09984969 (B.P.A.I. Aug. 16, 2010)

Ex Parte Erickson et al

Board of Patent Appeals and InterferencesAug 16, 2010

09984969 (B.P.A.I. Aug. 16, 2010)

UNITED STATES PATENT AND TRADEMARK OFFICE ____________ BEFORE THE BOARD OF PATENT APPEALS AND INTERFERENCES ____________ Ex parte JOHN S. ERICKSON and MARK SCHLAGETER ____________ Appeal 2008-006003 Application 09/984,969 Technology Center 2400 ____________ Before JAMES D. THOMAS, HOWARD B. BLANKENSHIP, and JEAN R. HOMERE, Administrative Patent Judges. BLANKENSHIP, Administrative Patent Judge. DECISION ON APPEAL1 1 The two-month time period for filing an appeal or commencing a civil action, as recited in 37 C.F.R. § 1.304, or for filing a request for rehearing, as recited in 37 C.F.R. § 41.52, begins to run from the “MAIL DATE” (paper delivery mode) or the “NOTIFICATION DATE” (electronic delivery mode) shown on the PTOL-90A cover letter attached to this decision. Appeal 2008-006003 Application 09/984,969 2 STATEMENT OF THE CASE This is an appeal under 35 U.S.C. § 134(a) from the Examiner’s final rejection of claims 1-22, which are all the claims in the application. We have jurisdiction under 35 U.S.C. § 6(b). We affirm-in-part. Invention Appellants’ invention relates “to a method and apparatus for controlling access to and protecting networked information resources and services, including individual sets of ‘web services’ or ‘e-services’ made available by hosts via message calls across network protocols.” Spec. 1:5-8. Representative Claims 1. An apparatus for controlling cross-organizational access by end users associated with a plurality of organizations to one or more distributed object services and/or resources available via a resource server across an information technology communications network, the apparatus comprising: an authorization module associated with each of said organizations, said authorization module being adapted to issue enrollments to one or more end users associated with said organization and electronically transmit said enrollments to the respective end users; a servicing module for defining credentials required for access to each of said services and/or resources via said resource server by end users associated with each of said organizations; and a clearance module storing one or more mappings of enrollments to credentials; Appeal 2008-006003 Application 09/984,969 3 wherein each of the end users includes a transmitter for transmitting to the resource server a request for access to at least one of said services and/or resources together with data relating to the respective enrollment of the end user; in response to receipt of said request, said resource server is adapted to transmit said data relating to said enrollment to said clearance module; said clearance module is adapted to map said enrollment to one or more respective credentials and return data representative of said credential(s) to said resource server; said resource server is adapted to comply with said request in response to a positive comparison of said data representative of said credential(s) to said request and to deny said request in response to a negative comparison of said data representative of said credential(s) to said request; and at least one of said authorization module, said servicing module, and said clearance module is/are applications or endpoints dynamically interactable with other applications or endpoints across the information technology communications network. 3. An apparatus for policy enforcement for distributed object services and/or resources accessible across a communications network, the apparatus comprising: a resource server for providing access by an end user to said object services and/or resources; a policy data structure creating apparatus for creating a policy data structure defining, for each of said object services and/or resources, at least one policy in accordance with which Appeal 2008-006003 Application 09/984,969 4 access to said object service and/or resource is permitted by said end user; and a binding apparatus for binding said at least one policy defined by said policy data structure to said object service and/or resource. Prior Art Henry M. Gladney, Safe Deals Between Strangers, IBM Research Report RJ 10155 (27 pages plus Abstract and Table of Contents) (Aug. 15, 1999) (“Gladney”). Examiner’s Rejections Claims 1-22 stand rejected under 35 U.S.C. § 102(b) as being anticipated by Gladney.2 FINDINGS OF FACT The Examiner finds each of the pending claims to be anticipated by Gladney. According to Appellants, the instant invention applies the “safe dealing” model of the Gladney reference to Web services. See Spec. 4, l. 6 et seq.; 6:1-9; 10:3-10; 16:17-23. PRINCIPLES OF LAW “Anticipation requires the presence in a single prior art reference disclosure of each and every element of the claimed invention, arranged as in the claim.” Lindemann Maschinenfabrik GMBH v. American Hoist & Derrick Co., 730 F.2d 1452, 1458 (Fed. Cir. 1984). 2 Although the Final Rejection and the Answer state the basis as § 102(e), on this record the non-patent publication is a reference under § 102(b). Appeal 2008-006003 Application 09/984,969 5 For a prior art reference to anticipate in terms of 35 U.S.C. § 102, every element of the claimed invention must be identically shown in a single reference. However, this is not an “ipsissimis verbis” test. In re Bond, 910 F.2d 831, 832 (Fed. Cir. 1990). ANALYSIS We will address the limitations of representative claims as follows. Claims 1 and 11 The Examiner reads instant claim 1 on structures described by Gladney as depicted in Figure 3 (page 6). Cf. instant Fig. 1. Appellants argue that Gladney fails to describe any of the Administrator for Requesting Organization (A0), Administrator for Serving Organization (AP), and Clearance Center (C) as being applications or endpoints which are dynamically interactable with other applications or endpoints across the information technology communications network. In particular, Appellants submit that the communications between A0 and AP represent communications between human beings, as opposed to “applications or endpoints.” Further, Appellants argue that none of the communications between A0 and AP are disclosed as across the information technology communications network. Finally, Appellants argue that Clearance Center C is not “dynamically interactable” because it appears to be described as receiving enrollment to ticket mappings from AP without any disclosure of “interaction” between the two; i.e., without a reply being returned from C to AP. Appeal 2008-006003 Application 09/984,969 6 Instant claim 1 recites an authorization module “adapted to” perform functions and a servicing module “for” performing functions. Appellants have not shown how the claimed “modules” might distinguish over software performing the functions as described by Gladney, even if human beings are in ultimate control of the software functions. A0 and AP in Gladney may indeed be human beings (although Gladney specifies that “we ignore the distinction between a human user and a process acting as surrogate for that user,” page 5, ll. 1-3). However, as shown in the legend of Figure 3 (page 6), the entities on the digital communication network associated with A0 and AP are each embodied as a “Computer with human user.” Moreover, Appellants admit that the manner in which the various services communicate in the model illustrated by instant Figure 1 is “substantially the same as that described with reference to the Gladney safe dealing model.” Spec. 10:3-7. Further, Appellants do not explain why the “modules” of the instant invention are deemed to be “dynamically interactable with other applications or endpoints” while those of Gladney are not. Appellants’ Appeal Brief (at 5-6) points to Specification page 6, line 28 through page 7, line 2 as support for the claimed feature, which merely contains the claim language in a “summary” of the invention. Appellants’ Specification indicates that a network “endpoint” requires no more than an entity on a Web service or e-service that operates on messages containing information. See Spec. 1: 9-15. Gladney’s Figure 3 contains digital network communications and appears in the context of Web Appeal 2008-006003 Application 09/984,969 7 servers and e-business applications (Fig. 2; page 3, ll. 1-4).3 We are not persuaded that any of the network entities depicted as rectangles in Figure 3 of Gladney are not “applications or endpoints” within the meaning of claim 1. As for the alleged lack of interaction “across the information technology communications network” between (the computers of) A0 and AP, the ordinarily skilled artisan would understand that interactions between computers in separate organizations are normally by means of digital network communication, even if the links drawn between the A0 and AP computers provide the additional information of “sharing” the ID and public key as denoted in the Figure 3 legend. (Compare to the “out of band” communications such as “Negotiate service agreement” and “Agree on encoding of enrollments.” Also compare to instant Figure 1, “Negotiation creates enrollment::ticket mappings (held by OC),” which seems to represent an “out of band” communication). Thus, at least the computers of A0 and AP in Gladney are “dynamically interactable” across “the information technology communications network” within the meaning urged by Appellants. Appellants’ arguments fail for an additional reason, due to the breadth of claim 1 presented on appeal, even if our foregoing findings from the reference with respect to A0 and AP were wrong. Appellants argue that Clearance Center C of Gladney is not “dynamically interactable” with AP because, presumably, the digital network communication of “Sends enrollment to ticket mappings” is a one-way communication, without 3 Gladney also describes implementing the system based on the JAVA language, Web browsers, servers, and clients, and relational databases. Page 16 and Figure 4. Appeal 2008-006003 Application 09/984,969 8 response from C. However, Figure 3 also shows the “dynamically interactable” elements of Clearance Center C and Resource Server R. Claim 1 does not specify that “at least one” of the authorization module, servicing module, and clearance module is “dynamically interactable” with one or more of the other named “modules.” Rather, the claim recites that at least one of the modules is dynamically interactable with “other applications or endpoints,” which does not distinguish over Resource Server R as shown in Figure 3 of Gladney. That the limitation reads on Gladney is not surprising; see instant Figure 1, note “dynamically interactable” elements “Clearance Service (CC)” and “Resource Server (RS).”4 Being not persuaded of error in the rejection of claim 1, we sustain the rejection. Although Appellants submit that independent claim 11 is patentable because (dependent) claim 10 is patentable (Br. 23), claim 11 does not contain the limitations of claim 10 but contains the argued feature of claim 1. Claim 11 thus falls with claim 1. Claim 2 Claim 2 recites that at least one of the named modules of claim 1 “is/are arranged to be accessible via an object invocation protocol.” On this record, the only evidence we have of “object invocation protocols” are protocols such as the prior art “SOAP” protocol (e.g., Spec 10:5-9; 14:3- 4 Although the literal language of claim 1 suggests that the “at least one” module must by “dynamically interactable” with a plural number of “applications or endpoints,” Appellants’ disclosure is to the contrary (as shown in Figure 1). Only the Resource Server (RS) is disclosed as being “dynamically interactable” with more than one “application or endpoint,” assuming that, consistent with Appellants’ arguments, two opposite-directed arrows are required for “dynamic interaction.” Appeal 2008-006003 Application 09/984,969 9 15:7). Because the Examiner has not identified an “object invocation protocol” in Gladney, nor shown how the modules might be “arranged to be accessible” via such a protocol, we do not sustain the rejection of claim 2. Claims 3, 12, and 15 Claim 3 recites, inter alia, a “policy data structure” and a “binding apparatus.” Even if we assume that the rejection demonstrates that Gladney describes a “policy data structure” as claimed, the rejection fails to point out a “binding apparatus” consistent with claim 3. We note that the claimed “binding” is based not on Gladney, but on another prior art reference. See Spec. 11:12 et seq. Because independent claim 12 and dependent claim 15 each recite limitations similar to those of claim 3, we do not sustain the rejection of claims 3, 12, and 15. Claim 19 Claim 19 depends from claim 18, which depends from claim 1. Claim 19 recites that the service agreement (of claim 18) is established as a result of negotiations between the servicing module and the authorization module associated with the organization. The Examiner’s position to the contrary notwithstanding, Gladney clearly discloses (e.g., Fig. 3) that the service agreement is negotiated between the Requesting Organization (O) and the Serving Organization (P), not between AP and A0. We therefore cannot sustain the rejection of claim 19. Appeal 2008-006003 Application 09/984,969 10 Claim 20 Claim 20 recites, inter alia, that a response of the resource server to the request is encrypted to be readable only by the end user. Although the rejection points to disclosure of encrypted messages between some network entities in Gladney (page 10), the rejection fails to show encryption of messages from the resource server to the end user. We do not sustain the rejection of claim 20. Summary/Conclusion We have not sustained the rejection of independent claims 3 and 12, nor that of dependent claims 2, 15, 19, and 20. We do not sustain the rejection of claims 4-10 because the claims depend from claim 3. We do not sustain the rejection of claim 16 because the claim depends from claim 15. We have sustained the rejection of independent claims 1 and 11. Absent separate arguments for patentability (see Br. 23), Appellants have elected that claims 13 and 14 stand or fall with claim 11 (which falls). Further in view of claims not separately argued by Appellants: dependent claims 17, 18, and 21 fall with claim 1; and dependent claim 22 falls with claim 11. See 37 C.F.R. § 41.37(c)(1)(vii). DECISION The Examiner’s rejection of claims 1-22 under 35 U.S.C. § 102(b) as being anticipated by Gladney is affirmed with respect to claims 1, 11, 13, 14, 17, 18, 21, and 22 but reversed with respect to claims 2-10, 12, 15, 16, 19, and 20. Appeal 2008-006003 Application 09/984,969 11 No time period for taking any subsequent action in connection with this appeal may be extended under 37 C.F.R. § 1.136(a). See 37 C.F.R. § 41.50(f). AFFIRMED-IN-PART msc HEWLETT-PACKARD COMPANY Intellectual Property Administration 3404 E. Harmony Road Mail Stop 35 FORT COLLINS, CO 80528