Ex Parte Metke et alDownload PDFPatent Trial and Appeal BoardJun 10, 201612942374 (P.T.A.B. Jun. 10, 2016) Copy Citation UNITED STA TES p A TENT AND TRADEMARK OFFICE APPLICATION NO. FILING DATE 12/942,374 11/09/2010 22917 7590 06/14/2016 MOTOROLA SOLUTIONS, INC. IP Law Docketing 1301 EAST ALGONQUIN ROAD IL02 5th Floor - SHS SCHAUMBURG, IL 60196 FIRST NAMED INVENTOR Anthony R. Metke UNITED STATES DEPARTMENT OF COMMERCE United States Patent and Trademark Office Address: COMMISSIONER FOR PATENTS P.O. Box 1450 Alexandria, Virginia 22313-1450 www .uspto.gov ATTORNEY DOCKET NO. CONFIRMATION NO. CM13307 1554 EXAMINER MEJIA, FELICIANO S ART UNIT PAPER NUMBER 2492 NOTIFICATION DATE DELIVERY MODE 06/14/2016 ELECTRONIC Please find below and/or attached an Office communication concerning this application or proceeding. The time period for reply, if any, is set in the attached communication. Notice of the Office communication was sent electronically on above-indicated "Notification Date" to the following e-mail address( es): USAdocketing@motorolasolutions.com PTOL-90A (Rev. 04/07) UNITED STATES PATENT AND TRADEMARK OFFICE BEFORE THE PATENT TRIAL AND APPEAL BOARD Ex parte ANTHONY R. METKE, ERWIN HIMAWAN, and SHANTHI E. THOMAS Appeal2014-008753 Application 12/942,374 Technology Center 2400 Before JEAN R. HOMERE, JOHN A. EV ANS, and DANIEL J. GALLIGAN, Administrative Patent Judges. Per Curiam. DECISION ON APPEAL 1 Appellants2 seek our review under 35 U.S.C. § 134(a) of the Examiner's final rejection of claims 1-26. Br. 12-17. We have jurisdiction under 35 U.S.C. § 6(b). We AFFIRM. 1 Our Decision refers to Appellants' Appeal Brief filed ("Br.") filed March 14, 2014; Examiner's Answer mailed June 5, 2014 ("Ans."); the Advisory Action mailed January 6, 2014 ("Adv. Act."); the Final Office Action mailed October 11, 2013 ("Final Act."); and original Specification filed November 9, 2010 ("Spec."). 2 Appellants identify Motorola Solutions, Inc. as the real party in interest. Br. 3. Appeal2014-008753 Application 12/942,374 STATEMENT OF THE CASE Claims on Appeal Claims 1, 12, and 20 are independent claims. Claim 1 is reproduced below (with disputed limitations in italics): 1. A certificate policy management tool suite, comprising: a plurality of PKI management components including: at least one processor comprising: a certificate policy parser operative to parse standard certificate policies into allowable combinations of certificate policy options meeting predetermined constraints; a certificate policy creation engine operative to create customized certificate policies; a certificate policy query engine operative to generate a PK! management rule set based on the customized certificate policies; an audit engine operative to audit the customized certificate policy to verify conformance with the predetermined constraints set by the standard certificate policies; and wherein the certificate policy parser, the certificate policy creation engine, the certificate policy query engine, and the audit engine interoperate to automate certificate policy creation, interpretation, assessment, and enforcement. 2 Appeal2014-008753 Application 12/942,374 References Anderson et al. US 7,478,419 B2 Jan. 13,2009 ("Anderson") Kapoor US 7,610,484 B2 Oct. 27, 2009 Huang et al. US 7,640,429 B2 Dec. 29, 2009 ("Huang") Cross et al. US 7,703,128 B2 Apr. 20, 2010 ("Cross") Martherus et al. US 7,814,536 B2 Oct. 12, 2010 ("Martherus ") Hemoud et al. US 2011/0314515 Al Dec. 22, 2011 ("Hemoud") Examiner's Rejections Claims 1, 2, 7, 12, 13, 17, and 18 stand rejected under 35 U.S.C. § 103(a) as being unpatentable over Kapoor and Huang. Final Act. 3-8. Claims 3---6 stand rejected under 35 U.S.C. § 103(a) as being unpatentable over Kapoor, Huang, and Hemoud. Final Act. 8-11. Claims 8 and 9 stand rejected under 35 U.S.C. § 103(a) as being unpatentable over Kapoor, Huang, and Anderson. Final Act. 11-12. Claims 10, 11, 14--16, 19-21, and 23 stand rejected under 35 U.S.C. § 103(a) as being unpatentable over Kapoor, Huang, and Martherus. Final Act. 12-22. Claims 24 and 25 stand rejected under 35 U.S.C. § 103(a) as being unpatentable over Kapoor, Huang, Martherus, and Cross. Final Act. 22-26. Claims 22 and 26 stand rejected under 35 U.S.C. § 103(a) as being unpatentable over Kapoor, Huang, Martherus, and Hemoud. Final Act. 26- 27. 3 Appeal2014-008753 Application 12/942,374 ANALYSIS We have reviewed the Examiner's rejections in light of Appellants' arguments the Examiner erred. See App. Br. 5-10. We are not persuaded by Appellants' arguments. We highlight and address specific arguments and findings for emphasis as follows. Appellants contend the Examiner erred in finding Huang teaches "a certificate policy query engine operative to generate a PK.I [(Public Key Infrastructure)] management rule set based on the customized certificate policies," as recited in claim 1. Br. 5. In particular, Appellants argue Huang teaches a PKI credential management infrastructure used/utilized to authenticate a user for access to resources based on role based access control policies. Br. 5 (citing Huang col. 11, 11. 47----67). Appellants further assert that the utilization of the PK.I credential management infrastructure does not teach generating it based on the role based access control policies. Br. 6. Rather, Appellants contend Huang teaches away from the disputed limitation. Br. 6. Appellants additionally dispute the Examiner's findings that Huang's system creates customized access policies. Br. 6 (citing Huang Fig. 2, col. 4, 11. 1-23, Fig. 9, col. 22, 11. 25-35). Appellants argue Huang does not teach these customized access control policies as a basis "to generate a PK.I management rule set," as recited in the claim. Id. We are not persuaded of Examiner error. The Examiner finds Huang teaches parsing individual policy statements into an internal representation used by the decision entity for rendering authorization decisions. Ans. 3 (quoting Huang col. 6, 11. 40-46). In particular, Huang discloses: "The police store 108, or engine, parses these individual policy statements into an internal representation more useful for combination into a coherent overall 4 Appeal2014-008753 Application 12/942,374 set of policies. Then, the decision entity 106 uses the resulting internal representation for the efficient rendering of authorization decisions." Huang col. 6, 11. 41--46. We find Huang's disclosures of parsing policy statements into "internal representation used ... for the efficient rendering of authorization decisions," taught in Huang (col. 6, 11. 41--46), to be consistent with Appellants' description of the certificate policy query engine "generat[ing] a PK.I Management rule set or policy control object from ... the operational policy database." Spec. p. 10, 11. 10-13, cited at Br. 4. Furthermore, the Examiner finds Huang teaches customized certificate policies as a basis for generating a PKI management rule set. Final Act. 5 (citing Huang col. 11, 11. 4 7-67). In particular, Huang teaches "Attribute Certificates (ACs) 130 that bind[] the role of the user 126 to the user 126." Huang col. 11, 11. 55-56. The Examiner further finds Huang teaches these customized certificate policies include assigning entitlements to roles of a user and assigning roles to individual users. Adv. Act. 2 (citing Huang col. 4, 11. 1-23). We are not persuaded of error in these findings of the Examiner, which are supported by the disclosure of Huang. Appellants' teaching away argument is unavailing because Appellants have merely alleged differences in the teachings of the art, rather than directed us to disclosure that discredits generating a PK.I management rule set. See In re Fulton, 391F.3d1195, 1201 (Fed. Cir. 2004) ("The prior art's mere disclosure of more than one alternative does not constitute a teaching away from any of these alternatives because such disclosure does not criticize, discredit, or otherwise discourage the solution claimed ... "). Furthermore, as explained above, we do not agree with Appellants' 5 Appeal2014-008753 Application 12/942,374 characterization of Huang as teaching only utilizing, rather than generating and utilizing, a PK.I rule set. Appellants also argue the Examiner erred in finding Huang teaches "an audit engine operative to audit the customized certificate policy to verify conformance with the predetermined constraints set by the standard certificate policies," as recited in claim 1. Br. 6. Appellants present a similar argument for claim 20. Br. 9. Appellants contend Huang teaches an audit log server which determines who is attempting to access the resources and which policies are actively being used. Br. 6 (citing Huang col. 4, 1. 61- col. 5, 1. 8). Appellants assert that this portion of Huang does not teach verifying conformance of the policies with predetermined constraints. Br. 7. We disagree with Appellants' contentions. The Examiner finds Huang teaches an enforcement entity. Final Act. 5 (citing Huang col. 4, 1. 61 - col. 5, 1. 8). The enforcement entity in Huang checks the authentication and authorization "for all actions that need to be controlled with role based access control." Huang col. 5, 11. 11-12. Thus, the enforcement entity in Huang verifies that actions subject to the role based access control policies are authenticated and authorized in accordance with those policies. Id. Accordingly, we find no Examiner error. Based upon the foregoing, we sustain the rejection of claim 1. Appellants do not present additional persuasive arguments regarding claims 2-26 (Br. 7-10), and, therefore, we sustain the rejections of these claims. 6 Appeal2014-008753 Application 12/942,374 DECISION We affirm the Examiner's rejections of claims 1-26. No time period for taking any subsequent action in connection with this appeal may be extended under 37 C.F.R. § 1.136(a)(l )(iv). AFFIRMED 7 Copy with citationCopy as parenthetical citation
