11026813 (P.T.A.B. Jun. 22, 2018)

Ex Parte Cottrell et al

Patent Trial and Appeal BoardJun 22, 2018

11026813 (P.T.A.B. Jun. 22, 2018)

UNITED STA TES p A TENT AND TRADEMARK OFFICE APPLICATION NO. FILING DATE FIRST NAMED INVENTOR 111026,813 12/29/2004 Andrew Cottrell 22429 7590 06/26/2018 HAUPTMAN HAM, LLP 2318 Mill Road Suite 1400 ALEXANDRIA, VA 22314 UNITED STATES DEPARTMENT OF COMMERCE United States Patent and Trademark Office Address: COMMISSIONER FOR PATENTS P.O. Box 1450 Alexandria, Virginia 22313-1450 www .uspto.gov ATTORNEY DOCKET NO. CONFIRMATION NO. T5077-075 5799 EXAMINER RUTTEN, JAMES D ART UNIT PAPER NUMBER 2197 NOTIFICATION DATE DELIVERY MODE 06/26/2018 ELECTRONIC Please find below and/or attached an Office communication concerning this application or proceeding. The time period for reply, if any, is set in the attached communication. Notice of the Office communication was sent electronically on above-indicated "Notification Date" to the following e-mail address( es): docketing@ipfirm.com pair_lhhb@firsttofile.com EAnastasio@IPFirm.com PTOL-90A (Rev. 04/07) UNITED STATES PATENT AND TRADEMARK OFFICE BEFORE THE PATENT TRIAL AND APPEAL BOARD Ex parte ANDREW COTTRELL, JITHENDRA BETHUR, TIMOTHY J. MARKEY, M. SRIKANT, and LAKSHMANAN SRINIVASAN Appeal 2016-005143 Application 11/026,813 Technology Center 2100 Before MAHSHID D. SAADAT, BRUCE R. WINSOR, and MINN CHUNG, Administrative Patent Judges. CHUNG, Administrative Patent Judge. DECISION ON APPEAL Appellants appeal under 35 U.S.C. Â§ 134(a) from a final rejection of claims 19--38, which constitute all the claims pending in this application. 1 We have jurisdiction under 35 U.S.C. Â§ 6(b). We AFFIRM. 1 The real party in interest identified by Appellants is Kinglite Holdings Inc., Singapore. App. Br. 2. Appeal 2016-005143 Application 11/026,813 STATEMENT OF THE CASE Appellants' invention relates to "securely updating firmware" in electronic devices. (Spec. i-f 1.) Claim 19, which is illustrative, reads as follows, with the disputed limitation emphasized in italics: 19. A method for updating an electronic device having a nonvolatile memory, comprising: receiving a digitally signed container encrypted with a private encryption key, the private encryption key corresponding to a public encryption key forming an encryption key pair, the digitally signed container including a firmware update image coming from a source and a first hash code derived from the firmware update image with a hash function; authenticating the source of the firmware update image using the public encryption key to decrypt the digitally signed container to obtain the firmware update image and the first hash code; authenticating the firmware update image by hashing the firmware update image with the hash code[2] to derive a second hash code and determining the first hash code matches the second hash code; replacing a current firmware image with the firmware update image if the source of the firmware update image is authenticated and the firmware update image is authenticated, wherein the public key is embedded in the nonvolatile memory of the electronic device. 2 In the event of further prosecution, Appellants and the Examiner may wish to consider whether this instance of the phrase "the hash code" has as its antecedent basis the previously recited "a first hash code" or the previously recited "a hash function." 2 Appeal 2016-005143 Application 11/026,813 The Examiner relies on the following prior art in rejecting the claims. Grimmer Leeper Zimmer us 5,774,552 US 2003/0195935 Al US 2005/0021968 Al June 30, 1998 Oct. 16, 2003 Jan.27,2005 Claims 19-38 stand rejected under 35 U.S.C. Â§ 103(a) as being unpatentable over Zimmer, Grimmer, and Leeper. (Ans. 2.) Rather than repeat the arguments here, we refer to the Appeal Brief ("App. Br." filed Sept. 16, 2015), the Reply Brief ("Reply Br." filed Apr. 12, 2016), the Answer ("Ans." mailed Feb. 29, 2016), and the Final Rejection ("Final Act." mailed Apr. 16, 2015) for the respective positions of Appellants and the Examiner. ISSUE The dispositive issue presented by Appellants' contentions is as follows: Did the Examiner err in in combining Zimmer with Grimmer to teach, suggest, or render obvious "replacing a current firmware image with the firmware update image if the source of the firmware update image is authenticated and the firmware update image is authenticated" (the "disputed limitation"), as recited in claim 19? ANALYSIS In rejecting claim 19, the Examiner finds that the combination of Zimmer and Grimmer teaches, suggests, or renders obvious the disputed limitation set forth above. See Final Act. 3---6. First, the Examiner finds that 3 Appeal 2016-005143 Application 11/026,813 Zimmer teaches replacing the current firmware with the firmware update image "if the signature check passes." Id. at 6 (citing Zimmer i-f 5 2). As the Examiner explains, Zimmer' s signature check on the firmware update image authenticates the source of firmware update image. Id. at 4--5 (citing Zimmer, Abstract ("the authentication credential will identify a manufacture"), i-fi-1 4, 21-22, 48). Hence, the Examiner finds that Zimmer teaches or suggests "replacing a current firmware image with the firmware update image if the source of the firmware update image is authenticated," as recited in claim 19. Id. at 4--6; Ans. 3--4. With respect to the recitation of authenticating the firmware update image, the Examiner relies on Grimmer' s disclosure of validating the integrity of message data by hashing the data (Final Act. 4 (citing Grimmer, 3:46-60, 3:66--4:4, Fig. 3)) and finds that applying Grimmer's hashing of data to Zimmer's firmware update image teaches, suggests, or renders obvious authenticating the firmware update image by hashing the image data and matching hash codes (id. at 5---6 ( citing Grimmer, 3 :46-57, Fig. 3)). Having found that Zimmer teaches or suggests "authenticating the source of firmware update image" and the combination of Zimmer and Grimmer teaches, suggests, or renders obvious "authenticating the firmware update image," the Examiner further cites Grimmer's disclosure that "[a] digital signature can be used for both message and sender authentication" (id. at 6 (emphases added) (citing Grimmer, 3:34--35)) and finds that the combined teachings from Grimmer and Zimmer of using digital signatures for authentication teaches, suggests, or renders obvious replacing the firmware image with an update image "if the source of the firmware update image is authenticated" and "the firmware 4 Appeal 2016-005143 Application 11/026,813 update image is authenticated," as recited in claim 19. Id. at 6; Ans. 4--5 (citing Grimmer, 3 :34--35). Appellants contend that the Examiner failed to show how the proposed combination of Zimmer and Grimmer would have suggested "replacing a current firmware image with the firmware update image if the source of the firmware update image is authenticated and the firmware update image is authenticated" (i.e., the "disputed limitation"). 3 App. Br. 10. Although Appellants concede "[paragraph 52] of Zimmer ... discusses that existing firmware is updated 'if the signature check passes,'" Appellants assert "there is no discussion in Grimmer that [Grimmer's authentication of both message and sender] would trigger the replacement of a current firmware image as recited in claim 19." Id. (emphasis added); Reply Br. 2. Appellants further argue "Grimmer merely discusses that if both encryption and digital signature techniques are to be used, the message is first encrypted using RSA, then signed using a digital signature, and then the encrypted data and digital signature would be sent to the recipient," not replace data. App. Br. 10 (citing Grimmer, 3:66-4:3); Reply Br. 5. Appellants' argument is unpersuasive because claim 19 does not recite "trigger[ing]" the replacement of a current firmware image. Furthermore, the Examiner relies on Zimmer, not Grimmer, to teach replacing the current firmware with the firmware update image "if the signature check passes." See Final Act. 6. Appellants' argument is unpersuasive because Appellants do not address the combination of Zimmer 3 Appellants refer to the "if ... and ... "clause of the disputed limitation as the "two-part if/then test." App. Br. 11. 5 Appeal 2016-005143 Application 11/026,813 and Grimmer as proposed by the Examiner in the Examiner's rejection. In addition, Appellants' argument is unpersuasive because Appellants focus on the individual teaching of Grimmer when the Examiner's rejection is based on the combined teachings of Zimmer and Grimmer. Nonobviousness cannot be established by attacking the references individually when the unpatentability challenge is based on a combination of prior art disclosures. See In re Merck & Co. Inc., 800 F.2d 1091, 1097 (Fed. Cir. 1986). Focusing on the Examiner's Answer addressing the purported "two- part if/then test" of the disputed limitation, Appellants further contend that "the Examiner did not show how one of ordinary skill would have modified Zimmer to incorporate an authentication ... such that the authentication discussed in Grimmer is used to replace data." Reply Br. 5---6 (citing Ans. 4). Appellants' argument is unpersuasive because Appellants do not fully address the Examiner's rejection of claim 19 as a whole. As discussed above, the Examiner finds that Zimmer teaches or suggests the limitation of claim 19 reciting "authenticating the source of firmware update image" (Final Act. 4--5) and the combination of Zimmer and Grimmer teaches, suggests, or renders obvious the limitation reciting "authenticating the firmware update image" (id. at 5---6). The purported "two-part if/then test," i.e., updating the firmware image "if the source of the firmware update image is authenticated and the firmware update image is authenticated," includes essentially the same recitations. Hence, the Examiner refers to his findings regarding the limitations reciting "authenticating the source of firmware update image" and "authenticating the firmware update image" (see Ans. 3-5) to find, as discussed above, the combination of Zimmer and Grimmer teaches, suggest, or renders obvious 6 Appeal 2016-005143 Application 11/026,813 the disputed limitation, including "both parts" of the purported "two-part if/then test." Id. at 4--5. We agree with the Examiner that the proposed combination of Zimmer and Grimmer teaches, suggests, or renders obvious the disputed limitation. Appellants' argument is unpersuasive because Appellants take the Examiner's discussion of the disputed limitation out of the context of the Examiner's rejection of claim 19 as a whole and do not address the Examiner's findings regarding the other limitations of claim 19, which include essentially the same recitations as the "two-part" conditional clause of the disputed limitation. See App. Br. 10; Reply Br. 5---6. Appellants further assert that the Examiner made no assertion as to why or how Grimmer and Zimmer would have been combinable to render the disputed limitation obvious. App. Br. 10. Appellants contend that "the Examiner merely asserted that individual features recited in the claims were separately described in Zimmer and Grimmer" and "made no attempt to logically link what is allegedly described in Zimmer with what is allegedly described in Grimmer." Id. at 10-11; Reply Br. 3. We disagree with Appellants' arguments. Contrary to Appellants' contentions, the Examiner explains that the references themselves provide suggestions to make the combination. For example, the Examiner finds that a person of ordinary skill in the art at the time of the invention would have been motivated to use Zimmer's update image with Grimmer's hash function "in order to provide authentication and/or validation as suggested by Grimmer." Final Act. 4 (emphasis added) (citing Grimmer, 3 :46---60). Similarly, the Examiner finds that it would have been obvious to one of ordinary skill to use Zimmer's authentication with Grimmer's encryption "in order to secure data contents and be confident of 7 Appeal 2016-005143 Application 11/026,813 the identity of the sender as suggested by Grimmer." Id. at 5 (emphasis added) (citing Grimmer, 2 :42--46, 3 :27-29). The portions of Grimmer cited by the Examiner describe that "[ d] igital signature authentication allows the receiver of the message to be confident of the identity of the sender and/or the integrity of the message" (Grimmer, 3:27-29 (emphasis added)) and that "[t]he digital signature process is shown in FIG. 3," which illustrates the process to "validate the integrity of the data" and "authenticat[ e] that the message is from who it says it is from" (id., 3:46-60 (emphasis added)). As discussed above, the Examiner explains that Zimmer's authentication involves a "digital signature" and performing a "signature check" on the firmware update image by using an encryption key. Final Act. 4--5 (citing Zimmer, Abstract, i-fi-1 4, 21, 22, 48). As also discussed above, the Examiner finds that Zimmer teaches replacing the current firmware with the firmware update image "if the signature check passes." Id. at 6 (emphasis added) (citing Zimmer i1 52). The Examiner also relies on Grimmer's disclosure that "[a] digital signature can be used for both message and sender authentication" (id. at 6 (emphases added) (citing Grimmer, 3 :34--35)) to find that the combined teachings of Grimmer's and Zimmer's use of digital signatures for authentication teaches, suggests, or renders obvious "both parts" of the purported "two-part if/then test" of the disputed limitation. Ans. 4--5 (citing Grimmer, 3:34--35); Final Act. 6. Hence, the Examiner has provided sufficient explanation and supporting evidence that Zimmer and Grimmer disclose closely related subject matter relating to the use of digital signatures for authenticating data and the source of the data. Therefore, we agree with the Examiner that the suggestions to combine Zimmer and Grimmer as proposed by the Examiner 8 Appeal 2016-005143 Application 11/026,813 are found in the references themselves and the "logical link" between the Zimmer's and Grimmer's disclosures is described in the references. See Ans. 3--4. In a related argument, Appellants assert the Examiner relied on impermissible hindsight reasoning in finding claim 19 obvious over the combination of Zimmer, Grimmer, and Leeper. App. Br. 11; Reply Br. 6. In response, the Examiner explains that the Examiner's rejection does not include any knowledge gleaned only from the disclosure in Appellants' application but, rather, relies only on the knowledge known to a person of ordinary skill in the art at the time of the invention. Ans. 5. The Examiner further explains that the references themselves provide the reasons and basis for finding claim 19 obvious. Id. For the reasons discussed above, we agree with the Examiner and disagree with Appellants' argument that the Examiner relied on impermissible hindsight reasoning. We have reviewed the remainder of Appellants' arguments and find them unpersuasive. For example, Appellants assert that the Examiner's rejection failed to consider claim 19 as a whole. We disagree with Appellants' argument. Contrary to Appellants' contention, as discussed above, the Examiner addresses the disputed limitation in the context of claim 19 as a whole, including other limitations reciting "authenticating the source of the firmware update image" and "authenticating the firmware update image," whereas Appellants' arguments do not fully address the Examiner's rejection of claim 19 as a whole. Accordingly, we are not persuaded that the Examiner erred in rejecting claim 19 and therefore sustain the Examiner's rejection of claim 19. Regarding independent claims 26 and 33, Appellants acknowledge that 9 Appeal 2016-005143 Application 11/026,813 claims 26 and 33 each recite limitations similar to those discussed above with respect to claim 19 and rely on the same arguments Appellants advanced concerning claim 19. See App. Br. 13. Thus, we sustain the Examiner's rejection of independent claims 26 and 33 for the same reasons discussed above with respect to claim 19. Appellants have not separately argued any of the rejections of the following dependent claims: claims 20-25, 27-32, and 34--3 8, which depend from claims 1, 26, and 33, respectively. We, therefore, sustain the Examiner's rejection of these dependent claims for the same reasons discussed above with respect to claim 19. DECISION The decision of the Examiner to reject claims 19-38 is affirmed. No time period for taking any subsequent action in connection with this appeal may be extended under 37 C.F.R. Â§ 1.136(a)(l )(iv). AFFIRMED 10