Ex Parte HazzaniDownload PDFPatent Trial and Appeal BoardFeb 28, 201713868220 (P.T.A.B. Feb. 28, 2017) Copy Citation United States Patent and Trademark Office UNITED STATES DEPARTMENT OF COMMERCE United States Patent and Trademark Office Address: COMMISSIONER FOR PATENTS P.O.Box 1450 Alexandria, Virginia 22313-1450 www.uspto.gov APPLICATION NO. FILING DATE FIRST NAMED INVENTOR ATTORNEY DOCKET NO. CONFIRMATION NO. 13/868,220 04/23/2013 Gideon Hazzani 10171-208US1 8104 75158 7590 Verint Systems, Inc. Meunier Carlin & Curfman, LLC 999 Peachtree Street NE Suite 1300 Atlanta, GA 30309 EXAMINER HAILU, TESHOME ART UNIT PAPER NUMBER 2434 NOTIFICATION DATE DELIVERY MODE 03/02/2017 ELECTRONIC Please find below and/or attached an Office communication concerning this application or proceeding. The time period for reply, if any, is set in the attached communication. Notice of the Office communication was sent electronically on above-indicated "Notification Date" to the following e-mail address(es): laaronson@mcciplaw.com KCarroll@mcciplaw.com PTOL-90A (Rev. 04/07) UNITED STATES PATENT AND TRADEMARK OFFICE BEFORE THE PATENT TRIAL AND APPEAL BOARD Ex parte GIDEON HAZZANI Appeal 2016-005102 Application 13/868,2201 Technology Center 2400 Before JEAN R. HOMERE, ADAM J. PYONIN, and DANIEL J. GALLIGAN, Administrative Patent Judges. HOMERE, Administrative Patent Judge. DECISION ON APPEAL STATEMENT OF THE CASE Appellant seeks our review under 35 U.S.C. § 134(a) of the Examiner’s Final Rejection of claims 1—6, 9—16, and 19—23, which constitute all of the claims pending in this appeal. App. Br. 1. Claims 7, 8, 17, and 18 have been canceled. Claims App’x. We have jurisdiction under 35 U.S.C. § 6(b). We reverse. 1 Appellant identifies the real party in interest as Verint Systems Ltd. App. Br. 3 Appeal 2016-005102 Application 13/868,220 Appellant’s Invention Appellant invented a method and apparatus for providing combined physical and cyber data security to a computer system. Spec. 1:4—6. In particular, upon receiving from one or more sources communication traffic including (1) a cyber security event indicating the occurrence of an unauthorized access to the computer system through the use of malicious software, and (2) a physical security event indicating the occurrence of an unauthorized physical entry into the location of the computer system, an electronic front-end unit utilizes an electronic correlation unit to identity the intrusion by correlating the cyber security event and the physical security event to identify the individual who carried out the security events. Id. at 4:3-21. Illustrative Claim Independent claim 1 is illustrative, and reads as follows: 1. A method comprising: receiving, by an electronic front-end unit, communication traffic of a computer system from one or more sources; identifying, by an electronic correlation unit, in the received communication traffic a cyber security event and a physical security event, wherein the cyber security event is an occurrence of unauthorized access to the computer system through the use of malicious software, and wherein the physical security event is an occurrence of unauthorized physical entry into a location where the computer system is physically located; and identifying, by the electronic correlation unit, an intrusion by correlating the cyber security event and the physical security event by using location-based correlation and identity-based correlation. 2 Appeal 2016-005102 Application 13/868,220 Prior Art Relied Upon Russell US 2002/0049679 A1 Apr. 25, 2002 Fiszman US 2007/0150934 A1 June 28, 2007 Rejection on Appeal Claims 1—6, 9—16, and 19—23 stand rejected under 35 U.S.C. § 103(a) as being unpatentable over the combination of Thomson and Fiszman. Final Act. 3—8. ANALYSIS Regarding the rejection of claim 1, Appellant argues the proposed combination of Thomson and Fiszman does not teach or suggest “the cyber security event is an occurrence of unauthorized access to the computer system through the use of malicious software.” App. Br. 7. In particular, Appellant argues that Fiszman discloses a system wherein a user, upon gaining access with a stolen user ID and password, subsequently attempts malicious behavior. Id. at 8—9 (citing Fiszman || 6). According to Appellant, the Examiner erred in finding that Fiszman’s software agent / software client utilized by the user to perform a malicious act teaches the malicious software. Id. at 9. In support of Appellant’s arguments, Appellant proffers that “[mjalicious software is known to those in the art of computer security as software which has been specifically designed to function for a malicious purpose.” Id.2 In further support for the proffered definition, Appellant proffers a similar definition provided by the Henry Samueli 2 TechTerms.com (defining “malicious software” as “software programs designed to damage or do other unwanted actions on a computer system.” 3 Appeal 2016-005102 Application 13/868,220 School of Engineering and Applied Science at UCLA. Id? This argument is persuasive. On the record before us, Appellant has established by a preponderance of the evidence that the Examiner has erred in finding Fiszman’s disclosure of a user agent being used by an unauthorized user to perform malicious action teaches malicious software. According to Fiszman, “[t]he user agent (100) is a software client that is executed by the user equipment. The user agent is operable to challenge the user (120) for logon credentials such as user ID and password.” Fiszman 110. It is undisputed that the disclosed user agent can be used by an end user to perform a malicious act. Ans. 7—8, App. Br. 10. However, the Examiner has not provided any evidence that one of ordinary skill in the art would construe software that is merely capable of—as opposed to designed for—such malicious use as malware or malicious software. In contrast, Appellant has provided at least two credible sources that define malicious software (malware) as software designed by a user for the purpose of performing a malicious act as specified by the user. Therefore, we agree with Appellant that the Examiner has not established that the proposed combination of references teaches malicious software. Because Appellant has shown a reversible error in the Examiner’s rejection, we need not reach Appellant’s remaining arguments. 3 (http://www.seas.ucla.edu/security/malware.html) (stating “malicious software (maleware (sic)) as any software that gives partial to full control of your computer to do whatever the maleware (sic) creator wants. Maleware (sic) can be virus, worm, Trojan, adware, spyware, root kit, etc.”) 4 Appeal 2016-005102 Application 13/868,220 Accordingly, we do not sustain the Examiner’s obviousness rejection of claims 1, as well as claims 2—6, 9-16, and 19-23, which also recite the disputed limitations. DECISION For the above reasons, we reverse the Examiner’s obviousness rejection of claims 1—6, 9-16, and 19-23. REVERSED 5 Copy with citationCopy as parenthetical citation