DETAILED ACTION
Claims 1-20 are presented for examination.
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
Claims 2-4 rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being incomplete for omitting essential structural cooperative relationships of elements, such omission amounting to a gap between the necessary structural connections. See MPEP § 2172.01. The omitted structural cooperative relationships are: It is unclear whether “second sensitive data” is distinct or identical to “sensitive data” recited in claim 1. Claim 5 states “the sensitive data comprises credentials”, it is unclear whether credential refer to the first dataset second dataset, or both. Therefore the scope is uncertain.
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims1-20 are rejected under 35 U.S.C. 103 as being unpatentable over Goswami et al. (US Patent Application No. 20240430155) (Hereinafter Goswami) in view of McNamara et al. (US Patent Application No. 20230328047) (Hereinafter McNamara).
As per claim 1, Goswami discloses a method for managing operation of a deployment, the method comprising:
obtaining, from a requestor, a request for the deployment to provide a desired service; based on the request (para 33, (The deployment GUI may provide an interface for a network deployment engineer to deploy NFs by providing a target NF name and a target environment to which the NF is to be deployed. In response to receiving the target NF name and target environment via the deployment GUI, the CICD system triggers a script to create a NF package for deploying the NF to the target environment.):
obtaining a desired state chart prototype that comprises instructions and lacks sensitive data for the operation of the deployment to provide the desired service (para 34-35, (under BRI interpretation) a template, the template comprises a Kubernetes umbrella Helm chart [state chart, see specification], the template is designed for multiple cloud environment, the template includes sections populated later by script, because the template is populated later with NF-specific parameter and ip addresses, it definitely exists in an unpopulated form that lacks those parameters at the time it is obtained) ;
obtaining the sensitive data (para 34, IP address assignments from IPAM, IP address interpreted as sensitive data see specification) for the operation of the deployment (para 34-35, the NF configuration datastore and IPAM, the script parses parameters and addresses) ;
obtaining a completed desired state chart by combining the desired state chart prototype with the sensitive data (para 34,the script parses the NF specific parameters and attribute settings from the NF configuration datastore and populates corresponding sections of a template with those values while similarly populating networking sections of the template with IP address assignments; combination of template [prototype] and parameters [sensitive data]) ;
obtaining at least one process from an automation framework using the completed desired state chart (para 33-35, the CICD system [automation framework] triggers a script to create a NF package for deploying the NF to the target environment); and
providing the desired service using the at least one process (para 33-35, deployment of NF to cloud environment and creation of NF package ready for deployment broadly reads on the above limitation).
Goswami explicitly does not disclose sensitive data, and an automation framework well known in the art. For example McNamara disclose sensitive data (para 3, 123, the deployment YAML file and these algorithms are matched to specific IP address ports), and an automation framework (para 84, DevOps).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Goswami and McNamara. The motivation would have been to implement the sensitive data of Goswami as credentials as taught by McNamara, because credentials are well known sensitive data and are commonly managed securely in automated deployment system and also incorporating Devops-based automation into the system to enhance security compliance.
The Examiner notes that this motivation applies to all dependent and/or otherwise subsequently addressed claims.
As per claim 2, claim is rejected for the same reasons and motivations as claim 1, above. In addition, McNamara discloses further comprising:
before obtaining the request:
obtaining the completed desired state chart (para 139, DevOps engineer obtains credentials…. The DevOps engineer obtains an unconfigured YAML file from the Container Repository);
obtaining, from the completed desired state chart, second sensitive data and the desired state chart prototype (para 139, DevOps engineer obtains credentials…. The DevOps engineer obtains an unconfigured YAML file from the Container Repository);
performing a review, by an administrator, of the second sensitive data and
the desired state chart prototype to validate authenticity (para 31,125, Administrative services include configuration of server performance variables, performance monitoring, troubleshooting technical problems, data backup, system security, and user support),
confidentiality, and syntax of the second sensitive data (para 90, ensures data confidentiality and integrity) and
to ensure that the desired state chart prototype lacks the second sensitive data (para 139, DevOps engineer obtains credentials…. The DevOps engineer obtains an unconfigured YAML file from the Container Repository);
obtaining, from the review, authorization from the administrator to store the second sensitive data in a secure vault (para 43, Machine secrets are often stored in centralized “secrets stores” (vaults) for protection, but this creates another set of credentials (the keys to the vault) which must then be protected); and
storing the second sensitive data in the secure vault (para 43, secrets are often stored in centralized “secrets stores” (vaults) for protection, but this creates another set of credentials (the keys to the vault) which must then be protected).
As per claim 3, claim is rejected for the same reasons and motivations as claim 1, above. In addition, McNamara discloses wherein obtaining, from the completed desired state chart, the second sensitive data and the desired state chart prototype comprises:
performing a validation process on data within the completed desired state chart to identify the second sensitive data and ensure that the second sensitive data meets a set of standards (para 46, 52, Machine secrets are often stored in centralized “secrets stores” (vaults) for protection, but this creates another set of credentials (the keys to the vault) which must then be protected. This creates a chain of secrets stores that eventually leads back to a human administrator with a password (known as Secret Zero)).
As per claim 4, claim is rejected for the same reasons and motivations as claim 1, above. In addition, McNamara discloses wherein performing the validation process comprises:
identifying the second sensitive data in the completed desired state chart by performing a keyword search in each section of the completed desired state chart (para 103, A Formula rule constructs or transforms a part of a password. In a non-limiting example, multiple Formula rules specify multiple parts of a hopped password or specify the order in which the parts are assembled into a single password. Formula rules may identify one or more time-variable data character strings from one or more information sources. Formula rules may also include one or more specific non-variable, or fixed, character strings added to the Formula to increase password entropy.); and
ensuring the second sensitive data meets the set of the standards, the set of the standards comprising correct character formatting, a readable format, compliance with data privacy regulations, and being in an original state in which the second sensitive data has not been altered by unauthorized users (para 103, the password character string to indicate the TPV site at which the password is used and to construct unique passwords for each site using a single Formula, and thus avoiding the brushfire vulnerability present with many passwords.).
As per claim 5, claim is rejected for the same reasons and motivations as claim 1, above. In addition, McNamara discloses wherein obtaining the sensitive data comprises:
reading the sensitive data from a secure vault (para 58, secrets are centrally stored and protected with encryption in a central vault).
As per claim 6, claim is rejected for the same reasons and motivations as claim 1, above. In addition, McNamara discloses, wherein the secure vault stores the sensitive data, is located on a device of the deployment (para 46, 52, Machine secrets are often stored in centralized “secrets stores” (vaults) for protection, but this creates another set of credentials (the keys to the vault) which must then be protected. This creates a chain of secrets stores that eventually leads back to a human administrator with a password (known as Secret Zero)), and
requires authorization from an administrator to access the sensitive data (para 43, 125, Machine secrets are often stored in centralized “secrets stores” (vaults) for protection, but this creates another set of credentials (the keys to the vault) which must then be protected; Administrative services include configuration of server performance variables, performance monitoring, troubleshooting technical problems, data backup, system security, and user support.).
As per claim 7, claim is rejected for the same reasons and motivations as claim 1, above. In addition, McNamara discloses wherein the sensitive data comprises credentials and confidential information (para 31, “Secret” refers to a password, pin, token, key or any string of printable characters whose possession is used to prove an authenticated identity and must be kept secret by the authorized users).
As per claim 8, claim is rejected for the same reasons and motivations as claim 1, above. In addition, McNamara discloses wherein obtaining the completed desired state chart by combining the desired state chart prototype with the sensitive data comprises:
replacing a field in the desired state chart prototype with a corresponding portion of the sensitive data (para 139, The DevOps engineer obtains an unconfigured YAML file from the Container Repository and edits so that it matches the port assignment and naming conventions).
As per claim 9, claim is rejected for the same reasons and motivations as claim 1, above. In addition, McNamara discloses wherein the completed desired state chart is a set of instructions for configuring and customizing an application to accomplish a task or perform a service (para 139, The DevOps engineer obtains an unconfigured YAML file from the Container Repository and edits so that it matches the port assignment and naming conventions).
As per claims 10 and 16, claims are rejected for the same reasons and motivations as claim 1, above.
As per claims 11 and 17, claims are rejected for the same reasons and motivations as claim 2, above.
As per claims 12 and 18, claims are rejected for the same reasons and motivations as claim 3, above.
As per claims 13 and 19, claims are rejected for the same reasons and motivations as claim 4, above.
As per claims 14 and 20, claims are rejected for the same reasons and motivations as claim 5, above.
As per claim 15, claim is rejected for the same reasons and motivations as claim 6, above.
Conclusion
Please see the attached PTO-892 for the prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MOHAMMAD A SIDDIQI whose telephone number is (571)272-3976. The examiner can normally be reached Monday-Friday.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Carl G Colin can be reached at 571-272-3862. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/MOHAMMAD A SIDDIQI/Primary Examiner, Art Unit 2493