Ex Parte KORKUS et alDownload PDFPatent Trial and Appeal BoardSep 25, 201812861967 (P.T.A.B. Sep. 25, 2018) Copy Citation UNITED STA TES p A TENT AND TRADEMARK OFFICE APPLICATION NO. FILING DATE 12/861,967 08/24/2010 26530 7590 09/27/2018 LADAS & PARRY LLP 224 SOUTH MICHIGAN A VENUE SUITE 1600 CHICAGO, IL 60604 FIRST NAMED INVENTOR OhadKORKUS UNITED STATES DEPARTMENT OF COMMERCE United States Patent and Trademark Office Address: COMMISSIONER FOR PATENTS P.O. Box 1450 Alexandria, Virginia 22313-1450 www .uspto.gov ATTORNEY DOCKET NO. CONFIRMATION NO. CU-8557 3086 EXAMINER WOLDEMARIAM, NEGA ART UNIT PAPER NUMBER 2433 NOTIFICATION DATE DELIVERY MODE 09/27/2018 ELECTRONIC Please find below and/or attached an Office communication concerning this application or proceeding. The time period for reply, if any, is set in the attached communication. Notice of the Office communication was sent electronically on above-indicated "Notification Date" to the following e-mail address(es): ChicagoUSPTO@ladas.net PTOL-90A (Rev. 04/07) UNITED STATES PATENT AND TRADEMARK OFFICE BEFORE THE PATENT TRIAL AND APPEAL BOARD Ex parte OHAD KORKUS, Y AKOV F AITELSON, OPHIR KRETZER-KATZIR, and DAVID BASS Appeal2018-000514 1 Application 12/861,9672 Technology Center 2400 Before ELENI MANTIS MERCADER, NORMAN H. BEAMER, and JOHN D. HAMANN, Administrative Patent Judges. HAMANN, Administrative Patent Judge. DECISION ON APPEAL Appellants file this appeal under 35 U.S.C. § 134(a) from the Examiner's Final Rejection of claims 1-7 and 11-17. Claims 8-10 have been cancelled. We have jurisdiction under 35 U.S.C. § 6(b ). We affirm. 1 Our decision relies upon Appellants' Appeal Brief ("App. Br.," filed June 13, 2017) and Specification ("Spec.," filed Aug. 24, 2010), as well as the Examiner's Answer ("Ans.," mailed Aug. 21, 2017) and the Final Office Action ("Final Act.," mailed Dec. 13, 2016). 2 According to Appellants, the real party in interest is Varonis Systems, Inc. Br. 2. Appeal2018-000514 Application 12/861,967 THE CLAIMED INVENTION Appellants' claimed invention "relates to data management systems and methodologies generally and more particularly to data access permission management systems and methodologies." Spec. ,r 8. Claim 1 is illustrative of the subject matter of the appeal and is reproduced below. 1. A network object access permission management system useful with a computer network including at least one server and a multiplicity of clients, the system comprising: an access permissions subsystem which governs access permissions of users to network objects in said computer network in real time; and a future condition based permissions instruction subsystem providing current instructions to said access permission subsystem to grant or revoke access permissions of said users to network objects in the future in response to fulfillment of at least one future condition, said at least one future condition being currently established by an operator in advance of the possible occurrence of said at least one future condition, said fulfillment of said at least one future condition being evaluated in said future, and based on: changes in at least one characteristic of said network object indicated in advance by said operator; actual future activity of at least one user related to said network object as indicated in advance by said operator; and changes in at least one classification of said network object indicated in advance by said operator. REJECTION ON APPEAL The Examiner rejected claims 1-7 and 11-17 under 35 U.S.C. § I03(a) as being unpatentable over the combination of Botz et al. (US 2008/0172720 Al; published July 17, 2008) (hereinafter "Botz") and Amies et al. (US 2009/0150981 Al; published June 11, 2009) (hereinafter "Amies"). Final Act. 3-13. 2 Appeal2018-000514 Application 12/861,967 ANALYSIS We have reviewed the Examiner's rejection in light of Appellants' contentions that the Examiner erred. We disagree with Appellants' contentions for the reasons discussed below. (1) Actual Future Activity o(a User Appellants argue that the combination of Botz and Amies fails to teach or suggest "providing current instructions ... to grant or revoke access permissions ... in the future in response to ... actual future activity of at least one user related to [a] network object as indicated in advance by [an] operator," as recited in independent claims 1 and 11. Br. 5-7. More specifically, Appellants argue: Amies does not show or suggest granting or revoking access permission of a user to a network object based on actual future activity by that user. Rather, Amies describes employing a user access profile which defines attributes specific to a particular access entitlement. In the prior art of Amies, access entitlement merely grants the user an option to access network objects and does not constitute actual activity on the part of the user. Id. at 6 ( citing Amies ,r 62). The Examiner finds that the combination of Botz and Amies, and Botz in particular, teaches or suggests the disputed limitation. See Ans. 2--4. More specifically, the Examiner finds that Botz teaches "the role-based (i.e. actual present/future activity by the user) access control module used to grant or deny/revoke access to a particular system file/object proposed as potential access permissions that may be used in the future." Ans. 2 ( citing Botz ,r,r 22-23, Fig. 5). The Examiner finds Botz also teaches "specify[ing] access permissions that are not currently used[, and that] ... such access 3 Appeal2018-000514 Application 12/861,967 permissions are proposed as potential access permissions that may be used in the future to authorize a user's access to a computer resource ... based on actual future activity by the user." Id. at 2-3 (citing Botz ,r 46). We are not persuaded by Appellants' arguments that the Examiner errs. Appellants do not address the Examiner's findings that Botz teaches or suggests the disputed limitation. We agree with the Examiner that Botz teaches providing current instructions (proposed alternative access permissions as implemented on a control list) to grant or revoke access permissions in the future ("specify access permissions that are not currently used to authorize a user's access to a computer resource, rather such access permissions are proposed as potential access permissions that may be used in the future to authorize a user's access to a computer") in response to actual future activity of a user related to a network object (e.g., starting in a role that has access to particular system functions) as indicated in advance by an operator ( a system administrator assigns permissions to roles in advance). See, e.g., Botz ,r,r 22-23, 46, Fig. 5. Accordingly, we sustain the Examiner's rejection of independent claims 1 and 11, as well as claims 2---6 and 12-1 7, which depend from claims 1 and 1, respectively, as Appellants do not provide separate arguments for their patentability. DECISION We affirm the Examiner's decision rejecting claims 1-7 and 11-17. No time period for taking any subsequent action in connection with this appeal may be extended under 37 C.F.R. § 1.136(a)(l)(iv). AFFIRMED 4 Copy with citationCopy as parenthetical citation
