Ex Parte Janssen et alDownload PDFPatent Trial and Appeal BoardMar 23, 201612532799 (P.T.A.B. Mar. 23, 2016) Copy Citation UNITED STA TES p A TENT AND TRADEMARK OFFICE APPLICATION NO. FILING DATE 12/532,799 09/03/2010 22186 7590 03/23/2016 MENDELSOHN DUNLEAVY, P,C 1500 JOHN F. KENNEDY BL VD., SUITE 312 PHILADELPHIA, PA 19102 FIRST NAMED INVENTOR Bob Janssen UNITED STATES DEPARTMENT OF COMMERCE United States Patent and Trademark Office Address: COMMISSIONER FOR PATENTS P.O. Box 1450 Alexandria, Virginia 22313-1450 www .uspto.gov ATTORNEY DOCKET NO. CONFIRMATION NO. DVME-1036US 1618 EXAMINER DELI CH, STEPHANIE ZAGARELLA ART UNIT PAPER NUMBER 3623 MAILDATE DELIVERY MODE 03/23/2016 PAPER Please find below and/or attached an Office communication concerning this application or proceeding. The time period for reply, if any, is set in the attached communication. PTOL-90A (Rev. 04/07) UNITED STATES PATENT AND TRADEMARK OFFICE BEFORE THE PATENT TRIAL AND APPEAL BOARD Ex parte BOB JANSSEN and ADRIE SWEEP Appeal2014-003041 Application 12/532,799 1 Technology Center 3600 Before MURRIEL E. CRAWFORD, JOSEPH A. FISCHETTI, and BIBHU R. MOHANTY, Administrative Patent Judges. FISCHETTI, Administrative Patent Judge. DECISION ON APPEAL STATEMENT OF THE CASE Appellants seek our review under 35 U.S.C. § 134 of the Examiner's final rejection of claims 1-5 and 7. We have jurisdiction under 35 U.S.C. § 6(b ). SUMMARY OF DECISION We REVERSE. THE INVENTION Appellants claim a method and system for determining entitlements of persons to resources of an organization and a computer program product 1 Appellants identify Real Enterprise Solutions B.V. as the real party in interest. (Appeal Br. 1 ). Appeal2014-003041 Application 12/532,799 comprising program code portions for performing steps of such a method. (Spec. 1, 11. 2---6). Claim 1 reproduced below, is representative of the subject matter on appeal. 1. A method of determining one or more valid entitlements for one or more persons or roles to one or more resources of an organization using a computer system, wherein said computer system comprises an inference engine and a) an organizational model database containing organizational classification data defining one or more aspects of said organization; b) a person database containing: - person identification data of at least one person of said organization, and - person classification data, said person classification data comprising at least one of: - said organizational classification data defining one or more of said aspects of said organization for said person; and - role classification data defining one or more roles of said person in said organization; c) a role database containing: - said role classification data comprising at least -organization classification data defining one or more aspects of said organization for roles available in said organization, and - role constraint data related to at least one of: - said organizational classification data constraining one or more of said available roles to one or more of said aspects of said organization, and - said person classification data constraining one or more of said available roles to one or more of said persons, and 2 Appeal2014-003041 Application 12/532,799 d) an entitlement database containing: - entitlement identification data defining said one or more resources of said organization, and - entitlement constraint data related to at least one of: - said organizational classification data constraining entitlement to said one or more resources to one or more of said aspects of said organization; - said role classification data constraining entitlement to said one or more resources to one or more of said available roles in said organization, and - said person classification data constraining entitlement to said one or more resources to one or more of said persons, the method comprising the steps of: feeding at least one of said person classification data, said role classification data, said role constraint data and said entitlement constraint data to said inference engine, if said person classification data further comprises entitlement classification data defining one or more entitlements for said person and/or said role classification data comprises entitlement classification data defining one or more entitlements for said role, said inference engine determining whether said entitlement classification data is valid based on whether constraints of said role constraint data and said entitlement data are met to obtain an inference result set defining said valid entitlements for said persons of said organization, and otherwise said inference engine determining the entitlement classification data defining one or more entitlements for said person and/or defining one or more entitlements for said role based on the fed data to obtain an inference result set defining said valid entitlements for said persons of said organization. 3 Appeal2014-003041 Application 12/532,799 THE REJECTIONS The Examiner relies upon the following as evidence of unpatentability: Helland Kuhn Patrick US 6,014,666 Jan. 11, 2000 US 6,023,765 Feb. 8, 2000 US 2002/0188869 Al Dec. 12, 2002 The following rejections are before us for review. Claims 1, 4, 5, and 7 are rejected under 35 U.S.C. § 103(a) as unpatentable over Helland and Patrick. Claims 2 and 3 are rejected under 35 U.S.C. 103(a) as unpatentable over Helland, Patrick and Kuhn. ANALYSIS Independent claim 1 Independent claim 1 is drawn to a method that recites, in pertinent part, the steps of (sections of the claim limitation are labelled (a. b. c.) for purposes of ease of reference): a. feeding at least one of said person classification data, said role classification data, said role constraint data and said entitlement constraint data to said inference engine, b. if said person classification data further comprises entitlement classification data defining one or more entitlements for said person and/or said role classification data comprises entitlement classification data defining one or more entitlements for said role, said inference engine determining whether said entitlement 4 Appeal2014-003041 Application 12/532,799 classification data is valid based on whether constraints of said role constraint data and said entitlement data are met to obtain an inference result set defining said valid entitlements for said persons of said organization, and c. otherwise said inference engine determining the entitlement classification data defining one or more entitlements for said person and/or defining one or more entitlements for said role based on the fed data to obtain an inference result set defining said valid entitlements for said persons of said organization. Concerning the limitation above we begin by construing the scope of method claim 1. Subsection (c) above recites the term "otherwise." Appellants argue that this term means "only if none of the three pre- conditions of the 'if ... otherwise' clause of claim 1 is satisfied." (Appeal Br. 12). We agree with Appellants' construction of claim 1 because the term "otherwise" connotes that the preceding conditions must be considered before the "otherwise" limitation can be applied. Accordingly, we tum to limitation (b) above which precedes limitation ( c ). The Examiner found that this limitation is disclosed by Patrick at paragraphs 18-21, 75-78, 81-85, 91-96, 101, 106-108, 114 and 131. Our review of Patrick at these paragraphs reveals no suggestion of the sequence of limitations set forth above, at least as recited in sections (b) and ( c) supra. At best, paragraph 106 discloses the question, "Can the user identified by this token get access and perform the requested capabilities on the target resource?" But, according to paragraph 107, the decision tree ends with, "permit, deny, or abstain." Paragraphs 75-78 merely disclose 5 Appeal2014-003041 Application 12/532,799 calculating a dynamic role based, inter alia, on the "values of the request's parameters, and the values of profile attributes associated with the initiating principal." Paragraphs 81-85 only generally disclose a delegated authorization design without any mention of the particular steps and data types set forth in sections (b) and ( c) above. While paragraphs 91-96 disclose an entitlement engine, these paragraphs disclose this item in the context of a rule-based call back method which is not what is claimed. Paragraph 101 only discloses a Java layer security service layer. Accordingly, we will not sustain the rejection of independent claim 1. Independent claim 7 Independent claim 7 is drawn to a system and an inference engine configured to determine whether said entitlement classification data is valid based on whether constraints of said role constraint data and said entitlement data are met to obtain an inference result set defining said valid entitlements for said persons of said organization. Since claim 7 covers a specially programmed computer configured to perform the claimed "otherwise" function set forth in section ( c) above, and since we find that the functions of section (b) and ( c) are not disclosed by Patrick, we do not sustain the rejection of claim 7 either. Since claims 2-5 depend from claim 1, and since we cannot sustain the rejection of claim 1, the rejection of claims 2-5 likewise cannot be sustained. DECISION The Examiner's decision to reject claims 1-5 and 7 is reversed. 6 Appeal2014-003041 Application 12/532,799 No time period for taking any subsequent action in connection with this appeal may be extended under 37 C.F.R. § 1.136(a). See 37 C.F.R. § 1.136(a)(l )(iv). REVERSED 7 Copy with citationCopy as parenthetical citation
