3. Examiner found prior art Chan teaching (see Chan paragraph [1004], “encrypt the second randomly generated data key using a second type of encryption to result in at least one second encrypted system access key, wherein the second type of encryption uses a public key from a randomly selected node of a plurality of nodes that, with the active node, form part of the secure database system”).
Applicant also argues Digi does not teach “replica build machines” that perform replica builds of the same revision number, see applicant’s remarks pp. 3-4. Examiner respectfully disagrees as the claimed invention does not claim the replica build machines being of the same revision number.
Furthermore, applicant argues Gettys does not disclose the claimed tenant-edge build / cloud-VM replica build topology, see applicant’s remarks pp. 4-5. Examiner respectfully disagrees as Chan teaches wherein the program is an agent application associated with the cloud-based system, wherein the production build machine is a user device of a tenant of the cloud-based system (see Chan paragraph [0067], ” The example environment 10, in some implementations, is a distributed and/or virtual computing environment utilizing several computer systems and components that are interconnected via communication links, using one or more computer networks or direct connections. However, it will be appreciated by those of ordinary skill in the art that such a system could operate equally well in a system having fewer or a greater number of components than are illustrated in FIG. 1. Thus, the depiction of the system 10 in FIG. 1 should be taken as being illustrative in nature and not limited to the scope of the disclosure”).
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim(s) 1-3, 5, 8-11, 13 and 17-22 are rejected under 35 U.S.C. 103 as being unpatentable over Gettys et al. (US-PAT-NO: 11,138,314 B1) hereinafter Gettys, in further view of DiGiambattista et al. (US-PGPUB-NO: 2017/0237778 A1) hereinafter DiGi, Gan et al. (US-PGPUB-NO: 2019/0354675 A1) hereinafter Gan and Chan et al. (US-PGPUB-NO: 2024/0403448 A1) hereinafter Chan.
As per claim 1, Gettys teaches perform a production build of a program (see Gettys [column 8, lines 10-12], showing original code (i.e., production build)) on a production build machine (see Gettys [FIG. 8], showing App Server 800) associated with the cloud-based system (see Gettys [column 11, lines 4-12, showing the system is connect to the cloud); wherein the production build of the program is performed within the production environment (see Gettys [column 7, lines 23-24], showing software being built within the supply chain (i.e., production environment)); wherein performing the production build of the program comprises compiling code of the program of the production build machine (see Gettys [column 7, lines 45-48], “The source package is then provided to a distribution repository which compiles the software to create binary builds, and distributes packages of software and patches of the software 125”); responsive to completing the production build of the program being performed, perform a plurality of replica builds of the program on (see Gettys [column 8, lines 14-18], showing hash copies (i.e., replicas of the build) of the original code being recorded into a distributed ledger) the plurality of replica build machines (see Gettys [column 7, lines 41-51], showing one or more mirrors being used to distribute software packages (i.e., replica build machines); wherein the production build and the plurality of replica builds are created for a same revision number of the program (see Gettys [column 8, lines 26-38], showing the source package and the original source code having the same version when the hash is checked meaning the original and distributed source code are the same versions); and cause the comparison machine to compare each of the plurality of replica builds of the program to the production build of the program (see Gettys [column 8, lines 20-25], showing that a hash of the copied hash doesn’t match signifying a comparison between the original code and the prime code (i.e., replica)) determine if any malicious activities have taken place during the production build of the program (see Gettys [column 13, lines 8-11], showing the comparison of hash code to see whether any changes have been made (i.e., intrusion) which can be a malicious activity).
Gettys does not explicitly teach select a plurality of replica build machines, wherein the plurality of replica build machines are located at any of a headquarters location and a branch office of a tenant of the cloud-based system, and wherein the plurality of replica build machines are not associated with the production environment; transmit the production build and the plurality of replica build to a comparison machine comprising a build integrity verification module and a set of shell scripts and send comparison results to the production build machine. However, DiGi teaches select a plurality of replica build machines (see DiGi paragraph [0030], “Accordingly, the orchestration system has access to a mirror of the entire enterprise, in effect creating an enterprise size sandbox”), wherein the plurality of replica build machines are located at any of a headquarters location and a branch office of a tenant of the cloud-based system (see DiGi paragraph [0049], “FIG. 1 provides an example architecture for implementing a CSDF. Business enterprise have an information technology installation 102 comprising various computing, networking, and storage devices used by the business enterprise and their software. An installation 102 may include several local servers 104(a) through 104(n), sited on the enterprise's premises” and paragraph [0058], “As described above, it may be desirable to perform security and safeguard functions isolated from production systems. An example scenario includes testing software or data, prior to incorporation into production. In such a scenario, it is desirable to replicate all or part of an installation 102. Alternatively, a business enterprise could opt to implement a private cloud and have the replication storage local on premises. In various embodiments, commercial software, such as Actifio™, Zerto™, VMWare™, Cybric, etc., provide different ways to perform timely replication of an entire or a portion of an installation 102. A user interface in this regard is discussed later in the context of FIG. 16”) and wherein the plurality of replica build machines are not associated with the production environment (see DiGi paragraph [0064], “As previously mentioned, mirrors 124 are isolated from the production environment”); transmit the production build and the plurality of replica build to a comparison machine comprising a build integrity verification module and a set of shell scripts (see DiGi paragraph [0060], “In various embodiments, the mirror 124 may be used to perform business enterprise vulnerability testing on the mirror sequentially and asynchronously. For example, an administrator 114 may program a BRIC to perform a scan using Qualsys™ first, and thereafter may scan using BeyondTrust™”) and see DiGi paragraph [0075], “The runtime 306 will then add metadata identifying the BRIC 122, the mirror instance 128, the safeguard software package 116 and the safeguard software module 118 that provided the alert. Both types of alerts are then forwarded by the runtime to the alert buffer 304. The dashboard 302 updates upon receiving a notification from the alert buffer 304, as described above”) and send comparison results to the production build machine (see DiGi paragraph [0078], “A reporting tool 322 creates reports 326(a) through 324(p) based on the records of the analytics store 306. These reports are provided on the dashboard 302. In some cases, the reporting tool 322 make be invoked by the remediation engine 314 to surface recommended responses as recommendations”).
Gettys and DiGi are analogous art because they are in the same field of endeavor of software development. Therefore, it would have been obvious to one of ordinary skills in the art before the effective filing date of the claimed invention to modify Gettys’ teaching of software and firmware verification by distributed ledger and intrusion detection systems with DiGi’s teaching of a continuous security delivery fabric to incorporate obscuring replicas of the primary copy in order to create a safeguard towards the production build, see DiGi paragraph [0058], “As described above, it may be desirable to perform security and safeguard functions isolated from production systems. An example scenario includes testing software or data, prior to incorporation into production. In such a scenario, it is desirable to replicate all or part of an installation 102. Alternatively, a business enterprise could opt to implement a private cloud and have the replication storage local on premises. In various embodiments, commercial software, such as Actifio™, Zerto™, VMWare™, Cybric, etc., provide different ways to perform timely replication of an entire or a portion of an installation 102. A user interface in this regard is discussed later in the context of FIG. 16.”
Gettys modified with DiGi do not explicitly teach send the production build and the plurality of replica builds to a comparison machine located in the cloud-based system, the comparison machine comprising a build integrity verification module that automatically compares the production build to each of the replica builds in an iterative manner; determine, based on results from the build integrity verification module, whether any tampering or malicious code injection occurred during the production build by identifying differences between the production build and any of the replica builds; responsive to detecting no differences, mark the production build as safe and enable deployment of the production build within the cloud-based system, and responsive to detecting one or more differences, indicate a potential intrusion and prevent deployment of the production build within the cloud-based system; wherein the plurality of replica build machines are virtual machines on one or more on nodes of a cloud-based system. However, Gan teaches send the production build and the plurality of replica builds to a comparison machine located in the cloud-based system, the comparison machine comprising a build integrity verification module that automatically compares the production build to each of the replica builds in an iterative manner (see Gan paragraph [0023], “This fully-operational local clone may then be used in real time as described herein to ensure the integrity of the deployed virtual machine by use of a variety of technological interactions originated by the health check controller to verify identical operational integrity of each of the deployed and the local clone virtual machines”); determine, based on results from the build integrity verification module, whether any tampering or malicious code injection occurred during the production build by identifying differences between the production build and any of the replica builds; responsive to detecting no differences, mark the production build as safe and enable deployment of the production build within the cloud-based system, and responsive to detecting one or more differences, indicate a potential intrusion and prevent deployment of the production build within the cloud-based system (see Gan paragraph [0030], “When a deployed virtual machine attempts to register with the health check controller, the health check controller compares registration information received from the health check agent operating in the deployed virtual machine with the baseline registration information received from the local clone with the same VM-ID to verify the registration of the deployed virtual machine. If the baseline registration information received from the health check agent operating in the deployed virtual machine matches the baseline registration of the respective local clone, the deployed virtual machine may be considered uncorrupted and registration for system operation of the deployed virtual machine may be completed. Alternatively, if the baseline registration information received from the health check agent operating in the deployed virtual machine does not match the baseline registration of the respective local clone, the deployed virtual machine may be considered corrupted and registration for system operation of the deployed virtual machine may be denied”).
Gettys, DiGi and Gan are analogous art because they are in the same field of endeavor of software development. Therefore, it would have been obvious to one of ordinary skills in the art before the effective filing date of the claimed invention to modify Gettys’ teaching of software and firmware verification by distributed ledger and intrusion detection systems and DiGi’s teaching of a continuous security delivery fabric with Gan’s teaching of automated virtual machine integrity checks to incorporate performing integrity checks between deployed environments and sandboxed clones to make sure no possible intrusion has occurred from a hacker, see Gan paragraph [0028] “The challenges/interrogations of the health check agents are designed to detect memory, file, or operational changes to deployed virtual machine instances using a variety of different techniques. The health check controller may randomly change the challenge techniques applied to the health check agents. As a result of the random changes to the applied operational integrity check techniques, hackers may not be able to predict how a virtual machine may be challenged/interrogated in real time and over time, and as a further result hackers may not be able to avoid prompt detection of an intrusion.”
Gettys modfied with Digi and Gan do not explicitly teach wherein the plurality of replica build machines are randomly selected at runtime from a distributed pool of machines that are independently managed and isolated from each other, such that attackers cannot predict or compromise the replica build environment in advance and wherein the program is an agent application associated with the cloud-based system, wherein the production build machine is a user device of a tenant of the cloud-based system. However, Chan teaches wherein the plurality of replica build machines are randomly selected at runtime from a distributed pool of machines that are independently managed and isolated from each other, such that attackers cannot predict or compromise the replica build environment in advance (see Chan paragraph [1004], “In some aspects, the techniques described herein relate to an active node of a secure database system, including: at least one processor; and at least one memory that stores computer executable instructions, wherein, when the computer executable instructions are executed by the at least one processor, the at least one processor is configured to: receive a request to store a private data record; encrypt the private data record with a first randomly generated data key to result in an encrypted private data record; encrypt the first randomly generated data key using a first type of encryption and a second randomly generated data key to result in a first encrypted system access key; encrypt the second randomly generated data key using a second type of encryption to result in at least one second encrypted system access key, wherein the second type of encryption uses a public key from a randomly selected node of a plurality of nodes that, with the active node, form part of the secure database system; transmit the encrypted private data record to a plurality of nodes for validation; add the encrypted private data record to a datastore in the node based on validating that the encrypted private data record can be written to a datastore and receiving messages from the plurality of nodes that the encrypted private data record can be written to the datastore, wherein the datastore mirrors other datastores associated with respective nodes of the plurality of nodes; store the first encrypted system access key and the at least one second encrypted system access key in an external access key database; and enable decryption access to the encrypted private data record using the at least one second encrypted system access key based on consensus authorization with the plurality of nodes”).
Gettys, DiGi, Gan and Chan are analogous art because they are in the same field of endeavor of software development. Therefore, it would have been obvious to one of ordinary skills in the art before the effective filing date of the claimed invention to modify Gettys’ teaching of software and firmware verification by distributed ledger and intrusion detection systems, DiGi’s teaching of a continuous security delivery fabric and Gan’s teaching of automated virtual machine integrity checks with Chan’s teaching of enhanced functionality of operating a secure database to incorporate using a randomly selected node when an active node sends a generated data key in order to secure data being transmitted between nodes.
As per claim 2, Gettys modified with DiGi, Gan and Chan teaches wherein the instructions further cause the processor to: responsive to any differences when comparing the replica builds to the production build, indicate an intrusion to the production build (see Gettys [column 8, lines 34-36], showing that checking the hash code against the original code it is possible to ensure the build includes the correct version) and (see Gettys [column 13, lines 8-11], showing a detection of an intrusion).
As per claim 3, Gettys modified with DiGi, Gan and Chan teaches wherein the instructions further cause the processor to: responsive to no differences when comparing the replica builds to the production build, mark the production build as safe and process the production build for further use (see Gettys [column 12, lines 65-67], showing if the hash matches signifying that all is OK).
As per claim 5, Gettys modified with Digi, Gan and Chan teaches wherein the program is an agent application associated with the cloud-based system, wherein the production build machine is a user device of a tenant of the cloud-based system (see Chan paragraph [0067], ” The example environment 10, in some implementations, is a distributed and/or virtual computing environment utilizing several computer systems and components that are interconnected via communication links, using one or more computer networks or direct connections. However, it will be appreciated by those of ordinary skill in the art that such a system could operate equally well in a system having fewer or a greater number of components than are illustrated in FIG. 1. Thus, the depiction of the system 10 in FIG. 1 should be taken as being illustrative in nature and not limited to the scope of the disclosure”); wherein the plurality of replica build machines are virtual machines on one or more on nodes of a cloud-based system (see Gan paragraph [0024], “With the description above as a foundation, it should be noted that use of the term “individual” to describe the individual real-time virtual machine integrity checks is not to be considered to limit validation to be performed on just one virtual machine. In contrast, the term “individual” is used herein to describe the particular form of interaction between the health check controller and a health check agent located within a particular virtual machine. As such, the individual real-time virtual machine integrity checks may be used to independently provide dynamic validation of one or more individual deployed virtual machines using a single health check controller, or multiple health check controllers may be utilized as appropriate for a given implementation”).
As per claim 8, Gettys modified with DiGi, Gan and Chan teaches wherein each of the replica builds are compared to the production build in iterations (see Gettys [column 14, lines 1-4], showing multiple independent builds are checked during install).
As per claim 9-11, 13 and 16, these are the method claims to non-transitory computer-readable medium claims 1-3, 5 and 8, respectively. Therefore, they are rejected for the same reasons as above.
As per claims 17-20, these are the system claims to non-transitory claims 1-3, 5 and 8, respectively. Therefore, they are rejected for the same reasons as above.
As per claim 21, Gettys modified with DiGi, Gan and Chan teaches wherein the production build machine is a server operating in the cloud-based system, and wherein the plurality of replica build machines are a plurality of user devices associated with a tenant of the cloud-based system (see DiGi paragraph [0049], “FIG. 1 provides an example architecture for implementing a CSDF. Business enterprise have an information technology installation 102 comprising various computing, networking, and storage devices used by the business enterprise and their software. An installation 102 may include several local servers 104(a) through 104(n), sited on the enterprise's premises. An installation may also include cloud infrastructure 106 provided by one or more cloud providers on one or more cloud virtual instances 108(a) through 108(o). On those local servers 104(a-n) and/or the cloud virtual instances 108(a) though 108(n), the enterprise may install enterprise software systems 110(a) through 110(p) that automate enterprise operations across the enterprise, such as accounting, finance, customer relations management”).
As per claim 22, Gettys modified with DiGi, Gan and Chan teaches wherein the production build machine is a user device associated with a tenant of the cloud-based system, and wherein the plurality of replica build machines are located within an office location of the tenant (see DiGi paragraph [0049], “FIG. 1 provides an example architecture for implementing a CSDF. Business enterprise have an information technology installation 102 comprising various computing, networking, and storage devices used by the business enterprise and their software. An installation 102 may include several local servers 104(a) through 104(n), sited on the enterprise's premises. An installation may also include cloud infrastructure 106 provided by one or more cloud providers on one or more cloud virtual instances 108(a) through 108(o). On those local servers 104(a-n) and/or the cloud virtual instances 108(a) though 108(n), the enterprise may install enterprise software systems 110(a) through 110(p) that automate enterprise operations across the enterprise, such as accounting, finance, customer relations management”).
Claim(s) 6-7 and 14-15 are rejected under 35 U.S.C. 103 as being unpatentable over Gettys (US-PAT-NO: 11,138,314 B1), DiGi et al. (US-PGPUB-NO: 2017/0237778 A1), Gan (US-PGPUB-NO: 2019/0354675 A1) and Chan (US-PGPUB-NO: 2024/0403448 A1), in further view of Yadav et al. (US-PGPUB-NO: 2023/0205636 A1) hereinafter Yadav.
As per claim 6, Gettys modified with DiGi, Gan and Chan teaches wherein the plurality of replica builds and the production build are sent to a comparison machine where the comparison happens (see Gettys [FIG. 8] and [column 12, lines 58-65], showing the comparison is sent to a comparison engine such as an intrusion detection system).
Gettys modified with DiGi, Gan and Chan does not explicitly teach wherein the comparison is performed by a plurality of shell scripts. However, Yadav teaches wherein the comparison is performed by a plurality of shell scripts (see Yadav paragraph [0180], showing the invocation of a script in order to compare between first and second checksum related to a backup copy.
Gettys, Digi, Gan, Chan and Yadav are analogous art because they are in the same field of endeavor of software development. Therefore, it would have been obvious to one of ordinary skills in the art before the effective filing date of the claimed invention to modify Gettys’ teaching of software and firmware verification by distributed ledger and intrusion detection systems, DiGi’s teaching of a continuous security delivery fabric, Gan’s teaching of automated virtual machine integrity checks and Chan’s teaching of enhanced functionality of operating a secure database with Yadav’s teaching of integrated differential block-based backup to incorporate the use of a script to compare between two entities.
As per claim 7, Gettys modified with DiGi, Gan, Chan and Yadav teach wherein the result of the comparison is sent back to a production machine (see Gettys [FIG. 8] and [column 13, lines 8-11], showing a detection of an intrusion being sent to the App Server).
As per claim 14-15, these are the method claims to non-transitory computer-readable medium claims 6-7, respectively. Therefore, they are rejected for the same reasons as above.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Chen (US-PGPUB-NO: 2019/0179720 A1) teaches reducing service disruptions in a micro-service environment.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to LENIN PAULINO whose telephone number is (571)270-1734. The examiner can normally be reached Week 1: Mon-Thu 7:30am - 5:00pm Week 2: Mon-Thu 7:30am - 5:00pm and Fri 7:30am - 4:00pm EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Bradley Teets can be reached on (571) 272-3338. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/LENIN PAULINO/Examiner, Art Unit 2197