Ex Parte Farrugia et alDownload PDFPatent Trial and Appeal BoardJun 23, 201611366191 (P.T.A.B. Jun. 23, 2016) Copy Citation UNITED STA TES p A TENT AND TRADEMARK OFFICE APPLICATION NO. FILING DATE 11/366,191 03/01/2006 62224 7590 06/27/2016 ADELILLP 11859 Wilshire Blvd., Suite 408 LOS ANGELES, CA 90025 FIRST NAMED INVENTOR Augustin J. Farrugia UNITED STATES DEPARTMENT OF COMMERCE United States Patent and Trademark Office Address: COMMISSIONER FOR PATENTS P.O. Box 1450 Alexandria, Virginia 22313-1450 www .uspto.gov ATTORNEY DOCKET NO. CONFIRMATION NO. APLE.P0105 2832 EXAMINER HENNING, MATTHEW T ART UNIT PAPER NUMBER 2491 NOTIFICATION DATE DELIVERY MODE 06/27/2016 ELECTRONIC Please find below and/or attached an Office communication concerning this application or proceeding. The time period for reply, if any, is set in the attached communication. Notice of the Office communication was sent electronically on above-indicated "Notification Date" to the following e-mail address( es): mail@adelillp.com PatentOffice@adelillp.com PTOL-90A (Rev. 04/07) UNITED STATES PATENT AND TRADEMARK OFFICE BEFORE THE PATENT TRIAL AND APPEAL BOARD Ex parte AUGUSTIN J. FARRUGIA, GIANP AOLO FASOLI, and JEAN-FRANCOIS RIENDEAU Appeal2015-000498 1 Application 11/366,191 Technology Center 2400 Before ALLEN R. MacDONALD, JOHN P. PINKERTON, and GARTH D. BAER, Administrative Patent Judges. BAER, Administrative Patent Judge. DECISION ON APPEAL 1 Appellants identify Apple Inc. as the real party in interest. Appeal Br. 2. Appeal2015-000498 Application 11/366,191 STATEMENT OF THE CASE This is a decision on appeal, under 35 U.S.C. § 134(a), from the Examiner's non-final rejection of claims 1-5, 9-13, 15-21, 23, 24, 26-29, 33-35, 38--40, 43, 46, 47, 49-52, 55-58, 61---65, and 68-76, which are all the pending claims. Appeal Br. 2. We have jurisdiction under 35 U.S.C. § 6(b). We affirm. BACKGROUND A. The Invention Appellants' invention is directed to a "digital rights management (DRM) method for distributing content to users over a network." Abstract. Independent claims 1 and 55 are representative and reproduced below: 1. A digital rights management (DRM) method for protecting content using a diversified encryption scheme that uses a plurality of different encryption functions for different users, the method comprising: based on a first set of diversity indicia that uniquely identifies a first user of a first computer, generating a first index value; using the first index value to identify, at a centralized set ofDRM computers, a first encryption function from the plurality of different encryption functions for protecting a set of content for distribution to the first computer, wherein the first set of diversity indicia is used each time the first user of the first computer connects to the DRM computers; based on a second set of diversity indicia that uniquely identifies a second user of a second computer, generating a second index value different than the first index value; using the second index value to identify, at the centralized set of DRM computers, a second encryption function, different from the first encryption function, from the plurality of different 2 Appeal2015-000498 Application 11/366,191 encryption functions for protecting the set of content for distribution to the second computer, wherein the second set of diversity indicia is used each time the second user of the second computer connects to the DRM computers; at the centralized set of DRM computers, using the identified first encryption function to protect the set of content for distribution to the first computer; and at the centralized set of DRM computers, using the identified second encryption function to protect the set of content for distribution to the second computer, wherein the first set of diversity indicia is for identifying, at the first computer, a first decryption function from a plurality of different decryption functions for accessing the content while the second set of diversity indicia is for identifying, at the second computer, a second decryption function from the plurality of different decryption functions for accessing the content, the first decryption function corresponding to the first encryption function and the second decryption function corresponding to the second encryption function. 55. A method for accessing content that is protected by using a security element that is based on a set of diversity indicia associated with a recipient of content, the method comprising: performing a first transaction to request a first piece of content from a set of digital rights management (DRM) servers; after performing the transaction, sending the diversity indicia to the DRM server set, the diversity indicia for use by the DRM server set to identify a set of security element functions for protecting the first content, the set of security element functions comprising at least two different security element functions identified based on the diversity indicia; receiving the first content, protected by the set of security element functions, from the DRM server set; performing a second transaction to request a second piece of content from the set of DRM servers; 3 Appeal2015-000498 Application 11/366,191 receiving the second content, protected by the set of security element functions identified in the first transaction, from the DRM server set, without resending the diversity indicia to the DRM server set; based on the set of diversity indicia, identifying a set of access functions for accessing the protected first and second content, the set of access functions comprising at least two different access functions identified based on the diversity indicia; and accessing the content by using the identified set of access functions. Appeal Br. 84--85, 92-93 (Claims App.). B. The Rejections on Appeal The Examiner rejects claims 55-58, 61, 75, and 76 under 35 U.S.C. § 103(a) as unpatentable over Messerges (US 2002/0157002 Al; Oct. 24, 2002), in view of Dierks et al., The TLS Protocol Version 1.0, Network Working Group Request for Comments: 2246, January 1999 (hereinafter "TLS"). Non-Final Act. 10. The Examiner rejects claims 1-5, 9-13, 15-21, 23, 24, 26-29, 33-35, 38--40, 43, 46, 47, 49-52, 62---65, and 68-74 under 35 U.S.C. § 103(a) as unpatentable over Messerges, further in view of Fawcett (US 2005/0108262 Al; May 19, 2005), further in view of Ougi (US 2004/0260950 Al; Dec. 23, 2004), further in view of TLS, and further in view of Douceur (US 6,067,547; May 23, 2000). Non-Final Act. 13. 4 Appeal2015-000498 Application 11/366,191 A. Claims 55-58 and 61 ANALYSIS Appellants argue that the system disclosed in TLS does not ever exchange diversity indicia, and, thus, TLS (either alone or in combination with Messerges) would not render obvious, to an ordinary person skilled in the art, a method that receives a first protected content after a first transaction and a second protected content after a second transaction without resending diversity indicia to the content server. Appeal Br. 58. We do not find this argument persuasive. Claim 55 recites "a set of diversity indicia associated with a recipient of content," and further recites the diversity indicia is "for use by the DRM sever set to identify a set of security element functions for protecting the first content." Appellants' specification does not further define or limit the term "diversity indicia." Further, TLS teaches that when a client and server decide to resume a previous session, the client sends an initial message that includes a session identifier of the session to be resumed, the server locates the previous session and corresponding session state in its session cache based on the session identifier, and both the client and the server apply cryptographic options for protecting messages as defined by the previous session. TLS §§ 7 .1, 7.4.1.2. Because TLS teaches that the session identifier is used to identify a set of cryptographic options for protecting messages, we agree with the Examiner that the session identifier taught by TLS teaches the claimed "diversity indicia." Ans. 14. We also agree with the Examiner that requesting content without resending diversity indicia would have been obvious to one of ordinary skill in the art in light of the teaching of TLS, and that Appellants failed to contest the Examiner's finding as to the 5 Appeal2015-000498 Application 11/366,191 aforementioned claim limitation being well known. Ans. 14-15; see Jn re Chevenard, 139 F.2d 711, 713 (CCPA 1943) (accepting the examiner's finding that a brief heating at a higher temperature was the equivalent of a longer heating at a lower temperature where the applicant never demanded that the examiner produce evidence to support his statement). Appellants further argue that TLS does not describe using identification information of the client, or any sort of diversity indicia, as the basis for any of the handshake steps taught in TLS. Appeal Br. 59---60. We also do not find this argument persuasive because, as we previously described, we agree with the Examiner that TLS teaches the session identifier is used to identify a set of cryptographic options for protecting messages, and, thus, TLS's session identifier teaches the claimed "diversity indicia." Ans. 14. Accordingly, we sustain the Examiner's rejection of independent claim 55, and claims 56-58 and 61, not argued separately. B. Claims 1-3, 9-13, 69, and 71-73 Appellants argue that the query described in Ougi is not the claimed "index value" because the query does not itself identify an encryption function, and merely contains a user identifier with no additional generation of information. Appeal Br. 23. Appellants further argue that Douceur does not describe any aspects of digital rights management, and merely describes search keys generally. Appeal Br. 23-24. We do not find these arguments persuasive. It is well established that one cannot show non-obviousness by attacking references individually where the rejection is based upon the teachings of a combination of 6 Appeal2015-000498 Application 11/366,191 references. See Jn re Merck & Co., 800 F.2d 1091, 1097 (Fed. Cir. 1986); Jn re Keller 642 F.2d 413, 425 (CCPA 1981). Further, the test for obviousness is not whether the features of a secondary reference may be bodily incorporated into the structure of the primary reference. Rather, the test is what the combined teachings of those references would have suggested to those of ordinary skill in the art. See Keller, 642 F.2d at 425; see also In re Nievelt, 482 F.2d 965, 968 (CCPA 1973) ("Combining the teachings of references does not involve an ability to combine their specific structures."). As discussed below in greater detail, we conclude that Appellants' arguments regarding independent claim 1, and other arguments regarding independent claims 15, 24, 43, and 62, are generally not persuasive because they attack individual cited references for lacking features that the Examiner finds are taught by the combination of cited references. Further, as also discussed below in greater detail, we conclude that Appellants' argument regarding Ougi is not persuasive because it is not necessary that cited references be physically combinable to render a claimed invention obvious. We agree with the Examiner that Messerges teaches a domain-based DRM system including a server and a client, where the server encrypts content based on a domain, where the client must be associated with the domain to receive the content, and where transport layer security (TLS) is used to secure the communication between the client and the server. Ans. 2 (citing Messerges i-fi-140-58). We further agree that Fawcett teaches a server that stores user configuration information, including security information. Id. (citing Fawcett i1 51 ). We also agree that Ougi teaches a key management workstation that allocates unique user identifiers to users and queries a database containing user preferences regarding encryption 7 Appeal2015-000498 Application 11/366,191 algorithms based on the user identifiers. Id. (citing Ougi iii! 21, 108); see Ougi if 193. We further agree that TLS teaches a secure communication protocol that includes various sets of security functions (i.e., encryption functions, integrity functions, key management functions, and key generation functions) and access functions (i.e., decryption functions, verification functions, key management functions, and key generation functions). Ans. 2-3 (citing TLS §§ 7.3-7.4, Appendix C). We also agree that Douceur teaches generating an address from a query identifier and querying a hash table to identify a record in a database based on the address. Ans. 3 (citing Douceur, 1:35--45). Thus, in the Examiner's proffered combination, the system of Messerges utilizes TLS, in which a user's preferred set of security functions and access functions are stored in a database, where the system queries the database using a unique identifier for the user, where the unique user identifier is hashed to generate an address, and where the hashed address is used to select the database record containing the preferred set of security functions and access functions. Id. The Examiner's analysis is consistent with the framework articulated by the Supreme Court-when considering obviousness, "the analysis need not seek out precise teachings directed to the specific subject matter of the challenged claim, for a court can take account of the inferences and creative steps that a person of ordinary skill in the art would employ." KSR Int'! Co. v. Teleflex Inc., 550 U.S. 398, 418 (2007). Appellants' argument regarding Ougi and Douceur are not persuasive because the argument fails to address the combination of cited references, which we agree teaches generating first and second index values (i.e., Douceur's hashed addresses) based on first and second sets of diversity 8 Appeal2015-000498 Application 11/366,191 indicia that uniquely identify first and second users of first and second computers (i.e., Ougi's unique user identifiers), and further teaches using the generated first and second index values to identify first and second encryption functions (i.e., TLS's encryption functions) for protecting content for distribution to the first and second computers (i.e., Messerges' server that encrypts content for distribution to clients).2 Ans. 4--5; Non-Final Act. 13- 16. Appellants further argue that Ougi merely teaches identifying and selecting encryption algorithms at a key management station, and fails to teach selecting an encryption algorithm or a decryption algorithm at a transmission side device or a reception side device because the key management station of Ougi is designed in a way that precludes lookups at both the transmission side and the reception side, and further fails to teach using diversity indicia to identify a decryption function at the reception side device. Appeal Br. 25-26. Appellants also argue that TLS fails to teach using any identification information of a client as a basis for selecting encryption algorithms at a server, or selecting decryption algorithms at the client. Appeal Br. 26-27. We do not find these arguments persuasive. Appellants' argument that Ougi fails to teach selecting an encryption algorithm or a decryption algorithm at a transmission side device or a reception side device, or using 2 Claim 1 recites "a first set of diversity indicia that uniquely identifies a first user of a first computer," and "a second set of diversity indicia that uniquely identifies a second user of a second computer." As previously described, Appellants' specification does not further define or limit the term "diversity indicia." Because Ougi teaches that the user identifier is used to uniquely identify a user of a client device, we agree with the Examiner that the user identifier taught by Ougi teaches the claimed "diversity indicia." Ans. 4. 9 Appeal2015-000498 Application 11/366,191 diversity indicia to identify a decryption function at the reception side device is not persuasive because the argument attacks Ougi: (a) individually rather than the combination of cited references; and (b) for not being physically combinable with Messerges. Regarding (a), the Examiner relied upon TLS, rather than Ougi, for teaching identifying an encryption function or decryption function at a transmission side device or reception side device. Ans. 6; Non-Final Act. 13-16. Regarding (b ), the Examiner's combination does not require a bodily incorporation of Ougi' s encryption algorithm management method into Messerges' domain-based DRM system. Ans. 5- 6; Non-Final Act. 13-16. Instead, the Examiner's combination simply requires the use of unique identifiers to query a database for a user's encryption function preferences, as taught by Ougi, and Appellants' argument does not rebut the Examiner's finding that Ougi teaches using unique identifiers to query a user's encryption function preferences in a database. Ans. 6. Further, Appellants' argument that TLS fails to teach using diversity indicia that uniquely identifies a user of a computer is not persuasive because the argument attacks TLS individually, rather than the combined teachings of Messerges, Fawcett, Ougi, TLS, and Douceur, as the Examiner relied upon Ougi, rather than TLS, for teaching diversity indicia that uniquely identifies a user of a computer. Ans. 6-7; Non-Final Act. 13- 16. Appellants also argue that Fawcett fails to teach generating different index values from different sets of diversity indicia, or using the index values generated from the sets of diversity indicia to select different encryption functions. Appeal Br. 28. We do not find this argument persuasive. Appellants' argument regarding Fawcett is not persuasive 10 Appeal2015-000498 Application 11/366,191 because the argument attacks Fawcett individually, rather than the combination of cited references, as the Examiner relied upon Douceur for teaching index values, Ougi for teaching different sets of diversity indicia, and TLS for selecting different encryption functions. Ans. 8; Non-Final Act. 13-16. Appellants further argue the Non-Final Office Action fails to provide a sufficient reason why it would have been obvious to one of ordinary skill in the art to combine the elements of Messerges, Fawcett, Ougi, TLS, and Douceur. Appeal Br. 28. More specifically, Appellants argue that: (a) Fawcett fails to teach aspects of digital rights management, thus, one of ordinary skill in the art would not be motivated to combine Fawcett with the other cited references; (b) Ougi' s encryption algorithm sharing management method cannot be plausibly combined with TLS' s protocol; and, ( c) Douceur does not relate to digital rights management. Appeal Br. 28-31. We do not find these arguments persuasive. Regarding (a) and (c), Appellants effectively argue that Fawcett and Douceur are not analogous art. A prior art reference is analogous to a claimed invention if it is either from the same field of endeavor or reasonably pertinent to the particular problem with which the inventor is involved. In re Bigio, 381F.3d1320, 1325 (Fed. Cir. 2004). We agree with the Examiner that Fawcett is in the same field of endeavor as Appellants' claimed invention (i.e., information security), and therefore is analogous art. Ans. 9. We further agree that Douceur describes an improved method for querying a database, which is reasonably pertinent to the same problem Appellants address: protecting digital content differently for different users based on different sets of indicia received from 11 Appeal2015-000498 Application 11/366,191 users and stored within a persistent storage, such as a database. Id. Thus, we conclude that Douceur is also analogous art. Regarding (b ), Appellants effectively argue that Ougi cannot be bodily incorporated with TLS. However, the rejection is not based upon a bodily incorporation of Ougi' s encryption algorithm management method into TLS's protocol. Instead, as previously discussed, the Examiner's combination simply requires Ougi' s teaching of using unique identifiers to query a database for a user's encryption function preferences, and Appellants' argument does not rebut the Examiner's finding regarding Ougi. Ans. 9. Accordingly, we sustain the Examiner's rejection of independent claim 1, and claims 2, 3, 9-13, 69, and 71-73, not argued separately. C. Claims 15-21 Appellants argue that Fawcett fails to teach a selection of both integrity and encryption functions, and also fails to teach using diversity indicia to select a set of security functions for protecting content. Appeal Br. 33-34. Appellants further argue that Ougi fails to teach integrity functions, and also fails to teach using diversity indicia to select an integrity function. Appeal Br. 34--35. Appellants also argue that TLS fails to teach selecting encryption functions and integrity functions from a set of security functions. Appeal Br. 35. We do not find these arguments persuasive. Appellants' argument regarding Fawcett and Ougi is not persuasive because the argument attacks the references individually, rather than the combination of cited references, as the Examiner relied upon Ougi, rather than Fawcett, for teaching diversity 12 Appeal2015-000498 Application 11/366,191 indicia, and TLS, rather than Ougi, for teaching integrity and encryption functions. Ans. 10-11; Non-Final Act.13-16. Further, we disagree with Appellants' argument that TLS fails to teach selecting encryption functions and integrity functions. We agree with the Examiner that TLS teaches selecting a cipher suite from a set of cipher suites, where a cipher suite includes a set of security functions, including encryption functions and integrity functions. Ans. 10. Appellants further argue the Non-Final Office Action fails to provide a sufficient reason why it would have been obvious to one of ordinary skill in the art to combine the elements of Messerges, Fawcett, Ougi, TLS, and Douceur. Appeal Br. 35-38. We do not find this argument persuasive for the reasons previously discussed with respect to claim 1. Accordingly, we sustain the Examiner's rejection of independent claim 15, and claims 16-21, not argued separately. D. Claims 24, 26-29, 33, 39, and 40 Appellants argue that Ougi fails to teach a lookup of integrity functions, or using diversity indicia to select an integrity function from a plurality of different integrity functions. Appeal Br. 40-41. Appellants further argue TLS fails to teach a basis for selecting encryption and integrity functions for protecting content. Appeal Br. 41. We do not find these arguments persuasive for reasons similar to the reasons previously discussed with respect to independent claim 1, i.e., Appellants' arguments attack the references individually, rather than the combination of cited references on which the Examiner relied. 13 Appeal2015-000498 Application 11/366,191 Appellants further argue that Ougi merely teaches identifying and selecting encryption algorithms at a key management station, and fails to teach selecting an encryption algorithm or a decryption algorithm at a transmission side device or a reception side device, and further fails to teach using diversity indicia to identify a decryption function at the reception side device. Appeal Br. 42--43. Appellants also argue that TLS fails to teach using any identification information of a client as a basis for selecting encryption algorithms at a server, or selecting decryption algorithms at the client. Appeal Br. 43--44. We do not find these arguments persuasive for reasons similar to the reasons previously discussed with respect to independent claim I-Appellants' arguments again attack the references individually, rather than the Examiner's asserted combination of references. Appellants also argue the Non-Final Office Action fails to provide a sufficient reason why it would have been obvious to one of ordinary skill in the art to combine the elements of Messerges, Fawcett, Ougi, TLS, and Douceur. Appeal Br. 44--4 7. We do not find this argument persuasive for the reasons previously discussed with respect to claim 1. Accordingly, we sustain the Examiner's rejection of independent claim 24, and claims 26-29, 33, 39, and 40, not argued separately. E. Claims 43, 46, 47, 49, and 50 Appellants argue that Ougi merely teaches identifying and selecting encryption algorithms at a key management station, and fails to teach selecting a set of security functions based on an identified set of diversity indicia at a transmission side device or using the identified set of diversity indicia to identify a set of access functions at a reception side device, and 14 Appeal2015-000498 Application 11/366,191 further fails to teach using diversity indicia to identify access functions by the recipient of content. Appeal Br. 50---51. Appellants also argue that TLS fails to teach using any identification information of a client as a basis for selecting encryption algorithms at a server, or selecting decryption algorithms at the client. Appeal Br. 51. We do not find these arguments persuasive because they attack the references individually, rather than the Examiner's asserted combination of references. Appellants further argue that Ougi fails to teach integrity functions, key management functions, key generation functions, or any analogous access functions, and also fails to teach using diversity indicia to select a set of security element functions. Appeal Br. 52. Appellants also argue that TLS fails to teach using any basis for selecting security functions for protecting content. Appeal Br. 53. We also do not find these arguments persuasive because again, Appellants' arguments attack the references individually, rather than the combination of cited references. Appellants also argue the Non-Final Office Action fails to provide a sufficient reason why it would have been obvious to one of ordinary skill in the art to combine the elements of Messerges, Fawcett, Ougi, TLS, and Douceur. Appeal Br. 53-56. We do not find this argument persuasive for the reasons previously discussed with respect to claim 1. Accordingly, we sustain the Examiner's rejection of independent claim 43, and claims 46, 47, 49, and 50, not argued separately. F. Claims 62---65 and 68 Appellants argue that Ougi merely teaches identifying and selecting encryption algorithms at a key management station, and fails to teach 15 Appeal2015-000498 Application 11/366,191 selecting a set of security functions based on an identified set of diversity indicia at a transmission side device or using the identified set of diversity indicia to identify a set of access functions at a reception side device, and further fails to teach using diversity indicia to identify access functions by the recipient of content. Appeal Br. 62---63. Appellants also argue that TLS fails to teach using any identification information of a client as a basis for selecting encryption algorithms at a server, or selecting decryption algorithms at the client. Appeal Br. 63-64. We also do not find these arguments persuasive because they attack the references individually, rather than the combination of cited references. Appellants further argue that Ougi fails to teach integrity functions, key management functions, key generation functions, or any analogous access functions, and also fails to teach using diversity indicia to select a set of security element functions. Appeal Br. 65. Appellants also argue that TLS fails to teach using any basis for selecting security functions for protecting content. Appeal Br. 65---66. We also do not find these arguments persuasive because they attack the references individually, rather than the combination of cited references. Appellants also argue the Non-Final Office Action fails to provide a sufficient reason why it would have been obvious to one of ordinary skill in the art to combine the elements of Messerges, Fawcett, Ougi, TLS, and Douceur. Appeal Br. 66---69. We do not find this argument persuasive for the reasons previously discussed with respect to claim 1. Accordingly, we sustain the Examiner's rejection of independent claim 62, and claims 63---65 and 68, not argued separately. 16 Appeal2015-000498 Application 11/366,191 G. Claims 7 5 and 7 6 Claim 75 depends upon claim 55, and further recites wherein the set of security element functions identified by the DRM server is a particular set of a plurality of different sets of security element functions, wherein a particular security element function in the particular set is mathematically related to a security element function in a different set of security element functions by having a same functional expression with different parametric values. Appellants argue that TLS' s parameters are merely cipher suite parameters that indicate cryptographic algorithms supported by the client, and that the parameters are not mathematically related, and do not have the same functional expression with different values. Appeal Br. 80-81. We do not find this argument persuasive. We agree with the Examiner that the cryptographic functions described in TLS (i.e., DES40_CBC, DES_CBC, 3DES_EDE_CBC) are mathematically related functions because the functions are all data encryption standard (DES) functions, and we further agree that the cryptographic functions take different parameters as input (e.g., DES40_CBC takes a 40 bit input parameter, while DES_CBC takes a 64-bit input parameter). Ans. 18-19. Claim 76 depends upon claim 75, and further recites, "wherein the particular security element function and the mathematically related security element function are both different encryption functions." Appellants argue that TLS 's parameters are cipher suite parameters that are not mathematically related. Appeal Br. 81-82. We do not find this argument persuasive. Instead, we agree with the Examiner that TLS teaches different encryption functions (e.g., DES40_CBC is a different encryption function from DES_CBC). Ans. 19. 17 Appeal2015-000498 Application 11/366,191 Accordingly, we sustain the Examiner's rejection of claims 75 and 76. H. Claims 4, 5, and 70 Claim 4 depends upon claim 1, and further recites, "wherein the centralized set of DRM computers assigns at least partially the set of diversity indicia associated with each of the first and second recipients." Appellants argue that assignment of diversity indicia would not have been obvious to a person of ordinary skill in the art, even in light of the cited references, because the key management station described in Ougi is simply an information repository, and Ougi fails to teach or suggest how or when user identifiers would be assigned by the key management station. Appeal Br. 70. We do not find this argument persuasive. We agree with the Examiner that having the key management station assign an identifier to a client would have been obvious to one of ordinary skill in the art in light of the teaching of Ougi, and Appellants did not traverse the Examiner's finding that the aforementioned claim limitation was well known. Ans. 17; see Chevenard, 139 F.2d 713. Further, we find that Ougi does, in fact, teach that the key management station allocates a user identifier to a user. Ougi ii 193. Claim 5 depends upon claim 1, and further recites, "wherein the first set of diversity indicia is user information regarding the first user and the second set of diversity indicia is computer information regarding the second computer." Appellants argue that Fawcett merely describes user preferences that a user can select, not information regarding a first user of a first computer and information regarding a second computer. Appeal Br. 71. Appellants further argue that Ougi merely describes user identification 18 Appeal2015-000498 Application 11/366,191 numbers and possible different encryption algorithms. Id. We do not find these arguments persuasive. Fawcett teaches storing user configuration information, including functional aspects of the application that may be customized from user to user, which teaches the claimed "user information regarding the first user." Ans. 17; see Fawcett i-f 51. Fawcett further teaches storing application configuration information, such as server names, and other aspects of an application that may be customized, which corresponds to the claimed "computer information regarding the second computer." Ans. 17; see Fawcett i-f 51. Further, as discussed above, we agree with the Examiner that Ougi teaches "diversity indicia." Ans. 4. Claim 70 depends upon claim 1, and further recites "wherein the first set of diversity indicia is computer information about the first computer." Appellants argue Messerges merely describes a domain-based digital rights management system, and Messerges never describes how security functions are selected for transmission between a server and user devices, and thus, Messerges does not teach a selection process that relies on diversity indicia associated with a computer. Appeal Br. 79. We do not find this argument persuasive. We agree with the Examiner that Messerges teaches the recipient of content is a computer. Ans. 18. Further, as discussed above, we agree that Ougi teaches "diversity indicia." Ans. 4. Accordingly, we sustain the Examiner's rejection of claims 4, 5, and 70. I. Claim 23 Claim 23 depends upon claim 15, and further recites, "wherein the set of diversity indicia for each user device is partially assigned by the set of 19 Appeal2015-000498 Application 11/366,191 DRM computers." Appellants' argument regarding claim 23 is similar to its argument regarding claim 4. See Appeal Br. 72-73. We do not find this argument persuasive for the reasons previously discussed with respect to claim 4. Accordingly, we sustain the Examiner's rejection of claim 23. J. Claims 34, 35, 38, and 74 Claim 34 depends upon claim 24, and further recites, "wherein the recipient of the content is a device and the set of diversity indicia is associated with the device." Appellants' argument regarding claim 34 is similar to its argument regarding claim 70---the only significant difference is that the term "device," rather than "computer," is recited in the claim. See Appeal Br. 73-74. We do not find this argument persuasive for the reasons previously discussed with respect to claim 70, as a computer is a device. Claim 35 depends upon claim 24 and further recites, "wherein the recipient of the content is a computer and the set of diversity indicia is associated with the computer." Appellants' argument regarding claim 35 is similar to its argument for claim 70. See Appeal Br. 74--75. We do not find this argument persuasive for the reasons previously discussed with respect to claim 70. Claim 38 depends upon claim 24, and further recites, "wherein selecting the particular integrity function comprises generating an index based on the set of diversity indicia, the index identifying the particular integrity function." Appellants' argument regarding claim 38 is similar to its argument regarding claim 1 with respect to "first index value" and "second index value," as recited in claim 1. See Appeal Br. 75-76. We do not find this argument persuasive for the reasons previously discussed with respect to 20 Appeal2015-000498 Application 11/366,191 claim 1, as we agree with the Examiner that Douceur teaches "generating an index based on the set of diversity indicia," as recited in claim 38. Ans. 18. Claim 7 4 depends upon claim 34 and further recites, "wherein the integrity function and encryption function are part of a set of security element functions selected from a plurality of sets of security element functions based on the diversity indicia." Appellants' argument regarding claim 7 4 is similar to its argument for independent claim 62 with respect to "the diversity indicia for use by the DRM servers to identify a set of security functions for protecting the content," as recited in claim 62. See Appeal Br. 80. We do not find this argument persuasive for the reasons previously discussed with respect to independent claim 62, as we agree with the Examiner that the combination of cited references teaches "wherein the integrity function and encryption function are part of a set of security element functions selected from a plurality of sets of security element functions based on the diversity indicia," as recited in claim 74. Accordingly, we sustain the Examiner's rejection of claims 34, 35, 38, and 74. K. Claims 51 and 52 Claim 51 depends upon claim 43, and further recites, "wherein the recipient of the content is a device and the set of diversity indicia is associated with the device." Appellants' argument regarding claim 51 is similar to its argument regarding claim 34. See Appeal Br. 76-77. We do not find this argument persuasive for the reasons previously discussed with respect to claim 34. 21 Appeal2015-000498 Application 11/366,191 Claim 52 depends upon claim 43, and further recites, "wherein the set of instructions for selecting the set of security functions comprises a set of instructions for generating an index based on the set of diversity indicia, the index identifying the particular set of security functions." Appellants' argument regarding claim 52 is similar to its argument regarding claim 1 with respect to "first index value" and "second index value," as recited in claim 1. See Appeal Br. 78. We do not find this argument persuasive for the reasons previously discussed with respect to claim 1, as we agree with the Examiner that Douceur teaches "generating an index based on the set of diversity indicia," as recited in claim 52. Ans. 18. Accordingly, we sustain the Examiner's rejection of claims 51 and 52. DECISION We affirm the Examiner's rejection of claims 1-5, 9-13, 15-21, 23, 24, 26-29, 33-35, 38--40, 43, 46, 47, 49-52, 55-58, 61---65, and 68-76 under 35 U.S.C. § 103(a). No time period for taking any subsequent action in connection with this appeal may be extended under 37 C.F.R. § 1.136(a)(l )(iv). AFFIRMED 22 Copy with citationCopy as parenthetical citation
