Ex Parte LI et alDownload PDFPatent Trial and Appeal BoardFeb 28, 201710404978 (P.T.A.B. Feb. 28, 2017) Copy Citation United States Patent and Trademark Office UNITED STATES DEPARTMENT OF COMMERCE United States Patent and Trademark Office Address: COMMISSIONER FOR PATENTS P.O.Box 1450 Alexandria, Virginia 22313-1450 www.uspto.gov APPLICATION NO. FILING DATE FIRST NAMED INVENTOR ATTORNEY DOCKET NO. CONFIRMATION NO. 10/404,978 03/31/2003 Hong C. Li 884.883US1 8887 21186 7590 03/02/2017 SCHWEGMAN LUNDBERG & WOESSNER, P.A. P.O. BOX 2938 MINNEAPOLIS, MN 55402 EXAMINER KYLE, TAMARA TESLOVICH ART UNIT PAPER NUMBER 2448 NOTIFICATION DATE DELIVERY MODE 03/02/2017 ELECTRONIC Please find below and/or attached an Office communication concerning this application or proceeding. The time period for reply, if any, is set in the attached communication. Notice of the Office communication was sent electronically on above-indicated "Notification Date" to the following e-mail address(es): uspto@slwip.com SLW @blackhillsip.com PTOL-90A (Rev. 04/07) UNITED STATES PATENT AND TRADEMARK OFFICE BEFORE THE PATENT TRIAL AND APPEAL BOARD Ex parte HONG C. LI, RAVI SAHITA, and SATYENDRA YADAV Appeal 2015-004516 Application 10/404,978 Technology Center 2400 Before THU A. DANG, JAMES R. HUGHES, and ALEX S. YAP, Administrative Patent Judges. HUGHES, Administrative Patent Judge. DECISION ON APPEAL STATEMENT OF THE CASE In an earlier Decision involving the instant application and the Desai reference (infra), Ex Parte Appeal 2010-011327 mailed May 30, 2013 (the “Prior Decision”), we reversed the Examiner’s decision rejecting claims 1—24 under 35 U.S.C. § 103(a) as being anticipated by Desai. Appeal 2015-004516 Application 10/404,978 In this appeal, Appellants seek our review under 35 U.S.C. § 134(a) of the Examiner’s Final Decision rejecting claims 1—24, which constitute all the claims pending in this application. See Final Act. 1—2; App. Br. 14.1 We have jurisdiction under 35 U.S.C. § 6(b). We reverse. Appellants ’ Invention The invention at issue on appeal concerns machine-readable media, systems, and methods for managing security policies of computing devices of a network, in particular, security policies pushed over the network security-enabled devices. For example, the method provides dynamically pushing a security policy from a first security device to a second security- enabled device over a network wherein the security policy is an executable script and the security-enabled device automatically executes the policy. Spec. 12, 18, 21—31; Abstract. Illustrative Claim Independent claim 1, reproduced below with the key disputed limitations emphasized, further illustrates the invention: 1. A method comprising: dynamically detecting, on a first security device, security information obtained from a second security-enabled device over a network connection between the first security device and the second security-enabled device, wherein the security information 1 We refer to Appellants’ Specification (“Spec.”) (filed Mar. 31, 2003); Appeal Brief (“App. Br,”) (filed Sept. 23, 2014); and Reply Brief (“Reply Br.”) (filed Mar. 16, 2015). We also refer to the Examiner’s Answer (“Ans.”) (mailed Jan.14, 2015), and Final Office Action (Final Rejection) (“Final Act.”) (mailed Jan. 21, 2014). 2 Appeal 2015-004516 Application 10/404,978 is related to activity occurring on the second security-enabled device detected by a security mechanism of the second security- enabled device and produced in a first data format specific to the security mechanism that is already processing on the second security-enabled device; normalizing the security information from the first data format into an intermediate data format before being processed by the first security device; recording the normalized security information in a data repository; and dynamically pushing from the first security device a security policy in response to the normalized security information to the second security-enabled device over the network in the first data format for enforcement on the second security-enabled device, and wherein enforcement occurs on the second security-enabled device, and wherein the security policy is an executable script and the security-enabled device automatically and dynamically executes the executable script to provide adaptive and dynamic security policy detection and enforcement. Rejection on Appeal The Examiner rejects claims 1—24 under 35 U.S.C. § 103(a) as being unpatentable over Desai et al. (US 2003/0188189 Al, published Oct. 2, 2003 (filed Mar. 27, 2002)) (“Desai”) and Cheng (US 2002/0184525 Al, published Dec. 5, 2002) (“Cheng”). ISSUE Based upon our review of the administrative record, Appellants’ contentions, and the Examiner’s findings and conclusions, the pivotal issue before us is as follows: 3 Appeal 2015-004516 Application 10/404,978 Does the Examiner err in finding that the combination of Desai and Cheng collectively would have taught or suggested dynamically pushing from the first security device a security policy in response to the normalized security information to the second security-enabled device over the network in the first data format for enforcement on the second security-enabled device . . . wherein the security policy is an executable script and the security-enabled device automatically and dynamically executes the executable script to provide adaptive and dynamic security policy detection and enforcement within the meaning of Appellants’ claim 1 and the commensurate limitations of claims 7, 12, and 19? ANALYSIS Appellants contend that Desai and Cheng do not teach the disputed limitations of claim 1. See App. Br. 10-13; Reply Br. 2—3. Specifically Appellants contend that Desai does not teach an executable script, referencing our Prior Decision (see App. Br. 12) and Cheng does not describe security policies which are executable scripts “capable of being executed by the firewall or the devices controlled by the firewall” (App. Br. 11—12; see Reply Br. 2—3). We have reviewed the sections of Desai and Cheng cited by the Examiner, as well as the detailed discussions of the references by Appellants and the Examiner. Appellants persuade us of error in the obviousness rejection of claim 1. The Examiner finds that Desai generally describes security policies. See Final Act. 2, 5 (citing Desai Tflf 17, 24, 26, 27, 76, 85, 89, 93, 96, 101, and 103). We disagree, however, with the Examiner that Desai describes or suggests pushing a security policy that is automatically 4 Appeal 2015-004516 Application 10/404,978 executed. Ans. 5. Desai does not explicitly teach a “security policy,” much less that such a policy is automatically executed by a firewall or intrusion detection system. The only mention of a policy in the Examiner cited portions of Desai occurs in Desai’s paragraph 96, which discloses a sensor policy, but does not describe automatic execution of such a policy. Similarly, Cheng describes scripts, but these scripts are not executable (self-executing) at the device to be configured, rather Cheng describes creating device specific configuration documents (files), and that these device specific documents (“configuration script documents” (Cheng 149)) are then utilized to configure firewall security. App. Br. 11—12; Reply Br. 2—3 (compare Final Act. 2, 5; Ans. 3—6 (citing Cheng 149)). Cheng explicitly states that the security policy is transformed, via a script, prior to being sent (pushed) to the security device. See Cheng || 46, 49. It is unclear from the Examiner’s mapping of the prior art elements to the claim limitations how the combination of Desai and Cheng teach or suggest automatic execution of a security policy, which is an executable script, at a security device. Neither Desai, nor Cheng, alone or in combination, describes such an executable script. Further, assuming without deciding that Cheng suggests an executable script, the Examiner has not sufficiently explained how the Cheng’s purported executable script might be implemented in Desai’s security device. Consequently, we are constrained by the record before us to find that the Examiner erred in finding Desai and Cheng teach the disputed limitations of Appellants’ claim 1. Independent claims 7, 12, and 19 include limitations of commensurate scope. Claims 2—6, 8—11, 13—18, and 20-24 5 Appeal 2015-004516 Application 10/404,978 depend on claims 1, 7, 12, and 19, respectively. Accordingly, we reverse the Examiner’s obviousness rejection of claims 1—24. CONCLUSION Appellants have shown that the Examiner erred in rejecting claims 1— 24 under 35 U.S.C. § 103(a). DECISION We reverse the Examiner’s rejection of claims 1—24. REVERSED 6 Copy with citationCopy as parenthetical citation
