Ex Parte Falola et alDownload PDFBoard of Patent Appeals and InterferencesApr 19, 201010165079 (B.P.A.I. Apr. 19, 2010) Copy Citation UNITED STATES PATENT AND TRADEMARK OFFICE ____________________ BEFORE THE BOARD OF PATENT APPEALS AND INTERFERENCES ____________________ Ex parte DOLAPO MARTIN FALOLA, VINIT JAIN, SHANNON MARIE MACALPINE, SHAWN PATRICK MULLEN, and JAMES STANLEY TESAURO ____________________ Appeal 2009-004697 Application 10/165,079 Technology Center 2100 ____________________ Decided: April 19, 2010 ____________________ Before HOWARD B. BLANKENSHIP, DEBRA K. STEPHENS, and JAMES R. HUGHES Administrative Patent Judges. STEPHENS, Administrative Patent Judge. DECISION ON APPEAL Appeal 2009-004697 Application 10/165,079 2 Appellants appeal under 35 U.S.C. § 134(a) (2002) from a final rejection of claims 1-14, 16, and 18-21. Claims 15 and 17 have been canceled (App. Br. 4). We have jurisdiction under 35 U.S.C. § 6(b) (2008). We AFFIRM. Introduction According to Appellants, the invention relates to a method and apparatus for identifying the source of an intrusion into a network data processing system (Spec. 1, ll. 7-10). STATEMENT OF THE CASE Exemplary Claims Claims 1 and 2 are exemplary claims and are reproduced below: 1. A method in a data processing system for handling intrusions, the method comprising: responsive to receiving notification of an intrusion from a particular node in a network data processing system, sending a tracer packet back to an intruder causing the intrusion, wherein the tracer packet appears to originate from the particular node; notifying nodes in the network data processing system of the tracer packet; and responsive to receiving a message from a node indicating receipt of the tracer packet, storing identification of the node for use in tracing a route of the tracer packet through the data processing system. 2. The method of claim 1 further comprising: determining whether the intruder is a node within the network data processing system using the route; and Appeal 2009-004697 Application 10/165,079 3 responsive to the intruder being a node within the network data processing system, revoking access by the intruder to other nodes within the network data processing system. Prior Art Ando 2002/0078202 A1 Jun. 20, 2002 Han 2003/0167404 A1 Sep. 4, 2003 Sanchez 6,981,158 B1 Dec. 27, 2005 Rejections Claims 1, 5, 9-12, 16, 20 and 21 stand rejected under 35 U.S.C. § 103(a) as being unpatentable over Sanchez and Ando. Claims 13 and 14 stand rejected under 35 U.S.C. § 103(a) as being unpatentable over Sanchez and Han. Claims 2-4, 6-8 and 18-19 stand rejected under 35 U.S.C. § 103(a) as being unpatentable over Sanchez, Ando and Han. GROUPING OF CLAIMS (1) Appellants argue claims 1, 5, 9-12, 16, 20 and 21 as a group on the basis of claim 1 (App. Br. 13). We select independent claim 1 as the representative claim. We therefore treat claims 5, 9-12, 16, 20 and 21 as standing or falling with representative claim 1. (2) Appellants argue claim 13 separately (id. at 17). (3) Appellants argue claim 14 separately (id. at 18). (4) Appellants argue claims 2, 7, 8, 18, and 19 as a group on the basis of claim 2 (id. at 18-19). We select dependent claim 2 as the representative Appeal 2009-004697 Application 10/165,079 4 claim. We therefore treat claims 7, 8, 18 and 19 as standing or falling with representative claim 2. (5) Appellants argue claim 3 separately (id. at 19). (6) Appellants argue claims 4 and 6 as a group (id. at 19-20). We select claim 4 as the representative claim. We therefore treat claim 6 as standing or falling with representative claim 4. We accept Appellants’ grouping of the claims. See 37 C.F.R. § 41.37(c)(1)(vii) (2008). ISSUE 1A 35 U.S.C. § 103(a): claims 1, 5, 9-12, 16, 20 and 21 Appellants assert their invention is not obvious over Sanchez and Ando because neither reference teaches the claimed feature of “responsive to receiving notification of an intrusion from a particular node in a network data processing system, sending a tracer packet back to an intruder causing the intrusion” as recited in claim 1 (App. Br. 13). Specifically, Appellants contend the Examiner is barred by res judicata from rejecting representative claim 1, and claims 5, 9-12, 16, 20 and 21, because of a prior Notice of Panel Decision dated 4/20/2007 of which the Examiner was panel member (App. Br. 13). Appellants contend the Panel Decision already determined that this particular feature of the claims is not taught by Sanchez (App. Br. 13-14). However, Appellants admit that the Pre-Appeal decision was with respect to a 35 U.S.C. § 102 rejection and the present rejection is a 35 U.S.C. § 103 rejection (App. Br. 14). The Examiner finds that the principals of res judicata do not apply because following the Pre-Appeal Decision mailed on April 20, 2007, a new Appeal 2009-004697 Application 10/165,079 5 ground of rejection was established (Ans. 12). Further, the Examiner finds that the Pre-Appeal Request and Decision is not a Court decision, and thus, the principal of res judicata does not apply to this application. Issue 1A: Is the Examiner barred, under res judicata, from relying on Sanchez for teaching sending a tracer packet back to an intruder causing the intrusion, in response to receiving notification of an intrusion from a particular node in a network data processing system? PRINCIPLES OF LAW The court stated in In re Borkowski, 505 F.2d 713, 718 (CCPA 1974): Appellants’ contention that the prior board decision reversing a rejection under 35 U.S.C. § 103 over Borkowski et al. in a parent application should have been ‘res judicata’ to the examiner in this case is unpersuasive. This court stated in In re Craig, 411 F.2d 1333, 56 C.C.P.A. 1438 (1969), that the policy and purpose of the patent laws preclude the applicability of any doctrine akin to the judicially-developed doctrine of ‘res judicata’ to bar the granting of patents on inventions that comply with the statute. The same policy and purpose precludes reliance on any such doctrine to force the granting of patents on inventions that do not comply with the statute. The Patent Office must have the flexibility to reconsider and correct prior decisions that it may find to have been in error. ANALYSIS We find res judicata does not apply to the rejection of claims 1, 5, 9-12, 16, 20 and 21, under 35 U.S.C. § 103(a). Appellants admit that the Pre-Appeal decision was with respect to a 35 U.S.C. § 102 rejection, and the present rejection is a 35 U.S.C. § 103 rejection (App. Br. 14). In a Non- Appeal 2009-004697 Application 10/165,079 6 Final Office Action dated June 8, 2007, the Examiner introduced a new ground of rejection under 35 U.S.C. § 103 rejection for claims 1, 5, 9-12, 16, 20 and 21. The Examiner introduced new prior art to show the obviousness of Appellants’ invention. We find the Examiner has the flexibility to reconsider and correct prior decisions that may have been in error to prevent the granting of patents on inventions that do not comply with the patentability laws (see In re Craig, 411 F.2d at 1335). Accordingly, we find the Examiner is not barred, under the doctrine of res judicata, from relying on Sanchez for teaching or suggesting the claimed feature of “responsive to receiving notification of an intrusion from a particular node in a network data processing system, sending a tracer packet back to an intruder causing the intrusion,” as recited on representative claim 1. ISSUE 1B 35 U.S.C. § 103(a): claims 1, 5, 9-12, 16, 20 and 21 (cont.) Appellants argue Sanchez does not teach “responsive to receiving notification of an intrusion from a particular node in a network data processing system, sending a tracer packet back to an intruder causing the intrusion sending a tracer packet back to an intruder causing the intrusion,” as in representative claim 1 (See App. Br. 14). Specifically, Appellants argue the query message (QM1) of Sanchez is not the claimed tracer packet, as The QM is not sent back to the intruder causing the intrusion (App. Br. 14 and 15). Further, Appellants argue the target packet of Sanchez also does not correspond to the claimed tracer packet because the target packet is not the malicious packet of interest, and Appeal 2009-004697 Application 10/165,079 7 is also not sent back to an intruder causing the intrusion (see App. Br. 14- 15). The Examiner relies on Ando to teach this limitation. Specifically, the Examiner finds Ando teaches sending “a tracer packet back to an intruder causing the intrusion” (Ans. 13). The Examiner concludes one of ordinary skill in the art at the time of the invention would incorporate Ando’s unauthorized intrusion safeguard technique into Sanchez’s system to prevent reintrusion of an unauthorized packet at a high speed (id. at 13). Issue 1B: Have Appellants shown the Examiner erred in finding Ando teaches or suggests that “responsive to receiving notification of an intrusion from a particular node in a network data processing system, sending a tracer packet back to an intruder causing the intrusion?“ ANALYSIS We find the Examiner rejected the claims as unpatentable over both Sanchez and Ando (Ans. 3). Further, we find the Examiner specifically, relied on Ando for teaching or suggesting “sending a tracer packet back to an intruder causing the intrusion,” as recited in representative claim 1 (id. at 4). We find Appellants, in the Appeal Brief, only argue Sanchez does not teach the limitation and do not present any arguments or evidence as to why Ando does not teach this feature. Thus, we find Appellants have failed to persuade us of error in the Examiner's finding that Ando teaches “sending a tracer packet back to an intruder causing the intrusion.” Accordingly, Appellants have not shown the Examiner erred in concluding that the combination of Ando and Sanchez Appeal 2009-004697 Application 10/165,079 8 teaches “responsive to receiving notification of an intrusion from a particular node in a network data processing system, sending a tracer packet back to an intruder causing the intrusion,” as recited in representative claim 1 (see commensurate language in independent claims 5, 10, 11, 12, 16, 20, and 21). Claim 9, not separately argued, but grouped by Appellant with claim 1 recites a broader limitation of “sends a tracer packet” which we find is also disclosed by the combination of Sanchez and Ando. ISSUE 1C 35 U.S.C. § 103(a): claims 1, 5, 9-12, 16, 20 and 21 (cont.) In the Reply Brief, Appellants argue that a person of ordinary skill in the art would not have been motivated to combine Sanchez and Ando as Sanchez “‘already has’ an alleged ability to ‘trace to’ an intruder . . . and thus the proposed modification would merely add system cost and complexity with no associated benefit” (Reply Br. 2). ANALYSIS We note that the Reply Brief is properly used to respond to points of argument raised by the Examiner in the Answer and not as a means for presenting new arguments. See Optivus Tech., Inc. v. Ion Beam Applications S.A., 469 F.3d 978, 989 (Fed. Cir. 2006) (an issue not raised in an opening brief is waived). We have fully considered the responses in the Reply Brief to the extent that Appellants restate previous arguments or address new points raised by the Examiner in the Answer. However, in this case, the new arguments presented in the Reply Brief were not made in response to a new ground of rejection, nor were they necessitated by additional fact findings or Appeal 2009-004697 Application 10/165,079 9 new contentions presented in the Examiner’s Answer. We decline to address any new arguments not originally presented in the principal Brief With respect to all claims before us on appeal, arguments which Appellants could have made but chose not to make have not been considered and are deemed to be waived. See 37 C.F.R. § 41.37(c)(1)(vii). See also In re Watts, 354 F.3d 1362, 1368 (Fed. Cir. 2004). ISSUE 2A 35 U.S.C. § 103(a): claim 13 Appellants argue the rejection of claim 13 for the reasons argued above with respect to claim 12 and add Han does not teach a “determining means for determining whether the intruder is a node within the network data processing system using the route” (App. Br. 17). Specifically, Appellants contend Han teaches techniques for passing or filtering packets and does not disclose (1) intruder node determination, or (2) a subsequent conditional step of “revoking access by the intruder to other nodes within the network data processing system” (id. at 17-18). The Examiner finds Han teaches when an intruder located in another local network attempts to intrude into a first local network’s server, the first local network’s intruder detection system detects the intrusion attempt, adds intruder information into an active packet, and transmits it to the intruder (Ans. 13-14). Thus, the Examiner finds that the intruder detection system must have a means to determine the intruder’s location since it adds information about the intruder (Ans. 14). Appeal 2009-004697 Application 10/165,079 10 Issue 2A: Have Appellants shown the Examiner erred in finding Han teaches or suggests a determining means for determining whether the intruder is a node within the network data processing system? FINDINGS OF FACT (FF) We find as follows: Han Reference (1) Han teaches a method and system for sharing intrusion detection information detected in different networks and tracking the intrusion (Abst.). The system tracks the intrusion for all routes through which the intruder passed based on the active packet, and filters the packet associated with the intruder for the isolation (id.) (2) “When an intruder located in a third local network 805 attempts to intrude into a server of a first local network 804, an intrusion detection system 802 of the first local network 804 detects the intrusion attempt, adds information of the intruder into an active packet and transmits it to the intruder” (page 3, [0048]). PRINCIPLES OF LAW Obviousness In rejecting claims under 35 U.S.C. § 103, it is incumbent upon the Examiner to establish a factual basis to support the legal conclusion of obviousness. See In re Fine, 837 F.2d 1071, 1073 (Fed. Cir. 1988). In so doing, the Examiner must make the factual determinations set forth in Graham v. John Deere Co., 383 U.S. 1, 17-18 (1966). Appeal 2009-004697 Application 10/165,079 11 ANALYSIS We find Han discloses that the intrusion detection system adds information of the intruder to an active packet and transmit it to the intruder (FF 2). Thus, we find for the intrusion detection system to transmit the packet to the intruder, the intrusion detection system 802 would have had to have known where to send the active packet. Further, since the intrusion detection system 802 knows the location of the intruder, we find the intrusion detection system 802 would also have known whether the location of the intruder (i.e., node) is in or out of the network. Accordingly, we find Han teaches a “determining means for determining whether the intruder is a node within the network data processing system,” as recited in claim 13. ISSUE 2B 35 U.S.C. § 103(a): claim 13 Issue 2B: Have Appellants shown the Examiner erred in finding Han teaches or suggests “revoking access by the intruder to other nodes within the network data processing system?” ANALYSIS Appellants have: (1) merely recited the “revoking access” function of claim 13, (2) asserted that the limitation is not taught or suggested by Han, and, (3) failed to respond to the specifics of the Examiner’s rejection (see App. Br. 17-18, see also Final Rej. 7 and Ans.7-8 and 14). Appellants do not traverse the Examiner’s obviousness rejection. We note that a statement which merely points out what a claim recites will not Appeal 2009-004697 Application 10/165,079 12 be considered an argument for separate patentability of the claim. See 37 C.F.R. § 41.37(c)(1)(vii). Therefore, we find Appellants have not presented any persuasive evidence or argument to rebut the Examiner’s finding that Han teaches “revoking access by the intruder to other nodes within the network data processing system,” as recited in claim 13. ISSUE 3 35 U.S.C. § 103(a): claim 14 Appellants argue the rejection of claim 14 for the reasons argued above with respect to claim 13 and further contend Han does not teach or suggest “preventing access to an entry node” (App. Br. 18). Specifically, Appellants contend that the ISP disclosed in Han is constantly operational and, thus, access is not prevented (id.). The Examiner finds that “Appellant failed to give any reasons why the cited passages do not teach the limitation but [rely] on the figure for [their] arguments” (Ans. 14). Issue 3: Have Appellants shown the Examiner erred in finding Han teaches “preventing access to an entry node?” FINDINGS OF FACT (FF) We further find as follows: Han Reference (3) “[A] router includes a packet filtering table, which is used in determining the transmission of the packet according to a type of the packet, Appeal 2009-004697 Application 10/165,079 13 which passes through the router. The router checks header information of all packets to be received or transmitted, compares the checked information with information in the packet filtering table, and allows or rejects transmitting the packet based on the compared result” (page 2, [0020]). ANALYSIS We find Han discloses that a packet passes through a router, and the router allows or rejects the packet based on a filtering table (FF 3). We find Han further teaches detecting and isolating an intrusion. Thus, we find Han teaches preventing means that prevent access to an entry node, as the router prevents access – preventing a packet from passing through the router (i.e., entry node) when it rejects the transmitting packet at the router (i.e., an entry node). Further, we find Appellants fail to explain why an ISP that is operational at all times does not teach or suggest preventing access to an entry node. Thus, we find Appellants have failed to persuade us of error in the Examiner’s finding that Han teaches or suggests “preventing access to an entry node,” as recited in claim 14. ISSUE 4 35 U.S.C. § 103(a): claims 2, 7, 8, 18, and 19 Appellants argue the rejection of claims 2, 7, 8, 18, and 19 for the reasons argued above with respect to claims 1, 5, and 16. Further, Appellants assert their invention is not obvious over Sanchez, Ando, and Han because Han does not teach a “determining whether the intruder is a node within the network data processing system using the route” as recited in claim 2 (See App. Br. 18) (partial emphasis omitted). Appeal 2009-004697 Application 10/165,079 14 Specifically, Appellants contend Han is directed towards techniques for passing or filtering packets (id.). Appellants further contend Han does not disclose (1) intruder node determination, as to whether an intruder is a node within the network data processing system using the route, or (2) a subsequent conditional step of “revoking access by the intruder to other nodes within the network data processing system,” as claimed (id. at 18-19). The Examiner finds Appellants’ arguments are unpersuasive for the same reasons presented with respect to claims 1, 5, 13 and 16 (see Issues 1B and 2A above) (Ans. 14-15). Issue 4: Have Appellants shown the Examiner erred in finding Han teaches or suggests (1) determining whether the intruder is a node within the network data processing system using the route; and (2) revoking access by the intruder to other nodes within the network data processing system? FINDINGS OF FACT (FF) We further find as follows: Han Reference (4) The border router 102 present in each local network 104, which is composed of the active node, tracks the intrusion based on the active packet provided by the intrusion detection system 102 for all network routes through which the intruder has passed (pg. 2, [0025]). ANALYSIS We find Appellants argue the rejection of claims 2, 7, 8, 18, and 19 for substantially the reasons argued above with respect to claims 1, 5, 13 and Appeal 2009-004697 Application 10/165,079 15 16 (Ans. 18). We also find Han teaches determining whether the intruder is a node within the network data processing system using the route (FF 4) as recited in claim 2. Thus, coupled with our reasoning with regard to Issues 1 and 2A, we find Han teaches or suggests the claimed “determining whether the intruder is a node within the network data processing system using the route.” Additionally, Appellants do not present any evidence or arguments to rebut the Examiner’s findings that Han teaches the recited revoking access function. Indeed, Appellants have: (1) merely recited the “revoking access” function of claim 2, (2) asserted that the limitation is not taught or suggested by Han, and, (3) failed to respond to the specifics of the Examiner’s rejection (see App. Br. 18-19, see also Final Rej. 8-9 and Ans. 9-10 and 14- 15). ISSUE 5 35 U.S.C. § 103(a): claim 3 Appellants argue the rejection of claim 3 for the same reasons argued with respect to claim 1 (App. Br. 19). Further, Appellants contend Han fails to teach or suggest “preventing access to an entry node, where such entry node is identified in an entry node serving as an entry point into the network data processing system that occurs responsive to the intruder being a node outside of the network data” (See App. Br. 19). (emphasis omitted). Specifically, Appellants argue that the ISP disclosed in Han is operational at all times, and thus, access is not prevented (id.). The Examiner concludes the Appellants’ arguments are unpersuasive for the reasons set forth with respect to claim 14 (See Ans. 15). Appeal 2009-004697 Application 10/165,079 16 Issue 5: Have Appellants shown the Examiner erred in finding Han teaches or suggests “preventing access to an entry node?” ANALYSIS As discussed above, with respect to claim 14, we find Han teaches the claimed “preventing access to an entry node.” The additional limitations Appellants argue are not recited in the claim. Thus, for the reasons discussed above, with regard to claim 14, we find Appellants have failed to persuade us of error in the Examiner’s finding that Han teaches “preventing access to an entry node” as recited in claim 14. ISSUE 6 35 U.S.C. § 103(a): claims 4 and 6 Appellants argue the rejection of claims 4 and 6 for the reasons argued with respect to claims 1 and 5 (from which claims 4 and 6 depend, respectively) (App. Br. 19). Further, Appellants contend that the security system of Han is not a grid network, when the term is given its ordinary meaning known to those of ordinary skill in the art (id. at 20). Further, Appellants proffer a definition of a “grid network” in the Appeal Brief (App. Br. 28, Evidence App’x.) The Examiner finds that Figures 7-9 of Han teach the network disclosed in Han is a grid network, even if the definition of a grid network is the definition provided in the Appeal Brief (Ans. 15). Appeal 2009-004697 Application 10/165,079 17 Issue 6: Have Appellants shown the Examiner erred in finding Han teaches or suggests “the network data processing system is a grid” as recited in claims 4 and 6? FURTHER FINDINGS OF FACT (FF) We further find as follows: Appellants’ Invention (5) A grid network is “[a] set of nodes participating in a resource sharing scheme” (Spec. 1, ll. 21-23). Han Reference (6) Figure 7 illustrates a configuration of an Internet network and (groupings of local networks (L.Ns) connected to an internet service provider (ISP) (see Fig. 7 and page 1, [0015] and [0045]). ANALYSIS Based on Appellants’ definition of grid (FF 5) and Han’s disclosure in Figure 7, we find one of ordinary skill in the art would find the grouping of local networks (i.e., nodes) shown in Figure 7, participates in a resource sharing scheme with an ISP (FF 6). Accordingly, we find Han discloses a grid network. Thus, Appellants have failed to persuade us of error in the Examiner’s finding that Han teaches “the network data processing system is a grid.” CONCLUSION Appellants have not shown the Examiner erred in concluding that claims 1, 5, 9-12, 16, 20 and 21 are obvious over Sanchez and Ando. Appeal 2009-004697 Application 10/165,079 18 Appellants have not shown the Examiner erred in concluding that claims 13 and 14 are obvious over Sanchez and Han. Appellants have not shown the Examiner erred in concluding that claims 2-4, 6-8, 18 and 19 are obvious over Sanchez, Ando, and Han. DECISION The Examiner’s rejection of claims 1, 5, 9-12, 16, 20 and 21 under 35 U.S.C. § 103(a) as being obvious over Sanchez and Ando is affirmed. The Examiner’s rejection of claims 13 and 14 under 35 U.S.C. § 103(a) as being obvious over Sanchez and Han is affirmed. The Examiner’s rejection of claims 2-4, 6-8, and 18-19 under 35 U.S.C. § 103(a) as being obvious over Sanchez, Ando, and Han is affirmed. No time period for taking any subsequent action in connection with this appeal may be extended under 37 C.F.R. § 1.136(a)(1)(iv) (2009). AFFIRMED Vsh IBM CORP (YA) C/O YEE & ASSOCIATES PC P.O. BOX 802333 DALLAS, TX 75380 Copy with citationCopy as parenthetical citation
