Ex Parte Petrov et al

Patent Trial and Appeal Board

Jun 25, 2018

14665362 (P.T.A.B. Jun. 25, 2018)

UNITED STA TES p A TENT AND TRADEMARK OFFICE
APPLICATION NO. FILING DATE FIRST NAMED INVENTOR
14/665,362 03/23/2015 Petar D. Petrov
52025 7590 06/27/2018
SAP SE c/o BUCKLEY, MASCHOFF & TALWALKAR LLC
50 LOCUST A VENUE
NEW CANAAN, CT 06840
UNITED STATES DEPARTMENT OF COMMERCE
United States Patent and Trademark Office
Address: COMMISSIONER FOR PATENTS
P.O. Box 1450
Alexandria, Virginia 22313-1450
www .uspto.gov
ATTORNEY DOCKET NO. CONFIRMATION NO.
140871US01 (S23.208) 4600
EXAMINER
RASHID, HARUNUR
ART UNIT PAPER NUMBER
2497
NOTIFICATION DATE DELIVERY MODE
06/27/2018 ELECTRONIC
Please find below and/or attached an Office communication concerning this application or proceeding.
The time period for reply, if any, is set in the attached communication.
Notice of the Office communication was sent electronically on above-indicated "Notification Date" to the
following e-mail address( es):
martin@BMTPATENT.COM
szpara@bmtpatent.com
colabella@bmtpatent.com
PTOL-90A (Rev. 04/07)
UNITED STATES PATENT AND TRADEMARK OFFICE
BEFORE THE PATENT TRIAL AND APPEAL BOARD
Ex parte PETARD. PETROV, PETIO PETEY, and NIKOLAI
TANKOV
Appeal2017-010182
Application 14/665,362
Technology Center 2400
Before: ELENI MANTIS MERCADER, SCOTT B. HOW ARD, and
JASON M. REPKO, Administrative Patent Judges.
MANTIS MERCADER, Administrative Patent Judge.
DECISION ON APPEAL
STATEMENT OF THE CASE
Appellants 1 appeal under 35 U.S.C. § 134 from a rejection of claims
1-20. We have jurisdiction under 35 U.S.C. § 6(b ).
We affirm.
1 The real party in interest is SAP SE. App. Br. 3.
Appeal2017-010182
Application 14/665,362
CLAIMED SUBJECT MATTER
The claimed invention is directed to a proxy server determining a real
network address for accessing a service by searching in a service catalog
storing a mapping between the identification and the real network address.
The proxy server requests execution of consumption of the service. The
proxy server establishes a secure communication having mutual
authentication with the service through generating an encrypted second
request directed to the real network address of the service. Abstract.
Claim 1, reproduced below, is illustrative of the claimed subject
matter:
1. A computer implemented method to provide a secure
consumption of a platform service by an application, the method
compnsmg:
instantiating a proxy server on an application virtual machine to
securely manage requests from the application to consume the
platform service, wherein the application is hosted on the
application virtual machine;
receiving, by the instantiated proxy server, a first request from
the application to consume the platform service, the first request
providing an identification referring to the platform service;
determining a real network address corresponding to the
identification provided with the first request that refers to the
platform service, wherein the real network address is determined
through accessing and searching of a service catalog storing a
mapping between the identification of the platform service and
the real network address;
generating, by the proxy server, a second request based on the
received first request to be sent to the platform service, wherein
the second request is encrypted and defines the real network
address for accessing the platform service; and
establishing a secure communication between the proxy server
and the platform service to perform the secure consumption of
the platform service requested with the first request from the
2
Appeal2017-010182
Application 14/665,362
application, wherein the proxy server and the platform service
are mutually authenticated.
REFERENCES
The prior art relied upon by the Examiner in rejecting the claims on
appeal is:
Innes
Martini
US 2014/0331297 Al Nov. 6, 2014
US 2014/0351573 Al Nov. 27, 2014
REJECTIONS
Claim 1-20 stands rejected under 35 U.S.C § 103(a) as being
unpatentable over Innes and Martini.
OPINION
Appellants argue that Innes does not teach or suggest the limitation of
determining a real network address corresponding to the
identification provided with the first request that refers to the
platform service, wherein the real network address is
determined through accessing and searching of a service catalog
storing a mapping between the identification of the platform
service and the real network address
as recited in claim 1. App. Br. 9. According to Appellants, Innes in
paragraph 47 is the only place that recites a first and second server 106a and
106b wherein the first server determines an address of the application server
hosting an available application to the client machine. Id. (citing Fig. 2 and
para. 4 7). Appellants assert that Innes does not teach or suggest determining
an address for the second server, to which the request is forwarded, wherein
3
Appeal2017-010182
Application 14/665,362
"the real network address is determined through accessing and searching of a
service catalog storing a mapping between the identification of the platform
service and the real network address" as recited in claim 1. Id.
We do not agree with Appellants. "The test for obviousness is not
whether the features of a secondary reference may be bodily incorporated
into the structure of the primary reference. . . . Rather, the test is what the
combined teachings of those references would have suggested to those of
ordinary skill in the art." In re Keller, 642 F.2d 413, 425 (CCPA 1981); see
also In re Sneed, 710 F.2d 1544, 1550 (Fed. Cir. 1983) ("[I]t is not necessary
that the inventions of the references be physically combinable to render
obvious the invention under review."); In re Nievelt, 482 F.2d 965, 968
(CCP A 1973) ("Combining the teachings of references does not involve an
ability to combine their specific structures."). Rather, "if a technique has
been used to improve one device, and a person of ordinary skill in the art
would recognize that it would improve similar devices in the same way,
using the technique is obvious unless its actual application is beyond his or
her skill." KSR Int'! Co. v. Teleflex Inc., 550 U.S. 398, 417 (2007).
The Examiner finds, and we agree, that Innes teaches or suggests
a first server 106a (i.e., proxy server) that receives requests from a client
machine 240 (i.e., virtual machine), forwards the request to a second server
106b (i.e., platform service server), and responds to the request generated by
the client machine 240 with a response from the second server 106b. See
Ans. 4--5 (citing para. 47). Thus, Innes teaches or suggests a communication
between a client and a platform service server via a proxy server. The
Examiner further finds, and we agree, that Innes teaches or suggests a first
server 106a (i.e., proxy server) which may acquire an enumeration of
applications available to the client machine 240 as well as address
4
Appeal2017-010182
Application 14/665,362
information associated with an application server 206 hosting an
application identified within the enumeration of applications. Id.
According to paragraph 47 server 106a (i.e., proxy) can then present a
response to the client's request using a web interface, and communicate
directly with the client 240 to provide the client 240 with access to an
identified application. See Innes i-f 47. One or more clients 240 and/or one
or more servers 206 may transmit data over network 230, e.g., network 101.
Id. Thus, Innes teaches or suggests that the proxy server can acquire address
information of the platform service server of interest that hosts the requested
application by the client as required by claim 1.
Appellants further argue that Innes teaches away from claim 1
because the client is aware of and sends to the proxy server "(1)
authentication information previously exchanged between the proxy device
and the resource management device and (2) authentication information to
be sent by the proxy device to the resource management device." App. Br.
10 citing para. 4.
Appellants also argue that Innes (para. 9) also teaches away from what
is currently claimed in claim 1, as Innes discloses that
the request for the client device to provide the signature may
comprise context information identifying a data structure of at
least one of ( 1) authentication information previously
exchanged between the proxy device and a resource
management device associated with the requested resource and
(2) authentication information to be sent by the proxy device to
the resource management device,
which suggests that the proxy does not determine "a real network address
corresponding to the identification provided with the first request" (claim 1)
5
Appeal2017-010182
Application 14/665,362
as the proxy requests information from the client to be sent to the resource
management device. App. Br. 10-11.
We do not agree with Appellants.
A reference may be said to teach away when a person of ordinary
skill, upon reading the reference, would be discouraged from
following the path set out in the reference, or would be led in a
direction divergent from the path that was taken by the applicant.
The degree of teaching away will of course depend on the
particular facts; in general, a reference will teach away if it
suggests that the line of development flowing from the
reference's disclosure is unlikely to be productive of the result
sought by the applicant.
In re Gurley, 27 F.3d 551, 553 (Fed. Cir. 1994) (citing United States v.
Adams, 383 U.S. 39, 52 (1966)). However, a reference that "teaches away"
does not per se preclude a prima facie case of obviousness, but rather the
"teaching away" of the reference is a factor to be considered in determining
unobviousness. Id. The mere disclosure of more than one alternative does
not constitute a teaching away because such a disclosure does not criticize,
discredit, or otherwise discourage the solution claimed. In re Fulton, 391
F.3d 1195, 1201 (Fed Cir 2004). Thus, in this case, we agree with the
Examiner's finding that alternative embodiments provided by Appellants do
not constitute teaching away. See Ans. 6.
Appellants further argue that Martini does not teach or suggest
"generating, by the proxy server, a second request based on the received first
request to be sent to the platform service, wherein the second request is
encrypted and defines the real network address for accessing the platform
service" (claim 1 ). App. Br. 11. Appellants points us to Martini for
disclosing "receiving a first request to access a first resource hosted by a
server outside the network" and "determining whether requests from the
6
Appeal2017-010182
Application 14/665,362
client device to access the first resource outside the network should be
redirected to a second resource hosted by a proxy within the network"
(Abstract). Id. Appellants assert that Martini at Fig 1 discloses two proxy
servers, where current claim 1 requires one proxy server. Id.
We do not agree with Appellants' argument. Instead, we agree with
the Examiner that Martini teaches in paragraph 24 that "[t]he MitM gateway
106 is thus able to receive an encrypted message from the client device 108,
decrypt the message, inspect the message, optionally alter or drop the
message, encrypt the possibly altered message into a second encrypted form,
and pass the message to the server 118" (also see para. 57 "[t]he MitM
gateway 106 receives the encrypted traffic from the client device 108,
decrypts the traffic, inspects the decrypted traffic, encrypts the traffic into a
second encrypted form, and passes the traffic to the server 118 (320)").
(Ans. 7-8). Thus, Martini teaches or suggests one proxy server (i.e., MitM
gateway 106) that encrypts a message and passes the message to a server.
Appellants' argument that Martini teaches more than one proxy servers is of
no moment as the open term "comprising" of claim 1 does not preclude
additional servers.
Accordingly, we affirm the Examiner's rejection of claim 1 and for
the same reasons the rejections of claim 2-20, which are not argued
separately (see App. Br. 6).
DECISION
The Examiner's rejection of claims 1-20 is affirmed.
No time period for taking any subsequent action in connection with
this appeal may be extended under 37 C.F.R. § 1.136(a). See 37 C.F.R.
§ 1.136(a)(l )(iv).
7
Appeal2017-010182
Application 14/665,362
AFFIRMED
8