Asavie R&D LimitedDownload PDFPatent Trials and Appeals BoardJul 14, 20202019002197 (P.T.A.B. Jul. 14, 2020) Copy Citation UNITED STATES PATENT AND TRADEMARK OFFICE UNITED STATES DEPARTMENT OF COMMERCE United States Patent and Trademark Office Address: COMMISSIONER FOR PATENTS P.O. Box 1450 Alexandria, Virginia 22313-1450 www.uspto.gov APPLICATION NO. FILING DATE FIRST NAMED INVENTOR ATTORNEY DOCKET NO. CONFIRMATION NO. 15/244,074 08/23/2016 Thomas Maher 2055-032C 9838 27820 7590 07/14/2020 WITHROW & TERRANOVA, P.L.L.C. 106 Pinedale Springs Way Cary, NC 27511 EXAMINER LE, CANH ART UNIT PAPER NUMBER 2439 NOTIFICATION DATE DELIVERY MODE 07/14/2020 ELECTRONIC Please find below and/or attached an Office communication concerning this application or proceeding. The time period for reply, if any, is set in the attached communication. Notice of the Office communication was sent electronically on above-indicated "Notification Date" to the following e-mail address(es): patents@wt-ip.com PTOL-90A (Rev. 04/07) UNITED STATES PATENT AND TRADEMARK OFFICE BEFORE THE PATENT TRIAL AND APPEAL BOARD Ex parte THOMAS MAHER Appeal 2019-002197 Application 15/244,074 Technology Center 2400 Before BARBARA A. BENOIT, MICHAEL J. ENGLE, and SCOTT RAEVSKY, Administrative Patent Judges. ENGLE, Administrative Patent Judge. DECISION ON APPEAL STATEMENT OF THE CASE Appellant1 appeals under 35 U.S.C. § 134(a) from the Examiner’s rejection of claims 2–14, 17–20, 22, 23, and 26–29, which are all of the claims pending in the application. We have jurisdiction under 35 U.S.C. § 6(b). We REVERSE. 1 We use the word “Appellant” to refer to “applicant” as defined in 37 C.F.R. § 1.42(a). Appellant identifies Asavie Technologies Ltd. as the real party in interest. Appeal Br. 1. Appeal 2019-002197 Application 15/244,074 2 TECHNOLOGY The application relates to “secure network communication.” Spec. Abstract. ILLUSTRATIVE CLAIM Claim 11 is illustrative and reproduced below (as amended after the Final Office Action) with certain limitations at issue emphasized: 11. A data transmission system for secure data exchange comprising: a client computing device; a broker computing device connected to the client computing device via a first secure network link; a server computing device; an agent computing device connected to the server computing device via a second secure network link and connected to the broker computing device via an unsecured network link; and one or more of a firewall, a proxy, and a network address translation (NAT) device connected between the broker computing device and the agent computing device, wherein: the agent computing device is configured to initiate a secure control session with the broker computing device over the unsecured network link; the client computing device is configured to send a control packet to the broker computing device via the first secure network link; in response to receipt of the control packet, the broker computing device is configured to generate and send a modified version of the control packet to the agent computing device via the unsecured network link using the secure control session; in response to receipt of the modified version of the control packet, the agent computing device is configured Appeal 2019-002197 Application 15/244,074 3 to initiate a connection with the server computing device via the second secure network link; in response to establishment of the connection between the agent computing device and the server computing device, the agent computing device is configured to initiate a secure data session with the broker computing device via the unsecured network link and the one or more of the firewall, the proxy, and the NAT device; and in response to establishment of the secure data session between the agent computing device and the broker computing device, the broker computing device is configured to send a response to the control packet from the client computing device such that a connection is established between the client computing device and the broker computing device. REFERENCES & REJECTIONS The Examiner relies on the following references and rejections. The rejection under 35 U.S.C. § 101 was withdrawn. See Advisory Act. (May 4, 2018). Name Number Date Shaw US 7,661,131 B1 Feb. 9, 2010 Shukla US 2002/0042875 A1 Apr. 11, 2002 Suzuyama US 2003/0028817 A1 Feb. 6, 2003 Xie US 7,107,612 B1 Sept. 12, 2006 Rejected Claims Statute Reference(s) Final Act. 11–14, 22, 23 § 102 Shukla 8–11 2, 3, 7 § 103 Shukla, Suzuyama, Xie 11–15 17–20, 26–29 § 103 Shukla, Suzuyama 15–17 4–6, 8–10 § 103 Shukla, Suzuyama, Xie, Shaw 18–20 Appeal 2019-002197 Application 15/244,074 4 ISSUE Did the Examiner err in finding Shukla discloses “the agent computing device is configured to initiate a secure control session with the broker computing device over the unsecured network link,” as recited in claim 11? ANALYSIS § 102 Appellant argues that the claims require certain packets to flow in opposite directions whereas the prior art Shukla teaches those packets flowing in the same direction. Appeal Br. 10. To understand the claimed directionality of packet flow, we briefly summarize the claimed components and actions required, then turn to Appellant’s specific arguments. The claims require four devices (client, broker, agent, and server) connected by three networks (secure on both ends but insecure in the middle), as can be seen in Figure 1 below. “Figure 1 is a diagram that illustrates communication between a client and a server” by way of a broker and agent. Spec. 4:17–26. The client is connected to the broker via a secure network and the agent is connected to Appeal 2019-002197 Application 15/244,074 5 the server via a secure network, but the broker and agent are connected via an insecure network, such as the Internet. Id. The claims require that the client, broker, and agent each send particular data in a particular direction. Specifically, independent claim 11 recites (1) “the agent computing device is configured to initiate a secure control session with the broker computing device over the unsecured network link”; (2) “the client computing device is configured to send a control packet to the broker computing device via the first secure network link”; and (3) “in response to receipt of the control packet, the broker computing device is configured to generate and send a modified version of the control packet to the agent computing device via the unsecured network link using the secure control session.” The Examiner finds that Shukla discloses these limitations. Final Act. 8–10. The Examiner maps the components of Shukla to claim 11 as follows: Claim 11 Shukla Client End-host A (12) Broker Gateway GA (17) Agent Gateway GB (21) Server End-host B (26) Appellant argues that “Shukla describes a completely conventional packet flow in which control and data sessions are initiated in the direction from the first end host (12) towards the second end host (26), and never in the opposite direction” whereas “Claim 11 requires a secure control session that is established in the opposite direction.” Appeal Br. 10. The Examiner finds Shukla discloses this limitation because in Shukla, “[t]he GB 21 (i.e. Agent), helps in establishing the secure link (i.e. configured to initiate a secure control session) . . . as clearly show[n] in Appeal 2019-002197 Application 15/244,074 6 paragraph 0074.” Ans. 4–5. The relevant portion of paragraph 74 in Shukla states, “The gateways, GA 17 and GB 21, help in establishing the secure link between the two end hosts A 12 and B 26 over the public network 19.” We agree with Appellant. The fact that both gateways “help in establishing the secure link” fails to sufficiently show which gateway initiates the secure link, as required by claim 11. See Reply Br. 3 (“This statement does not in any way indicate that the second gateway (21) could or should initiate a secure control session with the first gateway (17).”). The Examiner further finds that “there is no restriction or requirement put[] on the Gateway GA (17) or the Gateway GB (21) [as to] which one is Broker or Agent, and End-host A (12) or End-host B (26) [as to] which one is Client or Server.” Ans. 5–6. However, we agree with Appellant that “[r]egardless of how the various elements in Shukla are defined [i.e., whether the claimed agent is Gateway GA vs. GB], Shukla does not describe a secure control session being established in one direction (i.e., server towards client) and control packets to establish a connection for data being sent in the opposite direction (i.e., client towards server).” Reply Br. 4. Thus, the Examiner has not sufficiently shown that Shukla discloses the claimed opposite directionality. Accordingly, we do not sustain the Examiner’s § 102 rejection of claims 11–14, 22, and 23. § 103 The Examiner does not rely on obviousness or the other references to cure the deficiencies of Shukla discussed above. See Final Act. 11–20. Accordingly, we do not sustain the Examiner’s § 103 rejections of claims 2–10, 17–20, and 26–29. Appeal 2019-002197 Application 15/244,074 7 DECISION The following table summarizes the outcome of each rejection: Claims Rejected Statute Reference(s) Affirmed Reversed 11–14, 22, 23 § 102 Shukla 11–14, 22, 23 2, 3, 7 § 103 Shukla, Suzuyama, Xie 2, 3, 7 17–20, 26–29 § 103 Shukla, Suzuyama 17–20, 26–29 4–6, 8–10 § 103 Shukla, Suzuyama, Xie, Shaw 4–6, 8–10 OVERALL 2–14, 17–20, 22, 23, 26–29 REVERSED Copy with citationCopy as parenthetical citation
