Ex Parte Giles et alDownload PDFPatent Trial and Appeal BoardDec 6, 201210896676 (P.T.A.B. Dec. 6, 2012) Copy Citation UNITED STATES PATENT AND TRADEMARK OFFICE ____________________ BEFORE THE PATENT TRIAL AND APPEAL BOARD ____________________ Ex parte VINCENT GILES and BRIAN JEMES ____________________ Appeal 2009-012952 Application 10/896,676 Technology Center 2400 ____________________ Before JOSEPH L. DIXON, ST. JOHN COURTENAY III, and CARLA M. KRIVAK, Administrative Patent Judges. DIXON, Administrative Patent Judge. DECISION ON APPEAL Appeal 2009-012952 Application 10/896,676 2 STATEMENT OF THE CASE Appellants appeal under 35 U.S.C. § 134 from a rejection of claims 1- 35. We have jurisdiction under 35 U.S.C. § 6(b). We reverse. The claims are directed to computer networks, and more particularly, to a method and apparatus for implementing network security policy control in a network infrastructure. Claim 1, reproduced below, is illustrative of the claimed subject matter: 1. A secured network configured to carry data, comprising a plurality of network bubbles and a plurality of network control points, wherein each said network bubble comprises one or more bubble partitions and each said bubble partition comprises at least one networked device configured to transmit and receive data, and all of the network devices corresponding to at least one of the plurality of network bubbles have a common network security policy, wherein at least one network control point is provided with a marker module arranged to mark outgoing packets with a label corresponding to the network bubble from which the packets originate that can be used to enforce the network security policy of the at least one network bubble. REFERENCES The prior art relied upon by the Examiner in rejecting the claims on appeal is: Lo US 5,850,515 Dec. 15, 1998 Hamadeh US 2004/0093521 Al May 13, 2004 Appeal 2009-012952 Application 10/896,676 3 Lee et al, On the Issues of IP Traceback for IPv6 and Mobile IPv6, Proceedings of the Eight IEEE International Symposium on Computers and Communications, vol. 1, 582-587 (2003), available at http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=1214181 (hereinafter “Lee H.”). Hyunq-Woo Lee, Advanced Packet Marking Mechanism with Push back for IP Traceback, Applied Cryptography and Network Security, Lecture Notes in Computer Science, vol. 3089 Springer, 426-438 (2004) (hereinafter “Lee”) REJECTIONS Claims 1-6, 8, 11-16, 18, 21-23, 25, 28-32, and 35 stand rejected under 35 U.S.C. § 102(e) as being anticipated by Hamadeh. Claims 7, 17, and 24 stand rejected under 35 U.S.C. § 103(a) as being unpatentable over Hamadeh in view of Lo. Claims 9, 19, 26, and 33 stand rejected under 35 U.S.C. § 103(a) as being unpatentable over Hamadeh in view of Lee. Claims 10, 20, 27, and 34 stand rejected under 35 U.S.C. § 103(a) as being unpatentable over Hamadeh in view of Lee H. ANALYSIS 35 U.S.C. § 102 Appellants argue that “Hamadeh does not disclose, teach, or suggest at least the limitation] ‘wherein at least one network control point is provided with a marker module arranged to mark outgoing packets with a label corresponding to the network bubble from which the packets originate that can be used to enforce the network security policy of the at least one network bubble.’” (App. Br. 7; see also Reply Br. 3). The Examiner Appeal 2009-012952 Application 10/896,676 4 maintains that Hamadeh’s paragraphs [0066)] and [0071] describe this limitation regarding outgoing packets. (Ans. 4). The Examiner maintains that Hamadeh describes the disputed limitation of independent claim 1 and independent claims 12, 21, and 28, which have corresponding limitations. The Examiner maintains that: S]ee paragraph 0066, “To protect the server 45, the entity operating or otherwise responsible for security of that device could identify all of the routers at the perimeter of its trust region and request that those routers mark all packets that are destined for the server 45 under consideration. In the example, assume that the trust region for the server 45 includes the network areas of AS1 (11) and AS2 (13). However, the network areas of AS (15) are outside this trusted region. The server 45 (or a party representing/protecting the server) would request that the routers forming the boundary of this trusted region (boundaries of AS1 and AS2) perform the marking on incoming packets from untrusted systems. (Ans. 4) (emphasis omitted). From our review of the relied upon portions of Hamadeh, we cannot agree with the Examiner that Hamadeh describes “a marker module arranged to mark outgoing packets” as recited in independent claim 1 (emphasis added). We find Hamadeh describes marking being performed at an input port processor as identified in figure 2. Therefore, Hamadeh does not describe “a marker module arranged to mark outgoing packets” (claim 1), but rather teaches marking incoming packets. Therefore, the Examiner has not shown Hamadeh anticipates independent claim 1. Additionally, we cannot sustain the anticipation rejection of independent claim 1 and dependent claims 2-6, 8, and 11, which depend therefrom. Independent claims 12, 21, and 28 contain similar Appeal 2009-012952 Application 10/896,676 5 limitations not described by Hamadeh. Therefore, we cannot sustain the rejection thereof and their corresponding dependent claims rejected under 35 U.S.C. §102. 35 U.S.C. §103 With respect to dependent claims 7, 9, 10, 17, 19, 20, 24, 26, 27, 33, and 34, the Examiner has not identified how the teachings of Lo, Lee, and Lee H references remedy the above-noted deficiency. Therefore, we cannot sustain the rejections of dependent claims 7, 9, 10, 17, 19, 20, 24, 26, 27, 33, and 34. CONCLUSIONS OF LAW The Examiner erred in rejecting claims 1-6, 8, 11-16, 18, 21-23, 25, 28-32, and 35 based upon 35 U.S.C. § 102 and erred in rejecting claims 7, 9, 10, 17, 19, 20, 24, 26, 27, 33, and 34 based upon 35 U.S.C. § 103. DECISION For the above reasons, the Examiner’s rejections of claims 1-35 are reversed. REVERSED llw Copy with citationCopy as parenthetical citation
