DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
Claims 1, 3-11, and 13-20 are pending.
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 01/06/26 has been entered.
Response to Arguments
Applicant's arguments filed on 01/06/26 have been fully considered.
In response to Applicant’s argument that “in both of Kimizuka and Mandagere only one virus check or security scan is performed. There is no basis in either reference to perform multiple checks. In particular, there is no basis within the references themselves that would indicate to a person having ordinary skill in the art to combine these references such that multiple virus scans or scans are performed for the same snapshot. Each reference discloses a different flow of snapshot data between different components but there is no indication in the references themselves that a combination of these different flows would include multiple virus checks or scans” (page 8 of Remarks), Examiner acknowledged Applicant’s perspective but respectfully disagrees for the following reasons.
Kimizuka discloses a system where a snapshot is checked for viruses (security threats) before transmitting the snapshot to a remote management information storage unit to be stored (first embodiment). Mandagere discloses a similar system where upon receiving the snapshot from the primary system, a remote storage system is configured to scan the snapshot for vulnerabilities to discover and resolve security threats and store the scanned snapshot in association with its vulnerability information resulted from the scan using an index (e.g. fig. 1, ¶16, 37, 48, 66).
Thus, the combined teachings of Kimizuka and Mandagere disclose a system where a snapshot is checked for viruses (security threats) before transmitting the snapshot to a remote management information storage unit which again scans the snapshot for vulnerabilities to discover and resolve security threats and stores the scanned snapshot in association with its vulnerability information resulted from the scan using an index.
In response to applicant’s argument that there is no teaching, suggestion, or motivation to combine the references, the examiner recognizes that obviousness may be established by combining or modifying the teachings of the prior art to produce the claimed invention where there is some teaching, suggestion, or motivation to do so found either in the references themselves or in the knowledge generally available to one of ordinary skill in the art. See In re Fine, 837 F.2d 1071, 5 USPQ2d 1596 (Fed. Cir. 1988), In re Jones, 958 F.2d 347, 21 USPQ2d 1941 (Fed. Cir. 1992), and KSR International Co. v. Teleflex, Inc., 550 U.S. 398, 82 USPQ2d 1385 (2007). In this case, one of ordinary skill in the art would be motivated to do so for the purpose of further ensuring that the snapshot is threat free prior to storing thereby increasing the security and integrity of the system. Note that in Kimizuka the snapshot might be intercepted and infected with a virus by an attacker after it was checked for viruses e.g. during its transmission to the remote management information storage unit to be stored. Thus, combining Mandagere’s teaching of scanning the snapshot upon receiving the snapshot by a remote storage system will enable Kimizuka’s system to prevent such an attacker from compromising its system.
"A person of ordinary skill in the art is also a person of ordinary creativity, not an automaton." KSR Int'l Co. v. Teleflex Inc., 550 U.S. 398, 421, 82 USPQ2d 1385, 1397 (2007). "[I]n many cases a person of ordinary skill will be able to fit the teachings of multiple patents together like pieces of a puzzle." Id. at 420, 82 USPQ2d 1397. Office personnel may also take into account "the inferences and creative steps that a person of ordinary skill in the art would employ." Id. at 418, 82 USPQ2d at 1396.
For at least the above reasons, the combination of Kimizuka and Mandagere does disclose or suggest performing multiple checks as recited in claim 1.
In response to Applicant’s argument that “neither of the references disclose evaluating a signature of a snapshot as part of performing restoration of the snapshot and following the two security scanning steps as recited in claim 1” (page 8 of Remarks), Examiner acknowledged Applicant’s perspective but this argument is moot in view of the new ground of rejection presented below in view of newly found prior art Izzo.
Claim Objections
Claims 1 and 11 are objected to because of the following informalities:
“upon verification” in claims 1 and 11 should read “upon the verification”.
Appropriate correction is required.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1, 3-6, 8-9, 11, 13-16, and 18-19 are rejected under 35 U.S.C. 103 as being unpatentable over Kimizuka (JP 2015153298) in view of Mandagere (US 20220156384) and further in view of Izzo (US 20050071022).
Claim 1, Kimizuka discloses An apparatus comprising:
one or more processing devices and one or more memory devices operably coupled to the one or more processing devices, the one or more memory devices storing executable code that, when executed by the one or more processing devices, causes the one or more processing devices to: (e.g. fig. 1, page 3: at least the combination of physical server device 10, management server device 30, and virus check device 20)
create a snapshot object of a plurality of executable components executing on one or more host computing devices and one or more storage components stored in one or more storage devices coupled to the one or more host computing devices; (e.g. figs. 1, 4, pages 3-4, 7: creating snapshot 42 of virtual disk 14 of virtual machine 11 when the virtual machine 11 is operating where the virtual machine 11 includes a virtual NIC 13, virtual disk 14 and executes software such as a guest OS and an antivirus program 12. One of ordinary skilled in the art would appreciate that the virtual disk 14 of the virtual machine 11 stores at least the guest OS, applications including antivirus program 12, virtual NIC 13 and data)
scan the snapshot object for security threats; (e.g. fig. 5, pages 7: performing a virus check on the snapshot 42)
transmit the snapshot object to a remote repository; and (e.g. fig. 1, page 5: transmitting the snapshot 42 to management information storage unit 40 that is remote from e.g. the virtual machine 11, physical server device 10, management server device 30, virus check device 20 and/or the providing device 50)
in response to failure of one or more of the plurality of executable components: (e.g. fig. 6, pages 4, 8: when the virtual machine 11 is infected with a virus)
receive the snapshot object from the remote repository; and (e.g. fig. 6, pages 4, 8: retrieving the snapshot 42 from management information storage unit 40)
without again scanning the snapshot object for the security threats, instantiate the plurality of executable components and the one or more storage components using the snapshot object; and (e.g. fig. 6, pages 4, 8: without performing a virus check on the snapshot 42, restoring the virtual disk 14 using the snapshot 42 by replacing the contents of the virtual disk 14 with the contents of the snapshot 42 that includes the entire contents of the virtual disk 14)
the remote repository, the remote repository configured to store the snapshot object in storage of the remote repository (e.g. fig. 1, page 3: remote management information storage unit 40 which receives and stores the snapshot 42)
Although Kimizuka discloses scanning the snapshot before transmitting the snapshot to the management information storage unit to be stored (see above), Kimizuka does not appear to explicitly disclose but Mandagere discloses the remote repository configured to again scan the snapshot object for the security threats upon receipt (e.g. ¶2, 16, 37, 48, 66: remote storage system 112 configured to scan the snapshot for vulnerabilities to discover and resolve security threats upon receiving the snapshot from the primary system 102 and storing the scanned snapshot in association with its vulnerability information resulted from the scan using an index).
It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Mandagere into the invention of Kimizuka for the purpose of further ensuring that the snapshot is threat free prior to storing thereby increasing the security and integrity of the system.
Although Kimizuka-Mandagere discloses without again scanning the snapshot object for the security threats, instantiate the plurality of executable components and the one or more storage components using the snapshot object (see above), Kimizuka-Mandagere does not explicitly disclose but Izzo discloses verify that the snapshot object as received from the remote repository matches a signature of the snapshot object; and (e.g. ¶51-53: As indicated by process block 96, the signatures 90 and 92 are attached to the snapshots 82 and 84, the package is then attached to the global signature 94 and uploaded to the terminal 32…In the case of loss or damage to the snapshots 82 and 84 or where it is desired to revert to a previously certified version, a new snapshot is downloaded from the terminal 32 to the snapshot areas 78 and 80 as indicated by process block 102…At process block 108, derived global signature 94 computed from the snapshots 82 and 84 is compared to the stored global signature 94 stored as part of the downloaded or stored snapshots 82 and 84.) upon verification, without again scanning the snapshot object for the security threats, instantiate the plurality of executable components and the one or more storage components using the snapshot object; (e.g. ¶42, 54: If, on the other hand the signatures 94 match, then the global signature is uploaded to the user who may compare it against a written copy to ensure that the latest version of the snapshots 82 and 84 have been downloaded as indicated by process block 112. If the user approves of the signature per process block 114, then at process block 116, the snapshots 82 and 84 are unpacked into safety areas 64 and 66 and execution may begin.)
It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Izzo into the invention of Kimizuka-Mandagere for the purpose of ensuring that only signature verified snapshots are to be used (Izzo, ¶53-54) thereby increasing the security of the system.
Claim 3, Kimizuka-Mandagere-Izzo discloses The apparatus of claim 1, wherein the remote repository is configured to retrieve the snapshot object from the storage and transmit the snapshot object without again scanning the snapshot object for the security threats. (Kimizuka, e.g. fig. 6, pages 4, 8: without performing a virus check on the snapshot 42, retrieving and transmitting the snapshot 42 to restoration unit 34 for restoring the virtual disk 14)
Claim 4, Kimizuka-Mandagere-Izzo discloses The apparatus of claim 1 (see above) and Kimizuka-Izzo does not appear to explicitly disclose but Mandagere discloses wherein the plurality of executable components include containers. (e.g. ¶9, 33-35)
It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Mandagere into the invention of Kimizuka-Izzo for the purpose of enabling containers to be backed up and restored.
Claim 5, Kimizuka-Mandagere-Izzo discloses The apparatus of claim 1 (see above) and Kimizuka-Izzo does not appear to explicitly disclose but Mandagere discloses wherein the plurality of executable components include pods. (e.g. ¶9, 33-35)
It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Mandagere into the invention of Kimizuka-Izzo for the purpose of enabling pods to be backed up and restored.
Claim 6, Kimizuka-Mandagere-Izzo discloses The apparatus of claim 1, wherein the plurality of executable components are part of a cluster. (Kimizuka, e.g. fig. 1, page 3: the virtual machines 11 each includes a virtual NIC 13, virtual disk 14 and executes software such as a guest OS and an antivirus program 12)
Claim 8, Kimizuka-Mandagere-Izzo discloses The apparatus of claim 1, wherein the snapshot object is a second snapshot object recording changes to the plurality of executable components and the one or more storage components subsequent to creation of a first snapshot object. (Kimizuka, e.g. figs. 1, 4, pages 3-4, 7: at regular intervals, for example, periodically creating snapshot 42 of virtual disk 14 of virtual machine 11 when the virtual machine 11 is operating where the virtual machine 11 includes a virtual NIC 13, virtual disk 14 and executes software such as a guest OS and an antivirus program 12.)
Claim 9, Kimizuka-Mandagere-Izzo discloses The apparatus of claim 1, wherein the security threats include computer viruses. (Kimizuka, e.g. fig. 5, pages 3-4, 7: latest virus check engine and pattern file (virus check file 43) that are periodically updated)
Claim 11, this claim is rejected for similar reasons as in claim 1.
Claim 13, this claim is rejected for similar reasons as in claim 3.
Claim 14, this claim is rejected for similar reasons as in claim 4.
Claim 15, this claim is rejected for similar reasons as in claim 5.
Claim 16, this claim is rejected for similar reasons as in claim 6.
Claim 18, this claim is rejected for similar reasons as in claim 8.
Claim 19, this claim is rejected for similar reasons as in claim 9.
Claims 7 and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Kimizuka (JP 2015153298) in view of Mandagere (US 20220156384) in view of Izzo (US 20050071022) and further in view of Pabon (US 20230342267).
Claim 7, Kimizuka-Mandagere-Izzo discloses The apparatus of claim 6 (see above) and does not appear to explicitly disclose but Pabon discloses wherein the cluster is a KUBERNETES cluster. (e.g. ¶294)
It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Pabon into the invention of Kimizuka-Mandagere-Izzo for the purpose of allowing a cluster-wide snapshot of a container system cluster to be used to restore the container system cluster to what it was at a point in time corresponding to when the cluster-wide snapshot was taken (Pabon, ¶295).
Claim 17, this claim is rejected for similar reasons as in claim 7.
Claims 10 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Kimizuka (JP 2015153298) in view of Mandagere (US 20220156384) in view of Izzo (US 20050071022) and further in view of Kumar (US 11640484).
Claim 10, Kimizuka-Mandagere-Izzo discloses The apparatus of claim 1, wherein the executable code, when executed by the one or more processing devices, further causes the one or more processing devices to: transmit the snapshot object to the remote repository over a connection. (Kimizuka, e.g. fig. 1, page 5: transmitting the snapshot 42 to management information storage unit 40 that is remote from e.g. the virtual machine 11, physical server device 10, management server device 30, virus check device 20 and/or the providing device 50)
Although Kimizuka discloses a connection (see above), Kimizuka-Mandagere-Izzo does not appear to explicitly disclose but Kumar discloses a secure connection (e.g. figs. 2-3, col. 14, ll. 50-56, col. 16, ll. 1-16).
It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Kumar into the invention of Kimizuka-Mandagere-Izzo for the purpose of securely storing the snapshot in the storage system for future access (Kumar, col. 16, ll. 15-16).
Claim 20, this claim is rejected for similar reasons as in claim 10.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
Peinado (US 20110265182) discloses a raw memory snapshot of the computer memory can be obtained at runtime. The raw memory snapshot may include the software environment executing on the computing device.
Ciubotariu (US 11372811) discloses storage service 102 may include a snapshotting service 118 which maintains point-in-time snapshots 120A-120N of storage volumes. A user, such as the owner or administrator of the storage volume(s), can choose to enable snapshotting of their storage volume(s) with the snapshotting service 118 of the storage service 102. In some embodiments, these snapshots may be stored in an object data store provided by storage service 102 and may be used to backup a storage volume at a particular point in time. Snapshots may be incremental backups, which means that only the blocks on the device that have changed after a most recent snapshot are saved. Each snapshot may include all of the information that is needed to restore a storage volume to the time when the snapshot was created. In some embodiments, when a snapshot is created it may be scanned by scanning service instance 110 to ensure it does not have any threats… snapshots may be created at regular intervals (e.g., every X hours/Y days/etc.) and any time a new snapshot is created a threat scan is triggered.
Chen (US 9268689) discloses FIG. 5 is a flow chart illustrating relevant acts of an example process implemented by a secure AV module. The process begins at operation 505, creating a first snapshot of a file system of a network storage device 140. A user can schedule snapshots to be taken of a file system, either via an interface provided by the secure AV module or a command line interface of the network storage device. In both cases, the secure AV module can be made aware of the scheduled snapshots. The secure AV module can also be configured to automatically, without user intervention, schedule the first snapshot. The secure AV can also schedule snapshots to occur periodically, such as every month… A snapshot provides a consistent point-in-time view of data in a file system, as the data exists at the time the snapshot is created…a file system that contains VMDK files can be snapped to produce a snapshot FS…The process of FIG. 5 proceeds to operation 510, performing a full virus scan of the first snapshot.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to TRONG NGUYEN whose telephone number is (571)270-7312. The examiner can normally be reached on Monday through Thursday 9:00 AM - 5:00 PM EST.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, GELAGAY SHEWAYE can be reached on (571)272-4219. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/TRONG H NGUYEN/Primary Examiner, Art Unit 2436