Ex Parte KarabulutDownload PDFPatent Trial and Appeal BoardDec 4, 201711872358 (P.T.A.B. Dec. 4, 2017) Copy Citation United States Patent and Trademark Office UNITED STATES DEPARTMENT OF COMMERCE United States Patent and Trademark Office Address: COMMISSIONER FOR PATENTS P.O.Box 1450 Alexandria, Virginia 22313-1450 www.uspto.gov APPLICATION NO. FILING DATE FIRST NAMED INVENTOR ATTORNEY DOCKET NO. CONFIRMATION NO. 11/872,358 10/15/2007 Yuecel Karabulut 13913-0612001 8691 32864 7590 12/06/2017 FISH & RICHARDSON, P.C. (SAP) PO BOX 1022 MINNEAPOLIS, MN 55440-1022 EXAMINER COPPOLA, JACOB C ART UNIT PAPER NUMBER 3621 NOTIFICATION DATE DELIVERY MODE 12/06/2017 ELECTRONIC Please find below and/or attached an Office communication concerning this application or proceeding. The time period for reply, if any, is set in the attached communication. Notice of the Office communication was sent electronically on above-indicated "Notification Date" to the following e-mail address(es): PATDOCTC@fr.com PTOL-90A (Rev. 04/07) UNITED STATES PATENT AND TRADEMARK OFFICE BEFORE THE PATENT TRIAL AND APPEAL BOARD Ex parte YUECEL KARABULUT Appeal 2016-000102 Application 11/872,3581 Technology Center 3600 Before JOSEPH A. FISCHETTI, BRUCE T. WIEDER, and SHEILA F. McSHANE, Administrative Patent Judges. McSHANE, Administrative Patent Judge. DECISION ON APPEAL Appellant seeks our review under 35 U.S.C. § 134(a) of the Examiner’s final decision to reject claims 1—13. We have jurisdiction under 35 U.S.C. § 6(b). We AFFIRM. 1 According to Appellant, the real party in interest is SAP SE. Appeal Brief filed March 3, 2015, hereafter “App. Br.,” 4. Appeal 2016-000102 Application 11/872,358 BACKGROUND The invention relates to a model-driven secure composition framework for composite application developers to enable integration of security objectives into scripting-based composite applications. Specification, hereafter “Spec.,” 1 3. A common policy is specified and enforced between the composite application and an external service based on applying the security framework, with access by the external service to local services and objects regulated based on security objectives. Id. at Abstract. Representative claim 1 is reproduced from pages 22—23 of the Claims Appendix of the Appeal Brief (Claims App.) as follows: 1. A computer-implemented method executed by one or more processors, the method comprising: applying, by the one or more processors, a security framework to a business process, the security framework comprising: a definition phase identifying security objectives of a composite application, the composite application executed by an enterprise using data and functions of one or more external services provided by one or more service providers external to the enterprise, a realization phase implementing security patterns that accomplish the identified security objectives, the security patterns comprising domain-independent and distinct customizable templates expressed in a predetermined scripting language and defining a unified usage of security mechanisms that provides an enterprise level protection for the composite application, and a declaration phase implementing the identified security objectives using security annotations within the composite application that are based on the security patterns, the security annotations describing the security objectives in the predetermined scripting language; conducting, by the one or more processors, an external policy negotiation to specify a common policy between the composite application and an external service of the one or more external 2 Appeal 2016-000102 Application 11/872,358 services based on applying the security framework, the common policy being based on respective security policies of the composite application and the external service; enforcing, by the one or more processors, the common policy during interactions between the composite application and the external service; and regulating, by the one or more processors, access by the external service to local services and objects based on the security objectives. The Examiner rejects claims 1—13 under 35 U.S.C § 112, first paragraph2 for failure to meet the written description requirement and under 35 U.S.C. § 102(b) as anticipated by Anderson.3 Final Action mailed October 15, 2014, hereafter “Final Act.,” 2—9; see also Examiner’s Answer mailed July 28, 2015, hereinafter “Ans.,” 2. DISCUSSION § 112, first paragraph The Examiner rejects the claims under § 112, first paragraph on two bases: (1) the Specification disclosure provides an insufficient description of the claimed genus of software; and (2) the Specification disclosure does not adequately describe the “security patterns” limitation in the claims. See Final Act. 2—6; Ans. 3-14. On the first issue, the Examiner finds that “[bjecause there are neither species nor common features of the genus disclosed, the specification could not convey to one skilled in the art that the inventor had possession of the claimed subject matter as of the filing date.” Final Act. 4 (citing Ariad Pharms., Inc. v. Eli Lilly, 598 F.3d 1336 (Fed. Cir. 2010)). The Examiner also finds that “the 2 The current application was filed on October 15, 2007, prior to the effective date of the AIA (America Invents Act), and, therefore, the pre-AIA statute is applicable. 3 US Publication 2006/0206440 Al, published September 14, 2006. 3 Appeal 2016-000102 Application 11/872,358 specification does not disclose the algorithm that is used to perform the claimed functions in sufficient detail, and Appellant has not pointed to a sufficient algorithm,” where “[s]uch an algorithm may support the genus represented by the claims, but no such algorithm exists for the claimed functional result.” Ans. 5. The Examiner further finds that “Appellant’s disclosure does not provide a representative number of species falling within the scope of the genus or structural features common to the members of the genus so that one of skill in the art can ‘visualize or recognize’ the members of the genus.” Id. at 8. The Examiner also finds that there is no demonstration that “Appellant possessed the knowledge to program the disclosed computer to perform steps” of the claims. Id. at 9—10. Appellant argues that the Specification discloses the invention in sufficient detail that one of skill in the art could discern that the inventor had possession of the claimed invention. App. Br. 12. Appellant refers to the MPEP 2161.01 and In re Hayes Microcomputer Prods., Inc. Patent Litigation, 982 F.2d 1527, 1533—34 (Fed. Cir. 1992), in support of this argument. Id. More specifically, Appellant alleges that the Specification discloses sufficient support for the features of the claims and provides cross-references to portions of the Specification. See id. at 13-17. On the second § 112 issue, the Examiner more specifically finds that the Specification does not provide sufficient description of the claim limitation “the security patterns comprising domain-independent and distinct customizable templates expressed in a predetermined scripting language” to demonstrate possession due to the generic nature of the recitations. Ans. 13—14. Here, in support of its argument, Appellant refers to the portions of the Specification that refer to security patterns that are used as templates, which are instantiated for 4 Appeal 2016-000102 Application 11/872,358 specific processes using a code. Reply Brief, filed September 24, 2015, hereafter “Reply Br.,” 4 (citing Spec. Tflf 79-80, Table 1). After considering each of Appellant’s contentions and the evidence presented in this Appeal, we are persuaded that Appellant identifies reversible error, and we therefore reverse the § 112, first paragraph rejection. We add the following for emphasis. Claims that introduce elements or limitations which are not supported by the as-filed disclosure violate the written description requirement. See, e.g., Ariad Pharm., Inc., 598 F.3d at 1353—1354. The fundamental factual inquiry is whether the specification describes “an invention understandable to that skilled artisan” and shows “that the inventor actually invented the invention claimed.” Id. at 1351. The “genus” issue that serves as the rationale of the first rejection is not dispositive in the present case. In Hayes and Fonar, when disclosure of software is required, it is generally sufficient if the functions of the software are disclosed because creation of the specific source code is within the skill of the art. Fonar Corp. v. General Electric Co., 107 F.3d 1543, 1549—50 (Fed. Cir. 1997); Hayes, 982 F.2d at 1534 (“One skilled in the art would know how to program a microprocessor to perform the necessary steps described in the specification. Thus, an inventor is not required to describe every detail of his invention.”). The software functions that perform the steps of the claims, including some specific language for applications, are apparent from the Specification at issue here. In particular, as to the second § 112 issue raised by the Examiner, we determine that the disclosure relating to “security patterns” is sufficient. See Spec. ]Hf 79-80, Table 1. Moreover, some the issues that the Examiner raises are related to enablement, that is, whether the Specification is sufficiently complete to enable 5 Appeal 2016-000102 Application 11/872,358 one of ordinary skill in the art to make and use the claimed invention without undue experimentation. Here, however, the Examiner has not provided any analysis of the enablement factors set forth in In re Wands, 858 F.2d 731, 737 (Fed. Cir. 1988). Therefore, we cannot sustain the rejection of claims 1—13 under § 112, first paragraph. §102 Appellant argues the anticipation issues on similar limitations in independent claims 1,12, and 13, with dependent claims 2—11 standing or falling with claim 1. Appeal Br. 17—20. We will address the claims in a similar manner. The Examiner finds that Anderson discloses all the elements of the claims. Final Act. 6—9. Appellant argues that Anderson fails to disclose the claim limitations of the “a definition phase” limitation. Appeal Br. 18. More specifically, Appellant asserts that Anderson is silent to the “security objectives” and “security annotations” recited in the independent claims, claims 1,12, and 13. Id. at 18—19. The Examiner responds that “Anderson teaches policies (or security objectives) implemented as templates in a scripting language. The templates have to be input or annotated with real data (i.e., annotations).” Final Act. 11. Appellant also alleges that the “policies” of Anderson are not equivalent to the “security objectives” of the claims because “the policies of Anderson describe the combinations of predicates, or constraints, on vocabulary items that are acceptable for a given policy, which is different than security objectives.” App. Br. 18. Appellant also asserts that Anderson fails to disclose the “realization phase implementing security patterns” limitation because it only “defme[s] operations within a policy set, which are different than security patterns comprising domain- independent and distinct customizable templates expressed in a predetermined 6 Appeal 2016-000102 Application 11/872,358 scripting language.” Id. at 19. The Examiner responds that “Anderson discloses the use of standard or domain-independent customizable templates (e.g., constraint functions) expressed in a scripting language (e.g., XACML) that define a unified usage of security mechanisms that provides an enterprise level protection for the composite application.” Final Act. 11. Finally, Appellant contends that Anderson fails to disclose the “declaration phase” as claimed because Anderson expresses its standard policy statements as “combinations of predicates, or constraints, on vocabulary items, which is different than implementing the identified security objectives using security annotations.” Appeal Br. 19. We do not find persuasive the Appellant’s arguments that Anderson fails to disclose some of the limitations of representative claim 1. There is no ipsissimis verbis test for determining whether a reference discloses a claim element, i.e., identity of terminology is not required. In re Bond, 910 F.2d 831, 832 (Fed. Cir. 1990). Here, Appellant’s argument that Anderson does not disclose “security objectives” is misplaced because the Examiner relies upon Anderson’s disclosure of “policies” that can include security-related issues. See Anderson || 57—60, 68— 69. As disclosed, the “policy” is implemented by “policy statements” that can include policy constraints expressed by a variety of parameters that are not specific to a domain and are in scripting language, such as XACMF. Id. Tflf 60, 167—175. Anderson also discloses that the policy statements are described (annotated) to be reflective of policy and can be arranged in “policy sets.” Id. 68—69. We, therefore, sustain the anticipation rejection of claims 1—13. SUMMARY The rejection of claims 1—13 under 35 U.S.C. § 112, first paragraph is reversed. The rejection of claims 1—13 under 35 U.S.C. § 102(b) is affirmed. 7 Appeal 2016-000102 Application 11/872,358 No time period for taking any subsequent action in connection with this appeal may be extended under 37 C.F.R. § 1.136(a)(l)(iv). AFFIRMED 8 Copy with citationCopy as parenthetical citation
