Ex Parte Congdon

Patent Trial and Appeal Board

Mar 11, 2014

12082835 (P.T.A.B. Mar. 11, 2014)

UNITED STATES PATENT AND TRADEMARK OFFICE
____________

BEFORE THE PATENT TRIAL AND APPEAL BOARD
____________

Ex parte PAUL T. CONGDON
____________

Appeal 2011-011065
Application 12/082,835
Technology Center 2400
____________

Before JASON V. MORGAN, BRUCE R. WINSOR,
and LINZY T. McCARTNEY, Administrative Patent Judges.

WINSOR, Administrative Patent Judge.

DECISION ON APPEAL
Appellant1 appeals under 35 U.S.C. § 134(a) from the Final Rejection
of claims 21, 22, and 24-29, which constitute all the claims pending in this

1 The real party in interest identified by Appellant is Hewlett-Packard
Development Company, LP, a wholly-owned affiliate of Hewlett-Packard
Company, and having HPQ Holdings, LLC, as its general or managing
partner. App. Br. 2.
Appeal 2011-011065
Application 12/082,835

2
application. Claims 1-20 and 23 are canceled. We have jurisdiction under
35 U.S.C. § 6(b).
We affirm-in-part.

STATEMENT OF THE CASE
Appellant’s disclosure “relates generally to networking” and more
particularly “to access security for networks.” (Spec. 1:17-18.) Claim 21,
which is illustrative, reads as follows:
21. A method for filtering access to network resources, the
method comprising:
detecting a new client at an access port;
temporarily configuring a first filter at the access port,
said first filter providing access to a first network with
resources for unauthorized clients;
authenticating the new client using the resources of the
first network;
receiving authorization for the new client to access a
second network; and
after receiving said authorization, replacing the first filter
with a second filter at the access port, said second filter
providing access to the second network.
Claims 21, 22, and 24-29 stand rejected under 35 U.S.C. § 102(b) as
anticipated by Wilson (US 2002/0009078 A1; Jan. 24, 2002).
Rather than repeat the arguments here, we refer to the Briefs (“App.
Br.” filed Mar. 10, 2011; “Reply Br.” filed June 24, 2011) and the Answer
(“Ans.” mailed Apr. 28, 2011) for the respective positions of Appellant and
the Examiner. Only those arguments actually made by Appellant have been
considered in this decision. Arguments that Appellant did not make in the
Appeal 2011-011065
Application 12/082,835

3
Briefs have not been considered and are deemed to be waived. See
37 C.F.R. § 41.37(c)(1)(vii)(2011).

ISSUES
The issues presented by Appellant’s arguments are as follows:
Does Wilson disclose “temporarily configuring a first filter at [an]
access port, said first filter providing access to a first network with resources
for unauthorized clients; . . . and . . . replacing the first filter with a second
filter at the access port, said second filter providing access to the second
network[,]” as recited in claim 21?
Does Wilson disclose “wherein in [an] open VLAN [(virtual local
area network)] mode, upon being contacted by a new client, the port is
temporarily configured with a first filter, said first filter providing access
only to a guest VLAN with resources for unauthorized clients[,]”as recited
in claim 27?
Does Wilson disclose “a first filter means for providing access to a
guest network with resources for unauthorized clients; a second filter means
for providing access to an authorized network; and means for replacing the
first filter with the second filter upon receiving authorization for a new client
to access the authorized network[,]” as recited in claim 29?
Does Wilson disclose “the first filter including at least a Port VLAN
ID (PVID) for the first VLAN, and the second filter including
at least a PVID for the second VLAN[,]” as recited in claim 22?

Appeal 2011-011065
Application 12/082,835

4
ANALYSIS
Claim 21
We have considered Appellant’s arguments and contentions (App. Br.
10-15; Reply Br. 4-8) regarding claim 21 in light of the Examiner’s findings
(Ans. 3-4) and explanations (Ans. 5-7). We agree with the Examiner’s
finding and explanations (Ans. 3-4, 5-7) and adopt them as our own. The
following findings and conclusions are for emphasis.
The Examiner maps the recited “first filter” to Wilson’s firewall
configured with firewall rules prior to user registration (i.e.,
“authentication”) through Wilson’s “registration page.” (Ans. 5-6). The
Examiner maps the recited second filter to Wilson’s firewall configured with
firewall rules as changed after user registration. (Ans. 6).
Appellant contends Wilson does not disclose “[a] port-specific filter
[that] acts on a packet-specific level, allowing certain packets to be
transmitted from and received by a client at the port, while disallowing other
packets.” (App. Br. 12). However, the claim merely recites first and second
filters “at the access port.” There is no recitation in claim 21 that the first
and second filters are “port-specific” or that they act on “a packet-specific
level.” Giving the phrase its broadest reasonable interpretation in light of
the Specification, without importing limitations from the Specification, we
construe a filter “at the access port” to encompasses any filter that acts on
the data transmitted through the access port. Appellant does not direct us to
any passage of the Specification that would lead to a narrower definition
(see, e.g., Spec. 10:3-13).
Appellant contends that Examiner has given “filter” an overly broad
interpretation.
Appeal 2011-011065
Application 12/082,835

5
Just prior to the filing date of the present application, the
term “filter” was defined in the Microsoft Computer Dictionary
as “hardware or software that selectively passes certain
elements of a signal and eliminates or minimizes others" or "a
pattern or mask through which data is passed to weed out
specified items.” Microsoft Press, Microsoft Computer
Dictionary 2l3-14 (5th ed. 2002). Furthermore, the plain
meaning of the term “filter” is to selectively allow certain
elements and selectively disallow other elements. Thus, anyone
having ordinary skill in the art would have understood the term
“filter” as referring to the selective allowance and disallowance
of certain elements.
(Reply Br. 5). Accepting, arguendo, Appellant’s proposed construction of
“filter,” however, we find that the proposed construction encompasses
Wilson’s firewall and firewall rules. One of ordinary skill in the art would
understand that one of functions of a firewall and firewall rules is to
selectively allow and disallow certain elements.
Appellant contends as follows:
It bears further mentioning that the Examiner has
already recognized that the concept of configuring certain
VLANs for a certain port and the concept of establishing
port-specific filters are patentably distinct. In the parent
case of the present application, the Examiner separated
Applicant's claims into two species which the Examiner
considered to be mutually exclusive: i) “a method for a switch
to respond to a new client, wherein the switch temporarily
assigns the port to be an untagged member of a VLAN for
unauthorized clients” and ii) “a method for filtering access to
network resources, wherein a first filter provides access to a
first network with resources and a second filter provides access
to a second network.” (U.S. Patent Application No. 10/425,436,
Office Action of Sept. 27, 2006, p.2). The Examiner further
characterized these concepts as “patentably distinct.” (Id.).
(App. Br. 12-13).
Appeal 2011-011065
Application 12/082,835

6
We find Appellant’s contention unpersuasive because the Examiner is
relying on Wilson’s disclosure of filtering access to network resources (i.e.,
firewall and firewall rules) to disclose the first and second filters. The
Examiner does not rely on the assignment of a port to an unauthorized client
as disclosing the filters. (See Ans. 7).
Appellant has failed to persuade us of error in the rejection of claim
21. Accordingly, we sustain the rejection of claim 21, and claims 24-26,
which depend from claim 21 and were not separately argued with
particularity.
Claim 27
Appellant’s arguments for claim 27 are substantially the same as for
claim 21 (see App. Br. 16). Therefore, for the reasons discussed above
regarding claim 21, Appellant has failed to persuade us of error in the
rejection of claim 27. Accordingly, we sustain the rejection of claim 27 and
claim 28, which depends from claim 27 and was not separately argued with
particularity.
Claim 29
Appellant’s arguments for claim 29 are substantially the same as for
claim 21 (see App. Br. 17). Therefore, for the reasons discussed above
regarding claim 21, Appellant has failed to persuade us of error in the
rejection of claim 29. Accordingly, we sustain the rejection of claim 29.2

2 In the event of further prosecution of claim 29, or claims in similar form,
we leave to the Examiner to determine whether claim 29 is a means-plus-
function claim invoking 35 U.S.C. § 112, sixth paragraph, and, if so,
whether Appellant’s Specification discloses sufficient structure for claim 29
to be definite under § 112, second paragraph. See MPEP § 2181 II.B (8th
Appeal 2011-011065
Application 12/082,835

7
Claim 22
The Examiner finds as follows:
Referring to claim 22, Wilson discloses that once the user
has been authenticated and registered, the user is assigned the
next available VLAN ID and the user’s port is associated with
the VLAN using the ID and is added to the switch ([0697]-
[0699]), which meets the limitation of the second network
comprises a second VLAN, and the second filter including at
least a PVID for the second VLAN. Prior to authentication the
user is assigned to the Open VLAN ID number 2 ([0705]),
which meets the limitation of the first network comprises a first
virtual local area network, the first filter including at least a port
VLAN ID for the first VLAN.
(Ans. 4).
Appellant contends, inter alia, that “Wilson never teaches or suggests
that a specific filter assigned to the port includes the PVID for the first
VLAN or the second VLAN. Moreover, this claimed subject matter is not
inherent to Wilson’s teaching of assigning a port to a certain VLAN.” (App.
Br. 15). We agree with Appellant.
The cited passages (Wilson, ¶¶ 0697-0699, 0705) do not explicitly
disclose that the VLAN ID’s are included in Wilson’s firewall and firewall
rules, i.e., the recited first and second filters. Further, although Wilson’s
teachings may suggest including the VLAN IDs in the firewall rules, that is
not sufficient to show inherent disclosure. See In re Robertson, 169 F.3d
743, 745 (Fed. Cir. 1999). Inherency requires that “the allegedly inherent
characteristic necessarily flows from the teachings of the applied prior art.”
Ex parte Levy, 17 USPQ2d 1461, 1464 (BPAI 1990). Therefore, the

ed. 2001; rev. Aug. 2012); see also Aristocrat Techs. Australia Pty Ltd. v.
Int’l Game Tech., 521 F.3d 1328, 1338 (Fed. Cir. 2008).

Appeal 2011-011065
Application 12/082,835

8
Examiner has not established that Wilson discloses each and every element
of claim 22, see Verdegaal Bros. v. Union Oil Co. of Cal., 814 F.2d 628,
631 (Fed. Cir. 1987), in as much detail as set forth in the claim, see
Richardson v. Suzuki Motor Co., 868 F.2d 1226, 1236 (Fed. Cir. 1989), and
arranged as in the claim, see In re Bond, 910 F.2d 831, 832 (Fed. Cir. 1990).
Appellant has persuaded us that the Examiner has not established that
claim 22 is anticipated by Wilson. Accordingly, on this record we are
constrained to not sustain the rejection of claim 22.

DECISION
The decision of the Examiner to reject claims 21 and 24-29 is
affirmed.
The decision of the Examiner to reject claim 22 is reversed.
No time period for taking any subsequent action in connection with
this appeal may be extended under 37 C.F.R. § 1.136(a)(1). See 37 C.F.R.
§ 1.136(a)(1)(iv).

AFFIRMED-IN-PART

tj