Prosecution Insights
Last updated: April 18, 2026
Application No. 18/537,582

EDGE-BASED SECURE CONTAINERIZATION

Non-Final OA §103§112
Filed
Dec 12, 2023
Examiner
GUTMAN, JENNIFER MARIE
Art Unit
2194
Tech Center
2100 — Computer Architecture & Software
Assignee
DELL PRODUCTS, L.P.
OA Round
1 (Non-Final)
59%
Grant Probability
Moderate
1-2
OA Rounds
2y 11m
To Grant
99%
With Interview

Examiner Intelligence

Grants 59% of resolved cases
59%
Career Allow Rate
17 granted / 29 resolved
+3.6% vs TC avg
Strong +50% interview lift
Without
With
+50.5%
Interview Lift
resolved cases with interview
Typical timeline
2y 11m
Avg Prosecution
23 currently pending
Career history
52
Total Applications
across all art units

Statute-Specific Performance

§101
20.3%
-19.7% vs TC avg
§103
46.9%
+6.9% vs TC avg
§102
9.3%
-30.7% vs TC avg
§112
20.8%
-19.2% vs TC avg
Black line = Tech Center average estimate • Based on career data from 29 resolved cases

Office Action

§103 §112
Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA. Examiner Notes Examiner cites particular columns and line numbers in the references as applied to the claims below for convenience of the applicant. Although the specified citations are representative of the teachings in the art and are applied to the specific limitations within the individual claim, other passages and figures may apply as well. It is respectfully requested that, in preparing responses, the applicant fully consider the references cited in their entirety as potentially teaching all or part of the claimed invention, as well as the context of the passage as taught by the prior art or disclosed by the examiner. Specification The disclosure is objected to because of the following informalities: “[Paragraphs of the specification] should be individually and consecutively numbered using Arabic numerals, so as to unambiguously identify each paragraph. The number should consist of at least four numerals enclosed in square brackets including leading zeros.” (see 37 C.F.R. 1.52(b)(6) and MPEP 608.01). Page 6, lines 10-11, should be corrected to recite “ information handling system may be configured to: configured to ” . Appropriate correction is required. Claim Rejections - 35 USC § 112 The following is a quotation of 35 U.S.C. 112(b): (b ) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention. The following is a quotation of 35 U.S.C. 112 (pre-AIA), second paragraph: The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the appl icant regards as his invention. Claim s 3-6, 9-12, and 15-18 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention. Claim 3 recites the limitation " the secure containerization system " in line 2 . There is insufficient antecedent basis for this limitation in the claim. Claim 4 recites the limitation " the secure containerization system FILLIN "Enter appropriate information" \* MERGEFORMAT " in line 2. There is insufficient antecedent basis for this limitation in the claim. Claims 5-6 depend from claim 4 and therefore inherit the same deficiencies. Claim 9 recites the limitation " the secure containerization system FILLIN "Enter appropriate information" \* MERGEFORMAT " in lines 1-2. There is insufficient antecedent basis for this limitation in the claim. Claim 10 recites the limitation " the secure containerization system FILLIN "Enter appropriate information" \* MERGEFORMAT " in lines 1-2. There is insufficient antecedent basis for this limitation in the claim. Claims 11-12 depend from claim 10 and therefore inherit the same deficiencies. Claim 15 recites the limitation " the secure containerization system FILLIN "Enter appropriate information" \* MERGEFORMAT " in lines 1-2. There is insufficient antecedent basis for this limitation in the claim. Claim 16 recites the limitation " the secure containerization system FILLIN "Enter appropriate information" \* MERGEFORMAT " in lines 1-2. There is insufficient antecedent basis for this limitation in the claim. Claims 17-18 depend from claim 16 and therefore inherit the same deficiencies. To overcome the above rejections, the Examiner recommends amending claims 3, 4, 9, 10, 15, and 16 to recite “ the secure containerization system platform ”. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary. Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention. Claim s 1-2, 4-8, 10-14, and 16-18 are rejected under 35 U.S.C. 103 as being unpatentable over SIENICKI et al. (U.S. Pub. No. 2022/0255966), hereinafter SIENICKI, in view of HALL et al. (U.S. Pub. No. 2021/0117175), hereinafter HALL, and Amaro, JR. et al. (U.S. Pub. No. 2022/0404804), hereinafter Amaro . Regarding claim 1, SIENICKI teaches An information handling system (FIG. 12; [0180] – “ FIG. 12 illustrates an example computing system 1200 suitable for implementing a secure container platform, executing secure containers, and/or implementing the various embodiments described above .”) comprising: at least one processor (SOC 1202, processor 1208, 1210, 1212, and 1214; [0180] – “the computing system 1200 includes an SOC 1202, a clock 1204, and a voltage regulator 1206. The SOC 1202 may include a digital signal processor (DSP) 1208, a modem processor 1210, a graphics processor 1212, an application processor 1214 connected to one or more of the processors […] SOC 1202 may operate as central processing unit (CPU) that carries out the instructions of software application programs by performing the arithmetic, logical, control and input/output (I/O) operations specified by the instructions .”; [0182] – “ Each processor 1208, 1210, 1212, 1214 ”) ; and a memory (memory 1216; [0180] – “ the computing system 1200 includes an SOC 1202, a clock 1204, and a voltage regulator 1206. The SOC 1202 may include a […] memory 1216 ”; [0183] – “ The processors may be interconnected to one another and to the memory 1218 ”) ; wherein the information handling system is configured to execute a secure containerization platform ([0180] – “ FIG. 12 illustrates an example computing system 1200 suitable for implementing a secure container platform, executing secure containers, and/or implementing the various embodiments described above .”; [0065] – “ ECG 110 includes […] a system image 220. The system image 220 may include a secure container platform 222 ”; [0096] – “ Some embodiments may include an ECG 110 configured to run a service along with the modified container platform (secure container platform 222) .”) configured to: execute a plurality of containerized applications ([0030] – “ the various embodiments include systems and components (e.g., ECGs, etc.) configured to create and use licenses and secure containers to run software applications at the edge of the network and/or to implement a secure container framework for running all or portions of a software application at the edge of the network .”; [0053] – “ the ECG 110 may be classified as an edge computing device with a Lightweight Virtualization Framework (LVF). Using the LVF, the ECG 110 may implement and enable many applications using a compute distribution method. The use of a LVF may also enable the ECG 110 to implement applications as local containers .”; [0072] – “ the platform and/or application containers of an ECG 110 may be governed by the secure container platform 222 ”; [0180] – “ executing secure containers ”) ; provide an isolation mechanism to prevent data from being transferred among the containerized applications ([0034] – “ The term “container” may used herein to refer to a software component that supports virtualization technology, enables the abstraction (or virtualization) of computing resources, implements a sandbox, and/or separates software applications from their underlying infrastructure (thus making them infrastructure agnostic). For example, a container may be one of a plurality of isolated user space instances operating on the kernel, each of which operates under the illusion of having full or exclusive access to the processors, peripherals, memory and I/O of the computing system. Application programs running inside of a container may only see the container's contents and devices assigned to that container. In addition to these isolation mechanisms, a container or kernel may include resource-management features that limit the impact of one container's activities on other containers .”; [0067] – “ the secure container platform 222 solution may be configured to implement security restrictions on containers. These security restrictions may […] ensure that containers do not interfere with the host or other containers (both running processes and data). ”; [0094] – “ Some embodiments may run software applications in a sandbox called a container, which constrains subset of the system resources the software applications can access. The container may be modified into a secure container suitable for licensing or using licenses to allow, restrict, or control access or use of all or portions of the available hardware and services. Using the secure container, software applications can only access a specific piece of hardware or service if they have a license to access it .”) ; provide security services for the containerized applications, the security services including […] authentication […] services ([0067] – “ the secure container platform 222 solution may be configured to implement security restrictions on containers . These security restrictions may ensure that the source of a container may be authenticated ” ; [0172] – “ the secure container platform/environment may generate, include, issue or use specific self-sign certificates for authentication of containers ”) ; […] wherein the information handling system is an edge node ([0028] – “ FIGS. 12 is a component block diagram of a computing system that could be included in an edge device (e.g., ECG, etc.) and/or used to implement various embodiments. ”) . SIENICKI fails to expressly teach the security services including encryption, […] and monitoring services ; provide a communication channel between the containerized applications and at least one other information handling system; provide a management and monitoring interface to the containerized applications that is accessible from the at least one other information handling system; and provide an integration component configured to integrate the secure containerization platform with infrastructure of a manufacturer of the information handling system; and the edge node is an edge node a hyper-converged infrastructure (HCI) system. However, HALL teaches provide an integration component configured to integrate the secure containerization platform with infrastructure of a manufacturer of the information handling system ([0018] – “ Each on-premise hyper-converged system is a complete network infrastructure with the necessary software components already installed and configured to support and operate one or more software-defined data centers (SDDCs) at any on-premise sites. Thus, each on-premise hyper-converged system includes hardware, such as physical servers and network switches, which may be installed in one or more server racks to support the desired number of SDDCs with at least all the necessary virtualization software components already installed to support virtual computing instances, such as virtual machines, to process workloads .”; [0034] – “ Each host 210 may be configured to provide a virtualization layer that abstracts processor, memory, storage and networking resources of the hardware platform 212 into the virtual computing instances, e.g., virtual machines 208, that run concurrently on the same host. The virtual machines run on top of a software interface layer, which is referred to herein as a hypervisor 224, that enables sharing of the hardware resources of the host by the virtual machines. One example of the hypervisor 224 that may be used in an embodiment described herein is a VMware ESXi ™ hypervisor provided as part of the VMware vSphere® solution made commercially available from VMware, Inc. The hypervisor 224 may run on top of the operating system of the host or directly on hardware components of the host. For other types of virtual computing instances, the host may include other virtualization software platforms to support those virtual computing instances, such as Docker virtualization platform to support "containers" .”; [0040] – “ the system integrator 128 procures the needed hardware components for the new on-premise hyper-converged system […] The hardware components may be acquired from one or more suppliers and/or manufactured by the system integrator 128 .”. The software interface layer, e.g., a hypervisor or another virtualization platform, “integrates” the VMs, or containers, of the platform, e.g. the containerization platform, with the hardware (“infrastructure of a manufacturer of the information handling system”), e.g. by abstracting the hardware into virtual computing instances. [0045] – “ the SDDC-related software components that are installed and configured in an on-premise hyper-converged system ”; [0050] – “ Next, at step 430, the bring-up appliance 114 sets up ESXi hosts in the assembled system.” Further, installing the virtualization software platform, e.g., ESXi hypervisor or some other platform disclosed in [0034], on the hardware is “integrating” the platform with the hardware.) ; wherein the information handling system is an edge node of a hyper-converged infrastructure (HCI) system ([0001]-[0002] – “ Current hybrid cloud technologies allow software-defined data centers (SDDCs) to be deployed in a public cloud, such as the VMware Cloud on AWS solution, which allows entities, such as enterprises, to modernize, protect and scale their applications leveraging the public cloud. However, some entities cannot move their SDDCs to the public cloud, either because the data cannot leave their premises, or the compute power needs to be close to the applications at their edge locations . […] manage their SDDCs, especially those deployed at their edge locations .”; [0029] – “ each on-premise hyper-converged system includes a physical edge appliance ”; [0066] – “ system integrator is requested to procure hardware components of the on-premise hyper-converged systems, including physical gateway appliances, to assemble the hardware components to produce assembled systems […] using the physical gateway appliances to initiate a bring-up process for each of the assembled systems .”) . SIENICKI and HALL are considered to be analogous art to the claimed invention because they reasonably pertinent to the problem faced by the inventor of providing a containerization platform at an edge node. It would have been obvious to one of ordinary skill in the art to have modified the teaching of SIENICKI to incorporate the teachings of HALL. The teachings of HALL allow for an on-premise hyper-converged system, which provides a software-defined data center with the complete infrastructure needed to process workloads using VMs or containers (HALL: [0018] and [0034]), to be implemented at the edge location for an entity to ensure their data does not leave their premises (HALL: [0001]-[0002]), and provide easier management of the infrastructure used to implement the software-defined data center at the edge locations, such that the entity does not need to deal with hardware/software compatibility issues, maintenance, etc. (HALL: [0020]-[0025]). The combination of SIENICKI in view of HALL fails to expressly teach the security services including encryption, […] and monitoring services ; provide a communication channel between the containerized applications and at least one other information handling system; provide a management and monitoring interface to the containerized applications that is accessible from the at least one other information handling system; However, Amaro teaches a containerization platform configured to provide security services for the containerized applications ([0090] – “ The SDCS Hyper Converged Infrastructure (HCI) operating system 210 executes on the computing platform 208, and may be built based on any suitable general purpose HCI operating system (OS) such as Microsoft Azure Stack, VMWare HCI, Nutanix AOS, Kubernetes Orchestration, including Linux Containers (LXC/LXD), Docker Containers, Kata Containers, etc. […] in the SDCS 200 these SD HCI OS support services are dynamically responsive to the logical or abstracted process control system of the SDCS 200, e.g., to the software components of the application layer 212 of the SDCS 200.”; [0095] – “ Within the architecture of the SDCS 200, the application layer software components 235-248 may execute in containers ”), the security services including encryption, authentication, and monitoring services ([0021] – “ security services with the SDCS […] authentication services, encryption services ”; [0103] – “ the other SD HCI OS services 225 may include a service life cycle management service, a discovery service, a security service, an encryptor service, a certificate authority subsystem service, a key management service, an authentication service, a time synchronization service, a service location service, and/or a console support service (all not shown in FIG. 2), to name a few. ”; [0132] – “ the performance-related services 252-260 of the SD HCI OS 210 may monitor performance parameters, resource usage, and/or criteria during run-time, detect any associated conditions which occur and/or which are predicted to occur, and provide and/or implement any changes in assignments of SD application layer software components (e.g., containers) 212 to hardware and/or software resources of the computing platform 20 8.”) ; provide a communication channel between the containerized applications and at least one other information handling system ([0013] – “ the software defined networking layer communicatively couples and manages the networking or delivery of data between software defined application layer components and their respective endpoints, which may be other software defined application layer components, devices disposed in the process plant field environment, user interface devices, external systems, etc .”; [0076] – “ user interfaces 20a-20e which are communicatively connected to the SDCS 100 […] laptops 20c, mobile devices 20d, and/or process plant-related applications executing in laptops 20c, mobile devices 20d, and/or vehicle systems 20e may be communicatively connected to SDCS 10 ”; [0105] – “ any of the containerized SD control services 235 may communicatively connect, e.g., via the SD networking layer 210, with respective one or more devices disposed in the field environment 12 of the industrial process plant (e.g., process control field devices 60, 62, 70, 80, 90; user interface devices and/or other field environment devices) and/or with respective one or more user interfaces/user interface devices 20a-20e to transfer I/O data and/or other types of data there between when required to do so by the business logic of the containerized SD control service 235 and/or by the recipient device (or application or service executing on the recipient device) .”) ; provide a management and monitoring interface to the containerized applications that is accessible from the at least one other information handling system ([0382] – “ a visualization service, which may be one of the services 240 of FIG. 2, may be provided to generate one or more system configuration and/or runtime visualizations for a user (via a user interface) to assist the user in understanding the currently configured and operational relationships between the various logical and physical elements of the control system as well as to view one or more performance indicators for the logical and physical elements. […] this configuration interface may enable a user to change configuration details (such as pinning and nesting of logical and/or physical elements) on the fly or during run-time. ”; [0383] – “ The visualization service 3202 may subscribe to information from the orchestrator 222 for active visualizations, and/or may send one or more queries to the orchestrator 222 (and the configuration database 3203) when generating a visualization for a user via a user interface 3204. […] the user interface device 3204 (which may be any type of user interface, such as a laptop, a wireless device, a phone application, a workstation, etc.) […] logical elements (e.g., containers, such as control containers) ”; [0389] – “ the visualization service 3202 may create the hierarchy 3210 […] the hierarchy 3210 can be used to indicate dynamically assignable containers and may even be used or manipulated by the user to perform reassign of dynamically assignable containers during runtime. In this case, the visualization service 3202, upon receiving an instruction to reassign a container to another logical and/or physical element, will instruct the orchestrator 222 of the reassignment and the orchestrator 222 will perform the reassign of the container ”; [0393] – “ visualization or display screen 3500 that can be provided by or created by the visualization service 3202 […] the diagram 3500 illustrates various different performance indicators 3520 (indicating performance of the elements of the control system as currently running) for each of the logical elements or containers 3502, 3504, and 3506, including, in this example a message per second indicator, a storage utilization indicator, a network bandwidth indicator, and an error rate indicator ”; [0132] – performance parameters, e.g. of the containers, are monitored, thus visualization 3500 may be considered a monitoring interface) . Amaro is considered to be analogous art to the claimed invention because it is reasonably pertinent to the problem faced by the inventor of ensuring the security of the containers. It would have been obvious to one of ordinary skill in the art to have modified the teachings of SIENICKI in view of HALL to incorporate the teachings of Amaro to incorporate the security services and the monitoring and management interface provided to at least one other information handling system as taught by Amaro. Incorporating the security services taught by Amaro, such as the authentication and encryption services would allow the secure containerization platform to control access to and data flow from the containers, and incorporating the monitoring service would allow for adjustment of the allocation of resources to containers to maintain a target level of performance and fidelity of operations (Amaro: Abstract, [0132], and [0260]). Incorporating the monitoring and management interface accessible from a communicatively connected information handling system would allow a user to easily view the current operational status of the containers of the system, diagnose and correct problems, and dynamically reassign containers (Amaro: [0380]-[0381] and [0386]). Regarding claim 2, the combination of SIENICKI in view of HALL and Amaro teaches the information handling system of claim 1. SIENICKI further teaches wherein the containerized applications are configured to execute within secure containers that encapsulate the containerized applications and their dependencies ([0050] – “ the containers may be isolated from each other because they can have their own software, libraries and configuration files to run the application itself .”; [0143] – “ A container may be designed to be isolated from other containers, such as by running the application entirely with itself. […] the container may be run on a host of environments without the worry of software dependencies. Everything needed by the application may be included in or accessible to the container .”; [0080] – “ a secure container 402 may include one or more application images 404 and one or more security images 406 .”; [0102] – “ the secure container platform 803 may create a container from the image .”; [0162] – “ At a high level there are three key steps to creating a secure container image: (1) secure the code and its dependencies ”) . Regarding claim 4, the combination of SIENICKI in view of HALL and Amaro teaches the information handling system of claim 1. SIENICKI further teaches wherein the secure containerization system is configured to provide a deployment component operable to create containers for the containerized applications ([0068] – “ The secure container platform 222 may deploy and manage containers at the edge ”; [0102] – “ the secure container platform 803 may create a container from the image .”; [0166] – “ the secure container platform may be configured to use labels (instead of sysadmin) to configure devices, deploy containers, manage containers, or configure services .”; [0175] – “ The secure container platform may permit containers to be deployed via bootstrap .”; [0177] – “ the secure container platform may include software for container creation, container start, and/or container exit .”). Regarding claim 5, the combination of SIENICKI in view of HALL and Amaro teaches the information handling system of claim 4. SIENICKI further teaches wherein the containers are created in accordance with a Docker standard ([0050] – “ One or more of the software components in the ECGs 110 may be Linux based and/or split into discrete user spaces, or containers, through the use of a secure container environment (e.g., Docker, etc.). A container may be an individual instance of an application. […] because containers are created from images, the image may contain specific content detailing exactly how the container, application, is supposed to function and behave .”; [0071] – “ The secure container platform 222 may be implemented and used in any or all container environments that need enhanced security when deploying services dynamically .”; [0144] – “ Container environments (e.g., docker, kubernetes , k8s, k3s, etc.) may perform more functions than just enabling and running containers. A container environment or platform may allow for the creation and usage of images, networks, plug ins, and a host of other items. The container environment may allow wireless operators, enterprises and utilities to easily create applications, and ship them in containers that may be deployed anywhere .”) . Regarding claim 6, the combination of SIENICKI in view of HALL and Amaro teaches the information handling system of claim 4. SIENICKI further teaches wherein the containers are created in accordance with a Kubernetes standard ([0050] – “ One or more of the software components in the ECGs 110 may be Linux based and/or split into discrete user spaces, or containers, through the use of a secure container environment (e.g., Docker, etc.). A container may be an individual instance of an application. […] because containers are created from images, the image may contain specific content detailing exactly how the container, application, is supposed to function and behave .”; [0071] – “ The secure container platform 222 may be implemented and used in any or all container environments that need enhanced security when deploying services dynamically .”; [0144] – “ Container environments (e.g., docker, kubernetes , k8s, k3s, etc.) may perform more functions than just enabling and running containers. A container environment or platform may allow for the creation and usage of images, networks, plug ins, and a host of other items. The container environment may allow wireless operators, enterprises and utilities to easily create applications, and ship them in containers that may be deployed anywhere .”) . Claims 7-8 and 10-12 are directed to A method comprising: the functions performed by the information handling system of claims 1-2 and 4-6, respectively. Accordingly, claims 7-8 and 10-12 are rejected as being unpatentable over SIENICKI in view of HALL and Amaro for the same reasons presented with respect to claims 1-2 and 4-6. Claims 13-14 and 16-18 are directed to An article of manufacture comprising a non - transitory, computer-readable medium having computer-executable instructions thereon that are executable by a processor of an information handling system (SIENICKI: [ 0191] – “ the functions described may be implemented in hardware, software, firmware, or any combination thereof. If implemented in software, the functions may be stored as one or more instructions or code on a non-transitory computer-readable storage medium or non-transitory processor-readable storage medium. The operations of a method or algorithm disclosed herein may be embodied in a processor-executable software module or processor-executable instructions, which may reside on a non-transitory computer-readable or processor-readable storage medium ” ) for: performing the functions performed by the information handling system of claims 1-2 and 4-6, respectively. Accordingly, claims 13-14 and 16-18 are rejected as being unpatentable over SIENICKI in view of HALL and Amaro for the same reasons presented with respect to claims 1-2 and 4-6. Claim s 3, 9, and 15 are rejected under 35 U.S.C. 103 as being unpatentable over SIENICKI in view of HALL and Amaro FILLIN "Insert the prior art reference(s) relied upon for the obviousness rejection." \d "[ 2 ]" as applied to claim s 1, 7, and 13 FILLIN "Pluralize claim, if necessary, and then insert the claim number(s) which is/are under rejection." \d "[ 3 ]" above, and further in view of CHEN et al. (U.S. Pub. No. 2023/0091915), hereinafter CHEN . Regarding claim 3, the combination SIENICKI in view of HALL and Amaro teaches the information handling system of claim 1, but fails to expressly teach wherein the secure containerization system is configured to provide updates to the containerized applications. However, CHEN teaches wherein the secure containerization system is configured to provide updates to the containerized applications ([0024] – “ Containerization platform 110 accesses information regarding dependences from the image repository 140, as well as information from patch coverage database 160 to apply patches to the various container images, and then rebuild container images .”; [0025] – “ containerization platform 110 contains, in various embodiments of the invention, software updater 112 , image build module 114, and container management 118 .”; [0026] – “ software updater 112 determines whether software associated with a base container image requires an update, such as one or more software patches (including, for example, security patches to improve the security of various software associated with container images). […] software updater 112 applies the necessary software updates to the base container image(s).”; [0031] – “ when base container image(s) and or dependent container image(s) are re-built because of patching, container management 118 requests generation and/or modification of new container(s) 124 based upon the re-built container images. The newly generated or modified container 124 , in such circumstances, is deployed ”). CHEN is considered to be analogous art to the claimed invention because it is reasonably pertinent to the problem faced by the inventor of ensuring the security of the containers. It would have been obvious to one of ordinary skill in the art to have modified the secure containerization platform taught by SIENICKI in view of HALL and Amaro to incorporate the teachings of CHEN such that the platform provides updates to the containerized applications. Updating the software of a container may improve the security of the software, e.g., when the software update comprises a security patch, and the methods of providing software updates to containerized applications taught by CHEN provide automatic and consistent methods for rolling out correct software updates quickly and efficiently, while avoiding instability and integration issues with dependent container images (CHEN: [0003]-[0004], [0018] and [0026]). Claim 9 recites the same limitations as claim 3, applied to the method of claim 7. Accordingly, claim 9 is rejected as being unpatentable over SIENICKI in view of HALL and Amaro for the same reasons presented with respect to claim 3. Claim 15 recites the same limitations as claim 3, applied to the article of manufacture of claim 13. Accordingly, claim 15 is rejected as being unpatentable over SIENICKI in view of HALL and Amaro for the same reasons presented with respect to claim 3. Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Turner (U.S. Pub. No. 2019/0087244) teaches hyperconvergence is an IT infrastructure framework which masks the complexity of an underlying system, simplifies maintenance and administration, and may be readily scaled out due to its modularity (see [0003]). SHILAWAT et al. (U.S. Pub. No. 2023/0021216) teaches a secure edge platform environment, specifically a hyper-converged implementation for use at the edge, providing a vendor agnostic platform-as-a-service using container-based microservices architecture with orchestration (see [0002] and [0030]). WALKES et al. (U.S. Pub. No. 2022/0164177) teaches methods for managing containerized applications on an edge device, involving updates of application containers (see [0059]). VIJAYWARGIYA et al. (U.S. Pub. No. 2024/0411544) teaches an application management platform for hyper-converged infrastructure, e.g. where infrastructure is implement in software containers, wherein the platform comprises at least a deployment component and an update component (see Abstract, [0002]-[0003]). Any inquiry concerning this communication or earlier communications from the examiner should be directed to FILLIN "Examiner name" \* MERGEFORMAT JENNIFER MARIE GUTMAN whose telephone number is FILLIN "Phone number" \* MERGEFORMAT (703)756-1572 . The examiner can normally be reached FILLIN "Work Schedule?" \* MERGEFORMAT M-F: 9:00 am - 5:00 pm . Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, FILLIN "SPE Name?" \* MERGEFORMAT Kevin Young can be reached at FILLIN "SPE Phone?" \* MERGEFORMAT 571-270-3180 . The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /JENNIFER MARIE GUTMAN/ Examiner, Art Unit 2194 /KEVIN L YOUNG/ Supervisory Patent Examiner, Art Unit 2194
Read full office action

Prosecution Timeline

Dec 12, 2023
Application Filed
Mar 31, 2026
Non-Final Rejection — §103, §112 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12511179
MANAGING APPLICATION PROGRAMMING INTERFACES (APIs) OF A WEB APPLICATION
2y 5m to grant Granted Dec 30, 2025
Patent 12495084
REALTIME DISTRIBUTION OF GRANULAR DATA STREAMS ON A NETWORK
2y 5m to grant Granted Dec 09, 2025
Patent 12461798
MANAGING PERFORMANCE DURING COLLABORATION SESSIONS IN HETEROGENOUS COMPUTING PLATFORMS
2y 5m to grant Granted Nov 04, 2025
Patent 12450109
QUEUEING ASYNCHRONOUS EVENTS FOR ACCEPTANCE BY THREADS EXECUTING IN A BARREL PROCESSOR
2y 5m to grant Granted Oct 21, 2025
Patent 12444002
MULTISIDED AGNOSTIC INTEGRATION SYSTEM
2y 5m to grant Granted Oct 14, 2025
Study what changed to get past this examiner. Based on 5 most recent grants.

AI Strategy Recommendation

Get an AI-powered prosecution strategy using examiner precedents, rejection analysis, and claim mapping.
Powered by AI — typically takes 5-10 seconds

Prosecution Projections

1-2
Expected OA Rounds
59%
Grant Probability
99%
With Interview (+50.5%)
2y 11m
Median Time to Grant
Low
PTA Risk
Based on 29 resolved cases by this examiner. Grant probability derived from career allow rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month