Ex Parte CarrollDownload PDFBoard of Patent Appeals and InterferencesMay 27, 201110710491 (B.P.A.I. May. 27, 2011) Copy Citation UNITED STATES PATENT AND TRADEMARK OFFICE ________________ BEFORE THE BOARD OF PATENT APPEALS AND INTERFERENCES ________________ Ex parte NICHOLAS M. CARROLL ________________ Appeal 2009-006678 Application 10/710,491 Technology Center 2400 ____________________ Before MARC S. HOFF, CARLA M. KRIVAK, and THOMAS S. HAHN, Administrative Patent Judges. HAHN, Administrative Patent Judge. DECISION ON APPEAL Appellant invokes our review under 35 U.S.C. § 134(a) from the Examiner’s final rejection of claims 1-30. We have jurisdiction under 35 U.S.C. § 6(b). We reverse, and enter a new ground of rejection. Appeal 2009-006678 Application 10/710,491 2 STATEMENT OF THE CASE Introduction Appellant claims a method and system for protecting an interconnected multiple computer system by preventing users from tampering with a system securable object. A security descriptor for the securable object includes a discretionary access control list (DACL) that is updated with a new access control entry (ACE) specifying access denials to the securable object.1 Claims 1 and 21 are illustrative: 1. A method for protecting the configuration of a securable object in an operating system from members of a locally privileged group, wherein a security descriptor for the securable object includes a discretionary access control list (DACL), the method comprising: making a copy of the security descriptor; adding a new access control entry (ACE) to the DACL in said copy, wherein said new ACE specifies denying the locally privileged group an access right to the securable object; and overwriting the security descriptor in the operating system with said copy. 1 See generally Abstract; Spec. ¶¶ [0008], [0026] – [0031], [0039], [0044] – [0046], [0053], [0054]; Figs. 1, 2. (References herein are to Appellant’s Specification as filed July 15, 2004 rather than to corresponding Patent Application Publication 2006/0015741 A1.) Appeal 2009-006678 Application 10/710,491 3 21. A system for protecting the configuration of a securable object in an operating system of a computer from members of a locally privileged group, wherein a security descriptor for the securable object includes a discretionary access control list (DACL), the system comprising: means for making a copy of the security descriptor; means for adding a new access control entry (ACE) to the DACL in said copy, wherein said new ACE specifies denying the locally privileged group an access right to the securable object; and means for overwriting the security descriptor in the operating system of the computer with said copy. Rejections and Appellant’s Contentions Claims 1-30 stand rejected under 35 U.S.C. § 102(e) as being anticipated by Shaji (US 2004/0215650 A1) (Final Action 4-6). Appellant contends, inter alia, that the Examiner erred because independent claim 1, and similarly the other independent claims, recite limitations directed to usage of a “discretionary access control list (DACL)” not taught by Shaji (App. Br. 10-14; Reply Br. 1-7). Appellant further contends the Examiner erred in rejecting claims 7, 9, 17, and 27, under 35 U.S.C. § 112, second paragraph, as being indefinite for failing to provide antecedent basis for “new ACEs” (Final Action 3) because the disputed limitation has adequate antecedent basis (App. Br. 15-16). Appeal 2009-006678 Application 10/710,491 4 Appellant contends that the Examiner erred in rejecting claims 21-30 under 35 U.S.C. § 101 as reciting non-statutory subject matter (Final Action 2) because the Examiner incorrectly construed recited subject matter to be software (App. Br. 14-15; Reply Br. 2-3). Issues on Appeal 1. Did the Examiner err in rejecting claims 1-30 under 35 U.S.C. § 102(e) because Shaji fails to teach recited limitations directed to usage of a “discretionary access control list (DACL)?” 2. Did the Examiner err in rejecting claims 7, 9, 17, and 27 under 35 U.S.C. § 112, second paragraph, as being indefinite? 3. Did the Examiner err in rejecting claims 21-30 under 35 U.S.C. § 101 by construing these claims as covering a computer program that is non-statutory subject matter? ANALYSIS Rejection under 35U.S.C. § 102(e) All of the rejected independent claim preambles recite “protecting the configuration of a securable object in an operating system . . . , wherein a security descriptor for the securable object includes a discretionary access control list (DACL).” From these independent claims, Appellant selected claim 1 for argument and substantively describes this claim as covering a method comprising (i) copying a security descriptor, (ii) adding into a Appeal 2009-006678 Application 10/710,491 5 copied DACL a new access control entry (ACE) that denies access to a securable object, and (iii) overwriting the ACE altered DACL into the operating system security descriptor (see App. Br. 5). Based on our review of the record, including the Specification, we agree with this interpretation. Appellant contends that the anticipation reference, Shaji, is inadequate because, inter alia, it fails to teach the claimed DACL (App. Br. 11). Citing the Specification, Appellant explains that “a DACL is a special ‘permissions’ type of access control list (ACL) and not merely any ACL[] ([[0031] and [0039]])” (App. Br. 5). From our review of the Specification, we find disclosure for a SACL in addition to disclosure for a DACL. The Specification discloses that a system ACL or “SACL . . . contains audit information that controls what events for the object are logged” and that a SACL is “not germane” to a DACL (Spec. ¶ [0030]). Accordingly, consistent with the Specification, we agree with Appellant that a DACL is not merely any ACL. The Examiner responds that Shaji discloses a DACL by disclosing that “security descriptors comprise access control lists (ACLs) for permissions (e.g. see Shaji, par. 18, 19, 74, 75, 79, 91, 93)” (Ans. 9-10). Further, the Examiner finds that Appellant’s Specification “admits that ACLs for permissions are also known as ‘DACLs’ or ‘discretionary access control lists’ . . .” (Ans. 10). Next, the Examiner points out that a “pseudocode” is disclosed in Shaji paragraph [0093], and that this code includes the word “PERMISSION” along with the following code line: “For Appeal 2009-006678 Application 10/710,491 6 eachACE in sd.Dacl” (Ans. 10). From this disclosure, the Examiner concludes “the pseudocode of Shaji explicitly utilizes the term DACL when programmatically referencing the ACL attribute associated with the security descriptor ‘sd’” (id.). Responding, Appellant argues that the Examiner has not identified “DACL-based limitations in any of the claims” that read on the above identified Shaji disclosures, which were first raised in the Examiner’s Answer (Reply Br. 5). Based on our review of the rejection and Appellant’s arguments, we conclude that the Examiner erred in the anticipation rejection of claim 1 because claimed DACL limitations are not found to be taught in the Shaji identified disclosure. Richardson v. Suzuki Motor Co., 868 F.2d 1226, 1236 (Fed. Cir. 1989) (Anticipation rejections require that “[t]he identical invention must be shown in as complete detail as is contained in the . . . claim.”). Based on this record, we reverse the anticipation rejection of claim 1, and we reverse the anticipation rejection of independent claims 11 and 21. We also reverse the anticipation rejection of the dependent claims 2-10, 12- 20, and 22-30. Rejection under 35U.S.C. § 112, Second Paragraph Claims 7, 9, 17, and 27 stand rejected as being indefinite because the Examiner finds no antecedent basis for claiming “said new ACEs” (Final Action 3). Appeal 2009-006678 Application 10/710,491 7 Appellant separately argues claim 7 and relies on those arguments for the remaining rejected claims (App. Br. 15-16). Reviewing the record, we find Appellant’s arguments are germane for the other rejected claims. Appellant asserts that claim 1’s recitation of “‘said new ACE’ with respect to one local group” provides antecedent basis for dependent claim 7’s recitation of “said new ACEs” along with the recited plural “local groups” (App. Br. 15). Appellant argues that the plural recitation in claim 7, in view of the antecedent recitation in claim 1, is grammatically correct and understandable to ordinarily skilled artisans (App. Br. 15-16). The Examiner, in response, maintained the rejection (Ans. 17) Based on our review of the record, we conclude the Examiner erred in finding there is inadequate antecedent basis for the disputed limitation. We reverse the indefiniteness rejection of claims 7, 9, 17, and 27. Rejection under 35U.S.C. § 101 Appellant contends that the Examiner incorrectly construed the independent claim 21 recited “system” (see supra) to be a computer program (App. Br. 2-3), and, therefore, that the Examiner’s rejection of this claim and its dependent claims as being outside the “statutory categories of invention” (Final Action 2) should be reversed. The Examiner explains in opposition to this contention that claims 21- 30 “recite a system comprising a computer program (e.g. dependent claim 30 Appeal 2009-006678 Application 10/710,491 8 explicitly recites that the system is software).”2 Using this interpretation, the Examiner concludes that “[c]omputer software per se[] fails to fall within any one of the statutory categories of invention” (Ans. 17). Responding, Appellant points to claim 21’s limitations “‘means for making a copy . . . ,’ ‘means for adding . . . ,’ and ‘means for overwriting . . .’”, and contends that these limitations cover a processor and memories, not a computer program or software (Reply Br. 2). The claims are drafted in explicit means-plus-function format without recital of structure or material for performing specified functions. Therefore, 35 U.S.C. § 112, sixth paragraph, which authorizes such claiming, directs that structures or materials described in the Specification and their equivalents must be considered in construing covered elements. Based on our review of the record, we find that § 112, sixth paragraph, has not been considered in construing the claims. We, accordingly, do not sustain the § 101 rejection of claims 21-30. New Ground of Rejection - §112 We reject claims 21-30 as being indefinite under 35 U.S.C. § 112, second paragraph, because we do not find sufficient structure disclosed in 2 Claim 30 reads as follows: “The system of claim 21, wherein said means are comprised within a single software tool.” Appeal 2009-006678 Application 10/710,491 9 the Specification for performing the functions recited in means-plus-function elements to render the claims definite. We conclude from reviewing the record, including Appellant’s Summary of Claimed Subject Matter in the Appeal Brief (App. Br. 4-8), that the Specification merely discloses using general purpose computing machines capable of running security descriptor based operating systems (see, e.g., Spec. ¶ [0026]). We do not find disclosure of algorithms for performing the claimed functions. Accordingly, we reject independent claim 21 and its dependent claims 22-30 as being indefinite. Net MoneyIN, Inc. v. VeriSign, Inc., 545 F.3d 1359, 1367 (Fed. Cir. 2008) (“[A] means-plus- function claim element for which the only disclosed structure is a general purpose computer is invalid if the specification fails to disclose an algorithm for performing the claimed function.” (citation omitted)). CONCLUSIONS 1. Appellant established that the Examiner erred in rejecting claims 1-30 in finding Shaji anticipates limitations directed to usage of a “discretionary access control list (DACL).” 2. Appellant established that the Examiner erred in rejecting claims 7, 9, 17, and 27 as being indefinite. 3. Appellant established that the Examiner erred in rejecting claims 21- 30 by construing these claims as covering a computer program that is non-statutory subject matter. Appeal 2009-006678 Application 10/710,491 10 4. On this record, claims 1-20 have been shown to be patentable. 5. Claims 21-30 are rejected on a new ground as not patentable. DECISION The Examiner’s rejections of claims 1-30 are reversed. This decision contains a new ground of rejection pursuant to 37 C.F.R. § 41.50(b). 37 C.F.R. § 41.50(b) provides that "[a] new ground of rejection.., shall not be considered final for judicial review." 37 C.F.R. § 41.50(b) also provides that the Appellant, WITHIN TWO MONTHS FROM THE DATE OF THE DECISION, must exercise one of the following two options with respect to the new ground of rejection to avoid termination of the appeal as to the rejected claims: (1) Reopen prosecution. Submit an appropriate amendment of the claims so rejected or new evidence relating to the claims so rejected, or both, and have the matter reconsidered by the Examiner, in which event the proceeding will be remanded to the Examiner. . . . (2) Request rehearing. Request that the proceeding be reheard under § 41.52 by the Board upon the same record. . . . Appeal 2009-006678 Application 10/710,491 11 No time period for taking any subsequent action in connection with this appeal may be extended under 37 C.F.R. § 1.136(a)(1)(iv). REVERSED 37 C.F.R. § 41.50(b) rwk Copy with citationCopy as parenthetical citation
