12049303 (P.T.A.B. Jun. 3, 2016)

Ex Parte Janakiraman et al

Patent Trial and Appeal BoardJun 3, 2016

12049303 (P.T.A.B. Jun. 3, 2016)

UNITED STA TES p A TENT AND TRADEMARK OFFICE APPLICATION NO. FILING DATE FIRST NAMED INVENTOR 12/049,303 03/15/2008 133905 7590 06/07/2016 IBM CORPORATION- POUGHKEEPSIE (JVL) C/O LESLIE A. VAN LEEUWEN 6123 PEBBLE GARDEN CT. AUSTIN, TX 78739 J anani J anakiraman UNITED STATES DEPARTMENT OF COMMERCE United States Patent and Trademark Office Address: COMMISSIONER FOR PATENTS P.O. Box 1450 Alexandria, Virginia 22313-1450 www .uspto.gov ATTORNEY DOCKET NO. CONFIRMATION NO. AUS920050057US2 6625 EXAMINER JHA VER!, JA YESH M ART UNIT PAPER NUMBER 2433 NOTIFICATION DATE DELIVERY MODE 06/07/2016 ELECTRONIC Please find below and/or attached an Office communication concerning this application or proceeding. The time period for reply, if any, is set in the attached communication. Notice of the Office communication was sent electronically on above-indicated "Notification Date" to the following e-mail address( es): leslie@vI-patents.com PTOL-90A (Rev. 04/07) UNITED STATES PATENT AND TRADEMARK OFFICE BEFORE THE PATENT TRIAL AND APPEAL BOARD Ex parte JANANI JANAKIRAMAN and MARTING. SCHMIDT1 Appeal2015-001265 Application 12/049,303 Technology Center 2400 Before MICHAEL J. STRAUSS, MICHAEL M. BARRY, and DAVID J. CUTITTA II, Administrative Patent Judges. CUTITTA, Administrative Patent Judge. DECISION ON APPEAL This is an appeal under 35 U.S.C. Â§ 134(a) from the Examiner's decision rejecting claim 1, 3-6, 8-11, 13, 14, 16, 18, and 19. Claims 2, 7, 12, 15, 17, and 20 are cancelled. We have jurisdiction over this appeal under 35 U.S.C. Â§ 6(b ). We AFFIRM.2 1 According to Appellants, the real party in interest is International Business Machines Corporation. See Appeal Brief 2. 2 Throughout this Opinion, we refer to: (1) Appellants' Specification filed March 15, 2008 ("Spec."); (2) the Final Office Action ("Final Act.") mailed February 4, 2014; (3) the Appeal Brief ("Appeal Br.") filed June 25, 2014; Appeal2015-001265 Application 12/049,303 BACKGROUND Appellants' application relates to a system and method for dynamically computing a user's dynamic user security value along with a resource's resource security value, and granting the user access to the resource based upon the computed values. Spec. i-f 2. Claims 1, 11, and 16 are independent claims. Claim 1 is representative and is reproduced below with disputed limitations emphasized: 1. A computer-implemented method comprising: receiving a resource request from a user, the resource request corresponding to a resource and including a request condition; determining, by a processor, which one of a plurality of user security formulas to select according to the request condition; selecting, by the processor, one of the plurality of user security formulas in response to the determination; computing, by the processor using the selected user security formula and a user attribute value, a dynamic user security value that corresponds to the user; computing, by the processor, a resource security value that corresponds to the resource; determining whether to grant the user access to the resource based upon the dynamic user security value and the resource security value; and granting the user access to the resource in response to the determination. (4) the Examiner's Answer ("Ans.") mailed August 22, 2014; and (5) the Reply Brief ("Reply Br.") mailed October 18, 2014. 2 Appeal2015-001265 Application 12/049,303 REFERENCE The prior art relied upon by the Examiner in rejecting the claims on appeal: Al-Salqan et al. (hereinafter US 6,687,823 Bl "Al-Salqan") Banzhof et al. (hereinafter US 7,278,163 B2 "Banzhof') REJECTIONS Feb.3,2004 Oct. 2, 2007 Claims 1, 11, and 16 stand rejected under 35 U.S.C. Â§ 102(b) as being anticipated by Al-Salqan. See Final Act. 8-11. Claims 3---6, 8-10, 13, 14, 18, and 19 are rejected under 35 U.S.C. 103(a) as being unpatentable over Al-Salqan in view of Banzhof. See Final Act. 11-19. Our review in this appeal is limited only to the above rejections and issues raised by the Examiner and Appellants. We have not considered other possible issues that have not been raised by Appellants or the Examiner and which are therefore not before us. See 37 C.F.R. Â§ 41.37(c)(l)(iv). ISSUES 1. Did the Examiner err in finding that Al-Salqan discloses "determining, by a processor, which one of a plurality of user security formulas to select according to the request condition" as recited in claim 1? 2. Did the Examiner err in finding that Al-Salqan discloses "computing, by the processor using the selected user security formula and a user attribute value, a dynamic user security value that corresponds to the user," as recited in claim 1? 3 Appeal2015-001265 Application 12/049,303 3. Did the Examiner err in finding that the combination of Al- Salqan and Banzhof teaches or suggests "wherein the request condition is selected from the group consisting of a user status, a group membership, a time-of-day, and a user location," as recited in claim 5? 4. Did the Examiner err in finding that the combination of Al- Salqan and Banzhof teaches or suggests "[the] method of claim 1 wherein the selected user security formula includes a login location attribute variable multiplied by an administrator-specified weighting, the login location attribute corresponding to a relative login location of the user," as recited in claim 6? DISCUSSION After review of Appellants' arguments and the Examiner's findings and reasoning, we determine that Appellants have not identified reversible error in the Examiner's rejection. Accordingly, we affirm the rejection for reasons set forth by the Examiner in the Final Office Action and the Answer. See generally, Final Act. 2-11; Ans. 2-14. We add the following for emphasis and completeness. Claims 1, 3-6, 8-10, 11, 13, 14, 16, 18, and 19 In rejecting claim 1, the Examiner relies upon Al-Salqan's authentication system, which allocates a strength and/or a priority to each of several authentication tests according to a weighted formula set forth at column 4, authentication formula (1 ), to disclose the determining of "one of a plurality of user security formulas." Appeal Br. 6-7 (citing Al-Salqan col. 4, 11. 18-57). Examples of Al-Salqan's authentication tests include SSL v 3.0, Kerberos, and a user-provided password. Al-Salqan col. 3, 11. 5-12. 4 Appeal2015-001265 Application 12/049,303 The Examiner finds that one of the authentication tests may be selected by weighting the other two tests with a zero value according to the weighted value formula set forth at column 4, authentication formula (1 ). Appeal Br. 6-7. Appellants argue "Al-Salqan only discloses use of a single formula, which is an incrementing formula, in column 4, line 30 to compute a user's authentication score." Reply Br. 2. We disagree, because authentication formula ( 1) is not used in and of itself for authentication testing, but rather is used to determine which of Al-Salqan's authentication tests (e.g., SSL, Kerberos, or user/password) to implement based on whether one or more previous tests have succeeded. See Examiner's finding at Ans. 7. Appellants further argue Al-Salqan does not disclose determining "which one of a plurality of user security formulas to select according to the request condition," (emphasis added), as recited in claim 1. Reply Br. 3. Specifically, Appellants argue Al-Salqan's incrementing (i.e., authentication) formula never computes a value using the test and a user attribute value, but rather computes a value based only upon the outcome of the test. Id. The Examiner finds, and we agree, that the set of authentication tests to be presented to a user by Al-Salqan's authentication formula (1) is "based on various factors (request conditions) such as who the user is (user role, group, privileges etc.), and on factors associated with the requested resource such as level of connectivity, level of resource access required, security status, document (resource) sensitivity and classification." Ans. 7 (citing Al- Salqan col. 2 11. 52-67 and col. 6, 11. 15--49). Therefore, under a broad but reasonable interpretation, Al-Salqan's authentication formula (1) that is 5 Appeal2015-001265 Application 12/049,303 based on these various factors discloses computing a value according to a request condition. Accordingly we agree with the Examiner's finding that Al-Salqan discloses "determining, by a processor, which one of a plurality of user security formulas to select according to the request condition" as recited in claim 1. We therefore find issue 1 unpersuasive of Examiner error. In connection with issue 2, the Examiner finds Al-Salqan's discussion of providing different resources to different users based on user characteristics to disclose "computing, by the processor using the selected user security formula and a user attribute value, a dynamic user security value," as recited in claim 1. Final Act. 8 and Ans. 7-8 (collectively citing Al-Salqan col. 2, 11. 9-24, col. 2, 1. 51- col. 3, 1. 20, col. 4, 11. 18--47, and col. 6, 11. 15-50). Al-Salqan discusses that when multiple users are present, users who seek access to different portions of a resource may optionally be presented with different sequences of authentication tests to determine the portion of the resource to which each user will be granted access. Al-Salqan col. 6, 11. 15-50. For example, the Examiner finds Al-Salqan's authentication system considers user attributes when granting access by granting users access to different portions of a given confidential document affecting national security based on each user having a different "need to know." Ans. 8 (citing Al-Salqan col. 6, 11. 15-50). Appellants argue that "Al-Salqan administers tests to a user and computes a test score without inclusion of a user attribute value" because Al-Salqan's connection types "pertain to which test to administer to a user and has nothing to do with a user attribute value." App. Br. 8. Appellants, however, provide insufficient evidence the Examiner's finding that Al- 6 Appeal2015-001265 Application 12/049,303 Salqan's authentication system does consider user attributes by granting user access on a "need to know basis" is erroneous. That is, in the absence of sufficient evidence or reasoning explaining why, under a broad but reasonable interpretation, Al-Salqan's consideration of user attributes to provide access to resources on a need to know basis fails to disclose the disputed user attribute value, Appellants' argument is unpersuasive. Accordingly, we sustain the Examiner's 3 5 U.S. C. Â§ 102(b) rejection of claim 1. We also sustain the Examiner's 35 U.S.C. Â§ 102(b) rejection of claims 11 and 16, which Appellants argue is patentable for the same reasons. See App. Br. 8. Appellants do not make any other substantive argument regarding the rejection of dependent claims 3, 4, 8, 9, 10, 13, 14, 18, and 19. See App. Br. 8. Therefore, we likewise sustain the rejections of these dependent claims under 35 U.S.C. 103(a). Claim 5 In rejecting claim 5, the Examiner finds the combination of Al-Salqan and Banzhof teaches or suggests "wherein the request condition is selected from the group consisting of a user status, a group membership, a time-of- day, and a user location." Final Act. 14 (citing Al-Salqan col. 2, 11. 9-24, col. 2, 1. 51- col. 3, 1. 20, and col. 4, 11. 18--47). Specifically, the Examiner relies on Banzhof to teach "a user location" and finds Al-Salqan "teaches that the set of formulae or test to be presented to any user is based on various factors (request conditions) such as who the user is (user role, group, status/privileges, past behavior etc. for defining the user authorization level), and on factors associated with the requested resource such as level of connectivity, level of resource access required or allowed, security status, 7 Appeal2015-001265 Application 12/049,303 document (resource) sensitivity and classification etc." Ans. 12 (citing Al- Salqan col. 2, 11. 52----67 and col. 6, 11. 15--49). Appellants contend that the Examiner errs because "[a]lthough Al- Salqan may discuss user status, group membership, and time-of-day within Al-Salqan's specification, Al-Salqan never teaches or suggests using such items to select a user security formula from a plurality of user security formulas as claimed." App. Br. 9. As discussed above, the Examiner finds, and we agree, that the set of authentication tests to be presented to a user by Al-Salqan's weighted authentication formula (1), is based on various factors (request conditions) such as who the user is (user role, group membership, privileges, past behavior and the like). See Ans. 12 (citing Al-Salqan col. 2, 11. 52-67). Moreover, Appellants admit Al-Salqan discusses user status, group membership, and time-of-day. App. Br. 9. We agree, therefore, that Al- Salqan teaches or suggests a request condition may be "a user status," "a group membership," and "a time-of-day," as recited in claim 5. Further, the Examiner notes that "only one of the above request conditions is required to determine the set of formulae or tests as per the claimed limitation. Ans. 12. That is, because the enumerated four request conditions of claim 5 are presented as a Markush group, only one member of the Markush group need be shown in the prior art for that group as a whole to be considered to be known, used or described in the prior art for purposes of an obviousness analysis. In re Skol!, 523 F.2d 1392, 1397 (CCPA 1975); see also Fresenius USA, Inc. v. Baxter Int'!, Inc., 582 F.3d 1288, 1298 (Fed. Cir. 2009) ("Element (a) is written in Markush form, such that the entire 8 Appeal2015-001265 Application 12/049,303 element is disclosed by the prior art if one alternative in the Markush group is in the prior art."). Accordingly, we agree with the Examiner that the combination of Al- Salqan and Banzhof teaches or suggests "wherein the request condition is selected from the group consisting of a user status, a group membership, a time-of-day, and a user location," while noting the Examiner demonstrates that Banzhof teaches "a user location" and Al-Salqan teaches "a user status," "a group membership," and "a time-of-day," of the Markush group. We therefore sustain the Examiner'sÂ§ 103(a) rejection of claim 5. Claim 6 In rejecting claim 6, the Examiner finds that the combination of Al- Salqan and Banzhof teaches or suggests "wherein the selected user security formula includes a login location attribute variable multiplied by an administrator-specified weighting, the login location attribute corresponding to a relative login location of the user," Final Act. 15-16 (citing Al-Salqan col. 2, 11. 9-24, col. 2, 1. 51- col. 3, 1. 20, and col. 4, 11. 18--47). Specifically, the Examiner finds Banzhof teaches "the selected user security formula includes a login location attribute variable multiplied by an administrator- specified weighting, the login location attribute corresponding to a relative login location of the user." Final Act. 16 (citing Banzhof col. 5, 11. 25-35, col. 7, 11. 7-51, and col. 8, 1. 57-col. 9, 1. 8). Appellants contend that the Examiner erred because "Banzhof never teaches or suggests using a current login location of a user to determine a user security value and, therefore, never teaches or suggests 'wherein the selected user security formula includes a login location attribute variable multiplied by an administrator-specified weighting, the login location 9 Appeal2015-001265 Application 12/049,303 attribute corresponding to a relative login location of the user' as claimed." App. Br. 10-11. Appellants further contend the term "geopolitical" is vague with respect to user location. Reply Br. 4--5. We find Appellants' argument unpersuasive. The Examiner finds, and we agree, that Banzhof discusses evaluating risk based on user location because Banzhof discusses risk based on human factors such as, but not limited to, a geopolitical factor. See Banzhof col. 5, 11. 25-35 (cited in Final Act. 16). We disagree with the contention that Banzhof' s use of the term geopolitical is vague with respect to user location noting that Banzhof further clarifies that the risk assessment "evaluates risk factors to each of the devices based on ... a location from which each of the devices accesses the computer network and a mobility of each of the devices." Banzhof col. 16, 11. 32-37 (emphasis added). We therefore sustain the Examiner'sÂ§ 103(a) rejection of claim 6. DECISION We affirm the Examiner's decision rejecting claims 1, 11, and 16 under 35 U.S.C. Â§ 102(b) as being anticipated by Al-Salqan. We affirm the Examiner's decision rejecting 3---6, 8-10, 13, 14, 18, and 19 under 35 U.S.C. 103(a) as being unpatentable over Al-Salqan in view ofBanzhof. AFFIRMED 10