Ex Parte Heck et alDownload PDFPatent Trial and Appeal BoardMay 31, 201613212788 (P.T.A.B. May. 31, 2016) Copy Citation UNITED STA TES p A TENT AND TRADEMARK OFFICE APPLICATION NO. FILING DATE FIRST NAMED INVENTOR 13/212,788 08/18/2011 John Frederick Heck 46304 7590 06/02/2016 RYAN, MASON & LEWIS, LLP 48 South Service Road Suite 100 Melville, NY 11747 UNITED STATES DEPARTMENT OF COMMERCE United States Patent and Trademark Office Address: COMMISSIONER FOR PATENTS P.O. Box 1450 Alexandria, Virginia 22313-1450 www .uspto.gov ATTORNEY DOCKET NO. CONFIRMATION NO. 809571-US-NP 6950 EXAMINER SHIH, ALBERT K ART UNIT PAPER NUMBER 2411 NOTIFICATION DATE DELIVERY MODE 06/02/2016 ELECTRONIC Please find below and/or attached an Office communication concerning this application or proceeding. The time period for reply, if any, is set in the attached communication. Notice of the Office communication was sent electronically on above-indicated "Notification Date" to the following e-mail address( es): nyoffice@rml-law.com jbr@rml-law.com ipsnarocp@nokia.com PTOL-90A (Rev. 04/07) UNITED STATES PATENT AND TRADEMARK OFFICE BEFORE THE PATENT TRIAL AND APPEAL BOARD Ex parte JOHN FREDERICK HECK, GANAPATHY S. SUNDARAM, and DOUGLAS WILLIAM VARNEY Appeal2015-001028 Application 13/212,788 Technology Center 2400 Before ELENI MANTIS MERCADER, CARLL. SILVERMAN, and SCOTT B. HOWARD, Administrative Patent Judges. HOW ARD, Administrative Patent Judge. DECISION ON APPEAL Appellants 1 appeal under 35 U.S.C. § 134(a) from a Final Rejection of claims 1-26, which constitute all of the claims pending in this application. We have jurisdiction under 35 U.S.C. § 6(b). We reverse. 1 Appellants identify Alcatel-Lucent as the real party in interest. App. Br. 1. Appeal2015-001028 Application 13/212,788 THE INVENTION The claimed invention is directed to a policy routing-based lawful interception in a communication system with end-to-end encryption. Abstract; Spec. i1i17-9. Claim 1, reproduced below with the disputed language italicized, is illustrative of the claimed subject matter: 1. A method for intercepting encrypted communications exchanged between a first computing device and a second computing device in a communication network, wherein the interception is performed by a third computing device in the communication network, the method comprising: the third computing device obtaining one or more packets which are encrypted as part of an end-to-end encryption session associated with the first computing device and the second computing device, the one or more packets having a given packet address associated with one of the first computing device and the second computing device, wherein the one or more packets are obtained by the third computing device in response to at least one interception routing policy being implemented in at least one element in the communication network which is also responsible for routing non-intercepted packet traffic therethrough, wherein the at least one interception routing policy is configured to forward packets having the given packet address to the third computing device, the third computing device decrypting the one or more obtained packets using a security association established for a packet-source comprising the first computing device so as to obtain data contained therein; the third computing device preserving the given packet address of the one or more obtained packets such that the one or more obtained packets do not appear to have been obtained by the third computing device; and the third computing device re-encrypting the one or more obtained packets using a security association established for a packet-destination comprising the second computing device, and 2 Appeal2015-001028 Application 13/212,788 forwarding the one or more packets toward the packet- destination; wherein the one or more packets forwarded toward the packet-destination have the given packet address; and wherein the interception routing policy re-routes bearer flows from the packet-source and the packet-destination to the third computing device. REFERENCES The prior art relied upon by the Examiner as evidence in rejecting the claims on appeal is: Ekstrom US 2007 /0258379 Al Nov. 8, 2007 Sundaram (hereinafter US 2011/0016321 Al Jan. 20, 2011 "Sundaram II") Sundaram US 2011/0055567 Al Mar. 3, 2011 Chenard US 2011/0113236 Al May 12, 2011 REJECTIONS Claims 1--6, 8-11, 16--22, and 24--26 stand rejected under 35 U.S.C. § 103(a) as being unpatentable over Sundaram in view of Chenard. Final Act. 4--19. Claim 7 stands rejected under 35 U.S.C. § 103(a) as being unpatentable over Sundaram in view of Chenard and Ekstrom. Final Act. 19-20. Claims 12-15 and 23 stand rejected under 35 U.S.C. § 103(a) as being unpatentable over Sundaram in view of Chenard and Sundaram II. Final Act. 20-25. 3 Appeal2015-001028 Application 13/212,788 ANALYSIS We have reviewed the Examiner's rejection in light of Appellants' arguments that the Examiner erred. In reaching this decision, we consider all evidence presented and all arguments made by Appellants. We agree with Appellants' arguments regarding claims 1 and 19. Appellants argue Sundaram does not teach or suggest a "third computing device preserving the given packet address of the one or more obtained packets such that the one or more obtained packets do not appear to have been obtained by the third computing device" as recited in claim 1. App. Br. 6-8; Reply Br. 2--4. According to Appellants, Sundaram simply discloses a man-in-the middle-intercept such as that disclosed in Figure 2 and Paragraphs 39 and 40 of the instant Specification which allows the users to easily detect that the packets were obtained by a third computer. Id. Appellants also argue that the Examiner's findings are conclusory statements that are insufficient to show that preserving packet addresses necessarily happened in Sundaram. Reply Br. 3--4. The Examiner finds Sundaram teaches the disputed limitation. Final Act. 5-6; Ans. 33-34. Specifically, the Examiner finds Sundaram teaches a legal intercept server that "forwards the message to the responder and initiator which requires the preservation of packet address so as to send the packet to its intended address." Final Act. 5 (emphasis omitted) (citing Sundaram i-fi-f 122, 123). The Examiner further finds the man-in-the-middle intercept taught by Sundaram results in the communications appearing to be sent directly from a first device to a second device without having been obtained by a third computer. Final Act. 5---6 (citing Sundaram i-fi-f 120, 121, 181, 183). The Examiner also finds that because the key management server 4 Appeal2015-001028 Application 13/212,788 pretends to be the first user (sometimes referred to as A or Alice) to the second user (B or Bob), "packet address must be preserved or else there would be no pretending, furthermore since LI must forward from A to B and B to A, address must [inherently] also be preserved so that when the response comes back LI would know where to transmit the message." Ans. 34. The fact that a certain result or characteristic may occur or be present in the prior art is not sufficient to establish the inherency of that result or characteristic. In re Rijckaert, 9 F.3d 1531, 1534 (Fed. Cir. 1993) (rejection reversed because alleged inherency was based on what would result due to optimization of conditions, not what was necessarily present in the prior art); see also, In re Oelrich, 666 F.2d 578, 581-82 (CCPA 1981); In re Robertson, 169 F.3d 743, 745 (Fed. Cir. 1999) ("To establish inherency, the extrinsic evidence must make clear that the missing descriptive matter is necessarily present in the thing described in the reference, and that it would be so recognized by persons of ordinary skill. Inherency, however, may not be established by probabilities or possibilities. The mere fact that a certain thing may result from a given set of circumstances is not sufficient.") (citations and internal quotations omitted). In relying upon the theory of inherency, the examiner must provide a basis in fact and/or technical reasoning to reasonably support the determination that the allegedly inherent characteristic necessarily flows from the teachings of the applied prior art. In re Cruciferous Sprout Litig., 301 F.3d 1343, 1349 (Fed. Cir. 2002). Based on the record before us, we agree with Appellants that the Examiner erred in finding that Sundaram inherently teaches the preserving the packet address limitation. Sundaram teaches a man-in-the-middle 5 Appeal2015-001028 Application 13/212,788 intercept in which the LI (also referred to as the legal intercept or legal intercept server) pretends to be B towards A and A towards B. Sundaram i-f 181. The LI server is able to do so by creating fake certificates from a Certificate Authority allowing the legal intercept severer to impersonate both user A and B. Id. We agree with Appellants that, based on the current record, Sundaram describes the type of interception shown in Specification Figure 2 and discussed in paragraphs 39 and 40. As discussed in the Specification, that type of legal intercept can be detected because the messages are not sent directly from Alice (102-A) to Bob (102-B); instead, they are sent to and from Alice and Point A (the legal intercept server) and to and from Bob and Point B (the legal intercept server). Fig. 2, Spec. i-fi-139, 40. Moreover, because the legal intercept server is pretending to be Alice/ A to Bob/B and vice-a-versa, the legal intercept server may not necessarily preserve the packet address and, instead, may change the packet address to assist in the masquerade. Accordingly, we agree with Appellants that the Examiner did not offer sufficient evidence that the legal intercept server of Sundaram would necessarily result in "the third computing device preserving the given packet address of the one or more obtained packets such that the one or more obtained packets do not appear to have been obtained by the third computing device" as recited in claim 1. Because we agree with at least one of the dispositive arguments advanced by Appellants, we need not reach the merits of Appellants' other arguments. 6 Appeal2015-001028 Application 13/212,788 Accordingly, we are constrained on this record to reverse the Examiner's rejection of claim 1, along with the rejections of claim 19, which is argued on the same ground, and dependent claims 2-18 and 20-26. DECISION For the above reasons, we reverse the Examiner's rejection of claims 1-26. REVERSED 7 Copy with citationCopy as parenthetical citation
