Ex Parte Nanopoulos et alDownload PDFPatent Trial and Appeal BoardJun 27, 201410938422 (P.T.A.B. Jun. 27, 2014) Copy Citation UNITED STATES PATENT AND TRADEMARK OFFICE UNITED STATES DEPARTMENT OF COMMERCE United States Patent and Trademark Office Address: COMMISSIONER FOR PATENTS P.O. Box 1450 Alexandria, Virginia 22313-1450 www.uspto.gov APPLICATION NO. FILING DATE FIRST NAMED INVENTOR ATTORNEY DOCKET NO. CONFIRMATION NO. 10/938,422 09/10/2004 Andrew Nanopoulos RSA-505AUS 2253 80074 7590 06/27/2014 RSA Security Inc. c/o Daly, Crowley, Mofford & Durkee, LLP 354A Turnpike Street, Suite 301A Canton, MA 02021 EXAMINER RASHID, HARUNUR ART UNIT PAPER NUMBER 2497 MAIL DATE DELIVERY MODE 06/27/2014 PAPER Please find below and/or attached an Office communication concerning this application or proceeding. The time period for reply, if any, is set in the attached communication. PTOL-90A (Rev. 04/07) UNITED STATES PATENT AND TRADEMARK OFFICE ____________ BEFORE THE PATENT TRIAL AND APPEAL BOARD ____________ Ex parte ANDREW NANOPOULOS, KARL ACKERMAN, PIERS BOWNESS, WILLIAM DUANE, MARKUS JAKOBSSON, BURT KALISKI, DMITRI PAL, SHANE D. RICE and RONALD L. RIVEST ____________ Appeal 2012-000513 Application 10/938,422 Technology Center 2400 ____________ Before STEPHEN C. SIU, DAVID M. KOHUT, and JENNIFER L. McKEOWN, Administrative Patent Judges. McKEOWN, Administrative Patent Judge. DECISION ON APPEAL This is an appeal under 35 U.S.C. § 134(a) from the Examiner’s final rejection of claims 1, 2, 4-16, and 19-84. App. Br. 2. Claims 3, 17, and 18 are cancelled. App. Br. 2. We have jurisdiction under 35 U.S.C. § 6(b). We affirm-in-part. STATEMENT OF THE CASE Appellants’ invention is directed to cryptography and, more particularly, to systems for computer security. See Spec. ¶3. Specifically, Appeal 2012-000513 Application 10/938,422 2 the system downloads verification records corresponding to given authentication token outputs over a predetermined period of time, sequence of events, and/or set of challenges to be used for disconnected authentication. See Abstract. Claims 1 and 63 are illustrative and are reproduced below, with key disputed limitations emphasized: 1. A method for authenticating at a verifier a user who possesses an authentication token capable of providing one or more one-time passcodes, comprising: obtaining a verification record from an authentication server; obtaining a passcode from the authentication token submitted to authenticate the user at the verifier; and determining whether the submitted passcode is consistent with the verification record, where the verification record is a function of a reference passcode, wherein the verifier is disconnected from the authentication server which provided the verification record. 63. A server, comprising: a processor for processing a plurality of verification records as a function of reference passcodes; and an interface for downloading the plurality of records from the server to an agent to enable the agent to determine whether a submitted passcode is consistent with a given one of the verification records for authenticating a user possessing an authentication token capable of providing the submitted passcode. THE REJECTIONS The Examiner rejected claim 84 under 35 U.S.C. § 112, first paragraph, as failing to comply with the written description requirement. Ans. 4-5. Appeal 2012-000513 Application 10/938,422 3 The Examiner rejected claims 63-82 under 35 U.S.C. § 102(b) as anticipated by Perlman (US 6,173,400 B1; Jan. 9, 2001). Ans. 5-8. The Examiner rejected claims 1, 2, 4-16, 19-62, 83 and 84 under 35 U.S.C. § 103(a) as unpatentable over Perlman and Audebert (US 6,988,210 B1; filed Nov. 28, 2000). Ans. 9-22. THE WRITTEN DESCRIPTION REJECTION Claim 84 The Examiner here finds that the claimed disconnection of the laptop computer from all network connections is not supported because “[t]he specification merely describes disconnected from the authentication server in the sense of it does not need to be connected during the operation of authentication (see specification paragraphs (105-106).” Ans. 5. Additionally, the Examiner notes that the “Applicant concedes that the exact phrase ‘disconnected from all network connections’ does not appear in the specification.” Ans. 23. We disagree. The Specification describes using a laptop computer, for example, on a trip. See e.g., Spec. ¶21 and 23. As the Appellants explain, a skilled artisan “would understand that a laptop would ordinarily be completely disconnected [at some point] during a trip, such as on an airplane, and powered down.” App. Br. 6. Therefore, in our view, the Specification provides sufficient detail so “that one skilled in the art can clearly conclude that the inventor invented the claimed invention [i.e., that a laptop computer be completely disconnected from all servers] as of the filing date sought.” In re Alonso, 545 F.3d 1015, 1019 (Fed. Cir. 2008). We agree Appeal 2012-000513 Application 10/938,422 4 with the Appellants then that the Examiner erred in rejecting claim 84 for failing to comply with the written description requirement. THE OBVIOUSNESS REJECTION OVER PERLMAN AND AUDEBERT1 The Examiner finds that Perlman discloses the claim limitations of claim 1, except Perlman does not explicitly disclose where the verifier is disconnected from the authentication server which provided the verification record. Ans. 9. The Examiner, however, relies on Audebert for this feature. The Appellants on the other hand contend that Perlman and Audebert combined fail to disclose determining whether the submitted passcode is consistent with the verification record where the verifier is disconnected from the authentication server which provided the verification record. App. Br.18-19. More specifically, the Appellants allege that neither Perlman nor Audebert teach disconnected authentication. App. Br. 6-11. Additionally, the Appellants challenge the Examiner’s reason to combine the cited references. ISSUE Did the Examiner err in finding that Perlman and Audebert combined teach determining whether the submitted passcode is consistent with the verification record, where the verification record is a function of a reference passcode, wherein the verifier is disconnected from the authentication server which provided the verification record, as recited in claim 1? 1 We address the rejections in the order presented by the Appellants. See App. Br. 6-22. Appeal 2012-000513 Application 10/938,422 5 ANALYSIS Claims 1, 2, 4-16, 19-62, 83 and 84 Based on this record, we find the Examiner erred in rejecting claim 1 as obvious over Perlman and Audebert. The Appellants contend that the Examiner failed to present a prima facie case of obviousness because a skilled artisan would not contemplate combining the access control system of Audebert with the shared secret authentication token/encryption system of Perlman. App. Br. 7-9. More specifically, the Appellants argue, Applicant respectfully submits that the Examiner's alleged rationale does not make any sense to one of ordinary skill in the art. Perlman requires “establishing a shared secret between devices CONNECTED over a communication medium using an authentication token to provide user authentication, data encryption, and integrity protection.” It is simply nonsensical to suggest that Perlman should be modified to “download reference passcodes” or have “the computer disconnected from the server.” Perlman's shared secret system requires a connection between devices. App. Br. 14 (emphasis in original). We agree. Perlman is directed to authentication of devices for the purpose of transmitting encrypted data between the connected devices. See e.g., Perlman, 1:6-11 and Fig. 1 (depicting the network connection between the workstation and the server). The Examiner’s stated reasons to combine Perlman with Audebert, “because it would enable authentication without requiring real-time connection with a server,” fails to justify the conclusion of obviousness. Ans. 24. This reasoning fails to explain why Perlman would benefit from authentication without real-time connection to a server Appeal 2012-000513 Application 10/938,422 6 when a connection, at least between the communicating (and authenticating) devices, is already required for transmission of the encrypted data. We therefore agree with the Appellants that the Examiner failed to present a prima facie case of obviousness. Accordingly, we reverse the obviousness rejection of claims 1, 2, 4- 16, 19-62, 83 and 84. THE ANTICIPATION REJECTION OVER PERLMAN The Examiner finds that Perlman discloses the claim limitations of claim 63. The Appellants on the other hand contend that Perlman fails to disclose an interface for downloading the plurality of records for authenticating a user possessing an authentication token capable of providing the submitted passcode. App. Br. 18-19. The Appellants present the same arguments discussed above, namely that “Perlman does not teach anything remotely resembling authenticating a user while disconnected, as claimed.” App. Br. 18-19. ISSUE Did the Examiner err in finding that Perlman discloses an interface for downloading the plurality of records for authenticating a user possessing an authentication token capable of providing the submitted passcode, as recited in claim 63? Appeal 2012-000513 Application 10/938,422 7 ANALYSIS Claims 63-69 Based on this record, we find the Examiner did not err in rejecting claim 63 as anticipated by Perlman. We first note that none of claims 63-69 recite any limitation requiring disconnection from a server, let alone authentication of a user while disconnected from a server. See App. Br., Claims App’x; see also Ans. 30- 31. Despite this absence, the Appellants present the same arguments as presented above relying on this feature. See e.g., App. Br. 18-19. Because these claims lack the disconnected authentication limitation, we do not find these arguments persuasive. Therefore, we find that the Examiner did not err in rejecting claims 63-69 as anticipated. Claims 70-76 Based on this record, we find the Examiner did not err in rejecting claim 70 as anticipated by Perlman. The Appellants here assert that claim 70 requires a prior knowledge of the passcode information for the stored verification records. “Only if the stored verification records are consistent with a passcode received from an authentication token is the user authenticated.” App. Br. 19-20. The Appellants then distinguish these claimed features from Perlman because Perlman establishes a shared secret between connected devices. App. Br. 20. This argument again lacks merit. Nothing in claim 70 requires disconnection or disconnected authentication. Moreover, as the Examiner Appeal 2012-000513 Application 10/938,422 8 responds, Perlman discloses use of a PIN at a workstation to authenticate the workstation, prior knowledge of the PIN would be necessary to authenticate the user. Ans. 7-8. We therefore agree with the Examiner that Perlman anticipates claim 70 and claims 71-76 depending therefrom. Claims 77-82 With respect to claim 77, the Appellants maintain that Perlman does not teach any of authenticating at a verifier a user who possesses an authentication token capable of providing one or more one-time passcodes by, obtaining a verification record, obtaining a passcode submitted to authenticate the user, and determining whether the submitted passcode is consistent with the verification record, where the verification record is a function of a reference passcode. App. Br. 20-21. We disagree. Similar to the arguments discussed above, the Appellants again focus on Perlman’s lack of disconnected authentication. See App. Br. 20-21. Despite the Appellants’ assertions, claim 77 does not claim disconnected authentication. Therefore, we find the Appellants’ argument unpersuasive. Accordingly, we agree with the Examiner that Perlman anticipates claim 77 and claims 78-82 depending therefrom. CONCLUSION The Examiner erred in rejecting claims 1, 2, 4-16, 19-62, 83 and 84 as obvious and did not err in rejecting claims 63-82 as anticipated. Additionally, the Examiner erred in rejecting claim 84 under 35 U.S.C. § Appeal 2012-000513 Application 10/938,422 9 112, second paragraph as failing to satisfy the written description requirement. DECISION The Examiner’s decisions rejecting claims 1, 2, 4-16, 19-62, 83 and 84 as obvious and claim 83 as failing to satisfy the written description requirement is reversed, but the decision rejecting claims 63-82 as anticipated is affirmed. No time period for taking any subsequent action in connection with this appeal may be extended under 37 C.F.R. § 1.136(a)(1)(iv). AFFIRMED-IN-PART tj Copy with citationCopy as parenthetical citation
