DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claims 1-20 are pending.
Information Disclosure Statement
The IDSs filed 9/6/2024 and 12/9/2024 have been considered by the Examiner.
Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).
The filing of a terminal disclaimer by itself is not a complete reply to a nonstatutory double patenting (NSDP) rejection. A complete reply requires that the terminal disclaimer be accompanied by a reply requesting reconsideration of the prior Office action. Even where the NSDP rejection is provisional the reply must be complete. See MPEP § 804, subsection I.B.1. For a reply to a non-final Office action, see 37 CFR 1.111(a). For a reply to final Office action, see 37 CFR 1.113(c). A request for reconsideration while not provided for in 37 CFR 1.113(c) may be filed after final for consideration. See MPEP §§ 706.07(e) and 714.13.
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The actual filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/apply/applying-online/eterminal-disclaimer.
Claims 1-20 rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-20 of US Patent No. 12,135,791. Although the claims at issue are not identical, they are not patentably distinct from each other because the instant limitations are somewhat broader than the patented limitations. In the independent claims of the patented application there is a detection of a transmission of program code for quality control testing which is absent from the instant application. The details are highlighted in the table below.
18/826301
US Patent No. 12,135,791
Difference
1. A system for security analysis and validation during construction and deployment of
dynamic network components, wherein the system is structured for identifying and remediating
defects in a first resource program code being built at an internal network layer of the first
distributed network, in real-time, and validating the first resource program code at both a lower
deployment environment and a higher deployment environment, the system comprising:
at least one memory device with computer-readable program code stored thereon;
at least one communication device;
at least one processing device operatively coupled to the at least one memory device
and the at least one communication device, wherein when executed the computer-readable
code is configured to cause the at least one processing device to:
receive at a lower build deploy system associated with the lower deployment
environment system a first resource program code that is designated for quality control
testing;
augment, via the lower build deploy system, a code merge associated with the
first resource program code at a continuous integration system with a first validation of
the first resource program code at a first time interval, prior to transmission of the first
resource program code to a quality control testing system, wherein the first validation of
the program code comprises:
determining whether the first resource program code is associated with
one or more critical security vulnerability records;
determining a successful first validation of the first resource program code
in response to determining that the first resource program code is not associated
with the critical security vulnerability record; and
in response to the successful first validation of the first resource program
code, storing the first resource program code at an artifactory system;
receive a request for transmission of the validated first resource program code to
the quality control testing system at a second time interval succeeding the first time interval;
extract the first resource program code from the artifactory system to the lower
build deploy system;
initiate a second validation of the first resource program code at the second time
interval, based on at least one or more categorical network program resource
component records associated with a dynamic validated network resource library;
in response to a successful second validation of the first resource program code,
allow deployment of the first resource program code to the lower deployment
environment.
1. A system for security analysis and validation during construction and deployment of
dynamic network components, wherein the system is structured for identifying and remediating
defects in a first resource program code being built at an internal network layer of the first
distributed network, in real-time, and validating the first resource program code at both a lower
deployment environment and a higher deployment environment, the system comprising:
at least one memory device with computer-readable program code stored thereon;
at least one communication device;
at least one processing device operatively coupled to the at least one memory device
and the at least one communication device, wherein executing the computer-readable code is
configured to cause the at least one processing device to:
detect, via a lower deployment environment system, transmission of a first
resource program code to a quality control testing system;
transmit the first resource program code to a lower build deploy system
associated with the lower deployment environment system, prior to transmission of the
first resource program code to a quality control testing system;
augment, via the lower build deploy system, a code merge associated with the
first resource program code at a continuous integration system with a first validation of
the first resource program code at a first time interval, prior to transmission of the first
resource program code to a quality control testing system, wherein the first validation of
the program code comprises:
determining whether the first resource program code is associated with
one or more critical security vulnerability records;
determining a successful first validation of the first resource program code
in response to determining that the first resource program code is not associated
with the critical security vulnerability record; and
in response to the successful first validation of the first resource program
code, storing the first resource program code at an artifactory system;
receive, via a lower deployment system, a request for transmission of the
validated first resource program code to the quality control testing system from a first
network device at a second time interval succeeding the first time interval;
extract, via the lower deployment system, the first resource program code from
the artifactory system to the lower build deploy system;
initiate a second validation of the first resource program code at the second time
interval, based on at least one or more categorical network program resource
component records associated with a dynamic validated network resource library;
in response to a successful second validation of the first resource program code,
(i) restore the first resource program code at the artifactory system, and (ii) allow
deployment of the first resource program code to the lower deployment environment.
The instant limitations do not require the processor to: “detect, via a lower deployment environment system, transmission of a first resource program code to a quality control testing system”. The missing limitation just expands the scope of the claims without affecting the patentability of the claims as compared to the US Patent No. 12,1358,791.
Allowable Subject Matter
Claims 1-20 will be allowed over the prior art of record once a approved terminal disclaimer is filed and the Examiner conducts a final search and consideration. The Examiner could not find any prior art reference, either alone or in combination, that teaches the sequence and details of the claimed limitations, “determining whether the first resource program code is associated with one or more critical security vulnerability records, determining a successful first validation of the first resource program conde in response to determining that the first resource program code is not associated with the critical security vulnerability record, in response to the successful first validation of the first resource program code, storing the first resource program code at an artifactory system, receiving, via a lower deployment system, a request for transmission of the validate first resource program code to the quality control testing system from a first network device at a second time interval succeeding the first time interval, extracting, via the lower deployment system, the first resource program code from the artifactory system to the lower build deploy system, initiating a second validation of the first resource program code at the second time interval, based on at least one or more categorical network program resource component records associated with a dynamic validated network resource library.” The closest prior reference includes US PG Pub. No. 2009/0125875 to Schmitter et al., which is concerned with the development and deployment of a software product, but does not address the code merge and the second validation of the merged software product before deployment and does not address any potential security threats and US PG Pub. No. 2006/0059253 to Goodman et al. which is directed to development, execution, deployment, testing, and debugging of computer code and inherent security concerns of the computer code, but does not address the code merge and the second validation of the merged software product before deployment.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to WILLIAM S POWERS whose telephone number is (571)272-8573. The examiner can normally be reached M-F 7:30-17:30.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jorge L Ortiz-Criado can be reached at (571) 272-7624. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/WILLIAM S POWERS/Primary Examiner, Art Unit 2496