Ex Parte Pearce et alDownload PDFPatent Trial and Appeal BoardJul 18, 201612323002 (P.T.A.B. Jul. 18, 2016) Copy Citation UNITED STA TES p A TENT AND TRADEMARK OFFICE APPLICATION NO. FILING DATE 12/323,002 11125/2008 27820 7590 07/20/2016 WITHROW & TERRANOVA, PLLC 106 Pinedale Springs Way Cary, NC 27511 FIRST NAMED INVENTOR Andrew K. Pearce UNITED STATES DEPARTMENT OF COMMERCE United States Patent and Trademark Office Address: COMMISSIONER FOR PATENTS P.O. Box 1450 Alexandria, Virginia 22313-1450 www .uspto.gov ATTORNEY DOCKET NO. CONFIRMATION NO. 7000-767 7026 EXAMINER DESROSIERS, EV ANS ART UNIT PAPER NUMBER 2491 NOTIFICATION DATE DELIVERY MODE 07/20/2016 ELECTRONIC Please find below and/or attached an Office communication concerning this application or proceeding. The time period for reply, if any, is set in the attached communication. Notice of the Office communication was sent electronically on above-indicated "Notification Date" to the following e-mail address( es): patents@wt-ip.com PTOL-90A (Rev. 04/07) UNITED STATES PATENT AND TRADEMARK OFFICE BEFORE THE PATENT TRIAL AND APPEAL BOARD Ex parte ANDREW K. PEARCE, ROY L. CHUA, SHIRISH RAI, JOHN CHRISTOPHER EV ANS RADKOWSKI, and SEAN JOSEPH CONVERY Appeal2014-007662 Application 12/323,002 Technology Center 2400 Before JEREMY J. CURCURI, KARA L. SZPONDOWSKI, and SHARON PENICK, Administrative Patent Judges. CURCURI, Administrative Patent Judge. DECISION ON APPEAL Appellants appeal under 35 U.S.C. § 134(a) from the Examiner's rejection of claims 1-15, 22-27, and 32--45. Appeal Br. 6. We have jurisdiction under 35 U.S.C. § 6(b). Claims 1-15, 22-27, and 32--45 are rejected under 35 U.S.C. § 103(a) as obvious over Foster (US 2003/0023729 Al; Jan. 30, 2003) and Bromley (US 2008/0256478 Al; Oct. 16, 2008). Final Act. 3-13. We reverse. STATEMENT OF THE CASE Appellants' invention relates to "collecting network context information from various network components and making such information Appeal2014-007662 Application 12/323,002 available to other network components for security purposes." Spec. if 2. Claim 1 is illustrative and reproduced below: 1. A method of implementing context-based security at an application level on a computer network, the method compnsmg: receiving network credentials from a client computer system for authenticating the client computer system to the computer network; subsequent to authentication of the client computer system to the computer network, receiving network context information about the client computer system, the network context information being different from the network credentials; receiving, at a network application server, a request from a client application executing on the client computer system to access an application level resource; transmitting, from the network application server to a network context server, a request for the network context information about the client computer system; acquiring, by the network context server from a network context database, the network context information about the client computer system; transmitting, from the network context server to the network application server, the network context information acquired by the network context server; and the network application server controlling access to the application level resource by the client computer system based at least in part on the acquired network context information. ANALYSIS The Examiner finds Foster and Bromley teach all limitations of claim 1. Final Act. 3-5; see also Ans. 3-18. The Examiner relies on Foster for all limitations of claim 1, except for the recited (claim 1) "receiving network credentials from a client computer system for authenticating the 2 Appeal2014-007662 Application 12/323,002 client computer system to the computer network; subsequent to authentication of the client computer system to the computer network, receiving network context information about the client computer system, the network context information being different from the network credentials;" for which the Examiner relies on Bromley. Final Act. 4--5 (citing Bromley iTiT 28 and 44). The Examiner reasons: [I]t would have been obvious to one of ordinary skill in the art at the time of the invention, having the teachings of Foster and Bromley before him or her to modify and configure the computing environment of Foster to include parameters that would identify the information of interest to one or more user[ s] without prompting or requesting such interest information from the user(s) as taught by Bromley. Thus, the motivation for doing so would have been to pre-configure interface issues by automatically providing users with relevant, situation-specific information. This includes automatically locating information that may be of interest/use in a user's current situation by matching attributes such as the user's identity, role, location (logical or physical), current activity, similar previous (historical) situations/activities (Bromley pa. [0008])[.] Final Act. 5 (citing Bromley iT 8). Appellants present the following principal arguments: 1. "Foster merely discloses the use of credentials to authenticate a computer to a network. Foster does not teach or suggest 'receiving network context information' and 'controlling access to the application level resource ... based at least in part on the ... network context information, as recited in claim 1. "' App. Br. 11. 3 Appeal2014-007662 Application 12/323,002 11. The context information disclosed in Bromley is used "in determining which base presentations and or items to display as well as their format and position," and is not used in determining whether access is allowed to an application level resource. See Bromley, paragraph 0028. Thus, Bromley does not teach or suggest "controlling access to the application level resource ... based at least in part on the acquired network context information," as recited in claim 1. App. Br. 12. We are persuaded that the Examiner erred in finding that Foster and Bromley teach the recited (claim 1) "the network application server controlling access to the application level resource by the client computer system based at least in part on the acquired network context information." Regarding Foster, the Examiner finds Foster's personal computer connecting to the network teaches the recited (claim 1) "the network application server controlling access to the application level resource by the client computer system based at least in part on the acquired network context information." Final Act. 4 (citing Foster i-fi-125-26). The claim specifically distinguishes between network credentials and network context information - "the network context information being different from the network credentials." Claim 1. To the extent Foster's disclosure reasonably describes a network application server controlling access to an application level resource, Foster teaches authentication using network credentials-not network context information. See Foster i125. Therefore, we agree with Appellants (argument i) and we find that Foster does not teach controlling access based on network context information. Regarding Bromley, the Examiner finds Bromley's context component 150 and security component 810 teach the recited (claim 1) 4 Appeal2014-007662 Application 12/323,002 "receiving network credentials from a client computer system for authenticating the client computer system to the computer network; subsequent to authentication of the client computer system to the computer network, receiving network context information about the client computer system, the network context information being different from the network credentials." Final Act. 4--5 (citing Bromley i-fi-128 and 44). Bromley does disclose reception and consideration of context information. See Bromley i128. Nonetheless, Bromley only discloses: "Display component can then utilize such data in determining which base presentations and or items to display as well as their format and position." Id. To the extent Bromley discloses context data considered for forming a display, this does not teach access control to an application level resource based on network context information. Therefore, we agree with Appellants (argument ii) and we find that that Bromley also does not teach controlling access based on network context information. Further, regarding the combined teachings of the references, Foster's authentication for connection to the network is performed using network credentials (see Foster i125), and we see no explanation of how or why a skilled artisan would have modified this authorization (access control) to utilize Bromley's context information. To the extent the Examiner offers a reasoning that Foster would benefit by incorporating Bromley's teachings, the Examiner does not adequately explain how or why Bromley's teachings would be incorporated for the specific purpose of controlling access to the application level resource (which the Examiner maps to Foster's personal computer connecting/authenticating to the network). 5 Appeal2014-007662 Application 12/323,002 We, therefore, do not sustain the Examiner's rejection of claim 1, or of claims 2-7, 41, and 45, which depend form claim 1. For reasons discussed above with respect to claim 1 : We also do not sustain the Examiner's rejection of independent claim 8, which recites "generate an authorization response adapted to be used by a network access controller to control the client computer system's access to the application level of the computer network, the authorization response being based at least in part on the network context information [which is different from the network credentials]," or of claims 9-15 and 42, which depend from claim 8. We also do not sustain the Examiner's rejection of independent claim 22, which recites: receive from the second computer system network context information about the client computer system, the network context information being different from net\'l/ork credentials used by the client computer system to authenticate the client computer system to the computer network; grant the client application access to the application level resource based on the network context information. We also do not sustain the Examiner's rejection of claims 23-27 and 44, which depend from claim 22. We also do not sustain the Examiner's rejection of independent claim 32, which recites "control the client application's access to the application level resource based on the network context information, the network context information being different from the network credentials," or of claims 33--40, which depend from claim 32. 6 Appeal2014-007662 Application 12/323,002 ORDER The Examiner's decision rejecting claims 1-15, 22-27, and 32--45 is reversed. No time period for taking any subsequent action in connection with this appeal may be extended under 37 C.F.R. § 1.136(a)(l ). REVERSED 7 Copy with citationCopy as parenthetical citation