Ex Parte SaninDownload PDFBoard of Patent Appeals and InterferencesNov 8, 200710272225 (B.P.A.I. Nov. 8, 2007) Copy Citation UNITED STATES PATENT AND TRADEMARK OFFICE ____________ BEFORE THE BOARD OF PATENT APPEALS AND INTERFERENCES ____________ Ex parte ALEKSEY SANIN ____________ Appeal 2007-2502 Application 10/272,225 Technology Center 2100 ____________ Decided: November 8, 2007 ____________ Before LANCE LEONARD BARRY, HOWARD B. BLANKENSHIP, and STEPHEN C. SIU, Administrative Patent Judges. SIU, Administrative Patent Judge. DECISION ON APPEAL I. STATEMENT OF THE CASE Appellant appeals under 35 U.S.C. § 134(a) from the Examiner’s Final Rejection of claims 1, 3-6, 8-12, and 14-20. We have jurisdiction under 35 U.S.C. § 6(b). We affirm in part. Appeal 2007-2502 Application 10/272,225 2 A. INVENTION The invention at issue involves web service security. Typically, web services are prone to unauthorized access. Such unauthorized access may include malicious requests from users. (Spec. 1.) Standard methods of maintaining web service security have been less effective with Hypertext Markup Language (HTML) tags or script executing in a dynamically generated web page. (Id. 4.) For example, a malicious user may construct a link to insert malicious script within a server page. In this case, the malicious script may be executed within the context of a safe and secure domain. (Id. 5.) In contrast, Appellant’s invention provides for a mechanism in which known types of malicious attacks on a web service may be detected and averted. (Id. 6.) B. ILLUSTRATIVE CLAIMS Claims 1, 3, 6, and 19, which further illustrate the invention, follow. 1. In an HTTP based network, a security filter for shielding a Web service application from malicious HTTP requests, comprising: a plurality of pattern rules categorized by object types, said plurality of pattern rules comprising patterns of known attacks; means for parsing an incoming request into objects of said object types; means for applying said pattern rules to said objects; and Appeal 2007-2502 Application 10/272,225 3 means for taking actions on said incoming request when any substring in said objects matches any of said pattern rules in order to intercept said known attacks. 3. The security filter of claim 1, wherein lists of said pattern rules corresponding to object types are executed sequentially. 6. A method for protecting a Web service application from a malicious HTTP request, comprising the steps of: parsing an incoming HTTP request into objects; applying a predefined group of pattern rules to said objects, said predefined group of pattern rules comprising patterns of known attacks; and taking an action when any substring included in said objects matches any of said pattern rules in order to intercept said known attacks. 19. In an HTTP based network, a security filter for shielding a Web service application from malicious HTTP requests, comprising: a plurality of pattern rules categorized by object types, said plurality of pattern rules comprising patterns of known attacks; at least one digital data processor programmed to perform operations comprising: parsing an incoming request into objects of said object types; applying said pattern rules of each object type to objects of corresponding object type; and taking actions on said incoming request when any said objects satisfies any of said pattern rules in order to intercept said known attacks. Appeal 2007-2502 Application 10/272,225 4 C. REJECTIONS Claims 1, 3-6, 8-12, and 14-20 stand rejected under 35 U.S.C. § 102(e) as anticipated by U.S. Patent Publication No. 2002/0133603 ("Mitomo"). “When multiple claims subject to the same ground of rejection are argued as a group by Appellant, the Board may select a single claim from the group of claims that are argued together to decide the appeal with respect to the group of claims as to the ground of rejection on the basis of the selected claim alone. Notwithstanding any other provision of this paragraph, the failure of Appellant to separately argue claims which Appellant has grouped together shall constitute a waiver of any argument that the Board must consider the patentability of any grouped claim separately.” 37 C.F.R. § 41.37(c)(1)(vii) (2006).1 Here, Appellant argues claims 1, 4-6, 9-12, and 15-17, which are subject to the same ground of rejection, as a group. 2 (App. Br. 9-16.) Appellant further argues, as a group, an additional feature recited in claims 3, 8, and 14. (Id. 16-17). Also, Appellant argues claims 18-20, which are subject to the same ground of rejection, as a group. (App. Br. 17-18). 1 We cite to the version of the Code of Federal Regulations in effect at the time of the Appeal Brief. The current version includes the same rules. 2 Although Appellants place claims 4-6, 9-12, and 15-17 in different headings in the Appeal Brief, Appellants rely on the same argument with respect to deficiencies in Mitomo as applied against claim 1. Appeal 2007-2502 Application 10/272,225 5 We note that, although subject to the same ground of rejection and argued as a group by Appellant, not all of Appellant’s arguments for claims 1, 3-6, 8-12, and 14-17 apply to claims 6, 9-12, and 15-17. Therefore, we consider claim 1 as the sole claim on which to decide the appeal of claims 1, 4, and 5 (the first group); claim 6 as the sole claim on which to decide the appeal of claims 6, 9-12, and 15-17 (the second group); claim 3 as the sole claim on which to decide the appeal of claims 3, 8, and 14 (the third group); and claim 19 as the sole claim on which to decide the appeal of claims 18-20 (the fourth group). II. CLAIMS 1, 4, AND 5 "Rather than reiterate the positions of parties in toto, we focus on the issue therebetween." Ex Parte Filatov, No. 2006-1160, 2007 WL 1317144, at *2 (BPAI 2007). The Examiner indicates that claim 1 is deemed to be fully met by the disclosure of Mitomo. (Ans. 3-4). Appellant argues that Mitomo does not disclose “a plurality of pattern rules categorized by object types” (App. Br. 11) or “parsing an incoming request into objects of said object types” (Id. 14). The Examiner states that Mitomo discloses that “patterns of incorrect accesses are categorized, for example, by the ‘URL=.. …’, ‘CGI>=.htr’, and the patterns of correct accesses are categorized by, for example, path of a file (paragraph 0071).” (Ans. 8.) Appeal 2007-2502 Application 10/272,225 6 "[A]nticipation of a claim under § 102 can be found only if the prior art reference discloses every element of the claim. . . ." In re King, 801 F.2d 1324, 1326 (Fed. Cir. 1986) (citing Lindemann Maschinenfabrik GMBH v. American Hoist & Derrick Co., 730 F.2d 1452, 1458 (Fed. Cir. 1984)). "[A]bsence from the reference of any claimed element negates anticipation." Kloster Speedsteel AB v. Crucible, Inc., 793 F.2d 1565, 1571 (Fed. Cir. 1986). "[T]he PTO gives claims their 'broadest reasonable interpretation.'" In re Bigio, 381 F.3d 1320, 1324 (Fed. Cir. 2004) (quoting In re Hyatt, 211 F.3d 1367, 1372 (Fed. Cir. 2000)). "Moreover, limitations are not to be read into the claims from the specification." In re Van Geuns, 988 F.2d 1181, 1184 (Fed. Cir. 1993) (citing In re Zletz, 893 F.2d 319, 321 (Fed. Cir. 1989)). Claim 1 recites that the pattern rules are categorized by object types. Giving the term “object” the broadest reasonable interpretation, an “object” may be construed as a computer program block of code functioning as a unit. Hence, an “object type” may be construed as a block of code, functioning as a unit, and having a certain form or type. Given this interpretation, the Examiner asserts that “URL=.. …”, or “CGI>=.htr” may each constitute a type of a program block of code functioning as a unit, i.e., an “object type.” Appellant argues that Mitomo fails to disclose “object types” but fails to provide a rationale as to why the asserted elements in Mitomo do not Appeal 2007-2502 Application 10/272,225 7 constitute “object types.” The Specification, although providing examples of “object types” as being path, query, body, headers, and cookies (Spec. 8), is nevertheless silent as to how the term “object types” is defined. Also, Appellant has not provided extrinsic evidence demonstrating how one of ordinary skill in the art would have understood the term “object types” as used in the context of claim 1 and how such an understanding by one of ordinary skill in the art would differ from the categories disclosed by Mitomo. In the absence of such guidance, we agree with the Examiner that, interpreted reasonably broadly, any of the examples of Mitomo’s patterns (i.e., “URL=.. …”, or “CGI>=.htr”) may constitute object types. As such, Mitomo discloses categorizing rules by object type. Appellant further argues that Mitomo fails to disclose “means for parsing an incoming request into objects of said object types.” (App. Br. 14). "Both anticipation under § 102 and obviousness under § 103 are two- step inquiries. The first step in both analyses is a proper construction of the claims. . . . The second step in the analyses requires a comparison of the properly construed claim to the prior art." Medichem, S.A. v. Rolabo, S.L., 353 F.3d 928, 933, 69 USPQ2d 1283, 1286 (Fed.Cir. 2003) (internal citations omitted). Again, the PTO gives claim terms their broadest reasonable interpretation. The Specification does not provide a definition of the term Appeal 2007-2502 Application 10/272,225 8 “parsing.” Therefore, we define the term “parsing” using a standard meaning of “analyzing the parts of to determine structure.” We agree with the Examiner that Mitomo analyzes the parts of an input Hypertext Transfer Protocol (HTTP) message. Mitomo discloses receiving an HTTP request and “checking whether [the] HTTP request from a client device corresponds to a pattern of an incorrect request . . . .” (Mitomo, para. [0056]). Thus, Mitomo analyzes the received HTTP request to determine if the HTTP request corresponds to a predetermined pattern. As such, contrary to Appellant’s assertion, we find that Mitomo discloses parsing the HTTP message by analyzing the parts of a message to determine structure. It follows that Appellant has failed to demonstrate that the Examiner erred in rejecting claim 1. Therefore, we affirm the rejection of claim 1, and of claims 4 and 5, which fall therewith. III. CLAIMS 6, 9-12, AND 15-17 As set forth above, we select claim 6 as the sole claim on which to decide the appeal of claims 6, 9-12, and 15-17 (the second group). Appellant argues that Mitomo fails to disclose parsing. (App. Br. 14-16). As the aforementioned indicates, we find that Mitomo does, in fact, disclose parsing a received HTTP message. Appellant further argues that Mitomo fails to disclose “a plurality of pattern rules categorized by object types.” (Id. 11.) As set forth above, Appeal 2007-2502 Application 10/272,225 9 applying the broadest reasonable interpretation to the term “object type,” we agree with the Examiner that the categories of Mitomo (e.g., “URL=.. …”, or “CGI>=.htr) constitute different “object types.” However, even assuming one of ordinary skill in the art would have understood Mitomo’s categories not to be object types, claim 6 does not recite “a plurality of pattern rules categorized by object types.” Rather, claim 6 merely recites applying a predefined group of pattern rules to objects but does not require the objects to be of any particular type or that an object type be determined. Appellant argues for patentability of features that are not recited in the disputed claims. "[L]imitations are not to be read into the claims from the specification." Van Geuns, 988 F.2d at 1184. Therefore, we find Appellant’s arguments unpersuasive. It follows that Appellant has failed to demonstrate that the Examiner erred in rejecting claim 6. Therefore, we affirm the rejection of claim 6, and of claims 9-12, and 15-17, which fall therewith. IV. CLAIMS 3, 8, AND 14 A. EXAMINER'S REJECTION As set forth above, Appellant argues claims 3, 8, and 14, which are subject to the same ground of rejection, as a group. (App. Br. 16-17.) We select claim 3 as the sole claim on which to decide the appeal of the group. Appeal 2007-2502 Application 10/272,225 10 The Examiner indicates that claim 3 is deemed to be fully met by the disclosure of Mitomo. (Ans. 6.) Appellant argues that Mitomo does not disclose “lists of said pattern rules corresponding to object types are executed sequentially.” (App. Br. 16.) Based on the record before us, the Examiner does not show that Mitomo discloses executing lists of pattern rules “sequentially.” The absence of a disclosure that the pattern rules are executed “sequentially” negates anticipation. Therefore, we reverse the rejection of claim 3. B. BOARD'S REJECTION Under 37 C.F.R. § 41.50(b) (2007), we enter a new rejection against claims 3, 8, and 14. We reject claim 3 under 35 U.S.C. § 103(a) as obvious over Mitomo and U.S. Patent No. 5,613,110 (“Stuart”). The question of obviousness is "based on underlying factual determinations including . . . what th[e] prior art teaches explicitly and inherently. . . ." In re Zurko, 258 F.3d 1379, 1383 (Fed. Cir. 2001) (citing Graham v. John Deere Co., 383 U.S. 1, 17-18 (1966); In re Dembiczak, 175 F.3d 994, 998 (Fed. Cir. 1999); In re Napier, 55 F.3d 610, 613 (Fed. Cir. 1995)). Here, Mitomo discloses that With reference to the incorrect request DB 33, the estimation unit 32 estimates the correctness of an HTTP request on the basis of a predetermined estimation rule 32a. More specifically, when the HTTP request corresponds to any one of the patterns of incorrect accesses stored in the incorrect request DB 33 . . . . Appeal 2007-2502 Application 10/272,225 11 (Para. [0040]). Hence, Mitomo discloses accessing a database (i.e., incorrect request DB 33) and matching a received HTTP request to a stored incorrect pattern in the database. When a match is identified, the system “estimates that the HTTP request is an incorrect access.” (Id.) Although Mitomo does not explicitly indicate that the estimation unit 32 matches the HTTP request by searching or executing data within the incorrect request DB sequentially, it would have been obvious to one of ordinary skill in the art to do so. There are a finite number of ways in which one of ordinary skill in the art may access data. We identify two main predictable solutions to temporally accessing data – either 1) sequentially, or 2) in parallel. Accessing the data in Mitomo’s “incorrect request DB 33” sequentially to identify data matches would have been known to one of ordinary skill in the art and would have produced expectedly predictable results – for example, the successful analysis of the data in the database and matching to incoming data. Such anticipated success of using known methods to achieve expected results would be obvious to one of ordinary skill in the art. “When there is a design need or market pressure to solve a problem and there are a finite number of identified, predictable solutions, a person of ordinary skill has good reason to pursue the known options within his or her technical grasp. If this leads to the anticipated success, it is likely the product not of innovation but of ordinary skill and common sense.” KSR Int’l Co. v. Teleflex Inc., 127 S. Ct. 1727, 1742 (2007). Appeal 2007-2502 Application 10/272,225 12 In addition, Stuart discloses known methods of obtaining or executing data in which a sequential access of data is performed within a group of data objects (col. 1, ll. 51-54). It would have been obvious to one of ordinary skill in the art, given the Mitomo disclosure, to search Mitomo’s database using at least one of a finite number of methods including accessing or executing data sequentially or in parallel. Given the Stuart disclosure, one of ordinary skill in the art would have further understood that sequentially accessing or executing data is a known and predictable method of data access or execution that would likely result in successful management of data. Thus, one of ordinary skill in the art would have been motivated to access or execute the data in Mitomo’s database sequentially given the prior art teachings. Therefore, we reject claim 3. "The Board is basically a board of review," Ex parte Gambogi, 62 USPQ2d 1209, 1211 (BPAI 2001). Accordingly, we leave any further determination of the obviousness of claims 8 and 14 in view of Mitomo and Stuart to the Examiner and the Appellant. V. CLAIMS 18, 19 AND 20 Appellant argues claims 18, 19, and 20, which are subject to the same ground of rejection, as a group. (App. Br. 17-18.) We select claim 19 as the sole claim on which to decide the appeal of the group. Appeal 2007-2502 Application 10/272,225 13 The Examiner indicates that claim 19 is deemed to be fully met by the disclosure of Mitomo. (Ans. 4-5.) Appellant argues that Mitomo does not disclose “parsing an incoming request into objects of said object types” and “applying said pattern rules of each object type to objects of corresponding object type.” (App. Br. 17.) As set forth above, we find that Mitomo discloses the disputed features. In particular, Mitomo discloses receiving an HTTP request and “checking whether [the] HTTP request from a client device corresponds to a pattern of an incorrect request . . . .” (Mitomo, para. [0056]). Hence, Mitomo analyzes or parses the incoming HTTP message to analyze the message. Also as aforementioned, each of the pattern rules of each object type (e.g., “URL=.. …”, or “CGI>=.htr”) is applied to matching object types in corresponding data to determine a match. Therefore, we agree with the Examiner that Mitomo discloses the disputed feature of claim 19. It follows that Appellant has failed to demonstrate that the Examiner erred in rejection claim 19. Therefore, we affirm the rejection of claim 19, and of claims 18 and 20, which fall therewith. 37 C.F.R. § 41.50(b) 37 C.F.R. § 41.50(b) provides that, “[a] new ground of rejection pursuant to this paragraph shall not be considered final for judicial review.” Appeal 2007-2502 Application 10/272,225 14 37 C.F.R. § 41.50(b) also provides that the Appellants, WITHIN TWO MONTHS FROM THE DATE OF THE DECISION, must exercise one of the following two options with respect to the new grounds of rejection to avoid termination of appeal as to the rejected claims: (1) Reopen prosecution. Submit an appropriate amendment of the claims so rejected or new evidence relating to the claims so rejected, or both, and have the matter reconsidered by the examiner, in which event the proceeding will be remanded to the examiner … (2) Request rehearing. Request that the proceeding be reheard under 37 C.F.R. § 41.52 by the Board upon the same record … VII. ORDER In summary, the rejection of claims 1, 4-6, 9-12, and 15-20 under § 102(e) is affirmed, and the rejection of claims 3, 8, and 14 under § 102(e) is reversed. A new rejection of claims 3, 8, and 14 under § 103(a), however, is added. Appeal 2007-2502 Application 10/272,225 15 No time for taking any action connected with this appeal may be extended under 37 C.F.R. § 1.136(a)(1)(iv). AFFIRMED-IN-PART 37 C.F.R. § 41.50(b) rwk GLENN PATENT GROUP 3475 Edison Way, Suite L Menlo Park, CA 94025 Copy with citationCopy as parenthetical citation
