Ex Parte BelgaiedDownload PDFBoard of Patent Appeals and InterferencesMar 30, 200910139099 (B.P.A.I. Mar. 30, 2009) Copy Citation UNITED STATES PATENT AND TRADEMARK OFFICE ____________ BEFORE THE BOARD OF PATENT APPEALS AND INTERFERENCES ____________ Ex parte KAIS BELGAIED ____________ Appeal 2008-2370 Application 10/139,099 Technology Center 2400 ____________ Decided:1 March 31, 2009 ____________ Before JAMES D. THOMAS, ST. JOHN COURTENAY III, and CAROLYN D. THOMAS, Administrative Patent Judges. THOMAS, Administrative Patent Judge. DECISION ON APPEAL 1 The two-month time period for filing an appeal or commencing a civil action, as recited in 37 C.F.R. § 1.304, begins to run from the decided date shown on this page of the decision. The time period does not run from the Mail Date (paper delivery) or Notification Date (electronic delivery). Appeal 2008-2370 Application 10/139,099 2 STATEMENT OF THE CASE This is an appeal under 35 U.S.C. § 134(a) from the Examiner’s final rejection of claims 1, 3-6, 8-10, 12-15, and 17-26. We have jurisdiction under 35 U.S.C. § 6(b). We Affirm. INVENTION By the use of software probes Appellant’s invention captures and reports debug information regarding data transport failures in a multi-level secure operating environment. (Spec. 14 and Abst. 24). REPRESENTITIVE CLAIM Below is reproduced independent claim 1: 1. A method for diagnosing transport failures of a data packet in a multi-level secure network, said method comprising: a) activating a software-based probe at an access control decision point of said network in response to an activation of a first command at a debug station, wherein said software-based probe is capable of identifying an error message for a multi-level trusted networking error; b) re-sending said data packet; c) detecting a data transport failure of said data packet being transmitted between two or more computer systems, said data transport failure resulting from a violation of a security policy of said network; Appeal 2008-2370 Application 10/139,099 3 d) identifying an error message in response to said data transport failure, said identifying being facilitated by said software-based probe; and e) displaying said error message at said debug station of said network in response to activation of a second command at the debug station. PRIOR ART AND EXAMINER’S REJECTION The Examiner relies upon the following reference as evidence of anticipation: Guheen US 6,473,794 B1 Oct. 29, 2002 (filed May 27, 1999) All claims on appeal, 1, 3-6, 8-10, 12-15, and 17-26 stand rejected under 35 U.S.C. § 102(e) as being anticipated by Guheen. Claim Groupings Although the principal Brief treats separately independent claims 1, 10, and 19 beginning respectively at page 9 of the principal Brief, the actual arguments presented are common among these claims focusing upon the “activating” clauses of independent method claims 1 and 10 and the corresponding features in system independent claim 19 relating to the activation and deactivation of software-based probes at access controlled decision points. No arguments are presented in the principal Brief as to any dependent claims on appeal. Appeal 2008-2370 Application 10/139,099 4 ISSUES Has Appellant shown that the Examiner erred in concluding that Guheen teaches activating a software-based probe at an access controlled decision point among the independent claims on appeal? FINDINGS OF FACT (FF) 1. Appellant’s recognition of the admitted prior art at Specification pages 2 and 3 indicates that it was known in the art that information on a network may have different levels of sensitivity and that exiting controls tracked information so that it reached only those destinations that were cleared for the same classification. This approach included access controls and, particularly, label-based access controls that automatically enforced the transfer of information such that each data packet containing a label carried information about the classification of the data in the packet and also the credentials or privileges of the processor source that generated the data. Administrators were capable of determining transport failures as long as the failure did not violate a security policy. 2. Among Guheen’s extensive, comprehensive teachings of a web- based system, this patent comprises 177 drawings sheets (and 97 Figures) and 295 columns; it is approximately 1.25 inches thick. Pertinent aspects are illustrated in Figures 1, 18, 21A, 23A, 24A, 25A, 26C, 27A, 28A, 29A, 30A, 31A, 32A, 33A, 34A, 47-54, 61, 64A-64B, 65A, 88, and 89. Appeal 2008-2370 Application 10/139,099 5 3. Guheen’s Figure 49 appears to illustrate the use of a Solaris-based operating environment which appears comparable to that which is relied upon by the Appellant’s disclosed invention at page 11 of the Specification as filed. Moreover, the overall operating environment of Guheen is considered to be a trusted environment comparable to that which is disclosed and claimed as indicated according to the discussion at columns 294 and 295. Extensive discussions of security services illustrated in numerous of the just-identified Figures begin at column 48. 4. The Examiner also makes reference to the discussion at the bottom of the table at columns 17-18 under what appears to be the topic heading “Product4 Product Suite:” A range of security-based hardware and software that offers packet filtering, encryption, security administration, virtual private network and access restriction. The Product4 Product Suite includes the following components: Product4 Secure Net -- a complete set of products designed to establish perimeter defense, secure intranets, secure remote access, and secure extranets including the following: Product4 EFS - firewall and security server software that screens network traffic as defined by the organization's security policy. It also acts as a high-speed encryption server to protect information going over untrusted networks. Product4 SPF-200 - security platform for perimeter defense and electronic commerce. It provides stealthing to help protect an organization from Internet attacks. Product4 SKIP - provides encryption and key management capabilities which enables PCs, workstations, and servers to achieve secure/authenticated communication. Appeal 2008-2370 Application 10/139,099 6 5. The security management tool 216 in Figure 61 is discussed briefly at the middle of column 69 and more extensively at most of column 75 as relied upon by the Examiner. Topics include e-mail content filtering to enforce e-mail policy and the use of firewalls to enforce different security policies as well. Significantly, the Examiner relies upon these teachings at column 75, lines 21-28: Intrusion detection--discovers and alerts administrators of intrusion attempts. Network assessment--performs scheduled and selective probes of the network's communication services, operating systems, and routers in search of those vulnerabilities most often used by unscrupulous individuals to probe, investigate, and attack your network. 6. The Examiner has also made specific reference to column 162, lines 50-63, which we reproduce here: Managing hardware is all hardware directly used to manage the environment. This includes all staging components. These components are devoted to systems management functions. Examples of managing hardware include management servers, management controllers, management consoles, probes, and sniffers. One significant component in the hardware monitoring arena is Firewall access control policy management. Firewalls are regularly used for network based security management. It is typically a system or group of systems that enforce access control between two or more networks and/or perform network data packet filtering. Usually packet filtering router hardware and application gateways are used to block unauthorized IP packets and enforce proxy defined user commands. Appeal 2008-2370 Application 10/139,099 7 7. Among the Examiner’s responsive arguments beginning at the bottom of page 13 of the Answer, the Examiner explains: Column 162, line 53-55, Guheen discloses probes (i.e. a small utility program that is used to investigate, or test, the status of a system, network or Web site), sniffers (i.e. a specialized hardware device or software in a desktop or laptop computer that captures packets transmitted in a network for routine inspection and problem detection). Guheen inherently teaches "a software-based probe at an access control decision point of said network," and "activating a software-based probe.., in response to an activation of a first command since the presence of probe or sniffers would is used to perform the above task. PRINCIPLES OF LAW Anticipation “A claim is anticipated only if each and every element as set forth in the claim is found, either expressly or inherently described, in a single prior art reference.” Verdegaal Bros. v. Union Oil Co. of California, 814 F.2d 628, 631 (Fed. Cir. 1987). Analysis of whether a claim is patentable over the prior art under 35 U.S.C. § 102 begins with a determination of the scope of the claim. We determine the scope of the claims in patent applications not solely on the basis of the claim language, but upon giving claims their broadest reasonable construction in light of the specification as it would be interpreted by one of ordinary skill in the art. In re Am. Acad. of Sci. Tech. Appeal 2008-2370 Application 10/139,099 8 Ctr., 367 F.3d 1359, 1364 (Fed. Cir. 2004). The properly interpreted claim must then be compared with the prior art. ANALYSIS At the outset, we note that the Appellant’s arguments beginning at page 2 in the Reply Brief have not been considered. The referenced pages here (pages 5 and 6) of the Answer relate to the Examiner’s statement of the rejection which is identical to that which was set forth in the final rejection as to claim 1. Appellant presents arguments with respect to each element of representative independent claim 1 beginning at page 2 of the Reply Brief, whereas the principal Brief in this appeal limited its arguments to corresponding features of activating the probes in the independent claims herein. The Reply Brief sets forth new arguments that could have been made and should have been made in the principal Brief with respect to claim 1 but, in fact, were not. Therefore, they are considered to have been waived. The positions set forth in the Reply Brief are considered not timely. Moreover, the Reply Brief does not in any manner address or otherwise “reply” to the Examiner’s responsive arguments beginning at page 10 of the Answer that were in fact made in response to the arguments Appellant made in the principal Brief on appeal. Appellant’s arguments at pages 9 through 11 of the principal Brief on appeal are addressed by the Examiner at pages 11 and 12 of the Answer. We recognize, as alleged, that Guheen’s teachings are quite comprehensive Appeal 2008-2370 Application 10/139,099 9 as noted in our finding of fact 2. Guheen has comprehensive teachings relating to an extensive internet-based system. Notwithstanding this, Appellant urges that this reference and the Examiner’s specific references to certain portions of it relate to unrelated teachings, and picking and choosing unrelated elements of it. These positions are misplaced for the reasons set forth by the Examiner and us. The existence of the prior art trusted network environments, as recognized by Appellant in finding of fact 1, have been correspondingly noted in our finding of fact 3 as well as our extensive citation of pertinent Figures relating to the secure operating environment of Guheen’s trusted network in finding of fact 2. Significantly, Appellant’s contribution in the art appears to focus upon the use of so-called probes that are software-based as indicated briefly in our reference to the invention in the initial pages of this opinion. The ability of an administrator to utilize similar probes has been clearly indicated by the Examiner’s references to Guheen in findings of fact 4, 5, and 6. The Reply Brief does not contest the Examiner’s apparent definitions of the use of Guheen’s so-called “probes” and “sniffers” noted in finding of fact 7. The Examiner’s reliance upon the teachings we noted in findings of fact 4-6 indicate to the artisan that security within the entire network of Guheen is based upon an organization’s security policy for its network. Based upon our review of the evidence before us, we find that artisans would have utilized the management consoles briefly mentioned at finding of fact 6 to Appeal 2008-2370 Application 10/139,099 10 effect the administrator’s need to make the network secure by using probes and sniffers to monitor its security. CONCLUSION OF LAW Appellant has not shown that the Examiner erred in finding that Guheen teaches activation of software-based probes to access control decision points to monitor violations of security policies of the network as set forth in independent claims 1, 10, and 19 on appeal. DECISION The Examiner’s rejection of claims 1, 3-6, 8-10, 12-15, and 17-26 under 35 U.S.C. § 102(e) is affirmed. No time period for taking any subsequent action in connection with this appeal may be extended under 37 C.F.R. § 1.136(a). AFFIRMED rwk MARTINE PENILLA & GENCARELLA, LLP 710 LAKEWAY DRIVE SUITE 200 SUNNYVALE, CA 94085 Copy with citationCopy as parenthetical citation