10801332 (B.P.A.I. Nov. 5, 2008)

Ex Parte Balaz et al

Board of Patent Appeals and InterferencesNov 5, 2008

10801332 (B.P.A.I. Nov. 5, 2008)

UNITED STATES PATENT AND TRADEMARK OFFICE ____________________ BEFORE THE BOARD OF PATENT APPEALS AND INTERFERENCES ____________________ Ex parte RUDOLPH BALAZ, VICTOR W. HELLER, XIAOHONG SU and KEITH R. VOGEL ____________________ Appeal 2008-1458 Application 10/801,3321 Technology Center 2100 ____________________ Decided: November 5, 2008 ____________________ Before JEAN R. HOMERE, JAY P. LUCAS, and THU A. DANG, Administrative Patent Judges. HOMERE, Administrative Patent Judge. DECISION ON APPEAL I. STATEMENT OF CASE Appellants appeal under 35 U.S.C. § 134 from the Examiner’s twice rejection of claims 1 through 5 and 7 through 21. Claim 6 has been canceled. We have jurisdiction under 35 U.S.C. § 6(b). We affirm. 1 Filed on March 15, 2004. The real party in interest is Microsoft Corp. Appeal 2008-1458 Application 10/801,332 2 The Invention According to Appellants, the invention relates to a virtual private network (VPN) enrollment protocol gateway implemented as a registration authority that operates as an intermediary between a router and a certificate authority. The router communicates with the registration authority as if it were the certificate authority, not realizing that it is communicating with an intermediary. Particularly, as depicted in Figure 1, the protocol gateway (118) receives a router enrollment request from the router (110-114). The protocol gateway (118) decrypts the request, adds an alterative subject name to the request, digitally signs the request, and forwards the signed request to the certificate authority (116). Then, the certificate authority (116) determines whether to trust the source of the request (the protocol gateway), and proceeds to respond with the requested certificate if it verifies that the gateway can be trusted. The gateway receives the requested certificate, encrypts and digitally signs a response including the certificate, and returns the signed and encrypted response to the router. (Spec., p. 2, l. 20 through p. 3, l. 13.) Representative Claim Independent claim 1 further illustrates the invention. It reads as follows: Appeal 2008-1458 Application 10/801,332 3 1. A method, implemented in a registration authority, comprising: receiving a request, from a requestor, for a password to be used by a device when communicating with the registration authority operating as a protocol gateway between the device and a certificate authority; authenticating the requestor; generating the password; adding the password to a password table; and returning the password to the requestor for use by the device. Prior Art Relied Upon The Examiner relies on the following prior art as evidence of unpatentability: Colvin US 6,044,471 Mar. 28, 2000 Mikurak US 6,606,744 B1 Aug. 12, 2003 Andersson US 6,931,016 B1 Aug. 16, 2005 Rejections on Appeal The Examiner rejects the claims on appeal as follows: A. Claims 1 through 5, and 7 through 20 stand rejected under 35 U.S.C. § 103 (a) as being unpatentable over the combination of Colvin and Mikurak. B. Claim 21 stands rejected under 35 U.S.C. § 103 (a) as being unpatentable over the combination of Colvin, Mikurak and Andersson. Appeal 2008-1458 Application 10/801,332 4 Appellants’ Contentions Appellants argue that the combination of Colvin and Mikurak does not teach a registration authority operating as a protocol gateway between a requesting device and certificate authority, as recited in independent claim 1. (App. Br. 8-10, Reply Br. 2-4.) Particularly, Appellants argue that while Mikurak discusses internet gateways, registration authority and certificate authority, they are described as separate devices. (Id.) According to Appellants, these separate disclosures of Mikurak do not suggest the inclusion of the functionality of an Internet gateway in the registration authority to thereby communicate with the certificate authority on behalf of the user. (Id.) Examiner’s Findings In response, the Examiner finds that the claimed registration authority operates as a protocol gateway only when it is communicating with a requesting device. The Examiner thus, finds that the claimed operation as a gateway is a conditional limitation, which is not required when the registration system is not communicating with the requesting device. (Ans. 7-8.) Therefore, the Examiner finds that Mikurak’s disclosure of a registration authority that interfaces with a certificate authority on behalf of the user combined with Mikurak’s disclosure that gateways are known to establish communication between different networks teach the claimed limitation. (Id.) Consequently, the Examiner concludes that the combination of Colvin and Mikurak renders claim 1 unpatentable. (Id.) Appeal 2008-1458 Application 10/801,332 5 II. Issue The pivotal issue before us is whether Appellants have shown that the Examiner erred in concluding that one of ordinary skill would have found sufficient rationale to combine Colvin and Mikurak’s teachings to yield a registration authority that operates as a protocol gateway between a requesting device and a certificate authority, when the requesting device is communicating with the registration authority, as recited in independent claim 1. We answer this inquiry in the negative. III. FINDINGS OF FACT The following findings of fact (FF) are supported by a preponderance of the evidence. Colvin 1. Colvin discloses a method and system for reducing unauthorized use of a software by associating a series of passwords thereto. (Abstract.) Particularly, as depicted in Figure 1, Colvin discloses a password administrator (24) that provides one or more passwords and authorization codes to a user (30) or a group of users (32) based on received registration information obtained with the user’s request to thereby determine to what extent, if any, the user can be authorized to use the software. (Col. 4, ll. 6-42.) Appeal 2008-1458 Application 10/801,332 6 Mikurak 2. Mikurak discloses a collaborative installation management in a network-based supply chain environment wherein phone calls and other multimedia data issued by users are routed through a network system for transferring information across the Internet. (Col. 2, ll. 53-65.) Particularly, Mikurak uses Internet gateways and routers to provide necessary links between different networks thereby making connections possible between them. (Col. 67, ll. 15-25.) 3a. Further, as shown in Figure 116, Mikurak discloses a secured VPN wherein remote users implement a VPN module on their firewall. (Col. 269, ll. 46-56.) 3b. Particularly, a user issues a digital certificate request to a registration authority (RA) that processes and forwards the request to a central corporate headquarter that maintains a certificate Authority (CA) integrated in an LDAP server. (Col. 269, ll. 57-65.) 3c. The CA authenticates the user, and administers a digital certificate to the user to subsequently permit the user to access a desired software. (Id.) Appeal 2008-1458 Application 10/801,332 7 Andersson 4. Andersson discloses a VPN management system wherein each VPN has an identification code, and authentication data for each router including encryption keys and passwords that are compared with security data in a database upon receiving a user’s request to access the database. (Col. 4, ll. 1-26.) IV. PRINCIPLES OF LAW OBVIOUSNESS Appellants have the burden on appeal to the Board to demonstrate error in the Examiner’s position. See In re Kahn, 441 F.3d 977, 985-86 (Fed. Cir. 2006) (“On appeal to the Board, an applicant can overcome a rejection [under § 103] by showing insufficient evidence of prima facie obviousness or by rebutting the prima facie case with evidence of secondary indicia of nonobviousness.”) (quoting In re Rouffet, 149 F.3d 1350, 1355 (Fed. Cir. 1998)). Section 103 forbids issuance of a patent when ‘the differences between the subject matter sought to be patented and the prior art are such that the subject matter as a whole would have been obvious at the time the invention was made to a person having ordinary skill in the art to which said subject matter pertains.’ KSR Int'l Co. v. Teleflex Inc., 127 S. Ct. 1727, 1734 (2007). Appeal 2008-1458 Application 10/801,332 8 The question of obviousness is resolved on the basis of underlying factual determinations including (1) the scope and content of the prior art, (2) any differences between the claimed subject matter and the prior art, (3) the level of skill in the art, and (4) wherein evidence, so-called secondary considerations. Graham v. John Deere Co., 383 U.S. 1, 17-18 (1966). See also KSR, 127 S. Ct. at 1734 (“While the sequence of these questions might be reordered in any particular case, the [Graham] factors continue to define the inquiry that controls.”) “The combination of familiar elements according to known methods is likely to be obvious when it does no more than yield predictable results.” Leapfrog Enter., Inc. v. Fisher-Price, Inc., 485 F.3d 1157, 1161 (Fed. Cir. 2007) (quoting KSR Int’l v. Teleflex, Inc., 127 S. Ct. 1727, 1739 (2007)). “One of the ways in which a patent's subject matter can be proved obvious is by noting that there existed at the time of invention a known problem for which there was an obvious solution encompassed by the patent's claims.” KSR, 127 S. Ct. at 1742. The reasoning given as support for the conclusion of obviousness can be based on interrelated teachings of multiple patents, the effects of demands known to the design community or present in the marketplace, and the background knowledge possessed by a person having ordinary skill in the art. KSR, 127 S. Ct. at 1740-41. See also Dystar Textilfarben GmbH & Co. Deutschland KG v. C.H. Patrick Co., 464 F.3d 1356, 1368 (Fed. Cir. 2007). Appeal 2008-1458 Application 10/801,332 9 V. ANALYSIS As detailed in the Findings of Fact section above, Colvin teaches a system having a password administrator that processes a user’s request for a password along with the user’s registration information to determine to what extent, if any, the user can be authorized to access a desired software. (FF. 1.) Further, Mikurak teaches a VPN wherein a user submits a digital certificate request to a registration authority, which forwards the request to a certificate authority to retrieve the desired certificate, and thereby providing the user access to a corresponding software. (FF. 3a-3c.) Additionally, Mikurak teaches that Gateways are well-known in the art as a tool for establishing communication between different networks. (FF. 2.) One of ordinary skilled in the art would readily recognize that Mikurak’s registration authority, by submitting the user’s digital certificate request to the certificate authority, is serving as a communication proxy for the user. Stated differently, the registration authority is operating as an intermediate communication device linking the user and the certificate authority. The ordinarily skilled artisan would have thus recognized that such an intermediate communication device could be implemented as a gateway, which is well-known for its ability to establish communication between different devices of a network or different networks. We agree with the Examiner that the registration device is not required to satisfy the claimed limitation. We find that the clause “to be used by a device when communicating with the registration authority Appeal 2008-1458 Application 10/801,332 10 operating as a protocol gateway between the device and the certificate authority” is statement of intended use, which is not entitled to any patentable weight. We find nonetheless that Mikurak’s disclosure teaches the limitation encompassed in that clause. Particularly, we find that Mikurak does suggest to the ordinarily skilled artisan to use the registration authority as an intermediate communication device, such as a protocol gateway, linking the user and the certificate authority. The ordinarily skilled artisan would have thus recognized that Colvin and Mikurak disclose prior art elements that perform their ordinary functions to predictably result in a system that allows a registration authority to operate as a protocol gateway between an authorized user and a certificate authority to thereby determine to what extent the user can access a desired software on a server. We therefore agree with the Examiner that the combination of Colvin and Mikurak is proper. It follows that Appellants have not shown that the Examiner erred in concluding that the combination of Colvin and Mikurak renders independent claim 1 unpatentable. Appellants do not separately argue claims 1 through 5 and 7 through 20. Therefore, we select independent claim 1 as being representative of the cited claims. Consequently, claims 2 through 5 and 7 through 20 fall together with representative claim 1. 37 C.F.R. § 41.37(c)(1)(vii). Appeal 2008-1458 Application 10/801,332 11 Regarding claim 21, Appellants argue that Andersson does not cure the deficiencies of the Colvin-Mikurak combination, (App. Br. 11-13, Reply Br. 4.) As discussed above, we find no such deficiencies in the cited combination for Andersson to remedy. Further, Appellants argue that the Colvin-Mikurak-Andersson combination does not teach comparing a received password with an existing password to authenticate the device. (Id.) We do not agree. As detailed in the Findings of Fact section above, Colvin discloses a password administrator that reviews a user’s registration information to authenticate the user. (FF. 1.) Further, Andersson discloses a VPN system that compares the VPN password with security data in a database upon receiving a request from a user to access the database. (FF. 4.) One of ordinary skill would have recognized that Colvin, Mikurak, and Andersson disclose prior art elements that perform their ordinary functions to predictably result in a system that allows an authenticated user to access a database upon finding a match between the user’s authentication data and security data stored in the database. It follows that Appellants have not shown that the Examiner erred in concluding that the combination of Colvin, Mikurak and Andersson renders claim independent claim 21 unpatentable. VI. CONCLUSIONS OF LAW Appellants have not shown that the Examiner erred in concluding that the combination of Colvin and Mikurak renders claims 1 through 5 and 7 through 20 unpatentable under 35 U.S.C. § 103 (a). Similarly, Appellants Appeal 2008-1458 Application 10/801,332 12 have not shown that the Examiner erred in concluding that the combination of Colvin, Mikurak and Andersson renders claim 21 unpatentable under 35 U.S.C. § 103 (a) VII. DECISION We affirm the Examiner’s decision rejecting claims 1 through 5 and 7 through 21 as being unpatentable under 35 U.S.C. § 103(a) . No time period for taking any subsequent action in connection with this appeal may be extended under 37 C.F.R. § 1.136(a)(1)(iv). AFFIRMED pgc MICROSOFT CORPORATION ONE MICROSOFT WAY REDMOND WA 98052