Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
This Office Action is in response to the amendment filed 11/13/2025 for application 18/362,906.
Claims 1-20 have been examined and are pending. Claims 1, 9, and 15 are independent claims. Claims 1, 9, and 15 have been amended. This Action is made FINAL.
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 10/20/2025, 11/25/2025, 12/18/2025 are in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement has been considered by the examiner.
Response to Arguments
Applicants’ arguments in the instant Amendment, filed on 11/13/2025, with respect to limitations listed below, have been fully considered but they are not persuasive.
Applicant asserts as follows: Amended independent claims 1, 9, and 15 recite, inter alia, "receiving, from a user entity, access credentials comprising a user credential that authenticates an identity of a user and an orchestrator credential that identifies an orchestrator in a distributed environment; generating a token upon verification of the access credentials, the token comprising the orchestrator credential; providing the token to the user entity." Goel relates to a secure infrastructure onboarding system including an infrastructure device. Goel, abstract. Goel describes a "key management subsystem" that "wirelessly transmits a credential generation key to the infrastructure device." Id. at 1 [0068]-[0069]. Despite mentioning the "credential generation key," Goel is silent about receiving the claimed "user credential" and "orchestrator credential" from a user entity. Goel is also silent about generating a token upon verifying access credentials and providing the token to the user entity. It follows that Goel fails to teach or suggest the limitations at issue. With respect to the other references, the Office has not shown any disclosure of these references that is concerned about receiving the claimed "user credential" and "orchestrator credential," generating a token upon verifying the received access credentials, and providing the token to the user entity.
Examiner respectfully submits that because of Applicant’s amendment, claims 1, 9, and 15 are now properly rejected by the combination of Goel (US20220240083), Lal (US20250008379), Dill (US20150032627), and Bai (CN112217816). Goel discloses, paragraphs 0001 and 0095, obtaining at least one request for at least two vouchers to onboard a data processing system to any of at least two orchestrators in disclosing onboarding information handling systems; the onboarding of those infrastructure devices in a “lights-out” datacenter; certificates of newly added infrastructure devices; secure onboarding; authentication token-based device; devices onboard and in light of Applicant’s disclosure in paragraphs 0024 and 0025, that a first voucher includes a first chain of certificates; a second voucher includes a second chain of certificates; in paragraph 0061 and 0042, deploying a voucher to an orchestrator by disclosing provide a certificate in an infrastructure device, onboarding engine 304. Goel discloses obtaining at least one request for at least two vouchers to onboard a data processing system, but does not explicitly disclose obtaining at least one request for at least two vouchers to onboard a data processing system to any of at least two orchestrators. Lal discloses, in paragraph 0027, obtaining at least one request for at least two vouchers to onboard a data processing system to any of at least two orchestrators by disclosing each domain has its own dedicated orchestrator, (e.g., Wi-Fi sub-orchestrator 360 for Wi-Fi domain 320; DOCSIS sub-orchestrator 370 for DOCSIS domain 340) in place of single orchestrator 301, the sub-orchestrators 360. 370 directly control the functionalities of their respective domain, The DOCSIS and Wi-Fi domains of the system may be controlled by the unified orchestrator 301. In the example, a common application manager 401 and/or a common policy server 402 serves both domains and are controlled by unified orchestrator 301 (or by their respective dedicated orchestrators 360, 370). Goel and Lal disclose deploying a voucher to an orchestrator, but do not explicitly disclose making a determination regarding whether the at least one request is a valid request; in a first instance of the determination in which the request is the valid request: obtaining the at least two vouchers; and deploying the at least two vouchers to the at least two orchestrators. Dill discloses, in paragraph 0220, making a determination regarding whether the at least one request is a valid request by disclosing used to authenticate the request; paragraph 0261, in a first instance of the determination in which the request is the valid request by disclosing the token processing computer may determine whether the transaction is valid for the token, provide a transaction validation response; paragraphs 0146, 0128, and 0225, obtaining the at least two vouchers by disclosing provisioning, on behalf of, provisioning, on behalf; \ provisioning, on behalf; paragraph 0146, deploying the at least two vouchers to the at least two orchestrators by disclosing provisioning, on behalf of. Goel, Lal, and Dill disclose making a determination regarding whether the at least one request is a valid request, but do not explicitly disclose receiving, from a user entity, access credentials comprising a user credential that authenticates an identity of a user and an orchestrator credential that identifies an orchestrator in a distributed environment; generating a token upon verification of the access credentials the token comprising the orchestrator credential; providing the token to the user entity; making a determination based on the token regarding whether the at least one request is a valid request. Bai discloses, 3rd page, line 22, through 4th page , line 10, receiving, from a user entity, access credentials comprising a user credential that authenticates an identity of a user and an orchestrator credential that identifies an orchestrator in a distributed environment by disclosing user information, ID token, accessing Kubernetes; 2nd page, line 31, 2nd page, lines 23-25, , 3rd page, line 22, through 4th page , line 10, generating a token upon verification of the access credentials, the token comprising the orchestrator credential by disclosing generates the identity token; identity, user information, ID token, accessing Kubernetes; 5th page, lines 9-13, providing the token to the user entity by disclosing the user carries the obtained ID Token and accesses the Kubernetes resource; 3rd page, line 22, through 4th page , line 10, making a determination based on the token regarding whether the at least one request is a valid request; in a first instance of the determination in which the request is the valid request by disclosing ID Token is a form of non-name token, itself records an authentication declaration of the user identity by an authority authentication mechanism.
The Examiner respectfully suggests that the claim be further amended and details in the specification be incorporated to distinguish the claimed invention over prior art of record. Should the Applicant desire an interview to further clarify the claim interpretation/rejections, please contact the Examiner at (571) 270 5002 to schedule an interview.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary. Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
Claims 1, 9, and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Goel (US20220240083), published July 28, 2022, in view of Lal (US20250008379), filed June 29, 2023, Dill (US20150032627), filed July 24, 2014, and Bai (CN112217816), published January 12, 2021.
Regarding claim 1, Goel discloses a method of managing vouchers, the method comprising:
obtaining at least one request for at least two vouchers to onboard a data processing system to any of at least two orchestrators; (Goel, paragraph 0001, onboarding information handling systems; paragraph 0095, the onboarding of those infrastructure devices in a “lights-out” datacenter; certificates of newly added infrastructure devices; secure onboarding; authentication token-based device; devices onboard NOTE: Applicant’s discloses in paragraphs 0024 and 0025, a first voucher includes a first chain of certificates; a second chain of certificates);
deploying a voucher to an orchestrator (Goel, paragraph 0061, provide a certificate in an infrastructure device, paragraph 0042, onboarding engine 304).
Goel discloses obtaining at least one request for at least two vouchers to onboard a data processing system, but does not explicitly disclose obtaining at least one request for at least two vouchers to onboard a data processing system to any of at least two orchestrators.
However, Lal discloses obtaining at least one request for at least two vouchers to onboard a data processing system to any of at least two orchestrators (Lal, paragraph 0027, each domain has its own dedicated orchestrator, (e.g., Wi-Fi sub-orchestrator 360 for Wi-Fi domain 320; DOCSIS sub-orchestrator 370 for DOCSIS domain 340) in place of single orchestrator 301, the sub-orchestrators 360. 370 directly control the functionalities of their respective domain, The DOCSIS and Wi-Fi domains of the system may be controlled by the unified orchestrator 301. In the example, a common application manager 401 and/or a common policy server 402 serves both domains and are controlled by unified orchestrator 301 (or by their respective dedicated orchestrators 360, 370). ).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Lal with the method/ non-transitory machine-readable medium/ data processing system of Goel to include obtaining at least one request for at least two vouchers to onboard a data processing system to any of at least two orchestrators to provide users with the benefits of guaranteeing end to end quality of service in wireless connections (Lal: paragraph 0001).
Goel and Lal disclose deploying a voucher to an orchestrator, but do not explicitly disclose making a determination regarding whether the at least one request is a valid request; in a first instance of the determination in which the request is the valid request: obtaining the at least two vouchers; and deploying the at least two vouchers to the at least two orchestrators.
However, in an analogous art, Dill discloses making a determination regarding whether the at least one request is a valid request (Dill, paragraph 0220, used to authenticate the request);
in a first instance of the determination in which the request is the valid request (Dill, paragraph 0261, the token processing computer may determine whether the transaction is valid for the token, provide a transaction validation response);
obtaining the at least two vouchers (Dill, paragraph 0146, provisioning, on behalf of, paragraph 0128, provisioning, on behalf; paragraph 0225, provisioning, on behalf);
deploying the at least two vouchers to the at least two orchestrators (Dill, paragraph 0146, provisioning, on behalf of).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Dill with the method/ non-transitory machine-readable medium/ data processing system of Goel and Lal to include deploying a voucher to an orchestrator, but do not explicitly disclose making a determination regarding whether the at least one request is a valid request; in a first instance of the determination in which the request is the valid request: obtaining the at least two vouchers; and deploying the at least two vouchers to the at least two orchestrators to provide users with the benefits of interoperable token processing (Dill: abstract).
Goel, Lal, and Dill disclose making a determination regarding whether the at least one request is a valid request, but do not explicitly disclose receiving, from a user entity, access credentials comprising a user credential that authenticates an identity of a user and an orchestrator credential that identifies an orchestrator in a distributed environment; generating a token upon verification of the access credentials the token comprising the orchestrator credential; providing the token to the user entity; making a determination based on the token regarding whether the at least one request is a valid request
However, in an analogous art, Bai discloses receiving, from a user entity, access credentials comprising a user credential that authenticates an identity of a user and an orchestrator credential that identifies an orchestrator in a distributed environment (Bai, 3rd page, line 22, through 4th page , line 10, user information, ID token, accessing Kubernetes);
generating a token upon verification of the access credentials, the token comprising the orchestrator credential (Bai, 2nd page, line 31, generates the identity token; 2nd page, lines 23-25, identity, 3rd page, line 22, through 4th page , line 10, user information, ID token, accessing Kubernetes);
providing the token to the user entity (Bai, 5th page, lines 9-13, the user carries the obtained ID Token and accesses the Kubernetes resource);
making a determination based on the token regarding whether the at least one request is a valid request; in a first instance of the determination in which the request is the valid request (Bai, 3rd page, line 22, through 4th page , line 10, ID Token is a form of non-name token, itself records an authentication declaration of the user identity by an authority authentication mechanism).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Bai with the method/ non-transitory machine-readable medium/ data processing system of Goel, Lal, and Dill to include receiving, from a user entity, access credentials comprising a user credential that authenticates an identity of a user and an orchestrator credential that identifies an orchestrator in a distributed environment; generating a token upon verification of the access credentials the token comprising the orchestrator credential; providing the token to the user entity; making a determination based on the token regarding whether the at least one request is a valid request to provide users with the benefits of identity identification of various account systems (Bai: abstract).
Regarding claim 9, Goel discloses a non-transitory machine-readable medium having instructions stored therein, which when executed by a processor, cause the processor to perform operations for managing vouchers, the operations comprising (Goel: paragraph 0034, processor, programs, controller, memory , RAM, storage);
obtaining at least one request for at least two vouchers to onboard a data processing system to any of at least two orchestrators; (Goel, paragraph 0001, onboarding information handling systems; paragraph 0095, the onboarding of those infrastructure devices in a “lights-out” datacenter; certificates of newly added infrastructure devices; secure onboarding; authentication token-based device; devices onboard NOTE: Applicant’s discloses in paragraphs 0024 and 0025, a first voucher includes a first chain of certificates; a second chain of certificates);
deploying a voucher to an orchestrator (Goel, paragraph 0061, provide a certificate in an infrastructure device, paragraph 0042, onboarding engine 304).
Goel discloses obtaining at least one request for at least two vouchers to onboard a data processing system, but does not explicitly disclose obtaining at least one request for at least two vouchers to onboard a data processing system to any of at least two orchestrators.
However, Lal discloses obtaining at least one request for at least two vouchers to onboard a data processing system to any of at least two orchestrators (Lal, paragraph 0027, each domain has its own dedicated orchestrator, (e.g., Wi-Fi sub-orchestrator 360 for Wi-Fi domain 320; DOCSIS sub-orchestrator 370 for DOCSIS domain 340) in place of single orchestrator 301, the sub-orchestrators 360. 370 directly control the functionalities of their respective domain, The DOCSIS and Wi-Fi domains of the system may be controlled by the unified orchestrator 301. In the example, a common application manager 401 and/or a common policy server 402 serves both domains and are controlled by unified orchestrator 301 (or by their respective dedicated orchestrators 360, 370). ).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Lal with the method/ non-transitory machine-readable medium/ data processing system of Goel to include obtaining at least one request for at least two vouchers to onboard a data processing system to any of at least two orchestrators to provide users with the benefits of guaranteeing end to end quality of service in wireless connections (Lal: paragraph 0001).
Goel and Lal disclose deploying a voucher to an orchestrator, but do not explicitly disclose making a determination regarding whether the at least one request is a valid request; in a first instance of the determination in which the request is the valid request: obtaining the at least two vouchers; and deploying the at least two vouchers to the at least two orchestrators.
However, in an analogous art, Dill discloses making a determination regarding whether the at least one request is a valid request (Dill, paragraph 0220, used to authenticate the request);
in a first instance of the determination in which the request is the valid request (Dill, paragraph 0261, the token processing computer may determine whether the transaction is valid for the token, provide a transaction validation response);
obtaining the at least two vouchers (Dill, paragraph 0146, provisioning, on behalf of, paragraph 0128, provisioning, on behalf; paragraph 0225, provisioning, on behalf);
deploying the at least two vouchers to the at least two orchestrators (Dill, paragraph 0146, provisioning, on behalf of).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Dill with the method/ non-transitory machine-readable medium/ data processing system of Goel and Lal to include deploying a voucher to an orchestrator, but do not explicitly disclose making a determination regarding whether the at least one request is a valid request; in a first instance of the determination in which the request is the valid request: obtaining the at least two vouchers; and deploying the at least two vouchers to the at least two orchestrators to provide users with the benefits of interoperable token processing (Dill: abstract).
Goel, Lal, and Dill disclose making a determination regarding whether the at least one request is a valid request, but do not explicitly disclose receiving, from a user entity, access credentials comprising a user credential that authenticates an identity of a user and an orchestrator credential that identifies an orchestrator in a distributed environment; generating a token upon verification of the access credentials the token comprising the orchestrator credential; providing the token to the user entity; making a determination based on the token regarding whether the at least one request is a valid request
However, in an analogous art, Bai discloses receiving, from a user entity, access credentials comprising a user credential that authenticates an identity of a user and an orchestrator credential that identifies an orchestrator in a distributed environment (Bai, 3rd page, line 22, through 4th page , line 10, user information, ID token, accessing Kubernetes);
generating a token upon verification of the access credentials, the token comprising the orchestrator credential (Bai, 2nd page, line 31, generates the identity token; 2nd page, lines 23-25, identity, 3rd page, line 22, through 4th page , line 10, user information, ID token, accessing Kubernetes);
providing the token to the user entity (Bai, 5th page, lines 9-13, the user carries the obtained ID Token and accesses the Kubernetes resource);
making a determination based on the token regarding whether the at least one request is a valid request; in a first instance of the determination in which the request is the valid request (Bai, 3rd page, line 22, through 4th page , line 10, ID Token is a form of non-name token, itself records an authentication declaration of the user identity by an authority authentication mechanism).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Bai with the method/ non-transitory machine-readable medium/ data processing system of Goel, Lal, and Dill to include receiving, from a user entity, access credentials comprising a user credential that authenticates an identity of a user and an orchestrator credential that identifies an orchestrator in a distributed environment; generating a token upon verification of the access credentials the token comprising the orchestrator credential; providing the token to the user entity; making a determination based on the token regarding whether the at least one request is a valid request to provide users with the benefits of identity identification of various account systems (Bai: abstract).
Regarding claim 15, Goel discloses a data processing system, comprising: a processor; and a memory coupled to the processor to store instructions, which when executed by the processor, cause the processor to perform operations for managing vouchers, the operations comprising: (Goel: paragraph 0034, processor, programs, controller, memory , RAM, storage);
obtaining at least one request for at least two vouchers to onboard a data processing system to any of at least two orchestrators; (Goel, paragraph 0001, onboarding information handling systems; paragraph 0095, the onboarding of those infrastructure devices in a “lights-out” datacenter; certificates of newly added infrastructure devices; secure onboarding; authentication token-based device; devices onboard NOTE: Applicant’s discloses in paragraphs 0024 and 0025, a first voucher includes a first chain of certificates; a second chain of certificates);
deploying a voucher to an orchestrator (Goel, paragraph 0061, provide a certificate in an infrastructure device, paragraph 0042, onboarding engine 304).
Goel discloses obtaining at least one request for at least two vouchers to onboard a data processing system, but does not explicitly disclose obtaining at least one request for at least two vouchers to onboard a data processing system to any of at least two orchestrators.
However, Lal discloses obtaining at least one request for at least two vouchers to onboard a data processing system to any of at least two orchestrators (Lal, paragraph 0027, each domain has its own dedicated orchestrator, (e.g., Wi-Fi sub-orchestrator 360 for Wi-Fi domain 320; DOCSIS sub-orchestrator 370 for DOCSIS domain 340) in place of single orchestrator 301, the sub-orchestrators 360. 370 directly control the functionalities of their respective domain, The DOCSIS and Wi-Fi domains of the system may be controlled by the unified orchestrator 301. In the example, a common application manager 401 and/or a common policy server 402 serves both domains and are controlled by unified orchestrator 301 (or by their respective dedicated orchestrators 360, 370). ).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Lal with the method/ non-transitory machine-readable medium/ data processing system of Goel to include obtaining at least one request for at least two vouchers to onboard a data processing system to any of at least two orchestrators to provide users with the benefits of guaranteeing end to end quality of service in wireless connections (Lal: paragraph 0001).
Goel and Lal disclose deploying a voucher to an orchestrator, but do not explicitly disclose making a determination regarding whether the at least one request is a valid request; in a first instance of the determination in which the request is the valid request: obtaining the at least two vouchers; and deploying the at least two vouchers to the at least two orchestrators.
However, in an analogous art, Dill discloses making a determination regarding whether the at least one request is a valid request (Dill, paragraph 0220, used to authenticate the request);
in a first instance of the determination in which the request is the valid request (Dill, paragraph 0261, the token processing computer may determine whether the transaction is valid for the token, provide a transaction validation response);
obtaining the at least two vouchers (Dill, paragraph 0146, provisioning, on behalf of, paragraph 0128, provisioning, on behalf; paragraph 0225, provisioning, on behalf);
deploying the at least two vouchers to the at least two orchestrators (Dill, paragraph 0146, provisioning, on behalf of).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Dill with the method/ non-transitory machine-readable medium/ data processing system of Goel and Lal to include deploying a voucher to an orchestrator, but do not explicitly disclose making a determination regarding whether the at least one request is a valid request; in a first instance of the determination in which the request is the valid request: obtaining the at least two vouchers; and deploying the at least two vouchers to the at least two orchestrators to provide users with the benefits of interoperable token processing (Dill: abstract).
Goel, Lal, and Dill disclose making a determination regarding whether the at least one request is a valid request, but do not explicitly disclose receiving, from a user entity, access credentials comprising a user credential that authenticates an identity of a user and an orchestrator credential that identifies an orchestrator in a distributed environment; generating a token upon verification of the access credentials the token comprising the orchestrator credential; providing the token to the user entity; making a determination based on the token regarding whether the at least one request is a valid request
However, in an analogous art, Bai discloses receiving, from a user entity, access credentials comprising a user credential that authenticates an identity of a user and an orchestrator credential that identifies an orchestrator in a distributed environment (Bai, 3rd page, line 22, through 4th page , line 10, user information, ID token, accessing Kubernetes);
generating a token upon verification of the access credentials, the token comprising the orchestrator credential (Bai, 2nd page, line 31, generates the identity token; 2nd page, lines 23-25, identity, 3rd page, line 22, through 4th page , line 10, user information, ID token, accessing Kubernetes);
providing the token to the user entity (Bai, 5th page, lines 9-13, the user carries the obtained ID Token and accesses the Kubernetes resource);
making a determination based on the token regarding whether the at least one request is a valid request; in a first instance of the determination in which the request is the valid request (Bai, 3rd page, line 22, through 4th page , line 10, ID Token is a form of non-name token, itself records an authentication declaration of the user identity by an authority authentication mechanism).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Bai with the method/ non-transitory machine-readable medium/ data processing system of Goel, Lal, and Dill to include receiving, from a user entity, access credentials comprising a user credential that authenticates an identity of a user and an orchestrator credential that identifies an orchestrator in a distributed environment; generating a token upon verification of the access credentials the token comprising the orchestrator credential; providing the token to the user entity; making a determination based on the token regarding whether the at least one request is a valid request to provide users with the benefits of identity identification of various account systems (Bai: abstract).
Claims 2, 3, 10, 11, 16, and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Goel (US20220240083), published July 28, 2022, in view of Lal (US20250008379), filed June 29, 2023, Dill (US20150032627), filed July 24, 2014, and Bai (CN112217816), published January 12, 2021, and further in view of Bommisetty (US20230412396), filed June 6, 2023 .
Regarding claim 2, Goel, Lal, Dill, and Bai discloses the method of claim 1.
Goel, Lal, Dill, and Bai do not explicitly disclose wherein a first voucher of the at least two vouchers comprises: a first chain of certificates that delegates authority over the data processing system to a first of the at least two orchestrators.
However, in an analogous art, Bommisetty discloses wherein a first voucher of the at least two vouchers comprises: a first chain of certificates that delegates authority over the data processing system to a first of the at least two orchestrators (Bommisetty, paragraph 0014-0017, first request, first certificate server, first certificate chain, second request, second certificate server, second certificate chain).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Bommisetty with the method/ non-transitory machine-readable medium/ data processing system of Goel, Lal, Dill, and Bai to include wherein a first voucher of the at least two vouchers comprises: a first chain of certificates that delegates authority over the data processing system to a first of the at least two orchestrators to provide users with the benefits of automatic certificate management (Bommisetty: abstract).
Regarding claim 3, Goel, Lal, Dill, Bai, and Bommisetty discloses the method of claim 2. Goel, Lal, Dill, Bai, and Bommisetty disclose wherein a second voucher of the at least two vouchers comprises: a second chain of certificates that delegates authority over the data processing system to a second of the at least two orchestrators (Bommisetty, paragraph 0014-0017, first request, first certificate server, first certificate chain, second request, second certificate server, second certificate chain).
Regarding claim 10, Goel, Lal, Dill, and Bai discloses the non-transitory machine-readable medium of claim 9.
Goel, Lal, Dill, and Bai do not explicitly disclose wherein a first voucher of the at least two vouchers comprises: a first chain of certificates that delegates authority over the data processing system to a first of the at least two orchestrators.
However, in an analogous art, Bommisetty discloses wherein a first voucher of the at least two vouchers comprises: a first chain of certificates that delegates authority over the data processing system to a first of the at least two orchestrators (Bommisetty, paragraph 0014-0017, first request, first certificate server, first certificate chain, second request, second certificate server, second certificate chain).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Bommisetty with the method/ non-transitory machine-readable medium/ data processing system of Goel, Lal, Dill, and Bai to include wherein a first voucher of the at least two vouchers comprises: a first chain of certificates that delegates authority over the data processing system to a first of the at least two orchestrators to provide users with the benefits of automatic certificate management (Bommisetty: abstract).
Regarding claim 11, Goel, Lal, Dill, Bai, and Bommisetty discloses the non-transitory machine-readable medium of claim 10. Goel, Lal, Dill, Bai, and Bommisetty disclose wherein a second voucher of the at least two vouchers comprises: a second chain of certificates that delegates authority over the data processing system to a second of the at least two orchestrators (Bommisetty, paragraph 0014-0017, first request, first certificate server, first certificate chain, second request, second certificate server, second certificate chain).
Regarding claim 16, Goel, Lal, and Dill discloses the data processing system of claim 15.
Goel, Lal, and Dill do not explicitly disclose wherein a first voucher of the at least two vouchers comprises: a first chain of certificates that delegates authority over the data processing system to a first of the at least two orchestrators.
However, in an analogous art, Bommisetty discloses wherein a first voucher of the at least two vouchers comprises: a first chain of certificates that delegates authority over the data processing system to a first of the at least two orchestrators (Bommisetty, paragraph 0014-0017, first request, first certificate server, first certificate chain, second request, second certificate server, second certificate chain).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Bommisetty with the method/ non-transitory machine-readable medium/ data processing system of Goel, Lal, and Dill to include wherein a first voucher of the at least two vouchers comprises: a first chain of certificates that delegates authority over the data processing system to a first of the at least two orchestrators to provide users with the benefits of automatic certificate management (Bommisetty: abstract).
Regarding claim 17, Goel, Lal, Dill, Bai, and Bommisetty discloses the data processing system of claim 16. Goel, Lal, Dill, Bai, and Bommisetty disclose wherein a second voucher of the at least two vouchers comprises: a second chain of certificates that delegates authority over the data processing system to a second of the at least two orchestrators (Bommisetty, paragraph 0014-0017, first request, first certificate server, first certificate chain, second request, second certificate server, second certificate chain).
Claims 4, 12, and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Goel (US20220240083), published July 28, 2022, in view of Lal (US20250008379), filed June 29, 2023, Dill (US20150032627), filed July 24, 2014, and Bai (CN112217816), published January 12, 2021, and further in view of Rohleder (US20150310229), filed November 23, 2012 .
Regarding claim 4, Goel, Lal, Dill, and Bai disclose the method of claim 1.
Goel, Lal, Dill, and Bai do not explicitly disclose wherein the at least one request comprises: a first request obtained at a first point in time; and a second request obtained at a second point in time, wherein the first point in time and the second point in time are different points in time.
However, in an analogous art, Rohleder discloses wherein the at least one request comprises: a first request obtained at a first point in time; and a second request obtained at a second point in time, wherein the first point in time and the second point in time are different points in time (Rohleder, paragraph 0051, first request processing, subsequent second request processing).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Rohleder with the method/ non-transitory machine-readable medium/ data processing system of Goel, Lal, Dill, and Bai to include wherein the at least one request comprises: a first request obtained at a first point in time; and a second request obtained at a second point in time, wherein the first point in time and the second point in time are different points in time to provide users with the benefits of data protection (Rohleder: paragraph 0051).
Regarding claim 12, Goel, Lal, Dill, and Bai disclose the non-transitory machine-readable medium of claim 9.
Goel, Lal, Dill, and Bai do not explicitly disclose wherein the at least one request comprises: a first request obtained at a first point in time; and a second request obtained at a second point in time, wherein the first point in time and the second point in time are different points in time.
However, in an analogous art, Rohleder discloses wherein the at least one request comprises: a first request obtained at a first point in time; and a second request obtained at a second point in time, wherein the first point in time and the second point in time are different points in time (Rohleder, paragraph 0051, first request processing, subsequent second request processing).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Rohleder with the method/ non-transitory machine-readable medium/ data processing system of Goel, Lal, Dill, and Bai to include wherein the at least one request comprises: a first request obtained at a first point in time; and a second request obtained at a second point in time, wherein the first point in time and the second point in time are different points in time to provide users with the benefits of data protection (Rohleder: paragraph 0051).
Regarding claim 18, Goel, Lal, Dill, and Bai disclose the data processing system of claim 15.
Goel, Lal, Dill, and Bai do not explicitly disclose wherein the at least one request comprises: a first request obtained at a first point in time; and a second request obtained at a second point in time, wherein the first point in time and the second point in time are different points in time.
However, in an analogous art, Rohleder discloses wherein the at least one request comprises: a first request obtained at a first point in time; and a second request obtained at a second point in time, wherein the first point in time and the second point in time are different points in time (Rohleder, paragraph 0051, first request processing, subsequent second request processing).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Rohleder with the method/ non-transitory machine-readable medium/ data processing system of Goel, Lal, Dill, and Bai to include wherein the at least one request comprises: a first request obtained at a first point in time; and a second request obtained at a second point in time, wherein the first point in time and the second point in time are different points in time to provide users with the benefits of data protection (Rohleder: paragraph 0051).
Claims 5-7, 13, 14, 19, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Goel (US20220240083), published July 28, 2022, in view of Lal (US20250008379), filed June 29, 2023, Dill (US20150032627), filed July 24, 2014, Bai (CN112217816), published January 12, 2021, and Rohleder (US20150310229), filed November 23, 2012, and further in view of Zhan (US20250062980), PCT filed December 22, 2022.
Regarding claim 5, Goel, Lal, Dill, Bai, and Rohleder disclose the method of claim 4.
Goel, Lal, Dill, Bai, and Rohleder do not explicitly disclose wherein the first request indicates that a customer initially desired for the data processing system to join a first domain managed by a first orchestrator of the at least two orchestrators.
However, in an analogous art, Zhan discloses wherein the first request indicates that a customer initially desired for the data processing system to join a first domain managed by a first orchestrator of the at least two orchestrators (Zhan, paragraph 0026, first domain, second domain; paragraph 0027, restart request, joining request, reinitialized; paragraph 0028, one of the first and second network domains restarted and joined to the other of the first and second network domains).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Zhan with the method/ non-transitory machine-readable medium/ data processing system of Goel, Lal, Dill, Bai, and Rohleder to include wherein the first request indicates that a customer initially desired for the data processing system to join a first domain managed by a first orchestrator of the at least two orchestrators to provide users with the benefits of realizing efficient control of a network domain (Zhan: paragraph 0003).
Regarding claim 6, Goel, Lal, Dill, Bai, Rohleder, and Zhan disclose the method of claim 5. Goel, Lal, Dill, Rohleder, Bai, and Zhan disclose wherein the second request indicates that the customer, after sending the first request, desires for the data processing system to dynamically join either the first domain or a second domain managed by a second orchestrator of the at least two orchestrators (Zhan, paragraph 0026, first domain, second domain; paragraph 0027, restart request, joining request, reinitialized; paragraph 0028, one of the first and second network domains restarted and joined to the other of the first and second network domains).
Regarding claim 7, Goel, Lal, Dill, Bai, Rohleder, and Zhan disclose the method of claim 5. Goel, Lal, Dill, Rohleder, Bai, and Zhan disclose wherein the second request indicates that the customer, after sending the first request, desires for the data processing system to leave the first domain and join a second domain managed by a second orchestrator of the at least two orchestrators (Zhan, paragraph 0026, first domain, second domain; paragraph 0027, restart request, joining request, reinitialized; paragraph 0028, one of the first and second network domains restarted and joined to the other of the first and second network domains).
Regarding claim 13, Goel, Lal, Dill, Bai, and Rohleder disclose the non-transitory machine-readable medium of claim 12.
Goel, Lal, Dill, Bai, and Rohleder do not explicitly disclose wherein the first request indicates that a customer initially desired for the data processing system to join a first domain managed by a first orchestrator of the at least two orchestrators.
However, in an analogous art, Zhan discloses wherein the first request indicates that a customer initially desired for the data processing system to join a first domain managed by a first orchestrator of the at least two orchestrators (Zhan, paragraph 0026, first domain, second domain; paragraph 0027, restart request, joining request, reinitialized; paragraph 0028, one of the first and second network domains restarted and joined to the other of the first and second network domains).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Zhan with the method/ non-transitory machine-readable medium/ data processing system of Goel, Lal, Dill, Bai, and Rohleder to include wherein the first request indicates that a customer initially desired for the data processing system to join a first domain managed by a first orchestrator of the at least two orchestrators to provide users with the benefits of realizing efficient control of a network domain (Zhan: paragraph 0003).
Regarding claim 14, Goel, Lal, Dill, Bai, Rohleder, and Zhan disclose the non-transitory machine-readable medium of claim 13. Goel, Lal, Dill, Bai, Rohleder, and Zhan disclose wherein the second request indicates that the customer, after sending the first request, desires for the data processing system to dynamically join either the first domain or a second domain managed by a second orchestrator of the at least two orchestrators (Zhan, paragraph 0026, first domain, second domain; paragraph 0027, restart request, joining request, reinitialized; paragraph 0028, one of the first and second network domains restarted and joined to the other of the first and second network domains).
Regarding claim 19, Goel, Lal, Dill, Bai, and Rohleder disclose the data processing system of claim 18.
Goel, Lal, Dill, Bai, and Rohleder do not explicitly disclose wherein the first request indicates that a customer initially desired for the data processing system to join a first domain managed by a first orchestrator of the at least two orchestrators.
However, in an analogous art, Zhan discloses wherein the first request indicates that a customer initially desired for the data processing system to join a first domain managed by a first orchestrator of the at least two orchestrators (Zhan, paragraph 0026, first domain, second domain; paragraph 0027, restart request, joining request, reinitialized; paragraph 0028, one of the first and second network domains restarted and joined to the other of the first and second network domains).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Zhan with the method/ non-transitory machine-readable medium/ data processing system of Goel, Lal, Dill, Bai, and Rohleder to include wherein the first request indicates that a customer initially desired for the data processing system to join a first domain managed by a first orchestrator of the at least two orchestrators to provide users with the benefits of realizing efficient control of a network domain (Zhan: paragraph 0003).
Regarding claim 20, Goel, Lal, Dill, Bai, Rohleder, and Zhan disclose the data processing system of claim 19. Goel, Lal, Dill, Bai, Rohleder, and Zhan disclose wherein the second request indicates that the customer, after sending the first request, desires for the data processing system to dynamically join either the first domain or a second domain managed by a second orchestrator of the at least two orchestrators (Zhan, paragraph 0026, first domain, second domain; paragraph 0027, restart request, joining request, reinitialized; paragraph 0028, one of the first and second network domains restarted and joined to the other of the first and second network domains).
Claim 8 is rejected under 35 U.S.C. 103 as being unpatentable over Goel (US20220240083), published July 28, 2022, in view of Lal (US20250008379), filed June 29, 2023, Dill (US20150032627), filed July 24, 2014, and Bai (CN112217816), published January 12, 2021, and further in view of Sundararajan (US20210112034), filed October 15, 2019 .
Regarding claim 8, Goel, Lal, Dill, and Bai discloses the method of claim 1.
Goel, Lal, Dill, and Bai do not explicitly disclose wherein the at least two vouchers are adapted to instruct the data processing system to trust all of the at least two orchestrators.
However, in an analogous art, Sundararajan discloses wherein the at least two vouchers are adapted to instruct the data processing system to trust all of the at least two orchestrators (Sundararajan: paragraph 0029, management plane, control plane; paragraph 0037, control plane, management plane, paragraph 0116, trusted devices. Certificate, paragraph 0031, instruct).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Sundararajan with the method/ non-transitory machine-readable medium/ data processing system of Goel, Lal, Dill, and Bai to include wherein the at least two vouchers are adapted to instruct the data processing system to trust all of the at least two orchestrators to provide users with the benefits of enabling network optimization (Sundararajan: paragraph 0001).
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to WALTER J MALINOWSKI whose telephone number is (571)272-5368. The examiner can normally be reached 8-6:30 MTWH.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, LUU PHAM can be reached at 5712705002. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/W.J.M/Examiner, Art Unit 2439
/LUU T PHAM/Supervisory Patent Examiner, Art Unit 2439