DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Claims 1, 3-11 and 13-20 are provisionally rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-8 of U.S. Patent No. 12,061,703. Although the claims at issue are not identical, they are not patentably distinct from each other because the claims of the patented document (US 12,061,703) anticipate those of the instant application (18/754,931).
The instant application, 18/754,931
US 12,061,703
Claims 1, 11 and 20:
A method, comprising:
instrumenting, by a device, an application to generate trace data during execution of the application;
detecting, by the device, an occurrence of a security event during execution of the application;
identifying, by the device, a correlation between the security event and the trace data; and
providing, by the device and based on the security event being correlated with the trace data, an indication of the security event in conjunction with the trace data by calling a function that adds the indication of the security event to a span for the application.
Claim 1:
A method comprising:
instrumenting, by a device, a web application to generate OpenTelemetry trace data during execution of the web application;
detecting, by the device, an occurrence of a security event during execution of the web application;
identifying, by the device, a correlation between the security event and the OpenTelemetry trace data; and
providing, by the device and based on the security event being correlated with the OpenTelemetry trace data, an indication of the security event in conjunction with the OpenTelemetry trace data by calling a function that adds the indication of the security event to a current OpenTelemetry span for the web application.
Claims 3 and 13:
The method as in claim 1, wherein providing the indication of the security event in conjunction with the trace data comprises:
associating the security event with a current trace identifier or a span identifier.
Claim 2:
The method as in claim 1, wherein providing the indication of the security event in conjunction with the OpenTelemetry trace data comprises:
associating the security event with a current OpenTelemetry trace identifier or span identifier.
Claims 4 and 14:
The method as in claim 1, wherein providing the indication of the security event in conjunction with the trace data comprises:
adding the indication of the security event as a span status.
Claim 3:
The method as in claim 1, wherein providing the indication of the security event in conjunction with the OpenTelemetry trace data comprises:
adding the indication of the security event as an OpenTelemetry span status.
Claims 5 and 15:
The method as in claim 1, wherein providing the indication of the security event in conjunction with the trace data comprises: adding the indication of the security event to a current span for the application.
Claim 1:
providing, … an indication of the security event in conjunction with the OpenTelemetry trace data by calling a function that adds the indication of the security event to a current OpenTelemetry span for the web application.
Claims 6 and 16:
The method as in claim 1, wherein the device provides the indication of the security event in conjunction with the trace data based in part on a Common Vulnerability Scoring System score associated with the security event.
Claim 4:
The method as in claim 1, wherein the device provides the indication of the security event in conjunction with the OpenTelemetry trace data based in part on a Common Vulnerability Scoring System score associated with the security event.
Claims 7 and 17:
The method as in claim 1, wherein providing the indication of the security event in conjunction with the trace data comprises:
adding the indication of the security event to a root span for the application.
Claim 5:
The method as in claim 1, wherein providing the indication of the security event in conjunction with the OpenTelemetry trace data comprises:
adding the indication of the security event to an OpenTelemetry root span for the web application.
Claims 8 and 18:
The method as in claim 1, wherein the application is a distributed application.
Claim 6:
The method as in claim 1, wherein the web application is a distributed application.
Claims 9 and 19:
The method as in claim 1, wherein detecting the occurrence of the security event during execution of the application comprises: monitoring permission calls made by the application to identify a library called by the application; and
determining that the library comprises vulnerable code.
Claim 7:
The method as in claim 1, wherein detecting the occurrence of the security event during execution of the web application comprises:
monitoring permission calls made by the web application to identify a library called by the web application; and
determining that the library comprises vulnerable code.
Claim 10:
The method as in claim 1, wherein instrumenting the application to generate trace data during execution of the application comprises:
calling an OpenTelemetry application programming interface (API) from the application.
Claim 8:
The method as in claim 1, wherein instrumenting the web application to generate OpenTelemetry trace data during execution of the web application comprises:
calling an OpenTelemetry application programming interface (API) from the web application.
As is evident from the above table, the claims of the patented document anticipate the instant claims 1, 3-11 and 13-20. Therefore, the instant claims 1, 3-11 and 13-20 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-8 of U.S. Patent No. 12,061,703.
Allowable Subject Matter
Claims 1-20 would be allowed as amended if the Double Patenting rejection is overcome.
The closest prior art being “Agarwal” (US 2021/0232485 A1), and newly “Smith” (US 2014/0137240 A1). Agarwal discloses a method of analyzing performance of services in a microservices-based application, the method comprising: generating a plurality of traces from a plurality of spans associated with the microservices-based application and ingested during a given time duration; generating a plurality of data sets each associated with a respective analysis mode of a plurality of analysis modes using the plurality of traces, wherein each analysis mode extracts a different level of detail from the plurality of spans associated with the plurality of traces; selecting, based on a first user query, a first analysis mode from the plurality of analysis modes for generating a response to the first user query; accessing a data set of the plurality of data sets that is associated with the first analysis mode; and generating the response to the first user query using the data set associated with the first analysis mode, wherein the first user query requests information pertaining to the performance of the services in the microservices-based application. Smith discloses a method for maintaining network security, the method comprising: sensing network telemetry information at plural network resources; communicating the network telemetry information to an active memory interfaced with a processor, the processor executing plural network security modules, each network security module having an input specification, an output specification and a logic specification, the logic specification defining a memory allocation in the active memory for each of the security modules; and maintaining network security by investigating network telemetry information with one or more of the security modules using the telemetry information stored in the active memory to detect network security threats and by neutralizing the detected network security threats with one or more of the security modules in response to detecting of predetermined network telemetry information in the active memory.
What is missing from the prior art is: a method(s) comprising: instrumenting, by a device, an application to generate trace data during execution of the application; detecting, by the device, an occurrence of a security event during execution of the application; identifying, by the device, a correlation between the security event and the trace data; and providing, by the device and based on the security event being correlated with the trace data, an indication of the security event in conjunction with the trace data by calling, via an application programming interface of a tracing framework, a function that adds the indication of the security event to a current span for the application.
Thus, the prior art of record, when considered individually and in combination, does not teach or suggest the subject matter recited by claims 1, 11 and 20 as a whole, therefore claims 1, 11 and 20 are deemed allowable over the prior art of record. The dependent claims which further limit claims 1 and 11 are also deemed allowable by virtue of their dependency.
Conclusion
THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MATTHIAS HABTEGEORGIS whose telephone number is (571)272-1916. The examiner can normally be reached M-F 8am-5pm ET.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, William R. Korzuch can be reached at (571)272-7589. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/M.H./Examiner, Art Unit 2491
/DANIEL B POTRATZ/Primary Examiner, Art Unit 2491