Ex Parte Hogan et alDownload PDFPatent Trial and Appeal BoardMar 11, 201310286720 (P.T.A.B. Mar. 11, 2013) Copy Citation UNITED STATES PATENT AND TRADEMARK OFFICE ____________________ BEFORE THE PATENT TRIAL AND APPEAL BOARD ____________________ Ex parte DIRK J. HOGAN and DAVID COX Appeal 2010-0105701 Application 10/286,720 Technology Center 2400 ____________________ Before JEAN R. HOMERE, JOHNNY A. KUMAR and BRYAN F. MOORE, Administrative Patent Judges. HOMERE, Administrative Patent Judge. DECISION ON APPEAL 1 The real party in interest is Hewlett-Packard Development Company, LP. (App. Br. 2.) Appeal 2010-010570 Application 10/286,720 2 I. STATEMENT OF THE CASE Appellants appeal under 35 U.S.C. § 134(a) from the Examiner’s Final Rejection of claims 1, 3, 4, 6-16, 18, and 19. Claims 2, 5, 17, and 20- 22 have been canceled. (App. Br. 4.) We have jurisdiction under 35 U.S.C. § 6(b). We affirm. Appellants’ Invention Appellants invented a computer-based network that utilizes a server (16) for controlling user’s access to functionality in an application program (26). In particular, a server database stores authorization information for a plurality of protected objects, wherein one of the protected objects defines a set of privileged actions that a principal is authorized to perform on the application program. (Fig. 1, [0004].) Illustrative Claim Independent claim 1 further illustrates the invention. It reads as follows: 1. A computer-based network, comprising: a management server that includes an authorization and authentication module that controls access to functionality of an application program; and a database that stores authorization information for a plurality of protected objects in a common table, wherein a single protected object is a permission set that defines a set of privileged actions that a principle is authorized to perform on multiple objects throughout an entire functional category of the application program for which the principal is authorized relative to that Appeal 2010-010570 Application 10/286,720 3 protected object, the permission set controlling access to functionality of the application program and including a privilege to read and a privilege to write. Prior Art Relied Upon Brown et al. 5,941,947 Aug. 24, 1999 Helland et al. 6,014,666 Jan. 11, 2000 Rejection on Appeal The Examiner rejects claims 1, 3, 4, 6-16, 18, and 19 under 35 U.S.C. § 103(a) as being unpatentable over the combination of Brown and Helland. ANALYSIS We consider Appellants’ arguments seriatim as they are presented in the Appeal Brief, pages 11-16, and the Reply Brief, pages 2-3. Dispositive Issue: Under 35 U.S.C. § 103, did the Examiner err in finding that the combination of Brown and Helland teaches or suggests a single protected object that defines a set of privileged actions that a principal is authorized to perform to access functionality of an application program, as recited in claim 1? Appellants argue that neither Brown nor Helland teaches or suggests the disputed limitations emphasized above. (App. Br. 13-15, Reply Br. 2-3.) In particular, Appellants argue that while Brown and Helland disclose a traditional access control list that defines a set of permitted actions (e.g. read, write) each individual user is authorized to perform upon an application, the cited references do not teach a single protected object that Appeal 2010-010570 Application 10/286,720 4 defines such permitted actions. (Id.) According to Appellants, at best, Helland teaches assigning a role to a class of users that are invoked when a name associated with the role is called. (App. Br. 14, Reply Br. 2.) Thus, Appellants submit that while Helland teaches invoking a name to grant permission to users in an entire group, Helland does not teach a single object that defines a set of privileged actions. (Id.) In response, the Examiner finds that Helland’s disclosure of a developer defining access privileges for users (tellers and managers) to access different functionalities of an online-banking server application depending on the defined role of the user teaches the disputed limitations. (Ans. 25-27.) Based upon our review of the record before us, we agree with the Examiner’s underlying factual findings and ultimate conclusion of obviousness regarding claim 1. In particular, we find that Helland discloses storing a plurality of protected objects (manager, teller, customer) stored in a server database wherein a single object (the manager) is defined to perform a set of authorized actions (e.g. deposits, withdrawals) on accounts of the protected objects thereby controlling access to functionalities of an application server program. (Col. 15, ll. 43-56, col. 21, ll. 27-31.) We therefore find that because Helland’s disclosure teaches that the manager is a protected object that defines a set of privileged actions that a principal is authorized to perform on two or more protected objects thereby controlling the access to the objects in the application server program, we agree with the Examiner that Helland teaches the disputed limitations. It follows that the Appeal 2010-010570 Application 10/286,720 5 Examiner did not err in rejecting claim 1 over the combination of Helland and Brown. Regarding claims 3, 4, 6-16, 18, and 19, Appellants reiterate substantially the same arguments submitted for patentability of claim 1 above. (App. Br. 15.) As discussed above, these arguments are not persuasive. See 37 C.F.R. § 1.37(c)(1)(vii). Further, while Appellants raised additional arguments for patentability of the cited claims, we find that the Examiner has rebutted in the Answer each and every one of those arguments by a preponderance of the evidence. (Ans. 27.) Therefore, we adopt the Examiner’s findings and underlying reasoning, which are incorporated herein by reference. Consequently, we have found no error in the Examiner’s rejections of claims 3, 4, 6-16, 18, and 19. DECISION We affirm the Examiner’s obviousness rejections of claims 1, 3, 4, 6- 16, 18, and 19 as set forth above. No time period for taking any subsequent action in connection with this appeal may be extended under 37 C.F.R. § 1.136(a)(1)(iv). AFFIRMED tj Copy with citationCopy as parenthetical citation
