Prosecution Insights
Browse Companies Examiners Firms Draft Your Response
Office ActionsSamsung Electronics › 18511928
Last updated: April 19, 2026
Application No. 18/511,928

METHOD FOR SECURING MARKETPLACE IN CLOUD AND APPARATUS THEREOF

Non-Final OA §103
Filed
Nov 16, 2023
Examiner
NGUYEN, TRONG H
Art Unit
2436
Tech Center
2400 — Computer Networks
Assignee
Samsung Electronics
OA Round
3 (Non-Final)
80%
Grant Probability
Favorable
3-4
OA Rounds
3y 3m
To Grant
99%
With Interview

Interview Optional

+56.8% interview lift. This examiner has a relatively high allow rate; a written response may suffice.
Based on 543 resolved cases, 2023–2026

Examiner Intelligence

NGUYEN, TRONG H View full profile →
Grants 80% — above average
80%
Career Allow Rate
432 granted / 543 resolved
+21.6% vs TC avg
Strong +57% interview lift
Without
With
+56.8%
Interview Lift
resolved cases with interview
Typical timeline
3y 3m
Avg Prosecution
12 currently pending
Career history
555
Total Applications
across all art units

Statute-Specific Performance

§101
14.6%
-25.4% vs TC avg
§103
42.5%
+2.5% vs TC avg
§102
17.6%
-22.4% vs TC avg
§112
16.7%
-23.3% vs TC avg
Black line = Tech Center average estimate • Based on career data from 543 resolved cases

Office Action

§103
DETAILED ACTION The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. Claims 1, 3-6, 8-11, 13-16, and 18-20 are pending. The claim objections have been withdrawn in view of the claim amendments. Continued Examination Under 37 CFR 1.114 A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 01/14/26 has been entered. Response to Arguments Applicant's arguments filed on 01/14/26 have been fully considered. In response to Applicant’s argument that Doane fails to disclose or suggest “detecting an authentication certificate issued from a certificate authority and obtained from the VM service provider in a vendor registration process” as recited in amended claim 1 (pages 8-9 of Remarks), Examiner acknowledged Applicant’s perspective but respectfully disagrees for the following reasons. First, a certificate authority is any entity that issues certificate(s) unless the specifics (e.g. type or structure) of the certificate authority are recited in the claim. Second, Doane discloses “an entity (e.g., an organization) can communicate with a virtual computer system service, such as through appropriately configured application programming interface (API) calls to the service, to request creation of a vendor account. The entity may be a vendor or other machine image provider that may utilize a computing resource service provider account to create and provide various virtual machine images that may be used by customers of the computing resource service provider to create new virtual machine instances…Alternatively, the vendor may provide a digital certificate of his/her own which the virtual computer system service may persistently store within a trust store for verification of the vendor-provided virtual machine images…a vendor accesses the marketplace 316 to generate a new vendor account which may be used to generate and upload virtual machine images. In order to generate this new vendor account, the vendor may be required to provide, to the marketplace 316, a set of credentials usable by the marketplace 316 to verify the identity of the vendor…Alternatively, the vendor, if verified, may provide his/her own digital certificate or other cryptographic key to the trust store 310, which the management sub-system 306 or marketplace 316 may access and utilize to verify the authenticity of an uploaded virtual machine image…As noted above, when a vendor submits a request to the virtual computer system service to create a vendor account for uploading virtual machine images to the virtual machine image data store, the vendor may provide additional credential information which may be used by the virtual computer system service to verify the identity of the vendor. If the identity of the vendor is verified by the virtual computer system service…Alternatively, the vendor may provide the virtual computer system service with a digital certificate, which the virtual computer system service may store within a trust store. Thus, when a vendor includes his/her digital certificate with a digitally signed virtual machine image, the virtual computer system service may utilize the digital certificate stored within the trust store to verify the authenticity of the virtual machine image” (¶13, 35, 44). Thus, Doane discloses receiving (detecting) a vendor digital certificate (authentication certificate) issued from an entity (certificate authority) to the vendor and provided from the vendor in a vendor account creation process (vendor registration process). For at least the above reasons, Doane does disclose or suggest “detecting an authentication certificate issued from a certificate authority and obtained from the VM service provider in a vendor registration process” as recited in amended claim 1. In response to Applicant’s argument that Doane fails to disclose or suggest “responsive to determining that both the authentication certificate and the electronic signature are successfully verified, registering the VM image with the marketplace” as recited in amended claim 1 (page 9 of Remarks), Examiner acknowledged Applicant’s perspective but respectfully disagrees for the following reasons. First, the claim only recites verifying the authentication certificate and does not further specify how the verification is being done. Thus, verifying the certificate broadly covers any way of checking, confirming or validating the certificate. Second, Doane discloses “If the uploaded virtual machine image was uploaded with a corresponding digital certificate, the virtual computer system service may determine 710 whether the digital certificate may be trusted” (e.g. ¶57) and “Once the digital certificate included with the uploaded virtual machine image has been deemed, by the virtual computer system service, to be trusted, the virtual computer system service may utilize 712 the public cryptographic key included with the digital certificate to verify the digital signature of the virtual machine image…Once the digital signature of the virtual machine image has been verified by the virtual computer system, the virtual computer system service may add 716 the uploaded virtual machine image to the virtual machine image data store and/or the marketplace” (e.g. fig. 7, ¶58-59). Based on at least the above, Doane discloses verifying the digital certificate by determining whether it may be trusted and once the certificate has been deemed to be trusted and the digital signature has been verified, the virtual machine image is stored (registered) in the virtual machine image data store and/or the marketplace. For at least the above reasons, Doane does disclose or suggest “responsive to determining that both the authentication certificate and the electronic signature are successfully verified, registering the VM image with the marketplace” as recited in claim 1. In response to Applicant’s argument that Doane fails to disclose or suggest “detecting an authentication certificate issued from a certificate authority and obtained from the VM service provider in a vendor registration process” as recited in amended claim 11 (pages 12-13 of Remarks), Examiner acknowledged Applicant’s perspective but respectfully disagrees for the reasons explained above in section 7. In response to Applicant’s argument that Doane fails to disclose or suggest “determining, based on a result of the verifying of the electronic signature, whether to operate a VM instance corresponding to the downloaded VM image” as recited in amended claim 11 (page 13 of Remarks), Examiner acknowledged Applicant’s perspective but this argument is moot in view of the new ground of rejection presented below. Claim Objections Claims 6 and 16 objected to because of the following informalities: “the cloud service provider” in line 3 of claims 6, 16 lacks antecedent basis. Appropriate correction is required. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1, 3-6, and 8-10 are rejected under 35 U.S.C. 103 as being unpatentable over Doane (US 20150254451) in view of Roth (US 9838430). Claims 1 and 3-5, these claims are rejected for similar reasons as in claims 6 and 8-10. Claim 6, Doane discloses A marketplace security apparatus comprising one or more processors and a memory, wherein the one or more processors are configured to: register a virtual machine (VM) service provider with a marketplace of the cloud service provider as a vendor; (e.g. ¶13, 35, 44: an entity (e.g., an organization) can communicate with a virtual computer system service, such as through appropriately configured application programming interface (API) calls to the service, to request creation of a vendor account. The entity may be a vendor or other machine image provider that may utilize a computing resource service provider account to create and provide various virtual machine images that may be used by customers of the computing resource service provider to create new virtual machine instances…a vendor accesses the marketplace 316 to generate a new vendor account which may be used to generate and upload virtual machine images. In order to generate this new vendor account, the vendor may be required to provide, to the marketplace 316, a set of credentials usable by the marketplace 316 to verify the identity of the vendor…As noted above, when a vendor submits a request to the virtual computer system service to create a vendor account for uploading virtual machine images to the virtual machine image data store, the vendor may provide additional credential information which may be used by the virtual computer system service to verify the identity of the vendor.) receive, from the VM service provider, a message that requests registration of a VM image; (e.g. fig. 5, ¶14, 54: a vendor may utilize an interface provided by the virtual computer system service, such as the interface illustrated in FIG. 5, to upload a virtual machine image to a virtual machine image data store. The virtual machine image data store may comprise a plurality of virtual machine images that may be used by customers of the virtual computer system service to generate a new virtual machine instance. Accordingly, the virtual computer system service may receive 702 the uploaded virtual machine image from the vendor. As will be described in greater detail below, the virtual computer system service may perform one or more actions to determine whether the virtual machine image may be added to the virtual machine image data store and/or a marketplace) detect an authentication certificate issued from a certificate authority and obtained from the VM service provider in a vendor registration process; (e.g. ¶13, 35, 44: an entity (e.g., an organization) can communicate with a virtual computer system service, such as through appropriately configured application programming interface (API) calls to the service, to request creation of a vendor account. The entity may be a vendor or other machine image provider that may utilize a computing resource service provider account to create and provide various virtual machine images that may be used by customers of the computing resource service provider to create new virtual machine instances…Alternatively, the vendor may provide a digital certificate of his/her own which the virtual computer system service may persistently store within a trust store for verification of the vendor-provided virtual machine images…a vendor accesses the marketplace 316 to generate a new vendor account which may be used to generate and upload virtual machine images. In order to generate this new vendor account, the vendor may be required to provide, to the marketplace 316, a set of credentials usable by the marketplace 316 to verify the identity of the vendor…Alternatively, the vendor, if verified, may provide his/her own digital certificate or other cryptographic key to the trust store 310, which the management sub-system 306 or marketplace 316 may access and utilize to verify the authenticity of an uploaded virtual machine image…As noted above, when a vendor submits a request to the virtual computer system service to create a vendor account for uploading virtual machine images to the virtual machine image data store, the vendor may provide additional credential information which may be used by the virtual computer system service to verify the identity of the vendor. If the identity of the vendor is verified by the virtual computer system service…Alternatively, the vendor may provide the virtual computer system service with a digital certificate, which the virtual computer system service may store within a trust store. Thus, when a vendor includes his/her digital certificate with a digitally signed virtual machine image, the virtual computer system service may utilize the digital certificate stored within the trust store to verify the authenticity of the virtual machine image. A certificate authority is any entity that issues certificate(s) unless the specifics (e.g. type or structure) of the certificate authority are recited in the claim) verify the detected authentication certificate; (e.g. fig. 7, ¶13, 35, 57: If the uploaded virtual machine image was uploaded with a corresponding digital certificate, the virtual computer system service may determine 710 whether the digital certificate may be trusted. The digital certificate is verified by determining whether it may be trusted.) obtain an electronic signature associated with the VM image from the VM service provider; (e.g. ¶13, 28, 58: Alternatively, the vendor may provide a digital certificate of his/her own which the virtual computer system service may persistently store within a trust store for verification of the vendor-provided virtual machine images. The vendor may create one or more virtual machine images, digitally sign these one or more virtual machine images and include the agreed upon digital certificate…Once the digital certificate included with the uploaded virtual machine image has been deemed, by the virtual computer system service, to be trusted, the virtual computer system service may utilize 712 the public cryptographic key included with the digital certificate to verify the digital signature of the virtual machine image. For instance, when a digitally signed virtual machine image is uploaded to the virtual machine image data store, along with a digital certificate, the virtual computer system service may extract a public cryptographic key from the digital certificate in order to decrypt the digital signature and obtain a hash value.) verify the obtained electronic signature; and (e.g. ¶28, 58: the virtual computer system service may utilize 712 the public cryptographic key included with the digital certificate to verify the digital signature of the virtual machine image. For instance, when a digitally signed virtual machine image is uploaded to the virtual machine image data store, along with a digital certificate, the virtual computer system service may extract a public cryptographic key from the digital certificate in order to decrypt the digital signature and obtain a hash value. Accordingly, this hash value may be compared to a digest of the virtual machine image to determine 714 if the digital signature is valid. If the values match, then the virtual machine image may be verified as having originated from a trusted vendor of virtual machine images.) responsive to determining that both the authentication certificate and the electronic signature are successfully verified, register the VM image with the marketplace; (e.g. fig. 7, ¶58-59: Once the digital certificate included with the uploaded virtual machine image has been deemed, by the virtual computer system service, to be trusted, the virtual computer system service may utilize 712 the public cryptographic key included with the digital certificate to verify the digital signature of the virtual machine image…Once the digital signature of the virtual machine image has been verified by the virtual computer system, the virtual computer system service may add 716 the uploaded virtual machine image to the virtual machine image data store and/or the marketplace.) Although Doane discloses responsive to determining that both the authentication certificate and the electronic signature are successfully verified (i.e. when the request to add the VM image is granted), register the VM image with the marketplace (see above), Doane does not appear to explicitly disclose when the request to add the VM image is granted, transmit a message for granting a registration request of the VM image to the VM service provider. Doane discloses an interface illustrated in Fig. 5 to upload a virtual machine image to a virtual machine image data store and/or the marketplace (e.g. fig. 5, ¶54, 59) and “the virtual computer system service may be configured to refuse to add any virtual machine images that have not been digitally signed to the virtual machine image data store and/or the marketplace, since there may be no way to know if these images comprise malicious software. If the virtual computer system service is configured to reject a virtual machine image that has not been digitally signed, then the virtual computer system service may display 708 an error message through the interface. This error message may comprise information detailing the one or more reasons for the rejection of the uploaded virtual machine image, which the vendor may utilize to either attempt to obtain a vendor account and/or attach a valid digital certificate to the virtual machine image or to terminate communication with the virtual computer system service” (¶56). Thus, Doane discloses that when the request to add the VM image is not granted, the virtual computer system service is configured to transmit through the interface a feedback message for rejecting the request to add the VM image to the marketplace to the vendor. Thus, Doane’s system has the capability of transmitting a feedback message to the vendor regarding the request to add the VM image. Roth discloses transmit a message for granting a registration request of the VM image to the VM service provider (e.g. fig. 1, col. 4, ll. 60-67, col. 7, ll. 28-38: A third party software provider, or some other authorized user, using a software provider computing device 150, may submit one or more software products 152 (e.g., virtual machine images that include software products) to the electronic marketplace 160. The electronic marketplace 160 may then make the submitted software product, as well as other software products 152 submitted to the electronic marketplace 160, available to customers…If a customer does purchase a software product 152, then the marketplace server 164 may facilitate the configuration and acquisition of the software product 152…the billing server 168 may be configured to charge for access to the resources 130 that are accessed by the software product 152 while it is executing…the billing server 168 might bill a software provider or a customer for use of a resource 130. In some cases, the billing server 168 may generate an accounting record that may be used to generate an invoice that is provided to the customer accessing the resource 130, to the software provider. The invoice (billing the software provider for resources accessed by the software product (virtual machine image) submitted by the software provider in a request to be included in the marketplace) transmitted to the software provider indirectly serves as a message to the software provider that the request to include the software product in the marketplace was allowed). It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Roth into the invention of Doane which already has the capability of transmitting a feedback message to the vendor regarding the request to add the VM image to enable Doane’s system to provide a positive acknowledgement to the vendor that his or her request to add the VM image was accepted thereby assuring the vendor that their request was successful and they can proceed with confidence. Claim 8, Doane-Roth discloses The apparatus of claim 6, wherein the request message comprises at least one of the VM image, the authentication certificate, and the electronic signature. (Doane, e.g. ¶54-55) Claim 9, Doane-Roth discloses The apparatus of claim 6, wherein the one or more processors are configured to identify whether the VM service provider that provides the VM image is an authenticated vendor by verifying the authentication certificate. (Doane, e.g. ¶57) Claim 10, Doane-Roth discloses The apparatus of claim 6, wherein the one or more processors are configured to identify, by verifying the electronic signature, whether the VM image provided from the VM service provider is forged/falsified. (Doane, e.g. ¶58) Claims 11, 13-14, 16 and 18-19 are rejected under 35 U.S.C. 103 as being unpatentable over Doane (US 20150254451) in view of Li (US 20200409740) or Kundu (US 20140096135). Claims 11, 13-14, these claims are rejected for similar reasons as in claims 16, 18-19. Claim 16, Doane discloses A marketplace security apparatus including one or more processors and a memory, wherein the one or more processors are configured to: register a virtual machine (VM) service provider with a marketplace of the cloud service provider as a vendor; (e.g. ¶13, 35, 44: an entity (e.g., an organization) can communicate with a virtual computer system service, such as through appropriately configured application programming interface (API) calls to the service, to request creation of a vendor account. The entity may be a vendor or other machine image provider that may utilize a computing resource service provider account to create and provide various virtual machine images that may be used by customers of the computing resource service provider to create new virtual machine instances…a vendor accesses the marketplace 316 to generate a new vendor account which may be used to generate and upload virtual machine images. In order to generate this new vendor account, the vendor may be required to provide, to the marketplace 316, a set of credentials usable by the marketplace 316 to verify the identity of the vendor…As noted above, when a vendor submits a request to the virtual computer system service to create a vendor account for uploading virtual machine images to the virtual machine image data store, the vendor may provide additional credential information which may be used by the virtual computer system service to verify the identity of the vendor.) register one or more VM images provided by the VM service provider with the marketplace; (e.g. ¶14, 28: the vendor may upload the one or more virtual machine images to the virtual computer system service. The one or more virtual machine images may be uploaded to the virtual computer system service along with a digital certificate, which the virtual computer system service may utilize to determine whether the one or more virtual machine images may be added to the marketplace…When a vendor attempts to upload a virtual machine image to the virtual machine image data store, the virtual computer system service 208 may determine whether the virtual machine image has been digitally signed and, if so, decrypt the signature to determine whether a hash of the virtual machine image matches the decrypted signature. If there is a match, then the virtual computer system service 208 may authenticate the virtual machine image and make it available to its customers through a marketplace.) in response to receiving a request for downloading a VM image selected by a cloud service customer, identify the VM service provider that provides the selected VM image; (e.g. ¶15, 28: the virtual computer system service may provide customers with the option to individually verify the authenticity of a vendor digital certificate…if the customer selects a virtual machine image from a plurality of virtual machine images in a computing resource service provider marketplace…The customer may further utilize these one or more applications to obtain the vendor's public cryptographic key from the digital certificate to decrypt a signature included in the virtual machine image. Since each of the digital certificate of the vendor and the signature of the vendor is information that identifies the vendor, the vendor is identified by detecting or recognizing the digital certificate of the vendor and/or the signature of the vendor) detect an authentication certificate issued from a certificate authority and obtained from the identified VM service provider in a vendor registration process; (e.g. ¶13, 35, 44: an entity (e.g., an organization) can communicate with a virtual computer system service, such as through appropriately configured application programming interface (API) calls to the service, to request creation of a vendor account. The entity may be a vendor or other machine image provider that may utilize a computing resource service provider account to create and provide various virtual machine images that may be used by customers of the computing resource service provider to create new virtual machine instances…Alternatively, the vendor may provide a digital certificate of his/her own which the virtual computer system service may persistently store within a trust store for verification of the vendor-provided virtual machine images…a vendor accesses the marketplace 316 to generate a new vendor account which may be used to generate and upload virtual machine images. In order to generate this new vendor account, the vendor may be required to provide, to the marketplace 316, a set of credentials usable by the marketplace 316 to verify the identity of the vendor…Alternatively, the vendor, if verified, may provide his/her own digital certificate or other cryptographic key to the trust store 310, which the management sub-system 306 or marketplace 316 may access and utilize to verify the authenticity of an uploaded virtual machine image…As noted above, when a vendor submits a request to the virtual computer system service to create a vendor account for uploading virtual machine images to the virtual machine image data store, the vendor may provide additional credential information which may be used by the virtual computer system service to verify the identity of the vendor. If the identity of the vendor is verified by the virtual computer system service…Alternatively, the vendor may provide the virtual computer system service with a digital certificate, which the virtual computer system service may store within a trust store. Thus, when a vendor includes his/her digital certificate with a digitally signed virtual machine image, the virtual computer system service may utilize the digital certificate stored within the trust store to verify the authenticity of the virtual machine image. A certificate authority is any entity that issues certificate(s) unless the specifics (e.g. type or structure) of the certificate authority are recited in the claim) verify the detected authentication certificate; (e.g. ¶15: the virtual computer system service may provide customers with the option to individually verify the authenticity of a vendor digital certificate) responsive to determining that the authentication certificate is successfully verified, download the selected VM image from the marketplace to a cloud space of the cloud service customer; (e.g. ¶15, 42: the virtual computer system service may provide customers with the option to individually verify the authenticity of a vendor digital certificate in order to ensure that the virtual machine images are authentic. For instance, if the customer selects a virtual machine image from a plurality of virtual machine images in a computing resource service provider marketplace, the customer may be granted access to one or more modules of executable code or applications, provided by the virtual computer system service, to verify that the virtual machine image is authentic. In an embodiment, the customer may use these one or more applications to hash the virtual machine image itself and obtain a first hash value (often referred to as a "digest"). The customer may further utilize these one or more applications to obtain the vendor's public cryptographic key from the digital certificate to decrypt a signature included in the virtual machine image and obtain a second hash value. If these two hash values match, then the customer may determine that the digital signature is valid and he/she can trust the virtual machine image for use in creating a virtual machine instance…Once the customer has determined which virtual machine image he/she wants to utilize to create the new virtual machine instance, the customer may, through the interface 402, utilize a select button 406 next to the listed virtual machine image under the trusted images tab 404 to select the virtual machine image. The virtual computer system service, upon detecting that the customer has utilized the select button 406 for a particular virtual machine image, may obtain the virtual machine image from a virtual machine image data store and make the virtual machine image available such that the customer may access the virtual computer system service, select the virtual machine image from a list of acquired virtual machine images and instantiate the virtual machine image onto a physical host to enable the customer to utilize the newly created virtual machine instance) obtain an electronic signature associated with the downloaded VM image in response to an operation request of the cloud service customer; (e.g. ¶15, 38: if the virtual machine image is provided to the customer along with a corresponding digital signature, the customer may utilize these one or more applications to apply a hash function to the virtual machine image to obtain a hash value or digest. Subsequently, the customer may utilize a cryptographic key to decrypt the digital signature) verify the obtained electronic signature; (e.g. ¶15, 38: the customer may utilize these one or more applications to apply a hash function to the virtual machine image to obtain a hash value or digest. Subsequently, the customer may utilize a cryptographic key to decrypt the digital signature and compare the signature hash value to the obtained hash value.) Although Doane discloses if these two hash values match, then the customer may determine that the digital signature is valid and he/she can trust the virtual machine image for use in creating a virtual machine instance (e.g. ¶15), Doane does not appear to explicitly disclose but Li or Kundu discloses determine, based on a result of the verifying of the obtained electronic signature, whether to operate a VM instance corresponding to the downloaded VM image. (Li, e.g. ¶25: The corevisor then verifies the cryptographic signatures of VM images using public key cryptography at 305. If successful, the hostvisor can then calls VM ENTER at 307 to cause the corevisor to launch the VM image at 308, thereby causing the VM to execute at 309 or Kundu, e.g. ¶92, 164, 176: verification of authenticity: Authenticity is verified by validating the signature of the VM image…Process 1000 then determines whether the authenticity of the virtual machine image is verified (step 1025). Responsive to determining that the authenticity of the virtual machine image is verified ("yes" at step 1025), the hypervisor instantiates the virtual machine image (step 1030)). It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Li or Kundu into the invention of Doane for the purpose of guaranteeing the confidentiality and integrity of VM data during VM boot and initialization (Li, ¶25) or enabling the system to select the appropriate course of action based on whether the authenticity of the virtual machine image is verified or not (Kundu, ¶164-166). Claim 18, Doane-Li/Kundu discloses The apparatus of claim 16, wherein the one or more processors are configured to obtain the electronic signature from a storage of a cloud service provider or from a VM service provider that provides the VM image. (Doane, e.g. ¶15, 38) Claim 19, Doane-Li/Kundu discloses The apparatus of claim 16, wherein the one or more processors are configured to identify, by verifying the electronic signature, whether the VM image downloaded from the marketplace is forged/falsified. (Doane, e.g. ¶15, 38) Claims 15 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Doane (US 20150254451) in view of Li (US 20200409740) or Kundu (US 20140096135) and further in view of Spiers (US 20120266252). Claim 15, this claim is rejected for similar reason as in claim 20. Claim 20, Doane-Li/Kundu discloses The apparatus of claim 16 (see above) and does not appear to explicitly disclose but Spiers discloses wherein the one or more processors are configured to further perform allocating of a trusted platform module (TPM) so as to verify of whether the VM instance operates in a case of operating the VM instance. (e.g. ¶37, 83, 111-112, 123) It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Spiers into the invention of Doane-Li/Kundu for the purpose of providing hardware based root of trust in a cloud environment (Spiers, ¶5). Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure: Schweitzer (US 9471354) discloses customers of the computing resource service provider may utilize the marketplace 212 to select a virtual machine image for instantiation. In an embodiment, when a customer selects a virtual machine image, the marketplace 212 accesses the virtual machine image data store 208 to obtain the metadata for the selected virtual machine image. Using this metadata, the marketplace 212 may generate a graphical representation of the provenance for the selected virtual machine image. This may enable the customer to immediately identify any antecedents and descendants of the selected virtual machine image. Additionally, this may enable the customer to select any of these antecedents or descendants if the customer wants to utilize an alternative version of the virtual machine image. Any inquiry concerning this communication or earlier communications from the examiner should be directed to TRONG NGUYEN whose telephone number is (571)270-7312. The examiner can normally be reached on Monday through Thursday 9:00 AM - 5:00 PM EST. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, GELAGAY SHEWAYE can be reached on (571)272-4219. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /TRONG H NGUYEN/Primary Examiner, Art Unit 2436
Read full office action

Prosecution Timeline

Nov 16, 2023
Application Filed
May 20, 2025
Non-Final Rejection — §103
Aug 18, 2025
Response Filed
Nov 27, 2025
Final Rejection — §103
Jan 14, 2026
Request for Continued Examination
Jan 24, 2026
Response after Non-Final Action
Feb 26, 2026
Non-Final Rejection — §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

17/055,434
Patent 12585758
ELECTRONIC SYSTEM AND METHOD FOR PREVENTING MALICIOUS ACTIONS ON A PROCESSING SYSTEM OF THE ELECTRONIC SYSTEM
2y 5m to grant Granted Mar 24, 2026
18/590,661
Patent 12579282
IDENTIFYING VULNERABILITIES IN BINARY FILES USING A CODE SIGNATURE
2y 5m to grant Granted Mar 17, 2026
17/920,879
Patent 12567984
PASSWORD RECOVERY METHOD AND SYSTEM, AND CLOUD SERVER AND ELECTRONIC DEVICE
2y 5m to grant Granted Mar 03, 2026
18/547,171
Patent 12566895
METHOD AND APPARATUS FOR DISPLAYING CONTENT, AND COMPUTER DEVICE AND NON-TRANSITORY COMPUTER-READABLE STORAGE MEDIUM
2y 5m to grant Granted Mar 03, 2026
18/116,152
Patent 12563062
DETECTION SYSTEM, DETECTION METHOD, AND RECORDING MEDIUM
2y 5m to grant Granted Feb 24, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

AI Strategy Recommendation

Get an AI-powered prosecution strategy using examiner precedents, rejection analysis, and claim mapping.
Powered by AI — typically takes 5-10 seconds

Prosecution Projections

3-4
Expected OA Rounds
80%
Grant Probability
99%
With Interview (+56.8%)
3y 3m
Median Time to Grant
High
PTA Risk
Based on 543 resolved cases by this examiner. Grant probability derived from career allow rate.

Ready to respond to this office action?

IP Author drafts your complete OA response — amendments, arguments, and claim strategy — in minutes, not days.

Start Drafting Your Response →

Data sourced from USPTO Patent File Wrapper (daily) and Office Action Archive (weekly). Analysis generated by IP Author.

Data: USPTO Patent File Wrapper (daily) • Office Action Archive (weekly) • 89M+ prosecution events

© 2026 IP Author — Browse Office ActionsExaminersCompaniesFirms

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month