Ex Parte LeeDownload PDFPatent Trial and Appeal BoardMay 16, 201412890008 (P.T.A.B. May. 16, 2014) Copy Citation UNITED STATES PATENT AND TRADEMARK OFFICE UNITED STATES DEPARTMENT OF COMMERCE United States Patent and Trademark Office Address: COMMISSIONER FOR PATENTS P.O. Box 1450 Alexandria, Virginia 22313-1450 www.uspto.gov APPLICATION NO. FILING DATE FIRST NAMED INVENTOR ATTORNEY DOCKET NO. CONFIRMATION NO. 12/890,008 09/24/2010 Bryant Christopher Lee 7438 99588 7590 05/19/2014 Bryant Lee 4903 Edgemoor Lane Suite 316 Bethesda, MD 20814 EXAMINER CERVETTI, DAVID GARCIA ART UNIT PAPER NUMBER 2436 MAIL DATE DELIVERY MODE 05/19/2014 PAPER Please find below and/or attached an Office communication concerning this application or proceeding. The time period for reply, if any, is set in the attached communication. PTOL-90A (Rev. 04/07) UNITED STATES PATENT AND TRADEMARK OFFICE ____________ BEFORE THE PATENT TRIAL AND APPEAL BOARD ____________ Ex parte BRYANT CHRISTOPHER LEE ___________ Appeal 2011-012585 Application 12/890,008 Technology Center 2400 ____________ Before MICHAEL J. STRAUSS, JOHN A. EVANS, and LINZY T. McCARTNEY, Administrative Patent Judges. EVANS, Administrative Patent Judge. DECISION ON APPEAL Appellant1 seeks our review under 35 U.S.C. § 134(a) of the Examiner’s final rejection of Claims1 and 2 as obvious. Claims 3 and 4 have been canceled. We have jurisdiction under 35 U.S.C. § 6(b). We REVERSE.2 1 The Appellant lists himself, Bryant Christopher Lee, as the Real Party in Interest. App. Br. 1. However, we note that the Assignee of Record is Advanced Research, LLC, recorded at Reel/Frame 030024/0706. 2 Our decision refers to Appellant’s Appeal Brief filed April 14, 2011 Appeal 2011-012585 Application 12/890,008 2 STATEMENT OF THE CASE The claims relate to a method for locally storing Web-based database data in a secure manner. Spec., ¶[0013]. Claim 1 is independent. An understanding of the invention can be derived from a reading of exemplary Claim 1, which is reproduced in part below with disputed limitations italicized: 1. At a computer server . . . the computer server connected over a network to a computer system . . . a method for caching database data at the computer system for subsequent Web browser access in a secure manner, the method comprising: a Web server in a specified domain verifying that it has access rights to store a database portion in the controlled access local store at the computer system, by a method of digital certification… wherein the computer system retains an indication that the database portion was received from the specified domain so that the local store access module can limit access to the database portion stored in the controlled access local store, the limited access including: permitting requests from Web servers in the specified domain to access the database portion for use in Web pages presented at the Web browser, wherein the web servers in the specified domain have authenticated that they are in the specified domain by a method of digital certification . . . . (“App. Br.”); Examiner’s Answer mailed June 6, 2011 (“Ans.”); Appellant’s Reply Brief filed July 10, 2011 (“Reply Br.”); Final Office Action mailed February 3, 2011 (“Final Rej.”); and the original Specification filed September 24, 2010 (“Spec.”). Appeal 2011-012585 Application 12/890,008 3 REFERENCES The Examiner relies upon the prior art as follows: Imai US 2005/0102503 A1 Pub. May 12, 2005 Hawkins US 7,778,987 B2 Pub. Aug. 17, 2010 The claims stand rejected as follows:3 1. Claims 1 and 2 stand rejected under 35 U.S.C. § 103(a) as obvious over Hawkins and Imai. ISSUES ON APPEAL Based on Appellant’s arguments in the Appeal and Reply Briefs (App. Br. 5-13; Reply Br. 8-23), the issue presented on appeal is whether the Examiner erred in finding the asserted combination of Hawkins in view of Imai teach the disputed limitations. ANALYSIS We agree with the Appellant’s conclusion that Hawkins in view of Imai, as presented by the Examiner, does not disclose the double- authentication method of Claim 1. 3 Based on Appellant’s arguments in the Appeal Brief, we will decide the appeal on the basis of claims as set forth below. See 37 C.F.R. § 41.37(c)(1)(vii). Appeal 2011-012585 Application 12/890,008 4 The Appellant contends that Imai discloses authentication using public key cryptography, but that Imai does not disclose a method of double- authentication requiring authentication for both storing a database portion on a local store and for accessing that same database portion. App. Br. 9-10. Appellant argues that, instead, Imai teaches “mutual authentication,” wherein two entities involved in a communication each authenticate the other. App. Br. 10. Appellant further argues that Imai teaches authenticating in order to update a second certificate. Id. Appellant contends that mutual authentication and authenticating in order to update a certificate are not the same as the claimed double-authentication, which is for ensuring the security of two different transactions: store and access. Id. In light of the deficiencies of Imai, Appellant contends that the claimed double- authentication method would not be disclosed by combining Hawkins with Imai, and further, the Examiner has not provided evidence as to why the double-authentication method of Claim 1 would be obvious. App. Br. 10-11. The Examiner finds that Hawkins does not disclose authentication by digital certification, and relies on Imai to teach the Web server verifying that it has access rights to store a database portion in the local store, by a method of digital certification. Ans. 6. Further, the Examiner finds that Imai teaches the claimed double-authentication method. Ans. 12-13. Imai teaches authentication to store information, wherein a first [rescue] digital certificate is used to authenticate the first communication apparatus to store a new second [regular] digital certificate in the first communication Appeal 2011-012585 Application 12/890,008 5 apparatus. Ans. 12. The Examiner finds Imai to also teach authentication to access stored information, wherein a certificate update request can only be accepted from a communication opponent authenticated by a [rescue] digital certificate and information other than the certificate update can only be accessed by a communication opponent authenticated by a [regular] digital certificate. Ans. 12-13. The Appellant replies that the “authenticate before storage” step and “authenticate before accessing” step of Imai are completely unrelated and are not part of the same procedure. Reply Br. 22. Appellant contends the storage step relates to storing a “second digital certificate” on the first communication apparatus, while the access step relates to accessing “information other than the certificate update information” on the lower level apparatus. Id. Appellant argues the cited storage and access steps are about different information, while the claimed double-authentication method protects a piece of data when it is stored on the local store and protects the same data when it is accessed on the local store. Reply Br. 22-23. We agree with the Appellant’s contentions that Imai’s method of updating a digital certificate is not analogous to the claimed double- authentication, because the “storage” and “access” steps cited in Imai are not for the same data. The Examiner cited Imai, ¶¶[0129]- [0160], for teaching the first authentication (storage) step: “a Web server in a specified domain verifying that it has access rights to store a database portion in the controlled access local store at the computer system, by a method of digital certification Appeal 2011-012585 Application 12/890,008 6 . . . . ” Ans. 6. The Examiner further explains that the “authenticate on store” step is updating the regular certificate. Ans. 12. It may be true that Imai teaches this “authenticate on store” limitation, if one assumes that: the Web server is upper apparatus 30, which verifies itself during a two-way authentication process (see Imai, ¶[0182] and Figure 22); the database portion is the new regular certificate, transmitted from apparatus 30 (Fig. 13, S110) to apparatus 40 (Fig. 14, S215); and the local store is upper apparatus 40, which receives and stores the new regular certificate. However, the Examiner’s rejection does not address how Imai teaches the second authentication step: access the [same] database portion, “wherein the web servers in the specified domain have authenticated that they are in the specified domain by a method of digital certification . . . , as recited in Claim 1.” Assuming, as described above, the “authenticate on storage” step is the Web server (apparatus 30) storing the new regular certificate on local store (apparatus 40), Imai does not teach the Web server (30) to “access the database portion for use” at the computer with the local store (40). The “authenticate on access” step cited by the Examiner is accessing information other than the certificate update information. Imai discloses the local store (40) to contain data, such as measurements, from various types of machines. Imai, ¶¶[0118], [0136]. It is this data that is accessed upon authentication, not the same data (i.e., updated digital certificate data) that was stored in the “authenticate on storage” step. Appeal 2011-012585 Application 12/890,008 7 Therefore, we find the Examiner erred in rejecting independent Claim 1 under 35 U.S.C. § 103(a) over Hawkins and Imai. DECISION The rejection of Claims 1 and 2 under 35 U.S.C. § 103(a) is REVERSED. REVERSED ke Copy with citationCopy as parenthetical citation