13817641 (P.T.A.B. Oct. 30, 2017)

Ex Parte Rombouts

Patent Trial and Appeal BoardOct 30, 2017

13817641 (P.T.A.B. Oct. 30, 2017)

United States Patent and Trademark Office UNITED STATES DEPARTMENT OF COMMERCE United States Patent and Trademark Office Address: COMMISSIONER FOR PATENTS P.O.Box 1450 Alexandria, Virginia 22313-1450 www.uspto.gov APPLICATION NO. FILING DATE FIRST NAMED INVENTOR ATTORNEY DOCKET NO. CONFIRMATION NO. 13/817,641 04/29/2013 Peter Maria Franciscus Rombouts 81409544US05 6901 65913 7590 Intellectual Property and Licensing NXPB.V. 411 East Plumeria Drive, MS41 SAN JOSE, CA 95134 EXAMINER POTRATZ, DANIEL B ART UNIT PAPER NUMBER 2491 NOTIFICATION DATE DELIVERY MODE 11/01/2017 ELECTRONIC Please find below and/or attached an Office communication concerning this application or proceeding. The time period for reply, if any, is set in the attached communication. Notice of the Office communication was sent electronically on above-indicated "Notification Date" to the following e-mail address(es): ip. department .u s @ nxp. com PTOL-90A (Rev. 04/07) UNITED STATES PATENT AND TRADEMARK OFFICE BEFORE THE PATENT TRIAL AND APPEAL BOARD Ex parte PETER MARIA FRANCISCUS ROMBOUTS Appeal 2017-001250 Application 13/817,641 Technology Center 2400 Before KRISTEN L. DROESCH, JOHN A. EVANS, and ALEX S. YAP, Administrative Patent Judges. EVANS, Administrative Patent Judge. DECISION ON APPEAL Appellant1 seeks our review under 35 U.S.C. § 134(a) of the Examiner’s final rejection of Claims 1—10 and 19—24. See App. Br. 12—17, Claims Appx. Claims 11—18 stand as withdrawn and claims 25—41 are canceled. Id. We have jurisdiction under 35 U.S.C. § 6(b). We REVERSE.2 1 The Appeal Brief does not contain a statement of real party. By implication, we understand the real party to be NXP BV. See App. Br. 11. 2 Rather than reiterate the arguments of Appellant and the Examiner, we refer to the Appeal Brief (filed February 16, 2016, “App. Br.”); the Reply Brief (filed November 1, 2016, “Reply Br.”); the Examiner’s Answer (mailed October 20, 2016, “Ans.”); the Final Office Action (mailed November 16, 2015, “Final Act.”); and the Specification (filed February 19, 2013, “Spec.”) for their respective details. Appeal 2017-001250 Application 13/817,641 STATEMENT OF THE CASE The claims relate to systems and methods for performing intra-zone and inter-zone security management in a network. See Spec., Abstract. INVENTION Claims 1,19, and 23 are independent. An understanding of the invention can be derived from a reading of Claim 1, which is reproduced below with some formatting added: 1. An authentication method comprising: storing a device authentication private key on an authentication device; storing a device authentication public key certificate linked to a trusted authentication root certificate on the authentication device, wherein the device authentication private key and the device authentication public key certificate facilitate authentication of the authentication device to a verification device according to a device authentication protocol; and storing a configuration root certificate on the authentication device, wherein the configuration root certificate facilitates authentication of a configuration device to the authentication device according to a configuration authentication protocol, wherein the device authentication protocol and the configuration authentication protocol use two separate certificate chains that both originate from a trusted party as a root of trust. 2 Appeal 2017-001250 Application 13/817,641 References and Rejections Bellows et al. US 7,929,703 B2 (hereinafter “Bellows”) Torres et al. US 2009/0245184 Al (hereinafter “Torres”) Higgins et al. US 2011/0028091 Al (hereinafter “Higgins”) Kuo et al. US 2011/0087882 Al (hereinafter “Kuo”) Bender et al. US 2011/0276803 Al (hereinafter “Bender”) Filed Dec. 28, 2005 Filed Mar. 27, 2008 Filed Aug. 3, 2009 Filed Oct. 12, 2009 Filed May 10,2010 The claims stand rejected as follows: 1. Claims 1 and 19 stand rejected under pre-AIA 35 U.S.C. § 102(e) as anticipated by Kuo. Final Act. 3—5. 2. Claims 2, 3, 6, 7, and 20 stand rejected under pre-AIA 35 U.S.C. § 103(a) as obvious over Kuo and Bellows. Final Act. 6—11. 3. Claims 9, 10, 23, and 24 stand rejected under pre-AIA 35 U.S.C. § 103(a) as obvious over Kuo and Higgins. Final Act. 11—12. 4. Claims 4, 5, 21, and 22 stand rejected under pre-AIA 35 U.S.C. § 103(a) as obvious over Kuo, Bellows, and Bender. Final Act. 12— 15. ANALYSIS We have reviewed the rejections of Claims 1—10 and 19—24 in light of Appellant’s arguments that the Examiner erred. We consider Appellant’s arguments seriatim, as they are presented in 3 Appeal 2017-001250 Application 13/817,641 the Appeal Brief on pages 4—10. Claims 1 and 19: Anticipation by Kuo Appellant argues independent Claims 1 and 19 as a group in view of the limitations of Claim 1. App. Br. 4. Claim 1 recites, inter alia, “wherein the device authentication protocol and the configuration authentication protocol use two separate certificate chains that both originate from a trusted party as a root of trust.” Appellant contends Kuo discloses intermediate and server certificates, which rely on a “chain of signatures.” Id. Appellant argues Kuo fails to disclose separate certificate chains for the device and configuration authentication protocols. Id. Appellant contends Kuo only discloses authentication of devices, but not of protocols. Id. at 5. The Examiner finds Kuo teaches “the AP also has server certificate 174, signed by root certificate 170a, which allows the AP to authenticate itself to client devices . . . AP 130m also includes an intermediate CA certificate for organization A (certificate 172a), which is signed by and is subordinate to organization CA root certificate 170a.” Ans. 5 (citing Kuo 145). The Examiner specifically finds “Organization AP (i.e., the claimed ‘authentication device’) includes an a server certificate 174 and an intermediate CA certificate 172a that each originate from and chain back to root certificate 170a stored on the Global Server [Qthe claimed ‘trusted party.’)” Id. (citation omitted). Appellant replies claim 1, and similarly claim 19, recite “wherein the device authentication protocol and the configuration authentication 4 Appeal 2017-001250 Application 13/817,641 protocol use two separate certificate chains that both originate from a trusted party as a root of trust.” Reply Br. 1. Appellant discloses “[a]s shown in Fig. 3, the public key architecture described herein includes two separate certificate chains that both originate from the trusted party as a root of trust.” Spec. 9,11. 14—15. “The configuration root certificate [CRC] is the root of trust for the configuration certificate chain. This certificate is installed on all authentication devices in order for them to be available to verify the brand owner configuration public key certificate.” Id. at 9,11. 18—23. Appellant discloses a second certificate chain: “[t]he second certificate chain is used to prove the authenticity of the authentication device and the brand owner and product information stored in the authentication device.” Id. at 9,11. 31—32. “The authentication root certificate [ARC] is the root of trust for the authentication certificate chain.” Id. at 10,11. 1—2. In contrast to the two independently originated certificate chains disclosed and claimed by Appellant, the Examiner finds Kuo discloses that “root certificate 170a” is the basis of a first chain leading to server certificate 174 and also is the basis of a second chain leading to certificate 172a, the intermediate CA certificate for organization A. Ans. 6. Kuo teaches a common origin for multiple certificate chains, but fails to teach “separate certificate chains that both originate from a trusted party as a root of trust,” as claimed. In view of the foregoing, we decline to sustain the rejection of independent Claims 1 and 19. 5 Appeal 2017-001250 Application 13/817,641 Claims 2-10, and 20-24: Obviousness over Kuo and any of Bellows, Higgins, or Bender Appellant contends none of Bellows, Higgins, or Bender remedies the deficiencies of Kuo as discussed above. App. Br. 7—10. The Examiner does not respond to Appellant’s arguments regarding the rejections under § 103. See Ans. 3—11. In view of the foregoing, we decline to sustain the rejection of the dependent claims. DECISION The rejection of Claims 1 and 19 under 35 U.S.C. § 102 is REVERSED. The rejection of Claims 2—10 and 20-24 under 35 U.S.C. § 103 is REVERSED. REVERSED 6