12236186 (P.T.A.B. Mar. 21, 2016)

Ex Parte Torres et al

Patent Trial and Appeal BoardMar 21, 2016

12236186 (P.T.A.B. Mar. 21, 2016)

UNITED STA TES p A TENT AND TRADEMARK OFFICE APPLICATION NO. FILING DATE FIRST NAMED INVENTOR 12/236, 186 09/23/2008 Matt Torres 56436 7590 03/23/2016 Hewlett Packard Enterprise 3404 E. Harmony Road Mail Stop 79 Fort Collins, CO 80528 UNITED STATES DEPARTMENT OF COMMERCE United States Patent and Trademark Office Address: COMMISSIONER FOR PATENTS P.O. Box 1450 Alexandria, Virginia 22313-1450 www .uspto.gov ATTORNEY DOCKET NO. CONFIRMATION NO. 82243451 7442 EXAMINER TRAN, TONGOC ART UNIT PAPER NUMBER 2434 NOTIFICATION DATE DELIVERY MODE 03/23/2016 ELECTRONIC Please find below and/or attached an Office communication concerning this application or proceeding. The time period for reply, if any, is set in the attached communication. Notice of the Office communication was sent electronically on above-indicated "Notification Date" to the following e-mail address( es): hpe.ip.mail@hpe.com mkraft@hpe.com chris.mania@hpe.com PTOL-90A (Rev. 04/07) UNITED STATES PATENT AND TRADEMARK OFFICE BEFORE THE PATENT TRIAL AND APPEAL BOARD Ex parte MATT TORRES, SALLY BLUE HOPPE, and JIM HARRITT Appeal2013-009429 Application 12/236,186 Technology Center 2400 Before MARC S. HOFF, ERIC B. CHEN, and JENNIFER L. McKEOWN, Administrative Patent Judges. McKEOWN, Administrative Patent Judge. DECISION ON APPEAL Appellants appeal under 35 U.S.C. Â§ 134(a) from the Examiner's decision to reject claims 1-20, which constitute all the claims pending in this application. We have jurisdiction under 35 U.S.C. Â§ 6(b), and we affirm. STATEMENT OF THE CASE Appellants' invention is directed to "[a] system and method for distributing enduring credentials for a secure network in an untrusted network environment." Abstract. Claim 1 is illustrative and reads as follows, with the disputed limitation emphasized: Appeal2013-009429 Application 12/236,186 1. A method for distributing enduring credentials for a secure network in an untrusted network environment, compnsmg: receiving temporary credentials at a computing device from an untrusted user; relaying the temporary credentials from the computing device to a network switch; relaying the temporary credentials from the network switch to an authentication server within the secure network; authenticating the computing device connected to the network switch; and transmitting enduring credentials to the computing device in an encrypted format to enable the computing device to communicate within the secure network through the network switch without providing access to the enduring credentials to the untrusted user. THE REJECTION The Examiner rejected claims 1-20 under 35 U.S.C. Â§ 103(a) as unpatentable over Whittington et al. (US 2008/0132203 Al; Apr. 20, 2006) ("Whittington"). Final Act. 5-10. 1 CONTENTIONS The Examiner finds that Whittington teaches the recited elements of claim 1. Appellants, on the other hand, contend that Whittington fails to disclose "transmitting enduring credentials to the computing device in an encrypted format to enable the computing device to communicate within the 1 Throughout this opinion, we refer to ( 1) the Appeal Brief, filed December 7, 2012 ("Br."); (2) the Examiner's Answer, mailed April 29, 2013 ("Ans."); and (3) the Examiner's Final Action, mailed August 10, 2012 ("Final Act."). 2 Appeal2013-009429 Application 12/236,186 secure network through the network switch without providing access to the enduring credentials to the untrusted user." Br. 12-13 (emphasis omitted). With respect to claim 11, Appellants additionally assert that Whittington fails to teach that the "temporary credentials are obtained via a web server located outside the secure network." See App. Br. 16-19 (emphasis omitted); see also Br. 23-26 (presenting a similar argument with respect to claim 4). With respect to claim 20, Appellants also contend that Whittington does not teach "revoke[ing] the enduring credentials of the computing device when a change occurs in the computing device." See Br. 20 and 22 (emphasis omitted). Similarly, with respect to claims 15 and 16, Appellants maintain that Whittington fails to teach revoking the enduring credentials when an unexpected event occurs. See Br. 28-30. Appellants argue, with respect to claim 12, that Whittington lacks the required "server being operable to reconfigure the computing device to enable the computing device [to] receive the encrypted enduring credentials over a secure connection with the secure network." See Br. 27. ISSUES UnderÂ§ 103, has the Examiner erred in rejecting the claimed invention by finding that Whittington teaches the disputed limitations identified above, as recited respectively in claims 1, 4, 11, 12, 15, 16, and 20? 3 Appeal2013-009429 Application 12/236,186 ANALYSIS Based on the record before us, we are not persuaded that the Examiner erred in rejecting claims 1-20 as unpatentable over Whittington. Claims 1-3 and 5-10 According to Appellants, Whittington fails to teach "transmitting enduring credentials ... without providing access to the enduring credentials to the untrusted user," as required by claim 1. Specifically, Appellants maintain that Whittington's disclosed permanent PIN would be understood by a skilled artisan to be "a unique number assigned by an organization to an individual and used as proof of identity." Br. 13-14 (emphasis omitted). As such, Appellants assert, the untrusted user would have access to the enduring credentials. Appellants unsupported, blanket assertions are unpersuasive. Notably, Appellants fail to provide any persuasive explanation as to why a skilled artisan would interpret Whittington's permanent PIN to be individual assigned and accessible. To the contrary, Whittington expressly states that the permanent PIN is assigned to the mobile communications device, not the subscriber or user. See, e.g., Whittington, i-18 ("the response including permanent PIN (PPIN) assigned to the mobile communications device"); Whittington, i-132 ("assigning a personalized indicium such as a PIN indicium to an MCD."). Moreover, as the Examiner explains, Whittington discloses provisioning the PIN to protect from unauthorized attempts to gain access to the network. Ans. 9. In other words, the purpose in Whittington is to protect from an untrusted user, and as such, a skilled artisan would 4 Appeal2013-009429 Application 12/236,186 understand that the PIN would not be provided to the untrusted user. As such, Whittington at least suggests that an untrusted would not have access to the enduring credentials, as required by claim 1. Likewise unavailing is Appellants' contention that Whittington teaches away from claim 1. Appellants assert that Whittington's secured end-to-end encryption "decrypts the data so the recipient may use the data" and, thus, teaches away from the claimed invention. Br. 14. We disagree. Whittington does not persuasively suggest that the use of the end-to-end encryption would permit an untrusted user access to Whittington's permanent PIN. Moreover, Appellants' argument incorrectly relies on the "recipient" necessarily being the untrusted user, rather than the mobile communications device. As the Examiner further points out, Whittington's use of end to end encryption at least teaches or suggests the limitation of "transmitting" the enduring credentials in encrypted format. Ans. 9. Accordingly, for the reasons discussed above and by the Examiner, claim 1 as well as claims 2, 3, and 5-10, not argued with particularity, are unpatentable over Whittington. Claims 4, 11-14, and 17-19 First, for the reasons discussed above, we disagree that Whittington fails to teach "that the untrusted user does not have access to the enduring credentials," as required by claim 11. See Br. 15-16. Appellants next assert that Whittington fails to teach that the temporary credentials are obtained via a web server located outside the secure network. See Br. 16-19; see also Br. 14--15 (presenting similar 5 Appeal2013-009429 Application 12/236,186 arguments with respect to claim 4 ). According to Appellants, Whittington is silent regarding "obtaining the TPIN from a web server located outside a secure network" and further teaches away from this limitation because Whittington's "TPIN is generated within the mobile communication device." Br. 1 7 (citing Whittington, i-f8). Appellants' arguments, though, are not commensurate with the scope of the claim. Namely, claim 11 does not require the temporary credentials to be generated by the external web server but merely recites that the temporary credentials are obtained via (claim 11) or using (claim 4) a web server outside the secure network. In other words, the temporary credentials must simply pass through a web server to satisfy the recited limitations. As such, we are not persuaded that Whittington fails to teach the disputed limitations. As the Examiner explains, Whittington expressly teaches of "a remote services server 106 may be interfaced with the enterprise network 102 for enabling a corporate user to access or effectuate any of the services from a remote location using a suitable mobile communications device (MCD) 116." Whittington, i121; see also Ans. 4. Paragraph 21 of Whittington additionally discloses A secure communication link with end-to-end encryption may be established that is mediated through an external IP network, i.e., a public packet-switched network such as the Internet 108, as well as the wireless packet data service network 112 operable with MCD 116 via suitable wireless network infrastructure that includes a base station (BS) 114. Whittington, i-f2 l (emphasis added); see also Whittington, Fig. 1. In other words, the authentication process of Whittington may pass through an external IP network, i.e. a web server external to the secure network. 6 Appeal2013-009429 Application 12/236,186 Therefore, Whittington teaches the disputed limitations of claims 4 and 11. See also Ans. 12; Final Act. 4 and 7. Accordingly, for the reasons discussed above and by the Examiner, claims 4 and 11 as well as claims 13, 14, and 17-19, not argued with particularity, are unpatentable over Whittington. Claims 15, 16, and 20 First, for the reasons discussed above, we disagree that Whittington fails to teach "that the untrusted user does not have access to the enduring credentials," as required by claim 20. See Br. 19-20. Appellants also argue that Whittington does not teach revoking the enduring credentials of the computing device when a change occurs in the computing device (claim 20) or when an unexpected event occurs (claims 15 and 16). Br. 20-22 and 28-30. According to Appellants, Whittington teaches away from this subject matter because Whittington describes re- registering users due to moving to a different wireless network coverage area. Br. 21; see also Br 27-28 (presenting similar arguments for claims 15 and 16). Appellants further contend that a non-working permanent PIN is not the same as revoking enduring credentials as the former is simply a misidentification, and the latter is an explicit action taken by a device to revoke enduring credentials. In other words, if the device identification in the Whittington reference were changed back to the original device identification, the authentication would work again. Br. 22. 7 Appeal2013-009429 Application 12/236,186 Appellants' arguments are unpersuasive. Whittington discloses that "[a] registration server 216 is operable for providing registration services for MCDs when they are initially activated or when the user re-registers due to moving to a different wireless network coverage area." Whittington, i-f 25 (emphasis added). Contrary to Appellants assertions, requiring a "re- registration" when a user moves into a different wireless network coverage area at least suggests to a skilled artisan that the initial registration was revoked before of the move. See also Ans. 5 and 13-1 7. As such, Whittington teaches the disputed limitations. Accordingly, for the reasons discussed above and by the Examiner, claims 15, 16, and 20 are unpatentable over Whittington. Claim 12 With respect to claim 12, Appellants assert that Whittington does not include a server operable to reconfigure the computing device to enable the computing device to receive the encrypted enduring credentials over a secure connection with the secure network. Br. 26-27. We disagree. We note that the Specification describes that Once the authenticator allows access to the server for the predetermined period, the authentication server or another computer within the secure network 110 can be used to reconfigure the computing device 102 to receive information in a secure manner. For example, the computing device may be reconfigured based on various standards such as secure state processing (SSP), secure shell (SSH), and secure socket layer (SSL) to enable information to be communicated in a secure manner. 8 Appeal2013-009429 Application 12/236,186 Spec. pp. 10-11. Whittington teaches establishing precisely these types of exemplary secure communication links discussed in the Specification. For example, Whittington describes that a remote services server 106 may be interfaced with the enterprise network 102 for enabling a corporate user to access or effectuate any of the services from a remote location using a suitable mobile communications device (MCD) 116. A secure communication link with end-to-end encryption may be established that is mediated through an external IP network ... Whittington, i-f 21. In view of the Specification's description of re- configuring, Whittington teaches a server "being operable to reconfigure the computing device to enable the computing device receive the encrypted enduring credentials over a secure connection with the secure network," as required by claim 12. Accordingly, for the reasons discussed above and by the Examiner, claim 12 is unpatentable over Whittington. CONCLUSION The Examiner did not err in rejecting claims 1-20 underÂ§ 103. DECISION The Examiner's decision rejecting claims 1-20 is affirmed. No time period for taking any subsequent action in connection with this appeal may be extended under 37 C.F.R. Â§ 1.136(a)(l )(iv). AFFIRMED 9