13925619 (P.T.A.B. Jan. 31, 2018)

Ex Parte Kurien et al

Patent Trial and Appeal BoardJan 31, 2018

13925619 (P.T.A.B. Jan. 31, 2018)

United States Patent and Trademark Office UNITED STATES DEPARTMENT OF COMMERCE United States Patent and Trademark Office Address: COMMISSIONER FOR PATENTS P.O.Box 1450 Alexandria, Virginia 22313-1450 www.uspto.gov APPLICATION NO. FILING DATE FIRST NAMED INVENTOR ATTORNEY DOCKET NO. CONFIRMATION NO. 13/925,619 06/24/2013 T. Varugis Kurien 13768.2307.1 2772 47973 7590 02/02/2018 WORKMAN NYDEGGER/MICROSOFT 60 EAST SOUTH TEMPLE SUITE 1000 SALT LAKE CITY, UT 84111 EXAMINER KORSAK, OLEG ART UNIT PAPER NUMBER 2492 NOTIFICATION DATE DELIVERY MODE 02/02/2018 ELECTRONIC Please find below and/or attached an Office communication concerning this application or proceeding. The time period for reply, if any, is set in the attached communication. Notice of the Office communication was sent electronically on above-indicated "Notification Date" to the following e-mail address(es): Docketing @ wnlaw. com u sdocket @ micro soft .com PTOL-90A (Rev. 04/07) UNITED STATES PATENT AND TRADEMARK OFFICE BEFORE THE PATENT TRIAL AND APPEAL BOARD Ex parte T. VARUGIS KURIEN, DONALD FRANK BRINKMAN, VINAY BALASUBRAMANIAM, SUYASH SINHA, ALPESH R. GAGLANI, and TUSHAR SUBODH NENE Appeal 2017-006380 Application 13/925,619 Technology Center 2400 Before JOSEPH L. DIXON, ELENI MANTIS MERCADER, and JASON M. REPKO, Administrative Patent Judges. REPKO, Administrative Patent Judge. DECISION ON APPEAL STATEMENT OF THE CASE Appellants1 appeal under 35 U.S.C. § 134(a) from the Examiner’s rejection of claims 1—20. App. Br. 2.2 We have jurisdiction under 35 U.S.C. § 6(b). We affirm. 1 Appellants identify the real party in interest as Microsoft Technology Licensing LLC. App. Br. 2. 2 Throughout this opinion, we refer to (1) the Final Rejection (“Final Act.”) mailed February 4, 2016, (2) the Appeal Brief (“App. Br.”) filed July 21, Appeal 2017-006380 Application 13/925,619 THE INVENTION Appellants’ invention authenticates a badge. Spec. 14. A badge can represent an individual’s skills, training, attributes, or qualifications. Id. An entity may want to determine whether the badge meets certain criteria—e.g., whether a trusted certificate authority signed the badge. Id. ^ 18. The entity can specify this criteria in a “policy.” Id. A “trustworthy verifier” then executes the policy to determine whether the badge meets the criteria. Id. If the badge meets the policy’s criteria, the system displays the badge to the entity in a trustworthy way. Id. Claim 1 is reproduced below: 1. In a computing environment a method of authentication badge, the badge representing at least one of skills, training, attributes, or qualifications of an individual, the method comprising: at a trustworthy verifier, accessing a badge image for a badge that has been presented to a user and identified by the user to the trustworthy verifier; at the trustworthy verifier remote from the user, accessing policy identified by the user to the trustworthy verifier as a policy which the user desires the badge to be evaluated against, and where the trustworthy verifier is trusted by the user to execute the policy identified by the user; determining that the badge identified by the user is compliant with the policy by comparing the badge image to the policy identified by the user; and as a result of determining that the badge is compliant with the policy, engaging in a cryptographic security protocol with a displayer which includes a secure computer display area such that the displayer only displays content whose trustworthiness it can verify, as the displayer only accepts elements on the trustworthy display from trustworthy entities, thereby causing 2016, (3) the Examiner’s Answer (“Ans.”) mailed December 1, 2016, and (4) the Reply Brief (“Reply Br.”) filed January 30, 2017. 2 Appeal 2017-006380 Application 13/925,619 the badge to he displayed by the displayer in a fashion that indicates that the trustworthy verifier has executed the policy to indicate to the user that the purported badge is compliant with the policy. THE REJECTIONS The Examiner relies on the following as evidence: Sauve et al. US 2006/0218403 A1 Sept. 28, 2006 Grigsby et al. US 2010/0209006 Al Aug. 19, 2010 Beaumont et al. US 2011/0264922 Al Oct. 27, 2011 Claims 1—6, 8—16, and 18—20 stand rejected under 35 U.S.C. § 103(a) as unpatentable over Grigsby and Beaumont. Final Act. 2—9. Claims 7 and 17 stand rejected under 35 U.S.C. § 103(a) as unpatentable over Grigsby, Beaumont, and Sauve. Final Act. 9-10. THE OBVIOUSNESS REJECTION OVER GRIGSBY AND BEAUMONT Independent Claims 1, 11, and 20 I Independent claim 1 recites, in part, “at the trustworthy verifier remote from the user, accessing policy identified by the user to the trustworthy verifier as a policy which the user desires the badge to be evaluated against” (emphasis added). Independent claims 11 and 20 recite similar limitations. In rejecting claim 1 under § 103 as unpatentable over Grigsby and Beaumont, the Examiner finds that Grigsby teaches the recited policy. Final Act. 3. In particular, the Examiner finds that Grigsby’s policy determines whether the badge is valid. Id. (citing Grigsby Fig. 2). In 3 Appeal 2017-006380 Application 13/925,619 rejecting independent claims 11 and 20, the Examiner addresses the accessing limitation in a similar way. See Final Act. 7—8. Appellants argue that Grigsby’s user does not provide or identify any policy that the user desires the credential to be evaluated against. App. Br. 8—16, 18—20; Reply Br. 2—\. According to Appellants, the user only provides an image of the unverified badge and authentication information. App. Br. 11. In Appellants’ view, Grigsby does not evaluate the user-provided image using any user-identified policy. Id. at 9, 13, 15, 18—20; Reply Br. 2-A. Notably, Appellants do not dispute that Grigsby’s system accesses a policy. Reply Br. 3. In particular, Appellants do not dispute that Grigsby’s steps 520, 522, 524, and 526 in Figure 5 involve accessing a policy. Id. (citing Ans. 3). In Figure 5’s process, if the user-provided image matches one in the credential-image database, step 520 compares the user-provided authentication information with information from the issuing authority. Grigsby Fig.5,1 80. If the authentication information is also valid, Grigsby’s response module notifies the user that the unverified credential is valid. Id. Because Appellants do not dispute that Grigsby’s system accesses a policy here, the issues are whether Grigsby’s policy is (1) one in “which the user desires the badge to be evaluated against” and (2) “identified by the user” to the system performing these steps. Accord Reply Br. 3. The independent claims do not recite any step requiring the user to provide the policy itself, as Appellants argue (see, e.g., App. Br. 9, 13, 15). Rather, the user’s desired policy could be identified to the trustworthy verifier in a number of ways. 4 Appeal 2017-006380 Application 13/925,619 This reading of the claim is consistent with the Specification. For instance, according to the Specification, “[t]he policy 110 can be identified to, or provided to a trustworthy verifier 112.” Spec. 118 (emphasis added). That is, providing the policy itself is one way to identify the user’s desired policy, but not the only one. See id.', see also id. 194 (describing the embodiments as “illustrative and not restrictive”). The Examiner finds that Grigsby’s user identifies the recited policy by sending an image to the service. Final Act. 3 (citing Grigsby Fig. 2, step 224). We agree. By sending the information to Grigsby’s badge information service, the user identifies the service’s policy as the one that the user desires the badge to be evaluated against. See Grigsby Fig. 2. As noted above, Grigsby’s badge information service uses some policy. Id. Fig.5,1 80. Although the user does not provide the policy itself, the act of choosing Grigsby’s badge information service as the verification tool is an identification of a policy. For example, a user must use a cell phone and choose to begin the verification process with Grigsby’s particular service. See id. ]Hf 54—55 (describing Fig. 2). The user initiates the verification process by sending the image to the service. Id. Fig. 2. The service treats this communication as “a request from the user,” and in this way, the user identifies to the service that the service’s policies are the ones desired. Id. 1 56. Accordingly, we agree that Grigsby’s user identifies a policy by sending an image to the system to initiate the verification procedure. Final Act. 3. Furthermore, as the Examiner discusses, Grigsby’s policies have certain selectable criteria. Ans. 3 (discussing various criteria). The Examiner notes that Grigsby’s criteria include type of badge, the issuing 5 Appeal 2017-006380 Application 13/925,619 state, among others. Id. For example, Grigsby’s user can specify that the unverified credential is a police badge from California. Grigsby 1 66, discussed in App. Br. 12. The system then evaluates this credential against Californian police badges. Grigsby 1 66. In this additional way, we agree with the Examiner that the user can further identify a policy that the user desires the badge to be evaluated against. See id.', Ans. 3 (discussing the criteria in Grigsby 1 66). On this record, we are not persuaded that the Examiner erred in finding that Grigsby accesses a “policy identified by the user to the trustworthy verifier as a policy which the user desires the badge to be evaluated against,” as recited in the independent claims. II Independent claim 1 further recites, in part, “as a result of determining that the badge is compliant with the policy . . . causing the badge to the displayed by the displayer” (emphasis added). Independent claims 11 and 20 recite similar limitations. The Examiner finds that Grigsby teaches all limitations of claim 1 except for the recited cryptographic security protocol with a displayer including a secured display area. Final Act. 4. For the feature missing from Grigsby, the Examiner turns to Beaumont. Id. In particular, the Examiner finds that Beaumont teaches a greyed-out untrusted portion and a displayed trusted portion. Id. According to the Examiner, Beaumont’s example includes the recited secure computer display area. Id. The Examiner combines Beaumont’s teachings with Grigsby’s service, which communicates issuing authentication information 244 for the user. Id. (citing Grigsby 159). 6 Appeal 2017-006380 Application 13/925,619 Appellants argue that the Examiner has not shown that Grigsby displays a badge to the user as recited. App. Br. 9, 11, 13, 15, 20; Reply Br. 4. According to Appellants, Grigsby causes a “notification to be displayed,” not the badge. Reply Br. 4. We disagree. Appellants’ arguments are not persuasive because they do not squarely address the Examiner’s reliance on Grigsby in combination with Beaumont to securely deliver a badge image. Accord Ans. 3^4. In particular, the Examiner relies on Beaumont to teach displaying only verifiably trustworthy content. Id. at 4 (citing Beaumont 1182). In Grigsby, the content is the badge image. Grigsby 1 57, cited in Final Act. 3. For example, Grigsby’s database contains issuing authority information 244. Grigsby 155. Grigsby’s issuing authority information 244 stores verified authentication information for all badges included in badge information 232. Id. 1 58. Badge information 232 may include an image of a valid FBI badge {id.), and the authentication information may include the officer’s image {id. 1 60). Grigsby’s service may also deliver a response document with information to the user. Id. 1 59. Therefore, Grigsby at least suggests communicating policy-compliant content to the user and teaches that policy- compliant content includes the badge image. See id. 11 57, 59, cited in Final Act. 3^4. The Examiner proposes displaying Grigsby’s policy-compliant content, including the badge image, using Beaumont to secure the connection for that display. Final Act. 4 (citing Grigsby 1 59; Beaumont H 39, 182). In this way, the Examiner’s proposed enhancement predictably uses the prior art according to established functions, and 7 Appeal 2017-006380 Application 13/925,619 involves a creative step well within the level of those ordinarily skilled in the art. See KSR Inti Co. v. Teleflex, Inc., 550 U.S. 398, 417, 421 (2007). On this record, we are not persuaded that the Examiner erred in finding that Grigsby and Beaumont collectively teach causing the badge to be displayed by the displayer as a result of determining that the badge is compliant with the policy, as recited in the independent claims. Accordingly, we sustain the Examiner’s rejection of independent claims 1,11, and 20, as well as dependent claims 2, 4, 6, 8, 10, 12, 14, 16, and 19, which are not argued separately. Claims 3, 5, 13, and 15 Claim 3 recites, in part, “providing a report that indicates badges that are compliant with the policy and provides information about why badges that are non-compliant with the policy failed the policy.” Claim 13 recites a similar limitation. Regarding claims 3 and 13, the Examiner finds that Grigsby teaches this limitation. Final Act. 5 (citing Grigsby Fig. 5), 7; Ans. 3 (citing Grigsby 1 53). Appellants argue that Grigsby does not indicate why the badge is non-compliant. App. Br. 12 (discussing Grigsby 48, 62); Reply Br. 5(discussing Grigsby 1 53). We are not persuaded that the Examiner erred in this regard. In the paragraph cited in the Answer (Ans. 3), Grigsby’s response module notifies the user that unverified credential 112 is invalid. Grigsby 1 53. Contrary to Appellants’ argument (Reply Br. 5), notification 118 tells the user why. Grigsby 1 53. Specifically, notification 118 tells the user that the person presenting the badge is not an authorized individual associated with the Utah state police badge having the user-provided 8 Appeal 2017-006380 Application 13/925,619 number. Id. To verify the credential, Grigsby’s method uses a matching image, a valid range of numbers, among other criteria. See id. 1 58. So, the badge could be invalid for several reasons. See id. 1 58. But in the cited example, badge number 445398 is issued to Officer Frank Hernandez, not the individual presenting the badge, John Smith. Id. H 51, 52. Here, Grigsby communicates this to the user. Id. 1 53. Thus, we see no error in the Examiner’s finding that Grigsby provides the recited report and information about non-compliance. See Ans. 3 (citing Grigsby 1 53). Appellants further argue that, in relying on Grigsby’s paragraph 53, the Examiner has combined features of different embodiments without an articulated reasoning with some rational underpinning to do so. Reply Br. 5. According to Appellants, Grigsby’s Figure 1 and Figure 2 are separate embodiments. Id. We are not persuaded. Grigsby describes Figure 1 as “a block diagram illustrating one embodiment of a system for visual credential verification.” Grigsby 116. Grigsby describes Figure 2 as “a schematic block diagram illustrating an exemplary division of tasks and information in a system implementing the present invention.” Id. 1 54 (emphasis added). That is, these figures illustrate different types of block diagrams, each showing different information. Compare id. Fig. 1 with id. Fig. 2. For instance, Figure 1 shows a high-level flow of information through various modules. See id. Fig. 1. Figure 2, however, shows a series of steps and tasks along with the entity performing them. See id. Fig. 2. Indeed, Appellants do not explain how the corresponding embodiments are different. See Reply Br. 5. Nor do Appellants explain why the system of Figure 1 does not notify the user in the same way as Figure 2. See id. On this record, we are unpersuaded by 9 Appeal 2017-006380 Application 13/925,619 Appellants’ argument that these figures correspond to different embodiments. See id. Accordingly, we sustain the Examiner’s rejection of claims 3 and 13, as well as claims 5 and 15, which are not argued separately. Claims 9 and 18 Claims 9 and 18 recite, in part, “the trustworthy verifier is selected to be a trustworthy verifier by voting of members of a federation.” The Examiner finds that Grigsby teaches this limitation because the badge information service is a government-provided service. Ans. 5 (citing Grigsby 1 55). According to the Examiner, Grigsby’s government-provided services are controlled by officials selected by voting of members of a federation, such as the state of Utah or the United States. Ans. 5. Appellants argue that, although a government-provided service might be selected to be trustworthy by the recited voting members, Grigsby does not disclose this is the case. App. Br. 22. Moreover, Appellants contend that the claims require that the verifier is selected by the recited voting, not that the verifier is controlled by officials selected to be officials by voting of a federation’s members. Reply Br. 6. Notably, claim 9 is a method claim. Yet, claim 9 does not affirmatively recite a step of voting or selecting. Rather, the selection is recited as the trustworthy identifier’s source or origin. Essentially, the claimed selection is an unobservable characteristic of the trustworthy verifier. That is, one would have to be informed about the vote in order to distinguish one verifier from another. Claim 18 further supports reading the recited selection as a source/origin limitation. Claim 18 is directed to a system. The components 10 Appeal 2017-006380 Application 13/925,619 of the system—i.e., one or more processors and computer readable medium—do not carry out the selecting and voting. The recited members of a federation are not part of claim 18’s system. In claim 18, like claim 9, the selection is recited as a characteristic of the trustworthy verifier. Given this understanding of the claims, Appellants have not explained, persuasively, how the recited selection imparts a characteristic that distinguishes the recited verifier from Grigsby’s verifier. See App. Br. 22; Reply Br. 9. Because the recited voting and selection are not recited as method steps in claim 9 or functions that the system in claim 11 carries out, Appellants have not shown how the claimed method and system differ from Grigsby’s. For at least this reason, we are not persuaded that the Examiner erred in finding that the limitation at issue would have been obvious over the Grigsby-Beaumont combination. Additionally, the Examiner’s finding that Grigsby suggests that the verifier is selected in the recited manner (Ans. 5) is reasonable. In particular, Grigsby teaches that authentication information is provided by the Utah state police. Grigsby 1 52. Grigsby also teaches that a government provides the badge information service. Id. 1 55. The Examiner finds that Grigsby’s government-provided services are controlled by officials selected by voting of members of a federation—i.e., citizens of Utah in Grigsby’s example. Ans. 5. Although Appellants argue that this arrangement would not satisfy the claim (Reply Br. 6), we agree with the Examiner. Here, the Examiner broadly, but reasonably, construes the limitation “by voting of members of a federation” to mean that the vote indirectly determines the selection of the verifier. See Ans. 5. That is, the claim does not expressly require that the federation members vote on the 11 Appeal 2017-006380 Application 13/925,619 verifier to be the trustworthy verifier, only that the verifier is selected by voting on something. Here, the Examiner finds that the verifier is selected to be a trustworthy verifier by members of a federation voting on the officials. Id. Because the claims broadly cover several ways of using the vote to select a verifier, we agree that Grigsby suggests that the trustworthy verifier is selected to be a trustworthy verifier by voting of citizens of Utah. Id. Accordingly, we sustain the Examiner’s rejection of claims 9 and 18. THE REMAINING OBVIOUSNESS REJECTIONS Claims 7 and 17 depend from claims 1 and 11, respectively. Appellants, however, do not argue claims 7 and 17, separately with particularity. See App. Br. 7—22; Reply Br. 2—6. Therefore, for the reasons discussed in connection with claims 1 and 11, we also sustain the rejections of claims 7 and 17. DECISION We affirm the Examiner’s rejection of claims 1—20. No time period for taking any subsequent action in connection with this appeal may be extended under 37 C.F.R. § 1.136(a)(l)(iv). AFFIRMED 12