Ex Parte Bolik et alDownload PDFPatent Trial and Appeal BoardMar 28, 201612960866 (P.T.A.B. Mar. 28, 2016) Copy Citation UNITED STA TES p A TENT AND TRADEMARK OFFICE APPLICATION NO. FILING DATE 12/960,866 12/06/2010 63400 7590 03/30/2016 IBM CORP, (DHJ) c/o DAVID H. JUDSON 15950DALLAS PARKWAY SUITE 225 DALLAS, TX 75248 FIRST NAMED INVENTOR Christian Bolik UNITED STATES DEPARTMENT OF COMMERCE United States Patent and Trademark Office Address: COMMISSIONER FOR PATENTS P.O. Box 1450 Alexandria, Virginia 22313-1450 www .uspto.gov ATTORNEY DOCKET NO. CONFIRMATION NO. A US920100368US 1 8074 EXAMINER ZAIDI, SYED A ART UNIT PAPER NUMBER 2493 NOTIFICATION DATE DELIVERY MODE 03/30/2016 ELECTRONIC Please find below and/or attached an Office communication concerning this application or proceeding. The time period for reply, if any, is set in the attached communication. Notice of the Office communication was sent electronically on above-indicated "Notification Date" to the following e-mail address( es): mail@davidjudson.com PTOL-90A (Rev. 04/07) UNITED STATES PATENT AND TRADEMARK OFFICE BEFORE THE PATENT TRIAL AND APPEAL BOARD Ex parte CHRISTIAN BOLIK, NEETA GARIMELLA, JAYASHREE RAMANATHAN, MARKUS ROHWEDDER, and ZHIGUO HUANG Appeal2014-005997 Application 12/960,866 Technology Center 2400 Before ROBERT E. NAPPI, ERIC S. FRAHM, and SCOTT B. HOWARD, Administrative Patent Judges. HOW ARD, Administrative Patent Judge. DECISION ON APPEAL Appellants 1 appeal under 35 U.S.C. § 134(a) from a Final Rejection of claims 1-24, which constitute all of the claims pending in this application. We have jurisdiction under 35 U.S.C. § 6(b). We reverse. 1 Appellants identify International Business Machines Corporation as the real party in interest. App. Br. 1. Appeal2014-005997 Application 12/960,866 THE INVENTION The claimed invention is directed to identity based auditing within a multiple application environment. A user uses a first application to execute a remote access login of a second application using a system account. Although the remote access login was performed using a system account, the identity of the user is propagated from the first application to the second application. As a result, audit records generated by each of these applications contain the user identity. Spec. 3 :2---6. Claim 1, reproduced below, is illustrative of the claimed subject matter: 1. A method for identity-based auditing in a data processing system comprising a set of applications, at least first and second of the applications maintaining distinct identity registries, compnsmg: upon receipt of a request at a first application, the request being associated with a user identity, executing a remote access login to a second application using a system account while passing in the user identity; performing an operation using the second application; and writing an audit log entry associated with the second application, the audit log entry being associated with the user identity. REFERENCES The prior art relied upon by the Examiner as evidence in rejecting the claims on appeal is: Lusen US 2004/0128169 Al July 1, 2004 Ting US 2008/0184349 Al July 31, 2008 David Huemer et al., "Towards a Side Access Free Data Grid Resource by Means of Infrastructure Clouds," 2009 International Conference on Parallel Processinf!. Workshops, pp. 198-205 (2009) ("Huemer") 2 Appeal2014-005997 Application 12/960,866 REJECTIONS Claims 1, 3, 7-9, 11, 15-17, 19, 23, and 24 stand rejected under 35 U.S.C. § 103(a) as being unpatentable over Ting. Final Act. 14--18. Claims 2, 10, and 18 stand rejected under 35 U.S.C. § 103(a) as being unpatentable over Ting in view of Huemer. Final Act. 18-20. Claims 4--6, 12-14, and 20-22 stand rejected under 35 U.S.C. § 103(a) as being unpatentable over Ting in view of Lusen. Final Act. 20- 23. ANALYSIS We have reviewed the Examiner's rejection in light of Appellants' arguments that the Examiner erred. In reaching this decision, we consider all evidence presented and all arguments made by Appellants. We agree with Appellants' arguments regarding the pending claims. Appellants argue Ting does not teach or suggest "writing an audit log entry associated with the second application, the audit log entry being associated with the user identity" as recited in claim 1 and similarly recited in independent claims 9 and 17. App. Br. 11-13. Although Appellants concede that Ting discloses audit records, Appellants argue Ting does not teach or suggest the specific characteristics of the claimed audit log associated with a user's identity that is passed from the first application to the second application. Id.; see also Reply Br. 5---6. The Examiner finds Ting discloses that "the single-sign-on agent records and performs a user's activity audit as the user accesses one or more applications." Final Act. 15 (citing Ting i-fi-135-37); Ans. 9 ("Ting 3 Appeal2014-005997 Application 12/960,866 summarily teaches the SSO agent keeps an audit record of a user's activity as the user accesses one or more applications."). The Examiner further finds "Ting ties the identity of the user with user's activities in one or more applications and stores the information for monitoring requirements." Ans. 10. Based on the record before us and the specific evidence relied on by the Examiner, we agree with Appellants that the Examiner erred. Although Ting states a user profile can contain "audit records of a user's activities within an application" (Ting i-f 37), we agree with Appellants that the sections cited by the Examiner do not teach or suggest the specific audit log entries recited in claim 1. Because we agree with at least one of the arguments advanced by Appellants, we need not reach the merits of Appellants' other arguments. Accordingly, we are constrained on this record to reverse the Examiner's rejection of claims 1, 9, and 17, and dependent claims 2-8, 10- 16, and 18-24. DECISION For the above reasons, we reverse the Examiner's rejections of claims 1-24. REVERSED 4 Copy with citationCopy as parenthetical citation
