DETAILED ACTION
This Office Action is in response to claims filed on 03/26/2026.
Claims 1-17 are pending.
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Arguments
Applicant's arguments filed 03/26/2026 have been fully considered but they are not persuasive. Applicant argues in substance:
The Examiner acknowledges that Gagliardi fails to teach manipulating the identity of the operating system process in response to determining the current operating system is privileged (Office Action, Pg. 4). To cure this deficiency, the Examiner turns to Tinnes.
However, Tinnes does not teach the claimed limitations, and the Examiner’s proposed combination relies on a fundamental mischaracterization of the reference. The Examiner cites Tinnes for teaching “changing an original identity of a current operating system process to the first identity” (Office Action, pg. 4, citing Tinnes Col. 6). But a review of Tinnes reveals it discloses dynamically restricting the privileges of target processes using a root setuid binary. Tinnes does not teach an agent loader process determining it is privileged and subsequently changing its own identity to match the identity of a separate target process prior to agent injection.
With respect to point (a), Examiner respectfully disagrees. Applicant argues in substance that the Tinnes reference does not teach the recited limitation regarding “changing an original identity of a current operating system process to the first identity” as Tinnes is directed towards “restricting privileges of target processes”.
However, Examiner does not rely on the entirety of Tinnes’s disclosure for the teaching of the limitation. The Examiner relies upon the portions of the Tinnes’s disclosure relevant to claimed limitation. The claimed as recited, under broadest reasonable interpretation, refers merely to changing the identity of a process with respect to its privilege. That is, the interpretation set forth by the Applicant in remarks with respect to “subsequently changing its own identity to match the identity” is absent from the claim, and therefore is not commensurate with the scope of the claim. The claim language does not require that the operating system process “chang[e] its own identity”, nor does it require “matching”. As such, Tinnes’s disclosure of “executing a binary” (Tinnes, Col. 6) associated with the Root Setuid (Tinnes, FIG. 1, 108) reasonably teaches the change of identity of a current operating system process associated with root privilege.
Applicant imports the broader context and features of Tinnes to suggest that Tinnes and the claimed invention are unrelated, and further, that the Examiner has mischaracterized the reference. However, Examiner respectfully submits that the rejection does not rely on Tinnes’s overall objective. Rather, the Examiner refers strictly to the specific feature disclosed in Tinnes that is relevant to the claimed limitation.
Argument has not been found to be persuasive.
Furthermore, under MPEP 2143, a rejection under 35 U.S.C. 103 requires a rational underpinning to support the legal conclusion of obviousness. The Examiner states the motivation to combine Gagliardi and Tinnes to: “to provide a method that allows for non-root processing operating system to obtain privileges … on an as-needed basis” (Office Action, pg. 4). This stated motivation is entirely backwards and contradicts the claimed invention. Claim 1 explicitly requires the system to determine that the current operating system process is privileged, and then change it identity to the first identity (which belongs to the target process and may be unprivileged). The invention actively drops or alters privileges to match a target; it does not seek to allow a non-root process to “obtain” privileges.
With respect to point (b), Examiner respectfully disagrees. Applicant argues in substance that the motivation applied by the Examiner is “entirely backwards and contradicts the claimed invention”, as the claimed invention is not seeking to “allow a non-root process to “obtain” privileges”.
However, the full disclosure of Tinnes, as discussed in the Office Action, reveals that “privileges … may be granted or denied on an as-needed basis to one or more processes within an operating system to reduce the likelihood that vulnerabilities associated with the privileges may be exploited by attacks” (Col. 1). Tinnes, thus, describes a motivation for both obtaining and releasing privileges associated with manipulating a process identity. As discussed above, the Examiner relies upon Tinnes to teach the limitations strictly associated with claimed limitation of “changing an original identity of a current operating system process to the first identity … reinstating the original identity of the current operating system process”.
The Examiner respectfully maintains that the expressed motivation of the Office Action is both rational and relevant to the claimed invention. The expressed motivation rationale would be obvious to one of ordinary skill in the art recognizing the benefit of secure execution of programs facilitated by privilege management on a per process basis (Tinnes, Col. 1). The facilitation of privileges on a per-process basis is the rationale for the rejection and is associated directly with the claimed operation of changing a process’s identity. For the reasons set forth above and herein, Examiner respectfully maintains the rejection of Gagliardi in view of Tinnes.
Argument has not been found to be persuasive.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1, 5, 9, 13, 17 are rejected under 35 U.S.C. 103 as being unpatentable over Gagliardi Pub. No. US 2014/0059527 A1 (hereinafter Gagliardi) in view of Tinnes et al. Patent No. US 8,621,647 B1 (hereinafter Tinnes).
With regard to claim 1, Gagliardi teaches a method of loading an agent into a virtual machine, the method comprising ([0029], Aspects of the present disclosure are described herein with reference to flowchart illustrations and/or block diagrams of methods, apparatuses (systems) and computer program products according to embodiments of the disclosure; [0031], Technology is disclosed herein for updating an Agent, such as an Agent for a JAVA Application running in a JVM.):
receiving a path to an agent and an options string ([0036], Agents that perform functions other than performance monitoring can be also be used with the technology described herein. No particular function for an Agent is required. In one embodiment, an Agent can be anything that makes use of the -javaagent option of the Java Instrumentation API; [0042], Block 402 at FIG. 5 includes launching the JVM with the -javaagent parameter specifying the class path to agent.jar) wherein the agent comprises a set of classes built to perform an action ([0036], In such an embodiment, the class flies for the Agent would be stored in a jar file. In another embodiment, an agent can be a process that manages another process on behalf of a third process or acts on behalf of a third process; [0038], The jar file 340 containing the Agent class files is referred to as agent.jar 340. The class path for agent.jar is “C:\agent.jar” 340 is one example of Agent code 204 from FIG. 2);
resolving, using a process identifier, a first identity of a first process comprising a virtual machine instance that has not been augmented by the agent on a host (Once reference to a virtual machine is obtained, the loadAgent, loadAgentLibrary, and loadAgent path methods are used to load agents into target virtual machine. The loadAgent method is used to load agents that are written in the Java Language and deployed in a JAR file);
performing augmentation on the first process by ([0041], FIGS. 5, 6, 7A, 7B and 8 are flow charts which describe more details for managing the versions of an Agent that is implemented using the -javaagent option of the Java Instrumentation API according to the embodiments of FIGS. 2-4):
…
injecting the agent into the virtual machine instance with the path and the options string as arguments of an injection ([0042], Block 402 at FIG. 5 includes launching the JVM with the -javaagent parameter specifying the class path to agent.jar … Once the appropriate class files have their byte code instrumented, the Application is now a managed Application. In block 428, the managed Application (Examiner notes: Application executing within the JVM) is run with the Agent);
However, Gagliardi does not explicitly teach manipulating the identity of operating system process in response to determining the current operating system is privileged.
Tinnes teaches changing an original identity of a current operating system process to the first identity in response to determining that the current operating system is privileged (Col. 6, the privileges may be restricted for the target process by executing a binary that processes the request using services provided by a kernel of the operating system (operation 204).);
…
reinstating the original identity of the current operating system process (Fig. 2, Continue processing requests? 220 may terminate, ending root permissions; Col. 7, Requests for restriction of privileges may continue to be processed (operation 220).
It would have been obvious to one of ordinary skill in the art at the time the invention was filed to apply the teachings of Tinnes with the teachings of Gagliardi in order to provide a method that teaches manipulating process identity in response to determining operating system privilege. The motivation for applying Tinnes teaching with Gagliardi teaching is to provide a method that allows for non-root processing operating system to obtain privileges associated with filesystem access, network access, and/or inter-process communication on an as-needed basis to reduce the likelihood of exploiting vulnerabilities associated with privileges (Tinnes, Col. 1). Gagliardi and Tinnes are analogous art directed towards program control arrangements. Therefore, it would have been obvious for one of ordinary skill in the art to combine Tinnes with Gagliardi to teach the claimed invention in order to provide privilege access management.
With regard to claim 9, Gagliardi teaches a system for loading an agent into a virtual machine, comprising: at least one memory ([0059], FIG. 11 illustrates a high level block diagram of a computer system which can be used to implement the technology described above … Main memory 972 stores, in part, instructions and data for execution by processor unit 970);
at least one hardware processor coupled with the at least one memory and configured, individual or in combination, to ([0059], The computer system of FIG. 11 includes a processor unit 970 in communication with main memory 972)
Claim 9 is a computer system claim having similar limitation to claim 1, Thus, claim 9 is rejected for the same rationale as applied to claim 1.
With regard to claim 17, Gagliardi teaches a non-transitory computer readable medium storing thereon computer executable instructions ([0003], These computer program instructions may also be stored in a computer readable medium that when executed can direct a computer, other programmable data processing apparatus, or other devices to function in a particular manner, such that the instructions when stored in the computer readable medium) for load an agent into a virtual machine ([0031], Technology is disclosed herein for updating an agent, such as an Agent for a Java Application running in a JVM)
Claim 17 is a non-transitory computer readable medium having similar limitation to claim 1, Thus, claim 17 is rejected for the same rationale as applied to claim 1.
With regard to claim 5, Tinnes teaches further comprising:
determining that the current operating system process is privileged (Col. 4, In one or more embodiments, computing system 102 includes functionality to dynamically restrict the privileges of non-root target processes 104-106 without requiring administrator intervention, root access, and/or changes to the LINUX kernel. In one or more embodiments, target processes 104-106 generate requests to restrict privileges within Linux-based operating systems);
setting a real user identifier and a group identifier to those of a root user to facilitate subsequent dropping and restoring of the privilege (Col. 4, Linux setuid binary 108 may receive the requests and process the requests during execution of target processes 104-106. In one or more embodiments, root setuid binary 108 executes within Linux-based operating systems 110 as privileged and/or root process. Furthermore, root setuid binary 108 may use services (e.g., system calls, utilities, etc.) provided by a kernel 112 of Linux-based operating system 110 to restrict the privileges of target process 104-106. In other words, root setuid binary 108 may allow non-root target processes 104-106 to use privilege restriction mechanisms typically associated with root or privileged processes without giving root privileges to target processes 104-106).
Rationale to claim 1 applied here.
Examiner notes: It would have been obvious for one of ordinary skill in the art to recognize that assignment of root UID and GID to the identity of the process facilitates the dropping and restoring of privileges to such process, thus participates in aiding privilege assignment on an on-need basis, as recited in the motivation for claim 1.
With regard to claim 13, it is a computer system claim having similar limitations to claim 5. Thus, claim 13 is rejected for the same rationale as applied to claim 5.
Claims 2, 10 are rejected under 35 U.S.C. 103 as being unpatentable over Gagliardi and Tinnes as applied to claim 1, 9 above, and further in view of Linux Programmer’s Manual “proc(5) – Linux manual page” (hereinafter Man page).
With regard to claim 2, Man page teaches wherein resolving the identity comprises:
retrieving a status file associated with the process identifier (Pg. 1, The proc filesystem is a pseudo-filesystem which provides an interface to kernel data structure. It is commonly mounted at /proc; Pg. 11, /proc/[pid]/status, provides much of the information in /proc/[pid]/stat and /proc/[pid]/statm in a format that’s easier for humans to parse (Examiner notes: where the status file is associated with the particular [pid] entry);
parsing the status file to determine an effective user identifier and an effective group identifier, wherein the first identity comprises the effective user identifier and the effective group identifier (Pg. 12, The fields are as follows: Uid, Gid: Real, effective, saved set, and filesystem UIDs (GIDs) (Examiner notes: Such that the UID and GID are formatted in arrangement directed for parsing and directly associated with the particular process identifier).
It would have been obvious to one of ordinary skill in the art at the time the invention was filed to apply the teachings of Man page with the teachings of Gagliardi and Tinnes in order to provide a method that teaches parsing the status file of an associated process identifier to determine an effective user and effective group identifier. The motivation for applying Man page teaching with Gagliardi and Tinnes teaching is that Man page discloses a known technique for extracting the effective user identifier and effective group identifier from an associated process status file, such that one skilled in the art would have recognized a finite set of well-known mechanisms for obtaining the effective UID and GID, and parsing a status file as taught by the Man page represents an obvious solution to try, with a reasonable expectation of success. Gagliardi and Tinnes and Man page are analogous art directed towards program control arrangements. Therefore, it would have been obvious for one of ordinary skill in the art to combine Man page with Gagliardi and Tinnes to teach the claimed invention in order to provide parsing of process status file to determine an effective user identifier and effective group identifier.
With regard to claim 10, it is a computer system claim having similar limitations to claim 2. Thus, claim 10 is rejected for the same rationale as applied to claim 2.
Claims 3, 4, 11, 12 are rejected under 35 U.S.C. 103 as being unpatentable over Gagliardi and Tinnes as applied to claim 1, 9 above, and further in view of Oracle Documentation Attach API "Class VirtualMachine" (hereinafter Oracle).
With regard to claim 3, Oracle teaches further comprising identifying the virtual machine instance by:
retrieving a list of virtual machine descriptors wherein each descriptor designates a process running a virtual machine (Pg. 4, This method returns a list of Java VirtualMachineDescriptor elements. This list is an aggregation of the virtual machine descriptor lists obtained by invoking the listVirtualMachines method of all installed attach providers. If there are no Java virtual machines known to any provider then an empty list is returned); and
identifying the virtual machine instance in the list (Pg. 1, a VirtualMachine instance is obtained by invoking the attach method with a VirtualMachineDescriptor obtained from the list of virtual machine descriptors returned by the list method (Examiner notes: Such that obtaining a virtual machine instance necessitates identification).
It would have been obvious to one of ordinary skill in the art at the time the invention was filed to apply the teachings of Oracle with the teachings of Gagliardi and Tinnes in order to provide a method that teaches virtual machine identification through virtual machine descriptors list. The motivation for applying Oracle teaching with Gagliardi and Tinnes teaching is to provide a method that applies the known methods of maintaining a list of virtual machine descriptors designating running processes with the known methods of injecting an agent into a virtual machine using known attachment techniques to yield predictable results. Gagliardi and Tinnes and Oracle are analogous art directed towards program control arrangements. Therefore, it would have been obvious for one of ordinary skill in the art to combine Oracle with Gagliardi and Tinnes to teach the claimed invention in order to provide virtual machine descriptors list for virtual machine identification.
With regard to claim 11, it is a computer system claim having similar limitations to claim 3. Thus, claim 11 is rejected for the same rationale as applied to claim 3.
With regard to claim 4, Oracle teaches wherein performing the augmentation on the process comprises executing a Java attach mechanism (Pg. 4, This method obtains the list of attach providers by invoking the AttachProvider.providers() method. It then iterates over the list and invokes each provider’s attachVirtualMachine method in turn. If a provider successfully attaches then the iteration terminates, and the VirtualMachine created by the provider that successfully attached is returned by this method).
Rationale to claim 3 applied here.
Examiner notes: It would have been obvious for one of ordinary skill in the art to recognize that upon retrieving a virtual machine descriptor from a descriptor list, such virtual machine descriptor can be utilized in performing augmentation through the Java attach mechanism to yield predictable results.
With regard to claim 12, it is a computer system claim having similar limitations to claim 4. Thus, claim 12 is rejected for the same rationale as applied to claim 4.
Claims 6, 7, 14, 15 are rejected under 35 U.S.C. 103 as being unpatentable over Gagliardi and Tinnes as applied to claim 1, 9 above, and further in view of Cheriton et al. "Distributed Process Groups in the V Kernel" (hereinafter Cheriton).
With regard to claim 6, Cheriton teaches wherein the first identity belongs to both the first process and a second process (Pg. 77, In this environment of many cooperating processes on different machines, there are many logical groups of processes … In this paper we describe the extension of the V kernel to support process groups; Pg. 85, A group identifier encodes in its high-order bits the logical host group for this group, the set of hosts on which members of this process group reside), further comprising:
populating a hash table comprising the first identity and process identifiers for the first process and a second process, wherein keys of the hash table are identities and values of the has table are lists of process identifiers (Pg. 85, Each instantiation of the kernel maintains a hash table accessed by group identifier recording the group membership of all processes local to this kernel. For each group membership of a local process pid, there is a record containing the (group-id, pid) pair);
grouping the first process and the second process based on matching identities (Pg. 85, The membership information for ta group is distributed across all the hosts that have members in the group. In particular, each kernel only maintains information about its own processes).
It would have been obvious to one of ordinary skill in the art at the time the invention was filed to apply the teachings of Cheriton with the teachings of Gagliardi and Tinnes in order to provide a method that teaches a hash table data structure comprising of identity and process identifier key-value pairs. The motivation for applying Cheriton teaching with Gagliardi and Tinnes teaching is to provide a method that allows for distributed communications of a plurality of processes through the use of group and group operations by leveraging interprocess communications without the need for independent network-specific facilities (Cheriton, Pg. 79). Gagliardi and Tinnes and Cheriton are analogous art directed towards program control arrangements. Therefore, it would have been obvious for one of ordinary skill in the art to combine Cheriton with Gagliardi and Tinnes to teach the claimed invention in order to provide a hash table data structure grouping distributed processes.
With regard to claim 14, it is a computer system claim having similar limitations to claim 6. Thus, claim 14 is rejected for the same rationale as applied to claim 6.
With regard to claim 7, Cheriton teaches further comprising:
querying a respective identity of each process with operating system facilities (Fig. 5, Group message forwarded to group members processes; Pg. 81, The basic communication model provided by the V kernel is that of processes communicating by message transactions. A message transaction is initiated by a client process executing send, which transmits a request message to a server and blocks the execution of the client until a reply message is returned … Sending to a group is similar to sending to a process, except that a group-id is specified instead of a process id. That is, pid = Send(message, group-id) sends a message to the group with group identifier group-id, which in turn forwards to message to each member in the group, as shown in Figure 5. The sender blocks out until at least one process has received the message and sent back a reply using Reply … The pid of the first process to reply is returned by Send); and
placing a respective identifier of each process in the hash table (Pg. 80, The operation JoinGroup(group-id, pid) makes the process with process id pid a member of the group with group identifier group-id.).
It would have been obvious to one of ordinary skill in the art at the time the invention was filed to apply the teachings of Cheriton with the teachings of Gagliardi and Tinnes in order to provide a method that teaches the method of querying independent processes through operating system facilities and incorporating process identifiers into a hash table data structure. The motivation for applying Cheriton teaching with Gagliardi and Tinnes teaching is to provide a method leverages simple kernel routines to perform kernel process management, group management, and memory management operations in a streamlined manner (Cheriton, Pg. 87). Gagliardi and Tinnes and Cheriton are analogous art directed towards program control arrangements. Therefore, it would have been obvious for one of ordinary skill in the art to combine Cheriton with Gagliardi and Tinnes to teach the claimed invention in order to provide kernel operations to support group process management.
With regard to claim 15, it is a computer system claim having similar limitations to claim 7. Thus, claim 15 is rejected for the same rationale as applied to claim 7.
Claims 8, 16 are rejected under 35 U.S.C. 103 as being unpatentable over Gagliardi, Tinnes, and Cheriton as applied to claim 7, 15 above, and further in view of Hunt Patent Number 6,154,747 (hereinafter Hunt).
With regard to claim 8, Hunt teaches further comprising:
defining objects embedding operating system-specific information to distinguish identities (Col. 2, The method of the present invention includes storing an object identifier and a representation of the object in a first hash table and storing data about the object and the object identifier in a plurality of paired hash tables with the hash tables organized in a mirrored table pairs for storage of the object.);
using the objects as keys inside hash tables (Col. 6, Preferably, the database used to implement the hast tables of repository 18 generate the key for storing information in a hash table by providing an object identifier (OID) as an argument to a hashing function. The value generated by the hashing function is used as a key for storing data in a hash table.); and
altering a list of processes without modifying the hash table (Col. 5 – Col. 6, The exemplary operations that an application programmer may use in an application program 14 supported by the gateway definitions shown in FIG. 3 are: SUBMIT object, GET object, GET update object, UPDATE object, REMOVE object, and QUERY for objects (Examiner notes: Such that performing operations in relation to an OID merely alters object associated with the given OID while maintaining the hash table structure as a whole).
It would have been obvious to one of ordinary skill in the art at the time the invention was filed to apply the teachings of Hunt with the teachings of Gagliardi, Tinnes, and Cheriton in order to provide a method that teaches a hash table data structure capable of defining and storing objects such that can be altered without modifying the underlying data structure. The motivation for applying Hunt teaching with Gagliardi, Tinnes, and Cheriton teaching is to provide a method that allows for management of objects used by object-oriented applications such that provides a standard for objects to be created, removed, retrieved, or updated programmatically (Hunt, Col. 1). Gagliardi, Tinnes, and Cheriton and Hunt are analogous art directed towards program control arrangements. Therefore, it would have been obvious for one of ordinary skill in the art to combine Hunt with Gagliardi, Tinnes, and Cheriton to teach the claimed invention in order to provide an object-defined hash table.
With regard to claim 16, it is a computer system claim having similar limitations to claim 8. Thus, claim 16 is rejected for the same rationale as applied to claim 8.
Conclusion
THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Jattach
teaches
Lines 47-48, // In HotSpot, dynamic attach is allowed only for clients with the same euid/egid.
// If we are running under root, switch to the required euid/egid automatically.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to IVAN A CASTANEDA whose telephone number is (571)272-0465. The examiner can normally be reached Monday-Friday 9:30AM-5:30PM EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Aimee Li can be reached at (571) 272-4169. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/I.A.C./Examiner, Art Unit 2195
/Aimee Li/Supervisory Patent Examiner, Art Unit 2195