14289859 (P.T.A.B. Jul. 17, 2017)

Ex Parte Chebiyyam et al

Patent Trial and Appeal BoardJul 17, 2017

14289859 (P.T.A.B. Jul. 17, 2017)

United States Patent and Trademark Office UNITED STATES DEPARTMENT OF COMMERCE United States Patent and Trademark Office Address: COMMISSIONER FOR PATENTS P.O.Box 1450 Alexandria, Virginia 22313-1450 www.uspto.gov APPLICATION NO. FILING DATE FIRST NAMED INVENTOR ATTORNEY DOCKET NO. CONFIRMATION NO. 14/289,859 05/29/2014 Gopi Chebiyyam P52444C (920-0117USC) 1040 13205 7590 11/15/2017 Rlank Rome. T T P - MoAfee EXAMINER 717 Texas Avenue TRUVAN, LEYNNA THANH Suite 1400 Houston, TX 77002 ART UNIT PAPER NUMBER 2435 NOTIFICATION DATE DELIVERY MODE 11/15/2017 ELECTRONIC Please find below and/or attached an Office communication concerning this application or proceeding. The time period for reply, if any, is set in the attached communication. Notice of the Office communication was sent electronically on above-indicated "Notification Date" to the following e-mail address(es): hou stonpatents @ blankrome .com PTOL-90A (Rev. 04/07) UNITED STATES PATENT AND TRADEMARK OFFICE BEFORE THE PATENT TRIAL AND APPEAL BOARD Ex parte GOPI CHEBIYYAM and PRASANNA BASAVAPATNA Appeal 2017-002476 Application 14/289,8591 Technology Center 2400 Before ALLEN R. MacDONALD, KEVIN C. TROCK, and PHILLIP A. BENNETT, Administrative Patent Judges. BENNETT, Administrative Patent Judge. DECISION ON REQUEST FOR REHEARING 1 Appellants’ Brief (“App. Br.”) identifies McAfee, Inc. as the real party interest. App. Br. 3. Appeal 2017-002476 Application 14/289,859 STATEMENT OF THE CASE This is a decision on Appellants’ Request for Rehearing. Appellants’ Request for Rehearing is filed under 37 C.F.R. § 41.52,2 requesting that we reconsider our Decision of July 19, 2017, wherein we affirmed-in-part the Examiner’s rejection of claims 1—20, and we entered new grounds of rejection as to claims 1 and 14. We have reconsidered our Decision in light of Appellants’ comments in the request. We are persuaded of error with respect to the new ground of rejection of claim 1 as set forth in our decision. We, therefore, change the result of the Decision as discussed below. We decline to otherwise change the result of the Decision. Exemplary Claims The claims are directed to a system, method, and computer program product for preventing access to data with respect to a data access attempt associated with a remote data sharing session. Spec. Abstract. Claims 1, 7, and 14 are independent claims, and they are reproduced below. 1. A non-transitory machine-readable medium, on which are stored instructions, comprising instructions that when executed cause a machine to: detect an attempt to access a remote location; determine whether the remote location is associated with a remote desktop sharing application; and prevent access to the remote location responsive to the determination. 2 “The request for rehearing must state with particularity the points believed to have been misapprehended or overlooked by the Board.” 37 C.F.R. § 41.52(a)(1). 2 Appeal 2017-002476 Application 14/289,859 7. A non-transitory machine-readable medium, on which are stored instructions, comprising instructions that when executed cause a machine to: detect a request to access data; determine whether the data has a predetermined fingerprint associated with one or more applications; identify an application associated with the request; and determine whether to allow the request based on the predetermined fingerprint and the identified application. 14. A non-transitory machine- readable medium, on which are stored instructions, comprising instructions that when executed cause a machine to: determine whether remote desktop sharing is currently enabled; identify a fingerprint of data to which access is requested; and determine whether to allow access to the data responsive to a match of the fingerprint with a predetermined fingerprint. App. Br. 15—18 (Claims Appendix). Appellants ’ Contentions 1. Appellants contend the Board erred in the Decision because Nothing in Azeez makes a determination whether to permit access based on a determination that the remote location is associated with a remote desktop sharing application. Instead, Azeez (as the Board notes) recites a router 130 that “queries a desktop permission manager 135 to determine if the requested office computer is allowed remote access.” Azeez recites the router 130 as querying the desktop permission manager 135. Unlike claim 1, however, the decision to allow or permit access by the desktop permission manager 135 is not based on whether the office computer to which remote access is desired is associated with a remote desktop sharing application. Instead, “[t]he desktop permission management [sic] 135 may be as simple as a list of office computers allowed remote access or may 3 Appeal 2017-002476 Application 14/289,859 be an interface to the previously described asset database that may provide authentication and authorization.” (Azeez and [0024].) Azeez appears to assume that the office desktop computer 150 allows remote desktop sharing through a server display module such as the Windows XP Remote Desktop Protocol (RDP) module (Azeez at [0025]), but the presence or absence of such a module is not part of the decision on whether to allow remote access. (Request 2.) 2. Appellants further contend: The Board rejected the Examiner’s only disclosure of the use of a fingerprint reader as “insufficient to anticipate claim 7,” but then found a completely new rationale for arguing that Dixon anticipates claim 7, arguing in this new way that Dixon “discloses determining whether the data has a predetermined fingerprint associate with one or more applications,” and thus sustaining the rejection of claim 7. This completely new rationale, even though based on the same references used by the Examiner, should have been designated a new ground of rejection, and Applicant respectfully requests the Board so designate the rejection. (Request 5 (internal citation omitted).) 3. Appellants further contend: Although Dixon recites using the fingerprint of a website to determine whether the website is a clone of another website, a decision on whether to allow access to a candidate clone website appears in Dixon to be based solely on the reputation of the website to which access is requested. Nothing in Dixon attempts to identify the application associated with the request. The Board’s reasoning appears to be that the data on the website may include executable applications. However, those applications are not applications that are separately identified as associated with the request and the identity of the application used as part of a decision on whether to grant access to the website. Rather, even where applications found in the website content are considered, 4 Appeal 2017-002476 Application 14/289,859 Dixon only recites using that as part of the reputation of the website. The fingerprint constructed by extracting phrases of the website has nothing to do with the identity of any application found in the website. (Request 5—6.) ANALYSIS First Contention We are persuaded by Appellants’ first contention. Although Azeez discloses allowing or permitting access by the desktop permission manager 135 based on whether a workstation is on list of office computers allowed remote access, the fact that a workstation is on the list is not dispositive of whether the workstation is associated with a remote desktop sharing application as required by the claims. Anticipation requires strict identity, and while Azeez discloses a system very similar to Appellants’ invention, it does not disclose the invention in an identical way. Accordingly, we are persuaded of error in the new ground of rejection of claim 1, and we hereby withdraw that rejection. Second Contention We are not persuaded by Appellants second contention. Appellants argue the rationale relied upon in affirming the rejection of claim 7 should have been designated a new ground of rejection. We disagree. Although we rejected the Examiner’s finding that Dixon’s use of a fingerprint reader is sufficient to establish anticipation, this was not the only basis on which the Examiner rejected the claim. The Examiner also rejected claim 7 based on Dixon’s disclosure of clone websites, described in paragraphs 160—161. See, e.g., Ans. 14—15 (“Thus, Dixon teaches another form of a ‘fingerprint’ per se 5 Appeal 2017-002476 Application 14/289,859 that is associated to a website.”) Our decision addressed this additional rationale provided by the Examiner. We do not find persuasive Appellants’ claim of unfair surprise, as Appellants addressed this same finding made by the Examiner regarding website clones in the Reply Brief. See Reply Br. 9— 10. Therefore, we are not persuaded our affirmance of the rejection of claim 7 should have been designated a new ground of rejection, and we decline to change the decision in that respect. Third Contention We also are not persuaded by Appellants’ third contention. The crux of Appellants’ argument is that the “fingerprint constructed by extracting phrases of the website has nothing to do with the identity of any application found in the website.” (Request 6.) This argument is not commensurate with the scope of the claim. The claim does not require the fingerprint be associated with the identity of an application found in the website. Rather, it merely requires the fingerprint be “associated with one or more applications.” The word “associated” has a broad meaning. For example, one dictionary defines associated to mean “connected with something else.” Oxford American Dictionary, 3d. Ed., p. 96 (2010). As we explained in our decision, web content assigned a reputation may include an executable application. Dixon 17. Dixon’s reputation service implements the clone detection facility by creating a fingerprint of web content assigned a bad reputation. The web content assigned a bad reputation can include an executable application. As such, the fingerprint is associated with, i.e., connected with, an executable application. Accordingly, we are not persuaded of error in our decision to affirm the rejection of claim 7, and we decline to change its result. 6 Appeal 2017-002476 Application 14/289,859 DECISION In view of the foregoing discussion, we grant Appellants’ Request for Rehearing and reconsider our decision. We decline to change the result with respect to the rejection of claim 7 as request by Appellants. Nor do we designate the rejection of claim 7 as a new ground as requested. However, we are persuaded by Appellants’ contentions with respect to the new ground of rejection of claim 1. Accordingly, we hereby withdraw the rejection of claim 1 as being anticipated by Azeez. Although Appellants assert the new ground of rejection for claim 14 is flawed (Request 6), Appellants present no argument or explanation of why the new ground of rejection under 35 U.S.C. § 103(a) is improper. On a request for rehearing, the burden falls on the Appellant to “state with particularity the points believed to have been misapprehended or overlooked by the Board.” 37 C.F.R. § 41.52(a)(1). Because Appellants have not discussed with particularity any perceived error in our new ground of rejection of claim 14, we decline to withdraw the new ground of rejection issued with respect thereto. No time period for taking any subsequent action in connection with this appeal may be extended under 37 C.F.R. § 1.136(a). See 37 C.F.R. § 1.136(a)(l)(iv). REQUEST FOR REHEARING GRANTED-IN-PART 7