Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
1. This action is responsive to: an original application filed on 27 November 2024.
2. Claims 20-39 are currently pending and claim 20 is independent claims.
Information Disclosure Statement
3. The information disclosure statement (IDS) submitted on 27 November 2024; The submission is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.
Priority
4. Priority date claimed has been noted.
Drawings
5. The drawings filed on 27 November 2024 are accepted by the examiner.
Pre-Amendment
6. Preliminary amendment has been considered.
Double Patenting
7. The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the claims at issue are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); and In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on a nonstatutory double patenting ground provided the reference application or patent either is shown to be commonly owned with this application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).
The USPTO internet Web site contains terminal disclaimer forms which may be used. Please visit http://www.uspto.gov/forms/. The filing date of the application will determine what form should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to http://www.uspto.gov/patents /process/ file/efs/guidance /eTD-info-I.jsp.
Claims 20-39 are rejected under the grounds of non-statutory obviousness-type double patenting, as they are deemed unpatentable over claims 1-20 of US Patent No. 12183438. Although the conflicting claims are not identical, they are considered not patentably distinct from one another, as they convey the same inventive concept. Specifically, both sets of claims disclose a method for generating a generating execution context based on user request. Furthermore, it would have been obvious to one of ordinary skill in the art, at the time of the invention’s filing, to employ this approach to prevent and protect data access from unauthorized user/client, thereby rendering the claims unpatentable.
Claim Rejections - 35 USC § 103
8. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 20-39 are rejected under 35 U.S.C §103 as being unpatentable over Ahmad et al. (US Publication No. 20100115530), hereinafter Ross and in view of Ross et al. (US Patent No. 9465837), hereinafter Ross
Regarding claim 20:
A method for performing trusted computations performed by a system comprising a processor and a non-transitory computer-readable storage medium storing instructions that, when executed by the processor, cause the system to perform the method, the method comprising (Ahmad, abstract):
receiving, by an execution manager executing on the system, a request from a user to perform a computation using a sensitive data set (Ahmad, ¶23), wherein configured to allow application A1 to access application B1 of context B. When applications access other applications or information in a separate context, it is known as context switching. Each context within the computing environment 100 may accept requests to the information stored within the context. In response to the request, each context may allow certain applications outside of the context to access the information. For example, in a Java-based environment, a virtual machine (VM).
loading a first program associated with a first part of the computation into a first virtualized execution environment executing on the system (Ahmad, ¶20, 28), application B3 is the currently executing application 202. The stack frame 210 may also store information on which application a context was entered 214. The application in which a context was entered may be the application that was first called within a context.
loading a second program associated with a second part of the computation into a second virtualized execution environment executing on the system, the second virtualized execution environment being different than the first virtualized execution environment (Ahmad, ¶6,
generating, by the execution manager, first execution context for the first program and second execution context for the second program (Ahmad, ¶20, ¶6), wherein a request to communicate with a second application executing in a second execution context and creating a context-specific marker frame. The context-specific marker frame may be configured to store context-specific information about the request.
generating, using the first program, a first result to the first part of the computation based on the first execution context (Ahmad, ¶35), wherein, a first context-specific marker frame 410 may be created when an application enters a context or performs a context switch and stored on the stack 400. In this example, the computer program may call application B1. A context-specific marker frame 410 may be created that stores the information that the application through which the context was entered 412 is application B1 and the context in which the executing applications belong 414 is context B
generating, using the second program, a second result to the second part of the computation based on the second execution context (Ahmad, ¶5-6), wherein from a first application executing in a first execution context, a request to communicate with a second application executing in a second execution context and creating a context-specific marker frame.
generating, using a third program associated with a third part of the computation, a third result responsive to the request from the user based on the first result and the second result (Ahmad, 21-22).
Ahmad does not explicitly suggest, and sending, to a system associated with the user, the third result; however, in a same field of endeavor Ross teaches this limitation (Ross, col 22, lines 10-12).
It would have been obvious to one of ordinary skill in the art at the time the invention was filed to include the method of execution of applications of Ahmad with the method of result forwarding disclosed in Ross to prevent the untrusted process from transmitting data requests to the constraint-restricted portion of the schemaless datastore, stated by Ross at col 20, lines 45-63.
Regarding claim 21:
wherein the method further comprises loading the third program into a third virtualized execution environment executing on the system (Ahmad, ¶6).
Regarding claim 22:
wherein the method further comprises generating, by the execution manager, third execution context for the third program (Ahmad, ¶5-6).
Regarding claim 23:
whether generating the third result is based on the third execution context (Ahmad, ¶16).
Regarding claim 24:
Ahmad does not explicitly suggest, wherein the method further comprises: receiving, by the execution manager from the third program, the third result, wherein sending the third result to the system associated with the user comprises sending the third result from the execution manager; however, in a same field of endeavor Ross teaches this limitation (Ross, col 22, lines 1-12).
Same motivation for combining the respective features of Ahmad and Ross applies herein, as discussed in the rejection of claim 1.
Regarding claim 25:
wherein the first part of the computation and the second part of the computation each comprise the same sub-computation (Ahmad, ¶49-50).
Regarding claim 26:
wherein one or more of the first part of the computation and the second part of the computation comprises a data screening operation (Ahmad, ¶18).
Regarding claim 27:
wherein the first part of the computation is associated with first information of the sensitive data set associated with a first stakeholder and the second part of the computation is associated with second information of the sensitive data set associated with a second stakeholder (Ahmad, ¶24-25).
Regarding claim 28:
wherein at least one of the first virtualized execution environment and the second virtualized execution environment comprises a limited execution environment (Ahmad, ¶20).
Regarding claim 29:
wherein at least one of the first virtualized execution environment and the second virtualized execution environment is associated with a different address space than a data store associated with the sensitive data set (Ahmad, ¶2).
Regarding claim 20:
wherein the sensitive data set is associated with a local data store (Ahmad, Fig.4)
Regarding claim 31:
wherein the sensitive data set is associated with one or more distributed data stores (Ahmad, ¶25).
Regarding claim 32:
wherein the request from the user comprises a request to access the sensitive data set (Ahmad, ¶25).
Regarding claim 33:
where at least one of the first execution context and the second execution context comprises a mapping between a first set of identifiers and a second set of identifiers (Ahmad, ¶44).
Regarding claim 34:
wherein the first set of identifiers comprises protected actual identifiers associated with the sensitive data set and the second set of identifiers comprises ephemeral identifiers accessed by one or more of the first program and the second program (Ahmad, Abstract).
Regarding claim 35:
where in the second set of identifiers comprise randomly generated identifiers (Ahmad, ¶23).
Regarding claim 36:
wherein the second set of identifiers are generated by applying a function to the first set of identifiers (Ahmad, ¶29).
Regarding claim 37:
wherein the function comprises an encryption function (Ahmad, ¶52).
Regarding claim 38:
wherein the function comprises a hashing function (Ahmad, ¶51-52).
Regarding claim 39:
Ahmad does not explicitly suggest, wherein the method further comprises sending, from the first program to the execution manager, the first result and sending, from the second program to the execution manager, the second result; however, in a same field of endeavor Ross teaches this limitation (Ross, col 22, lines 1-12).
Same motivation for combining the respective features of Ahmad and Ross applies herein, as discussed in the rejection of claim 1.
Conclusion
9. The prior art made of record and not relied upon is considered pertinent to applicant’s disclosure. Any inquiry concerning this communication or earlier communications from the examiner should be directed to Monjour Rahim whose telephone number is (571)270-3890.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Shewaye Gelagay can be reached on 571-272-4219. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (in USA or CANANDA) or 571-272-1000.
/Monjur Rahim/
Patent Examiner
United States Patent and Trademark Office
Art Unit: 2436; Phone: 571.270.3890
E-mail: monjur.rahim@uspto.gov
Fax: 571.270.4890