Notice of Pre-AIA or AIA Status
1. The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Election/Restrictions
2. NO restrictions warranted at initial time of filing for patent.
Priority
3. Applicant claims domestic priority under 35 USC 119e to provisional application filed on 11/22/2019.
Information Disclosure Statement
4. The information disclosure statement (IDS) submitted on 07/01/2025, the submission is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.
Oath/Declaration
5. Applicant’s Oath was filed on 01/29/2025.
Drawings
6. Applicant’s drawings filed on 01/29/2025 has been inspected and is in compliance with MPEP 608.01.
Specification
7. Applicant’s specification filed on 01/29/2025 has been inspected and is in compliance with MPEP 608.02.
Claim Objections
8. NO objections warranted at initial time of filing for patent.
Remarks
9. Examiner request Applicant review relevant prior art under the conclusion of this office action.
Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.
10. Claims 1, 3, 5-7, 10-16, 18 and 20 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by U.S. Publication No. 20200341659 hereinafter Chauhan.
As per claim 1, Chauhan discloses:
A method (para 0015 “Technology is described for improving the operation of a write-once read-many (WORM) compliant data storage cluster in which a set of data stored within the WORM compliant data storage cluster may be identified and then locked or made immutable for a data retention time period such that the set of data cannot be rewritten, erased, or altered for the data retention time period.”) comprising:
generating, by a data protection system, a snapshot for data stored in a storage system (para 0075 “In step 306, a snapshot process for acquiring a snapshot of the first virtual machine is initiated. The snapshot process may send an instruction to a virtualized infrastructure manager, such as virtualization manager 169 in FIG. 1A, that requests data associated with the snapshot of the first virtual machine.”);
storing, by the data protection system, the snapshot in a first data store (para 0075 “In step 308, a type of snapshot to be stored is determined.”); and
performing, by the data protection system, a replication process with respect to the snapshot, the replication process comprising creating a snapshot replica representative of a replica of the snapshot and storing the snapshot replica in a second data store (para 0043 “The single full image snapshot of the virtual machine may be stored using a first storage device of a first type (e.g., a HDD) and the one or more incrementals derived from the single full image snapshot may be stored using a second storage device of a second type (e.g., an SSD).”),
the second data store dedicated to storing snapshot replica data representative of snapshot replicas by implementing write requests representative of requests to write the snapshot replicas to the second data store and not implementing all other types of write requests (para 0091 “The data to be backed up may be replicated across different nodes within the plurality of nodes. In some cases, the data to be backed up may be replicated using nodes within the plurality of nodes and the external WORM compliant storage 410. The data to be backed up from server 402 may comprise one or more electronic files associated with virtual machine snapshots or real machine snapshots. In one embodiment, if a snapshot of a virtual machine is acquired from the server 402 while an earlier version of the virtual machine is locked or has been placed under WORM compliance, then the snapshot may be directly written to WORM compliant data storage, such as WORM compliant data storage 415, based on the size of the snapshot.”);
wherein a retention policy associated with the second data store specifies one or more conditions that each have to be satisfied for the snapshot replica data stored in the second data store to be modified or deleted from the second data store (para 0093 “ In some embodiments, a set of data (e.g., one or more electronic files) acquired from server 402 may be stored and replicated across different nodes within the plurality of nodes of the integrated data management and storage system. In one example, upon detection that the set of data should be locked for a data retention period, a first copy of the set of data may be stored using WORM compliant data storage 415 and a second copy of the set of data may be stored using WORM compliant data storage 425. In this case, both the first copy and the second copy of the set of data may be stored using WORM compliant hardware data storage.”).
As per claim 3, Chauhan discloses:
The method of claim 1, wherein the one or more conditions specify a retention time period that specifies a minimum threshold of time that the snapshot replica data stored in the second data store must be retained before being modified or deleted from the second data store (para 0015 “Technology is described for improving the operation of a write-once read-many (WORM) compliant data storage cluster in which a set of data stored within the WORM compliant data storage cluster may be identified and then locked or made immutable for a data retention time period such that the set of data cannot be rewritten, erased, or altered for the data retention time period. The set of data may comprise one or more electronic files. In response to an instruction to lock the set of data for the data retention time period (e.g., for six months or for six years), the data storage cluster comprising a plurality of data storage nodes may satisfy WORM compliance by transferring the set of data to a WORM compliant hardware storage device in communication with the data storage cluster, by writing the set of data to WORM compliant hardware storage located within data storage nodes of the data storage cluster, or by restricting data access permissions (e.g., setting read-only file access permissions) for the set of data stored within the data storage cluster for the data retention time period.”).
As per claim 5, Chauhan discloses:
The method of claim 1, wherein the retention policy further prevents the snapshot replica data from being copied or moved from the second data store to any other data store (para 0015).
As per claim 6, Chauhan discloses:
The method of claim 1, wherein an additional retention policy is associated with only the snapshot replica, the additional retention policy specifying a second set of one or more conditions that also have to be satisfied for the snapshot replica to be modified or deleted from the second data store (para 0016, 0092, and 0097).
As per claim 7, Chauhan discloses:
The method of claim 1, further comprising: detecting, by the data protection system, a request to modify or delete the snapshot replica from the second data store; determining, by the data protection system, that the one or more conditions are each satisfied; and allowing, by the data protection system based on the determining that the one or more conditions are each satisfied, the requested modification or deletion of the snapshot replica to be performed (para 0072 “ In some embodiments, the number of snapshots in a snapshot chain may decrease over time as older versions of a virtual machine are consolidated, archived, deleted, or moved to a different storage domain (e.g., to cloud storage) depending on the data backup and archiving schedule for the virtual machine. In some cases, the maximum incremental chain length or the maximum number of snapshots for a snapshot chain may be increased over time as the versions stored by the snapshot chain age. In one example, if the versions of a virtual machine stored using a snapshot chain are all less than one month old, then the maximum incremental chain length may be set to a maximum of 200 incrementals; however, if the versions of the virtual machine stored using the snapshot chain are all greater than one month old, then the maximum incremental chain length may be set to a maximum of 1000 incremental.”).
As per claim 10, Chauhan discloses:
The method of claim 1, wherein the performing the replication process is performed based on the storing the snapshot in the first data store (para 0043).
As per claim 11, Chauhan discloses:
The method of claim 1, wherein the first data store and the second data store are included in the storage system (para 0043).
As per claim 12, Chauhan discloses:
The method of claim 1, wherein the first data store is included in the storage system and the second data store is included in a remote storage system remote from and communicatively coupled to the storage system by way of a network (para 0022 and 0054).
As per claim 13, Chauhan discloses:
The method of claim 1, wherein the data protection system is implemented by the storage system (para 0022 and 0054).
As per claim 14, Chauhan discloses:
The method of claim 1, wherein the data protection system is implemented by a cloud-based monitoring system communicatively coupled to the storage system by way of a network (para 0022 and 0054).
As per claim 15, the implementation of the method of claim 1 will execute the system of claim 15 including:
a plurality of data stores including: a first data store configured to implement write requests representative of requests to write snapshots of data to the first data store, and a second data store dedicated to storing snapshot replica data representative of snapshot replicas by implementing write requests representative of requests to write the snapshot replicas to the second data store and not implementing all other types of write requests; a snapshot generation module configured to generate a snapshot for data stored in a storage system and store the snapshot in the first data store; a replication module configured to perform a replication process with respect to the snapshot stored in the first data store, the replication process comprising creating a snapshot replica representative of a replica of the snapshot and storing the snapshot replica in the second data store; wherein a retention policy associated with the second data store specifies one or more conditions that each have to be satisfied for the snapshot replica data stored in the second data store to be modified or deleted from the second data store (Chauhan0043, 0075, 0091 and 0093). The claim is analyzed with respect to claim 1.
As per claim 16, the implementation of the method of claim 1 will execute the system of claim 15. The claim is analyzed with respect to claim 1.
As per claim 18, the claim is analyzed with respect to claim 3.
As per claim 20, the claim is analyzed with respect to claim 5.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
11. Claims 2, 8, 17 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Chauhan in view of U.S. Patent No. 8244678 hereinafter Hartland.
As per claim 2, Chauhan discloses:
The method of claim 1, wherein the one or more conditions specify (para 0015)
Chauhan does not discloses:
a multi-level authorization process that must be satisfied for the snapshot replica data stored in the second data store to be modified or deleted from the second data store
Hardland discloses:
a multi-level authorization process that must be satisfied for the snapshot replica data stored in the second data store to be modified or deleted from the second data store (Col. 6 Line 51- Line 3 “To provide additional assurances that a backup will adhere to a specified policy that reflects an organization's file retention requirements, the present method may be configured to require two parties to approve any actions that involve setting or changing policy, or manually deleting data from the backup in a manner inconsistent with that backup's file retention policy. Typically, policy changes and deletions of
backup data can only be initiated by a user with the "Administrator" role. To require two party authorization, an organization assigns a second user an "Approver" role. If any "Approver" role exists within an organization, actions by any Administrator that establish or alter the backup policy, or manually delete data from the backup are not performed immediately upon the Administrator's request, but instead generate a notification to the Approver signaling the need for approval before the actions are performed. When the Approver next logs in to the system, descriptions of the requested actions are presented and the approver can choose to approve or reject those action requests. Approved actions are executed by the system.”)
Therefore, it would have been obvious to one ordinary of skill in the art before the effective filing date of the claimed invention to modify the write-once read-many (WORM) compliant data storage of Chauhan to include a multi-level authorization process that must be satisfied for the snapshot replica data stored in the second data store to be modified or deleted from the second data store, as taught by Hardland.
The motivation would have been to increase the protection and security of the backup data.
As per claim 4, Chauhan discloses:
The method of claim 1, wherein the one or more conditions specify (para 0015)
Chauhan does not discloses:
one or more conditions specify a minimum threshold of entities that have to approve a modification or deletion of the snapshot replica data stored in the second data store.
Hardland discloses:
one or more conditions specify a minimum threshold of entities that have to approve a modification or deletion of the snapshot replica data stored in the second data store (Col. 6 Line 51- Line 3 “To provide additional assurances that a backup will adhere to a specified policy that reflects an organization's file retention requirements, the present method may be configured to require two parties to approve any actions that involve setting or changing policy, or manually deleting data from the backup in a manner inconsistent with that backup's file retention policy. Typically, policy changes and deletions of
backup data can only be initiated by a user with the "Administrator" role. To require two party authorization, an organization assigns a second user an "Approver" role. If any "Approver" role exists within an organization, actions by any Administrator that establish or alter the backup policy, or manually delete data from the backup are not performed immediately upon the Administrator's request, but instead generate a notification to the Approver signaling the need for approval before the actions are performed. When the Approver next logs in to the system, descriptions of the requested actions are presented and the approver can choose to approve or reject those action requests. Approved actions are executed by the system.”)
Therefore, it would have been obvious to one ordinary of skill in the art before the effective filing date of the claimed invention to modify the write-once read-many (WORM) compliant data storage of Chauhan to include one or more conditions specify a minimum threshold of entities that have to approve a modification or deletion of the snapshot replica data stored in the second data store, as taught by Hardland.
The motivation would have been to increase the protection and security of the backup data.
As per claim 8, Chauhan discloses:
The method of claim 1, further comprising: detecting, by the data protection system, a request to modify or delete the snapshot replica from the second data store (para 0072)
Chauhan does discloses:
determining, by the data protection system, that at least one of the one or more conditions is not satisfied; and preventing, by the data protection system, the requested modification or deletion of the snapshot replica from being performed
Hardland does discloses:
determining, by the data protection system, that at least one of the one or more conditions is not satisfied; and preventing, by the data protection system, the requested modification or deletion of the snapshot replica from being performed (Col. 6 Line 51- Line 3 “To provide additional assurances that a backup will adhere to a specified policy that reflects an organization's file retention requirements, the present method may be configured to require two parties to approve any actions that involve setting or changing policy, or manually deleting data from the backup in a manner inconsistent with that backup's file retention policy. Typically, policy changes and deletions of
backup data can only be initiated by a user with the "Administrator" role. To require two party authorization, an organization assigns a second user an "Approver" role. If any "Approver" role exists within an organization, actions by any Administrator that establish or alter the backup policy, or manually delete data from the backup are not performed immediately upon the Administrator's request, but instead generate a notification to the Approver signaling the need for approval before the actions are performed. When the Approver next logs in to the system, descriptions of the requested actions are presented and the approver can choose to approve or reject those action requests. Approved actions are executed by the system.”)
Therefore, it would have been obvious to one ordinary of skill in the art before the effective filing date of the claimed invention to modify the write-once read-many (WORM) compliant data storage of Chauhan to include determining, by the data protection system, that at least one of the one or more conditions is not satisfied; and preventing, by the data protection system, the requested modification or deletion of the snapshot replica from being performed, as taught by Hardland.
The motivation would have been to increase the protection and security of the backup data.
As per claim 17, the claim is analyzed with respect to claim 2.
As per claim 19, the claim is analyzed with respect to claim 4.
12. Claim 9 is rejected under 35 U.S.C. 103 as being unpatentable over Chauhan in view of U.S. Publication No. 20200042707 hereinafter Kucherov.
As per claim 9, Chauhan discloses:
The method of claim 1, further comprising: determining, by the data protection system, that the data stored by a storage system (para 0015 and 0075)
Chauhan does not disclose:
determining, by the data protection system, that the data stored by a storage system is possibly being targeted by a security threat; wherein the generating the snapshot is performed based on the determining that the data stored by the storage system is possibly being targeted by the security threat
Kucherov discloses:
determining, by the data protection system, that the data stored by a storage system is possibly being targeted by a security threat; wherein the generating the snapshot is performed based on the determining that the data stored by the storage system is possibly being targeted by the security threat
(para 0005 “In one embodiment, a storage system comprises a plurality of storage devices and a storage controller. The storage controller is configured to generate a plurality of snapshots of a storage volume of the storage system at respective different points in time, to monitor a differential between a given one of the snapshots and the storage volume, and to generate an alert indicative of at least a potential ransomware attack on the storage system based at least in part on the monitored differential satisfying one or more specified conditions.”)
Therefore, it would have been obvious to one ordinary of skill in the art before the effective filing date of the claimed invention to modify the write-once read-many (WORM) compliant data storage of Chauhan to include determining, by the data protection system, that the data stored by a storage system is possibly being targeted by a security threat; wherein the generating the snapshot is performed based on the determining that the data stored by the storage system is possibly being targeted by the security threat, as taught by Kucherov.
The motivation would have been to provide snapshot-based detection and remediation of ransomware attacks on a storage array or other type of storage system.
Conclusion
13. The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
U.S. Publication No. 20160196320 hereinafter 0061 “ In one embodiment,
snapshots that are replicated from original storage subsystem 200 to a target subsystem may have the same global content ID but may have separate local IDs on original storage subsystem 200 and the target subsystem. In other embodiments, global IDs may be used across multiple storage subsystems. These global IDs may be generated such that no duplicate IDs are generated. For example, in one embodiment, an ID of the device on which it (e.g., the snapshot, medium, or corresponding data) was first written may be prepended. In other embodiments, ranges of IDs may be allocated/assigned for use by by different devices. These and other embodiments are possible and are contemplated. For example, the local ID of a first snapshot on original storage subsystem 200 may map to the global content ID 290 and the local ID of the first snapshot on the target subsystem may also map to the global content ID 290. In this way, a given storage subsystem may be able to identify which of its snapshots are also present on other storage subsystems. In one embodiment, cloud service 235 may maintain mappings of local content IDs to global content IDs for the storage subsystems of a given organization.”
Any inquiry concerning this communication or earlier communications from the examiner should be directed to GARY S GRACIA whose telephone number is (571)270-5192. The examiner can normally be reached Monday-Friday 9am-6pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Philip Chea can be reached at 5712723951. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/GARY S GRACIA/ Primary Examiner, Art Unit 2499