Irdeto B.V.Download PDFPatent Trials and Appeals BoardDec 11, 20202019004745 (P.T.A.B. Dec. 11, 2020) Copy Citation UNITED STATES PATENT AND TRADEMARK OFFICE UNITED STATES DEPARTMENT OF COMMERCE United States Patent and Trademark Office Address: COMMISSIONER FOR PATENTS P.O. Box 1450 Alexandria, Virginia 22313-1450 www.uspto.gov APPLICATION NO. FILING DATE FIRST NAMED INVENTOR ATTORNEY DOCKET NO. CONFIRMATION NO. 15/802,501 11/03/2017 Ron Vandergeest 14-30044-US-C2 7779 128144 7590 12/11/2020 Rimon PC One Embarcadero Center Suite 400 San Francisco, CA 94111 EXAMINER MOORTHY, ARAVIND K ART UNIT PAPER NUMBER 2492 NOTIFICATION DATE DELIVERY MODE 12/11/2020 ELECTRONIC Please find below and/or attached an Office communication concerning this application or proceeding. The time period for reply, if any, is set in the attached communication. Notice of the Office communication was sent electronically on above-indicated "Notification Date" to the following e-mail address(es): docketing.rimonlaw@clarivate.com eofficeaction@appcoll.com patentdocketing@rimonlaw.com PTOL-90A (Rev. 04/07) UNITED STATES PATENT AND TRADEMARK OFFICE ____________________ BEFORE THE PATENT TRIAL AND APPEAL BOARD ____________________ Ex parte RON VANDERGEEST ____________________ Appeal 2019-004745 Application 15/802,501 Technology Center 2400 ____________________ Before JOHNNY A. KUMAR, JAMES W. DEJMEK, and SCOTT E. BAIN Administrative Patent Judges. KUMAR, Administrative Patent Judge. DECISION ON APPEAL Appellant1 appeals under 35 U.S.C. § 134(a) from a final rejection of claims 1–10. We have jurisdiction over the pending claims under 35 U.S.C. § 6(b). We affirm, and we enter a new ground of rejection. 1 Throughout this Decision, we use the word “Appellant” to refer to “applicant” as defined in 37 C.F.R. § 1.42 (2018). Appellant identifies Irdeto B.V., as the real party in interest. Appeal Br. 2. Appeal 2019-004745 Application 15/802,501 2 STATEMENT OF THE CASE Introduction Appellant’s disclosed and claimed invention generally relates to “preventing and detecting security threats to an operating system and certified applications operating on an electronic device. Spec. ¶ 2. Claim 1 is illustrative of the subject matter on appeal and is reproduced below: 1. An apparatus for increasing security of a computing device, that apparatus comprising: at least one processor; at least one non-transitory memory device storing instructions thereon which, when executed by the at least one processor, cause the at least one processor to: embed a first secured software agent within an OS kernel of the device, wherein the first secured software agent is one of plural other secured software agents generated by diverse code portion combinations to thereby have the same functionality but be structurally and semantically different and which are not embedded in the OS Kernel of the device, and wherein the first secured software agent is configured to limit access to the OS kernel to provide protection of applications and resources. The Examiner’s Rejections 1. Claims 1–10 stand rejected under pre-AIA 35 U.S.C. § 112, second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor regards as the invention. Final Act. 3, 4. 2. Claims 1 and 6 are rejected under pre-AIA 35 U.S.C. § 103(a) as being unpatentable over Chawla et al. (US 2013/0055347 Al; published Feb. 28, 2013) (hereinafter Chawla) in view of van den Berg et al. (US 2012/0030758 Al; published Feb. 2, 2012) (hereinafter Berg). Appeal 2019-004745 Application 15/802,501 3 3. Claims 2 and 7 are rejected under pre-AIA 35 U.S.C. § 103(a) as being unpatentable over Chawla, Berg as applied to claims 1 and 6 above, and further in view of Swoboda (US 2006/0259828 Al; published Nov. 16, 2006) (hereinafter Swoboda). 4. Claims 3 and 8 are rejected under pre-AIA 35 U.S.C. § 103(a) as being unpatentable over Chawla, Berg as applied to claims 1 and 6 above, and further in view of Brinskelle (US 8,683,052 B1; issued Mar. 25, 2014) (hereinafter Brinskelle). 5. Claims 4 and 9 are rejected under pre-AIA 35 U.S.C. § 103(a) as being unpatentable over Chawla, Berg as applied to claims 1 and 6 above, and further in view of Gleichauf (US 2010/0257599 Al; published Oct. 7, 2010) (hereinafter Gleichauf). 6. Claims 5 and 10 are rejected under pre-AIA 35 U.S.C. § 103(a) as being unpatentable over Chawla, Berg as applied to claims 1 and 6 above, and further in view of Paris et al. (US 2012/0311341 Al; published Dec. 6, 2012 (hereinafter Paris). ANALYSIS2 REJECTION UNDER 35 U.S.C. § 112, second paragraph The Examiner finds the recited terms: embed a first secured software agent within an OS kernel of the device, wherein the first secured software agent is one of plural other secured software agents generated by diverse code portion 2 Throughout this Decision, we have considered the Appeal Brief, filed Feb. 19, 2019 (“Appeal Br.”); the Reply Brief, filed May 30, 2019 (“Reply Br.”); the Examiner’s Answer, mailed May 9, 2019 (“Ans.”); and the Final Office Action, mailed Nov. 7, 2018 (“Final Act.”), from which this Appeal is taken. Appeal 2019-004745 Application 15/802,501 4 combinations to thereby have the same functionality but be structurally and semantically different and which are not embedded in the OS Kernel of the device, and wherein the first secured software agent is configured to limit access to the OS kernel to provide protection of applications and resources, are not clear. Final Act. 3–4. In particular, the Examiner finds: The claims (independent claims 1 and 6) filed on 25 November 2018 recites “embed a first secured software agent within an OS kernel of the device . . .” and “. . . which are not embedded in the OS Kernel of the device. . .”. However, this presents an inconsistency to the examiner. Both the claims recite “embed a first secured software agent within an OS kernel of the device”. Then the claim has been amended to recite now the secured software agent is not embedded in the OS Kernel of the device. It is now unclear whether the secured software agent is being embedded or not. The examiner would like to point out that the Appellant amended the claims (15 January 2019) to overcome the rejection and clarify the claim language. However, this claim set was not entered into the file due to the fact it changed the scope of the claims. Ans. 4. (emphasis added). Appellant contends that the Examiner erred in rejecting claim 1 under 35 U.S.C. § 112 because: The claim language is clear. Further, the Examiner, in arriving at the position on which the rejection is based, improperly took pains to find a claim construction that is contrary to the disclosure. For example, the claimed invention is described through an example in paragraph [0054] of the specification. [0054] The agent 217 can be embodied in software and generated by diverse code portion combinations with a fixed interface. Creation of such variations in code portions can be accomplished according to known methods, or combinations of Appeal 2019-004745 Application 15/802,501 5 such methods, including those described in United States Patent Nos. 6,594,761, 6,779,114, 6,842,862, or 7,506,177 each issued to Chow et al. or any other suitable known method. Such variations can be termed “diverse agents” or “updated agents.” Diverse agents are those which have the same functionality, F, but that are structurally and semantically diverse. The objective of generating and deploying diverse agents is to prevent an automated attack -- i.e., an attack developed by a sophisticated attacker that can be sufficiently automated that it is simple to use by an average consumer and that would be applicable to each and every agent deployed in some installed base of devices. Such diverse agents may be deployed across different instantiations of a device, different types of devices, devices sold in different geographic regions or by different operators, etc. The invention includes a first secured software agent and plural other secured software agents generated by diverse code portion combinations. The other secured software agents have the same functionality as the secured software agent, but the other secured software agents are not embedded in the OS of the device. The other secured software agents may be embedded in OS kernels of different devices. Accordingly, the claims are not indefinite, and the rejection should be reversed. Appeal Br. 4. We agree with the above points made by Appellant. The test for definiteness under 35 U.S.C. § 112 is whether “those skilled in the art would understand what is claimed.” Orthokinetics, Inc., v. Safety Travel Chairs, Inc., 806 F.2d 1565, 1576 (Fed. Cir. 1986) (citations omitted). In particular, breadth is not indefiniteness, provided the skilled artisan is reasonably apprised of the meaning of the claim. Metabolite Labs., Inc. v. Lab. Corp. of Am. Holdings, 370 F.3d 1354, 1366 (Fed. Cir. 2004). We agree with Appellant that the metes and bound of the disputed Appeal 2019-004745 Application 15/802,501 6 claim feature in claim 1 would be understood by the skilled artisan particularly in view of paragraph 54 of the Specification. Therefore, we are persuaded the Examiner erred in rejecting claim 1 under 35 U.S.C. § 112, second paragraph. NEW GROUND OF REJECTION Pursuant to our authority under 37 C.F.R. § 41.50(b), we reject claims 1–10 under 35 U.S.C. § 112 second paragraph, as being indefinite and under 35 U.S.C. § 112, first paragraph for failing to comply with the written description requirement. We note that in the Final Action, the Examiner concludes the terms secured software agent recited in the instant claims invoke 35 U.S.C. § 112, sixth paragraph as written in a means-plus-function manner, but lack sufficient corresponding structure in the Specification: Claim limitation “ . . . the secured software agent is configured to. . . ” has/have been interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, because it uses/they use a generic placeholder “configured to” coupled with functional language “insert”, “receive”, “determine” and “limit” without reciting sufficient structure to achieve the function. Furthermore, the generic placeholder is not preceded by a structural modifier. A claim limitation that uses a generic placeholder in place of “means” modified by functional language and the claim does not include sufficiently definite structure to perform the associated function the 112(f) is invoked. … A review of the specification shows that the following appears to be the corresponding structure described in the specification for the 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph limitation: see paragraph [0026]. Appeal 2019-004745 Application 15/802,501 7 Final Act. 4, 5. In response, Appellant contends that “the claimed element does not use the phrase ‘means for’ and thus is presumed to not be construed pursuant to 35 USC §112(f).” Appeal Br. 4. We disagree because the identified terms need not explicitly recite a “means for” performing a function. See Personalized Media Commc’ns, LLC v. Int’l Trade Comm’n, 161 F.3d 696, 703–04 (Fed. Cir. 1998). The Federal Circuit has established that use of the word “means” creates a rebuttable presumption that the inventor intended to invoke § 112, sixth paragraph, whereas failure to use the word “means” creates a rebuttable presumption that the inventor did not intend the claims to be governed by § 112, sixth paragraph. Personalized Media Commc’ns, 161 F.3d at 703–04. However, the presumption that a limitation that does not recite a “means for” or a “step for” and, therefore, is not subject to § 112, sixth paragraph is not a strong one. Williamson v. Citrix Online, LLC, 792 F.3d 1339, 1349 (Fed. Cir. 2015) (concluding “that such a heightened burden is unjustified and that we should abandon characterizing as ‘strong’ the presumption that a limitation lacking the word ‘means’ is not subject to § 112, para. 6”). Rather, the Williamson Court explained: The standard is whether the words of the claim are understood by persons of ordinary skill in the art to have a sufficiently definite meaning as the name for structure. When a claim term lacks the word “means,” the presumption can be overcome and § 112, para. 6 will apply if the challenger demonstrates that the claim term fails to “recite sufficiently definite structure” or else recites “function without reciting sufficient structure for performing that function.” Williamson, 792 F.3d at 1349 (internal citations omitted). “Structure disclosed in the specification qualifies as ‘corresponding structure’ if the Appeal 2019-004745 Application 15/802,501 8 intrinsic evidence clearly links or associates that structure to the function recited in the claim.” Williamson, 792 F.3d at 1352. In the instant case, the Examiner explains the terms “configured to,” in “the secured software agent is configured to” recited in claim 5, is a generic placeholder and lacks sufficient structure in the Specification. 3 Final Act. 4, 5. We find that a “the secured software agent” is merely a nonce word that can operate as a substitute for “means” in the context of a 35 U.S.C. § 112, sixth paragraph analysis and does not connote sufficiently definite structure. See Williamson, 792 F.3d at 1350. Thus, we conclude that 35 U.S.C. § 112, sixth paragraph is invoked. Accordingly, we look to the Specification to determine if there is a corresponding structure that clearly links or associates that structure to the function recited in the claims. Williamson, 792 F.3d at 1352. Although Appellant disputes that § 112, sixth paragraph is invoked, Appellant asserts the Specification describes the claimed secured software agent. Appeal Br. 2 (citing Spec. ¶¶ 26, 48, 54, and 78, Figs. 2A, 2B). The cited portions of the Specification fail to provide a corresponding structure for the claimed secured software agent. Further, the Specification does not recite a sufficient structure or algorithm of secured software agent. In addition, the identified Figures also fail to provide a sufficient corresponding structure of the claimed secured software agent. Thus, we 3 We consider independent claims 1 and 6 to have generic placeholders similar to dependent claim 5. In particular, independent claim 1 recites “first secured software agent is configured to,” and independent claim 6 recites “the secured software agent comprising code for causing the computing device to.” Appeal 2019-004745 Application 15/802,501 9 reject claims 1–10 under 35 U.S.C. § 112 second paragraph, as being indefinite. The Manual of Patent Examining Procedure (“MPEP”) § 2163(II)(A)(3)(a) (9th ed. Rev. 08.2017, Jan. 2018) states that “when a claim is rejected as indefinite under 35 U.S.C. 112(b) or pre-AIA 35 U.S.C. 112, second paragraph, because there is no corresponding structure, materials, or acts, or an inadequate disclosure of corresponding structure, materials, or acts, for a means- (or step-) plus-function claim limitation, then the claim must also be rejected under 35 U.S.C. 112(a) or pre-AIA 35 U.S.C. 112, first paragraph, for lack of an adequate written description.” Accordingly, we reject claims 1-10 under 35 U.S.C. § 112, first paragraph for failing to comply with the written description requirement. REJECTIONS UNDER 35 U.S.C. § 103(a) Issue: Under 35 U.S.C. § 103(a), did the Examiner err by finding the cited combination of Chawla and Berg would have taught or suggested the contested limitations: embed a first secured software agent within an OS kernel of the device, wherein the first secured software agent is one of plural other secured software agents generated by diverse code portion combinations to thereby have the same functionality but be structurally and semantically different and which are not embedded in the OS Kernel of the device, and wherein the first secured software agent is configured to limit access to the OS kernel to provide protection of applications and resources, Appeal 2019-004745 Application 15/802,501 10 within the meaning of representative claim 1? (emphasis added). Independent claim 6 recites similar subject matter.4 We adopt the findings of facts made by the Examiner in the Final Office Action and Examiner’s Answer as our own. We concur with the decision reached by the Examiner in the Examiner’s Answer for the specific reasons discussed below. We have considered Appellant’s Reply Brief, but find it unpersuasive to rebut the Examiner’s responses. Appellant contends that Chawla fails to teach the claimed secured software agents: First, programs 406, 408, and 410 are not configured to limit access to the OS kernel as recited in independent claims 1 and 6. Chawla is directed to controlling access to hardware interfaces of a device to prevent access to networks, VPNs or host service platforms. … Second, the programs of Chawla are not one of multiple other secure software agents created from diverse code portion combinations to thereby have the same functionality but be structurally and semantically different from each other, as is recited in the claims. The programs of Chawla are all installed at the same time in the same device and have different functions (the programs “each provide access to control for a respective set (e.g. class) of hardware interfaces 402 of the mobile device 102.”). See [0062] of Chawla. … Berg is cited as teaching “structurally diverse equivalent copies of software”. See the Office Action at page 7. However, since the software copies of Berg are equivalent, one would not install multiple copies of the software on a single device at the same time. Conversely, one of skill in the art would not be motivated to use the process taught by Berg on the applications of Chawla because the result would be to render the applications of Chawla functionally equivalent. This would frustrate the stated purpose of the application, i.e. to “each provide access to control for a respective set 4 Appellant did not provide separate, substantive arguments with respect to the patentability of claims 2, 3, 7, and 8. Appeal 2019-004745 Application 15/802,501 11 (e.g. class) of hardware interfaces 402 of the mobile device 102.” Also, Berg fails to teach software that controls access to an OK kernel. Appeal Br. 7–9. As to Appellant’s above contentions, we find Appellant is arguing the references separately.4 The Examiner properly identifies the relevant teachings in Chawla and Berg and states how each claimed element is met by those teachings. (Ans. 5, 6). In particular, the Examiner finds, and we agree: Chawla teaches that program 408 is integrated in the OS kernel application layer [0070]. Chawla teaches that this can prevent applications from accessing the set of memory interfaces of the mobile device [0070]. Also, Chawla teaches that programs 406,408 and 410 handle queries to the kernel and determines access permissions [0089, 0091]. … Chawla does not teach that the plurality of secured software agents are generated by diverse code portion combinations to thereby have the same functionality but be structurally and semantically different. Berg teaches creating functionally and structurally diverse equivalent copies of software executables [abstract]. Ans. 5. The Examiner further finds that it “would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains to have modified 4 One cannot show nonobviousness by attacking references individually where the rejections are based on combinations of references. In re Merck & Co., 800 F.2d 1091, 1097 (Fed. Cir. 1986). Appeal 2019-004745 Application 15/802,501 12 Chawla by the teaching of Berg because it helps block malicious code and to filter out unwanted pieces of code [0016].” Final Act. 7. We agree with the Examiner’s findings because all of the features of the structure in the secondary reference need not be bodily incorporated into the primary reference, but consideration should be given to what the combined teachings, knowledge of one of ordinary skill in the art, and the nature of the problem to be solved as a whole would have suggested to those of ordinary skill in the art. See In re Keller, 642 F.2d 413, 425 (CCPA 1981). In that regard, the Supreme Court has held that: [It is error to] assum[e] that a person of ordinary skill attempting to solve a problem will be led only to those elements of prior art designed to solve the same problem. . . . Common sense teaches . . . that familiar items may have obvious uses beyond their primary purposes, and in many cases a person of ordinary skill will be able to fit the teachings of multiple patents together like pieces of a puzzle. KSR Int’l Co. v. Teleflex Inc., 550 U.S. 398, 420 (2007) (citation omitted). Furthermore, the artisan is not compelled to blindly follow the teaching of one prior art reference over the other without the exercise of independent judgment. See Lear Siegler, Inc. v. Aeroquip Corp., 733 F.2d 881, 889 (Fed. Cir. 1984). As such, Chawla would have been adjusted to accommodate teachings from Berg by one of ordinary skill in the art. Claim 4 depends from claim 1 and recites “detect an attack on the first secured software agent; analyze the attack; replace the first secured software agent with a second secured software agent that is one of the plural secured software agents, wherein the second secured software agent incorporates a new functionality designed to prevent the attack.” Appellant argues that Appeal 2019-004745 Application 15/802,501 13 Gleichauf, as relied on by the Examiner, fails to “diverse” agents, as defined in the claim and that “the replacement agent does not have a new functionality that is designed to prevent the attack.” Appeal Br. 10. Gleichauf teaches, inter alia, a remedial action in which a policy controller takes various actions in response to detecting a problem or anomaly. Gleichauf ¶ 74. The specific action taken may vary based on the “logical location in a network hierarchy of a security perimeter.” Gleichauf ¶ 75. Gleichauf describes an example scenario in which an application encrypting data traffic has been compromised. Gleichauf ¶ 79. As a result of detecting the problem, the policy controller may “repair or replace[]” the compromised agent. Gleichauf ¶ 79. We agree with the Examiner (see Ans. 6–7) that Gleichauf’s description of detecting and analyzing an attack and replacing the compromised agent with a second agent at least suggests the replacement agent differs from the compromised agent such that is designed to prevent the attack from recurring. Accordingly, we sustain the Examiner’s rejection of claim 4 and, for similar reasons, we sustain the Examiner’s rejection of claim 9, which recites commensurate limitations. Regarding dependent claim 5 (and similarly with respect to dependent claim 10), Appellant argues that Paris, as relied on by the Examiner, fails to teach “ insert[ing] one or more upcalls at points in the OS kernel where a user-level system call from an application would result in access to an internal OS kernel object and received, from the OS kernel, via at least one of the one or more upcalls, a request to modify or debug functionality of the application.” Appeal Br. 10. Appeal 2019-004745 Application 15/802,501 14 We do not find Appellant’s conclusory assertions persuasive of Examiner error because 37 C.F.R. § 41.37(c)(1)(iv) requires more substantive arguments in an Appeal Brief than a mere recitation of the claim elements and a naked assertion that the corresponding elements were not found in the prior art. See In re Lovin, 652 F.3d 1349, 1357 (Fed. Cir. 2011). Contrary to Appellant’s assertions, the Examiner makes comprehensive findings for the recited claim limitations (see, e.g., Final Act. 14–17; Ans. 7). Appellant does not persuasively rebut these findings. Accordingly, we sustain the Examiner’s rejection of claim 5 and, for similar reasons, we sustain the Examiner’s rejection of claim 10, which recites commensurate limitations. Accordingly, Appellant has not provided sufficient evidence or argument to persuade us of any reversible error in the Examiner’s reading of the contested limitations on the cited prior art, or in the proper combinability of the prior-art references as suggested by the Examiner. Therefore, we sustain the Examiner’s obviousness rejections of claims 1–10. CONCLUSION The Appellant has demonstrated the Examiner erred in rejecting claims 1–10 as being unpatentable under 35 U.S.C. § 112, second paragraph. We affirm the Examiner’s decision rejecting claims 1–10 under 35 U.S.C. § 103(a). We newly reject claims 1–10 under 35 U.S.C. § 112, second paragraph as being indefinite. Appeal 2019-004745 Application 15/802,501 15 We newly reject claims 1-10 under 35 U.S.C. § 112, first paragraph for failing to comply with the written description requirement. DECISION SUMMARY In summary: Claims Rejected 35 U.S.C. § Reference(s)/Basis Affirmed Reversed New Ground 1–10 112, second paragraph Indefiniteness 1–10 1–10 112, second paragraph Indefiniteness 1–10 1–10 112, first paragraph Written Description 1–10 1, 6 103(a) Chawla, Berg 1, 6 2, 7 103(a) Chawla, Berg, Swoboda 2, 7 3, 8 103(a) Chawla, Berg, Brinskelle 3, 8 4, 9 103(a) Chawla, Berg, Gleichauf 4, 9 5, 10 103(a) Chawla, Berg, Paris 5, 10 Overall Outcome 1–10 1–10 TIME PERIOD FOR RESPONSE This Decision contains a new ground of rejection pursuant to 37 C.F.R. § 41.50(b). 37 C.F.R. § 41.50(b) provides “[a] new ground of rejection pursuant to this paragraph shall not be considered final for judicial review.” Appeal 2019-004745 Application 15/802,501 16 37 C.F.R. § 41.50(b) also provides that the Appellant, WITHIN TWO MONTHS FROM THE DATE OF THE DECISION, must exercise one of the following two options with respect to the new ground of rejection to avoid termination of the appeal as to the rejected claims: (1) Reopen prosecution. Submit an appropriate amendment of the claims so rejected or new Evidence relating to the claims so rejected, or both, and have the matter reconsidered by the examiner, in which event the proceeding will be remanded to the examiner. . . . (2) Request rehearing. Request that the proceeding be reheard under § 41.52 by the Board upon the same Record. . . . Further guidance on responding to a new ground of rejection can be found in the Manual of Patent Examining Procedure § 1214.01. AFFIRMED; 37 C.F.R. 41.50(b) Copy with citationCopy as parenthetical citation
