11799217 - (D) (P.T.A.B. Jul. 30, 2014)

Ex Parte Schiller

Patent Trials and Appeals BoardJul 30, 2014

11799217 - (D) (P.T.A.B. Jul. 30, 2014)

UNITED STATES PATENT AND TRADEMARK OFFICE ____________________ BEFORE THE PATENT TRIAL AND APPEAL BOARD ____________________ Ex parte MARK R. SCHILLER ____________________ Appeal 2012-001542 Application 11/799,217 Technology Center 2400 ____________________ Before ST. JOHN COURTENAY III, THU A. DANG, and LARRY J. HUME, Administrative Patent Judges. DANG, Administrative Patent Judge. DECISION ON APPEAL Appeal 2012-001542 Application 11/799,217 2 I. STATEMENT OF THE CASE Appellant appeals under 35 U.S.C. § 134(a) from a final rejection of claims 1–28. We have jurisdiction under 35 U.S.C. § 6(b). We affirm. A. INVENTION According to Appellant, the invention relates to a tamper indication system for a computing system that comprises a sensor reader configured to determine a state of a tamper sensor of the computing system, and firmware disposed in the computing system that is configured to cause a report to evidence whether the report has been tampered with, the report indicating the state of the tamper sensor (Spec. 11, ll. 4–7). B. ILLUSTRATIVE CLAIM Claim 1 is exemplary: 1. A tamper indication method for a computing system, comprising: determining a state of a tamper sensor of the computing system with a sensor reader of the computing system during a boot process of the computing system; and causing a report to evidence whether the report has been tampered with, the report indicating the state of the tamper sensor. C. REJECTION1 The prior art relied upon by the Examiner as evidence in rejecting the claims on appeal is: 1 We note the Examiner withdrew the § 101 rejection of claims 1–8. Ans. 4. Appeal 2012-001542 Application 11/799,217 3 Hoerner US 2007/0030149 A1 Feb. 8, 2007 Booth US 2007/0300207 A1 Dec. 27, 2007 Claims 1–23 stand rejected under 35 U.S.C. § 102(e) as being anticipated by Booth. Claims 24–28 stand rejected under 35 U.S.C. § 103(a) as being unpatentable over Booth and Hoerner. II. ISSUE The principal issue before us is whether the Examiner erred in finding Booth discloses “determining a state of a tamper sensor . . . during a boot process,” and “causing a report to evidence whether the report has been tampered with, the report indicating the state of the tamper sensor” as recited in claim 1 (emphases added). III. FINDINGS OF FACT The following Findings of Fact (FF) are shown by a preponderance of the evidence. Booth Booth discloses a non-volatile storage device 240 that stores secure data and protects that data from attackers (e.g., protecting the data from being changed), wherein the device is destroyed or rendered unreadable if there is an attempt to modify the data stored therein (p. 2, ¶ 20). Appeal 2012-001542 Application 11/799,217 4 IV. ANALYSIS Claims 1-23 As to independent claims 1 and 9, Appellant contends “Booth says nothing about a tamper sensor,” “Booth says nothing about generating a report indicating the state of the tamper sensor,” and “Booth says nothing about causing the report to evidence tampering of the report itself” (App. Br. 8). Although Appellant concedes Booth’s “boot code validation device, which compares the boot code to the hash value” could be a “tamper sensor,” Appellant contends “the rejection fails for not articulating where Booth discloses anything about determining a state of the boot code validation device” (App. Br. 9). At the outset, although Appellant argues, “Booth says nothing about generating a report indicating the state of the tamper sensor” (App. Br. 8), such argument is not commensurate in scope with the recited language of claim 1 (and similarly claim 9). In particular, claim 1 (and similarly claim 9) does not recite any such “generating” a report. Instead, we note claim 1 merely recites “causing a report [i.e., any report] to evidence” (emphasis added) whether the report has been tampered with. Similarly, claim 9 merely recites “firmware” that is “configured to cause a report [any report] to evidence”. Moreover, claims 1 and 9 do not indicate whether the report is part of the computing system itself or a report in another system. We find the recited “causing” and “configured to cause a report to evidence” language in claims 1 and 9 is a statement of intended purpose of the report, which does not narrow the claims. Particularly, an intended purpose will not narrow the scope of the claim because it merely defines a Appeal 2012-001542 Application 11/799,217 5 context in which the invention operates. Boehringer Ingelheim Vetmedica, Inc. v. Schering-Plough Corp., 320 F.3d 1339, 1345 (Fed. Cir. 2003). Furthermore, we must give a claim its broadest reasonable interpretation consistent with the Specification. See In re Morris, 127 F.3d 1048, 1054 (Fed. Cir. 1997). We note claim 1 (and similarly claim 9) does not define what is a “state” of a tamper sensor, or what is a “report,” other than the “state” is determined during a boot process; and the “report” is caused to perform an intended function (“to evidence”) and indicates the state of the tamper sensor. Accordingly, we give “state” its broadest reasonable interpretation as any determined condition of the tamper sensor. We also give “report” its broadest reasonable interpretation and any data that is caused/enabled to be provided that indicates the state of the tamper sensor. Consequently, we give claim 1 (and also claim 9) the broadest reasonable interpretation as merely requiring determining a condition of a tamper sensor and enabling data to be provided, wherein such provided data indicates the determined condition. Booth discloses a non-volatile storage device that determines/senses tampering by determining whether there’s change in the data therein, wherein the device determines if there is an attempt to modify the data stored therein and thus the data itself is destroyed or rendered unreadable if there is an attempt to modify the data (FF). That is, Booth discloses a device that senses tampering, i.e., a “tamper sensor,” wherein the condition/state of the device (whether or not an attempt has been made to modify the data therein) is determined, and the data is then destroyed or rendered unreadable which evidences that the data in the device has been tampered with (id,). We agree with the Examiner that Booth discloses “determining a state of a Appeal 2012-001542 Application 11/799,217 6 tamper sensor” and “causing” data to be provided, the data “indicating the state of the tamper sensor,” as required by claim 1 and similarly claim 9 (Ans. 5). Accordingly, we find no error in the Examiner’s anticipation rejection of representative claims 1 and 9 over Booth. As to independent claim 17, Appellant contends, “the rejection fails for not articulating where Booth discloses anything about determining whether the boot code validation device has been subject to tampering” (App. Br. 11). However, as discussed above, Booth discloses a device that senses tampering, wherein the condition/state of the device (whether or not an attempt has been made to modify the data therein) is determined, and destroying or rendering the data unreadable which evidences that the data in the device has been tampered with (FF). We agree with the Examiner that Booth discloses, “indicating tampering with the boot code” (Ans. 13), as required by claim 17. Accordingly, we find no error in the Examiner’s rejection of claim 17 over Booth. Similarly, as to independent claim 21, Appellant repeats the argument “Booth fails to disclose any tamper sensor” and “fails to disclose any report that indicates whether the tamper sensor has been subject to tampering” (App. Br. 12). However, as discussed above, Booth discloses a device that senses tampering, i.e., a “tamper sensor,” wherein the condition/state of the device (whether or not an attempt has been made to modify the data) is determined and indicated by and destroying or rendering the data unreadable (FF). Accordingly, we find no error in the Examiner’s rejection of claim 21 over Booth. Appeal 2012-001542 Application 11/799,217 7 As for dependent claim 18, although Appellant contends “the Examiner fails to articulate any evidence where Boot[h] allegedly discloses any verification of an integrity of the error message itself” (App. Br. 12), we find no error with the Examiner’s finding that Booth discloses “the boot code may cause the system . . . to disable the printing function” wherein “[o]peration may be prevent[ed] until the invalid code is returned to an authentic state” (Ans. 14). As for dependent claims 4 and 12, although Appellant contends “Booth fails to disclose a method or firmware wherein the report indicating the state of a tamper center is digital signed” (App. Br. 13), we find no error with the Examiner’s finding that Booth discloses “the boot code may validate the remainder of the firmware, for example, using signature verification mechanisms or other standard validation algorithms known to those skilled in the art” (Ans. 14-15). As for dependent claims 5 and 13, although Appellant contends “Booth fails to disclose a method or firmware wherein the report indicating the state of a tamper center is encrypted” (App. Br. 13), we find no error with the Examiner’s finding “Booth discloses encrypting the report with a RSA algorithm for public-key encryption” (Ans. 15). As for dependent claims 6 and 10, although Appellant contends “nowhere does Booth disclose that the results of the validation are stored in a trusted firmware memory” (App. Br. 14), we find no error with the Examiner’s finding “Booth discloses that the system for boot validation includes a firmware storage device including firmware, which includes at least boot code, and a secure non-volatile storage device” (Ans. 15). Appeal 2012-001542 Application 11/799,217 8 As for dependent claims 7 and 15, although Appellant contends “nowhere does Booth disclose that the results of the validation are exported to an external monitoring system” (App. Br. 15, emphasis omitted), we find no error with the Examiner’s finding “Booth discloses that the results are transmitted to a host system for further validation” (Ans. 16). As for dependent claims 8 and 16, Appellant contends “Booth fails to disclose a method or firmware wherein a monitoring system . . . verifies an integrity of the report received from the computing system” (App. Br. 15). However, we find no error with the Examiner’s finding Booth discloses “the integrity report is verified by the use of a hashing function” (Ans. 16). Thus, we find no error with the Examiner’s rejection of claims 4-8, 10, 12, 13, 15-18, and 21 over Booth. Appellant provides no argument for claims 2, 3, 11, 14, 19, 20, 22, and 23 separate from those of claim 1, 9, 17, and 21 (App. Br. 11) from which they respectively depend, and thus, claims 2, 3, 11, 14, 19, 20, 22, and 23 fall with claims 1, 9, 17 and 21 over Booth. Claims 24-28 Appellant contends “[c]laims 24-27 each require that the tamper sensor comprise a sensor configured to detect physical removal of a protected asset FROM THE COMPUTER SYSTEM” wherein Hoerner’s “label 10 is neither an asset of the computer system nor is label 10 part of a tamper sensor that detects tampering with the computer” (App. Br. 18). Appellant then repeats the argument that there is no teaching of “any report that indicates or evidences tampering with the tamper sensor itself” (id.). However, we find no error with the Examiner’s finding, “Booth discloses a comput[er] system that generates a report indicating or evidencing that the tamper sensor itself has been tampered with” and Appeal 2012-001542 Application 11/799,217 9 “Hoerner teaches a sensor to detect physical removal” for “theft deterrence of a portable computer,” wherein the combination would at least have suggested the features of claims 24-27 (Ans. 16). That is, because the Examiner rejects the claims as obvious over Booth in view of Hoerner, the test for obviousness is not what each reference individually shows but what the combined teachings would have suggested to one of ordinary skill in the art. See In re Merck & Co., 800 F.2d 1091, 1097 (Fed. Cir. 1986). The Supreme Court has stated “[t]he combination of familiar elements according to known methods is likely to be obvious when it does no more than yield predictable results.” KSR Int’l Co. v. Teleflex Inc., 550 U.S. 398, 416 (2007). Thus, we find no error in the Examiner’s finding that the combination of Booth’s system that evidences the tampering of the tamper sensor itself with Hoerner’s system of detecting physical removal would at least have suggested the claimed features of claims 24-27 (Ans. 16). As for dependent claim 28, although Appellant argues Booth in combination of Hoerner “would still fail to disclose the generation of a report indicating tampering with a thin wire optical fiber serving as a tamper sensor” (App. Br. 19), we find no error with the Examiner’s finding “Hoerner teaches optical fiber that breaks upon removal of a protected assert” (Ans. 17). That is, we agree that Hoerner, when combined with Booth, would at least have suggested the features of claim 28. Appeal 2012-001542 Application 11/799,217 10 IV. CONCLUSION AND DECISION The Examiner’s rejections of claims 1-23 under 35 U.S.C. § 102(b) and of claims 24-28 under 35 U.S.C. § 103(a) are affirmed.2 No time period for taking any subsequent action in connection with this appeal may be extended under 37 C.F.R. § 1.136(a)(1)(iv). AFFIRMED llw 2 In the event of further prosecution, we leave it to the Examiner to evaluate claims 1-20 for compliance with 35 U.S.C. § 101 in view of Digitech Image Technologies, LLC v. Electronics For Imaging, Inc., No. 13-1600, 2014 WL 3377201, slip op. 11 (Fed. Cir. 2014), aff’d. In Digitech, the Federal Circuit held claims to a process of organizing information through mathematical correlations was not tied to a specific structure or machine, and was thus an abstract idea and ineligible under § 101. The Federal circuit further noted “[a] claim may be eligible if it includes additional inventive features such that the claim scope does not solely capture the abstract idea.” Id. (citing Alice Corp. Pty. Ltd. v. CLS Bank Int’l, 134 S. Ct. 2347, 2358 (2014). Here, we leave it to the Examiner to evaluate the claims as to whether they solely capture an abstract idea without any ties to a specific structure or machine. In particular, we note independent claim 1 merely recites determining a state (i.e., a set of data associated with a tamper sensor), and causing another set of data (a report) to evidence/display certain information; while independent claim 17 merely recites receiving data indicating certain information.