DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claims 1-20 are presented for examination.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 1, 8, 14 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more.
Claims 1, 8, 14:
Step 1: Statutory Categories: Claim 1: A process (method). Claim 8: An article of manufacture (memory storage device). Claim 14: A machine (system).
Step 2A: Are the claims directed to a judicial exception? Prong 1: Does the claim recite an abstract idea?
The independent claims recite the process of:
1. Setting up messaging resources in a broker.
2. Assigning a routing key variable.
3. Subscribing to the resources.
4. Fetching a derived value.
5. Posting a message using the derived value.
6. Notifying the consumer.
The claims recite the concept of routing information between a sender and a receiver using an intermediary and an assigned identifier. This underlying concept essentially describes the basic, logical concept of a "publish-subscribe" communication model or data routing. The courts have consistently held that collection, routing, and distribution of information is generally considered a "method of organizing human activity" or a fundamental mental process, rendering it an abstract idea.
Prong 2: Does the claim integrate the abstract idea into a practical application? To survive Step 2A, the claim must integrate the abstract idea into a practical application, such as by reciting a specific improvement to the functioning of a computer or network.
The specification (Paragraphs [0027]-[0031]) identifies a specific technical problem: in conventional messaging infrastructure (like microservices using a message broker), resources like queues and bindings are static and tightly coupled, allowing malicious actors to snoop on the relationships and decipher data. The proposed technical solution is the dynamic rotation of these relationships and routing keys. While the specification describes a technical improvement, independent Claims 1, 8, and 14 do not actually recite the rotation. They recite the use of a "messaging resource rotation service," but the actions performed by this service in the independent claims are limited to assigning variables, fetching values, and notifying. Without the active step of "rotating" the resources, The claims read on a highly conventional publish-subscribe messaging model. Wherein the actual technical solution is absent from the claim language, the independent claims likely fail to integrate the abstract idea into a practical application and are directed to an abstract idea.
Step 2B: Do the claims recite an "inventive concept" (significantly more)?
The elements recited ("message producer application," "message broker," "message consumer application") are generic computer components operating in their conventional capacities. The "messaging resource rotation service" is functionally claimed at a high level of generality (assigning a key, fetching a value). The independent claims merely automate standard message routing using generic computer components, they lack an inventive concept.
Analysis of Dependent Claims -
The dependent claims add further technical specificity and are considered statutory.
Claims 2-4, 9-11, 15-17 (Rotation/Notification): These add the dynamic rotation of the routing key and the notification mechanisms. These steps reinforce the "improvement to computer functionality/security" argument under Step 2A, Prong 2.
Claims 5-6, 12-13, 18-19 (Vault/KMS): Storing the key in a key vault or Key Management Service (KMS). While a KMS is a standard tool, tying the specific rotation service to an external vault grounds the claim further in concrete computer architecture.
Claim Rejections - 35 USC § 112
The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.
The following is a quotation of the first paragraph of pre-AIA 35 U.S.C. 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention.
Claims 1-20 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the enablement requirement. The claims contains subject matter which was not described in the specification in such a way as to enable one skilled in the art to which it pertains, or with which it is most nearly connected, to make and/or use the invention. Claims 1, 8, and 14 state “fetching/provide…a routing key variable derived value”. However, the specification does not provide technical detail on how this value is derived. Paragraph [0031] states “The end resource is derived from top, or parent, node”. The specification fails to enable the derivation of the value.
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
Claims 14-20 rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention.
Claim 14 relies on alternating where the execution is taking place, such as “configured to be executed by a same or an other IHS” and “executed by the same, the other, or yet an other IHS”. Repeated recitations of “same, other, or yet another” makes it difficult to definitely map the boundaries of the claimed system. It is unclear whether the system requires, one, two or three separate Information Handling Systems.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over US 12,101,402 to Giblin et al, and further in view of US 2024/0126632 to Habel et al.
Regarding claim 1, Giblin teaches a method for providing enhanced Information Handling System (IHS) messaging infrastructure security (publish-subscribe system 200) comprising:
setting up, by a message producer application, via a messaging resource rotation service, messaging resources in a message broker (col. 17, line 34: publish-subscribe system 200 with a message broker 202 and a proxy 203. Clients 206, 208 of the publish-subscribe system 200 may communicate with the broker 202 via the proxy 203. Similarly, the broker 202 may communicate with the clients 206, 208 via the proxy 203. In case of FIG. 5, the encryption module 201 for encrypting and decrypting messages is comprised by the proxy 203. Thus, the proxy 203 may be configured for encrypting and decrypting messages.);
assigning, by the messaging resource rotation service, a routing key variable (col. 18, line 18: Each of the stored messages is assigned with a cryptographic key of a group of one or more cryptographic keys and encrypted with the assigned cryptographic key. The publish-subscribe system provides a broker service for routing the stored messages to one or more subscribers of the topics to which the routed messages are assigned.);
subscribing, by a message consumer application, via the messaging resource rotation service, to the messaging resources (col. 16, line 31: Messages 204 stored in the topics 210 are forwarded by the broker 202 to the consumers 208 subscribing to the respective topics 210.);
fetching, by the message producer application, a routing key variable derived value (col. 18, line 24: decrypting the message to be routed using the assigned cryptographic key of the respective message and sending the decrypted messages to one or more of the subscribers of the assigned topic.).
Giblin lacks or does not expressly disclose posting a message and notifying about a message being posted. However, Habel teaches
posting, by the message producer application, a message, using the fetched routing key derived variable value and
notifying, the message consumer application that subscribed to the message resources, by the message broker, about the posting of the message (0186: the pub/sub bus 931 notifies the rules/remediation coordinator 940, the rules evaluator 960, and task execution engine 970 when a message is posted to a topic (e.g., pub/sub EMS topic 930 and/or pub/sub/auto-heal topic 950) to which they have subscribed. For example, following completion of the subscription requests, upon occurrence of a key EMS event to which the rules/remediation coordinator 940 is subscribed, the pub/sub bus 960 is shown notifying the rules/remediation coordinator 940 regarding the occurrence of subscribed EMS event within the data storage system.).
It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify Giblin with Habel to teach posting and notifying about a message in order to be alerted about a topic, as taught by Habel, 0186.
Regarding claim 2, Giblin, as modified above, further discloses the method of claim 1, further comprising rotating the routing key variable, by the messaging resource rotation service (col. 20, line 19: a key rotation, i.e., to replace the existing cryptographic key k.sub.1 assigned to the existing topic t.sub.1 210 and used for encrypting the encrypted messages 205 stored in the message log of topic t.sub.1 210, a re-encryption may be executed. For example, a re-encryption workflow may be executed comprising adding an additional topic t.sub.2 220. The key rotation may, e.g., be initiated by creating an additional cryptographic key k.sub.2 for the additional topic t.sub.2 220. The encryption module may be updated to encrypt new messages, i.e., messages received by the broker 202 or a proxy, using the additional key k.sub.2.).
Regarding claim 3, Giblin, as modified above, further discloses the method of claim 2, further comprising notifying, in the message broker, by the messaging resource rotation service, the message consumer application that subscribed to the message resources, of a new routing key variable resulting from rotation of the routing key variable (col. 20, line 46: The re-encryption process 214 may appends any new messages m, which arrived during re-encryption, to the additional topic t.sub.2 220. These new messages m may be encrypted using the additional cryptographic key k.sub.2 generating a ciphertext c.sub.2=E(k.sub.2,m) which is stored in the message log of the additional topic t.sub.2 220.).
Regarding claim 4, Giblin, as modified above, further discloses the method of claim 1, further comprising rotating the routing key variable derived value, by the messaging resource rotation service rotates (col. 18, line 29: he cryptographic key rotation comprises a re-encryption of each message of a first set of one or more first messages of the stored messages. Each of the first messages is assigned to a common first topic from the group of topics, assigned to a first cryptographic key of a first set of one or more first cryptographic keys of the group of cryptographic keys, and encrypted with the assigned first cryptographic key.).
Regarding claim 5, Giblin, as modified above, further discloses the method of claim 1, further comprising, storing, by the messaging resource rotation service, the routing key variable in a key vault in communication with the messaging resource rotation service (col 15, line 48: cryptographic keys used for encrypting and decrypting messages of the publish-subscribe system may be stored on or accessible for the computer system 100.).
Regarding claim 6, Giblin, as modified above, further discloses the method of claim 1, further comprising storing, by the messaging resource rotation service, the routing key variable with a key management service in communication with the messaging resource rotation service (col. 7, line 27: a key management service (KMS) to support the wrap and unwrap operations. The KMS is assumed to store the wrapping key in a highly secure fashion such that it never leaves the KMS. In a publish-subscribe setting the encryption module may store the wrapped key into a message header when a message is encrypted, removing the header during message decryption prior to responding to client requests.).
Regarding claim 7, Giblin, as modified above, further discloses the method of claim 1, wherein, in subscribing, by a message consumer application, via the messaging resource rotation service, to the messaging resources, the messaging resources are pointed out by the routing key variable (col. 19, line 12: The topic alias ta 212 may point to the topic t.sub.1 210, such that the received message is further assigned to the topic t.sub.1 210 and stored in a segment file 211 of a message log of topic t.sub.1 210.).
As per claims 8-13 and 14-20, this is a device and system version of the claimed method discussed above in claims 1-7 wherein all claimed limitations have also been addressed and/or cited as set forth above.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
US 10,574,440 teaches a computer system and method that enables delegated access to encrypted information for distributed messaging and queuing frameworks, or in general, to publish/subscribe architectures. In said frameworks and architectures, data is published by data producers and organized in channels or queues, which consumer applications can subscribe to, and that are managed by one or multiple broker entities.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to AUBREY H WYSZYNSKI whose telephone number is (571)272-8155. The examiner can normally be reached M-F 9-5.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, ALI SHAYANFAR can be reached at 571-270-1050. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/AUBREY H WYSZYNSKI/Primary Examiner, Art Unit 2434