10347774 (B.P.A.I. Sep. 13, 2010)

Ex Parte Himmel et al

Board of Patent Appeals and InterferencesSep 13, 2010

10347774 (B.P.A.I. Sep. 13, 2010)

UNITED STATES PATENT AND TRADEMARK OFFICE ____________ BEFORE THE BOARD OF PATENT APPEALS AND INTERFERENCES ____________ Ex parte BENJAMIN ANDREW HIMMEL, MARIA AZUA HIMMEL, HERMAN RODRIGUEZ, and NEWTON JAMES SMITH JR. ____________ Appeal 2009-006154 Application 10/347,774 Technology Center 2400 ____________ Before JOSEPH L. DIXON, JAY P. LUCAS, and STEPHEN C. SIU, Administrative Patent Judges. DIXON, Administrative Patent Judge. DECISION ON APPEAL1 1 The two-month time period for filing an appeal or commencing a civil action, as recited in 37 C.F.R. § 1.304, or for filing a request for rehearing, as recited in 37 C.F.R. § 41.52, begins to run from the “MAIL DATE” (paper delivery mode) or the “NOTIFICATION DATE” (electronic delivery mode) shown on the PTOL-90A cover letter attached to this decision. Appeal 2009-006154 Application 10/347,774 2 The Appellants appeal under 35 U.S.C. § 134(a) from a Final rejection of claims 1-24. We have jurisdiction under 35 U.S.C. § 6(b). We Affirm. I. STATEMENT OF THE CASE The Invention The invention at issue on appeal relates to a method, computer program product, and apparatus for securely accessing computer resources (Spec. 1). The Illustrative Claim Claim 1, an illustrative claim, reads as follows: 1. A method of controlling access to a resource, the method comprising: creating a security object in dependence upon user-selected security control data types, the security object comprising security control data and at least one security method; receiving a request for access to the resource; receiving, over a randomly selected sequence of radio frequencies, security request data in at least one packet; and providing access to the resource in dependence upon the security control data and the security request data. Appeal 2009-006154 Application 10/347,774 3 The References The Examiner relies on the following references as evidence: Foley US 2002/0087894 A1 Jul. 4, 2002 Izumi US 6,870,874 B2 Mar. 22, 2005 Clark US 6,934,388 B1 Aug. 23, 2005 The Rejections The following rejections are before us for review: Claims 1-3, 5, 6, 9-11, 13, 14, 17-19, 21, and 22 stand rejected under 35 U.S.C. § 103(a) as being unpatentable over the combination of Foley and Clark. Claims 4, 7, 8, 12, 15, 16, 20, 23, and 24 stand rejected under 35 U.S.C. § 103(a) as being unpatentable over the combination of Foley, and Clark in view of Izumi. Only those arguments actually made by the Appellants have been considered in this decision. Arguments which the Appellants could have made but chose not to make in the Briefs have not been considered and are deemed to be waived. See 37 C.F.R. § 41.37 (c)(1)(vii) (2008). II. ISSUE Has the Examiner erred in finding that the combination of Foley and Clark teaches or fairly suggests “creating a security object in dependence upon user-selected security control data types, the security object comprising security control data and at least one security method” and “providing access Appeal 2009-006154 Application 10/347,774 4 to the resource in dependence upon the security control data and the security request data,” as recited in claim 1? III. PRINCIPLES OF LAW Scope of Claim During prosecution before the USPTO, claims are to be given their broadest reasonable interpretation, and the scope of a claim cannot be narrowed by reading disclosed limitations into the claim. See In re Morris, 127 F.3d 1048, 1054 (Fed. Cir. 1997). The Office must apply the broadest reasonable meaning to the claim language, taking into account any definitions presented in the specification. In re Am. Acad. of Sci. Tech Ctr., 367 F.3d 1359, 1364 (Fed. Cir. 2004) (citing In re Bass, 314 F.3d 575, 577 (Fed. Cir. 2002)). “Giving claims their broadest reasonable construction ‘serves the public interest by reducing the possibility that claims, finally allowed, will be given broader scope than is justified.’” Id. (quoting In re Yamamoto, 740 F.2d 1569, 1571 (Fed. Cir. 1984)). “Construing claims broadly during prosecution is not unfair to the applicant . . . because the applicant has the opportunity to amend the claims to obtain more precise claim coverage.” Id. The PTO's construction here, though certainly broad, is unreasonably broad. The broadest construction rubric coupled with the term ‘comprising’ does not give the PTO an unfettered license to interpret claims to embrace anything remotely related to the claimed invention. Rather, claims should always be read in light of the specification and teachings in the underlying patent. See Schriber- Appeal 2009-006154 Application 10/347,774 5 Schroth Co. v. Cleveland Trust Co., 311 U.S. 211, 217, 61 S.Ct. 235, 85 L.Ed. 132 (1940). (In re Suitco Surface, Inc., No. 2009-1418, 2010 WL 1462294, at 4 (Fed. Cir. 2010).) Obviousness “Obviousness is a question of law based on underlying findings of fact.” In re Kubin, 561 F.3d 1351, 1355 (Fed. Cir. 2009). The underlying factual inquiries are: (1) the scope and content of the prior art, (2) the differences between the prior art and the claims at issue, (3) the level of ordinary skill in the pertinent art, and (4) secondary considerations of nonobviousness. KSR Int’l Co. v. Teleflex Inc., 550 U.S. 398, 406 (2007) (citation omitted). IV. FINDINGS OF FACT The following findings of fact (FFs) are supported by a preponderance of the evidence. Foley 1. Foley discloses an object “user preference” stored in an object- oriented database: The user preference may be stored in a database, and the system may use a database call to confirm the user's pre- selected method of authentication (step 303). A data base call may include, e.g., back-up data, tracking information, and/or Appeal 2009-006154 Application 10/347,774 6 the like. A database may be any type of database, such as relational, hierarchical, object-oriented, and/or the like. ([0034]) (Emphases added). 2. Foley also discloses the object of user preference includes/indicates a security method for authentication: FIG. 3 illustrates a method for determining the authentication method pre-set by the user in accordance with an exemplary embodiment of the present invention. The system retrieves a user preference from a database, where the user preference indicates one or more authentication methods pre-set by the user (step 303). For example, if the user has pre-selected the user identification and password method of authentication, then the user preference is the user identification and password method of authentication is retrieved. ([0033], fig. 3) (Emphases added). 3. Foley further discloses a security control data (security levels such as days of year) stored with the user preference object: [I]n another exemplary embodiment of the present invention illustrated in FIG. 4, the user may also select an authentication method based on a particular service, such that the user's pre- set authentication method is different for various restricted services or access, for different times of day, days of the year, and/or the like. ([0038], fig. 3) (Emphases added). Appeal 2009-006154 Application 10/347,774 7 4. Foley still further teaches that The exemplary embodiment illustrated in FIG. 3 assumes that the smart card and PIN authentication method is the user's pre- selected method of authentication (step 305). Of course, any other authorization method can be the user's pre-selected method of authorization depending on the user's needs. In this way, the system prompts the user to input data into the system in connection with the user's pre-set authorization method (step 307). For example, the system prompts the user with a dialog box which requests that the user utilizes the smart card and PIN authentication method to authenticate the user (step 307). ([0035], fig. 3) (Emphases added). 5. Foley also further discloses that the communication between the user and the resource/database can be wireless, Blue Tooth, or internet communication ([0042]). Clark 6. Clark discloses that utilizing randomly selected sequence of radio frequencies is well known (col. 1, ll. 21-43). V. ANALYSIS The Appellants have the opportunity on appeal to the Board of Patent Appeals and Interferences (BPAI) to demonstrate error in the Examiner’s position. See In re Kahn, 441 F.3d 977, 985-86 (Fed. Cir. 2006) (citing In re Rouffet, 149 F.3d 1350, 1355 (Fed. Cir. 1998)). The Examiner sets forth a detailed explanation of a reasoned conclusion of unpatentability in the Examiner’s Answer. Therefore, we look Appeal 2009-006154 Application 10/347,774 8 to the Appellants’ Brief to show error in the proffered reasoned conclusion. Id. Grouping of Claims The Appellants elected to argue claims 1-3, 5, 6, 9-11, 13, 14, 17-19, 21, and 22 together as a group (App. Br. 5). Therefore, we select independent claim 1 as the representative claim for this group, and we will address the Appellants’ arguments with respect thereto. 37 C.F.R. § 41.37 (c)(1)(vii). See In re Nielson, 816 F.2d 1567, 1572 (Fed. Cir. 1987). 35 U.S.C. § 103(a) rejections With respect to claim 1, the Appellants contend that Foley fails to teach a claimed step of creating a security object because “[in] fact, Foley does not even mention the words ‘security object’ at any point,” nor does Foley discloses or suggests a security method as described in the specification (App. Br. 6). The Appellants further contend that Foley’s database call to confirm the user preference does not suggest “creating a security object” as claimed, nor does Foley, in cited paragraphs, teaches creating a security object in dependence upon user-selected security control data type (App. Br. 9). We disagree with the Appellants’ contentions. We start our analysis with claim construction. We, in light of the Specification, broadly yet reasonably construe the claim limitation “creating a security object” as either Appeal 2009-006154 Application 10/347,774 9 creating an object related to security or creating an instance of an object related to security in an object-oriented environment. We also broadly yet reasonably construe the claim limitation “security method” as any method used or included by the security object; “security data” as any data relates to the security method or the security object. We find Foley teaches that the user preference can be stored in an object-oriented database, and thus the user preference is clearly an object (FF 1). In addition, a database call directs to the object ‘user preference” or creating an instance of user preference object to confirm a method of authentication (security) (FF 1). Thus, the user preference is a security object under our claim construction. We also find Foley teaches that the user preference object (security object) has the user pre-selected authentication method (security method) (FF 2), and the security settings of times or days for accessing (security control data) (FF 3). Finally, creating the security object, the user preference, is in response to the user-selected control data type (smart card and pin) (FF 4). As such, we conclude that Foley teaches the disputed limitations as contended above, under our claim construction. The Appellants further contend that Foley neither discloses nor suggests providing access to the resource in dependence upon the security control data and the security requested data as claimed (App. Br. 9). We disagree with the Appellants’ contention. We find Foley teaches that the authentication of the user for accessing is based upon the security Appeal 2009-006154 Application 10/347,774 10 control data (FF 3) and the security request data (input data by the user) (FF 4). As such, we also conclude that Foley teaches the disputed limitations contended above. We also find that Foley teaches the limitations of receiving, over a radio frequency, or internet (note that a data packet is inherent for internet)(FF 5), the security control data (FF 3) and the security requested data (FF 4). We further find that Clark teaches that selecting a random sequence among the radio frequencies was well known (FF 6). The Supreme Court noted that one of ordinary skill in the art is also a person of ordinary creativity, not an automaton. KSR, 550 U.S. at 421. It would have been obvious at the time the invention was made to use a randomly selected radio sequence among multiple frequencies, as taught by Clark, to communicate the authentication data between a user and a database, as taught by Foley. This would predictably increase the security of the system, a result that both Foley and Clark teach to be desirable. We, therefore, find that combining the well-known elements of randomly selecting a radio frequency to communicate data with the well-known technique of creating a security object with a user-preselected security method and security control data for authentication is nothing more than a “predictable use of prior art elements according to their established functions.” KSR, 550 U.S., at 417. Accordingly, we sustain the Examiner’s obviousness rejection of claim 1. We also sustain the Examiner’s obviousness rejection of independent claims 9, and 17 which contain similar limitations, and the Appeal 2009-006154 Application 10/347,774 11 Appellants present similar arguments thereto. We also sustain the Examiner’s obviousness rejection of its dependent claims 2-8, 10-16, and 18-24, which have not been separately argued, and fall with its base claims. 37 C.F.R. § 41.37 (c)(1)(vii). See In re Nielson, 816 F.2d 1567, 1572 (Fed. Cir. 1987). VII. CONCLUSION Accordingly, based on our consideration of the totality of the record before us, we have weighed the evidence of obviousness found in the combined teachings the applied references, with Appellants’ countervailing evidence and arguments for nonobviousness and conclude that the claimed invention encompassed by appealed claims 1-24 would have been obvious as a matter of law under 35 U.S.C. § 103(a). VIII. ORDER We affirm the obviousness rejections of claim 1-24 under 35 U.S.C. § 103(a). No time period for taking any subsequent action in connection with this appeal may be extended under 37 C.F.R. § 1.136 (a). See 37 C.F.R. § 1.136(a)(1)(iv). AFFIRMED Appeal 2009-006154 Application 10/347,774 12 tkl INTERNATIONAL CORP (BLF) c/o BIGGERS & OHANIAN, LLP P.O. BOX 1469 AUSTIN TX 78767-1469