10167476 (B.P.A.I. Apr. 30, 2010)

Ex Parte Eldar et al

Board of Patent Appeals and InterferencesApr 30, 2010

10167476 (B.P.A.I. Apr. 30, 2010)

UNITED STATES PATENT AND TRADEMARK OFFICE ____________________ BEFORE THE BOARD OF PATENT APPEALS AND INTERFERENCES ____________________ Ex parte AVIGDOR ELDAR, FABIAN TRUMPER, ZVI VLODAVSKY, and ARIEL ROSENBLATT ____________________ Appeal 2009-012857 Application 10/167,476 Technology Center 2400 ____________________ Decided: April 30, 2010 ____________________ Before HOWARD B. BLANKENSHIP, JEAN R. HOMERE, and DEBRA K. STEPHENS, Administrative Patent Judges. STEPHENS, Administrative Patent Judge. DECISION ON APPEAL Appeal 2009-012857 Application 10/167,476 2 Appellants appeal under 35 U.S.C. § 134(a) (2002) from a final rejection of claims 1-46. We have jurisdiction under 35 U.S.C. § 6(b) (2008) and an oral hearing was held April 14, 2010. We AFFIRM. Introduction According to Appellants, the invention is a system and method for diagnosing integrated circuitry to determine the integrity of stored security records (Spec. 1, [1] - [4]). An encryption engine is placed in an off-line mode and encrypts or decrypts test data using the same algorithms and security records as if operating on-line (Spec., Abstract). The processed data is then compared to data that should have been generated if the encryption engine were using a correct security record (id.). If the data match, the security record is determined not to be corrupted (id.). STATEMENT OF THE CASE Exemplary Claim Claim 1 is an exemplary claim and is reproduced below: 1. A diagnostic method for a security record, comprising: causing the networking circuit to enter a loopback mode, providing test data to the networking circuit, receiving processed test data from the networking circuit, the processed test data having been generated with reference to the networking circuit's copy of the security record, generating expected processed test data from the test data with reference to a local copy of the security record, Appeal 2009-012857 Application 10/167,476 3 comparing the processed test data to the expected processed test data, and if they match, confirming integrity of the security record. Prior Art Brenneman 4,750,175 Jun. 7, 1988 Laczko 6,567,906 B2 May 20, 2003 Yokote US 2002/0157024 A1 Oct. 24, 2002 Rejections Claims 1-9, 13-21, and 25-46 stand rejected under 35 U.S.C. § 103(a) as being unpatentable over Brenneman and Laczko. Claims 10-12 and 22-24 stand rejected under 35 U.S.C. § 103(a) as being unpatentable over Brenneman, Laczko and Yokote. GROUPING OF CLAIMS Based on Appellants’ arguments we group the claims as follows: (1) Appellants argue claims 1-9, 13-21, and 25-46 as a group on the basis of claim 1 (App. Br. 6-7). We select independent claim 1 as the representative claim. We therefore treat claims 2-9, 13-21, and 25-46 as standing or falling with representative claim 1. (2) Claims 10-12 and 22-24 were also argued on the basis of claim 1; therefore, we treat claims 10-12 and 22-24 as standing or falling with claim 1 (App. Br. 7-8). See 37 C.F.R. § 41.37(c)(1)(vii). Appeal 2009-012857 Application 10/167,476 4 ISSUES Appellants assert their invention is not obvious over Brenneman and Laczko because the references do not disclose “receiving processed test data from the networking circuit, the processed test data having been generated with reference to the networking circuit’s copy of the security record, generating expected processed test data from the test data with reference to a local copy of the security record, comparing the processed test data to the expected processed test data” (App. Br. 6-7, emphasis original). Specifically, Appellants contend Brenneman does not teach two independently generated data sets, wherein the first is generated by one component based on a copy of the record and the second is generated by an alternative component based on a different copy of the record and then comparing the two sets (id. at 6). Additionally, Appellants argue that Laczko does not correct the deficiencies of Brenneman because it does not disclose comparing two sets of independently generated data as claimed (id. at 7). The Examiner finds Brenneman teaches “processed test data” is generated by the local test computer 52 transmitting test data to a remote loopback device for a loopback test (Ans. 22). The Examiner further finds Brenneman teaches the remote loop back device generates “processed test data” and recalculates the checksum using a local copy of the security record to get the expected processed test data (Ans. 23). The Examiner additionally finds that it would have been obvious to one of ordinary skill in the art that “an alternative procedure in which the diagnostic numbers are compared with a list of ‘legal’ numbers and the alarm sounded in the event that a given Appeal 2009-012857 Application 10/167,476 5 diagnostic number is not in said list would also allow the detection of errors” (Ans. 23). Issue: Have Appellants shown the Examiner erred in finding Brenneman and Laczko teach generating processed test data with reference to the networking circuit’s copy of the security record and generating expected processed test data with reference to a local copy of the security record and if the generated processed test data and the generated processed test data match, confirming integrity of the security record? FINDINGS OF FACT (FF) Appellants’ Invention (1) Security records are “well-known data records that define how authentication, encryption and decryption operations shall be performed” (Spec. 8, [34]). Brenneman Reference (2) Brenneman teaches a system that tests a data processing network and diagnoses malfunctions (Abstract). A data processing network may have a large number of users joined by communication links with computers at various sites (col. 1, ll. 8-12). A communication from one network computer to another computer typically consists of a message formatted prior to transmission into a packet (col. 1, ll. 15-22). The message includes a format component that includes information used for detecting errors in transmission and information specifying the format of the data packet, often one or more check sums (col. 5, ll. 36-46). Appeal 2009-012857 Application 10/167,476 6 (3) When a malfunction is detected in the system, a test computer may run tests including collecting data on one or more of the paths and sending it back to the test computer for analysis (col. 4, ll. 54-64). (4) A remote loopback device 60 may be installed in the system (col. 5, ll. 4-7). When a remote loopback device 60 detects a set of specified commands over a communication path 22, specific conductors in the communication paths may be coupled together (col. 5, ll. 8-13). “For example, the remote loopback device may connect the conductor used for receiving a message to the conductor used for transmitting a message” (col. 5, ll. 13-16). As a result, the message received at a location is then transmitted back to the message sender (col. 5, ll. 16-18). (5) Typically check sums are used to detect transmission errors (col. 5, ll. 44-46). A check-sum is calculated by adding numerical values corresponding to each of the characters in the data packet (col. 5, ll. 46-50). The transmitting computer calculates the check sum when the data packet is assembled and the receiving computer recalculates the check sum upon receipt of the data packet (col. 5, ll. 55-59). If the check sums do not match (i.e., an error has occurred in the data packet transmission), the receiving computer sends a message to the transmitting computer requesting the message be resent (col. 5, ll. 59-65). Laczko Reference (6) Laczko is related to a secure computing device that includes a diagnostic program for checking a program’s security (Abstract). Hardware appliances previously used fixed function machines to translate a received signal to a standard signal (col. 55-65). Depending on the function fixed Appeal 2009-012857 Application 10/167,476 7 upon manufacture, a user could receive a hierarchy of services (col. 1, ll. 40- 67). (7) A diagnostic program is loaded at a predetermined physical address and a selected program is checked against a standard (col. 2, ll. 25- 27). If the standard is met, the selected program is deemed secure; if not, the selected program is deemed not secure (col. 2, ll. 27-29). This system helps in preventing unauthorized applications from being downloaded (col. 3, ll. 48-53). Of particular importance is prevention of the operating system being compromised (col. 3, ll. 58-64). (8) The system includes a central processing unit with digital processing capability for decompressing compressed video and audio signals, decrypting encrypted video signals, converting the received signal to a new format (col. 4, ll. 52-59). The system can verify private key/public key signature by determining if the RTOS (real time operating system) has been modified as a result of, for example, the private key being compromised (col. 11, ll. 5-12). PRINCIPLES OF LAW Unless the steps of a method actually recite an order, the steps are not ordinarily construed to require one. Interactive Gift Express, Inc. v. CompuServe, Inc., 256 F.3d 1323, 1342 (Fed. Cir. 2001). See also Altiris, Inc. v. Symantec Corp., 318 F.3d 1363, 1369-71 (Fed. Cir. 2003) (district court erred in claim construction by reading a step order from the written description into the claims). Appeal 2009-012857 Application 10/167,476 8 ANALYSIS 35 U.S.C. § 103(a): claims 1-9, 28-33, and 46 We find Brenneman teaches “the processed test data having been generated with reference to the networking circuit’s copy of the security record.” Brenneman teaches a networked computer system with multiple linked computers (FF 3). Appellants have defined “security record” as “well-known data records that define how authentication, encryption and decryption operations shall be performed.” Additionally, we find a process that determines whether a data packet conforms to the original or is the same way as the original is performing authentication operations. Brenneman teaches a transmitting computer calculates the check sum and thus, generates processed test data with reference to security records (i.e., the check sum is used with reference to an algorithm meant to authenticate the accuracy of the data being transmitted) (FF 5). We conclude that it would have been obvious to one of ordinary skill in the art for the transmitting computer to use a first version of the algorithm to calculate the security that was consistent throughout the networking circuit and thus, is the networking circuit’s copy of the security record. At the receiving computer, the check sum is again calculated with reference to a local copy of the security record, thus generating expected processed test data (FF 5). We again conclude one of ordinary skill in the art would have found it obvious and within his or her skill set for the receiving computer to use a second copy of the algorithm to calculate the check sum. Appeal 2009-012857 Application 10/167,476 9 We further find Brenneman teaches the check sum sent by the transmitting computer is compared with the check sum generated by the local computer to determine if a match exists (FF 5). We find Laczko teaches a device that includes a diagnostic program for checking a program’s security (FF 6). We further find Laczko also teaches that a program, including the operating system or any other application, can be checked to determine if the security or integrity has been compromised (FF 7 and FF 8). Thus, we conclude one of ordinary skill in the art would have found it obvious to use the technique in Laczko to verify a security record’s integrity. Although Appellants argue otherwise, claim 1 does not require a specific order with respect to the “receiving” and “generating” steps or specify the device performing each of these steps. Therefore, based on these findings, we conclude one of ordinary skill in the art would have found it obvious to incorporate Laczko’s teaching of verifying a program’s integrity into Brenneman’s system of using two versions of the security record to generate test data and compare the results. Thus, Appellants have not persuaded us of error in the Examiner’s conclusions of obviousness with respect to claim 1. Independent claims 13, 21, 28, 34, 41, and 46 and dependent claims 2-9, 14-20, 25-27, 29-33, 35-40, and 42-45 were not argued separately by Appellant, but instead, Appellant relied upon claim 1. Therefore, claims 2-9, 13-21, and 25-46 fall with claim 1. Appeal 2009-012857 Application 10/167,476 10 35 U.S.C. § 103(a): claims 10-12 and 22-24 Appellants assert their invention is not obvious over Brenneman, Laczko and Yokote on the same basis as set forth for representative independent claim 1, which we addressed above (App. Br. 7). Further, Appellants argue that Yokote does not cure the alleged deficiencies of Brenneman and Laczko because Yokote “merely discloses a server that automatically determines and employs the appropriate security association management protocol for a plurality of network nodes, based on a combination of factors” (id.). Based on our findings with respect to claim 1 and since Appellants did not separately argue claims 22-24, we find Appellants have not shown the Examiner erred in concluding claims 10-12 are obvious over Brenneman, Laczko and Yokote. CONCLUSION Appellants have not shown the Examiner erred in finding claim 1 is obvious over Brenneman and Laczko. Since claims 2-9, 13-21 and 25-46 were not argued separately, claims 2-9, 13-21 and 25-46 are found to be obvious over Brenneman and Laczko. Accordingly, Appellants have not shown the Examiner erred in rejecting claims 1-9, 13-21, and 25-46 under 35 U.S.C. § 103(a) for obviousness over Brenneman and Laczko. Since claims 10-12 and 22-24 depend from representative and independent claim 1 and claims 10-12 and 22-24 were not argued separately, claims 10-12 and 22-24 are found to be obvious over Brenneman, Laczko and Yokote. Accordingly, Appellants have not shown the Examiner erred in Appeal 2009-012857 Application 10/167,476 11 rejecting claims 10-12 and 22-24 under 35 U.S.C. § 103(a) for obviousness over Brenneman, Laczko and Yokote. DECISION The Examiner’s rejection of claims 1-9, 13-21, and 25-46 under 35 U.S.C. § 103(a) as being obvious over Brenneman and Laczko is affirmed. The Examiner’s rejection of claims 10-12 and 22-24 under 35 U.S.C. § 103(a) as being obvious over Brenneman, Laczko and Yokote is affirmed. No time period for taking any subsequent action in connection with this appeal may be extended under 37 C.F.R. § 1.136(a)(1)(iv) (2009). AFFIRMED Vsh KENYON & KENYON LLP 1500 K STREET N.W. SUITE 700 WASHINGTON DC 20005