Detailed Action
1. This office action is in response to communication filed February 6, 2026. Claims 1-20
are currently pending and claim 1, 11, and 16 are the independent claims.
Notice of Pre-AIA or AIA Status
2. The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Amendment
3. This Final Office Action is in response to the applicant’s remarks and arguments filed on February 6, 2026.
Claims 1, 9-11, and 16 are amended. No claims have been cancelled. No claims are new. Claims 1-20 remain pending in the application. Claims 2-8, 12-15, and 17-20 filed on June 14, 2023 are being considered on the merits along with amended claims 1, 9-11, and 16.
Response to Arguments
4. Applicant’s arguments, see pages 9-11 of Remarks, filed February 6, 2026, with respect to the rejections of claims 1, 9-11, and 16 under 35 U.S.C. 103 have been fully considered and are persuasive. Therefore, the rejection has been withdrawn. However, upon further consideration, a new grounds of rejection under 35 U.S.C. 103 is made in view of rejecting claims 1, 9-11, and 16 along with their dependent claims via Brasser in view of DeArment and Wang.
The Applicant respectfully submitted on page 8 of the Remarks under section Claim Objections that the claim objections to claims 9 and 10 regarding the term “RPC splitter” should be withdrawn following the claim amendments. The Examiner respectfully agrees with the Applicant following the amendment to the claims along with the citation to paragraph [0048] of the Specification. As such, the Examiner has withdrawn the claim objections for claims 9-10.
The Applicant respectfully submitted on pages 9-11 of the Remarks under section Response to Rejection Under 35 U.S.C. 103 that the cited references, alone or in combination, have not been shown to disclose the amendment to the independent claims.
The Examiner has updated the 103 rejection for the independent claims to include the prior art Wang (CN 113448745), which discloses “wherein the receiving the command from the tenant UI comprises receiving the command at a remote procedure call (RPC) splitter”. The Examiner has rejected the claimed amendment in detail in section 5 of Claim Rejections – 35 U.S.C. 103 below. The Applicant submitted that the cited references, alone or in combination, have not been shown to disclose the claim limitation. The Examiner respectfully agreed and as such, updated the 103 rejection to include Wang’s reference, specifically from citations including Page 1 Background “In the related art, when the user opens a website from the browser, initiating a service request, the content included in the website will call a plurality of API interface (Application Programming Interface, application program interface). wherein one API interface may call a plurality of RPC service, and one of the RPC service may be called another RPC service, all the RPC service respectively leave the corresponding log on the server, each log is respectively with the related information of the RPC service.” and Pages 5-6 Specific Implementation Examples “When a service request is sent to the server of the back end, it will request a lot of RPC service. One or more logs are generated on each RPC server, i.e., the device where the node is located. The execution process of a service request shown in FIG. 2 is an example, FIG. 2 comprises a client (user) and 3 different levels of the node RPC A, RPC B, RPC C respectively request three RPC service. the client terminal can be a PC terminal or APP terminal; when the user of the client terminal initiates a service request to the server, the service request arrives at the node RPC A; according to the request logic in the service request, the service request is bifurcated in the node RPC A, is split into two logic links, namely logic link A (RPC A - > RPC C) and logic link B (RPC A - > RPC B - > RPCC). according to the logic link A, the service request directly reaches the node RPC C from the node RPC A; according to the logic link B, the service request passes the node RPC B from the node RPC A and then reaches the node RPC C; node RPC A, RPC B and RPC C are the node called by the same service request, the service request comprises TraceID for uniquely identifying the service request.” The citations are interpreted to read on the claimed invention because under broadest reasonable interpretation, the service request received from a user via website browser is bifurcated/split into two distinct logic links, so the Examiner is corresponding the service request received at the back end server with receiving a command at an RPC splitter, as it is soon after split across different RPCs. As such, the independent claims 1, 11, and 16 remain rejected in this Final Office Action, along with all dependent claims additionally rejected below. Claims 1-20 remain rejected under 35 U.S.C. 103 in this Final Office Action.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
5. Claims 1-3, 6, 9-13, and 16-18 are rejected under 35 U.S.C. 103 as being unpatentable over Brasser et al. (Trusted Container Extensions for Container-based Confidential Computing) – hereinafter Brasser, in view of DeArment et al. (U.S. Patent No. 11,943,319) – hereinafter DeArment and Wang (CN 113448745 A).
Regarding independent claim 1, Brasser discloses a method comprising:
establishing a first network connection with a control plane of a host computing system; (Section VI, “We implement a secure proxy on both sides, such that all commands from the Container Owner are sent via an authenticated secure channel”) The citation is interpreted to read on the claimed invention because under broadest reasonable interpretation, the network connection to the host control plane comes from the secure proxy on both sides of host and devices.
establishing a second network connection with a container agent of a confidential virtual machine (VM) running on the host computing system … (Section VI, “Docker only interacts with the kata-runtime via standardized Open Container Interface (OCI) commands and does not manage the execution of containers itself, but delegates this functionality to the runtime. This allows the Container Owner to manage the container state with existing tools, such that R6 is fulfilled”) The citation is interpreted to read on the claimed invention because under broadest reasonable interpretation, the network connection to the container agent of confidential VM comes from the interactions on both sides of container agent and devices.
Brasser does not explicitly disclose:
… wherein the second network connection bypasses the control plane of the host computing system;
receiving a command from a tenant user interface (UI) and processing the command to determine a command type, wherein the receiving the command from the tenant UI comprises receiving the command at a remote procedure call (RPC) splitter; and
based on the command type, sending by a processing device, the command to the control plane via the first network connection or to the container agent via the second network connection.
However, DeArment discloses:
… wherein the second network connection bypasses the control plane of the host computing system; (Figs. 1 and 4 and Col. 4, Lines 28-37 “More particularly, some embodiments of the present invention provide systems and methods for isolating applications associated with multiple tenants within a computing platform. In some examples, the hosts of the computing platform include virtual servers and/or virtual machines. In certain examples, the computing platforms include a virtual computing environment that provides an operating system and/or an application server for running one or more containers. For example, a container includes a containerized application.” and Col. 5, Lines 28-36 “As an example, each networking device of the one or more networking devices 110.sub.1-N is configured to be connected through the network 104. In one example, each host of the hosts 106.sub.1-m, 108.sub.1-n is configured to be connected to one or more networking devices 110.sub.1-N through the network 104. In certain examples, the network 104 includes at least three networking layers (e.g., a physical layer or layer 1, a data link layer or layer 2, and a network layer or layer 3).”) The citation is interpreted to read on the claimed invention because under broadest reasonable interpretation, the network connection for the virtual machine bypasses the control plane as the network connection happens directly between VMs and networking devices.
receiving a command from a tenant user interface (UI) and processing the command to determine a command type … and (Col. 1, Lines 55-63 “For example, a method includes receiving a request from a client associated with a tenant for running an application on a computing platform. The computing platform includes a plurality of hosts connected through a network. Each host is associated with a network address and configured to run applications associated with multiple tenants. The method further includes identifying one or more hosts of the plurality of hosts based at least in part on the request.”) The citation is interpreted to read on the claimed invention because under broadest reasonable interpretation, the request from the tenant is received and is processed to determine a command type including a host that can satisfy the request.
based on the command type, sending by a processing device, the command to the control plane via the first network connection or to the container agent via the second network connection. (Col. 12, Lines 25-39 “According to some embodiments, networking devices of the computing platform 102 are configured to provide, at the data link layer 206 of the network 104, layer 2 isolation on a per-tenant basis by assigning each tenant to a separate VLAN. For example, networking devices 110.sub.1, . . . , 110.sub.K (e.g., ToR ports) of the network 104 that are connecting down to the compute nodes (e.g., the hosts) include 802.1q trunks for carrying multiple VLANs. As an example, each compute node (e.g., each host) includes at least two VLANs with one VLAN for the control plane application and the other VLAN for the container associated with the primary tenant running on the compute node (e.g., the host). In some examples, the networking devices 110.sub.1 and 110.sub.K are configured to tag received network data for sending across broadcast domains of the computing platform 102.”) The citation is interpreted to read on the claimed invention because under broadest reasonable interpretation, the command is sent to the control plane or the container agent based on the type of command that it is such that it is either sent to the VLAN with the control plane application or the other VLAN associated with the tenant and its VM.
Therefore, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to add wherein the second network connection bypasses the control plane of the host computing system; receiving a command from a tenant user interface (UI) and processing the command to determine a command type; and based on the command type, sending by a processing device, the command to the control plane via the first network connection or to the container agent via the second network connection as seen in DeArment's invention into Brasser's invention because these modifications allow the use of a known technique to improve similar method in the same way such that commands can bypass the control plane or be delivered through the control plane depending on the final destination.
In addition, Wang discloses:
… wherein the receiving the command from the tenant UI comprises receiving the command at a remote procedure call (RPC) splitter; (Page 1 Background “In the related art, when the user opens a website from the browser, initiating a service request, the content included in the website will call a plurality of API interface (Application Programming Interface, application program interface). wherein one API interface may call a plurality of RPC service, and one of the RPC service may be called another RPC service, all the RPC service respectively leave the corresponding log on the server, each log is respectively with the related information of the RPC service.” and Pages 5-6 Specific Implementation Examples “When a service request is sent to the server of the back end, it will request a lot of RPC service. One or more logs are generated on each RPC server, i.e., the device where the node is located. The execution process of a service request shown in FIG. 2 is an example, FIG. 2 comprises a client (user) and 3 different levels of the node RPC A, RPC B, RPC C respectively request three RPC service. the client terminal can be a PC terminal or APP terminal; when the user of the client terminal initiates a service request to the server, the service request arrives at the node RPC A; according to the request logic in the service request, the service request is bifurcated in the node RPC A, is split into two logic links, namely logic link A (RPC A - > RPC C) and logic link B (RPC A - > RPC B - > RPCC). according to the logic link A, the service request directly reaches the node RPC C from the node RPC A; according to the logic link B, the service request passes the node RPC B from the node RPC A and then reaches the node RPC C; node RPC A, RPC B and RPC C are the node called by the same service request, the service request comprises TraceID for uniquely identifying the service request.”) The citation is interpreted to read on the claimed invention because under broadest reasonable interpretation, the service request received from a user via website browser is bifurcated/split into two distinct logic links.
Therefore, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to add wherein the receiving the command from the tenant UI comprises receiving the command at a remote procedure call (RPC) splitter as seen in Wang's invention into Brasser's invention because these modifications allow an “obvious to try” solution with a predictable expectation of success such that RPC handling/splitting for a server is implemented in the same method for containers.
Regarding claim 2, Brasser discloses the method of claim 1, wherein the command type is a host side command type, the method further comprising sending the command to the control plane via the first network connection based on the command type. (Section V, “The Host System is the system which hosts the commodity (unprotected) VMs, Secure Container VMs and the Root VM. As it is part of a cloud service infrastructure, multiple Host System instances can exist. In our architecture, as described in Section III, we assume that the Host System is untrusted, as it may act malicious intentionally or could be compromised by an attacker” and “Secure Container VM Communication. When the SCVM has been booted, the Container Owner establishes a secure channel to the SC-VM 4 which is mutually authenticated using the previously distributed certificates. The channel is used by the Container Owner to securely exchange commands and data with the SC-VM.”) The citation is interpreted to read on the claimed invention because under broadest reasonable interpretation, the command is a host command sent to the Host System.
Regarding claim 3, Brasser discloses the method of claim 1, wherein the command type is a tenant control command type, the method further comprising sending the command to the container agent via the second network connection. (Section II C, “The kata-runtime process runs on the underlying host system and receives Open Catalog Interface (OCI) compatible commands from containers (a standardized high-level container runtime), which are translated into internal commands.” and “Finally, the kata-agent process runs within the Kata VM and receives commands from the kata-runtime. The kata-agent is based on runc, the default container runtime used by Docker.”) The citation is interpreted to read on the claimed invention because under broadest reasonable interpretation, the command is a tenant command sent to the kata-agent.
Regarding claim 6, Brasser discloses the method of claim 1, wherein the host computing system comprises a software stack connecting the control plane to the container agent … (Section VI, “Host System. The Host System runs the Host Service, which manages the lifecycle of SC-VMS and configures the KVM as the hypervisor accordingly. Furthermore, the Host Service includes a switch, which routes incoming connections to a destination SC-VM”) The citation is interpreted to read on the claimed invention because under broadest reasonable interpretation, the control plane and container agent are connected via a software stack.
… and wherein the command type is a tenant control command type, the method further comprising: (Section II C, “The kata-runtime process runs on the underlying host system and receives Open Catalog Interface (OCI) compatible commands from containers (a standardized high-level container runtime), which are translated into internal commands.”) The citation is interpreted to read on the claimed invention because under broadest reasonable interpretation, the command is a tenant command.
translating the command from a first format generated by the tenant UI to a second format applicable to the container agent by generating an equivalent transformation of the command that would be performed by the software stack before sending the command to the container agent via the second network connection. (Section II C, “The kata-runtime process runs on the underlying host system and receives Open Catalog Interface (OCI) compatible commands from containers (a standardized high-level container runtime), which are translated into internal commands.” and “Finally, the kata-agent process runs within the Kata VM and receives commands from the kata-runtime. The kata-agent is based on runc, the default container runtime used by Docker.”) The citation is interpreted to read on the claimed invention because under broadest reasonable interpretation, the OCI compatible commands are translated into internal commands.
Regarding claim 9, Brasser discloses the method of claim 1, but does not explicitly disclose:
wherein receiving the command from the tenant user interface comprises receiving the command over a third network connection at the RPC splitter that resides on a relying party.
However, Wang discloses:
wherein receiving the command from the tenant user interface comprises receiving the command over a third network connection at the RPC splitter that resides on a relying party. (Page 1 Background “In the related art, when the user opens a website from the browser, initiating a service request, the content included in the website will call a plurality of API interface (Application Programming Interface, application program interface). wherein one API interface may call a plurality of RPC service, and one of the RPC service may be called another RPC service, all the RPC service respectively leave the corresponding log on the server, each log is respectively with the related information of the RPC service.” and Pages 5-6 Specific Implementation Examples “When a service request is sent to the server of the back end, it will request a lot of RPC service. One or more logs are generated on each RPC server, i.e., the device where the node is located. The execution process of a service request shown in FIG. 2 is an example, FIG. 2 comprises a client (user) and 3 different levels of the node RPC A, RPC B, RPC C respectively request three RPC service. the client terminal can be a PC terminal or APP terminal; when the user of the client terminal initiates a service request to the server, the service request arrives at the node RPC A; according to the request logic in the service request, the service request is bifurcated in the node RPC A, is split into two logic links, namely logic link A (RPC A - > RPC C) and logic link B (RPC A - > RPC B - > RPCC). according to the logic link A, the service request directly reaches the node RPC C from the node RPC A; according to the logic link B, the service request passes the node RPC B from the node RPC A and then reaches the node RPC C; node RPC A, RPC B and RPC C are the node called by the same service request, the service request comprises TraceID for uniquely identifying the service request.”) The citation is interpreted to read on the claimed invention because under broadest reasonable interpretation, the service request received from a user via website browser is bifurcated/split into two distinct logic links for RPC service in which the RPC splitter exists on the server.
Therefore, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to add wherein receiving the command from the tenant user interface comprises receiving the command over a third network connection at the RPC splitter that resides on a relying party as seen in Wang’s invention into Brasser's invention because these modifications allow the simple substitution of one known element for another to obtain predictable results such that a command runs through a splitter to be sent to the correct destination whether that be the container agent or control plane.
Regarding claim 10, Brasser discloses the method of claim 1, but does not explicitly disclose:
wherein receiving the command from the tenant user interface comprises receiving the command at the RPC splitter that resides on a same computing device that hosts the tenant UI.
However, Wang discloses:
wherein receiving the command from the tenant user interface comprises receiving the command at the RPC splitter that resides on a same computing device that hosts the tenant UI. (Page 1 Background “In the related art, when the user opens a website from the browser, initiating a service request, the content included in the website will call a plurality of API interface (Application Programming Interface, application program interface). wherein one API interface may call a plurality of RPC service, and one of the RPC service may be called another RPC service, all the RPC service respectively leave the corresponding log on the server, each log is respectively with the related information of the RPC service.” and Pages 5-6 Specific Implementation Examples “When a service request is sent to the server of the back end, it will request a lot of RPC service. One or more logs are generated on each RPC server, i.e., the device where the node is located. The execution process of a service request shown in FIG. 2 is an example, FIG. 2 comprises a client (user) and 3 different levels of the node RPC A, RPC B, RPC C respectively request three RPC service. the client terminal can be a PC terminal or APP terminal; when the user of the client terminal initiates a service request to the server, the service request arrives at the node RPC A; according to the request logic in the service request, the service request is bifurcated in the node RPC A, is split into two logic links, namely logic link A (RPC A - > RPC C) and logic link B (RPC A - > RPC B - > RPCC). according to the logic link A, the service request directly reaches the node RPC C from the node RPC A; according to the logic link B, the service request passes the node RPC B from the node RPC A and then reaches the node RPC C; node RPC A, RPC B and RPC C are the node called by the same service request, the service request comprises TraceID for uniquely identifying the service request.”) The citation is interpreted to read on the claimed invention because under broadest reasonable interpretation, the service request received from a user via website browser is bifurcated/split into two distinct logic links for RPC service in which the RPC splitter exists on the server as well as the website handling.
Therefore, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to add wherein receiving the command from the tenant user interface comprises receiving the command at the RPC splitter that resides on a same computing device that hosts the tenant UI as seen in Wang’s invention into Brasser's invention because these modifications allow the simple substitution of one known element for another to obtain predictable results such that a command runs through a splitter to be sent to the correct destination whether that be the container agent or control plane.
Regarding claim 11, it is a computing device claim having the same limitations as cited in method claim 1. Thus, claim 11 is also rejected under the same rationale as addressed in the rejection of claim 1 above.
Regarding claim 12, it is a computing device claim having the same limitations as cited in method claim 2. Thus, claim 12 is also rejected under the same rationale as addressed in the rejection of claim 2 above.
Regarding claim 13, it is a computing device claim having the same limitations as cited in method claim 3. Thus, claim 13 is also rejected under the same rationale as addressed in the rejection of claim 3 above.
Regarding claim 16, it is a non-transitory computer-readable storage medium claim having the same limitations as cited in method claim 1. Thus, claim 16 is also rejected under the same rationale as addressed in the rejection of claim 1 above.
Regarding claim 17, it is a non-transitory computer-readable storage medium claim having the same limitations as cited in method claim 1. Thus, claim 17 is also rejected under the same rationale as addressed in the rejection of claim 1 above.
Regarding claim 18, it is a non-transitory computer-readable storage medium claim having the same limitations as cited in method claim 1. Thus, claim 18 is also rejected under the same rationale as addressed in the rejection of claim 1 above.
6. Claim 4 is rejected under 35 U.S.C. 103 as being unpatentable over Brasser et al. (Trusted Container Extensions for Container-based Confidential Computing) – hereinafter Brasser, in view of DeArment et al. (U.S. Patent No. 11,943,319) – hereinafter DeArment and Wang (CN 113448745), and further in view of Rosoff et al. (U.S. Pub. No. 2021/0311764) – hereinafter “Rosoff”.
Regarding claim 4, Brasser discloses the method of claim 3, but does not explicitly disclose:
wherein the command is a kubectl command received from a kubectl command line interface or an API equivalent of the kubectl command.
However, Rosoff discloses:
wherein the command is a kubectl command received from a kubectl command line interface or an API equivalent of the kubectl command. ([0035] “Kubernetes client 102 represents an input interface for a user to supervisor Kubernetes master 104. Kubernetes client 102 is commonly referred to as kubectl. Through Kubernetes client 102, a user submits desired states of the Kubernetes system, e.g., as YAML documents, to supervisor Kubernetes master 1104.”) The citation is interpreted to read on the claimed invention because under broadest reasonable interpretation, the Kubernetes client commands (kubectl) are submitted by the user via input interface.
Therefore, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to add wherein the command is a kubectl command received from a kubectl command line interface or an API equivalent of the kubectl command as seen in Rosoff’s invention into Brasser's invention because these modifications allow simple substitution of one known element for another to obtain predictable results such that Kubernetes specific language/commands are introduced into Brasser’s invention.
7. Claim 5 is rejected under 35 U.S.C. 103 as being unpatentable over Brasser et al. (Trusted Container Extensions for Container-based Confidential Computing) – hereinafter Brasser, in view of DeArment et al. (U.S. Patent No. 11,943,319) – hereinafter DeArment and Wang (CN 113448745), and further in view of Desai et al. (U.S. Pub. No. 2022/0197684) – hereinafter “Desai”.
Regarding claim 5, Brasser discloses the method of claim 3, but does not explicitly disclose:
wherein the command is to retrieve logs or metrics from the container agent or execute a function within a container instantiated by the container agent or access data within the container.
However, Desai discloses:
wherein the command is to retrieve logs or metrics from the container agent or execute a function within a container instantiated by the container agent or access data within the container. (Abstract “… executing, in the pod VM by the pod VM agent, at least one probe of an application executing in one or more of the containers; and returning, from the pod VM agent to the pod VM controller, application health status obtained from the at least one probe.”) The citation is interpreted to read on the claimed invention because under broadest reasonable interpretation, the command for the pod VM agent to probe application health status is an example of metrics retrieval from the container agent.
Therefore, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to add wherein the command is to retrieve logs or metrics from the container agent or execute a function within a container instantiated by the container agent or access data within the container as seen in Desai’s invention into Brasser's invention because these modifications allow combining prior art elements according to known methods to yield predictable results such that commands have to do with retrieving or handling data in a container element.
8. Claims 7-8, 14-15, and 19-20 are rejected under 35 U.S.C. 103 as being unpatentable over Brasser et al. (Trusted Container Extensions for Container-based Confidential Computing) – hereinafter Brasser, in view of DeArment et al. (U.S. Patent No. 11,943,319) – hereinafter DeArment and Wang (CN 113448745), and further in view of Feldman et al. (U.S. Pub. No. 2022/0237505) – hereinafter “Feldman”.
Regarding claim 7, Brasser discloses the method of claim 1, but does not explicitly disclose:
wherein the command type indicates that the command is a mixed command comprising a plurality of sub-commands, the plurality of sub-commands comprising a tenant user sub-command and a tenant admin sub-command, the method further comprising:
splitting the command into the tenant user sub-command and tenant admin sub-command; and
sending the tenant user sub-command and the tenant admin sub-command to the container agent separately via the second network connection.
However, Feldman discloses:
wherein the command type indicates that the command is a mixed command comprising a plurality of sub-commands, the plurality of sub-commands comprising a tenant user sub-command and a tenant admin sub-command, the method further comprising: ([0023] “Therefore, if a request from a tenant's application requires the services of these versions of machine-learning models, then any of the routing containers 122-126 can split the request into separate sub-requests, and then route the sub-requests to their corresponding clusters 116-120 of serving containers.”) The citation is interpreted to read on the claimed invention because under broadest reasonable interpretation, the request is split into separate sub-requests based on where they will be routed to.
splitting the command into the tenant user sub-command and tenant admin sub-command; and ([0023] “Therefore, if a request from a tenant's application requires the services of these versions of machine-learning models, then any of the routing containers 122-126 can split the request into separate sub-requests, and then route the sub-requests to their corresponding clusters 116-120 of serving containers.”) The citation is interpreted to read on the claimed invention because under broadest reasonable interpretation, the request is split into separate sub-requests based on where they will be routed to.
sending the tenant user sub-command and the tenant admin sub-command to the container agent separately via the second network connection. ([0023] “Therefore, if a request from a tenant's application requires the services of these versions of machine-learning models, then any of the routing containers 122-126 can split the request into separate sub-requests, and then route the sub-requests to their corresponding clusters 116-120 of serving containers.”) The citation is interpreted to read on the claimed invention because under broadest reasonable interpretation, the separate sub-requests are routed to their intended destination such as the container agent.
Therefore, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to add wherein the command type indicates that the command is a mixed command comprising a plurality of sub-commands, the plurality of sub-commands comprising a tenant user sub-command and a tenant admin sub-command, the method further comprising: splitting the command into the tenant user sub-command and tenant admin sub-command; and sending the tenant user sub-command and the tenant admin sub-command to the container agent separately via the second network connection as seen in Feldman’s invention into Brasser's invention because these modifications allow the use of a known technique to improve similar methods in the same way such that commands can be split into sub-commands to be sent specifically to the correct container agent.
Regarding claim 8, Brasser discloses the method of claim 1, but does not explicitly disclose:
wherein the command type indicates that the command is a mixed command comprising a plurality of sub-commands, the plurality of sub-commands comprising a tenant user sub-command and a host admin sub-command, the method further comprising:
splitting the command into the tenant user sub-command and host admin sub-command;
sending the tenant user sub-command to the container agent via the second network connection; and
sending the host admin sub-command to the control plane via the first network connection.
However, Feldman discloses:
wherein the command type indicates that the command is a mixed command comprising a plurality of sub-commands, the plurality of sub-commands comprising a tenant user sub-command and a host admin sub-command, the method further comprising: ([0023] “Therefore, if a request from a tenant's application requires the services of these versions of machine-learning models, then any of the routing containers 122-126 can split the request into separate sub-requests, and then route the sub-requests to their corresponding clusters 116-120 of serving containers.”) The citation is interpreted to read on the claimed invention because under broadest reasonable interpretation, the request is split into separate sub-requests based on where they will be routed to.
splitting the command into the tenant user sub-command and host admin sub-command; ([0023] “Therefore, if a request from a tenant's application requires the services of these versions of machine-learning models, then any of the routing containers 122-126 can split the request into separate sub-requests, and then route the sub-requests to their corresponding clusters 116-120 of serving containers.”) The citation is interpreted to read on the claimed invention because under broadest reasonable interpretation, the request is split into separate sub-requests based on where they will be routed to.
sending the tenant user sub-command to the container agent via the second network connection; and ([0023] “Therefore, if a request from a tenant's application requires the services of these versions of machine-learning models, then any of the routing containers 122-126 can split the request into separate sub-requests, and then route the sub-requests to their corresponding clusters 116-120 of serving containers.”) The citation is interpreted to read on the claimed invention because under broadest reasonable interpretation, the separate sub-requests are routed to their intended destination such as the container agent.
sending the host admin sub-command to the control plane via the first network connection. ([0023] “Therefore, if a request from a tenant's application requires the services of these versions of machine-learning models, then any of the routing containers 122-126 can split the request into separate sub-requests, and then route the sub-requests to their corresponding clusters 116-120 of serving containers.”) The citation is interpreted to read on the claimed invention because under broadest reasonable interpretation, the separate sub-requests are routed to their intended destination such as the control plane.
Therefore, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to add wherein the command type indicates that the command is a mixed command comprising a plurality of sub-commands, the plurality of sub-commands comprising a tenant user sub-command and a host admin sub-command, the method further comprising: splitting the command into the tenant user sub-command and host admin sub-command; sending the tenant user sub-command to the container agent via the second network connection; and sending the host admin sub-command to the control plane via the first network connection as seen in Feldman’s invention into Brasser's invention because these modifications allow the use of a known technique to improve similar methods in the same way such that commands can be split into sub-commands to be sent specifically to the correct final destination including either the container agent or control plane.
Regarding claim 14, it is a computing device claim having the same limitations as cited in method claim 7. Thus, claim 14 is also rejected under the same rationale as addressed in the rejection of claim 7 above.
Regarding claim 15, it is a computing device claim having the same limitations as cited in method claim 8. Thus, claim 15 is also rejected under the same rationale as addressed in the rejection of claim 8 above.
Regarding claim 19, it is a non-transitory computer-readable storage medium claim having the same limitations as cited in method claim 7. Thus, claim 19 is also rejected under the same rationale as addressed in the rejection of claim 7 above.
Regarding claim 20, it is a non-transitory computer-readable storage medium claim having the same limitations as cited in method claim 8. Thus, claim 20 is also rejected under the same rationale as addressed in the rejection of claim 8 above.
Conclusion
9. Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Such prior art includes Pandey et al. (U.S. Pub. No. 2023/0418966) which discloses receiving messages/commands from a user interface that must be transmitted to control planes/virtual machines based on the command type and Dunsmore et al. (U.S. Pub. No. 2022/0061059) which discloses receiving user inputs from user interfaces regarding commands for container/VM resources.
Examiner has cited particular columns/paragraphs/sections and line numbers in the references applied and not relied upon to the claims above for the convenience of the applicant. Although the specified citations are representative of the teachings of the art and are applied to specific limitations within the individual claim, other passages and figures may apply as well. It is respectfully requested from the applicant in preparing responses, to fully consider the references in entirety as potentially teaching all or part of the claimed invention, as well as the context of the passage as taught by the prior art or disclosed by the Examiner.
When responding to the Office action, applicant is advised to clearly point out the patentable novelty the claims present in view of the state of the art disclosed by the reference(s) cited or the objections made. A showing of how the amendments avoid such references or objections must also be present. See 37 C.F.R. 1.111(c).
When responding to this Office action, applicant is advised to provide the line and page numbers in the application and/or reference(s) cited to assist in locating the appropriate paragraphs.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DANIEL B TRAINOR whose telephone number is (571)272-3710. The examiner can normally be reached Monday-Friday 9AM-5PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Pierre Vital can be reached at (571) 272-4215. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/D.T./Examiner, Art Unit 2198
/PIERRE VITAL/Supervisory Patent Examiner, Art Unit 2198