DETAILED ACTION
Claims 1-20 are pending in the present application.
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 28 February 2025 is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.
Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).
The filing of a terminal disclaimer by itself is not a complete reply to a nonstatutory double patenting (NSDP) rejection. A complete reply requires that the terminal disclaimer be accompanied by a reply requesting reconsideration of the prior Office action. Even where the NSDP rejection is provisional the reply must be complete. See MPEP § 804, subsection I.B.1. For a reply to a non-final Office action, see 37 CFR 1.111(a). For a reply to final Office action, see 37 CFR 1.113(c). A request for reconsideration while not provided for in 37 CFR 1.113(c) may be filed after final for consideration. See MPEP §§ 706.07(e) and 714.13.
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The actual filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/apply/applying-online/eterminal-disclaimer.
Claims 1-15, and 16-20 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-9, and 11-20 of U.S. Patent No. 12,248,586 B2 Narayan et al.. Although the claims at issue are not identical, they are not patentably distinct from each other because it is well settled that omission of elements and their functions is an obvious expedient if the remaining elements perform the same function as before. See In re Karlson, 136 USPQ 184 (CCPA 1963).
19/067,270
1. A method comprising: tokenizing a plurality of application programming interface (API) specifications and a set of one or more infrastructure as code (IaC) configuration files; for at least a first resource model in the set of IaC configuration files, identifying which of the plurality of API specifications satisfies a mapping criterion; for each of the plurality of API specifications that satisfies the mapping criterion, mapping tokens of the API specification to tokens of the first resource model according to token matching rules; and generating, with the token mappings, a mapping model.
2. The method of claim 1 further comprising converting a security-related runtime rule query to a buildtime rule query based, at least in part, on the mapping model.
3. The method of claim 1, further comprising identifying verb tokens and non-verb tokens of the plurality of API specifications tokens and of the IaC configuration files tokens, wherein the token matching is among non-verb tokens and separately among verb tokens.
4. The method of claim 1, wherein identifying which of the plurality of API specifications satisfies the mapping criterion comprises determining which of the plurality of API specifications includes tokens that satisfy a matching amount criterion with respect to the tokens of the first resource model, wherein the mapping criterion specifies the matching amount criterion.
5. The method of claim 1, wherein mapping tokens, for each of the plurality of API specifications that satisfies the mapping criterion, to tokens of the first resource model comprises distinguishing between non-verb tokens and verb tokens with natural language processing and mapping non-verb tokens of the API specification to non-verb tokens of the first resource model and map verb tokens of the API specification to verb tokens of the first resource model.
6. The method of claim 1, further comprising identifying each resource model in each of the set of IaC configuration files.
7. The method of claim 6, further comprising: for each identified resource model, evaluating at least a subset of the plurality of API specifications against the mapping criterion with respect to the identified resource model to identify the one of the subset of API specifications that satisfies the mapping criterion for the identified resource model; and mapping tokens of the identified API specification to tokens of the resource model according to token matching rules, wherein generating the mapping comprises generating the mapping also with the mappings of tokens of the identified API specifications to tokens of the corresponding one of the resource models.
8. A non-transitory, computer-readable medium having program code stored thereon, the program code comprising instructions to: tokenize a plurality of application programming interface (API) specifications and a set of one or more infrastructure as code (IaC) configuration files; for at least a first resource model in the set of IaC configuration files and a first of the plurality of API specifications, map tokens of the first API specification to tokens of the first resource model according to token matching rules; and generate, with the token mappings, a mapping model.
9. The non-transitory, computer-readable medium of claim 8, wherein the program code further comprises instructions to convert a runtime rule query to a buildtime rule query based, at least in part, on the mapping model.
10. The non-transitory, computer-readable medium of claim 8, wherein the instructions to tokenize the plurality of API specifications is according to syntax of the plurality of API specifications.
11. The non-transitory, computer-readable medium of claim 8, wherein the program code further comprises instructions to identify verb tokens and non-verb tokens of the plurality of API specifications tokens and of the IaC configuration files tokens, wherein the token matching is among non-verb tokens and separately among verb tokens.
12. The non-transitory, computer-readable medium of claim 8, wherein the program code further comprises instructions to determine that the tokens of the first API specification satisfy a matching amount criterion with respect to the tokens of the first resource model, wherein the instructions to map comprise the instructions to map based on determination that the matching amount criterion is satisfied.
13. The non-transitory, computer-readable medium of claim 12, wherein the matching amount criterion comprises one of a percentage of non-verb tokens matched between an API specification and a resource model, a threshold number of matching non-verb tokens, and a percentage of non-verb tokens of a resource model matched to non-verb tokens of an API specification.
14. The non-transitory, computer-readable medium of claim 8, wherein the program code further comprises instructions to: for at least the first resource model, select a subset of the plurality of API specifications based on file names of the subset of API specifications satisfying a matching criterion with respect to a file name of a first of the set of IaC configuration files that includes the first resource model; and evaluate tokens of each of the subset of API specifications against a mapping criterion with respect to the tokens of the first resource model, wherein the subset of API specifications includes the first API specification, wherein the mapping criterion indicates an amount of token matching sufficient for mapping.
15. The non-transitory, computer-readable medium of claim 8, wherein the instructions to map tokens of the first API specification to tokens of the first resource model comprise instructions to distinguish between non-verb tokens and verb tokens with a natural language processor and map non-verb tokens of the first API specification to non-verb tokens of the first resource model and map verb tokens of the first API specification to verb tokens of the first resource model.
17. The non-transitory, computer-readable medium of claim 8, wherein the program code further comprises instructions to identify each resource model in each of the set of IaC configuration files.
18. The non-transitory, computer-readable medium of claim 17, wherein the program code further comprises instructions to: for each identified resource model, evaluate at least a subset of the plurality of API specifications against a mapping criterion with respect to the identified resource model to identify the one of the subset of API specifications that satisfies the mapping criterion for the identified resource model, wherein the mapping criterion indicates an amount of token matching sufficient for mapping; and map tokens of the identified API specification to tokens of the resource model according to token matching rules, wherein the instructions to generate the mapping model comprise the instructions to generate the mapping model also with the mappings of tokens of the identified API specifications to tokens of the corresponding one of the resource models.
19. An apparatus comprising: a processor; and a computer-readable medium having instructions stored thereon that are executable by the processor to cause the apparatus to, tokenize a plurality of application programming interface (API) specifications and a set of one or more infrastructure as code (IaC) configuration files; for at least a first resource model in the set of IaC configuration files and a first of the plurality of API specifications, map tokens of the first API specification to tokens of the first resource model according to token matching rules; and generate, with the token mappings, a mapping model.
20. The apparatus of claim 19, wherein the computer-readable medium further has stored thereon instructions to convert a runtime rule query to a buildtime rule query based, at least in part, on the mapping model.
US Patent 12,248,586 B2
1. A computer implemented method comprising: tokenizing a plurality of application programming interface (API) specifications and a set of one or more infrastructure as code (IaC) configuration files; for at least a first resource model in the set of IaC configuration files, identifying a first of the plurality of API specifications that satisfies a mapping criterion; based on identifying the first API specification, mapping tokens of the first API specification to tokens of the first resource model according to token matching rules; and generating, with the token mappings, a mapping model for converting a runtime rule query for a security policy to a buildtime query applicable to the set of IaC configuration files.
2. The computer implemented method of claim 1 further comprising converting a runtime rule query for a security policy to a buildtime rule query based, at least in part, on the mapping model.
3. The computer implemented method of claim 1, wherein tokenizing the plurality of API specifications is according to syntax of the plurality of API specifications.
4. The computer implemented method of claim 1 further comprising identifying verb tokens and non-verb tokens of the plurality of API specifications tokens and of the IaC configuration files tokens, wherein the token matching is among non-verb tokens and separately among verb tokens.
5. The computer implemented method of claim 1, wherein identifying the first API specification comprises determining that the tokens of the first API specification satisfy a matching amount criterion with respect to the tokens of the first resource model, wherein the mapping criterion specifies the matching amount criterion.
6. The computer implemented method of claim 5, wherein the matching amount criterion comprises one of a percentage of non-verb tokens matched between an API specification and a resource model, a threshold number of matching non-verb tokens, and a percentage of non-verb tokens of a resource model matched to non-verb tokens of an API specification.
7. The computer implemented method of claim 1 further comprising: for at least the first resource model, selecting a subset of the plurality of API specifications based on file names of the subset of API specifications satisfying a matching criterion with respect to a file name of a first of the set of IaC configuration files that includes the first resource model; and evaluating tokens of each of the subset of API specifications against the mapping criterion with respect to the tokens of the first resource model, wherein the subset of API specifications includes the first API specification.
8. The computer implemented method of claim 1, wherein mapping tokens of the first API specification to tokens of the first resource model comprises distinguishing between non-verb tokens and verb tokens with a natural language processor and mapping non-verb tokens of the first API specification to non-verb tokens of the first resource model and mapping verb tokens of the first API specification to verb tokens of the first resource model.
9. The computer implemented method of claim 1, wherein the token matching rules account for differences in at least syntax and capitalization between the plurality of API specifications and the set of one or more IaC configuration files.
11. The computer implemented method of claim 10 further comprising: for each identified resource model, evaluating at least a subset of the plurality of API specifications against the mapping criterion with respect to the identified resource model to identify the one of the subset of API specifications that satisfies the mapping criterion for the identified resource model; and mapping tokens of the identified API specification to tokens of the resource model according to token matching rules, wherein generating the mapping is also with the mappings of tokens of the identified API specifications to tokens of the corresponding one of the resource models.
12. A non-transitory, computer-readable medium having program code stored thereon, the program code comprising instructions to: tokenize a plurality of application programming interface (API) specifications and a set of one or more infrastructure as code (IaC) configuration files; for at least a first resource model in the set of IaC configuration files, identify which of the plurality of API specifications satisfies a mapping criterion; for each of the plurality of API specifications that satisfies the mapping criterion, map tokens of the API specification to tokens of the first resource model according to token matching rules; and generate, with the token mappings, a mapping model that converts a runtime rule query for a security policy to a buildtime query applicable to the set of IaC configuration files.
13. The non-transitory, computer-readable medium of claim 12, wherein the program code further comprises instructions to convert a runtime rule query for a security policy to a buildtime rule query based, at least in part, on the mapping model.
14. The non-transitory, computer-readable medium of claim 12, wherein the program code further comprises instructions to identify verb tokens and non-verb tokens of the plurality of API specifications tokens and of the IaC configuration files tokens, wherein the token matching is among non-verb tokens and separately among verb tokens.
15. The non-transitory, computer-readable medium of claim 12, wherein the instructions to identify which of the plurality of API specifications satisfies the mapping criterion comprises instructions to determine which of the plurality of API specifications include tokens that satisfy a matching amount criterion with respect to the tokens of the first resource model, wherein the mapping criterion specifies the matching amount criterion.
16. The non-transitory, computer-readable medium of claim 12, wherein the instructions to map tokens, for each of the plurality of API specifications that satisfies the mapping criterion, to tokens of the first resource model comprises instructions to distinguish between non-verb tokens and verb tokens with a natural language processor and map non-verb tokens of the API specification to non-verb tokens of the first resource model and map verb tokens of the API specification to verb tokens of the first resource model.
17. The non-transitory, computer-readable medium of claim 12, wherein the program code further comprises instructions to identify each resource model in each of the set of IaC configuration files.
18. The non-transitory, computer-readable medium of claim 17, wherein the program code further comprises instructions to: for each identified resource model, evaluate at least a subset of the plurality of API specifications against the mapping criterion with respect to the identified resource model to identify the one of the subset of API specifications that satisfies the mapping criterion for the identified resource model; and map tokens of the identified API specification to tokens of the resource model according to token matching rules, wherein the instructions to generate the mapping comprises the instruction to generate the mapping also with the mappings of tokens of the identified API specifications to tokens of the corresponding one of the resource models.
19. An apparatus comprising: a processor; and a computer-readable medium having instructions stored thereon that are executable by the processor to cause the apparatus to, tokenize a plurality of application programming interface (API) specifications and a set of one or more infrastructure as code (IaC) configuration files; for at least a first resource model in the set of IaC configuration files, identify which of the plurality of API specifications satisfies a mapping criterion; for each of the plurality of API specifications that satisfies the mapping criterion, map tokens of the API specification to tokens of the first resource model according to token matching rules; and generate, with the token mappings, a mapping model that converts a runtime rule query for a security policy to a buildtime query applicable to the set of IaC configuration files.
20. The apparatus of claim 19, wherein the program code further comprises instructions to convert a runtime rule query for a security policy to a buildtime rule query based, at least in part, on the mapping model.
The examiner notes the current pending claims in the table above, map as follows to the US Patent.
Claims 1-2 map to claims 1-2. Claim 3 maps to claim 4.Claim 4 maps to claim 5.
Claim 5 maps to claim 8. Claim 6 maps to claim 6. Claim 7 maps to claim 11.
Claim 8 maps to claim 12. Claim 9 maps to claim13. Claim 10 maps to claim 3.
Claim 11 maps to claim 14. Claim 12 maps to claim 15. Claim 13 maps to claim 6.
Claim 14 maps to claim 7. Claim 15 maps to claim 7. Claim 15 maps to claim16.
Claim 17 maps to claim 17. Claim 18-20 maps to claims 18-20 of the US Patent.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Note attached form PTO-892.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to GRETA ROBINSON whose telephone number is (571)272-4118. The examiner can normally be reached Mon.-Fri. 9:30AM-6:00PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Hassan Mahmoudi can be reached at 571-272-4078. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/GRETA L ROBINSON/Primary Examiner, Art Unit 2163