Ex Parte van Bemmel et alDownload PDFPatent Trial and Appeal BoardAug 15, 201410970143 (P.T.A.B. Aug. 15, 2014) Copy Citation UNITED STATES PATENT AND TRADEMARK OFFICE UNITED STATES DEPARTMENT OF COMMERCE United States Patent and Trademark Office Address: COMMISSIONER FOR PATENTS P.O. Box 1450 Alexandria, Virginia 22313-1450 www.uspto.gov APPLICATION NO. FILING DATE FIRST NAMED INVENTOR ATTORNEY DOCKET NO. CONFIRMATION NO. 10/970,143 10/21/2004 Jeroen van Bemmel van Bemmel 8-5 (LCNT/1266 4937 46363 7590 08/18/2014 WALL & TONG, LLP/ ALCATEL-LUCENT USA INC. 25 James Way Eatontown, NJ 07724 EXAMINER POLTORAK, PIOTR ART UNIT PAPER NUMBER 2496 MAIL DATE DELIVERY MODE 08/18/2014 PAPER Please find below and/or attached an Office communication concerning this application or proceeding. The time period for reply, if any, is set in the attached communication. PTOL-90A (Rev. 04/07) UNITED STATES PATENT AND TRADEMARK OFFICE ____________ BEFORE THE PATENT TRIAL AND APPEAL BOARD ____________ Ex parte JEROEN VAN BEMMEL and JACCO BROK ___________ Appeal 2014-002632 Application 10/970,143 Technology Center 2400 ____________ Before ELENI MANTIS MERCADER, MICHAEL J. STRAUSS, and DANIEL N. FISHMAN, Administrative Patent Judges. FISHMAN, Administrative Patent Judge. DECISION ON APPEAL Appeal 2014-002632 Application 10/970,143 2 This is an appeal under 35 U.S.C. § 134(a) of the final rejection of claims 1 and 23–44. 1 Claims 2–22 were previously cancelled. We have jurisdiction under 35 U.S.C. § 6(b). We affirm. STATEMENT OF THE CASE THE INVENTION Appellants’ invention relates to protecting network systems from viruses and other malicious applications by enforcing security policies. Spec. 1:6–7. Claim 1, reproduced below, is illustrative: 1. A method of enforcing security policies, comprising: using a processor and a memory for: determining if a client requesting access to an Internet Protocol (IP) network is in compliance with a current version of the security policies, wherein compliance is determined by checking a listing of compliant clients, wherein the listing of compliant clients includes clients that have downloaded client software including the current version of the security policies; based on a determination that the client is not in compliance with the current version of the security policies, denying the client access to the IP network and making accessible to the client the latest version of the client software including the current version of the security policies; and adding the client to the listing of compliant clients responsive to receiving confirmation that the client has 1 In this Opinion, we refer to Appellants’ Appeal Brief (“App. Br.,” filed November 18, 2013), Reply Brief (“Reply Br.,” filed January 8, 2014), the Examiner’s Answer (“Ans.,” mailed December 20, 2013), the Final Office Action (“Final Rej.,” mailed August 13, 2013), and the original Specification (“Spec.,” filed October 21, 2004). Appeal 2014-002632 Application 10/970,143 3 downloaded the latest version of the client software including the current version of the security policies; wherein, when the security policies are updated, the listing of compliant clients is cleared. THE REJECTIONS 2 Claims 1, 23–25, 27–36, and 38–44 are rejected under 35 U.S.C. § 103(a) as unpatentable over Herrmann (US 2003/0055994 A1, published Mar. 20, 2003), Sobel (US 7,249,187 B2, issued July 24, 2007), Szeto (US 7,516,487 B1, issued Apr. 7, 2009, filed May 20, 2004), and Burnett (US 2003/0028798 A1, published Feb. 6, 2003). Claims 26 3 and 37 are rejected under 35 U.S.C. § 103(a) as unpatentable over Herrmann, Sobel, Szeto, Burnett, and Golan (US 5,974,549, issued Oct. 26, 1999). Only those arguments actually made by Appellants have been considered in this decision. Arguments that Appellants did not make in the Briefs have not been considered and are deemed to be waived. See 37 C.F.R. § 41.37(c)(1)(iv) (2013). We have reviewed the Examiner’s rejections in light of Appellants’ arguments that the Examiner erred. App. Br. 17–39; Reply Br. 2–18. We disagree with Appellants’ conclusions. We agree with and adopt as our own the findings and reasons set forth by the Examiner in the action from which this appeal is taken and as set forth by the Examiner in the Examiner’s 2 The Examiner has withdrawn a rejection of claims 28 and 39 under 35 U.S.C. § 103(a). Ans. 8. 3 We note as harmless error the Examiner listing claim 6 rather than claim 26 under this rejection. Final Rej. 8. Appeal 2014-002632 Application 10/970,143 4 Answer in response to Appellants’ Appeal Brief (see Ans. 8–31). However, we highlight and address specific arguments and findings for emphasis as follows. REJECTION OVER HERRMANN, SOBEL, SZETO, and BURNETT INDEPENDENT CLAIMS 1, 33, AND 44 ISSUE 1 Has the Examiner erred by failing to consider all words of claim 1? ANALYSIS 1 Appellants argue the Examiner erred by failing to consider all words of claim 1. App. Br. 17–19. Specifically, Appellants contend, First, it is noted that, in discussing Herrmann, the Examiner asserts that Herrmann discloses “making accessible to said client a current version of said security policies” and also asserts that Herrmann discloses “making accessible to the client the latest version of the client software including the current version of the security policies.” (See Final Office Action, Pg. 3, Line 22 - Pg. 4, Line 7). First, Appellants submit that the first quoted portion above appears to have been erroneously retained from the previous Office Action (see Office Action, dated, June 17, 2013, Pg. 4, Lines 1 - 4), as it includes an assertion related to a previous version of Appellants’ claim 1 that did not include an indicate that it is client software that includes the current version of the security policies. Second, Appellants submit that the Examiner’s purported application of Herrmann to Appellants’ claim 1 is identical for the two quoted portions above, thereby indicating that no additional consideration was given to addition of the feature of “client software that includes the current version of the security policies” added to Appellants’ claim 1 in response to the previous Office Action . . . . Thus, Appellants submit that the Examiner failed to properly consider the feature of “making accessible to the client the latest version of the client Appeal 2014-002632 Application 10/970,143 5 software including the current version of the security policies” in determining the patentability of Appellants’ claim 1. App. Br. 18. We are unpersuaded the Examiner erred. Appellants conclude from the Examiner’s mis-quote of the present claim language that the Examiner failed to consider the current claim language. Appellants’ conclusion is not persuasive. We consider the Examiner’s copying a portion of an earlier analysis as harmless error. Appellants assert that (App. Br. 18–19) the Examiner’s rejection (Final Rej. 4) indicating a deficiency of Herrmann and introducing Sobel as disclosing features relating to a listing of compliant clients fails to consider all words of the claim. App. Br. 19. We find Appellants’ conclusion unpersuasive because it is not supported by any argument or evidence that the Examiner’s rejection is in error. We are therefore not persuaded the Examiner erred by failing to consider all words of claim 1. ISSUE 2 Has the Examiner erred finding Herrmann, in the proposed combination, teaches “client software including the current version of the security policies,” as recited in claim 1? ANALYSIS 2 Appellants’ arguments (App. Br. 17–19) alleging the Examiner failed to consider all words of claim 1 may be interpreted as further alleging Herrmann does not teach client software that includes current version of security policies. See, e.g., App. Br. 18 (“In the Final Office Action, however, the Examiner fails to consider or address the portions of Appellants’ claim 1 which indicate that it is client software that includes the current version of the security policies.”). Assuming, arguendo, the Appeal 2014-002632 Application 10/970,143 6 Appellants intended to proffer such an argument, we are not persuaded. The Examiner explains Herrmann clearly discloses client software including current security policies as anti-virus engine and/or anti-virus data files and associated updates. Ans. 10 (citing Herrmann ¶ 51). The Examiner also explains that this interpretation is consistent with Appellants’ Specification. Ans. 9 (citing Spec. 4:9–14, 5:8–10). We agree. Herrmann’s anti-virus engine and virus signatures (Herrmann ¶ 51) are clearly understood by the skilled artisan to be software elements and thus Herrmann discloses the claimed client software. Appellants respond, “Rather, the cited portions of Herrmann [(¶ 51)] merely disclose security-related elements (e.g., anti-virus policies, engines, programs, and data files) without any teaching or suggestion that the security-related elements are included as part of client software of the client.” Reply Br. 2. We find Appellants’ response (Reply Br. 2–3) unavailing. As the Examiner explains, the broadest reasonable interpretation of “client software including the current version of the security policies,” consistent with Appellants’ Specification, encompasses Herrmann’s antivirus engine, virus signatures, and related updates—all of which are recognized by the skilled artisan as software components. Ans. 10–11. The Examiner summarizes, “Similarly to applicant’s invention, Herrmann’s system is concern [sic] with policy compliance providing ‘the ability to enforce compliance with virus protection policies or rules.’” Ans. 10. We agree. All such software components of Herrmann are reasonably understood to be “part of” the client software to be updated in clients/users of Herrmann. We are therefore not persuaded the Examiner erred by finding Herrmann, in the proposed combination, teaches features relating to “client Appeal 2014-002632 Application 10/970,143 7 software including the current version of the security policies,” as recited in claim 1. ISSUE 3 Has the Examiner erred finding Sobel, in the proposed combination, teaches features relating to a “listing of compliant clients,” as recited in claim 1? ANALYSIS 3 Appellants argue the cited portion of Sobel (5:20–28) discloses a “database 315 that includes respective database entries for all clients 105 irrespective of whether the clients 105 are compliant or non-compliant” while claim 1, by contrast, recites a “listing of compliant clients.” App. Br. 19–20. We are not persuaded. The Examiner explains that the claimed listing is not limited to only compliant clients. Ans. 12. We agree. A listing that includes both compliant and non-compliant clients still comprises the recited “listing of compliant clients.” Regardless, the Examiner further explains that the cited portion of Sobel clearly discloses searching its database for an entry corresponding to a client and “If an entry for the requesting client is not found, the client is treated as not compliant.” Ans. 13 (quoting Sobel 5:25–26). We agree. Sobel, in combination with Herrmann, clearly teaches the recited listing under Appellants’ narrow interpretation of a list with entries for only compliant clients as well as the broad but reasonable interpretation of a “listing of compliant clients” that may include both compliant and non-compliant clients. Appellants further contend Sobel’s database is not the same as the recited listing because Sobel’s database does not satisfy properties of the recited listing. App. Br. 20–22. Specifically, Appellants argue the recited Appeal 2014-002632 Application 10/970,143 8 listing includes clients that have been updated with client software including the current security policies. App. Br. 20. As discussed supra, the Examiner relies on Herrmann for teaching enforcing compliance with security policies by updating clients with client software that includes current security policies. The Examiner relies on Sobel in the proposed combination only for features relating to the “listing of compliant clients.” Thus, Appellants improperly attack the references separately. In re Merck & Co., 800 F.2d 1091, 1097 (Fed. Cir. 1986). Appellants further argue Sobel’s database does not disclose adding or clearing entries as required of the recited listing. App. Br. 21–22. We disagree. The Examiner thoroughly explains why the ordinarily skilled artisan would understand entries are added to, and cleared from, Sobel’s database as required of the recited listing. Final Rej. 5–6. The Examiner cites Szeto as illustrative of obvious variations of the teachings of Sobel regarding a compliance database. Final Rej. 5–6. Appellants respond “[t]here is no valid basis for the Examiner’s assertion” that a list of compliant clients is the result of adding compliant clients to the list (Reply. Br. 5) or that the skilled artisan would recognize the desirability of clearing entries in the list (database) when the security policy changes (Reply Br. 6). Appellants do not persuasively rebut the Examiner’s findings. “[T]he [obviousness] analysis need not seek out precise teachings directed to the specific subject matter of the challenged claim, for a court can take account of the inferences and creative steps that a person of ordinary skill in the art would employ.” KSR Int’l Co. v. Teleflex Inc., 550 U.S. 398, 418 (2007). “If a person of ordinary skill can implement a predictable variation, § 103 likely bars its patentability.” Id. at 417. To the extent the proposed combination fails to explicitly teach the addition and clearing of entries in Appeal 2014-002632 Application 10/970,143 9 Sobel’s database, we find such a modification would be a predictable variation within the skill set of the ordinary skilled artisan. We are therefore not persuaded the Examiner erred by finding Sobel, in the proposed combination, teaches features relating to a “listing of compliant clients,” as in claim 1. In view of the above discussion, we are not persuaded the Examiner erred in rejecting independent claim 1. Independent claims 33 and 44 include similar recitations, were rejected for essentially the same reasons (Final Rej. 7), and Appellants do not argue claims 33 and 44 with particularity separate from claim 1 (App. Br. 31, 36). Therefore, for the same reason as claim 1, we are not persuaded the Examiner erred in rejecting claims 33 and 44. CLAIM 23 Claim 23 depends from claim 1 and additionally recites “wherein the latest version of the client software including the current version of the security policies is made accessible to the client via at least one of an access gateway, a remote server, or a predetermined website.” The Examiner cites Herrmann paragraph 51 as teaching this feature as the redirection of a non- compliant user to a “sandbox server” to obtain required anti-virus updates. Final Rej. 6. Appellants argue the updates accessible from the sandbox server of Herrmann are not part of client software as recited in claim 1 (from which claim 23 depends). App. Br. 23–24; Reply Br. 6–7. For the same reasons as claim 1 discussed supra, we are not persuaded the Examiner erred. See also Ans. 14–15. Appeal 2014-002632 Application 10/970,143 10 CLAIMS 24 AND 25 Claim 24 depends from claim 1 and additionally recites the update is made accessible by “obtaining” the latest version and the “propagating” the obtained latest version toward the client. Claim 25 depends from claim 24 and additionally recites the latest version is obtained by “downloading” the latest version from a remote server. The Examiner rejects both claims asserting, “in order for the client to receive the latest version of the client software, the software must be first obtained and then propagated to the client.” Final Rej. 7. Appellants argue, with respect to both claims 24 and 25, the Examiner erred by failing to cite any portion of the prior art that supports the rejection and thus concludes the Examiner’s rejection is deficient as merely a conclusory statement. App. Br. 24–26. We are not persuaded the Examiner erred. Although Appellants require specific citations to the prior art references, the test for obviousness does not require the claimed invention “be expressly suggested in any one or all of the references. Rather, the test is what the combined teachings of the references would have suggested to those of ordinary skill in the art.” In re Keller, 642 F.2d 413, 425 (CCPA 1981) (citations omitted). The Examiner explains, regardless of the specific manner in which client software is communicated to a client, it is required in Herrmann (i.e., inherent) that the software update must first be obtained “(otherwise there is nothing to provide to a client).” Ans. 17. We agree. Appellants’ Specification provide no definitions limiting the interpretation of “obtaining” or “propagating” and thus, the Patent Office applies the broadest reasonable interpretation consistent with the Specification. In re Am. Acad. of Sci. Tech. Ctr., 367 F.3d 1359, 1364 (Fed. Cir. 2004). The Examiner construes claims 24 and 25 (Ans. 17, 19) such that Herrmann’s paragraph 51 discloses obtaining as Appeal 2014-002632 Application 10/970,143 11 “sandbox server can provide access to the required anti-virus updates or information about where such updates may be obtained.” The Examiner further explains making the latest version accessible to, and received by, a client, as in Herrmann, meets the limitation of propagating the latest version toward the client. Ans. 17 (citing Herrmann ¶ 51, claim 64 “redirecting the device to a sandbox server for installation of the required virus protection update.”); see also Ans. 19. We agree. In view of the above discussion, we are not persuaded the Examiner erred in rejecting claims 24 and 25. CLAIM 27 Claim 27 depends from claim 1 and additionally recites the latest version of client software is made accessible to the client by “redirecting the client to a remote location using a restrictive connection.” In rejecting claim 27, the Examiner finds Herrmann paragraph 51 (“[n]on-compliant systems are barred from accessing a network until they have installed and activated the required programs . . . a non-compliant user is typically redirected to a server”) teaches use of a restrictive connection Final Rej. 6. Appellants argue the Examiner erred because the cited portion of Herrmann is devoid of any teaching that the redirection uses a restrictive connection. App. Br. 27. The Examiner explains, lacking any narrowing definition in the Specification, under a broad but reasonable interpretation, “a connection that restricts a client to the resources meets the limitation of the ‘restrictive connection.’” Ans. 21 (citing Herrmann ¶ 88). We agree. Appellants further argue, “the cited portions of Herrmann [(responsive primarily to the added citation to Herrmann ¶ 88)] are references to the connection that the client is attempting to establish with the gateway server, not a connection Appeal 2014-002632 Application 10/970,143 12 between the client and the sandbox server for purposes of obtaining the required anti-virus updates.” Reply Br. 8. We are unpersuaded because the argument is not commensurate with the claim language. Claim 27 does not require the “restrictive connection” be utilized specifically “for purposes of obtaining the required anti-virus updates.” Further supporting the Examiner’s findings, we note Appellants’ Specification provides an exemplary embodiment of a “restrictive connection” stating: The redirection of the client 110 to the remote server or Internet site is implemented using a restrictive connection such that the client 110 is isolated from network resources of the IP network branch 120, such as file servers, other clients, web servers, etc. Such restrictive connections may include assigning to the client 110 a predetermined IP address or Internet address allowing the client 110 access to only the remote server or a specific Internet site, respectively. Spec. 8:2–8. We observe Herrmann’s Figures 3 and 4 disclose a similar architecture in which a client 310 is restricted from access to protected data 390 by gateway server 350 when the client is non-compliant with security policies. See, e.g., Herrmann ¶ 88. However, client 310 may access other resources of the network (e.g., TrueVector service 320, integrity server 370, etc.) to access anti-virus updates and attain compliance with security policies. Id. Thus, under the Examiner’s broad but reasonable construction of “restrictive connection,” consistent with Appellants’ Specification, Herrmann’s non-compliant client obtains updates for anti-virus software through a connection that is restricted, permitting access to only those network elements required to bring the client into compliance—i.e., a “restrictive connection” similar to the exemplary embodiment of Appellants’ Specification. Appeal 2014-002632 Application 10/970,143 13 In view of the above discussion, we are not persuaded the Examiner erred in rejecting claim 27. CLAIMS 30 AND 31 Claims 30 and 31 depend from claim 1 and each additionally recites a specific source of the confirmation message that the client is successfully updated with the latest version of client software. The Examiner finds Sobel teaches confirming that a client is updated. Final Rej. 7. The Examiner further finds “a [person] skilled in the art would recognize that there are only a finite set of solution, including the confirmation about the client download wherein the conformation [sic] received from the client or from the source would have been merely an obvious variant offering the predictable benefit of customization (see KSR ruling).” Id. Appellants argue the Examiner erred by failing to cite any specific portion of Sobel as teaching the additional limitation. App. Br. 28–30; see also Reply Br. 10–12. We are unpersuaded because, as discussed supra, there is no requirement that the claimed limitation “be expressly suggested in any one or all of the references.” Keller, 642 F.2d at 425. In view of the above discussion, we are not persuaded the Examiner erred in rejecting claims 30 and 31. CLAIM 32 Claim 32 depends from claim 31 (which, in turn, depends from claim 1) and additionally recites the source of the latest version “comprises at least one of an access gateway, a remote server, or a predetermined website.” This additional limitation is identical to the additional limitation of claim 23 (which depends from claim 1). The Examiner’s rejects claim 32 pointing to Appeal 2014-002632 Application 10/970,143 14 the earlier discussions of similar recitations in other claims (i.e., claims 1, 23, and 31 in this case). Final Rej. 7. Appellants argue the Examiner erred by failing to consider all words of the claim in the different context—i.e., claim 32 depends from claim 31, which depends from claim 1, while claim 23, essentially identical to claim 32, depends directly from claim 1. App. Br. 30–31. We find Appellants’ argument unavailing because Appellants do not identify an error in the Examiner’s findings. In view of the above discussion, we are not persuaded the Examiner erred in rejecting claim 32. CLAIMS 28, 29, 34–36, AND 38–43 Appellants argue these dependent claims together with their respective base claims. App. Br. 27–28, 31–36. For the reasons discussed supra, we are unpersuaded the Examiner erred in rejecting claims 28, 29, 34–36, and 38–43. REJECTION OVER HERRMANN, SOBEL, SZETO, BURNETT, and GOLAN CLAIMS 26 AND 37 Claim 26 depends from claim 24 (discussed supra) and additionally recites “obtaining the latest version of the client software including the current version of the security policies in the form of an ActiveX component.” Claim 37 depends from claim 35 (rejected for the same reasons as claim 24) and includes the identical additional recitation. The Examiner rejects claims 26 and 37 for the same reasons as their respective base claims (24 and 35) additionally citing Golan for showing that the ActiveX format is “merely an old and well known obvious variant.” Final Appeal 2014-002632 Application 10/970,143 15 Rej. 9 (citing Golan Fig. 1 and associated text). Appellants argue the Examiner erred because “citation of Golan as an example illustrating use of ActiveX components fails to establish use of ActiveX components as claimed within the context of claim 26, or that use of ActiveX components as claimed within the context of claim 26 was well known at the time of Appellants’ invention.” App. Br. 38. Appellants argue the Examiner erred rejecting claim 37 for the same reasons as claim 26. App. Br. 39. We are not persuaded. Initially, we note Golan issued on October 26, 1999, in the same field of endeavor (see, e.g., Golan Abstract), and thus Golan is prior art that discloses technology known at the time of Appellants’ invention (application filed October 21, 2004). Appellants’ contention that Golan fails to establish that use of ActiveX “within the context of claim 26” is not persuasive because Appellants have not identified any error in the Examiner’s findings. Id. In view of the above discussion, we are not persuaded the Examiner erred in rejecting claims 26 and 37. Appeal 2014-002632 Application 10/970,143 16 DECISION For the above reasons, the Examiner’s decisions rejecting claims rejections of claims 1 and 23–44 under 35 U.S.C. § 103 are affirmed. No time period for taking any subsequent action in connection with this appeal may be extended under 37 C.F.R. § 1.136(a)(1)(iv). AFFIRMED kis Copy with citationCopy as parenthetical citation
