DETAILED ACTION
This application has been examined. Claims 1-20 are pending.
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Making Final
Applicant's arguments filed 12/30/2025 have been fully considered but they are not persuasive.
The Examiner is maintaining the rejection(s) using the same grounds for rejection and thus making this action FINAL.
Response to Arguments
Applicant's arguments filed 12/30/2025 have been fully considered but they are not persuasive.
The Applicant presents the following argument(s) [in italics]:
… Biskup's container repository merely stores a container image, not a serverless filesystem that hosts a home directory used by the collaboration application as required by the claims….
The Examiner respectfully disagrees with the Applicant.
Biskup Paragraph 82,Paragraph 87 disclosed wherein the development ecosystem enables function-as-a-service execution of a data science experiment within a serverless execution environment. The deployment manager 136 may coordinate with the serverless computing environment for deployment of the code package 182 to the serverless execution environment. The cloud service provider may control the actual launch, management, and scaling of the tasks or microservices executing in the serverless computing environment.
Priority
The effective date of the claims described in this application is August 20, 2023.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim(s) 1-5,9-16,20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Biskup (USPGPUB 2020/0117434) further in view of Rogers (USPGPUB 2021/0117859) further in view of Chen (USPGPUB 2023/0205505)
Regarding Claim 1
Biskup Paragraph 21 disclosed software developers 104 working within the containerized developer workspace 106.
Biskup Paragraph 37 disclosed wherein version control system 116 may include a distributed, scalable version control system allowing developers to collaborate with team members through file sharing.
Biskup disclosed (re. Claim 1) a system for serverless containerization of a collaboration application that provides a virtual workspace for end users (Biskup-Paragraph 21,software developers 104 working within the containerized developer workspace 106.)
Biskup disclosed (re. Claim 1) a serverless filesystem (Biskup-Paragraph 82,Paragraph 87,the development ecosystem enables function-as-a-service execution of a data science experiment within a serverless execution environment) configured to receive an installation of the collaboration application and to host a home directory used by the collaboration application executing within the container, (Biskup-Paragraph 28, version control system 116, for example, may be maintained in the cloud analytics environment. The base project template provides the scaffolding for the developer's applications, including certain files residing in a certain directory structure, such that application code 118 and automated test algorithms 120 are stored in separate, designated spaces within storage 122.) wherein the serverless filesystem is also enabled with the security group of the container; (Biskup-Paragraph 21, Developers 104 working within the containerized developer workspace 106 develop software containers (e.g., a filesystem and parameters to use at runtime) and
a private cloud (PC) endpoint configured to establish a private connection with an end user interface, wherein the private connection provides secure network traffic between the PC endpoint the end user interface within a private network of the PC endpoint. (Biskup-Figure 5)
While Biskup substantially disclosed the claimed invention Biskup does not disclose (re. Claim 1)
a container platform interface configured to access a containerized application definition comprising a container identifier that identifies a container image of the collaboration application,
obtain the container image of the collaboration application from a container platform based on the container identifier,
generate a container for the container image, and execute the collaboration application within the container based on the container image,
Rogers Paragraph 32 disclosed wherein an edge manager 208 can specify models and model versions to be used by an application as part of a deployment configuration. When the edge manager 208 updates a deployment and the only update involves one or more model version differences, the application can identify that update and switch to the new model version without exiting.
Rogers disclosed (re. Claim 1) a container platform interface configured to access a containerized application definition comprising a container identifier that identifies a container image of the collaboration application, (Rogers-Paragraph 32,an edge manager 208 can specify models and model versions to be used by an application as part of a deployment configuration. When the edge manager 208 updates a deployment and the only update involves one or more model version differences, the application can identify that update and switch to the new model version without exiting.)
obtain the container image of the collaboration application from a container platform based on the container identifier, (Rogers-Paragraph 32,an edge manager 208 can specify models and model versions to be used by an application as part of a deployment configuration. When the edge manager 208 updates a deployment and the only update involves one or more model version differences, the application can identify that update and switch to the new model version without exiting.)
generate a container for the container image, and execute the collaboration application within the container based on the container image.(Rogers-Paragraph 38, an updated (or otherwise different) version of a model is generated 502 that is to be used with an inferencing application on one or more edge servers, or other such locations.)
Biskup and Rogers are analogous art because they present concepts and practices regarding containerized applications. Before the time of the effective filing date of the claimed invention it would have been obvious to combine Rogers into Biskup. The motivation for the said combination would have been to allow application and model development and release to be decoupled, and reduces the size of the application container image and its frequency of release or update.(Rogers-Paragraph 29)
While Biskup-Rogers substantially disclosed the claimed invention Biskup-Rogers does not disclose (re. Claim 1)
wherein the container is assigned with an Internet Protocol (IP) address and is associated with a security group that controls network traffic to and from the container;
a network load balancer configured with the IP address assigned to the container, the network load balancer allocating one or more computational resources for executing the collaboration application based on respective computational loads of a pool of computational resources;
Chen Figure 7 Paragraph 22 disclosed wherein offloading card sets a network processing rule for the third virtual function device. The network processing rule includes some or all of the following: a load balancing policy, a security group policy, quality of service, a routing rule (routing), and an address mapping rule. The security group policy may include an access control list (ACL).
Chen disclosed (re. Claim 1) wherein the container is assigned with an Internet Protocol (IP) address and is associated with a security group that controls network traffic to and from the container;( Chen- Figure 7 Paragraph 22,offloading card sets a network processing rule for the third virtual function device. The network processing rule includes some or all of the following: a load balancing policy, a security group policy, quality of service, a routing rule (routing), and an address mapping rule. The security group policy may include an access control list (ACL).)
a network load balancer configured with the IP address assigned to the container, the network load balancer allocating one or more computational resources for executing the collaboration application based on respective computational loads of a pool of computational resources; (Chen- Figure 7 Paragraph 22,offloading card sets a network processing rule for the third virtual function device. The network processing rule includes some or all of the following: a load balancing policy, a security group policy, quality of service, a routing rule (routing), and an address mapping rule. The security group policy may include an access control list (ACL).)
Biskup,Rogers and Chen are analogous art because they present concepts and practices regarding containerized applications. Before the time of the effective filing date of the claimed invention it would have been obvious to combine Chen into Biskup-Rogers. The motivation for the said combination would have been to allow wherein the container is created and managed by the offloading card inserted into the computing node. The computing node no longer needs to consume a resource to support a container management function, improving resource utilization of the computing node.(Chen-Paragraph 7)
Biskup-Rogers-Chen disclosed (re. Claim 1) a serverless database that is enabled with the security group of the container, (Chen- Figure 7 Paragraph 22,offloading card sets a network processing rule for the third virtual function device. The network processing rule includes some or all of the following: a load balancing policy, a security group policy, quality of service, a routing rule (routing), and an address mapping rule. The security group policy may include an access control list (ACL).)
the serverless database storing one or more project data records for the collaboration application executing within the container; (Biskup-Paragraph 68, software container service 102 deploys new software executable images defined by the staged software containers in the software container repository 134.Paragraph 75, software container service 102 API-enabled user interface may support accessing security groups, load balancing, block storage volume management)
Regarding Claim 12
Claim 12 (re. method) recites substantially similar limitations as Claim 1. Claim 12 is rejected on the same basis as Claim 1.
Regarding Claim 20
Claim 20 (re. instructions for serverless containerization of a collaboration application) recites substantially similar limitations as Claim 1. Claim 20 is rejected on the same basis as Claim 1.
Regarding Claim 2,13
Biskup-Rogers-Chen disclosed (re. Claim 2,13) receive, via the PC endpoint, a first action on a workspace being collaboratively shared,(Biskup-Paragraph 37, allowing team members to alter other sections of the development conducted within the developer workspace 106) wherein the virtual workspace includes data that is stored at the serverless filesystem and/or the serverless database for the container; update the data that is stored at the serverless filesystem and/or the serverless database for the container based on the first action; and transmit, via the PC endpoint, the updated data via the virtual workspace to one or more other end user interfaces that are coupled to the PC endpoint.(Biskup-Paragraph 37, version control system 116 may include a distributed, scalable version control system allowing developers to collaborate with team members through file sharing. The version control system, for example, may include intercommunication features, supporting sharing of information between development team members.)
Regarding Claim 3,14
Biskup-Rogers-Chen disclosed (re. Claim 3,14) receive a request to change to a second version of the collaboration application, the request comprising a second identifier of a second container image of the second version; obtain the second container image based on the second identifier; and generate a second container based on the second container image.(Rogers-Paragraph 32, When an application detects that it is requested to change model versions, the application can stop using the current model version and start using the new model version, which in some embodiments might always refer to the latest version.)
Regarding Claim 4,15
Biskup-Rogers-Chen disclosed (re. Claim 4,15) wherein the second version is a next version of the collaboration application. (Rogers-Paragraph 32, When an application detects that it is requested to change model versions, the application can stop using the current model version and start using the new model version, which in some embodiments might always refer to the latest version.)
Regarding Claim 5,16
Biskup-Rogers-Chen disclosed (re. Claim 5,16) wherein the second version is a previous version of the collaboration application.(Rogers-Paragraph 32, an application may again recognize that the only change in its configuration is the model version and repeat the steps for switching model versions described above to switch back to a previous version.)
Regarding Claim 9
Biskup-Rogers-Chen disclosed (re. Claim 9) access, from the containerized application definition, a database requirement for the collaboration application, wherein the serverless database is generated based on the database requirement.(Biskup-Paragraph 107, service dependencies 312, for example, may be established by the developer 104 of FIG. 1A to identify any application programming interfaces, cache structures, queues, and/or databases used by one or more containers 304 in the container cluster 302.)
Regarding Claim 10
Biskup-Rogers-Chen disclosed (re. Claim 10) access, from the containerized application definition, an installation directory for the collaboration application; and allocate the installation directory in the serverless filesystem based on the installation directory.(Biskup-Paragraph 28, base project template provides the scaffolding for the developer's applications, including certain files residing in a certain directory structure, such that application code 118 and automated test algorithms 120 are stored in separate, designated spaces within storage 122.)
Regarding Claim 11
Biskup-Rogers-Chen disclosed (re. Claim 11) access, from the containerized application definition, an indication to configure a connection between the container and the end user interface; and establish the PC endpoint responsive to the indication.(Biskup-Paragraph 131, The provisioning tool 540 may facilitate a connection to a particular computing device of the data center 534.)
Claim(s) 6,17 is/are rejected under 35 U.S.C. 103 as being unpatentable over Biskup (USPGPUB 2020/0117434) further in view of Rogers (USPGPUB 2021/0117859) further in view of Chen (USPGPUB 2023/0205505) further in view of Parla (USPGPUB 2024/0031394)
Regarding Claim 6,17
While Biskup-Rogers-Chen substantially disclosed the claimed invention Biskup-Rogers-Chen does not disclose (re. Claim 6,17) receive a request to terminate the container responsive to a zero day vulnerability; and terminate the container responsive to the request.
Parla Paragraph 106 disclosed wherein the control plan can provide real-time view of any zero-day attacks happening within an organization.
Parla disclosed (re. Claim 6,17) receive a request to terminate the container responsive to a zero day vulnerability; and terminate the container responsive to the request.(Parla-Paragraph 130, if the application was running within a container, a termination command could be issued to via the container management API.)
Biskup,Rogers and Parla are analogous art because they present concepts and practices regarding containerized applications. Before the time of the effective filing date of the claimed invention it would have been obvious to combine Parla into Biskup-Rogers. The motivation for the said combination would have been to leverage hardware telemetry so that the actual executions can be effectively and accurately monitored and to reliably detect even the most sophisticated code reuse attacks using (ROP, COP, JOP, COOP etc.) gadgets.(Parla-Paragraph 46)
Claim(s) 7,18 is/are rejected under 35 U.S.C. 103 as being unpatentable over Biskup (USPGPUB 2020/0117434) further in view of Rogers (USPGPUB 2021/0117859) further in view of Chen (USPGPUB 2023/0205505) further in view of Jirak (US Patent 11537366)
Regarding Claim 7,18
While Biskup-Rogers-Chen substantially disclosed the claimed invention Biskup-Rogers-Chen does not disclose (re. Claim 7,18) wherein the containerized application definition is generated via a typescript language.
Jirak Column 13 Lines 20 disclosed wherein the Typescript code uses the Angular framework to define container implementation 212.
Jirak disclosed (re. Claim 7,18) wherein the containerized application definition is generated via a typescript language.( Jirak-Column 13 Lines 20,the Typescript code uses the Angular framework to define container implementation 212.)
Biskup,Rogers and Jirak are analogous art because they present concepts and practices regarding containerized applications. Before the time of the effective filing date of the claimed invention it would have been obvious to combine Jirak into Biskup-Rogers. The motivation for the said combination would have been to implement an agnostic widget library for facilitating development of UI logic components 124 by developers without knowledge of the one or more widget libraries 128 that define specific widget implementations; (Jirak-Column 2 Lines 35)
Claim(s) 8,19 is/are rejected under 35 U.S.C. 103 as being unpatentable over Biskup (USPGPUB 2020/0117434) further in view of Rogers (USPGPUB 2021/0117859) further in view of Chen (USPGPUB 2023/0205505) further in view of Wang (USPGPUB 20230128064)
Regarding Claim 8,19
While Biskup-Rogers substantially disclosed the claimed invention Biskup-Rogers does not disclose (re. Claim 8,19) access, from the containerized application definition, a security group definition that configures permitted or denied network traffic; and control network traffic to or from the container based on the security group definition.
Wang Paragraph 18 disclosed wherein a Security Group (SG) typically, by default, can deny all ingress traffic and allow all egress data traffic.
Wang disclosed (re. Claim 8,19) access, from the containerized application definition, a security group definition that configures permitted or denied network traffic; and control network traffic to or from the container based on the security group definition.(Wang-Paragraph 18,a Security Group (SG) typically, by default, can deny all ingress traffic and allow all egress data traffic.)
Biskup,Rogers and Wang are analogous art because they present concepts and practices regarding containerized applications. Before the time of the effective filing date of the claimed invention it would have been obvious to combine Wang into Biskup-Rogers. The motivation for the said combination would have been to enable earning, determining, and testing security rules to apply to resources, including VMs, in a cloud network and on network edges.(Wang-Paragraph 20)
Conclusion
Examiner’s Note: In the case of amending the claimed invention, Applicant is respectfully requested to indicate the portion(s) of the specification which dictate(s) the structure relied on for proper interpretation and also to verify and ascertain the metes and bounds of the claimed invention.
THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to GREG C BENGZON whose telephone number is (571)272-3944. The examiner can normally be reached on Monday - Friday 8 AM - 4:30 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, John Follansbee can be reached on (571) 272-3964. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/GREG C BENGZON/ Primary Examiner, Art Unit 2444