Ex Parte Hou et alDownload PDFPatent Trial and Appeal BoardDec 18, 201714161188 (P.T.A.B. Dec. 18, 2017) Copy Citation United States Patent and Trademark Office UNITED STATES DEPARTMENT OF COMMERCE United States Patent and Trademark Office Address: COMMISSIONER FOR PATENTS P.O.Box 1450 Alexandria, Virginia 22313-1450 www.uspto.gov APPLICATION NO. FILING DATE FIRST NAMED INVENTOR ATTORNEY DOCKET NO. CONFIRMATION NO. 14/161,188 01/22/2014 Justin Alexander Hou 340300.02 3692 69316 7590 12/20/2017 MICROSOFT CORPORATION ONE MICROSOFT WAY REDMOND, WA 98052 EXAMINER THIAW, CATHERINE B ART UNIT PAPER NUMBER 2493 NOTIFICATION DATE DELIVERY MODE 12/20/2017 ELECTRONIC Please find below and/or attached an Office communication concerning this application or proceeding. The time period for reply, if any, is set in the attached communication. Notice of the Office communication was sent electronically on above-indicated "Notification Date" to the following e-mail address(es): u sdocket @ micro soft .com chriochs @microsoft.com PTOL-90A (Rev. 04/07) UNITED STATES PATENT AND TRADEMARK OFFICE BEFORE THE PATENT TRIAL AND APPEAL BOARD Ex parte JUSTIN ALEXANDER HOU, CHRISTOPHER WILLIAM THILGEN, VLADIMIR HOLOSTOV, and ROY WILLIAMS (Applicant: Microsoft Corporation) Appeal 2017-003474 Application 14/ 161,18s1 Technology Center 2400 Before ELENI MANTIS MERCADER, SCOTT B. HOWARD, and MATTHEW J. McNEILL, Administrative Patent Judges. HOWARD, Administrative Patent Judge. DECISION ON APPEAL Appellant appeals under 35 U.S.C. § 134(a) from the Final Rejection of claims 1—20, which constitute all of the claims pending in this application. We have jurisdiction under 35 U.S.C. § 6(b). We affirm. 1 Appellant identifies Microsoft Technology Licensing, LLC as the real party in interest. App. Br. 1. Appeal 2017-003474 Application 14/161,188 THE INVENTION The disclosed and claimed invention is directed to a secure remote modification of device credentials. See Abstract. Claim 1, reproduced below, is illustrative of the claimed subject matter: 1. A method in a user device, comprising: storing a plurality of credentials policies at the user device; merging the credentials policies by the user device to generate a merged credentials policy; receiving an instruction from a trusted service that is external to the user device, subsequent to storing and merging the plurality of credential policies, to initiate a device credentials change; and generating, at the user device, a new device credentials to allow a user of the user device to access the user device based at least on the merged credentials policy. REFERENCES The prior art relied upon by the Examiner as evidence in rejecting the claims on appeal is: Jancula Mohanty Chao McLachlan US 2009/0158406 A1 US 2013/0080765 A1 US 8,739,261 B2 US 2014/0189829 A1 June 18, 2009 Mar. 28, 2013 May 27, 2014 (filed Aug. 29, 2012) July 3, 2014 (filed Dec. 1,2012) “Expiring passwords at the user level,” http://help.globalscape.com/help/eft6- 2/mergedprojects/eft/expiring_passwords_at_the_user_level.htm (last modified Aug. 18, 2011) (hereinafter “Globalscape”) 2 Appeal 2017-003474 Application 14/161,188 REJECTIONS Claims 1, 2, 5, 6, 8, 9, 12, 13, 15, 16, 19, and 20 stand rejected under 35 U.S.C. § 103 as being unpatentable over Jancula in view of Globalscape. Final Act. 4—10. Claims 3,10, and 17 stand rejected under 35 U.S.C. § 103 as being unpatentable over Jancula in view of Globalscape and Mohanty. Final Act. 10-11. Claims 4, 11, and 18 stand rejected under 35 U.S.C. § 103 as being unpatentable over Jancula in view of Globalscape and Chao. Final Act. 11— 12. Claims 7 and 14 stand rejected under 35 U.S.C. § 103 as being unpatentable over Jancula in view of Globalscape and McLachlan. Final Act. 12-13. ANALYSIS We have reviewed the Examiner’s rejection in light of Appellant’s arguments that the Examiner erred. In reaching this decision, we have considered all evidence presented and all arguments made by Appellant.2 We are not persuaded by Appellant’s arguments regarding claims 1—20. 2 Rather than reiterate the entirety of the arguments of Appellant and the positions of the Examiner, we refer to the Appeal Brief (filed Sept. 1, 2016); the Reply Brief (filed Dec. 19, 2016); the Final Office Action (mailed Apr. 14, 2016); and the Examiner’s Answer (mailed Oct. 17, 2016) for the respective details. 3 Appeal 2017-003474 Application 14/161,188 Appellant argues claims 1, 2, 5, 6, 8, 9, 12, 13, 15, 16, 19, and 20 as a group, focusing on the language recited in claim 1. See App. Br. 7—15.3 4We decide the appeal of these claims on the basis of claim 1. See 37 C.F.R. § 41.37(c)(l)(iv). Appellant argues the Examiner erred in finding the combination of Jancula and Globalscape teaches or suggest “receiving [at the user device] an instruction from a trusted service ... to initiate a device credentials change,” as recited in claim 1. App. Br. 8—13; Reply Br. 3—6. More specifically, Appellant argues “Jancula is directed to a password reset system” that “composes password candidates for remote network entities that satisfy an aggregate password specification determined at [the password reset] system.” App. Br. 8—9. However, according to Appellant, “in Jancula, a network entity does not receive an instruction to compose its own password. Instead, the user at system 100 composes the password for the network entity.” App. Br. 9-10; see also Reply Br. 3 (“In claim 1, a new 3 Appellant states that claims 2, 5, 6, 8, 9, 12, 13, 15, 16, 19, and 20 are patentable “in view of their own features” without stating what those features are and why those features are not taught in the prior art. App. Br. 15. That is insufficient to raise a separate argument that the Examiner erred. See In re Lovin, 652 F.3d 1349, 1357 (Fed. Cir. 2011) (Rule 41.37 requires “more substantive arguments in an appeal brief than a mere recitation of the claim elements and a naked assertion that the corresponding elements were not found in the prior art.”); see also 37 C.F.R. § 41.37(c)(l)(iv) (“A statement which merely points out what a claim recites will not be considered an argument for separate patentability of the claim.”). Accordingly, we will not review independently those claims—or any other dependent claims—that Appellant does not present separate arguments. See Ex parte Frye, 94 USPQ2d 1072, 1075 (BPAI 2010) (precedential) (“If an appellant fails to present arguments on a particular issue — or, more broadly, on a particular rejection — the Board will not, as a general matter, unilaterally review those uncontested aspects of the rejection.”). 4 Appeal 2017-003474 Application 14/161,188 device credentials is generated in a user device, which is very different from Jancula or Globalscape, in which a user changes their password.”) (emphasis omitted). Stated differently, Appellant argues: [I]n Jancula, a remote changing of password is performed (user composes password for remote network entity), while in claim 1, local generating of credentials is performed (user device generating credentials used to access the user device itself). In Jancula, a password for a network entity is composed at system 100, there is no reason why the network entity should receive an instruction to change the password, because the password is not composed at the network entity. App. Br. 10. Appellant further argues Globalscape does not remedy the deficiency in Jancula. App. Br. 11—13. Specifically, Appellant argues “Globalscape provides a method for resetting a password via FTP and SFTP at an EFT server.” Id. at 11. That is, according to Appellant, Globalscape teaches a user, not a user’s device, receiving a password reset request: “In Globalscape, a user receives the password expiration reminder while logged in at the EFT server, not at their user device. In claim 1, a user device receives an instruction to initiate a credentials change at the user device. These are very different concepts from each other.” Id. at 12 (underlines omitted); see also Reply Br. 3, 5 (“Prompting a user to change their password, as in Globalscape, is not the same as receiving at the user device an instruction from a trusted service to initiate a device credentials change, as in claim 1. Again, in Globalscape, the user is presented with the prompt; a device does not receive an instruction.”) (emphasis omitted). During examination of a patent application, a claim is given its broadest reasonable construction “in light of the specification as it would be 5 Appeal 2017-003474 Application 14/161,188 interpreted by one of ordinary skill in the art.” In re Am. Acad, of Sci. Tech Ctr., 367 F.3d 1359, 1364 (Fed. Cir. 2004) (internal citations and quotations omitted). There is a presumption that a claim term carries its ordinary and customary meaning. In re Translogic Tech., Inc., 504 F.3d 1249, 1257 (Fed. Cir. 2007). An applicant may rebut this presumption, however, by acting as his own lexicographer, providing a definition of the term in the specification with “reasonable clarity, deliberateness, and precision.” See In re Paulsen, 30 F.3d 1475, 1480 (Fed. Cir. 1994). In the absence of such a definition, limitations are not to be read from the specification into the claims. In re Van Geuns, 988 F.2d 1181, 1184 (Fed. Cir. 1993). “[Although the specification often describes very specific embodiments of the invention, we have repeatedly warned against confining the claims to those embodiments. . . . [CJlaims may embrace ‘different subject matter than is illustrated in the specific embodiments in the specification.’” Phillips v. AWHCorp., 415 F.3d 1303, 1323 (Fed. Cir. 2005) (enbanc) (citations omitted). Applying the broadest reasonable construction of the receiving step, we do not agree with Appellant that the claim is limited to the user device— as opposed to a user—receiving a request to change a password. Claim 1 simply recites “receiving an instruction from a trusted service that is external to the user device, subsequent to storing and merging the plurality of credential policies, to initiate a device credentials change.” However, although claim 14 recites an instruction to change a password is received from a trusted service that is external to a user device, the language of the claim does not limit who or what receives the instruction or who or what 4 As discussed supra, we are only addressing the language in claim 1. 6 Appeal 2017-003474 Application 14/161,188 makes the change. Because Appellant’s arguments are not commensurate with the scope of the claims, they are unpersuasive. See In re Self, 671 F.2d 1344, 1348 (CCPA 1982). Appellant also argues the Examiner erred in finding Jancula and Globalscape teaches or suggest “generating, at the user device, a new device credentials,” as recited in claim 1. App. Br. 13—14; Reply Br. 6—7. Similar to the arguments discussed above, Appellant focuses on whether the user or the device generates the new credentials: In Jancula, a new device credentials is not senerated in a user device. as in claim 1, but instead is determined and provided by a user. ... In Globalscape, a new password is not generated on a browser, but instead a user is prompted for a password, and the user provides the password. Thus, neither of Jancula and Globalscape teaches or suggests “generating” “in a user device, a new device credentials to allow a user of the user device to access the user device.” In both of Jancula and Globalscape, a user, external to the device, provides a password. The user thinks up the password, and types it in. No generating of a password in a user device occurs in Jancula and/or Globalscape, as in claim 1. Reply Br. 7; see also App. Br. 13—14. Similar to the argument regarding the receiving step, because Appellant’s arguments are not commensurate with the scope of the claim, we are not persuaded by Appellant’s argument that the Examiner erred. Specifically, although claim 1 recites that the new credential is generated “at the user device,” it does not specify who/what does the generating. Accordingly, contrary to Appellant’s argument, the scope of the claim is broad enough to encompass the user generating the password, so long as it is done at the user device. In other words, the broadest reasonable 7 Appeal 2017-003474 Application 14/161,188 interpretation encompasses the user typing a new password “at the user device.” Finally, in the Reply Brief, Appellant argues, for the first time, that the Examiner erred in finding the prior art teaches that the new credentials “allow a user of the user device to access the user device,” as recited in claim 1. Reply Br. 7—9. Although Appellant states the argument is in response to the Examiner’s Answer {id. at 7), the Examiner made substantially the same finding in the Final Action {compare Final Act. 6, with Ans. 8). Because Appellant did not raise that argument in his opening brief and good cause has not been shown why it should be considered, we will not consider this argument. 37 C.F.R. § 41.41(b)(2); Ex parte Borden, 93 USPQ2d 1473, 1474 (BPAI 2010) (Informative) (“[T]he reply brief [is not] an opportunity to make arguments that could have been made in the principal brief on appeal to rebut the Examiner’s rejections, but were not.”). Accordingly, we sustain the Examiner’s rejection of claim 1, along with the rejections of claims 2, 5, 6, 8, 9, 12, 13, 15, 16, 19, and 20, which are not separately argued. With respect to dependent claims 3, 4, 7, 10, 11, 14, 17, and 18, Appellant merely contends that because the additional references used in the rejections of these claims (Mohanty, Chao, and McLachlan) do not cure the shortcomings of the other references applied against claim 1, the Examiner failed to make a prima facie case of obviousness for these claims. App. Br. 15—17. Because we determine that the rejection of claim 1 is not erroneous for the reasons discussed above, we sustain the rejections of these claims. 8 Appeal 2017-003474 Application 14/161,188 DECISION For the above reasons, we affirm the Examiner’s decisions rejecting claims 1—20. No time period for taking any subsequent action in connection with this appeal may be extended under 37 C.F.R. § 1.136(a)(l)(iv). See 37 C.F.R. §41.50(f). AFFIRMED 9 Copy with citationCopy as parenthetical citation