DETAILED ACTION
This Action is in consideration of the Applicant’s response on ***. Claims *** are amended by the Applicant. Claims ***, where Claims *** are in independent form, are presented for examination.
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Arguments
Applicant's arguments filed December 18, 2025 have been fully considered but they are moot based on the new grounds of rejection necessitated by amendment.
Claim Rejections - 35 USC § 103
The text of those sections of Title 35, U.S. Code not included in this action can be found in a prior Office action.
Claim(s) 1, 2, 6 – 9, 13 – 16, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over PGPub. 2024/0004631 (hereinafter “Nelson”), in view of PGPub. 2020/0228402 (hereinafter “Parker”) and PGPub. 2024/0095006 (hereinafter “Waterman”).
1. Regarding Claims 1, 8, and 15, Nelson discloses of a system (Claim 8) [Fig. 9; Para. 0062-64] for containerization, comprising:
a processor [Fig. 9; Para. 0062-64];
a non-transitory computer-readable medium (Claim 15) [Fig. 9; Para. 0062-64]; and
stored instructions translatable by the processor [Fig. 9; Para. 0062-64] for executing (Claim 1):
responsive to detecting a security vulnerability in a software application, building a new base application image that is separated from one or more product-specific extensions [Abstract; Figs. 2, 5, and 6; Para. 0006, 0026-28, 0040, 0056; call version of the custom container image includes an outdated version of the base container image detected, upgrading the custom container image with the most recent version of the base container image];
deploying the new base application image [Figs. 6 and 7; Para. 0043-47; updating the Kubernetes cluster with the most recent version of the base container image];
updating
updating a set of product containers with the new base application image [Figs. 6 and 7; Para. 0043-47; subsequent calls for the custom container image will now have the most recent version of the base container image]
While the use of Helm charts and init container patters are known in the use of Kubernetes containers, additional are will be used to address these limitations. Nelson, however, does not specifically disclose of using a helm chart to indicate specific extensions or configurations for the application container or of using an init container pattern to apply the product-specific extensions to the new base application image.
Parker discloses a system and method for configuring containerized applications [Abstract]. Parker further discloses that updates to the container are implemented by updating Helm Charts via Kubernetes [Para. 0068]. It would have been obvious to one skilled in the art before the effective filing date of the current invention to incorporate the teachings of Parker with Nelson since both systems update containers used to provide customized computing services. The motivation is to utilize known concepts in managing containers with Kubernetes for wider adaptability and commercial viability (obvious to one skilled in the art).
Parker, however, does not specifically disclose of using an init container pattern to apply the product-specific extensions to the new base application image.
Waterman discloses a system and method for providing a software container [Abstract]. Waterman further discloses that an INIT container is used to initialize the container including application software and associated binaries and libraries (extensions) [Fig. 3; Para. 0067]. It would have been obvious to one skilled in the art before the effective filing date of the current invention to incorporate the teachings of Waterman with Nelson since both systems utilize Kubernetes containers to provide customized computing services. The motivation is to utilize known concepts in managing containers with Kubernetes for wider adaptability and commercial viability (obvious to one skilled in the art).
2. Regarding Claims 2, 9, and 16, Nelson, in view of Parker and Waterman, discloses the limitations of Claims 1, 8, and 15. Nelson further discloses that the new base application image is deployed by container orchestration platform [Figs. 6 and 7; Para. 0043-47].
3. Regarding Claims 6, 7, 13, 14, and 20, Nelson, in view of Parker and Waterman, discloses the limitations of Claims 1, 8, and 15. Nelson further discloses that a base application image is provided to a user to use with a user's application [Figs. 6 and 7; Para. 0043-47; updating the Kubernetes cluster with the most recent version of the base container image to resolve security concern], wherein the deployment of the new base application image enables the user to fix the security vulnerability [Figs. 6 and 7; Para. 0043-47; updating the Kubernetes cluster with the most recent version of the base container image to resolve security concern].
Claim(s) 3, 4, 10, 11, 17, and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Nelson, in view of Parker and Waterman, in further view of PGPub. 2020/0364039 (hereinafter “Gibbs”)
4. Regarding Claims 3, 10, and 17, Nelson, in view of Parker and Waterman, discloses the limitations of Claims 1, 8, and 15. Nelson, Parker, or Waterman, however, do not specifically disclose that the new base application image contains a web server application.
Gibbs discloses a system and method for managing container updates [Abstract; Para. 0031]. Gibbs further discloses that the new base application image contains a web server application [Para. 0096]. It would have been obvious to one skilled in the art before the effective filing date of the current invention to incorporate the teachings of Waterman with Nelson since both systems utilize Kubernetes containers to provide customized computing services. This would have been a design choice and the motivation to do so is to provide a user interface for the services provided in the container (obvious to one skilled in the art).
5. Regarding Claims 4, 11, and 18, Nelson, in view of Parker and Waterman, and in further view of Gibbs, discloses the limitations of Claims 3, 10, and 17. Gibbs further discloses that the web server application is an Apache web server application [Para. 0032].
Claim(s) 5, 12, and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Nelson, in view of Parker and Waterman, in further view of PGPub. 2021/0103450 (hereinafter “Prasad”)
6. Regarding Claims 5, 12, and 19, Nelson, in view of Parker and Waterman, discloses the limitations of Claims 1, 8, and 15.
Nelson, Parker, or Waterman, however, do not specifically disclose that the security vulnerability comprises a vulnerability in a library used by an application contained by the new base application image.
Prasad discloses a system and method for assembling container images [Abstract]. Prasad further discloses of detecting security vulnerabilities within the container images which can comprise a vulnerability in a library used by an application contained by the new base application image [Para. 0006, 0031, 0044]. It would have been obvious to one skilled in the art before the effective date of the current invention to incorporate the teachings of Prasad with Nelson since both systems evaluation containers for vulnerabilities. The combination enables the Nelson system to scan for other files that are known to expose containers to vulnerabilities resulting in improved detection capabilities (obvious to one skilled in the art).
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Contacts
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Tae K. Kim, whose telephone number is (571) 270-1979. The examiner can normally be reached on Monday - Friday (10:00 AM - 6:30 PM EST).
If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, Jorge Ortiz-Criado, can be reached on (571) 272-7624. The fax phone number for submitting all Official communications is (703) 872-9306. The fax phone number for submitting informal communications such as drafts, proposed amendments, etc., may be faxed directly to the examiner at (571) 270-2979.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at (866) 217-9197 (toll-free).
/TAE K KIM/Primary Examiner, Art Unit 2496
Prosecution Insights