CROSS-SECURITY-REGION RESOURCE ACCESS METHOD IN CLOUD COMPUTING SYSTEM AND ELECTRONIC DEVICE

Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . DETAILED ACTION 1. The following is a non-Final Office Action in response to applicant’s arguments/filing filed on October 9, 2024Claims 12 and 13 are cancelledClaims 1-11 and 14-22 are pendingExaminer’s Note: Paragraph 0053 of the specification discloses the computing node device can include a physical server and a PC Foreign Priority Acknowledgment is made of applicant's claim for foreign priority under 35 U.S.C. 119(a)-(d). The certified copy has been filed in Instant Application, filed on 10/9/2024. Information Disclosure Statement The information disclosure statement (IDS) submitted on 10/24/2025 was filed prior to the mailing date of the first office action. The submission is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner. The information disclosure statement (IDS) submitted on 10/9/2024 was filed prior to the mailing date of the first office action. The submission is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner. Drawings Acknowledgment is made of applicant’s drawings submitted on 10/9/2024. Oath/Declaration Acknowledgment is made of applicant’s oath submitted on 10/9/2024 Application Data Sheet Acknowledgment is made of applicant’s application data sheet submitted on 10/9/2024. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. 1.) Claims 1-3, 11 and 14-16 are rejected under 35 U.S.C. 103 as being unpatentable over US 20210117242, Van De Groenedaal in view of US 20220086226, Jain In regards to claim 1, Van De Groenedaal teaches a cross-security-region resource access method in a cloud computing system, wherein the cloud computing system comprises at least one computing node device in a user security region(US 20210117242, Van De Groenedaal, para. 0107 and 0140: [0107]- FIG. 11 illustrates operational layers among endpoints, an edge cloud, and cloud computing environments. Specifically, FIG. 11 depicts examples of computational use cases 1105, utilizing the edge cloud 1010 among multiple illustrative layers of network computing.[0140]- one or more servers of the software distribution platform 1505 are communicatively connected to one or more security domains and/or security devices through which requests and transmissions of the example computer readable instructions 1550 must pass.); the computer computing node device comprises at least one virtual node and a remote procedure call protocol (RPC} calling server program simulated by a virtio protocol-based block(BLK) service(US 20210117242, Van De Groenedaal, para. 0360, an RPC request for a microservice/service. The Application can be hosted in a variety of environments such as serverless, containers, VMs, container-in-VM, bare metal, etc. An RPC is an example of a type of Service or function call, and can include other methods such as SOAP (Simple Object Access Protocol), REST (representational state transfer), gRPC, GraphQL, Thrift, JSON-RPC, HTTP, OpenAPI, etc.);wherein the IO access request is used to perform IO access for target data resources in a resource security region(US 20210117242, Van De Groenedaal, para. 0207, pointer overruns or wild, flat accesses can be cut off through IPU based indirection-reflection policies. These policies can also be used for enforcing security access policies and intrusion detection of accesses to restricted areas, excessive resource (bandwidth, storage) usage, access to un-authorized services/data, authentication failures, activity during unusual times, geographical location, access patters (e.g. probing, scanning)); the user security region and the resource security region are isolated from each other(US 20210117242, Van De Groenedaal, para. 0438, Example 10 includes any example, wherein the circuitry to expose infrastructure services to be accessed by microservices for function composition is to perform security infrastructure services, wherein security infrastructure services include one or more of:… security-hub functions for inter-XPU confidentiality, and identity and information isolation, brokering data visibility between multiple clients for cooperative processing, enforcement of security policies and services including access control lists); and encapsulating, by the virtual block device, the IO access request into an RPC request for performing an RPC calling for the target data resources in response to the IO access request, and sending the RPC request to the RPC calling server program through the RPC channel, so that the RPC calling server program initiates a cross-security-region RPC calling for the target data resources based on the RPC request(US 20210117242, Van De Groenedaal, para. 0193 and 0344: [0193]- Secure resource manager 2100 can include event logging 2104 to perform logging of low level events from platform hardware, system on a chip (SoC) components, VMMs, or higher system events such as, but not limited to RPC calls, QoS violations, user login, and policy changes. Event logging 2104 can perform monitoring and logging changes to a number of network endpoints, remote procedure calls (RPC), gRPC, APIs, memory locations, storage locations, or several named machine states on devices, time of day, bandwidth, user access and authentication, resource requests, and access to other hosted or proxied services.[0344]- A memory access to a remote memory pool may require encapsulating the access into a message request to be processed in the Transmit path.); Van De Groenedaal does not teach the virtual node comprises a virtual block device simulated by a front-end driver of the virtio protocol-based BLK service and taken as an RPC calling client; the virtual block device comprises a simulated RPC channel with the RPC calling server program; the method comprises: receiving, by the virtual block device, an input/output (IO} access request triggered by a business application installed on the virtual node; However, Jain teaches the virtual node comprises a virtual block device simulated by a front-end driver of the virtio protocol-based BLK service and taken as an RPC calling client(US 20220086226, Jain, para. 0026, 0079 and 0081: [0026]- Various examples described herein can perform an application composed of microservices, where a microservice runs in its own process and communicates using protocols (e.g., application program interface (API), a Hypertext Transfer Protocol (HTTP) resource API, message service, remote procedure calls (RPC), or Google RPC (gRPC)) [0079]- entity 1202 can include a virtualized execution environment (virtual environment), serverless application, or microservice(s) executed in a guest environment that shares usage of the hardware resources. In some examples, entity 1202 can execute in a bare metal environment whereby entity 1202 and emulated device interface 1204 can utilize hardware resources[0081]- on behalf of entity 1202, emulated device 1204 can access a region of memory as though the region of memory is a device. Examples of emulated device 1204 can include a VMware environment VMXNET3, Non-volatile memory express (NVMe)), Linux environments using virtio devices (e.g., virtio-net, virtio-blk, virtio-scsi),); the virtual block device comprises a simulated RPC channel with the RPC calling server program(US 20220086226, Jain, para. 0026 and 0081: [0026]- Various examples described herein can perform an application composed of microservices, where a microservice runs in its own process and communicates using protocols (e.g., application program interface (API), a Hypertext Transfer Protocol (HTTP) resource API, message service, remote procedure calls (RPC), or Google RPC (gRPC))[0081]- on behalf of entity 1202, emulated device 1204 can access[i.e. note: Input/output] a region of memory as though the region of memory is a device. Examples of emulated device 1204 can include a VMware environment VMXNET3, Non-volatile memory express (NVMe)), Linux environments using virtio devices (e.g., virtio-net, virtio-blk, virtio-scsi); the method comprises: receiving, by the virtual block device, an input/output (IO} access request triggered by a business application installed on the virtual node(US 20220086226, Jain, para. 0081, on behalf of entity 1202, emulated device 1204 can access[i.e. note: Input/output] a region of memory as though the region of memory is a device. Examples of emulated device 1204 can include a VMware environment VMXNET3, Non-volatile memory express (NVMe)), Linux environments using virtio devices (e.g., virtio-net, virtio-blk, virtio-scsi)); It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Van De Groenedaal with the teaching of Jain because a user would have been motivated to use a emulation software device, taught by Jain, in order to provide virtualization improvement efficiencies to the system taught by Van De Groenedaal by enabling a host processors to be freed to perform other work(Jain, para. 0022). In regards to claim 2, the combination of Van De Groenedaal and Jain teach the method according to claim 1, wherein the IO access request comprises an IO write request for the virtual block device(US 20220086226, Jain, para. 0087, Referring to network interface device 1250, compute complex 1270 can post a translated descriptor (e.g., using Adaptive Virtual Function (AVF)) to one or more of: emulated device 1204 and host interface 1260, endpoint 1262, packet processing pipeline 1264, and/or MAC/PHY 1266. In some examples, a translated descriptor can include an address (e.g., virtual or physical address) of a buffer in host memory from which to read data or to which to write data.); the RPC request comprises an “RPC request” request(US 20210117242, Van De Groenedaal, para. 0360, Referring to FIG. 34A, at (1), an RPC request for a microservice/service.); wherein the IO write request comprises a calling parameter related to the RPC calling performed for the target data resources(US 20210117242, Van De Groenedaal, para. 0190, An IPU can be linked to some or every xPU in a server, have full access to memory, and can call other xPUs on other servers via a fabric or network in addition to bridging between xPUs. The IPU can also provide platform multi-tenant virtualization services to provide at least some customers with individual control of services such as power tuning options, device management, and service offloads.); wherein the encapsulating, by the virtual block device, the IO access request into the RPC request for performing the RPC calling for the target data resources in response to the IO access request comprises: writing, by the virtual block device, the calling parameter in the IO write request into a logical storage space of the virtual block device in response to the IO access request(US 20210117242, Van De Groenedaal, para. 0306, the IPU Local Control Plane can set Security parameters (e.g., Policy, Resource, Actions) for one or more resources controlled by the IPU. Security parameters can include one or more of data encryption policy at rest, inflight, in-use attestation requirements for services and platforms, key management and user identity, access policies, isolation, regulatory restrictions.); and in response to successful writing of the calling parameter into the logical storage space of the virtual block device, returning a successful writing response message corresponding to the IO write request to the business application installed on the virtual node(US 20210117242, Van De Groenedaal, para. 0106, central office network management hardware may be replaced with standardized compute hardware that performs virtualized network functions and offers compute resources for the execution of services and consumer functions for connected devices. Alternatively, an arrangement with hardware combined with virtualized functions, commonly referred to as a hybrid arrangement may also be successfully implemented.); encapsulating the calling parameter stored in the logical storage space to generate the “RPC request” for performing the RPC calling for the target data resources(US 20210117242, Van De Groenedaal, para. 0344, A memory access to a remote memory pool may require encapsulating the access into a message request to be processed in the Transmit path.). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Van De Groenedaal with the teaching of Jain because a user would have been motivated to use a emulation software device, taught by Jain, in order to provide virtualization improvement efficiencies to the system taught by Van De Groenedaal by enabling a host processors to be freed to perform other work(Jain, para. 0022) In regards to claim 3, the combination of Van De Groenedaal and Jain teach the method according to claim 2, wherein the IO access request further comprises an IO read request for the virtual block device(US 20210117242, Van De Groenedaal, para. 0131, The virtual edge instances 1432, 1434 are distributed among the edge nodes 1422, 1424, and may include scenarios in which a request and response are fulfilled from the same or different edge nodes.); the RPC request comprises an RPC read request for reading an RPC response(US 20210117242, Van De Groenedaal, para. 0193, Event logging 2104 can perform monitoring and logging changes to a number of network endpoints, remote procedure calls (RPC), gRPC, APIs, memory locations, storage locations, or several named machine states on devices, time of day, bandwidth, user access and authentication, resource requests, and access to other hosted or proxied services.); wherein the encapsulating, by the virtual block device, the IO access request into the RPC request for performing the RPC calling for the target data resources in response to the IO access request comprises: in response to the IO read request, encapsulating the IO read request into the RPC read request for reading the RPC response(US 20210117242, Van De Groenedaal, para. 00343 and 0344: [0343]- At (13), completed requests can be enqueued, such as traditional LAN, RDMA, NVMe or service requires for RPC or Message processing. [0344]- A memory access to a remote memory pool may require encapsulating the access into a message request to be processed in the Transmit path.). In regards to claim 11, Van De Groenedaal teaches a cross-security-region resource access apparatus in a cloud computing system, wherein the cloud computing system comprises at least one computing node device in a user security region(US 20210117242, Van De Groenedaal, para. 0107 and 0140: [0107]- FIG. 11 illustrates operational layers among endpoints, an edge cloud, and cloud computing environments. Specifically, FIG. 11 depicts examples of computational use cases 1105, utilizing the edge cloud 1010 among multiple illustrative layers of network computing.[0140]- one or more servers of the software distribution platform 1505 are communicatively connected to one or more security domains and/or security devices through which requests and transmissions of the example computer readable instructions 1550 must pass.); the computer computing node device comprises at least one virtual node and a remote procedure call protocol (RPC} calling server program simulated by a virtio protocol-based block(BLK) service(US 20210117242, Van De Groenedaal, para. 0360, an RPC request for a microservice/service. The Application can be hosted in a variety of environments such as serverless, containers, VMs, container-in-VM, bare metal, etc. An RPC is an example of a type of Service or function call, and can include other methods such as SOAP (Simple Object Access Protocol), REST (representational state transfer), gRPC, GraphQL, Thrift, JSON-RPC, HTTP, OpenAPI, etc.); the virtual node comprises a virtual block device simulated by a front-end driver of the virtio protocol-based BLK service and taken as an RPC calling client(US 20210117242, Van De Groenedaal, para. 0360, an RPC request for a microservice/service. The Application can be hosted in a variety of environments such as serverless, containers, VMs, container-in-VM, bare metal, etc. An RPC is an example of a type of Service or function call, and can include other methods such as SOAP (Simple Object Access Protocol), REST (representational state transfer), gRPC, GraphQL, Thrift, JSON-RPC, HTTP, OpenAPI, etc.); the virtual block device comprises a simulated RPC channel with the RPC calling server program (US 20220086226, Jain, para. 0026, 0079 and 0081: [0026]- Various examples described herein can perform an application composed of microservices, where a microservice runs in its own process and communicates using protocols (e.g., application program interface (API), a Hypertext Transfer Protocol (HTTP) resource API, message service, remote procedure calls (RPC), or Google RPC (gRPC)) [0079]- entity 1202 can include a virtualized execution environment (virtual environment), serverless application, or microservice(s) executed in a guest environment that shares usage of the hardware resources. In some examples, entity 1202 can execute in a bare metal environment whereby entity 1202 and emulated device interface 1204 can utilize hardware resources[0081]- on behalf of entity 1202, emulated device 1204 can access a region of memory as though the region of memory is a device. Examples of emulated device 1204 can include a VMware environment VMXNET3, Non-volatile memory express (NVMe)), Linux environments using virtio devices (e.g., virtio-net, virtio-blk, virtio-scsi),); the apparatus comprises: a processor(US 20210117242, Van De Groenedaal, para. 0058, the data center 100 may be embodied as a single pod. As described in more detail herein, each rack houses multiple nodes, some of which may be equipped with one or more type of resources (e.g., memory devices, data storage devices, accelerator devices, general purpose processors).); anda memory, configured to store processor executable instructions(US 20210117242, Van De Groenedaal, para. 0058, As described in more detail herein, each rack houses multiple nodes, some of which may be equipped with one or more type of resources (e.g., memory devices, data storage devices, accelerator devices, general purpose processors).);wherein the processor, when running the processor executable instructions(US 20210117242, Van De Groenedaal, para. 0141, the computer readable instructions 1550 are stored on storage devices of the software distribution platform 1505 in a particular format. A format of computer readable instructions includes, but is not limited to a particular code language (e.g., Java, JavaScript, Python, C, C#, SQL, HTML, etc.), and/or a particular code state (e.g., uncompiled code (e.g., ASCII), interpreted code, linked code, executable code (e.g., a binary), etc.)), is configured for the virtual block device to:a receiving module, configured for the virtual block device to receive an input/output (IO} access request triggered by a business application installed on the virtual node(US 20220086226, Jain, para. 0081, on behalf of entity 1202, emulated device 1204 can access[i.e. note: Input/output] a region of memory as though the region of memory is a device. Examples of emulated device 1204 can include a VMware environment VMXNET3, Non-volatile memory express (NVMe)), Linux environments using virtio devices (e.g., virtio-net, virtio-blk, virtio-scsi)); wherein the IO access request is used to perform IO access for target data resources in a resource security region(US 20210117242, Van De Groenedaal, para. 0207, pointer overruns or wild, flat accesses can be cut off through IPU based indirection-reflection policies. These policies can also be used for enforcing security access policies and intrusion detection of accesses to restricted areas, excessive resource (bandwidth, storage) usage, access to un-authorized services/data, authentication failures, activity during unusual times, geographical location, access patters (e.g. probing, scanning)); the user security region and the resource security region are isolated from each other(US 20210117242, Van De Groenedaal, para. 0438, Example 10 includes any example, wherein the circuitry to expose infrastructure services to be accessed by microservices for function composition is to perform security infrastructure services, wherein security infrastructure services include one or more of:… security-hub functions for inter-XPU confidentiality, and identity and information isolation, brokering data visibility between multiple clients for cooperative processing, enforcement of security policies and services including access control lists); and an access module, configured for the virtual block device to encapsulate the IO access request into an RPC request for performing an RPC calling for the target data resources in response to the IO access request, and send the RPC request to the RPC calling server program through the RPC channel, so that the RPC calling server program initiates a cross-security-region RPC calling for the target data resources based on the RPC request(US 20210117242, Van De Groenedaal, para. 0193 and 0344: [0193]- Secure resource manager 2100 can include event logging 2104 to perform logging of low level events from platform hardware, system on a chip (SoC) components, VMMs, or higher system events such as, but not limited to RPC calls, QoS violations, user login, and policy changes. Event logging 2104 can perform monitoring and logging changes to a number of network endpoints, remote procedure calls (RPC), gRPC, APIs, memory locations, storage locations, or several named machine states on devices, time of day, bandwidth, user access and authentication, resource requests, and access to other hosted or proxied services.[0344]- A memory access to a remote memory pool may require encapsulating the access into a message request to be processed in the Transmit path.). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Van De Groenedaal with the teaching of Jain because a user would have been motivated to use a emulation software device, taught by Jain, in order to provide virtualization improvement efficiencies to the system taught by Van De Groenedaal by enabling a host processors to be freed to perform other work(Jain, para. 0022) In regards to claim 14, Van De Groenedaal teaches a non-transitory computer readable storage medium, wherein a computer program is stored on the non-transitory computer readable storage medium, when the computer program is executed by a processor, wherein a cloud computing system comprises at least one computing node device in a user security region(US 20210117242, Van De Groenedaal, para. 0107 and 0140: [0107]- FIG. 11 illustrates operational layers among endpoints, an edge cloud, and cloud computing environments. Specifically, FIG. 11 depicts examples of computational use cases 1105, utilizing the edge cloud 1010 among multiple illustrative layers of network computing.[0140]- one or more servers of the software distribution platform 1505 are communicatively connected to one or more security domains and/or security devices through which requests and transmissions of the example computer readable instructions 1550 must pass.); the computing node device comprises at least one virtual node and a remote procedure call protocol (RPC) calling server program simulated by a virtio protocol-based block (BLK) service(US 20210117242, Van De Groenedaal, para. 0360, an RPC request for a microservice/service. The Application can be hosted in a variety of environments such as serverless, containers, VMs, container-in-VM, bare metal, etc. An RPC is an example of a type of Service or function call, and can include other methods such as SOAP (Simple Object Access Protocol), REST (representational state transfer), gRPC, GraphQL, Thrift, JSON-RPC, HTTP, OpenAPI, etc.); the virtual node comprises a virtual block device simulated by a front-end driver of the virtio protocol-based BLK service and taken as an RPC calling client(US 20210117242, Van De Groenedaal, para. 0360, an RPC request for a microservice/service. The Application can be hosted in a variety of environments such as serverless, containers, VMs, container-in-VM, bare metal, etc. An RPC is an example of a type of Service or function call, and can include other methods such as SOAP (Simple Object Access Protocol), REST (representational state transfer), gRPC, GraphQL, Thrift, JSON-RPC, HTTP, OpenAPI, etc.); wherein the IO access request is used to perform IO access for target data resources in a resource security region(US 20210117242, Van De Groenedaal, para. 0207, pointer overruns or wild, flat accesses can be cut off through IPU based indirection-reflection policies. These policies can also be used for enforcing security access policies and intrusion detection of accesses to restricted areas, excessive resource (bandwidth, storage) usage, access to un-authorized services/data, authentication failures, activity during unusual times, geographical location, access patters (e.g. probing, scanning)); the user security region and the resource security region are isolated from each other(US 20210117242, Van De Groenedaal, para. 0438, Example 10 includes any example, wherein the circuitry to expose infrastructure services to be accessed by microservices for function composition is to perform security infrastructure services, wherein security infrastructure services include one or more of:… security-hub functions for inter-XPU confidentiality, and identity and information isolation, brokering data visibility between multiple clients for cooperative processing, enforcement of security policies and services including access control lists); and encapsulating the IO access request into an RPC request for performing an RPC calling for the target data resources in response to the IO access request, and sending the RPC request to the RPC calling server program through the RPC channel, so that the RPC calling server program initiates a cross-security-region RPC calling for the target data resources based on the RPC request(US 20210117242, Van De Groenedaal, para. 0193 and 0344: [0193]- Secure resource manager 2100 can include event logging 2104 to perform logging of low level events from platform hardware, system on a chip (SoC) components, VMMs, or higher system events such as, but not limited to RPC calls, QoS violations, user login, and policy changes. Event logging 2104 can perform monitoring and logging changes to a number of network endpoints, remote procedure calls (RPC), gRPC, APIs, memory locations, storage locations, or several named machine states on devices, time of day, bandwidth, user access and authentication, resource requests, and access to other hosted or proxied services.[0344]- A memory access to a remote memory pool may require encapsulating the access into a message request to be processed in the Transmit path.); Van De Groenedaal does not teach the virtual block device comprises a simulated RPC channel with the RPC calling server program;wherein the processor, when running the computer program, is configured for the virtual block device to perform the following operations:receiving an input/output (IO) access request triggered by a business application installed on the virtual node However, Jain teaches the virtual block device comprises a simulated RPC channel with the RPC calling server program(US 20220086226, Jain, para. 0026, 0079 and 0081: [0026]- Various examples described herein can perform an application composed of microservices, where a microservice runs in its own process and communicates using protocols (e.g., application program interface (API), a Hypertext Transfer Protocol (HTTP) resource API, message service, remote procedure calls (RPC), or Google RPC (gRPC)) [0079]- entity 1202 can include a virtualized execution environment (virtual environment), serverless application, or microservice(s) executed in a guest environment that shares usage of the hardware resources. In some examples, entity 1202 can execute in a bare metal environment whereby entity 1202 and emulated device interface 1204 can utilize hardware resources[0081]- on behalf of entity 1202, emulated device 1204 can access a region of memory as though the region of memory is a device. Examples of emulated device 1204 can include a VMware environment VMXNET3, Non-volatile memory express (NVMe)), Linux environments using virtio devices (e.g., virtio-net, virtio-blk, virtio-scsi),);wherein the processor, when running the computer program, is configured for the virtual block device to perform the following operations:receiving an input/output (IO) access request triggered by a business application installed on the virtual node(US 20220086226, Jain, para. 0081, on behalf of entity 1202, emulated device 1204 can access[i.e. note: Input/output] a region of memory as though the region of memory is a device. Examples of emulated device 1204 can include a VMware environment VMXNET3, Non-volatile memory express (NVMe)), Linux environments using virtio devices (e.g., virtio-net, virtio-blk, virtio-scsi)). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Van De Groenedaal with the teaching of Jain because a user would have been motivated to use a emulation software device, taught by Jain, in order to provide virtualization improvement efficiencies to the system taught by Van De Groenedaal by enabling a host processors to be freed to perform other work(Jain, para. 0022) In regards to claim 15, the combination of Van De Groenedaal and Jain teach the cross-security-region resource access apparatus according to claim 11, wherein the IO access request comprises an IO write request for the virtual block device(US 20220086226, Jain, para. 0087, Referring to network interface device 1250, compute complex 1270 can post a translated descriptor (e.g., using Adaptive Virtual Function (AVF)) to one or more of: emulated device 1204 and host interface 1260, endpoint 1262, packet processing pipeline 1264, and/or MAC/PHY 1266. In some examples, a translated descriptor can include an address (e.g., virtual or physical address) of a buffer in host memory from which to read data or to which to write data.); the RPC request comprises an "RPC request" request(US 20210117242, Van De Groenedaal, para. 0360, Referring to FIG. 34A, at (1), an RPC request for a microservice/service.); wherein the IO write request comprises a calling parameter related to the RPC calling performed for the target data resources(US 20210117242, Van De Groenedaal, para. 0190, An IPU can be linked to some or every xPU in a server, have full access to memory, and can call other xPUs on other servers via a fabric or network in addition to bridging between xPUs. The IPU can also provide platform multi-tenant virtualization services to provide at least some customers with individual control of services such as power tuning options, device management, and service offloads.); wherein the processor is configured for the virtual block device to: write the calling parameter in the IO write request into a logical storage space of the virtual block device in response to the IO access request(US 20210117242, Van De Groenedaal, para. 0306, the IPU Local Control Plane can set Security parameters (e.g., Policy, Resource, Actions) for one or more resources controlled by the IPU. Security parameters can include one or more of data encryption policy at rest, inflight, in-use attestation requirements for services and platforms, key management and user identity, access policies, isolation, regulatory restrictions.); and in response to successful writing of the calling parameter into the logical storage space of the virtual block device, return a successful writing response message corresponding to the IO write request to the business application installed on the virtual node(US 20210117242, Van De Groenedaal, para. 0106, central office network management hardware may be replaced with standardized compute hardware that performs virtualized network functions and offers compute resources for the execution of services and consumer functions for connected devices. Alternatively, an arrangement with hardware combined with virtualized functions, commonly referred to as a hybrid arrangement may also be successfully implemented.); encapsulate the calling parameter stored in the logical storage space to generate the "RPC request" for performing the RPC calling for the target data resources(US 20210117242, Van De Groenedaal, para. 0344, A memory access to a remote memory pool may require encapsulating the access into a message request to be processed in the Transmit path.). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Van De Groenedaal with the teaching of Jain because a user would have been motivated to use a emulation software device, taught by Jain, in order to provide virtualization improvement efficiencies to the system taught by Van De Groenedaal by enabling a host processors to be freed to perform other work(Jain, para. 0022) In regards to claim 16, the combination of Van De Groenedaal and Jain teach the cross-security-region resource access apparatus according to claim 15, wherein the IO access request further comprises an IO read request for the virtual block device(US 20210117242, Van De Groenedaal, para. 0131, The virtual edge instances 1432, 1434 are distributed among the edge nodes 1422, 1424, and may include scenarios in which a request and response are fulfilled from the same or different edge nodes.); the RPC request comprises an RPC read request for reading an RPC response(US 20210117242, Van De Groenedaal, para. 0193, Event logging 2104 can perform monitoring and logging changes to a number of network endpoints, remote procedure calls (RPC), gRPC, APIs, memory locations, storage locations, or several named machine states on devices, time of day, bandwidth, user access and authentication, resource requests, and access to other hosted or proxied services.);wherein the processor is configured for the virtual block device to:in response to the IO read request, encapsulate the IO read request into the RPC read request for reading the RPC response(US 20210117242, Van De Groenedaal, para. 00343 and 0344: [0343]- At (13), completed requests can be enqueued, such as traditional LAN, RDMA, NVMe or service requires for RPC or Message processing. [0344]- A memory access to a remote memory pool may require encapsulating the access into a message request to be processed in the Transmit path.). 2.) Claims 4 and 17 are rejected under 35 U.S.C. 103 as being unpatentable over US 20210117242, Van De Groenedaal in view of US 20220086226, Jain and further in view of US 20040078520, Don In regards to claim 4, the combination of Van De Groenedaal and Jain teach the method according to claim 3, the control command comprises an encapsulation command(US 20210117242, Van De Groenedaal, para. 0344, A memory access to a remote memory pool may require encapsulating the access into a message request to be processed in the Transmit path.); the encapsulating the calling parameter stored in the logical storage space to generate the "RPC request" for performing the RPC calling for the target data resources comprises: executing the encapsulation command in the command queue to encapsulate the calling parameter stored in the logical storage space to generate the "RPC request" for performing the RPC calling for the target data resources(US 20210117242, Van De Groenedaal, para. 00343 and 0344: [0343]- At (13), completed requests can be enqueued, such as traditional LAN, RDMA, NVMe or service requires for RPC or Message processing. [0344]- A memory access to a remote memory pool may require encapsulating the access into a message request to be processed in the Transmit path.); the encapsulating the IO read request into the RPC read request for reading the RPC response comprises: executing the encapsulation command in the command queue to encapsulate the IO read request into the RPC read request for reading the RPC response(US 20210117242, Van De Groenedaal, para. 0344, A memory access to a remote memory pool may require encapsulating the access into a message request to be processed in the Transmit path.); the combination of Van De Groenedaal and Jain do not teach wherein the logical storage space of the virtual block device comprises a first logical storage subspace for carrying a command queue(US 20040078520, Don, para. 0025, As a sequence related to a specific command terminates, it determines whether another command is present in a start command queue assigned to that specific logical storage device.); the first logical storage subspace comprises a pre-created command queue(US 20040078520, Don, para. 0029, Each command queue receives commands from the host processor directed to a corresponding logical storage device.); a control command to be executed is maintained in the command queue(US 20040078520, Don, para. 0029, Each command queue receives commands from the host processor directed to a corresponding logical storage device.) However, Don teaches wherein the logical storage space of the virtual block device comprises a first logical storage subspace for carrying a command queue(US 20040078520, Don, para. 0025, As a sequence related to a specific command terminates, it determines whether another command is present in a start command queue assigned to that specific logical storage device.); the first logical storage subspace comprises a pre-created command queue(US 20040078520, Don, para. 0029, Each command queue receives commands from the host processor directed to a corresponding logical storage device.); a control command to be executed is maintained in the command queue(US 20040078520, Don, para. 0029, Each command queue receives commands from the host processor directed to a corresponding logical storage device.). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Van De Groenedaal and Jain with the teaching of Don because a user would have been motivated to provide operating modes for disk array storage devices, taught by Don, in order to enhance operation of host applications on the system taught by the combination of combination of Van De Groenedaal and Jain(Don, para. 0009) In regards to claim 17, the combination of Van De Groenedaal and Jain teach the cross-security-region resource access apparatus according to claim 16, the control command comprises an encapsulation command(US 20210117242, Van De Groenedaal, para. 0344, A memory access to a remote memory pool may require encapsulating the access into a message request to be processed in the Transmit path.);wherein the processor is configured for the virtual block device to:execute the encapsulation command in the command queue to encapsulate the calling parameter stored in the logical storage space to generate the "RPC request" for performing the RPC calling for the target data resources(US 20210117242, Van De Groenedaal, para. 00343 and 0344: [0343]- At (13), completed requests can be enqueued, such as traditional LAN, RDMA, NVMe or service requires for RPC or Message processing. [0344]- A memory access to a remote memory pool may require encapsulating the access into a message request to be processed in the Transmit path.);execute the encapsulation command in the command queue to encapsulate the IO read request into the RPC read request for reading the RPC response(US 20210117242, Van De Groenedaal, para. 0344, A memory access to a remote memory pool may require encapsulating the access into a message request to be processed in the Transmit path.); the combination of Van De Groenedaal and Jain do not teach wherein the logical storage space of the virtual block device comprises a first logical storage subspace for carrying a command queue; the first logical storage subspace comprises a pre-created command queue; a control command to be executed is maintained in the command queue; However, Don teaches wherein the logical storage space of the virtual block device comprises a first logical storage subspace for carrying a command queue(US 20040078520, Don, para. 0025, As a sequence related to a specific command terminates, it determines whether another command is present in a start command queue assigned to that specific logical storage device.); the first logical storage subspace comprises a pre-created command queue(US 20040078520, Don, para. 0029, Each command queue receives commands from the host processor directed to a corresponding logical storage device.); a control command to be executed is maintained in the command queue(US 20040078520, Don, para. 0029, Each command queue receives commands from the host processor directed to a corresponding logical storage device.). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Van De Groenedaal and Jain with the teaching of Don because a user would have been motivated to provide operating modes for disk array storage devices, taught by Don, in order to enhance operation of host applications on the system taught by the combination of combination of Van De Groenedaal and Jain(Don, para. 0009) 3.) Claims 5 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over US 20210117242, Van De Groenedaal in view of US 20220086226, Jain and further in view of US 20040078520, Don and further in view of US 20120150916, Anilson In regards to claim 5, the combination of Van De Groenedaal, Jain and Don teach the method according to claim 4, wherein the logical storage space of the virtual block device further comprises a second logical storage subspace for carrying a data queue(US 20040078520, Don, para. 0029, FIG. 2 also depicts a plurality of command queues 45. Each command queue receives commands from the host processor directed to a corresponding logical storage device.); the RPC channel comprises the data queue dynamically created in the second logical storage subspace by executing the control command(US 20210117242, Van De Groenedaal, para. 00343 and 0344: [0343]- At (13), completed requests can be enqueued, such as traditional LAN, RDMA, NVMe or service requires for RPC or Message processing. [0344]- A memory access to a remote memory pool may require encapsulating the access into a message request to be processed in the Transmit path.);before the sending the RPC request to the RPC calling server program through the RPC channel, the method further comprises:executing the creation command in the command queue to dynamically create a data channel for the business application in the second logical storage subspace(US 20210117242, Van De Groenedaal, para. 0133, Accordingly, the respective RoTs spanning devices 1410, 1422, and 1440 may coordinate the establishment of a distributed trusted computing base (DTCB) such that a tenant-specific virtual trusted secure channel linking all elements end to end can be established.); the combination of Van De Groenedaal, Jain and Don do not teach the control command further comprises a creation command for dynamically creating the data queue However, Anilson teaches the control command further comprises a creation command for dynamically creating the data queue (US 20120150916, Anilson, para. 0020, If the request is to PUT data to the queue, then decision 316 branches to "PUT" branch whereupon, at step 320, alternate queue data structure 325 is dynamically created and, at step 330, the data entry (e.g., a message, etc.) is stored (PUT) to alternate queue data structure 325.). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Van De Groenedaal, Jain and Don with the teaching of Anilson because a user would have been motivated to use dynamic queue creation, taught by Anilson, in order to prevent downtime for the system taught by the combination of Van De Groenedaal, Jain and Don(Anilson, para. 0020) In regards to claim 18, the combination of Van De Groenedaal, Jain and Don teach the cross-security-region resource access apparatus according to claim 17, wherein the logical storage space of the virtual block device further comprises a second logical storage subspace for carrying a data queue(US 20040078520, Don, para. 0029, FIG. 2 also depicts a plurality of command queues 45. Each command queue receives commands from the host processor directed to a corresponding logical storage device.); the RPC channel comprises the data queue dynamically created in the second logical storage subspace by executing the control command(US 20210117242, Van De Groenedaal, para. 00343 and 0344: [0343]- At (13), completed requests can be enqueued, such as traditional LAN, RDMA, NVMe or service requires for RPC or Message processing. [0344]- A memory access to a remote memory pool may require encapsulating the access into a message request to be processed in the Transmit path.); wherein the processor is configured for the virtual block device to: execute the creation command in the command queue to dynamically create a data channel for the business application in the second logical storage subspace(US 20210117242, Van De Groenedaal, para. 0133, Accordingly, the respective RoTs spanning devices 1410, 1422, and 1440 may coordinate the establishment of a distributed trusted computing base (DTCB) such that a tenant-specific virtual trusted secure channel linking all elements end to end can be established.) the combination of Van De Groenedaal, Jain and Don do not teach the control command further comprises a creation command for dynamically creating the data queue However, Anilson teaches the control command further comprises a creation command for dynamically creating the data queue (US 20120150916, Anilson, para. 0020, If the request is to PUT data to the queue, then decision 316 branches to "PUT" branch whereupon, at step 320, alternate queue data structure 325 is dynamically created and, at step 330, the data entry (e.g., a message, etc.) is stored (PUT) to alternate queue data structure 325.). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Van De Groenedaal, Jain and Don with the teaching of Anilson because a user would have been motivated to use dynamic queue creation, taught by Anilson, in order to prevent downtime for the system taught by the combination of Van De Groenedaal, Jain and Don(Anilson, para. 0020) 4.) Claims 6, 7, 19 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over US 20210117242, Van De Groenedaal in view of US 20220086226, Jain and further in view of US 20040078520, Don and further in view of US 20120150916, Anilson and further in view of US 20200293465, Yang In regards to claim 6, the combination of Van De Groenedaal, Jain, Don and Anilson teach the method according to claim 5, wherein the data queue comprises a number of logical storage units(US 20040078520, Don, para. 0025, As a sequence related to a specific command terminates, it determines whether another command is present in a start command queue assigned to that specific logical storage device.); sending the RPC read request to the RPC calling server program through the RPC channel(US 20210117242, Van De Groenedaal, para. 0344, A memory access to a remote memory pool may require encapsulating the access into a message request to be processed in the Transmit path.); and writing the RPC read request into the target logical storage unit for associated storage with the "RPC request" request(US 20220086226, Jain, para. 0087, Referring to network interface device 1250, compute complex 1270 can post a translated descriptor (e.g., using Adaptive Virtual Function (AVF)) to one or more of: emulated device 1204 and host interface 1260, endpoint 1262, packet processing pipeline 1264, and/or MAC/PHY 1266. In some examples, a translated descriptor can include an address (e.g., virtual or physical address) of a buffer in host memory from which to read data or to which to write data.), so that the RPC calling server program reads an RPC read request in associated storage with the "RPC request" request from the target logical storage unit in the data queue(US 20210117242, Van De Groenedaal, para. 0344, A memory access to a remote memory pool may require encapsulating the access into a message request to be processed in the Transmit path.) the combination of Van De Groenedaal, Jain, Don and Anilson do not teach the sending the "RPC request" request to the RPC calling server program through the RPC channel comprises: allocating an idle target logical storage unit to the "RPC request" request from the data queue, and writing the "RPC request" request into the target logical storage unit, so that the RPC calling server program reads the "RPC request" request from the target logical storage unit in the data queue However, Yang teaches teach the sending the "RPC request" request to the RPC calling server program through the RPC channel comprises: allocating an idle target logical storage unit to the "RPC request" request from the data queue, and writing the "RPC request" request into the target logical storage unit, so that the RPC calling server program reads the "RPC request" request from the target logical storage unit in the data queue (US 20200293465, Yang, para. 0046, The library can provide the following functionality: …(4) facilities to stack block devices to create complex I/O pipelines, including logical volume management (lvol) and partition support (GPT); (5) configuration of block devices via JSON-RPC; (6) request queueing, timeout, and reset handling; or (7) multiple, lockless queues for sending I/O to block devices). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Van De Groenedaal, Jain, Don and Anilson with the teaching of Yang because a user would have been motivated to use a multi-transport layer poller, taught by Yang, to poll for commands over multiple transport protocols in the system taught by the combination of Van De Groenedaal, Jain, Don and Anilson in order to insure a certain quality of service(Yang, para. 0025) In regards to claim 7, the combination of Van De Groenedaal, Jain, Don, Anilson and Yang teach the method according to claim 6, wherein the writing the "RPC request" request into the target logical storage unit comprises: writing the "RPC request" request into an RPC context created in the target logical storage unit(US 20200293465, Yang, para. 0046, (3) an application API for enumerating and claiming SPDK block devices and then performing operations (read, write, unmap, etc.) on those devices; (4) facilities to stack block devices to create complex I/O pipelines, including logical volume management (lvol) and partition support (GPT); (5) configuration of block devices via JSON-RPC;); the writing the RPC read request into the target logical storage unit for associated storage with the "RPC request" request comprises: writing the RPC read request into the RPC context created in the target logical storage unit, and performing associated storage with the "RPC request" request in the RPC context(US 20200293465, Yang, para. 0046, (3) an application API for enumerating and claiming SPDK block devices and then performing operations (read, write, unmap, etc.) on those devices; (4) facilities to stack block devices to create complex I/O pipelines, including logical volume management (lvol) and partition support (GPT); (5) configuration of block devices via JSON-RPC;). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Van De Groenedaal, Jain, Don and Anilson with the teaching of Yang because a user would have been motivated to use a multi-transport layer poller, taught by Yang, to poll for commands over multiple transport protocols in the system taught by the combination of Van De Groenedaal, Jain, Don and Anilson in order to insure a certain quality of service(Yang, para. 0025) In regards to claim 19, the combination of Van De Groenedaal, Jain, Don, and Anilson teach the cross-security-region resource access apparatus according to claim 18, wherein the data queue comprises a number of logical storage units(US 20040078520, Don, para. 0025, As a sequence related to a specific command terminates, it determines whether another command is present in a start command queue assigned to that specific logical storage device.); send the RPC read request to the RPC calling server program through the RPC channel(US 20210117242, Van De Groenedaal, para. 0344, A memory access to a remote memory pool may require encapsulating the access into a message request to be processed in the Transmit path.); and write the RPC read request into the target logical storage unit for associated storage with the "RPC request" request, so that the RPC calling server program reads an RPC read request in associated storage with the "RPC request" request from the target logical storage unit in the data queue(US 20210117242, Van De Groenedaal, para. 0344, A memory access to a remote memory pool may require encapsulating the access into a message request to be processed in the Transmit path.); the combination of Van De Groenedaal, Jain, Don, and Anilson do not teach wherein the processor is configured for the virtual block device to: allocate an idle target logical storage unit to the "RPC request" request from the data queue, and write the "RPC request" request into the target logical storage unit, so that the RPC calling server program reads the "RPC request" request from the target logical storage unit in the data queue However, Yang teaches teach wherein the processor is configured for the virtual block device to: allocate an idle target logical storage unit to the "RPC request" request from the data queue, and write the "RPC request" request into the target logical storage unit, so that the RPC calling server program reads the "RPC request" request from the target logical storage unit in the data queue (US 20200293465, Yang, para. 0046, The library can provide the following functionality: …(4) facilities to stack block devices to create complex I/O pipelines, including logical volume management (lvol) and partition support (GPT); (5) configuration of block devices via JSON-RPC; (6) request queueing, timeout, and reset handling; or (7) multiple, lockless queues for sending I/O to block devices). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Van De Groenedaal, Jain, Don and Anilson with the teaching of Yang because a user would have been motivated to use a multi-transport layer poller, taught by Yang, to poll for commands over multiple transport protocols in the system taught by the combination of Van De Groenedaal, Jain, Don and Anilson in order to insure a certain quality of service(Yang, para. 0025) In regards to claim 20, the combination of Van De Groenedaal, Jain, Don, Anilson and Yang teach the cross-security-region resource access apparatus according to claim 19, wherein the processor is configured for the virtual block device to: write the "RPC request" request into an RPC context created in the target logical storage unit(US 20200293465, Yang, para. 0046, (3) an application API for enumerating and claiming SPDK block devices and then performing operations (read, write, unmap, etc.) on those devices; (4) facilities to stack block devices to create complex I/O pipelines, including logical volume management (lvol) and partition support (GPT); (5) configuration of block devices via JSON-RPC;); write the RPC read request into the RPC context created in the target logical storage unit, and perform associated storage with the "RPC request" request in the RPC context(US 20200293465, Yang, para. 0046, (3) an application API for enumerating and claiming SPDK block devices and then performing operations (read, write, unmap, etc.) on those devices; (4) facilities to stack block devices to create complex I/O pipelines, including logical volume management (lvol) and partition support (GPT); (5) configuration of block devices via JSON-RPC;). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Van De Groenedaal, Jain, Don and Anilson with the teaching of Yang because a user would have been motivated to use a multi-transport layer poller, taught by Yang, to poll for commands over multiple transport protocols in the system taught by the combination of Van De Groenedaal, Jain, Don and Anilson in order to insure a certain quality of service(Yang, para. 0025) 5.) Claims 8 and 21 are rejected under 35 U.S.C. 103 as being unpatentable over US 20210117242, Van De Groenedaal in view of US 20220086226, Jain and further in view of US 20040078520, Don and further in view of US 20120150916, Anilson and further in view of US 20200293465, Yang and further in view of US 10141967, Mitra In regards to claim 8, the combination of Van De Groenedaal, Jain, Don, Anilson and Yang teach the method according to claim 6, wherein the cloud computing system further comprises a resource service program in the resource security region; the computer computing node device further comprises a resource access agent program corresponding to the at least one virtual node(US 20210117242, Van De Groenedaal, para. 0131, In the example of FIG. 14, these virtual edge instances include: a first virtual edge 1432, offered to a first tenant (Tenant 1), which offers a first combination of edge storage, computing, and services; and a second virtual edge 1434, offering a second combination of edge storage, computing, and services. The virtual edge instances 1432, 1434 are distributed among the edge nodes 1422, 1424, and may include scenarios in which a request and response are fulfilled from the same or different edge nodes.);the initiating, by the RPC calling server program, the cross-security-region RPC calling for the target data resources based on the RPC request(US 20210117242, Van De Groenedaal, para. 0193, Event logging 2104 can perform monitoring and logging changes to a number of network endpoints, remote procedure calls (RPC), gRPC, APIs, memory locations, storage locations, or several named machine states on devices, time of day, bandwidth, user access and authentication, resource requests, and access to other hosted or proxied services. Logging of security events into a secure, signatured database with hardware timestamps and auditable signatures.) comprises:in response to the "RPC request" request read from the target logical storage unit, submitting, by the RPC calling server program, the "RPC request" request to the resource access agent program to enable the resource access agent program to further submit the "RPC request" request to the resource service program in the resource security region(US 20210117242, Van De Groenedaal, para. 0337 and 0343: [0337]- FIG. 33A depicts an example of an IPU data plane and operation. At (1), processing requests are enqueued, such as LAN, RDMA, NVMe or service requires for RPC or Message processing[0343]- At (12), requests can be scheduled based on variety of parameters such as tenant QoS, min/max/weight SLAs, priority, jitter, latency, earliest/latest processing time requirements. At (13), completed requests can be enqueued, such as traditional LAN, RDMA, NVMe or service requires for RPC or Message processing.), so that the resource service program executes the "RPC request" request and completes the cross-security-region RPC calling for the target data resources(US 20210117242, Van De Groenedaal, para. 0140 and 0360: [0140]- In some examples, one or more servers of the software distribution platform 1505 are communicatively connected to one or more security domains and/or security devices through which requests and transmissions of the example computer readable instructions 1550 must pass[0360]- Referring to FIG. 34A, at (1), an RPC request for a microservice/service. The Application can be hosted in a variety of environments such as serverless, containers, VMs, container-in-VM, bare metal, etc. An RPC is an example of a type of Service or function call,), and returns an RPC response generated by the RPC calling to the RPC calling server program through the resource access agent program(US 20210117242, Van De Groenedaal, para. 0376, At (8), IPU can use XPU completion to generate a return RPC response to Application. This bridges the behavior of XPUs and microservice RPC.); the combination of Van De Groenedaal, Jain, Don, Anilson and Yang do not teach in response to the RPC read request read from the target logical storage unit in associated storage with the "RPC request" request, further returning, by the RPC calling server program, the RPC response returned by the resource service program to the virtual block device, so that the virtual block device returns the RPC response to the business application However, Mitra teaches in response to the RPC read request read from the target logical storage unit in associated storage with the "RPC request" request, further returning, by the RPC calling server program, the RPC response returned by the resource service program to the virtual block device, so that the virtual block device returns the RPC response to the business application (US 10141967, Mitra, col. 8, line 64-col. 9, line 9, the virtual interface plugin 206 writes the decoded message data to the tunnel. At 318, the computing platform 104 reads the response message to the tunnel. In an example, the virtual interface manage 204 reads the decoded message data to the tunnel responsive to a request by the vehicle application 110 for data from the connection. At 320, the vehicle application 110 of the computing platform 104 receives the response message. Accordingly, the vehicle application 110 may utilize the network services of the connected mobile device via RPC, even if the requested network services are not natively supported by the mobile device 152. After operation 320 the process 300 ends.). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Van De Groenedaal, Jain, Don, Anilson and Yang with the teaching of Mitra because a user would have been motivated to use a packet sniffer, taught by Mitra, in order to provide improved connectivity for mobile device applications in the system taught by the combination of Van De Groenedaal, Jain, Don, Anilson and Yang(Mitra, col. 2, lines 36-56) In regards to claim 21, the combination of Van De Groenedaal, Jain, Don, Anilson and Yang teach the cross-security-region resource access apparatus according to claim 19, wherein the cloud computing system further comprises a resource service program in the resource security region; the computing node device further comprises a resource access agent program corresponding to the at least one virtual node(US 20210117242, Van De Groenedaal, para. 0131, In the example of FIG. 14, these virtual edge instances include: a first virtual edge 1432, offered to a first tenant (Tenant 1), which offers a first combination of edge storage, computing, and services; and a second virtual edge 1434, offering a second combination of edge storage, computing, and services. The virtual edge instances 1432, 1434 are distributed among the edge nodes 1422, 1424, and may include scenarios in which a request and response are fulfilled from the same or different edge nodes.); wherein the processor is configured for the RPC calling server program to: in response to the "RPC request" request read from the target logical storage unit, submit the "RPC request" request to the resource access agent program to enable the resource access agent program to further submit the "RPC request" request to the resource service program in the resource security region(US 20210117242, Van De Groenedaal, para. 0337 and 0343: [0337]- FIG. 33A depicts an example of an IPU data plane and operation. At (1), processing requests are enqueued, such as LAN, RDMA, NVMe or service requires for RPC or Message processing[0343]- At (12), requests can be scheduled based on variety of parameters such as tenant QoS, min/max/weight SLAs, priority, jitter, latency, earliest/latest processing time requirements. At (13), completed requests can be enqueued, such as traditional LAN, RDMA, NVMe or service requires for RPC or Message processing.), so that the resource service program executes the "RPC request" request and completes the cross-security-region RPC calling for the target data resources, and returns an RPC response generated by the RPC calling to the RPC calling server program through the resource access agent program(US 20210117242, Van De Groenedaal, para. 0140 and 0360: [0140]- In some examples, one or more servers of the software distribution platform 1505 are communicatively connected to one or more security domains and/or security devices through which requests and transmissions of the example computer readable instructions 1550 must pass[0360]- Referring to FIG. 34A, at (1), an RPC request for a microservice/service. The Application can be hosted in a variety of environments such as serverless, containers, VMs, container-in-VM, bare metal, etc. An RPC is an example of a type of Service or function call,); the combination of Van De Groenedaal, Jain, Don, Anilson and Yang do not teach in response to the RPC read request read from the target logical storage unit in associated storage with the "RPC request" request, further return the RPC response returned by the resource service program to the virtual block device, so that the virtual block device returns the RPC response to the business application However, Mitra teaches in response to the RPC read request read from the target logical storage unit in associated storage with the "RPC request" request, further return the RPC response returned by the resource service program to the virtual block device, so that the virtual block device returns the RPC response to the business application (US 10141967, Mitra, col. 8, line 64-col. 9, line 9, the virtual interface plugin 206 writes the decoded message data to the tunnel. At 318, the computing platform 104 reads the response message to the tunnel. In an example, the virtual interface manage 204 reads the decoded message data to the tunnel responsive to a request by the vehicle application 110 for data from the connection. At 320, the vehicle application 110 of the computing platform 104 receives the response message. Accordingly, the vehicle application 110 may utilize the network services of the connected mobile device via RPC, even if the requested network services are not natively supported by the mobile device 152. After operation 320 the process 300 ends.). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Van De Groenedaal, Jain, Don, Anilson and Yang with the teaching of Mitra because a user would have been motivated to use a packet sniffer, taught by Mitra, in order to provide improved connectivity for mobile device applications in the system taught by the combination of Van De Groenedaal, Jain, Don, Anilson and Yang(Mitra, col. 2, lines 36-56) 6.) Claims 9 and 22 are rejected under 35 U.S.C. 103 as being unpatentable over US 20210117242, Van De Groenedaal in view of US 20220086226, Jain and further in view of US 20040078520, Don and further in view of US 20120150916, Anilson and further in view of US 20200293465, Yang and further in view of US 10141967, Mitra and further in view of US 20210165701, Fujino In regards to claim 9, the combination of Van De Groenedaal, Jain, Don, Anilson, Yang and Mitra teach the method according to claim 8. The combination of Van De Groenedaal, Jain, Don, Anilson, Yang and Mitra do not teach further comprising: after returning the RPC response to the business application, deleting, by the virtual block device, the "RPC request" request and the RPC read request which are in associated storage with each other in the target logical storage unit, recycling and releasing the target logical storage unit as an idle logical storage unit However, Fujino teaches further comprising: after returning the RPC response to the business application, deleting, by the virtual block device, the "RPC request" request and the RPC read request which are in associated storage with each other in the target logical storage unit, recycling and releasing the target logical storage unit as an idle logical storage unit(US 20210165701, Fujino, para. 0121, the RPC gateway 10 deletes from the control authority management storage unit 13i information on the application 20a that is a requester provided with a control authority with respect to the controlled devices 30 (30a, 30b, 30c) (step Q6), and sends the application 20a that is a requester and has transmitted a control authority release request signal a response indicating that a control authority has been released (step Q7)). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Van De Groenedaal, Jain, Don, Anilson, Yang and Mitra with the teaching of Fujino because a user would have been motivated to apply a control authority means, taught by Fujino, in order to prevent a conflict in the simultaneous transmissions by RPCs in the system taught by the combination of Van De Groenedaal, Jain, Don, Anilson, Yang and Mitra(Fujino, para. 0019 and 0020) In regards to claim 22, the combination of Van De Groenedaal, Jain, Don, Anilson, Yang and Mitra teach the cross-security-region resource access apparatus according to claim 21. The combination of Van De Groenedaal, Jain, Don, Anilson, Yang and Mitra do not teach wherein the processor is configured for the virtual block device to:after returning the RPC response to the business application, delete the "RPC request" request and the RPC read request which are in associated storage with each other in the target logical storage unit, recycle and release the target logical storage unit as an idle logical storage unit However, Fujino teaches wherein the processor is configured for the virtual block device to:after returning the RPC response to the business application, delete the "RPC request" request and the RPC read request which are in associated storage with each other in the target logical storage unit, recycle and release the target logical storage unit as an idle logical storage unit (US 20210165701, Fujino, para. 0121, the RPC gateway 10 deletes from the control authority management storage unit 13i information on the application 20a that is a requester provided with a control authority with respect to the controlled devices 30 (30a, 30b, 30c) (step Q6), and sends the application 20a that is a requester and has transmitted a control authority release request signal a response indicating that a control authority has been released (step Q7)). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Van De Groenedaal, Jain, Don, Anilson, Yang and Mitra with the teaching of Fujino because a user would have been motivated to apply a control authority means, taught by Fujino, in order to prevent a conflict in the simultaneous transmissions by RPCs in the system taught by the combination of Van De Groenedaal, Jain, Don, Anilson, Yang and Mitra(Fujino, para. 0019 and 0020) 7.) Claim 10 is rejected under 35 U.S.C. 103 as being unpatentable over US 20210117242, Van De Groenedaal in view of US 20220086226, Jain and further in view of US 20040078520, Don and further in view of US 20120150916, Anilson and further in view of US 20090182930, Taguchi In regards to claim 10, the combination of Van De Groenedaal, Jain, Don, and Anilson teach the method according to claim 5. The combination of Van De Groenedaal, Jain, Don, and Anilson do not teach wherein the logical storage space of the virtual block device further comprises a third logical storage subspace for storing configuration information of the virtual block device; wherein the third logical storage subspace is a read-only storage space; the method further comprises: receiving, by the virtual block device, a configuration information read request triggered by the business application installed on the virtual node; reading, by the virtual block device, the configuration information of the virtual block device from the third logical storage subspace in response to the configuration information read request, and returning the read configuration information to the business application However, Taguchi teaches wherein the logical storage space of the virtual block device further comprises a third logical storage subspace for storing configuration information of the virtual block device(US 20090182930, Taguchi, para. 0214, The processing unit 580 of the management computer 500 also refers to the virtual storage system logical storage unit configuration information 5015 to specify all the logical storage units constituted by the virtual storage areas specified in the processing of Step S408); wherein the third logical storage subspace is a read-only storage space(US 20090182930, Taguchi, para. 0189, the storage controller 190 executes "overwrite with random data, overwrite with 1, and overwrite with 0" for the area indicated by the specified address based on the erasure processing condition.); the method further comprises: receiving, by the virtual block device, a configuration information read request triggered by the business application installed on the virtual node(US 20090182930, Taguchi, para. 0130, The virtual storage area provided by the virtual storage system 200 corresponds to the storage area (logical storage unit) provided by the storage system 100. Data is actually read from/written to the corresponding storage area. The virtual storage area configuration information 2015 stores the relation between the virtual storage area and the storage area provided by the storage system 100); reading, by the virtual block device, the configuration information of the virtual block device from the third logical storage subspace in response to the configuration information read request, and returning the read configuration information to the business application(US 20090182930, Taguchi, para. 0130, The virtual storage area provided by the virtual storage system 200 corresponds to the storage area (logical storage unit) provided by the storage system 100. Data is actually read from/written to the corresponding storage area. The virtual storage area configuration information 2015 stores the relation between the virtual storage area and the storage area provided by the storage system 100). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Van De Groenedaal, Jain, Don, and Anilson with the teaching of Taguchi because a user would have been motivated to enhance storage security in the system taught by the combination of Van De Groenedaal, Jain, Don, and Anilson by enabling repeated overwriting of stored data using dummy data as taught by Taguchi(Taguchi, para. 0009) CONCLUSION Any inquiry concerning this communication or earlier communications from the examiner should be directed to GREGORY LANE whose telephone number is (571)270-7469. The examiner can normally be reached on 571 270 7469 from 8:00 AM to 6:00 PM. If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, Taghi Arani, can be reached on 571 272 3787. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). /GREGORY A LANE/Examiner, Art Unit 2438 /TAGHI T ARANI/Supervisory Patent Examiner, Art Unit 2438