Gaurav Banga et al.Download PDFPatent Trials and Appeals BoardSep 2, 20202019000010 (P.T.A.B. Sep. 2, 2020) Copy Citation UNITED STATES PATENT AND TRADEMARK OFFICE UNITED STATES DEPARTMENT OF COMMERCE United States Patent and Trademark Office Address: COMMISSIONER FOR PATENTS P.O. Box 1450 Alexandria, Virginia 22313-1450 www.uspto.gov APPLICATION NO. FILING DATE FIRST NAMED INVENTOR ATTORNEY DOCKET NO. CONFIRMATION NO. 14/328,189 07/10/2014 Gaurav Banga 85830721 1056 22879 7590 09/02/2020 HP Inc. 3390 E. Harmony Road Mail Stop 35 Fort Collins, CO 80528-9544 EXAMINER LABUD, JONATHAN R ART UNIT PAPER NUMBER 2196 NOTIFICATION DATE DELIVERY MODE 09/02/2020 ELECTRONIC Please find below and/or attached an Office communication concerning this application or proceeding. The time period for reply, if any, is set in the attached communication. Notice of the Office communication was sent electronically on above-indicated "Notification Date" to the following e-mail address(es): ipa.mail@hp.com jessica.pazdan@hp.com yvonne.bailey@hp.com PTOL-90A (Rev. 04/07) UNITED STATES PATENT AND TRADEMARK OFFICE BEFORE THE PATENT TRIAL AND APPEAL BOARD Ex parte GAURAV BANGA, IAN PRATT, VIKRAM KAPOOR, and KIRAN BONDALAPATI Appeal 2019-000010 Application 14/328,189 Technology Center 2100 Before JAMES R. HUGHES, DENISE M. POTHIER, and SCOTT E. BAIN, Administrative Patent Judges. POTHIER, Administrative Patent Judge. DECISION ON APPEAL Appeal 2019-000010 Application 14/328,189 2 STATEMENT OF THE CASE Pursuant to 35 U.S.C. § 134(a), Appellant1,2 appeals from the Examiner’s decision to reject claims 1–22. Appeal Br. 5. The Examiner has withdrawn the rejection of claims 1–22 under 35 U.S.C. § 101. Ans. 3. We have jurisdiction under 35 U.S.C. § 6(b). We REVERSE. CLAIMED SUBJECT MATTER The claims “relate to downloading data in a dedicated virtual machine.” Spec. ¶ 4; id. ¶ 11. The invention’s technique includes migrating downloading activity to a computer system’s dedicated virtual machine (VM) that (1) may be a different operating environment than from where the download request originated and (2) may not have access to sensitive resources (e.g., the file system and memory areas) of the computer system. Id. ¶¶ 12, 18. The dedicated VM is instantiated “solely for the purpose of doing network activity and writing bytes to a file system.” Id. ¶ 26. This permits download operations to be isolated and to be performed securely on the computer system. See id. ¶¶ 12, 28. Claim 15 illustrates the claimed subject matter below: 15. A method for safely receiving information from another apparatus, comprising: 1 We use the word Appellant to refer to “applicant” as defined in 37 C.F.R. § 1.42(a). Appellant identifies the real party in interest as Bromium, Inc. Appeal Br. 3. 2 Throughout this opinion, we refer to the Final Action (Final Act.) mailed January 10, 2018, the Appeal Brief (Appeal Br.) filed April 10, 2018, the Examiner’s Answer (Ans.) mailed July 30, 2018, and the Reply Brief (Reply Br.) filed September 28, 2018. Appeal 2019-000010 Application 14/328,189 3 upon intercepting, at a network stack level on a computer system, from a process executing within a first virtual machine or a host operating system running on the computer system, a request to transfer data from an external location to the computer system, initiating a connection with the external location using parameters identified in the request; and performing the request by transferring the data from the external location to a second virtual machine, running on the computer system, which is prohibited from interpreting or executing the data transferred from the external location. Appeal Br. 21 (Claims App.). REFERENCES The prior art relied upon by the Examiner is: Name Reference Date Baumann US 2002/0099844 A1 July 25, 2002 Grzonka US 2006/0004737 A1 Jan. 5, 2006 Hutton US 2006/0271926 A1 Nov. 30, 2006 Ferri US 2010/0192224 A1 July 29, 2010 Sanghvi US 2012/0210318 A1 Aug. 16, 2012 OBVIOUSNESS REJECTION OVER FERRI, GRZONKA, AND SANGHVI Claims 1, 2, 6–9, 13–16, and 20–223 are rejected under 35 U.S.C. § 103(a) as being unpatentable over Ferri, Grzonka, and Sanghvi. Final Act. 6–10. For independent claims 1, 8, and 15, the rejection cites Ferri to teach its features, except for intercepting the request to transfer data “at a network stack level on a computer system” and “a second virtual machine . . . prohibited from interpreting or executing the data transferred from the 3 Although the heading the rejection does not include claim 22, the rejection’s body addresses the claim. Compare Final Act. 6, with id. at 10. Appeal 2019-000010 Application 14/328,189 4 external location.” Id. at 6–7 (citing Ferri ¶¶ 3, 9–20, 25, Figs. 1–2, 4), 9 (referring to claim 1 for claims 8 and 15). The rejection turns to Grzonka in combination with Ferri to teach “a second virtual machine . . . prohibited from interpreting or executing the data transferred from the external location” (id. at 7 (citing Grzonka ¶¶ 3–5, 39); Ans. 4 (citing Ferri ¶¶ 14, 26)) and Sanghvi in combination with Ferri and Grzonka to teach intercepting the request to transfer data “at a network stack level on a computer system” (Final Act. 8 (citing Sanghvi ¶¶ 28, 43, Fig. 4)). Reproducing Ferri’s paragraph 3 (Appeal Br. 13), Appellant argues that Ferri’s sandbox session, which “is analogous to the second virtual machine as claimed” (id. at 14), “necessarily requires that the sandbox session interpret and render the web page [referenced by a hyperlink] so that it may be displayed.” Id.; see id. at 13–14 (quoting from Final Act. 7 (citing Ferri ¶¶ 9–20, 25, Figs. 1–2)). Appellant contends modifying Ferri’s sandbox session based on Grzonka’s teaching would render Ferri unsatisfactory for its intended purpose because Ferri’s sandbox session would no longer interpret and render web pages. Id. at 14–16 (citing the Manual of Patent Examining Procedure (MPEP) § 2143.014(V) and In re Gordon, 733 F.2d 900 (Fed. Cir. 1984)). 4 The Appeal Brief refers to “§ 2143(V).” Id. at 15–16. We found the quoted language in MPEP § 2143.01(V). Appeal 2019-000010 Application 14/328,189 5 ISSUE Would modifying Ferri with Grzonka as proposed to arrive at the recited step of “performing the request by transferring the data from the external location to a second virtual machine . . . , which is prohibited from interpreting or executing the data transferred from the external location” render Ferri unsatisfactory for its intended purpose or change Ferri’s principle of operation? ANALYSIS On the record before us, we are persuaded the Examiner has erred. The Specification explains, when a user selects a link to code on a web browser, the web browser contacts a web site by initiating a download request for a particular file (e.g., HTML file, PHP file, or a JavaScript file) to a web site and then retrieves the file. Spec. ¶ 24. Thus, in this example of a web browser “[i]n normal use” (id. ¶ 24), claim 1’s “request to transfer data from an external location to the computer system” is the download request for a particular file and the web browser retrieves the file, which is usually interpreted by the browser. See id. Ferri’s sandbox session operates similarly to that described above when a web browser is in normal use. For example, Ferri discusses (1) detecting a selection of a hyperlink (e.g., hyperlink 105, which is a link to code, on host session’s web browser 103), (2) creating a sandbox session (e.g., 111) implemented as a virtual machine that instantiates a browser (e.g., 113), (3) requesting the content referenced by the hyperlink, and (4) rendering a web page (e.g., 115) on its web browser (e.g., 113). Ferri ¶¶ 11– Appeal 2019-000010 Application 14/328,189 6 14, Fig. 1; see id. ¶ 3 (discussing loading the web page in the sandbox session’s web browser), quoted in Appeal Br. 13. Claim 1, however, recites “performing the request by transferring the data from the external location to a second virtual machine . . . , which is prohibited from interpreting or executing the data transferred from the external location.” Appeal Br. 18 (Claims App.) (emphasis added). We agree with Appellant (see Appeal Br. 14) that Ferri’s sandbox session, which the Examiner mapped to the recited “second virtual machine” (see Final Act. 7), interprets or executes the requested data transferred (e.g., request for content referenced by the selected hyperlink) in order for its browser to render the web page as described. See Ferri ¶ 14. Nonetheless, the Examiner contends Ferri further teaches that Ferri’s sandbox environment may not interpret and render the web page identified by the hyperlink, citing to a particular passage within Ferri’s paragraph 14. Ans. 4. In particular, Ferri states: At stage C, the sandbox session management unit 109 instantiates a browser 113, assuming the browser 113 was not already instantiated, and configures the browser 113 in the sandbox session 111. The sandbox session management unit 109 also requests the content referenced by the hyper link 105. When the requested content is received, the browser 113 renders a web page 115 . . . . In some cases, a browser in a sandbox session may be configured with additional security settings. Examples of additional security settings include disabling opening of additional hyperlinks, disabling running of scripts, etc. Ferri ¶ 14 (emphasis added). Based on the emphasized passage, the Examiner contends “a wide range of permissions and content is possible through the use of the sandbox’s session’s additional security” (Ans. 4), Appeal 2019-000010 Application 14/328,189 7 including a sandbox environment configured “not [to] interpret and render content referenced by a hyperlink in the form of a web page (e.g. html, scripts, etc.).” Id. at 5. We disagree with the Examiner’s understanding of Ferri’s additional security settings. Ferri’s “additional security settings” do not disable opening (e.g., interpreting or executing) the originally requested hyperlink (e.g., the recited “request to transfer data”). See Ferri ¶ 14. Rather, Ferri describes the “additional security settings include disabling opening of additional hyperlinks” (id. (emphasis added)), such as additional hyperlinks located within the rendered web page (e.g., 115) discussed in paragraph 14. See id., Fig. 1. Moreover, even if we were to consider a request for one of these additional hyperlinks as the recited “request to transfer data,” this request is from a process executing within the sandbox session, which is the mapped “second virtual machine,” not the recited “first virtual machine” required by claim 1. Thus, Ferri’s “disabling opening of additional hyperlinks” in paragraph 14 does not suggest “performing the request by transferring data from the external location to a second virtual machine . . . , which is prohibited from interpreting or executing the data transferred from the external location” as claim 1 recites. See Reply Br. 9 (stating the “configuration setting of a web browser does not satisfy the express requirements of a second virtual machine as recited by Claim 1.”) Ferri also discusses “disabling running of scripts” as an additional setting for the configured web browser in the sandbox session. Ferri ¶ 14. We understand this teaching to mean the sandbox session’s browser (e.g., Appeal 2019-000010 Application 14/328,189 8 113) may disable running some of the scripts or code5 associated with the requested hyperlink but still renders a web page (e.g., the requested data transferred) when read in the context of paragraph 14 in its entirety, which states earlier in the paragraph that the requested hyperlink (e.g., data transferred) is rendered as web page 115. See id. As such, we disagree that paragraph 14 suggests the second virtual machine in Ferri is “prohibited from interpreting or executing the data transferred[6] from the external location” (e.g., the data referenced by selected hyperlink) in claim 1 as the Examiner proposes. See Reply Br. 9 (stating “the configuration setting of a web browser does not satisfy the express requirements of a second virtual machine as recited by Claim 1.”) As for Ferri’s Paragraph 26 (see Ans. 6), this passage teaches extending its technique of opening content referenced by a hyperlink in a sandbox session’s browser to opening email attachments within a sandbox session. Ferri ¶ 26. Rather than demonstrating prohibiting interpreting or executing the requested data transferred from an external location (e.g., the hyperlink content or email attachment), this passage further suggests Ferri does not teach “a second virtual machine . . . , which is prohibited from 5 The Specification describes a web browser contacting a web site to retrieve one or more files comprising code (e.g., HTML file, a PHP file, and a JavaScript file) that is usually interpreted by the browser. Spec. ¶ 24. 6 Claim 1 recites broadly “a request to transfer data.” The Specification describes examples of requested data but does not define what this data encompasses. See Spec. ¶ 24 (discussing retrieving “one or more files comprising code” or “a particular file.”) The Specification also discusses an example where download VM 180 “does not interpret or execute any code being downloaded.” Id. ¶ 34. Notably, claim 1 is not limited to prohibiting interpreting or executing any code downloaded. Appeal 2019-000010 Application 14/328,189 9 interpreting or executing the data transferred from the external location” as claim 1 recites. See Reply Br. 5 (stating that Ferri’s paragraph 26 “actually teaches that [the] email [attachment] [is] to be interpreted within the same virtual machine.”). Accordingly, based on the record, we agree with Appellant (see Appeal Br. 15–16; see Reply Br. 2–3) that modifying Ferri with Grzonka’s quarantine approach (Grzonka ¶¶ 3, 39) as the proposed (Final Act. 7) to “prohibit[] . . . interpreting or executing the data transferred from the external location” as claim 1 recites, would result in either rendering Ferri inoperable for one of its intended purposes or change one of its principle of operation. Specifically, Ferri discloses the sandbox session technique is “implemented to instantiate a web browser within a controlled virtual environment (‘sandbox’) that simulates the host system while restricting the virtual environment to designated space(s) and/or resources of the host system to prevent harmful effects” and “allows web navigation of risky web sites without deleterious effects on the host system.” Ferri, code (57). If modified to quarantine the web page’s content as proposed (see Final Act. 7), Ferri will no longer serve its purposes to simulate the host system and to allow web navigation of risky web sites within a protected environment. See Gordon, 733 F.2d at 902 (indicating a rejection based on French did not establish a prima facie case of obviousness because, as proposed, “French apparatus . . . would be rendered inoperable for its intended purpose”); see also In re Ratti, 270 F.2d 810, 813 (CCPA 1959) (holding that the proposed combination of Jepson with Chinnery would change Chinnery’s basic principles under which its apparatus was designed to operate). Appeal 2019-000010 Application 14/328,189 10 For the foregoing reasons, Appellant has persuaded us of error in the rejection of (1) independent claim 1, (2) independent claims 8 and 15, which recite commensurate limitations, and (3) the rejected, dependent claims for similar reasons. THE REMAINING OBVIOUSNESS REJECTIONS Claims 3, 4, 10, 11, 17, and 18 are rejected under 35 U.S.C. § 103(a) as being unpatentable over Ferri, Grzonka, Sanghvi, and Baumann. Final Act. 10–12. Claims 5, 12, and 19 are rejected under 35 U.S.C. § 103(a) as being unpatentable over Ferri, Grzonka, Sanghvi, and Hutton. Id. at 12–13. Appellant has not separately argued these rejections but relies on the argument presented for the independent claims. Appeal Br. 17. The rejections of claims 3–5, 10–12, and 17–19 do not cite to the additional references to cure the above-noted problems. See id. at 10–13. Thus, for the reasons discussed above, we will not sustain these rejections. CONCLUSION In summary: Claims Rejected 35 U.S.C. § Reference(s)/Basis Affirmed Reversed 1, 2, 6–9, 13–16, 20– 22 103(a) Ferri, Grzonka, Sanghvi 1, 2, 6–9, 13–16, 20– 22 3, 4, 10, 11, 17, 18 103(a) Ferri, Grzonka, Sanghvi, Baumann 3, 4, 10, 11, 17, 18 5, 12, 19 103(a) Ferri, Grzonka, Sanghvi, Hutton 5, 12, 19 Overall Outcome 1–22 Appeal 2019-000010 Application 14/328,189 11 REVERSED Copy with citationCopy as parenthetical citation
