AirWatch LLCDownload PDFPatent Trials and Appeals BoardJul 23, 20212020000572 (P.T.A.B. Jul. 23, 2021) Copy Citation UNITED STATES PATENT AND TRADEMARK OFFICE UNITED STATES DEPARTMENT OF COMMERCE United States Patent and Trademark Office Address: COMMISSIONER FOR PATENTS P.O. Box 1450 Alexandria, Virginia 22313-1450 www.uspto.gov APPLICATION NO. FILING DATE FIRST NAMED INVENTOR ATTORNEY DOCKET NO. CONFIRMATION NO. 14/498,115 09/26/2014 Pratik Jagad W037.02 (500102-1090) 7738 152577 7590 07/23/2021 Thomas | Horstemeyer, LLP (VMW) 3200 Windy Hill Road, SE Suite 1600E Atlanta, GA 30339 EXAMINER WILCOX, JAMES J ART UNIT PAPER NUMBER 2439 NOTIFICATION DATE DELIVERY MODE 07/23/2021 ELECTRONIC Please find below and/or attached an Office communication concerning this application or proceeding. The time period for reply, if any, is set in the attached communication. Notice of the Office communication was sent electronically on above-indicated "Notification Date" to the following e-mail address(es): docketing@thomashorstemeyer.com ipadmin@vmware.com uspatents@thomashorstemeyer.com PTOL-90A (Rev. 04/07) UNITED STATES PATENT AND TRADEMARK OFFICE BEFORE THE PATENT TRIAL AND APPEAL BOARD Ex parte PRATIK JAGAD and KRISHNA KUMAR BHAVESH Appeal 2020-000572 Application 14/498,115 Technology Center 2400 Before RICHARD M. LEBOVITZ, JENNIFER MEYER CHAGNON, and DAVID J. CUTITTA II, Administrative Patent Judges. Opinion for the Board filed by Administrative Patent Judge CUTITTA. Opinion Dissenting filed by Administrative Patent Judge CHAGNON. CUTITTA, Administrative Patent Judge. DECISION ON APPEAL STATEMENT OF THE CASE Pursuant to 35 U.S.C. § 134(a), Appellant1 appeals from the Examiner’s decision to reject claims 1–24, all of the claims under consideration. We have jurisdiction under 35 U.S.C. § 6(b). We AFFIRM. 1 “Appellant” refers to “applicant” as defined in 37 C.F.R. § 1.42(a). Appellant identifies the real party in interest as AirWatch, LLC. Appeal Brief filed April 8, 2019 (“Appeal Br.”) at 2. Appeal 2020-000572 Application 14/498,115 2 CLAIMED SUBJECT MATTER Summary Appellant’s claimed subject matter relates to “assessing the risks of applications that may be installed on one or more devices” by identifying a usage category for the application. Spec. ¶ 8.2 According to Appellant, a “profile assigned to a usage category for the application is obtained.” Spec., Abstract. “The number of times that at least one rule in the profile is violated is determined. A remedial action is initiated in response to the number of times that the at least one rule is violated exceeding a predefined threshold.” Id. Exemplary Claim Claims 1, 6, and 15 are independent. Claim 1, reproduced below with limitations at issue italicized, exemplifies the claimed subject matter: 1. A non-transitory computer-readable medium embodying program code executable in a computing device, the program code being configured to cause the computing device to at least: obtain a list identifying an application installed in a client device; decompile a copy of the application to identify a plurality of operations to be performed by the application during execution of the application; 2 In addition to the Appeal Brief noted above, we refer to: (1) the originally filed Specification filed September 26, 2014 (“Spec.”); (2) the Final Office Action mailed December 12, 2018 (“Final Act.”); (3) the Examiner’s Answer mailed September 4, 2019 (“Ans.”); and (4) the Reply Brief filed November 1, 2019 (“Reply Br.”). Appeal 2020-000572 Application 14/498,115 3 identify a usage category for the application from a third party application repository; obtain a profile that is assigned to the usage category for the application, the profile including at least one first rule that specifies whether the plurality of operations are permitted to perform at least one higher risk level operation according to the usage category, at least one second rule that specifies whether the plurality of operations are permitted to perform at least one lower risk level operation according to the usage category, and at least one predetermined threshold; determine a first number of times that the plurality of operations violate the at least one first rule; determine a second number of times that the plurality of operations violate the at least one second rule; and in response to a total risk associated with the first number of times and the second number of times exceeding the at least one predetermined threshold, transmit a command to direct a management component in the client device to uninstall and replace the application with an alternate application compliant with the profile. Appeal Br. 18 (Claims App.). REFERENCES The Examiner relies on the following references: Name Reference Date Malloy US 2007/0067450 A1 Mar. 22, 2007 Yehuda US 7,934,248 B1 Apr. 26, 2011 Multer US 2011/0269424 A1 Nov. 3, 2011 DiCorpo US 2012/0150773 A1 June 14, 2012 Colbert US 2012/0297380 A1 Nov. 22, 2012 Zhu US 2013/0111592 A1 May 2, 2013 Bettini US 2013/0227683 A1 Aug. 29, 2013 Mowatt US 2013/0326499 A1 Dec. 5, 2013 Adam US 2015/0200959 A1 July 16, 2015 Appeal 2020-000572 Application 14/498,115 4 REJECTIONS The Examiner rejects the claims as follows under 35 U.S.C. § 103: Claims References Final Act. 1, 4, 5, 15–18, 20, 21 Bettini, Zhu, Adam, Mowatt 9 2 Bettini, Zhu, Adam, Mowatt, Yehuda 24 3, 19 Bettini, Zhu, Adam, Mowatt, Multer 26 6–11, 13, 14 Bettini, Zhu, Adam, Yehuda, Mowatt 28 12 Bettini, Zhu, Adam, Yehuda, Mowatt, Malloy 39 22 Bettini, Zhu, Adam, Mowatt, Yehuda 40 23 Bettini, Zhu, Adam, Mowatt, Colbert 42 24 Bettini, Zhu, Adam, Mowatt, DiCorpo 43 OPINION We review the appealed rejections for error based upon the issues identified by Appellant and in light of Appellant’s arguments and evidence. Ex parte Frye, 94 USPQ2d 1072, 1075 (BPAI 2010) (precedential). Arguments not made are waived. See 37 C.F.R. § 41.37(c)(1)(iv) (2018). We disagree with Appellant that the Examiner errs in rejecting claims 1–24, and we adopt as our own the findings set forth by the Examiner for these claims to the extent consistent with our analysis herein. Final Act. 4–14; Ans. 3–17. Appellant argues the claims as a group in that the rejections of claims 2–24, are not argued separately or are only nominally argued separately. Appeal Br. 14–17. We, thus, select independent claim 1 as exemplary of the group. See 37 C.F.R. § 41.37(c)(1)(iv) (2018). Appeal 2020-000572 Application 14/498,115 5 Independent claim 1 recites “identify a usage category for the application from a third party application repository.” Appeal Br. 18. The Examiner finds Bettini “describes a third party provider and global app cache used for classifying usage as known bad or suspicious.” Final Act. 10 (citing Bettini ¶¶ 12, 86, 96, 120, Fig. 1). Appellant argues the “[t]he Specification of the instant application provides several examples of different usage categories of applications . . . including example ‘email client,’ ‘navigation,’ and ‘social networking’ categories” and that Bettini is silent as to identification of any such usage category. Appeal Br. 8–9 (citing Spec. ¶¶ 9, 22). The Examiner responds by finding that the Specification discloses “[o]ne or more usage categories 146 may be associated with each application 129” and that “[a] usage category 146 may, for example, indicate the intended use for an application 129.” Ans. 3 (citing Spec. ¶ 26). The Examiner finds that Bettini’s disclosure of a computing device “with collective app intelligence engine to provide an app reputation phase to classifying usage as known bad or suspicious IP addresses” teaches an intended use for the application and therefore a “usage category” as that term would have been understood in light of the Specification. Id. at 6 (citing Bettini ¶¶ 120, 122, 124, Fig. 1). Appellant’s argument that “Bettini is entirely silent as to the identification of any ‘usage category’ for an application,” is unpersuasive. Reply Br. 3; Appeal Br. 9. Appellant’s argument fails to address the Examiner’s finding that Bettini’s usage categorized as known bad or suspicious teaches identifying a usage category by identifying a use that is Appeal 2020-000572 Application 14/498,115 6 intended to be bad or suspicious, consistent with Appellant’s Specification. Ans. 3, 7. According to the dissent, the Examiner’s interpretation of the term “usage category” to include a use that is intended to be bad or suspicious is inconsistent with the Specification’s non-limiting examples of a usage category as navigation, social networking, music, and photography. Dissent 16 (citing Spec. ¶¶ 22, 26, Smith Int’l, Inc., 871 F.3d at 1382–83). We disagree, because in addition to the examples noted by the dissent, the Specification provides an additional example in which a usage category may indicate “the intended use for an application.” Spec. ¶ 26. The Specification does not limit a usage category to any particular type of category but instead describes each of the categories listed as non-limiting examples. Id. The Examiner’s interpretation that “a usage category 146 may indicate the intended use for an application 129” is consistent with the example discussed above from Appellant’s Specification. Ans. 3 (citing Spec. ¶ 26). The dissent further disagrees with the majority view that Appellant does not address “‘the Examiner’s finding that Bettini’s usage categorized as known bad or suspicious teaches identifying a usage category by identifying a use that is intended to be bad or suspicious.’” Dissent 17. According to the dissent, Appellant’s argument that Bettini’s usage categorized as known bad or suspicious is directed to known risks and not use categories or types of applications, “distinguishes the Examiner’s reliance on ‘classifying usage as known bad or suspicious’ from the Specification’s description of ‘categories or types of applications.’” Dissent 17 (citing Appeal Br. 9; Reply Br. 3). Appeal 2020-000572 Application 14/498,115 7 In the majority view, however, Appellant’s argument based on the non-limiting usage categories such as “‘email client,’ ‘navigation,’ and ‘social networking’” (Appeal Br. 8), misses the mark because the argument does not address the Examiner’s determination that a usage category may also indicate the intended use for an application and that Bettini’s classifying application usage as known bad or suspicious teaches an intended use for the application and therefore a usage category. Ans. 6. Accordingly, the argument is not responsive to the Examiner’s findings. By classifying an application according to its various risks based on its properties as being bad or suspicious behaviors (Bettini, Abstract), a user can determine whether they want to use or make the application available to their organization for use (id. ¶ 41), and thus the classification specifies how the application is used (for example, used with a certain risk or not used at all because of the risk). Similarly, the Specification teaches that when an application is classified as an “email client application,” the usage category may specify that it “should not access the global positioning system (GPS) of the client device.” Spec. ¶ 9. Thus, assigning a risk to an application, as in Bettini, has the same functional significance as assigning an application to an email or music usage category. To the extent risk assignment based on bad or suspicious behavior of the application is different from email, music, etc., these difference are descriptive and not functional. Appellant further argues that “Bettini is entirely silent as to using data “‘from a third party application repository’” for the “identification of any ‘usage category.’” Appeal Br. 9. Appellant’s argument is unpersuasive. Bettini describes URL and IP reputation engine 110 that performs a comparison with collective app Appeal 2020-000572 Application 14/498,115 8 intelligence to classify a URL or IP address accessed by an app as bad or suspicious, providing basis to assign a risk to the application. Bettini ¶ 86, 95. Bettini further discloses the “collective app intelligence can include receiving third party analysis input.” Id. Appellant fails to explain why Bettini’s identification of a usage category using third party analysis input does not teach or suggest using a third party application repository, as claimed. Independent claim 1 further recites “obtain a profile that is assigned to the usage category for the application.” Appeal Br. 18. The Examiner finds Bettini discloses a risk profile that is assigned to a usage of device features or functions. Final Act. 10 (citing Bettini Figs. 6, 7 and associated text); Ans. 9. Appellant argues that Bettini discusses policies and not profiles, as claimed. Appeal Br. 9. In particular, Appellant argues “[r]ather than a profile, Bettini describes ‘policies 310 [on the platform 302] . . . for scanning apps for risk assessment (e.g., security policies, privacy policies, device/network integrity policies, etc.).’” Id. (citing Bettini ¶ 120). Appellant continues, “beyond the fact that the policies 310 described at paragraph [0120] of Bettini are different than the ‘profile’ recited by claim 1 . . . Bettini is entirely silent as to any of those policies 310 being assigned to ( or connected in any way with) the ‘third party analysis input.’” Id. Appellant’s arguments are unpersuasive because Appellant, while addressing Bettini’s policies, fails to address the Examiner’s finding that Bettini’s risk profile teaches or suggests the claimed profile. Final Act. 10. In discussing Figure 6, Bettini discloses performing an “automated analysis of the application based on a risk profile (e.g., using a cloud-based app risk Appeal 2020-000572 Application 14/498,115 9 assessment platform/service)” and “generating a risk score based on . . . the risk profile.” Bettini ¶ 124. Thus, the Examiner’s finding that Bettini’s application risk profile teaches the claimed profile that is assigned to a usage category for the application is supported by the evidence before us. Final Act. 10. Appellant, in turn, fails to specifically address that finding. In the Reply Brief, Appellant argues for the first time that “[a] review of Figures 6 and 7 and the related paragraphs [0124] and [0125] of Bettini again confirm the lack of any profile assigned to a usage category in Bettini.” We decline to consider such an argument raised for the first time in the Reply Brief. Appellant’s arguments are deemed waived, in the absence of a showing of good cause by Appellant, because the Examiner has not been provided a chance to respond. See 37 C.F.R. § 41.41(b)(2) (2012); In re Hyatt, 211 F.3d 1367, 1373 (Fed. Cir. 2000) (noting that an argument not first raised in the brief to the Board is waived on appeal); Ex parte Nakashima, 93 USPQ2d 1834, 1837 (BPAI 2010) (informative) (explaining that arguments and evidence not timely presented in the principal Brief, will not be considered when filed in a Reply Brief, absent a showing of good cause). On this record, Appellant has provided no such showing of good cause. Independent claim 1 further recites: the profile including at least one first rule that specifies whether the plurality of operations are permitted to perform at least one higher risk level operation according to the usage category, [and] at least one second rule that specifies whether the plurality of operations are permitted to perform at least one lower risk level operation according to the usage category. Appeal Br. 18. Appeal 2020-000572 Application 14/498,115 10 The Examiner finds Adam teaches or suggests the claimed first and second rule. Final Act. 13 (citing Adam ¶ 40, Figs. 3, 6). Adam relates to a method to determine whether a user is authorized to carry out an operation on parallel devices, based on a profile or role of the user. Adam ¶ 4. Of particular relevance, the Examiner finds Adam’s user profile 316 permits certain users (e.g., administrators 318) to initiate certain high risk application operations (e.g., reboot 330) while limiting other users to lower risk application operations 334 such as emptying a recycle bin. Ans. 7–8. Appellant argues that Adam “is not directed to the assessment of risk associated with the operations of an application” because “Adam merely describes characterizing the operations of a user as either ‘high risk (e.g., reboot) 330, medium risk (e.g., application update) 332, or low risk (e.g., empty recycle bin) 334’ types of ‘intrusive content 326.’” Appeal Br. 11 (citing Adam ¶ 27). The Examiner responds by finding that: Adam discloses “the profile (Adam, 316, Figure 3, profile) including at least one first rule (Adam, 338, Figure 3, rules) that specifies whether the plurality of operations (Adam, 330, FIG 3 (reboot operation), 332, (application update operation), 334 (empty recycle bin operation)) are permitted to perform at least one higher risk level operation (Adam, 330, FIG 3, high risk (reboot operation), [0040], allowed commands) according to the usage category (Adam, FIG 6, execution pattern (usage category)), at least one second rule (Adam, 338, Figure 3, rules) that specifies whether the plurality of operations (Adam, 330, FIG 3 (reboot operation), 332, (application update operation), 334 (empty recycle bin)) are permitted to perform at least one lower risk level operation (Adam, 334, low risk (empty recycle bin operation), [0040], allowed commands) according to the usage category (Adam, FIG 6, execution pattern [where an execution pattern reads on a usage category]).” Appeal 2020-000572 Application 14/498,115 11 Ans. 8 (citing Adam ¶ 40 Figs. 3, 6). Appellant’s argument that “Adam does not describe or suggest rules that specify whether or not operations of an application are permitted but rather the characterization of the operations of users” is unpersuasive of reversible error. Appeal Br. 11. Appellant fails to sufficiently address the Examiner’s reliance on rules 338 permitting performance of certain management operations for intrusive content including high risk operations such as reboot operations 330, medium risk operations 332 such as application updates and low risk operations 334 such as emptying of a recycle bin. Ans. 8 (citing Adam ¶ 40 Figs. 3, 6). Appellant does not explain why these software-related operations fail to teach or suggest operations of an application as claimed. Furthermore, although these operations in Adam may be user initiated, they are still operations relating to a software application. The dissent agrees with Appellant that “‘Adam does not describe or suggest rules that specify whether or not operations of an application are permitted but rather the characterizations of the operations of users as high, medium, or low risk.’” Dissent 19 (citing Appeal Br. 11; Ans. 6). We believe, however, that Appellant’s focus on the user profile is misguided and is not responsive to the Examiner’s findings. The Examiner finds, and we agree, that Adam’s “policy and rules 338” relate to the operations themselves. Ans. 8 (citing Adam Fig. 3; see also ¶ 27). For example, Adam characterizes a reboot operation as high risk, an application update operation as medium risk and emptying a recycle bin as low risk. Adam Fig. 3, ¶ 27. That these operations may be initiated by a user or that a user profile may prohibit certain users from initiating risky operations is beside the point Appeal 2020-000572 Application 14/498,115 12 because it is the operations themselves that are characterized as more or less risky in Adam and that are not permitted in certain circumstances. Independent claim 1 further recites “determine a first number of times that the plurality of operations violate the at least one first rule; determine a second number of times that the plurality of operations violate the at least one second rule.” Appeal Br. 18. The Examiner finds Zhu teaches or suggests this limitation. Final Act. 11–12. Zhu relates to a system to allow a server to identify an application, which is not authorized to be stored on a user device, based on a user profile and the application profile. ¶ 14. Of particular relevance, the Examiner finds Zhu discloses determining a “security score based on a first and second number the rules are violated where the violations are different based severity levels that exceed thresholds.” Final Act. 11 (citing Zhu ¶¶ 52–56, 58, 69). Appellant argues that “Zhu does not determine a number of times that application operations violate first and second rules” because Zhu instead “merely describes assigning a ‘first ratings score (e.g., 0, 1, 2, etc.)’ or a ‘second ratings score (e.g., 4, 5, 6, etc.)’ when positive portions of ratings are greater than ratings thresholds.” Appeal Br. 13. According to Appellant, “Zhu describes that the profile server 140 assigns ratings scores of ‘(e.g., 0, 1, 2, etc.)’ and ‘(e.g., 4, 5, 6, etc.)’ but not that the profile server 140 determines a number of times that operations violate rules.” Id. Appellant’s argument that Zhu does not teach or suggest determining a number of times that application operations violate rules is unpersuasive. Zhu discloses that profile server 140 uses a data structure including application history field 620 to store information associated with a history of Appeal 2020-000572 Application 14/498,115 13 the particular application including identifying whether the particular application is known to have been associated with a security incident. Zhu ¶¶ 42, 46. Zhu further discloses that “application history field 620 may store a security value that corresponds to the severity and/or the quantity of security incidents.” Id. ¶ 46. Accordingly, Appellant fails to show reversible error in the Examiner’s finding that “[t]he application history field may store a security value that corresponds to the severity and/or the quantity of security incidents [0046].” Ans. 15 (citing Zhu ¶ 46). We agree with the Examiner that “this reads on the limitation of ‘determine a first number of times that the plurality of operations violate the at least one first rule,’” as recited in claim. Ans. 15. In view of our discussion above, Appellant does not persuade us of reversible error in the Examiner’s obviousness rejection of independent claim 1. We, therefore, affirm the Examiner’s rejection of that claim, as well as the rejections of claims 2–24, which Appellant does not argue separately with particularity. Appeal Br. 7–14. DECISION SUMMARY In summary: Claims Rejected 35 U.S.C. § Reference(s)/Basis Affirmed Reversed 1, 4, 5, 15– 18, 20, 21 103 Bettini, Zhu, Adam, Mowatt 1, 4, 5, 15– 18, 20, 21 2 103 Bettini, Zhu, Adam, Mowatt, Yehuda 2 3, 19 103 Bettini, Zhu, Adam, Mowatt, Multer 3, 19 Appeal 2020-000572 Application 14/498,115 14 6–11, 13, 14 103 Bettini, Zhu, Adam, Yehuda, Mowatt 6–11, 13, 14 12 103 Bettini, Zhu, Adam, Yehuda, Mowatt, Malloy 12 22 103 Bettini, Zhu, Adam, Mowatt, Yehuda 22 23 103 Bettini, Zhu, Adam, Mowatt, Colbert 23 24 103 Bettini, Zhu, Adam, Mowatt, DiCorpo 24 Overall Outcome 1–24 TIME PERIOD FOR RESPONSE No time period for taking any subsequent action in connection with this appeal may be extended under 37 C.F.R. § 1.136(a). See 37 C.F.R. § 1.136(a)(1)(iv). AFFIRMED Appeal 2020-000572 Application 14/498,115 15 CHAGNON, Administrative Patent Judge, dissenting. I respectfully disagree with the majority opinion in affirming the rejection of the pending claims. Based on the record before us, I am persuaded the Examiner’s rejection contains reversible error. Claim 1 recites, inter alia, “identify a usage category for the application from a third party application repository.” Appeal Br. 18 (emphasis added). The Examiner relies on Bettini for this claim feature, contending that Bettini “describes a third party provider and global app cache used for classifying usage as known bad or suspicious.” Final Act. 10 (citing Bettini ¶¶ 86, 96, 120). Appellant argues that Bettini is silent as to identification of any such usage category. Appeal Br. 8–9. The portions of Bettini relied upon by the Examiner disclose an “app reputation phase” in which “a comparison with collective app intelligence phase is performed using a URL and IP reputation engine,” and which “can include receiving third party analysis input, such as third party input identifying known bad or suspicious IP addresses, URL addresses,” etc. Bettini ¶ 86. As an example, Bettini describes that “whether the app accesses websites/URLs that are unsafe or associated with malware impacts the app risk assessment,” and that “the platform can apply its own URL ‘blacklists.’” Bettini ¶¶ 95–96. The Specification describes that “[a] usage category 146 may, for example, indicate the intended use for an application 129.” Spec. ¶ 26. As noted by the majority, “[t]he Examiner finds that Bettini’s disclosure of a computing device ‘with collective app intelligence engine to provide an app reputation phase to classifying usage as known bad or suspicious IP addresses’ teaches an intended use for the application and therefore a ‘usage Appeal 2020-000572 Application 14/498,115 16 category’ as that term would have been understood in light of the Specification.” Maj. Op. 5 (citing Ans. 6). Appellant argues that the “[t]he Specification of the instant application provides several examples of different usage categories of applications . . . , including example ‘email client,’ ‘navigation,’ and ‘social networking’ categories.” Appeal Br. 8 (citing Spec. ¶¶ 9, 22). Indeed, the Specification provides several examples of a “usage category.” See Spec. ¶ 9 (“email client”), ¶ 22 (“navigation,” “social networking”), ¶ 26 (“music,” “photography”). Each of these categories relates to the actual intended function (i.e., “the intended use”) of the application, rather than to the relative suspiciousness level of the application (i.e., a characteristic of the application). I do not agree that the Examiner’s broad interpretation of the term “usage category” to include “classifying usage as known bad or suspicious IP addresses” (Ans. 6) is reasonable in view of the Specification. See In re Smith Int’l, Inc., 871 F.3d 1375, 1382–83 (Fed. Cir. 2017) (“The correct inquiry in giving a claim term its broadest reasonable interpretation in light of the specification is not whether the specification proscribes or precludes some broad reading of the claim term adopted by the examiner. And it is not simply an interpretation that is not inconsistent with the specification. It is an interpretation that corresponds with what and how the inventor describes his invention in the specification, i.e., an interpretation that is consistent with the specification.” (citation and internal quotation marks omitted)). The majority contends that Appellant does not address “the Examiner’s finding that Bettini’s usage categorized as known bad or suspicious teaches identifying a usage category by identifying a use that is Appeal 2020-000572 Application 14/498,115 17 intended to be bad or suspicious.” Maj. Op. 5–6. I respectfully disagree. In response to the Examiner’s assertions, Appellant contends that “none of the ‘third party analysis input’ described by Bettini amounts to a ‘usage category’ for an application because it is directed to known risks and not use categories or types of applications.” Appeal Br. 9 (emphasis added); see also Reply Br. 3 (“A person of ordinary skill in the art would find it clear that this ‘input’ of Bettini is related to known risks and is different than usage categories or types of applications.”). Here, Appellant distinguishes the Examiner’s reliance on “classifying usage as known bad or suspicious” from the Specification’s description of “categories or types of applications.” And, as discussed above, I do not find the Examiner’s interpretation of the term “usage category” to be reasonable in view of the Specification. Thus, I agree with Appellant that, contrary to the Examiner’s assertions, Bettini does not disclose the claimed “usage category.” Claim 1 also recites “obtain a profile that is assigned to the usage category for the application, the profile including at least one first rule that specifies whether the plurality of operations are permitted to perform at least one higher risk level operation according to the usage category, at least one second rule that specifies whether the plurality of operations are permitted to perform at least one lower risk level operation according to the usage category, and at least one predetermined threshold.” Appeal Br. 18. The Examiner admits that Bettini (and Zhu) do not disclose “the profile including at least one first rule that specifies whether the plurality of operations are permitted to perform at least one higher risk level operation according to the usage category, at least one second rule that specifies whether the plurality of operations are permitted to perform at least one Appeal 2020-000572 Application 14/498,115 18 lower risk level operation according to the usage category, and at least one predetermined threshold.” Final Act. 12–13. The Examiner contends that Adam discloses these limitations. Id. at 13. The Examiner finds that: Adam discloses “the profile (Adam, 316, Figure 3, profile) including at least one first rule (Adam, 338, Figure 3, rules) that specifies whether the plurality of operations (Adam, 330, FIG 3 (reboot operation), 332, (application update operation), 334 (empty recycle bin operation)) are permitted to perform at least one higher risk level operation (Adam, 330, FIG 3, high risk (reboot operation), [0040], allowed commands) according to the usage category (Adam, FIG 6, execution pattern (usage category)), at least one second rule (Adam, 338, Figure 3, rules) that specifies whether the plurality of operations (Adam, 330, FIG 3 (reboot operation), 332, (application update operation), 334 (empty recycle bin)) are permitted to perform at least one lower risk level operation (Adam, 334, low risk (empty recycle bin operation), [0040], allowed commands) according to the usage category (Adam, FIG 6, execution pattern [where an execution pattern reads on a usage category]).” Ans. 8 (citing Adam ¶ 40, Figs. 3, 6); Final Act. 13. The Examiner contends that “each one of the[] risks [described in Adam] corresponds to a different operation.” Ans. 7. Appellant argues that “Adam . . . is not directed to the assessment of risk associated with the operations of an application.” Appeal Br. 11. Appellant continues, “[i]n contrast, Adam merely describes characterizing the operations of a user either as ‘high risk (e.g., reboot) 330, medium risk (e.g., application update) 332, or low risk (e.g., empty recycle bin) 334.’” Id. (citing Adam ¶ 27). The majority states that “Appellant does not explain why these software-related operations [(i.e., reboot, applications updates, emptying the recycle bin)] fail to teach or suggest operations of an application as Appeal 2020-000572 Application 14/498,115 19 claimed.” Maj. Op. 11. Respectfully, the claim does not simply require operations of an application. Claim 1 requires a profile that includes rules (i.e., the first rule) which specify whether the application (i.e., the plurality of operations) is permitted to perform a particular operation (i.e., at least one higher risk level operation). The profiles/rules of Adam, on the other hand, specify whether a particular user is permitted to perform certain operations, based on the risk level thereof. Adam ¶ 4 (“method includes the step of determining whether a user is authorized to carry out a management operation”), ¶ 27 (“user/role profiles 316 . . . [are] characterized as one of an administrator 318, a Super User 320 or a regular user 322”; “management operations are, for example, characterized as either intrusive content 326 [such as high risk (e.g., reboot) 330, medium risk (e.g., application update) 332, or low risk (e.g., empty recycle bin) 334] or non-intrusive content 328”); see Appeal Br. 10–11. This distinction is recognized and argued by Appellant: “Adam does not describe or suggest rules that specify whether or not operations of an application are permitted but rather the characterizations of the operations of users as high, medium, or low risk.” Appeal Br. 11; Ans. 6. I agree with Appellant that “[t]he characterization of [the risk of] user operations . . . does not amount to first and second rules . . . which specify whether application operations are permitted to perform ‘higher risk level’ and ‘lower risk level’ operations, respectively,” as claimed. Appeal Br. 11 (emphasis added). Thus, I agree with Appellant that, contrary to the Examiner’s assertions, Adam does not disclose the claimed “profile including at least one first rule that specifies whether the plurality of operations are permitted to perform at least one higher risk level operation Appeal 2020-000572 Application 14/498,115 20 . . . , [and] at least one second rule that specifies whether the plurality of operations are permitted to perform at least one lower risk level operation.” Independent claim 6 also recites “usage category” and a “profile including at least one first rule that specifies whether the plurality of operations are permitted to perform at least one higher risk level operation . . . , [and] at least one second rule that specifies whether the plurality of operations are permitted to perform at least one lower risk level operation.” Appeal Br. 20. Independent claim 15 does not recite a “usage category,” but does recite a “profile including at least one first rule that specifies whether the plurality of operations are permitted to perform at least one higher risk level operation, at least one second rule that specifies whether the plurality of operations are permitted to perform at least one lower risk level operation.” Id. at 22. For these reasons, I am persuaded the Examiner errs in finding that the cited combination of Bettini, Zhu, Adams, and Mowatt teaches or suggests all elements of the independent claims. Accordingly, I respectfully dissent from the majority’s opinion affirming the Examiner’s rejections of claims 1–24. Copy with citationCopy as parenthetical citation