Ex Parte Arnold et alDownload PDFPatent Trial and Appeal BoardJan 31, 201310499275 (P.T.A.B. Jan. 31, 2013) Copy Citation UNITED STATES PATENT AND TRADEMARK OFFICE UNITED STATES DEPARTMENT OF COMMERCE United States Patent and Trademark Office Address: COMMISSIONER FOR PATENTS P.O. Box 1450 Alexandria, Virginia 22313-1450 www.uspto.gov APPLICATION NO. FILING DATE FIRST NAMED INVENTOR ATTORNEY DOCKET NO. CONFIRMATION NO. 10/499,275 02/09/2005 Oksana Arnold DE920010100US1 2290 30449 7590 01/31/2013 SCHMEISER, OLSEN & WATTS 22 CENTURY HILL DRIVE SUITE 302 LATHAM, NY 12110 EXAMINER BENGZON, GREG C ART UNIT PAPER NUMBER 2444 MAIL DATE DELIVERY MODE 01/31/2013 PAPER Please find below and/or attached an Office communication concerning this application or proceeding. The time period for reply, if any, is set in the attached communication. PTOL-90A (Rev. 04/07) UNITED STATES PATENT AND TRADEMARK OFFICE ____________ BEFORE THE PATENT TRIAL AND APPEAL BOARD ____________ Ex parte OKSANA ARNOLD, ANDREAS WERNER, ULRICH KRAEMER, and THOMAS LENTZ ____________ Appeal 2010-007008 Application 10/499,275 Technology Center 2400 ____________ Before SCOTT R. BOALICK, JEREMY J. CURCURI, and BARBARA A. BENOIT, Administrative Patent Judges. BENOIT, Administrative Patent Judge. DECISION ON APPEAL This is an appeal under 35 U.S.C. § 134(a) from the final rejection of claims 1-9 and 27-35. Claims 10-26 have been canceled. App. Br. 1. We have jurisdiction under 35 U.S.C. § 6(b). We affirm-in-part. Appeal 2010-007008 Application 10/499,275 2 STATEMENT OF THE CASE Appellants’ invention relates to computer-based technology for handling end-to-end business transactions in a TCP/IP environment. See generally Abstract. The claimed subject matter enables logon, provides a pool of IP addresses for allocation to user devices, and stores the user’s IP address together with attributes for accounting, authentication, and authorization (AAA). See id. Claims 1 and 27 are illustrative and read as follows, with key disputed limitations emphasized: 1. A method for handling end-to-end business transactions between a user and at least one sales-entity and/or service provider via a TCP/IP controlled computer network, wherein providing a transaction managing instance for managing said end-to-end business transactions, said method comprising: providing a pool of IP addresses on side of said transaction managing instance; performing an access authentication based single sign-on by said user managed by said transaction managing instance wherein said transaction managing instance is allocating an IP address out of said pool of IP addresses to said user, when said user initiates an online session for conducting at least one end-to-end business transaction with said at least one sales-entity and/or service provider; generating a session context including said allocated IP address and user identification information and continuously monitored transaction events by said user; transmitting an authorization request from the at least one sales-entity and/or service provider, or another service provider, to said transaction managing instance, when an at least one end-to-end business transaction with said at least one sales-entity and/or service provider occurs, wherein the transaction managing instance validates said user's authorization for said at least one business transaction based on said session context; monitoring said online session of said user and detecting if said online session is terminated; and Appeal 2010-007008 Application 10/499,275 3 invalidating said allocated IP address and said session context, if termination of said online session is detected, and providing said IP address back to said pool of IP addresses. 27. A method for handling an end-to-end business transaction between a user and an e-Service provider consisting of at least one sales- entity and/or service provider via a TCP/IP controlled computer network and a server instance for managing the end-to-end business transaction, said method comprising: performing a log-on of a user to an e-Network provider in response to the user having initiated an online session, wherein the e-Network provider, an e-Company, a server instance, and the e-Service provider are independently connected to an Internet, wherein a Network Access Server within the e-Network provider is connected to the Internet and to a database within the e-Company, wherein said performing the log-on of the user comprises said e-Network provider authenticating the user via use of information about the user stored in the database; after said performing the log-on of the user, selecting a first Internet Protocol (IP) address from a first pool of available IP addresses held by the e-Network provider and selecting a second IP address from a second pool of available IP addresses at the server instance; assigning the selected first IP address to the user and then connecting the user to the Internet via the Network Access Server; assigning the selected second IP address to the user and generating an IP tunneling connection that connects the user to the server instance via the Network Access Server and the Internet, wherein said generating the IP tunneling connection is based on the second IP address; generating a session context that includes the second IP address; said server instance receiving an authorization request from the e- Service provider when the end-to-end business transaction is initiated between the user and the e-Service provider; responsive to said receiving the authorization request, said server instance validating the user's authorization for the end-to-end business transaction, wherein said validating is based on only on the second IP address in the session context; and Appeal 2010-007008 Application 10/499,275 4 responsive to detection of a termination of the online session, invalidating the second IP address, invalidating the session context, and returning the second IP address to the second pool of available IP addresses. The Rejections The Examiner rejected claims 1 and 4-9 under 35 U.S.C. § 103(a) as unpatentable over Ronen (US 5,845,267; Dec. 1, 1998) and Sitaraman (US 6,427,170 B1; July 30, 2002). Ans. 4-8. The Examiner rejected claims 2, 3 and 27-35 under 35 U.S.C. § 103(a) as unpatentable over Ronen, Sitaraman, and Bendinelli (US 6,631,416 B2; Oct. 7, 2003). Ans. 8-17. ANALYSIS THE OBVIOUSNESS REJECTION OF RONEN AND SITARAMAN Claim 1 We are not persuaded by Appellants’ arguments (App. Br. 10-16; Reply Br. 2-10) that Sitaraman does not teach (1) performing the access authentication and (2) generating the session context as recited in claim 1 and that Ronen and Sitaraman are not properly combined. Contrary to the Appellants’ contentions, the Examiner correctly finds that Sitaraman teaches or suggests the recited performing access authentication and generating the session context steps. Ans. 4-7 (citing col. 7, l. 55-col. 8, l. 25, col. 8, ll. 25- 45). In the portion relied upon by the Examiner, Sitaraman discloses an architecture for an IP address management system in which, when a user attempts to log-in to a data communications network, a protocol gateway 4 queries an AAA (“authentication, authorization, and accounting”) service 10 to determine if the user is authorized and if an IP address already has been Appeal 2010-007008 Application 10/499,275 5 allocated to the user. Col. 7, ll. 58-62; see also col. 7, ll. 16-18. If an IP address has not already been allocated to the authorized user, Sitaraman’s dynamic IP address server 8 provides to the protocol gateway 4 an available IP address from an IP address pool 22. Col. 8, ll. 1-5. Sitaraman’s protocol gateway 4 allocates the IP address to the user. Col. 8, ll. 5-7. Based on this functionality, we are not persuaded of error in the Examiner’s position that Sitaraman teaches or suggests “performing an access authentication based single sign-on by said user managed by said transaction managing instance wherein said transaction managing instance is allocating an IP address out of said pool of IP addresses to said user, when said user initiates an online session for conducting at least one end-to-end business transaction with said at least one sales-entity and/or service provider,” as recited in claim 1. Appellants contend that the Examiner erred because Sitaraman’s AAA service 10 authenticates the user and Sitaraman’s dynamic IP address server 8 allocates the IP address to the user – that is, Sitaraman discloses two different entities (i.e., the AAA service 10 and the dynamic IP address server 8) perform user authentication and IP address allocation when claim 1 requires that a single entity (i.e., the recited transaction managing instance) perform both user authentication and IP address allocation. App. Br. 10-13; Reply Br. 2-5. Even assuming, without deciding, that claim 1 requires the recited transaction managing instance to both (i) perform an access authentication based single sign-on by the user managed by the transaction managing instance and (ii) allocate an IP address out of a pool of IP addresses to the user, Sitaraman’s protocol gateway 4 queries the AAA service 10 to Appeal 2010-007008 Application 10/499,275 6 determine whether the user is authorized (col. 7, ll. 58-62) and allocates the IP address received from the IP address server 8 to the user (col. 8, ll. 5-7), which teaches or suggests the performing step recited in claim 1. Further, as the Examiner explained in response to Appellants’ assertion that a single entity is required, Sitaraman discloses that the AAA service 10 and the IP address server 8 each can be implemented in the same machine or server as the protocol gateway, and, thus, Sitaraman discloses a single entity. Ans. 19 (stating the AAA service and IP address server are implemented as a singular entity embodied by the protocol gateway) (citing col. 6, l. 55-col. 7, l. 10). We are not persuaded that, as disclosed by Sitaraman, the machine or server on which the protocol gateway 4, the AAA service 10, and the dynamic IP address server 8 reside does not read on the recited transaction managing instance. Appellants’ argument (Reply Br. 3- 4) that AAA service 10 and the dynamic IP address server 8 are two different entities, even if they reside in the same machine, is not persuasive. Mere speculation unsupported by factual evidence is entitled to little probative value. Cf. In re Geisler, 116 F.3d 1465, 1470 (Fed. Cir. 1997). Appellants also argue Sitaraman does not disclose “generating a session context including said allocated IP address and user identification information and continuously monitored transaction events by said user,” as recited in claim 1. App. Br. 13-14; Reply Br. 5-7. We are not persuaded of Examiner error in finding that Sitaraman teaches or suggests the recited generating step in Sitaraman’s disclosure of maintaining user log-in and log- out information in database for user accounting events, which also includes the user name, an IP address, and the time at which the user logs in or out. Ans. 6 (citing col. 8, ll. 25-45). Appeal 2010-007008 Application 10/499,275 7 Appellants, although acknowledging Sitaraman discloses user accounting events that include user log in and log out, argue that this disclosure does not teach or suggest generating a session content that includes continuously monitored transaction events by the user, as found by the Examiner. App. Br. 14; Reply Br. 6. We disagree with Appellants that “generating a session context including . . . continuously monitored transaction events by said user” does not encompass Sitaraman’s user accounting events that include user log in and log out. Appellants have not pointed to any portion of their Specification or evidence of how a skilled artisan would interpret “continuously monitored transaction events” that would otherwise narrow the broad language of the claim to exclude user log in and log out events. See generally App. Br. 13-14; Reply Br. 5-7. Moreover, we note Appellants’ Specification, in describing the underlying concept of their invention, indicates that “the user’s network access is continuously monitored and it is determined if said online session is terminated” (Spec. 4), which undermines Appellants’ argument that Sitaraman’s user accounting events including user log out does not read on the recited generating step because it is not a “continuously monitored transaction event” as recited in claim 1. Appellants further contend that the Examiner improperly combined Sitaraman’s teaching with Ronen because Ronen already discloses centrally managing a pool of IP addresses and the combination would add costs and technical complexity. App. Br. 14-16; Reply Br. 8-10. We are not persuaded of error in the Examiner’s proposed combination of Ronen and Sitaraman in concluding claim 1 would have been obvious (Ans. 6-7). The Examiner indicated a reason for the combination would have been to provide Appeal 2010-007008 Application 10/499,275 8 a pool of IP addresses that are centrally managed and enable session accounting based on the temporary IP address. Ans. 7 (citing Sitaraman, col. 16, ll. 15-30, col. 18, ll. 10-15). In response to Appellants’ argument, the Examiner further explained that Sitaraman’s disclosure provides a more granular solution than Ronen and, in view of Sitaraman’s disclosure of the cost of procuring more IP addresses, an ordinarily skilled artisan would have been motivated to combine the teaching of the references despite the increased cost and complexity. Ans. 21. To the extent that Appellants argue against the physical incorporation of Sitaraman and Ronen because Ronen already discloses central management of IP addresses, such an argument is not availing. A determination of obviousness based on teachings from multiple references does not require an actual, physical substitution of elements from one reference into another reference. See In re Keller, 642 F.2d 413, 425 (CCPA 1981) (“The test for obviousness is not whether the features of a secondary reference may be bodily incorporated into the structure of the primary reference . . . .”). Thus, we agree that the Examiner’s proposed combination of Ronen and Sitaraman predictably uses prior art elements according to their established functions—an obvious improvement. See KSR Int’l Co. v. Teleflex Inc., 550 U.S. 398, 417 (2007). Accordingly, we find the Examiner’s reason to combine the teachings of the cited references supported by articulated reasoning with some rational underpinning to justify the Examiner’s obviousness conclusion. We therefore sustain the obviousness rejection of independent claim 1. Appeal 2010-007008 Application 10/499,275 9 Claims 4-9 Claim 4 depends from claim 1, and claim 5 depends from claim 4. For each claim, Appellants repeat their arguments regarding the patentability of claim 1. App. Br. 16, 17; Reply Br. 10, 11. We are not persuaded and refer to our previous discussion regarding claim 1. Regarding the additional features recited in claims 4 and 5, Appellants merely summarily assert that the portion of reference cited by the Examiner does not disclose the recited feature. App. Br. 17; Reply Br. 11, 12. This does not show error in the Examiner’s position. Accord In re Lovin, 652 F.3d 1349, 1357 (Fed. Cir. 2011) (“[T]he Board reasonably interpreted Rule 41.37 to require more substantive arguments in an appeal brief than a mere recitation of the claim elements and a naked assertion that the corresponding elements were not found in the prior art.”). Appellants further assert that the Examiner erred in not explaining why it would have been obvious to modify Ronen to incorporate the additional features recited in claims 4 or 5 related to the session context (App. Br. 17, 18; Reply Br. 11, 12). We are not persuaded of Examiner error because the Examiner has provided articulated reasoning, including enabling session accounting, to combine Ronen and Sitaraman as discussed above in connection with claim 1. See Ans. 6-7, 20-21. We see no reason why this articulated reasoning would not apply equally to the additional features recited in claims 4 and 5 related to the session context. Accordingly, Appellants have not persuaded us of error in the rejection of claims 4 and 5. Claim 6, which depends from claim 4, additionally recites the session context contains a username of the user and an accounting session identifier Appeal 2010-007008 Application 10/499,275 10 related to an accounting event. For the reasons discussed above with regard to claim 1, we are not persuaded by Appellants’ repeated argument (App. Br. 18; Reply Br. 12) that Ronen and Sitaraman fail to teach or suggest the recited subject matter recited in claim 1. Appellants contend that Sitaraman’s disclosure of a session number for the IP address during the IP address allocation event does not disclose an accounting session identifier related to an accounting event. Reply Br. 13. We are not persuaded that Sitaraman’s disclosure of a database for accounting events that includes a user name, an IP address, and other information (col. 8, ll. 30-45) and disclosure of a session number for the IP address (col. 8, ll. 20-25) does not at least suggest a session context that includes a username of the user and an accounting session identifier related to an accounting event, as found by the Examiner (Ans. 7, 21). Appellants’ arguments unduly focus on the specific terms present in Sitaraman’s disclosure and ignore the capabilities of the skilled artisan. The test for obviousness is “what the combined teachings of the references would have suggested to those of ordinary skill in the art.” In re Keller, 642 F.2d at 425. Moreover, as noted by the Court in KSR, “[a] person of ordinary skill is also a person of ordinary creativity, not an automaton.” 550 U.S. at 421. Claim 7 depends from claim 6 and further recites the session context further contains a class attribute for correlation of service-events. The Examiner cites Sitaraman for this feature. Ans. 8 (citing col. 8, ll. 30-45, col. 15, ll. 45-55); Ans. 21-22. Contrary to Appellants’ argument that the cited portion of Sitaraman is silent as to the session context containing a class attribute for correlation of service-events (App. Br. 19; Reply Br. 14), we are not persuaded that Appeal 2010-007008 Application 10/499,275 11 Sitaraman’s user accounting event information that includes a user name, an IP address, and session number for the IP address discussed above relative to claim 6 does not at least suggest a session context containing a class attribute for correlation of service-events, as the Examiner finds. For example, Sitaraman discloses user accounting events may be published as lists where one list collects IP address allocation events, another list collects accounting start events, and yet another list collects the accounting stop events. See col. 8, ll. 40-45; see also Ans. 8 (citing col. 8, ll. 30-45). Sitaraman’s disclosure at least suggests correlating information about these types of events for a user or an IP address from the three lists. Accordingly, we are not persuaded of error in the Examiner’s finding that this disclosure at least suggests the broad “a class attribute for correlation of service-events” recited in claim 7. As to Appellants’ other arguments relying on the same arguments presented regarding the combination of Ronen and Sitaraman related to claim 1 and asserting an improper combination of Ronen and Sitaraman (App. Br. 19; Reply Br. 13, 15), we refer to our previous discussion regarding claims 1 and 6. We therefore will sustain the rejection of claim 7. Claim 8, which depends from claim 1, recites recording or storing at least the IP address allocated to the user together with at least one attribute relevant for at least one of accounting, authentication, and authorization. For the reasons discussed above with regard to claim 1, we are not persuaded by Appellants’ repeated argument (App. Br. 20; Reply Br. 15) that Ronen and Sitaraman fail to teach or suggest the recited subject matter recited in claim 1. Nor are we persuaded by Appellants’ mere assertions (App. Br. 20; Reply Br. 15) that the portion of Sitaraman cited by the Appeal 2010-007008 Application 10/499,275 12 Examiner does not disclose the additional features of claim 8. Accord Lovin, 652 F.3d at 1357. Appellants further assert with regard to claim 8 that the Examiner erred in not explaining why it would have been obvious to modify Ronen to incorporate the additional features recited in claim 8 (App. Br. 20; Reply Br. 15, 16). We are not persuaded of Examiner error because the Examiner has articulated a reason with some rational underpinning, including enabling session accounting, to combine Ronen and Sitaraman as discussed above in connection with claim 1. See Ans. 6-7, 20-21. We see no reason why this articulated reasoning would not apply equally to the additional features recited in claim 8. We therefore will sustain the rejection of claim 8. Regarding claim 9, which depends from claim 8, we are not persuaded, for the reasons discussed above with respect to claim 1, by Appellants’ repeated argument (App. Br. 20; Reply Br. 16) that Ronen and Sitaraman fail to teach or suggest the recited subject matter recited in claim 1. Nor are we persuaded by Appellants’ mere assertions (App. Br. 21; Reply Br. 16) that the Examiner erred in not explaining why it would have been obvious to modify Ronen to incorporate the additional features recited in claim 9 (App. Br. 21; Reply Br. 16). We are not persuaded of Examiner error because the Examiner has articulated a reason with some rational underpinning, including enabling session accounting, to combine Ronen and Sitaraman as discussed above in connection with claim 1. See Ans. 6-7, 20- 21. We see no reason why this articulated reasoning would not apply equally to the additional features recited in claim 9. We therefore will sustain the rejection of claim 9. Appeal 2010-007008 Application 10/499,275 13 THE OBVIOUSNESS REJECTION OF RONEN, SITARAMAN, AND BENDINELLI Claims 2 and 3 In challenging the obviousness rejection of claims 2 and 3 as unpatentable over Ronen, Sitaraman, and Bendinelli, Appellants refer to previous arguments discussed above with respect to Ronen and Sitaraman. App. Br. 22; Reply Br. 18. We will sustain the rejection of claims 2 and 3 for the reasons discussed with respect to claim 1. Claims 27-35 In rejecting independent claim 27, the Examiner cites Ronen for disclosing “performing a log-on of a user to an e-Network provider in response to the user having initiated an online session, wherein the e- Network provider, an e-Company, a server instance, and the e-Service provider are independently connected to an Internet, wherein a Network Access Server within the e-Network provider is connected to the Internet and to a database within the e-Company.” Ans. 9 (citing col. 5, ll. 20-50). The Examiner, however, has not identified which specific portions at column 5, lines 20-50 of Ronen correspond to the specific aspects set forth in claim 27. For example, the Examiner has not identified which elements in Ronen correspond to the e-Network provider, an e-Company, a server instance, the e-Service provider, a Network Access Server within the e- Network provider, and a database within the e-Company. In response to Appellants’ proposed mapping (Table 1, App. Br. 24; Reply Br. 20) of the cited portion of Ronen column 5 with the recited elements to conclude (i) the recited server instance and Network Access Server were missing from Ronen and (ii) the e-Network provider, an e- Company, a server instance, and the e-Service provider were not Appeal 2010-007008 Application 10/499,275 14 independently connected to an Internet, the Examiner indicated that the recited connections need not be limited to physical connections but encompassed logical implementations on top of physical components (Ans. 22-23) and that the recited e-Company encompasses the recited server instance (Ans. 22). The Examiner, however, did not explain how the thirty lines of Ronen column 5 mapped to eight elements recited by claim 27 or whether the Examiner agreed with Appellants’ proposed mapping. In the absence of showing by the Examiner how the elements taught by Ronen in column 5 correspond to the various elements recited in claim 27, we cannot sustain the rejection. For the same reasons, we also do not sustain the rejections of dependent claims 28-35. CONCLUSION The Examiner did not err in rejecting claims 1-9 but erred in rejecting claims 27-35 under 35 U.S.C. § 103(a). ORDER The Examiner’s decision rejecting claims 1-9 and 27-35 is affirmed- in-part. No time period for taking any subsequent action in connection with this appeal may be extended under 37 C.F.R. § 1.136(a)(1)(iv). AFFIRMED-IN-PART kis Copy with citationCopy as parenthetical citation