Ex Parte NazzalDownload PDFBoard of Patent Appeals and InterferencesMar 29, 201010701157 (B.P.A.I. Mar. 29, 2010) Copy Citation UNITED STATES PATENT AND TRADEMARK OFFICE ____________ BEFORE THE BOARD OF PATENT APPEALS AND INTERFERENCES ____________ Ex parte ROBERT N. NAZZAL ____________ Appeal 2009-006983 Application 10/701,157 Technology Center 2400 ____________ Decided: March 29, 2010 ____________ Before KENNETH W. HAIRSTON, JOHN C. MARTIN, and CARL W. WHITEHEAD, JR., Administrative Patent Judges. WHITEHEAD, JR., Administrative Patent Judge. DECISION ON APPEAL Appeal 2009-006983 Application 10/701,157 2 Appellant appeals under 35 U.S.C. § 134 from the Examiner’s rejection of claims 1-25 (App. Br. 2). We have jurisdiction under 35 U.S.C. § 6(b) (2002). We reverse. STATEMENT OF THE CASE1 Appellant invented a graphical interface rendered on a display associated with an intrusion detection system having a field that depicts a summary of anomalies identified as part of an event detected in a network. The interface generates alerts to notify the user of the anomalies or event of suspicious activity. The user has the option to snooze future alerts related to the event for a period of time. Claim 1, which further illustrates the invention, follows: 1. A graphical user interface rendered on a display associated with an intrusion detection system, the graphical user interface comprising: a field that depicts a summary of anomalies identified as part of an event that is detected in a network, the summary indicating event severity details of the event; and an alert action region including a control to permit a user to snooze future alerts related to the event in the summary for a period of time. The Rejections The Examiner relies upon the following prior art references as evidence of unpatentability: Kuroshita US 5,550,807 Aug. 27, 1996 Porras US 6,321,338 B1 Nov. 20, 2001 Cooper US 2002/0069200 A1 Jun. 6, 2002 Billhartz US 6,986,161 B2 Jan. 10, 2006 1 See generally App. Br. 2-3. Appeal 2009-006983 Application 10/701,157 3 Symantec, Symantec Antivirus for Macintosh, pp. 4-9, 4-10, 5-6, 5-7 (1992). Central Point, Virus Detection, Removal and Prevention, pp. 46-47 (1991). Claims 1-9 and 22-25 stand rejected under 35 U.S.C. § 103(a), as being unpatentable over Cooper and Symantec (Ans. 3-6). Claims 10-14 and 18 stand rejected under 35 U.S.C. § 103(a), as being unpatentable over Cooper, Symantec, and Billhartz (Ans. 6-7). Claims 15-17 and 21 stand rejected under 35 U.S.C. § 103(a), as being unpatentable over Cooper, Symantec, Billhartz, and Porras (Ans. 7-8). Claim 19 stands rejected under 35 U.S.C. § 103(a), as being unpatentable over Cooper, Symantec, Billhartz, and Central Point (Ans. 9). Claim 20 stands rejected under 35 U.S.C. § 103(a), as being unpatentable over Cooper, Symantec, Billhartz, and Kuroshita (Ans. 9-10). Rather than repeat the arguments of Appellant or the Examiner, we refer to the Appeal Brief (filed August 8, 2008), the Reply Brief (December 15, 2008), and the Answer (mailed October 14, 2008) for their respective details. In this decision, we have considered only those arguments actually made by Appellant. Arguments which Appellant could have made but did not make in the Brief have not been considered and are deemed to be waived. See 37 C.F.R. § 41.37(c)(1)(vii) (2008). All three independent claims (1, 10, and 22) have limitations drawn to snooze functionality (see App. Br. 17-21). Both claims 1 and 22 recite “an alert action region including a control to permit a user to snooze future alerts related to the event in the summary for a period of time,” and claim 10 recites “providing on a graphical user interface a snooze control to allow a user to snooze future alerts related to the selected event” (emphases added). The Examiner indicates that Cooper’s invention does not disclose an alert action region including a control to permit a user to snooze future alerts as Appeal 2009-006983 Application 10/701,157 4 recited in claims 1 and 22 and relies upon the Symantec reference to address Cooper’s deficiency (see Ans. 4). The Examiner further relies upon the combination of Cooper and Symantec to disclose the snooze control recited in claim 10 (see Ans. 6). It is the Examiner’s position that Symantec discloses snoozing future alerts because Symantec discloses that a response to an alert of a detected event of suspicious activity may include allowing the activity to continue and preventing alerts regarding the activity from appearing in the future (Ans. 4). ISSUE Does Symantec’s response to an event of suspicious activity constitute providing the user with the capability to snooze future alerts related to the event as recited in claims 1, 10, and 22? PRINCIPLES OF LAW During examination of a patent application, a claim is given its broadest reasonable construction “in light of the specification as it would be interpreted by one of ordinary skill in the art.” In re Am. Acad. of Sci. Tech Ctr., 367 F.3d 1359, 1364 (Fed. Cir. 2004) (citations omitted) (internal quotation marks omitted). “[T]he words of a claim ‘are generally given their ordinary and customary meaning.’” Phillips v. AWH Corp., 415 F.3d 1303, 1312 (Fed. Cir. 2005) (en banc) (citations omitted). ANALYSIS The Examiner refers to Figure 4-8 of Symantec showing an alert in response to an event of suspicious activity (Ans. 4, 11). Symantec’s Figure 4-8 is reproduced below: Appeal 2009-006983 Application 10/701,157 5 Figure 4-8 discloses a suspicious activity alert that provides three options (Allow, Deny, and Remember) for the user to select from in response to the detected suspicious activity (Symantec 4-9). The Examiner concludes that once a user selects the Remember function in response to an event of suspicious activity on Symantec’s alert, the user snoozes future alerts for a period of time (Ans. 11-12). Appellant argues that the Remember function does not meet the claim limitation of a period of time because no time period is specified by the Remember control that would resume alerting the user (Reply Br. 2; App. Br. 9). We find Appellant’s argument to be persuasive. As shown in Figure 4-8, Symantec’s Remember control places the alert into a permanent hibernation. Symantec does not specify nor define a period of time as recited in both independent claims 1 and 22. Claim 10 does not recite a period of time limitation, as claims 1 and 22 do, but claim 10 provides “a snooze control to allow a user to snooze future alerts.” The verb “snooze” refers to an activity that concludes or occurs within a time period. See Merriam-Webster’s Online Dictionary, http://www.merriam- webster.com/dictionary/snooze (last visited Mar. 24, 2010) (defining Appeal 2009-006983 Application 10/701,157 6 “snooze” in part as “to take a nap : doze”). Therefore, Symantec does not cure Cooper’s deficiency because Symantec does not disclose the option of snoozing the alerts for a period of time; instead, Symantec discloses permanent hibernation for the alerts related to the events of detected suspicious activity. None of the references cited by the Examiner cures the deficiency of Cooper. For these reasons and the one we stated previously, we will not sustain the Examiner’s decision rejecting claims 1, 10, or 22. We will also not sustain the Examiner’s decision rejecting dependent claims 2-9, 11-21, and 22-25 for the same reasons as stated previously. CONCLUSION Symantec’s response to an event of suspicious activity does not constitute providing the user with the capability to snooze future alerts related to the event as recited in claims 1, 10, and 22. ORDER We will not sustain the Examiner’s decision rejecting claims 1-25. REVERSED babc Riverbed Technology Inc. - PVF c/o Park, Vaughan & Fleming LLP 2820 Fifth Street Davis, CA 95618 Copy with citationCopy as parenthetical citation