10386530 (B.P.A.I. Apr. 11, 2011)

Ex Parte Fisher et al

Board of Patent Appeals and InterferencesApr 11, 2011

10386530 (B.P.A.I. Apr. 11, 2011)

UNITED STATES PATENT AND TRADEMARK OFFICE ____________________ BEFORE THE BOARD OF PATENT APPEALS AND INTERFERENCES ____________________ Ex parte LEE ADAM FISHER, JACK ROBERT ARRON CLARK, and NICHOLAS EDWARD BAINES ____________________ Appeal 2009-005913 Application No. 10/386,530 1 Technology Center 2400 ____________________ Before JOSEPH F. RUGGIERO, ROBERT E NAPPI, and MARC S. HOFF, Administrative Patent Judges. HOFF, Administrative Patent Judge. DECISION ON APPEAL 1 The real party in interest is McAfee, Inc. Appeal 2009-005913 Application 10/386,530 2 STATEMENT OF CASE Appellants appeal under 35 U.S.C. § 134(a) from a Non-Final Rejection of claims 1-36. We have jurisdiction under 35 U.S.C. § 6(b). We affirm-in-part. Appellants‟ invention concerns controlling computers to control at least one security mechanism of a data processing apparatus. A secure communication link is established between the data processing apparatus and a remote alert message generating computer. The remote computer generates an alert message and transfers said alert message to the data processing apparatus via the secure communications link. Triggering code automatically triggers at least one security action by at least one security mechanism of the data processing apparatus in response to the alert message, as configured by user programmable response configuration parameters of the data processing apparatus (Spec. 3-4). Claim 1 is exemplary of the claims on appeal: 1. A computer program product embodied on a tangible computer readable medium for controlling computers to control at least one security mechanism of a data processing apparatus, said computer program product comprising: link establishing code operable to establish an authenticated secure network communication link between said data processing apparatus and a remote alert message generating computer; alert message generating code operable to generate an alert message with said remote alert message generating computer; alert message transferring code operable to transfer said alert message from said remote alert message generating computer to said data processing apparatus via said authenticated secure network communication link; and triggering code operable to automatically trigger at least one security action by said at least one security mechanism of said data processing apparatus in response to said alert message as configured by user Appeal 2009-005913 Application 10/386,530 3 programmable response configuration parameters of said data processing apparatus. The Examiner relies upon the following prior art in rejecting the claims on appeal: Porras US 6,704,874 B1 Mar. 9, 2004 Pearson US 6,990,591 B1 Jan. 24, 2006 Norris US 7,028,338 B1 Apr. 11, 2006 Claim 25-36 stand rejected under 35 U.S.C. § 101 as being directed to non-statutory subject matter. Claims 8, 20, and 32 stand rejected under 35 U.S.C. § 112, second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which Appellants regard as their invention. Claims 1-9, 11-21, 23-33, 35, and 36 stand rejected under 35 U.S.C. § 103(a) as being unpatentable over Porras in view of Pearson. Claims 10, 22, and 34 stand rejected under 35 U.S.C. § 103(a) as being unpatentable over Porras in view of Pearson and Norris. Throughout this decision, we make reference to the Appeal Brief (“App. Br.,” filed December 17, 2007), the Reply Brief (“Reply Br.,” filed April 28, 2008) and the Examiner‟s Answer (“Ans.,” mailed March 17, 2008) for their respective details. ISSUES With respect to the § 101 rejection of claims 25-36, Appellants argue that the claimed logic to establish a secure communication link, generate an alert message, transfer said alert message, and automatically trigger at least Appeal 2009-005913 Application 10/386,530 4 one security action clearly, amounts to the transformation of an article to a different state or thing (Reply Br. 21-22). Appellants argue that the phrase “risk level indicator values” has antecedent basis (App. Br. 13). With respect to the § 103 rejection of claims 1-36, Appellants argue that Pearson does not teach automatically triggering a security action by the (remote) data processing apparatus, in response to the alert message, according to user programmable response configuration parameters (App. Br. 14). Appellants further contend that neither Porras nor Pearson teaches that the alert message specifies at least one security action to be triggered (App. Br. 17). Appellants assert that Pearson does not teach that the alert message includes configuration data permitting a temporary countermeasure to be established, or that the security action includes automatically implementing said temporary countermeasure (App. Br. 19). Last, Appellants assert that Norris does not teach performing a plurality of alert message transfers to a plurality of destination data processing apparatuses (App. Br. 19-20). Appellants‟ contentions present us with the following issues: 1. Do claims 25-36 recite subject matter that is ineligible for patent protection under § 101? 2. Does the phrase “risk level indicator values” lack proper antecedent basis in the claims? 3. Does the combination of Porras and Pearson teach or fairly suggest triggering code operable to automatically trigger at least one security action by said at least one security mechanism of said data processing apparatus in response to said alert message as configured by user programmable response Appeal 2009-005913 Application 10/386,530 5 configuration parameters of said data processing apparatus, as recited in claims 1, 13, and 25? 4. Does the combination of Porras and Pearson teach or fairly suggest generating an alert message which itself specifies at least one security action by said at least one security mechanism of said remote data processing apparatus, as recited in claims 11, 23, and 35? 5. Does the combination of Porras and Pearson teach or fairly suggest automatically implementing a temporary countermeasure, as recited in claims 7, 19, and 31? 6. Does Norris teach alert message transferring code operable to perform a plurality of alert message transfers to a plurality of destination data processing apparatuses, as recited in claims 10, 22, and 34? FINDINGS OF FACT The following Findings of Fact (FF) are shown by a preponderance of the evidence. Pearson 1. Pearson teaches a user interface displaying user-selectable configuration options for selecting a security policy for the communication device (col. 10, ll. 44-46). 2. Pearson teaches a Remote Monitoring Center (RMC) operative in response to the selection of one of the selectable security levels to automatically configure the communication device to monitor for certain predetermined threats and to provide certain predetermined responses thereto (col. 11, ll. 8-12). Appeal 2009-005913 Application 10/386,530 6 Norris 3. Norris teaches agents that, in response to an alert, broadcast network-wide (i.e. to “all routers, firewalls and other edge devices”) the detection of a threat (col. 4, ll. 45-55). PRINCIPLES OF LAW The machine-or-transformation test is a useful and important clue, an investigative tool, for determining whether some claimed inventions are processes under § 101. See Bilski v. Kappos, 130 S.Ct. 3218, 3227 (2010). The U.S. Court of Appeals for the Federal Circuit stated the “machine-or- transformation test” for process claims as follows: The machine-or-transformation test is a two-branched inquiry; an applicant may show that a process claim satisfies § 101 either by showing that his claim is tied to a particular machine, or by showing that his claim transforms an article. See [Gottschalk v.] Benson, 409 U.S. [63], 70 [(CCPA 1972)]. Certain considerations are applicable to analysis under either branch. First, as illustrated by Benson and discussed below, the use of a specific machine or transformation of an article must impose meaningful limits on the claim‟s scope to impart patent eligibility. See Benson, 409 U.S. at 71-72. Second, the involvement of the machine or transformation in the claimed process must not merely be insignificant extra-solution activity. See [Parker v.] Flook, 437 U.S. [584,] 590 [(1978)]. In re Bilski, 545 F.3d 943, 961-62 (Fed. Cir. 2008) (en banc), aff’d sub nom. Bilski v. Kappos, 130 S. Ct. 3218 (2010). However, the machine-or-transformation test is not the sole test for deciding whether an invention is a patent-eligible process. Bilski, 130 S.Ct at 3227. “In searching for a limiting principle, [the Supreme] Court‟s precedents on the unpatentability of abstract ideas provide useful tools.” Id. Appeal 2009-005913 Application 10/386,530 7 at 3229. The Supreme Court outlined one such precedent: In Benson, the Court considered whether a patent application for an algorithm to convert binary-coded decimal numerals into pure binary code was a “process” under § 101. 409 U.S., at 64-67. The Court first explained that “„[a] principle, in the abstract, is a fundamental truth; an original cause; a motive; these cannot be patented, as no one can claim in either of them an exclusive right.‟” Id. at 67 (quoting Le Roy [v. Tatham, 55 U.S. 156], at 175 [(1852)]). The Court then held the application at issue was not a “process,” but an unpatentable abstract idea. “It is conceded that one may not patent an idea. But in practical effect that would be the result if the formula for converting… numerals to pure binary numerals were patented in this case.” 409 U. S. [63], at 71. A contrary holding “would wholly preempt the mathematical formula and in practical effect would be a patent on the algorithm itself.” Id. at 72. Bilski at 3230. “Section 103 forbids issuance of a patent when „the differences between the subject matter sought to be patented and the prior art are such that the subject matter as a whole would have been obvious at the time the invention was made to a person having ordinary skill in the art to which said subject matter pertains.‟” KSR Int'l Co. v. Teleflex Inc., 550 US 398, 406 (2007). The question of obviousness is resolved on the basis of underlying factual determinations including (1) the scope and content of the prior art, (2) any differences between the claimed subject matter and the prior art, (3) the level of skill in the art, and (4) where in evidence, so-called secondary considerations. Graham v. John Deere Co., 383 U.S. 1, 17-18 (1966). See also KSR, 550 US Appeal 2009-005913 Application 10/386,530 8 at 407 (“While the sequence of these questions might be reordered in any particular case, the [Graham] factors continue to define the inquiry that controls.”) ANALYSIS § 101 REJECTION OF CLAIMS 25-36 We disagree with the Examiner‟s conclusion that claims 25-36 are directed to nonstatutory subject matter. Whether the limitations of these claims imply the use of any tangible hardware, or merely recite “software per se” (Ans. 3), is not the relevant inquiry. Rather, we find that the limitations of independent claims 25, 35, and 36 2 (i.e., logic to establish a secure communication link between two computers, logic to generate an alert message, and logic to transfer an alert message from a generating computer to a remote computer via the secure communication link) tie the claimed subject matter to particular machines (i.e., the alert generating computer and the remote computer). See Bilski v. Kappos, 130 S.Ct. 3218, 3227 (2010). Accordingly, we conclude that claims 25-36 are directed to patent-eligible subject matter, and we will not sustain the Examiner‟s 35 U.S.C. § 101 rejection. § 112 REJECTION OF CLAIMS 8, 20, AND 32 We disagree with the Examiner‟s conclusion that “indicator values” lacks antecedent basis, predicated on the Examiner‟s finding that “a risk level indicator does not necessarily have to be a value” (Ans. 8). An 2 We observe that claim 36 is initially cast as an “apparatus,” and read the second line of claim 36 assuming that Appellants intended to claim “said apparatus,” rather than “said computer program product.” Appeal 2009-005913 Application 10/386,530 9 “indicator” of a condition inevitably takes on one of at least two values. At a minimum, the condition is either present or not present; thus, the indicator will be either “on” or “off.” (An indicator may of course have many more than two possible values.) We therefore find that the claimed “risk level indicator” inherently possesses a “risk level indicator value,” and conclude that the term does not lack antecedent basis. As a result, we will not sustain the § 112 rejection of claims 8, 20, and 32. CLAIMS 1-6, 8-9, 12-18, 20, 21, 24-30, 32, 33, AND 36 We select claim 1 as representative of this group of claims, pursuant to our authority under 37 C.F.R. § 41.37(c)(1)(vii). Appellants‟ argument that Pearson does not teach “triggering code operable to automatically trigger at least one security action … in response to said alert message,” as configured by response configuration parameters of the data processing apparatus (App. Br. 14), is not persuasive to establish Examiner error. Appellants‟ argument against Pearson individually is unavailing here, in view of the fact that the Examiner relies on Porras to teach generation of an alert message by a remote alert message generating computer (Ans. 4). The Examiner finds, and we agree, that Pearson discloses automatically triggering a response to an alert message as configured by a user through programmable response configuration parameters (FF 1, 2; Ans. 5, 10). We also do not agree with Appellants‟ further argument that Pearson teaches away from the claimed invention (App. Br. 15). Pearson teaches [a remote monitoring center] receiving an alert message and, responsive to selection of a selectable security level, providing a predetermined response (FF 2). Appeal 2009-005913 Application 10/386,530 10 We therefore find that the Examiner did not err in rejecting claims 1- 6, 8-9, 12-18, 20, 21, 24-30, 32, 33, and 36 as unpatentable under § 103 over Porras in view of Pearson. We sustain the Examiner‟s rejection. CLAIMS 11, 23, AND 35 We agree with Appellants‟ argument (App. Br. 17) that neither Porras nor Pearson teaches “alert message generating code [or logic] operable to generate an alert message . . . said alert message specifying at least one security action by said at least one security mechanism of said remote data processing apparatus to be automatically triggered in response to said alert message,” as these claims require. Accordingly, we will not sustain the § 103 rejection of claims 11, 23, and 35. CLAIMS 7, 19, AND 31 Appellants‟ argument is persuasive to show that the Examiner erred in rejecting these claims. We do not agree with the Examiner‟s finding (Ans. 7) that Porras teaches automatically implementing a temporary countermeasure. We have reviewed Porras and Pearson, and we find that neither reference teaches the claim limitations. Accordingly, we find that the Examiner erred in rejecting claims 7, 19, and 31 under § 103, and we will not sustain the rejection. CLAIMS 10, 22, AND 34 We do not agree with Appellants that Norris fails to suggest alert message transferring code operable to perform a plurality of alert message transfers to a plurality of destination data processing apparatuses specified in a destination list held by said remote alert message generating computer, as the claims require (App. Br. 20). Norris does not teach merely that peripheral devices advertise their availability, as Appellants contend (Id.). Appeal 2009-005913 Application 10/386,530 11 The Examiner finds, and we agree, that Norris teaches agents that, in response to an alert, broadcast network-wide (i.e. to “all routers, firewalls and other edge devices”) the detection of a threat (Ans. 17; FF 3). We therefore agree with the Examiner that the combination of Porras, Pearson, and Norris teaches or suggests all the limitations of claims 10, 22, and 34. Accordingly, we will sustain the Examiner‟s § 103 rejection. CONCLUSIONS 1. Claims 25-36 recite subject matter that is eligible for patent protection under § 101. 2. The phrase “risk level indicator values” does not lack proper antecedent basis in the claims. 3. The combination of Porras and Pearson fairly suggests triggering code operable to automatically trigger at least one security action by said at least one security mechanism of said data processing apparatus in response to said alert message as configured by user programmable response configuration parameters of said data processing apparatus, as recited in claims 1, 13, and 25. 4. The combination of Porras and Pearson does not teach or fairly suggest generating an alert message which itself specifies at least one security action by said at least one security mechanism of said remote data processing apparatus, as recited in claims 11, 23, and 35. 5. The combination of Porras and Pearson does not teach or fairly suggest automatically implementing a temporary countermeasure, as recited in claims 7, 19, and 31. Appeal 2009-005913 Application 10/386,530 12 6. Norris teaches alert message transferring code operable to perform a plurality of alert message transfers to a plurality of destination data processing apparatuses, as recited in claims 10, 22, and 34. ORDER The Examiner‟s rejection of claims 1-6, 8-10, 12-18, 20-22, 24-30, 32-34, and 36 is affirmed. The Examiner‟s rejection of claims 7, 11, 19, 23, 31, and 35 is reversed. No time period for taking any subsequent action in connection with this appeal may be extended under 37 C.F.R. § 1.136(a)(1)(iv). AFFIRMED-IN-PART ELD