Ex Parte Schimmelpfeng et alDownload PDFPatent Trials and Appeals BoardJan 11, 201914775937 - (D) (P.T.A.B. Jan. 11, 2019) Copy Citation UNITED STA TES p A TENT AND TRADEMARK OFFICE APPLICATION NO. FILING DATE 14/775,937 09/14/2015 146568 7590 ENTIT SOFTWARE LLC 500 Westover Drive #12603 Sanford, NC 27330 01/15/2019 FIRST NAMED INVENTOR Joern Schimmelpfeng UNITED STATES DEPARTMENT OF COMMERCE United States Patent and Trademark Office Address: COMMISSIONER FOR PATENTS P.O. Box 1450 Alexandria, Virginia 22313-1450 www .uspto.gov ATTORNEY DOCKET NO. CONFIRMATION NO. 90031040 1566 EXAMINER ANDERSON, MICHAEL D ART UNIT PAPER NUMBER 2433 NOTIFICATION DATE DELIVERY MODE 01/15/2019 ELECTRONIC Please find below and/or attached an Office communication concerning this application or proceeding. The time period for reply, if any, is set in the attached communication. Notice of the Office communication was sent electronically on above-indicated "Notification Date" to the following e-mail address(es): software.ip.mail@microfocus.com PTOL-90A (Rev. 04/07) UNITED STATES PATENT AND TRADEMARK OFFICE BEFORE THE PATENT TRIAL AND APPEAL BOARD Ex parte JOERN SCHIMMELPFENG, TIMO SCHNELLER, MICHAEL BERND BEITER, and CARSTEN LAENGERER Appeal2018-004295 Application 14/775,937 Technology Center 2400 Before JUSTIN BUSCH, JENNIFER L. McKEOWN, and JAMES W. DEJMEK, Administrative Patent Judges. BUSCH, Administrative Patent Judge. DECISION ON APPEAL Pursuant to 35 U.S.C. § 134(a), Appellants appeal from the Examiner's decision to reject claims 1-20, which constitute all the claims pending in this application. We have jurisdiction over the pending claims under 35 U.S.C. § 6(b). We reverse. CLAIMED SUBJECT MATTER Appellants' invention generally relates "[s]ending encrypted data to a service provider includ[ing] exchanging an encryption key between an entity and a service provider without retaining the encrypting key and while hiding an identity of said entity from the service provider." Abstract. More specifically, Appellants' invention relates to exchanging an encryption key Appeal2018-004295 Application 14/775,937 between an entity and a service provider through a communication broker so that the service provider is unaware of the entity from which it receives the encryption key. Spec. ,r 18 ( disclosing "an anonymous key exchange protocol, such as the Diffie-Hellman key exchange protocol" as one exemplary method of exchanging keys without disclosing the entity's identity to the service provider). The communication broker facilitates exchanging the key and the messages encrypted using that key between the entity and the service provider, but the broker does not retain a copy of the encryption key. Spec. ,r 20. In addition to the use of a broker to maintain anonymity, the entity may anonymize sensitive data. Spec. ,r 22. In one exemplary mechanism employed to anonymize the entity's sensitive data, the entity replaces sensitive data (e.g., "hostnames, entity names, [and] internet protocol (IP) addresses") with randomized universally unique identifications (UUIDs). Spec. ,r 22. Claims 1, 7, and 13 are independent claims. Claim 1 is reproduced below: 1. A computer program product for sending encrypted data to a service provider, comprising: a non-transitory computer readable storage medium, said non-transitory computer readable storage medium comprising computer readable program code embodied therewith, said computer readable program code compnsmg program instructions that, when executed, causes a processor to: exchange an encryption key between an entity and a service provider without retaining said encryption key and while hiding an identity of said entity from said service provider; and forward encrypted data based on said encryption key to said service provider from said entity while hiding said identity of said entity from said service provider. 2 Appeal2018-004295 Application 14/775,937 REJECTION Claims 1-20 stand rejected under 35 U.S.C. § 103 as obvious in view of Wilkins (US 2012/0204032 Al; Aug. 9, 2012) and Gehrmann (US 6,779,111 Bl; Aug. 17, 2004). Final Act. 5-11. ANALYSIS The Examiner finds Wilkins teaches or suggests every limitation recited in independent claim 1 except for instructions causing a processor to "forward encrypted data based on said encryption key to said service provider from said entity while hiding said identity of said entity from said service provider." Final Act. 5---6. Independent claims 7 and 13 recite similar limitations related to forwarding encrypted data to the service provider while hiding the entity's identity from the service provider. See Appeal Br. 14--15. Similarly, the Examiner finds Wilkins teaches or suggests every limitation recited in claims 7 and 13 except for these forwarding steps. Final Act. 7-10; Ans. 10. The Examiner finds Gehrmann teaches the forwarding steps in claims 1, 7, and 13. Final Act. 6, 8, 10; Ans. 10-11. Of particular note, the Examiner finds Wilkins teaches or suggests "exchange an encryption key between an entity and a service provider without retaining said encryption key and while hiding an identity of said entity from said service provider," recited in claim 1 and commensurately recited in claims 7 and 13. Final Act. 5, 7, 9 (citing Wilkins Fig. 5); Ans. 10 (citing Wilkins ,r,r 167, 184). As an initial matter, we note Appellants misconstrue the Examiner's rejection as relying on the combined teachings of Wilkins and Gehrmann to teach "exchange an encryption key between an entity and a service provider 3 Appeal2018-004295 Application 14/775,937 without retaining said encryption key and while hiding an identity of said entity from said service provider." Compare App. Br. 5-6, with Final Act. 5 (finding Wilkins alone teaches the entire limitation). Based on this misunderstanding, Appellants argue that a proposed combination of Wilkins and Gehrmann is improper because such a combination would render Wilkins inoperable for its intended purpose. See App. Br. 6-8. More specifically, Appellants argue a fundamental aspect of Wilkins' Key Exchange System (KES) is the verification of a user's identity. See App. Br. 7-8. Although we do not agree with Appellants that the Examiner relied on the combined teachings of Wilkins and Gehrmann in rejecting this limitation, as discussed infra, Appellants' arguments persuade us that the Examiner erred in relying on Wilkins for teaching the exchanging a key limitation. Specifically, Appellants argue Wilkins teaches a KES that registers and verifies users, which allows users to exchange encrypted communications and allows recipients to verify the sender's identity. Appeal Br. 6 ( citing Wilkins ,r 36, Title, Abstract). Appellants argue the purpose of Wilkins' KES is to verify a user's identity and store that user's encryption key so that the KES can provide another user the key upon a request. Appeal Br. 6-7 (citing Wilkins ,r,r 78, 80-81, 89, 130). Appellants argue Wilkins verifies a user's identity so that another user can be sure of the veracity of that person's identity and, therefore, "the user's identity is not hidden from the key exchange server" in Wilkins. Appeal Br. 7; see Reply Br. 2 ("Wilkins is directed to providing 'a means of identifying persons and entities."'). Appellants further argue there would have been no reason to modify Wilkins to hide the user's identity for the same reasons and 4 Appeal2018-004295 Application 14/775,937 making such a modification would change Wilkins' principle of operational and render Wilkins unsatisfactory for its intended purpose. Appeal Br. 7-8. We agree with Appellants that Wilkins' does not teach or suggest hiding the entity's identity from the service provider, as recited in claims 1, 7, and 13. As Appellants argue, see Appeal Br. 6-7, Wilkins discloses using the KES for "registering users, verifying user identity, and classifying users such that users may send a communications such that communication recipients can verify the user identity and classification of the communication sender." Wilkins, Abstract ( emphases added); see Wilkins ,r,r 3 6 ("The market needs ... a means of identifying persons and entities ... a means of exchanging at least one set of PK.I keys between individuals, organizations ... a means of presenting a communication recipient with verifying indicia that gives the recipient strong assurance that the message was sent by the purported sender."), 98-99 (describing Figure 5 and explaining exemplary ways a first user may provide to a second user a serial number, which is linked to the first user's encryption key, such that the second user may "rely on the accuracy of the information entered into the KES 10 by [the first user], which presumably has been verified and kept current by" the first user). The Examiner finds Wilkins' user and KES teach or suggest Appellants' claimed entity and service provider, respectively. Final Act. 5 (finding Wilkins discloses an "encryption key exchanged between user and key exchange server"). We agree with Appellants that Wilkins' KES must know the identity of the user in order to verify the user. See, e.g., Wilkins ,r,r 36, 98-99, Abstract. Because the Examiner finds Wilkins alone teaches 5 Appeal2018-004295 Application 14/775,937 or suggests the exchanging step, our finding that Wilkins does not teach or suggest this step is sufficient to reverse the rejection on this record. For these reasons, we are persuaded the Examiner erred in rejecting independent claims 1, 7, and 13, which each recite a step of exchanging keys between an entity and a service provider while hiding the entity's identity from the service provider. For the same reasons, we are persuaded the Examiner erred in rejecting claims 2---6, 8-12, and 14--20, which depend from and incorporate the limitations of claims 1, 7, and 13, respectively. DECISION We reverse the Examiner's decision to reject claims 1-20. REVERSED 6 Copy with citationCopy as parenthetical citation
