Ex Parte Sun et alDownload PDFBoard of Patent Appeals and InterferencesJun 22, 201209952520 (B.P.A.I. Jun. 22, 2012) Copy Citation UNITED STATES PATENT AND TRADEMARK OFFICE ____________ BEFORE THE BOARD OF PATENT APPEALS AND INTERFERENCES ____________ Ex parte CHIH-TANG SUN, KIHO YUM, and ABRAHAM R. MATTHEWS ____________ Appeal 2010-003703 Application 09/952,520 Technology Center 2400 ____________ Before BRADLEY W. BAUMEISTER, JEFFREY S. SMITH, and BRIAN J. McNAMARA, Administrative Patent Judges. McNAMARA, Administrative Patent Judge. DECISION ON APPEAL Appeal 2010-003703 Application 09/952,520 2 SUMMARY Appellants appeal under 35 U.S.C. § 134(a) from the Examiner’s final rejection of claims 1-4 under 35 U.S.C. § 102(e) and claims 5 and 6 and 20 under 35 U.S.C. § 103(a)1. We reverse. STATEMENT OF THE CASE Appellants’ invention relates to the delivery of security services over the Internet by routing packets through an encrypting router at the sending end of a secure communications tunnel to obtain encrypted packets and routing the encrypted packets to a decrypting router at the receiving end of an Internet protocol connection. (Abstract) Claim 1 is illustrative. 1. A method of delivering security services through a service provider network, the method comprising: establishing a first routing node within a first processing system; establishing a second routing node within a second processing system; establishing an internet protocol (IP) connection communications path between the first processing system and the second processing system that includes the first routing node and the second routing node, wherein establishing includes: connecting the first routing node to a set of one or more service provider routers of a plurality of service provider routers within the service provider network; and configuring one or more of the plurality of service provider routers to implement a virtual private network between the set of one or more service provider routers and the second routing node; receiving a plurality of data packets into the first routing node; 1 The Brief on Appeal states that the rejection of claim 20 was not appealed because claim 20 had only been rejected once. Because claim 20 was included in the Notice of Appeal filed on June 11, 2009 and is subject to the same rejections as claims 5 and 6, we consider claim 20 in this Appeal. Appeal 2010-003703 Application 09/952,520 3 forwarding the received plurality of data packets to a selected service provider router of the set of one or more service provider routers; encrypting the received plurality of data packets to form encrypted packets within the selected service provider router, without regard to any indication regarding encryption in the received plurality of data packets; sending the encrypted packets from the selected service provider router to the second routing node; receiving the encrypted packets into the second routing node; decrypting the received encrypted packets, without regard to any indication regarding decryption in the received encrypted packets, to form decrypted packets; and sending the decrypted packets to a destination in the second processing system. THE REJECTIONS Claims 1-4 stand rejected under 35 U.S.C. § 102(e) as anticipated by Ho (U.S. patent 7,225,259 B2; May 29, 2007, filed Feb. 21, 2001). Claims 5 and 6 and 20 stand rejected under 35 U.S.C. § 103(a) as unpatentable over Ho in view of Lawrence J. Lang & James Watson, Connecting Remote FDDI Installations with Single-Mode Fiber, Dedicated Lines, or SMDS, 20 ACM SIGCOMM COMPUTER COMM. REV. 72-82 (July 1990). CONTENTIONS The Examiner finds that Ho discloses the claimed subject matter, including the claimed limitation of decrypting received encrypted packets, without regard to any indication of encryption in the received encrypted packets. (Ans. 4).2 The Examiner finds that, contrary to arguments advanced by Appellants, the claims do not require the absence of an indication that 2 Throughout this opinion we refer to the Appeal Brief filed on August 11, 2009, and the Examiner’s Answer mailed on October 27, 2009. Appeal 2010-003703 Application 09/952,520 4 encryption is present, but instead merely require decrypting the packet without regard to the indication in the received packets. (Ans. 10). Appellants contend that Ho teaches away because Ho discloses an encapsulation services header 256 including a field 238 which indicates whether the private IP packet 52 stored in payload 240 is encrypted. As a result, Ho requires an indication of the need for decryption to the recipient of the packet. (App. Br. 12). Citing column 13, lines 50-55, the Examiner contends that Ho does not support Appellants’ position. (Ans. 11). Appellants further argue that the Specification describes a system in which an encryption/decryption indicator is not present. Id. The Examiner disagrees, noting that Appellants’ original Specification at page 27, lines 1-3 and 9-12, discloses there is a bit in the packet that is examined to determine whether to encrypt or decrypt. (Ans. 10). ISSUE Did the Examiner err in finding that Ho disclosed the claimed feature of decrypting received packets without regard to any indication of encryption in the received encrypted packets? ANALYSIS Notwithstanding the discussion in the Appeal Brief and the Examiner's Answer about whether the Specification discloses the presence or absence of an encryption indicator, we are guided by the language of claim 1. Claim 1 does not recite the presence or absence of an encryption indicator. Claim 1 merely recites that data packets are decrypted without regard to any indication regarding encryption in the received data packets. Appeal 2010-003703 Application 09/952,520 5 Thus, claim 1 recites a method which operates independent of the existence of such an indicator. The method recited in claim 1 would be carried out in exactly the same way whether or not an encryption indicator is present. This is not the case in the system disclosed by Ho. Figure 10 of Ho illustrates an encapsulation services packet 50 which includes an encapsulation services header 256 and a payload 250. Ho discloses that a data message 46 encapsulates the encapsulation services packet 50, which, in turn, encapsulates private IP packet 52. (Col. 13, ll. 19- 21). Fields in the encapsulation services packet header 256 indicate various characteristics. For example, field 236 indicates the type of compression used by the private IP packet 52 stored in payload 250, while field 240 indicates whether the payload is a control or data payload. (Col. 13, ll. 27- 29, 56-64). Among the fields Ho discloses is field 238, which indicates whether the private IP packet 52 stored in payload 250 is encrypted. (Col. 13, ll. 40- 42). The presence of a field indicating whether packet 52 is encrypted indicates that in some cases the packet will be encrypted while in other cases it will not be encrypted. Ho also discloses: “If the private IP packets 52 in payload 250 are encrypted, the virtual router 22 at the egress side uses the key pointed to by encryption index 246 to de-encrypt the private IP packet 52 in payload 250.” (Col. 13, ll. 52-55 (emphasis added)). This passage from Ho clearly indicates that decryption occurs only if the private IP packets in the payload are encrypted. This contrasts with claim 1, which recites decrypting the received encrypted packets without regard to any indication regarding decryption in the received encrypted packets. Thus, in Ho the method requires first determining whether the packets in the Appeal 2010-003703 Application 09/952,520 6 payload are encrypted and decrypting only those packets, while in the method recited in claim 1 all received packets are decrypted. We agree with Appellants that Ho does not disclose this feature of the claims, so we do not sustain the rejection of claim 1 under 35 U.S.C. § 102(e). Turning to the rejection under 35 U.S.C. § 103(a), the Examiner does not contend that Lang teaches decrypting all the packets, as recited in claim 1. We agree with Appellants that Lang does not disclose the features of the claimed invention missing in Ho. Therefore, we do not sustain the rejection under 35 U.S.C. § 103(a) as well. Since we reverse the rejections over Ho and Lang, it is not necessary for us to consider whether the disclosure in priority applications 60/232,577 and 60/232,516 is sufficient to render Ho ineffective as a reference. CONCLUSION We conclude that the Examiner erred in finding that Ho disclosed the claimed feature of decrypting received packets without regard to any indication of encryption in the received encrypted packets. ORDER We reverse the rejection of claims 1-4 under 35 U.S.C. § 102(e) as anticipated by Ho. We reverse the rejection of claims 5, 6 and 20 under 35 U.S.C. § 103(a) as unpatentable over Ho in view of Lang. No time period for taking any subsequent action in connection with this appeal may be extended under 37 C.F.R. § 1.136(a)(1)(iv). Appeal 2010-003703 Application 09/952,520 7 REVERSED Babc Copy with citationCopy as parenthetical citation