Ex Parte Harjula et alDownload PDFPatent Trial and Appeal BoardSep 26, 201714034010 (P.T.A.B. Sep. 26, 2017) Copy Citation United States Patent and Trademark Office UNITED STATES DEPARTMENT OF COMMERCE United States Patent and Trademark Office Address: COMMISSIONER FOR PATENTS P.O.Box 1450 Alexandria, Virginia 22313-1450 www.uspto.gov APPLICATION NO. FILING DATE FIRST NAMED INVENTOR ATTORNEY DOCKET NO. CONFIRMATION NO. 14/034,010 09/23/2013 Tero Petted Harjula 3731.008US1 1382 21186 7590 09/28/2017 SCHWEGMAN LUNDBERG & WOESSNER, P.A. P.O. BOX 2938 MINNEAPOLIS, MN 55402 EXAMINER GETACHEW, ABIY ART UNIT PAPER NUMBER 2434 NOTIFICATION DATE DELIVERY MODE 09/28/2017 ELECTRONIC Please find below and/or attached an Office communication concerning this application or proceeding. The time period for reply, if any, is set in the attached communication. Notice of the Office communication was sent electronically on above-indicated "Notification Date" to the following e-mail address(es): uspto@slwip.com SLW @blackhillsip.com PTOL-90A (Rev. 04/07) UNITED STATES PATENT AND TRADEMARK OFFICE BEFORE THE PATENT TRIAL AND APPEAL BOARD Ex parte TERO PETTERI HARJULA, BREON MALACHY MCCARTNEY, and ASKO JUHA SAURA Appeal 2017-004690 Application 14/034,0101 Technology Center 2400 Before CARLA M. KRIVAK, HUNG H. BUI, and JON M. JURGOVAN, Administrative Patent Judges. JURGOVAN, Administrative Patent Judge. DECISION ON APPEAL Appellants seek review under 35 U.S.C. § 134(a) from a Final Rejection of claims 1—20, which are all the claims pending in the application. We have jurisdiction under 35 U.S.C. § 6(b). We affirm.2 1 Appellants identify Venafi, Inc. as the real party in interest. (App. Br. 2.) 2 Our Decision refers to the Specification filed Sept. 23, 2013 (“Spec.”), the Final Office Action mailed Nov. 20, 2015 (“Final Act.”), the Appeal Brief filed Apr. 22, 2016 (“App. Br.”), the Examiner’s Answer mailed Nov. 18, 2016 (“Ans.”), and the Reply Brief filed Jan. 18, 2017 (“Reply Br.”). Appeal 2017-004690 Application 14/034,010 CLAIMED INVENTION The claims are directed to centralized discovery and management of cryptographic keys and trust relationships in environments employing secure protocols. (Spec. 11, Title; Abstract.) The invention’s centralized key discovery and management employs search criteria—including a tag to identify a type of information that is located, and a state to indicate at least one action that may be taken with regard to located keys—to search for key information. (Spec. 199; Abstract.) Claims 1,9, 14, and 17 are independent. Claim 1, reproduced below, is illustrative of the claimed subject matter: 1. A method performed by a centralized key management system comprising: creating, using a processor of the centralized key management system, search criteria used to identify and gather key file information from at least one managed system, the search criteria comprising: at least one condition derived from a key file to be located; a tag identifying at least the type of information located by the at least one condition, the tag to be assigned to any key files located using the at least one condition; and a state to be assigned to any key files located using the at least one condition, the state indicating further action to be taken with respect to any key files located; and initiating, using the processor of the computing system, a search on the at least one managed system using the search criteria. (App. Br. 41 (Claims App.).) 2 Appeal 2017-004690 Application 14/034,010 REJECTIONS3 & REFERENCES (1) Claims 1—13 stand rejected under 35 U.S.C. § 103(a) as being unpatentable over Thomas (US 8,116,456 B2, Feb. 14, 2012), Wilkins (US 2012/0204032 Al, Aug. 9, 2012), and Bishop (US 2013/0054613 Al, Feb. 28,2013). (Final Act. 5-22.) (2) Claims 14—20 stand rejected under 35 U.S.C. § 103(a) as being unpatentable over Wilkins and Bishop. (Final Act. 22—31 .)4 ANALYSIS Claims 1, 9, and 14 Appellants acknowledge independent claim 1 recites search criteria that has three parts: “(1) at least one condition derived from a key file to be located; (2) a tag identifying at least the type of information located by the at least one condition, the tag to be assigned to any key files located using the at least one condition; and (3) a state to be assigned to any key files located using the at least one condition, the state indicating further action to be taken with respect to any key files located.” 3 Claims 14—16 were rejected under 35 U.S.C. § 101, as directed to non- statutory subject matter. (Final Act. 2—3.) However, this rejection was withdrawn in the Notice of Panel Decision from Pre-Appeal Brief Review (mailed March 2, 2016), and is no longer pending on appeal. 4 The listing of the rejection of claims 14—20 in the Final Office Action contains a typographical error where Thomas was erroneously listed instead of Bishop (see Final Act. 22 (the listing of the rejection referring to “Thomas . . . in view of Wilkins et al.”)). The body of the rejection (see Final Act. 22—31) refers only to Wilkins and Bishop, not Thomas, and the Examiner’s Answer further clarifies that claims 14—20 are rejected based on “Wilkins et al. (hereinafter referred as Wilkins) (US Publication No. 2012/0204032 Al) in view of Bishop (US Publication No. 2013/0054613 Al)” (see Ans. 20). 3 Appeal 2017-004690 Application 14/034,010 (App. Br. 24.) The Examiner relies on both Wilkins and Bishop for teaching Appellants’ claimed tri-part search criteria comprising a condition, a tag, and a state. In particular, the Examiner relies on Wilkins for teaching Appellants’ claimed “search criteria comprising: at least one condition derived from a key file to be located; . . . and a state to be assigned to any key files located using the at least one condition, the state indicating further action to be taken with respect to any key files located.” (Final Act. 6—8 (citing Wilkins 39, 192); Ans. 32, 34 (citing Wilkins 1135).) And the Examiner finds Bishop teaches Appellants’ claimed “search criteria [comprising:] ... a tag identifying at least the type of information located by ... at least one condition, the tag to be assigned to any . . . files located using the at least one condition.” (Final Act. 8 (citing Bishop 1132); Ans. 32—33 (citing Bishop ^fl[ 7—8).) Based on those teachings, the Examiner concludes it would have been obvious to a person having ordinary skill in the art to assign Bishop’s tag to a key file located by Wilkins’ search. (Ans. 30-32; Final Act. 8—9.) Appellants contend “the records that are searched for and returned in Wilkins do not store encryption keys,” in contrast to the claimed key file in which “one or more keys (i.e., public keys, private keys, KSI, etc., perhaps along with other information) are stored.” (App Br. 16—18 (citing Wilkins 139, Figs. 6a—6b; Spec. ^fl[ 27, 44—45) (emphases added).) Thus, Appellants assert, Wilkins’ “search is for a particular record (i.e., an individual serial number that is associated with an encryption key record), not a key file to be located.” (App. Br. 17; see also Reply Br. 3—4.) We disagree. 4 Appeal 2017-004690 Application 14/034,010 Wilkins teaches that its searchable encryption key (EK) records may include public keys. (See Wilkins 1178 (“The public key is transferred from the network device via the network using a secure connection to the KES [(Key Exchange Server)] . . . where it is stored in the user’s EK record” (emphasis added)); 1180 {“the EK record data fields contain the encryption key and its corresponding key ID” (emphasis added)); 1182 (“retrieve a key from an EK record 406 (e.g., a public key)”); 1185; Ans. 30, 32.) Thus, Wilkins’ EK records teach the claimed key files. (Ans. 34.) We, therefore, agree with the Examiner’s finding that the “search for the EK record by keywords” in Wilkins’ Key Exchange Server (KES) teaches search criteria created using a centralized key management system (KES), the search criteria comprising at least one condition derived from a key file to be located, as required by claim 1. {See Wilkins 139; Ans. 32 (citing Wilkins 1 39).) Wilkins’ keywords—including “a person’s name and phone number, email address, location (e.g., city, state and/or zip code)” and a “serial number that includes ‘keyword’ entries” {see Wilkins 139)—are commensurate with the broad description of “condition derived from a key file” in Appellants’ Specification.5 Appellants also argue Bishop does not teach search criteria including a tag identifying “at least the type of information located”; rather, Bishop’s tag “is applied to files having content that matches the tag. . . . [T]he tag of 5 Appellants’ Specification describes “[conditions derived from the key or key files may be any combination of information that would help locate the desired information,” such as “text to match in the key file, a file name of the key file, a file hash of the key file, a byte stream to match in the key file, . . . metadata assigned to the key file,. . . and/or combinations thereof.” (Spec. 199.) 5 Appeal 2017-004690 Application 14/034,010 Bishop identifies content while the [claimed] tag . . . identifies type.” (App. Br. 21 (citing Bishop 1132).) We are not persuaded because Appellants’ Specification does not provide an explicit and exclusive definition of the claimed term “type of information.” The Specification merely provides that “[t]ags may help the system 300 to identify the type of information that is located” and “may also help in later processing such as when the information may be sent to a parser without having to recheck what sort of information it is prior to sending it to the parser.” (See Spec. ]ff[ 99, 118.) As the Specification does not define the “type of information” identified by the tag, we agree with the Examiner’s reasonable findings that Bishop’s tags—including “tag words, tag phrases, or tag objects) respectively associated with a file folder . . . [such as] folders associated with the same client or same subject matter[,] to determine or identify whether any words, phrases, or other information match any of the known tags”— teach the claimed tag identifying a type of located information. (Final Act. 8.) Bishop further teaches “associating] [the] tag(s) with the electronic document” whose “words, phrases, or other information” matches the tag, thereby teaching the claimed tag to be assigned to any files located using a search condition. (See Bishop ^fl[ 7—8, 132; Ans. 32—33 (citing Bishop ^fl[ 7— 8); Final Act. 8 (citing Bishop 1132).) That is, Bishop’s tag is to be assigned to any files located using a condition (a search by “key-content,” see Bishop 1132). Thus, we are unpersuaded by Appellants’ argument that Bishop does not teach a tag to be assigned to any files located using a condition. (See App. Br. 20.) 6 Appeal 2017-004690 Application 14/034,010 Appellants further argue neither Wilkins nor Bishop teaches the claimed “state to be assigned to any key files located using the at least one condition, the state indicating further action to be taken with respect to any key files located.” (App. Br. 22; Reply Br. 2, 6.) We do not agree. Appellants’ arguments do not address the Examiner’s specific findings that Wilkins’s identification of EK records for deletion teaches a state assigned to key files (EK records) to indicate a further action to be taken with respect to the key files, as required by claim 1. (Ans. 34 (citing Wilkins 1135).) We agree with the Examiner’s findings. Moreover, Wilkins discloses the “delete requests” mark EK records that are to be deleted at the next synchronization between the Key Exchange Server and the user’s network device. {See Wilkins H 132, 13^K135, 201, 203-204, 206-207.) Appellants’ Specification similarly describes a state indicating a deletion action with respect to a key file. (See Spec. 99-100, 118, 122.) We are also not persuaded by Appellants’ arguments that (1) Bishop is non-analogous art, and that (2) the Examiner’s combination of references lacks articulated reasoning. (Reply Br. 6—7; App. Br. 19-20, 23.) The test for non-analogous art is whether the art is within the field of the inventor’s endeavor and, if not, whether it is reasonably pertinent to the problem with which the inventor was involved. In re Wood, 599 F.2d 1032, 1036 (CCPA 1979). A reference is reasonably pertinent if, even though it may be in a different field of endeavor, it logically would have commended itself to an inventor’s attention in considering his problem because of the matter with which it deals. In re Clay, 966 F.2d 656, 659 (Fed. Cir. 1992). Here, Appellants’ argument has only addressed whether Bishop is in the field of “security key” management (App. Br. 19-20; Reply Br. 6), and not whether 7 Appeal 2017-004690 Application 14/034,010 it is reasonably pertinent to problem. The Examiner has found that Bishop, although not directed to management of security keys, is reasonably pertinent as it discloses information management by searching and identifying information based on content. (Ans. 32—33 (citing Bishop 7— 8); Final Act. 9 (citing Bishop 1110).) We concur with the Examiner that Bishop is reasonably pertinent to the problem contemplated by the inventor. Additionally, the Examiner has articulated sufficient reasoning for incorporating Bishop’s tags into Wilkins’ keyword-based search for EK records. (Ans. 31; Final Act. 9 (citing Bishop 1110).) We agree with the Examiner that tagging Wilkins’ identified key files (EK records) with corresponding tags based on the record’s content (as taught by Bishop) would have been obvious to those skilled in the art as a use of a known technique to improve retrieval of data (keys) from a data storage. (Final Act. 9; see also Wilkins ^fl[ 2, 78.) See KSR Int’l Co. v. Teleflex Inc., 550 U.S. 398, 416 (2007) (“[A] combination of familiar elements according to known methods is likely to be obvious when it does no more than yield predictable results.”). Thus, the combination of Wilkins and Bishop teaches the claimed tri-part search criteria comprising a condition, a tag, and a state for searching key files. For these reasons, we sustain the Examiner’s rejection of independent claim 1, and the Examiner’s rejection of independent claim 9 on the same basis as claim 1 (see App. Br. 15, 20, 22), for the reasons stated above. With regard to independent claim 14 rejected based on a combination of Wilkins and Bishop, Appellants provide substantially the same arguments as for claim 1 (App. Br. 33). Thus, for the same reasons as claim 1, we sustain the Examiner’s rejection of claim 14. 8 Appeal 2017-004690 Application 14/034,010 Claim 2 Claim 2 recites “wherein initiating the search comprises sending the search criteria to an agent located on the at least one managed system.” Appellants argue the claimed agent “reside[s] on another system,''’ and Bishop and Wilkins do not teach “sending the tri-part search criteria of claim 1 to an agent located on a managed machine (that is not executing the method)” as required by claim 2. (App. Br. 24—25 (emphases added).) We do not agree. Rather, we agree with the Examiner Bishop’s enhanced information management component (EIMC) teaches the claimed agent located on a managed system and receiving search criteria including “key-content” and “tags.” (Ans. 35—36 (citing Bishop 17).) We further note Appellants’ argument (see App. Br. 24—25) is not commensurate with the scope of claim 2 because claim 2, and its base claim 1, does not require the “agent” and the “at least one managed system” to be distinct from the “centralized key management system.” Thus, we are not persuaded the Examiner errs in the rejection of claim 2. We, therefore, sustain the Examiner’s rejection of claim 2. Claim 3 Claim 3 recites “wherein initiating the search comprises initiating file operations on the at least one managed system.” Appellants argue Wilkins’ “associating the sender of a communication with a user of the K[E]S is not a file operation” as described in Appellants’ Specification. (App. Br. 25—26 (citing Wilkins 1192; Spec. 1125).) We do not agree. Appellants’ Specification does not provide an explicit and exclusive definition of the claimed term “file operation,” and merely provides a list of 9 Appeal 2017-004690 Application 14/034,010 non-exhaustive examples of “file operations.” (See Spec. 1125.) We agree with the Examiner that Wilkins’ associating a unique identifier (e.g., a serial number) of an encrypted signed communication with a user’s identity initiates a file operation (on the file represented by the encrypted communication), as required by claim 3. (Final Act. 9—10 (citing Wilkins 1192).) Thus, we are not persuaded the Examiner errs in the rejection of claim 3. We, therefore, sustain the Examiner’s rejection of claim 3. Claims 4 and 10 With respect to dependent claim 4, Appellants argue “it is evident that the Examiner has not cited art that teaches using the elements of claim 4 as search criteria for a key file.” (App. Br. 27.) We do not agree. Appellants’ arguments do not address the Examiner’s specific findings that Wilkins’ “search criteria such as a person’s name” and Wilkins’ “search for [a user’s] EK record by name, company name, telephone number, email or other criteria” teach a “condition derived from a key file [that] comprises at lest [sic] one of: ... a byte stream to match in the key file.” (See Wilkins ^fl[ 39, 95 (emphases added); Ans. 36—37 (citing Wilkins 195); Final Act. 6 (citing Wilkins 1 39) (rejecting base claim 1).) Thus, we are not persuaded the Examiner errs in the rejection of claim 4, and we, therefore, sustain the Examiner’s rejection of claim 4. We also sustain the Examiner’s rejection of claim 10, for which Appellants provide the same arguments as for claim 4 (see App. Br. 15). Claims 5 and 16 With respect to dependent claim 5, Appellants argue Wilkins does not teach the claimed state of claim 1 “which indicates a further action to be performed on a file located by the condition derived from the key file.” 10 Appeal 2017-004690 Application 14/034,010 (App. Br. 28.) However, as discussed supra with respect to claim 1, we agree with the Examiner that Wilkins teaches “a state to be assigned to any key files located using the at least one condition, the state indicating further action to be taken with respect to any key files located.” (Ans. 34 (citing Wilkins | 135).) Additionally, Wilkins’ deletion instruction with respect to encryption key information (see Wilson 1135) indicates “a file management operation” as recited in claim 5. Thus, we are not persuaded the Examiner errs in the rejection of claim 5. We, therefore, sustain the Examiner’s rejection of claim 5 and claim 16, for which Appellants provide the same arguments (see App. Br. 33). Claims 6 and 13 With respect to dependent claim 6, Appellants argue Wilkins does not teach “sending ‘second key file information and a second state to be assigned to the second key file information, the second state indicating at least one action that should be taken by the agent with respect to the second key file information'.” (App. Br. 29.) However, as discussed supra with respect to claim 1, we agree with the Examiner that Wilkins teaches key files, and states assigned to key files to indicate further actions (e.g., deletions) to be taken with respect to the key files. (Ans. 34 (citing Wilkins 1135).) Wilkins’ paragraph 135 further discloses a remote synchronization process—between the Key Exchange Server and remote network devices— transmits deletion instructions and identifies remote key records as deleted, thereby teaching sending key file information and a state indicating an action (a deletion), as required by claim 6. Thus, we are not persuaded the Examiner errs in the rejection of claim 6, and we, therefore, sustain the Examiner’s rejection of claim 6. We also 11 Appeal 2017-004690 Application 14/034,010 sustain the Examiner’s rejection of claim 13, for which Appellants provide the same arguments as for claim 6 (see App. Br. 15). Claim 7 With respect to dependent claim 7, Appellants argue Wilkins does not teach receiving a key file, but merely discloses “a record from a database (possibly records not even containing an encryption key).” (App. Br. 29- 30.) However, as discussed supra with respect to claim 1, we agree with the Examiner that Wilkins teaches key files comprising encryption keys. Appellants further argue Wilkins does not disclose “associating a policy with a key file” or that “the policy comprises properties to manage the key file.” (App. Br. 30.) Appellants’ argument is not persuasive because Wilkins’ “utilization restriction and policy . . . associated to a public key” associates a policy with key file information (e.g., with key file information regarding Wilkins’ public key), as required by claim 7. (See Wilkins 190; Final Act. 12—13 (citing Wilkins 190).) Wilkins’ policy also comprises properties to manage the key file information as required by claim 7, as Wilkins discloses “[t]he utilization restriction and policy provides data fields indicating whether the public key may be used to send an encrypted communication to the at least one communication address,” “whether the key may be used to verify a signed communication sent from another communication address,” “the type of communication application associated to a communication address and . . . suitable protocols . . . and encryption algorithms and methodologies associated to the key.” (See Wilkins 1 90 (emphases added).) Thus, we are not persuaded the Examiner errs in the rejection of claim 7 and, therefore, sustain the Examiner’s rejection of claim 7. 12 Appeal 2017-004690 Application 14/034,010 Claims 8, 11, and 15 With respect to dependent claim 8, Appellants argue Wilkins does not teach the receiving, storing, and associating steps. The Examiner finds Wilkins’ paragraph 5 teaches the claimed key set representing a plurality of four key objects—including PKI (Public Key Infrastructure) asymmetric keys—to be managed as a group for bi directional encryption and decryption between two entities. (Final Act. 13— 14 (citing Wilkins 1 5).) We agree with the Examiner, Wilkins’ paragraph 5 teaches these limitations of claim 8. Further, as discussed supra with respect to claim 7, we agree with the Examiner that Wilkins teaches associating a policy with a key, the policy comprising properties to manage the key. (See Wilkins 190.) Additionally, Wilkins’ paragraph 196 discloses a policy may be associated with a key set of multiple keys, to manage the set. (See Wilkins 1196 (describing “a key rotation policy” to “generate PKI key pairs” for “encryption keys [that] may expire and need to be regenerated and redistributed securely on a regular basis”).) As Appellants have failed to clearly distinguish the claimed invention over the prior art relied on by the Examiner, we sustain the Examiner’s rejection of claim 8. We also sustain the Examiner’s rejection of claims 11 and 15, for which Appellants provide the same arguments as for claim 8 (see App. Br. 15, 33). Claim 12 Appellants argue Wilson does not teach the elements of claim 12. We do not agree. Claim 12 requires the policy to comprise “at least one” feature from a list of features including “a property indicating whether key rotation 13 Appeal 2017-004690 Application 14/034,010 is allowed.” We agree with the Examiner that Wilkins teaches such a policy comprising a property indicating whether key rotation is allowed. (Final Act. 21 (citing Wilkins 131 (describing the need for key rotation)); see also Wilkins 1196 (describing “a key rotation policy” is allowed when encryption keys “expire and need to be regenerated and redistributed securely on a regular basis”).) Thus, we are not persuaded the Examiner errs in the rejection of claim 12, and we, therefore, sustain the Examiner’s rejection of claim 12. Claim 17 Appellants contend Wilkins and Bishop do not teach a schedule received from a centralized key management system and designating time that an action is to be taken, as required by independent claim 17. (App. Br. 34.) Rather, the cited portion of Wilkins “discusses decrypting an encrypted message rather than receiving a schedule from a centralized key management system.” (App. Br. 34 (citing Wilkins 124).) However, Wilkins’ paragraph 24 discloses an email encryption system that “requires the recipient of an encrypted communication to sign up with ... a centralized registry” and “sends an email notifying the user that an attached and encrypted sensitive message is pending decryption.” (See Wilkins 124.) Thus, we agree with the Examiner that Wilkins teaches the claimed receiving, from a centralized key management system (Wilkins’ centralized registry), a schedule designating time (a time when the user receives the encrypted message) that an action is to be taken (the actions of “login to retrieve a decryption key for each message,” “download the decryption key to decrypt the message each time they receive an encrypted message,” and “archiv[e] messages for regulatory compliance (e.g., Sarbanes Oxley, 14 Appeal 2017-004690 Application 14/034,010 Graham Leach Bliley, HIPAA, etc.) since the message itself will not reside in an ‘inbox’ in unencrypted form”). (See Wilkins 124; Final Act. 26 (citing Wilkins 124).) The claimed “schedule designating time that an action is to be taken” is broad, and does not exclude Wilkins’ real-time notification that an encrypted message is pending decryption. (See Wilkins 124.) Appellants further argue “neither Wilkins [n]or Bishop, singularly or combined, teach receiving the tri-part search criteria from a centralized key management system.” (App. Br. 35.) However, as discussed supra with respect to claim 1, we agree with the Examiner the combination of Wilkins and Bishop teaches a centralized key management system’s tri-part search criteria comprising a condition, a tag, and a state. Appellants also argue Wilkins does not teach an information packet comprising “a state associated with the received key file information, the state indicating further action to be taken with respect to the received key file information” recited in claim 17. (App. Br. 35—36.) We are not persuaded. As discussed supra with respect to claim 1, we agree with the Examiner that Wilkins teaches a state assigned to key files to indicate a further action (e.g., a deletion) to be taken with respect to those key files. Appellants contend Wilkins and Bishop do not teach the steps of claim 17 describing “what happens when the search criteria is received.” (App. Br. 36.) We are not persuaded by Appellants’ argument which merely recites the language of claim 17 and asserts the recited limitations are not found in the prior art, without presenting persuasive evidence or reasoning. 37 C.F.R. § 41.37(c)(l)(iv) (The arguments shall explain why the Examiner erred as to each ground of rejection contested by Appellants.) Additionally, as discussed supra with respect to claim 1, we agree with the Examiner that 15 Appeal 2017-004690 Application 14/034,010 Wilkins in combination with Bishop teaches: the claimed tri-part search criteria, and updating a state associated with a located key file information to, e.g., designate a key file (EK record) to be deleted; and transferring located key file information to a centralized key management system during a synchronization between the centralized key management system (Wilkins’ Key Exchange Server) and the user’s network device. (See Wilkins 132, 134—135, 201, 203—204, 206-207.) Wilkins also discloses the hash operations recited in claim 17. (Final Act. 28—29 (citing Wilkins 19); see also Wilkins 1167.) We are also not persuaded by Appellants’ argument that the Examiner’s combination of Wilkins and Bishop lacks articulated reasoning. (App. Br. 37.) As discussed supra with respect to claim 1, we agree with the Examiner that tagging Wilkins’ identified key files (EK records) with corresponding tags based on the record’s content (as taught by Bishop) would have been obvious to those skilled in the art. Accordingly, Appellants’ arguments have not persuaded us of error in the Examiner’s rejection of claim 17. Thus, we sustain the Examiner’s rejection of claim 17. Claims 18 and 19 Dependent claim 18, separately argued (App. Br. 37), recites “evaluating the state associated with the received key file information” and “perform at least one action designated by the state with respect to the information packet.” As discussed supra with respect to claims 1, 5, and 6, we agree with the Examiner that Wilkins teaches a state assigned to key files to indicate a further action (e.g., a deletion) to be taken with respect to those key files. As Appellants have failed to clearly distinguish the claimed 16 Appeal 2017-004690 Application 14/034,010 invention over the prior art relied on by the Examiner, we sustain the Examiner’s rejection of claim 18. Dependent claim 19, also separately argued (App. Br. 38), recites that “the at least one action designated by the state with respect to the information packet comprises a file management operation, a registry operation, or both a file management operation and a registry operation.” Thus, claim 19 requires an action comprising one of (i) a file management operation, (ii) a registry operation, or (iii) both a file management operation and a registry operation. As discussed supra with respect to claims 1 and 5, we agree with the Examiner that Wilkins teaches a state indicating a further action to be taken with respect to a key file, the action comprising a file management operation (e.g., a deletion instruction with respect to encryption key information, see Wilkins 1135), as required by claim 19. As Appellants have failed to clearly distinguish the claimed invention over the prior art relied on by the Examiner, we sustain the Examiner’s rejection of claim 19. Claim 20 With respect to dependent claim 20, we agree with the Examiner that Wilkins teaches multiple schedules comprising: (i) the claimed “schedule for retrieving configuration information” taught by Wilkins’ paragraph 11 that describes a schedule, set by a client application and automatically accepted by a server, for bi-directionally retrieving configuration information regarding encryption keys and certificates; and (ii) the claimed “schedule for uploading logged information to the centralized key management system” taught by Wilkins’ paragraph 22. Paragraph 22 describes a schedule for uploading a user’s logged information to a 17 Appeal 2017-004690 Application 14/034,010 centralized key management system of a trusted site (e.g., an online banking site holding the user’s account, or a medical site storing the user’s medical information), where the user’s legitimate upload may be subject to phishing attacks. (See Wilkins Ull, 22; Final Act. 30 (citing Wilkins Hll, 22).) Appellants’ arguments have not addressed these findings by the Examiner, and merely state that the cited portion of Wilkins’ “is not the same as” the claimed features, without persuasive evidence or reasoning as to why this would be the case. (App. Br. 39.) Thus, we are not persuaded the Examiner errs in the rejection of claim 20 and, therefore, sustain the Examiner’s rejection of claim 20. DECISION We affirm the Examiner’s decision rejecting claims 1—20 under 35U.S.C. § 103(a). No time period for taking any subsequent action in connection with this appeal may be extended under 37 C.F.R. § 1.136(a)(l)(iv). AFFIRMED 18 Copy with citationCopy as parenthetical citation
