Ex Parte TalDownload PDFPatent Trial and Appeal BoardApr 27, 201612557027 (P.T.A.B. Apr. 27, 2016) Copy Citation UNITED STA TES p A TENT AND TRADEMARK OFFICE APPLICATION NO. FILING DATE FIRST NAMED INVENTOR 12/557,027 09/10/2009 Sivan Tal 61755 7590 04/29/2016 Kunzler Law Group - Lenovo 50 W. Broadway 10th Floor SALT LAKE CITY, UT 84101 UNITED STATES DEPARTMENT OF COMMERCE United States Patent and Trademark Office Address: COMMISSIONER FOR PATENTS P.O. Box 1450 Alexandria, Virginia 22313-1450 www .uspto.gov ATTORNEY DOCKET NO. CONFIRMATION NO. XRPS920090064-US-NP 3658 EXAMINER LAVELLE, GARY E ART UNIT PAPER NUMBER 2493 NOTIFICATION DATE DELIVERY MODE 04/29/2016 ELECTRONIC Please find below and/or attached an Office communication concerning this application or proceeding. The time period for reply, if any, is set in the attached communication. Notice of the Office communication was sent electronically on above-indicated "Notification Date" to the following e-mail address( es): docket@kunzlerlaw.com docketing.mobility@motorola.com PTOL-90A (Rev. 04/07) UNITED STATES PATENT AND TRADEMARK OFFICE BEFORE THE PATENT TRIAL AND APPEAL BOARD Ex parte SIVAN T AL 1 Appeal2014-002862 Application 12/557,027 Technology Center 2400 Before ELENI MANTIS MERCADER, JAMES W. DEJMEK, and JOHN D. HAMANN, Administrative Patent Judges. DEJMEK, Administrative Patent Judge. DECISION ON APPEAL Appellant appeals under 35 U.S.C. § 134(a) from a Final Rejection of claims 1-20. We have jurisdiction over the pending claims under 35 U.S.C. § 6(b ). We affirm. 1 Appellant identifies International Business Machines Corporation as the real party in interest. Br. 2. Appeal2014-002862 Application 12/557,027 STATEMENT OF THE CASE Introduction Appellant's invention is directed "to an improved data processing system and more specifically ... [to] managing [the] encryption of data." Spec. i-f 1. According to the Specification, a would-be attacker (i.e., unauthorized user) seeking to access encrypted data may analyze the encrypted data for weaknesses, such as known locations of operating system data. Spec. i-f 45. By comparing the encrypted data of known information (i.e., operating system data) against an unencrypted version, an attacker may expose parts of a valid decryption key. Spec. i-fi-1 45--47. To address such a scenario, inter alia, disclosed embodiments "protect encrypted data by detecting patterns of data commonly known to attackers and storing the patterns in an unencrypted form." Spec. i-f 4 7. Claims 1 and 8 are representative of the subject matter on appeal and are reproduced below with the disputed limitations emphasized in italics: 1. A method for managing encryption of data, the method compnsmg: responsive to receiving the data to be written as a number of data units to a storage device, determining whether any of the number of data units contains a known pattern to store in an approximate storage location of the storage device, wherein the known pattern of data, when encrypted, can be compared to identical unencrypted data, found on a different storage device, determined based on an operating system installed on the storage device, the approximate storage location of the known pattern on the storage device, and the known pattern, to determine at least a portion of an encryption key; responsive to a determination that one of the number of data units contains the known pattern, storing that data unit on the storage device in an unencrypted form, in accordance with an encryption policy maintained in metadata on the storage device and updating a status for that data unit, maintained in the metadata; 2 Appeal2014-002862 Application 12/557,027 responsive to an absence of a determination that one of the number of data units contains the known pattern, encrypting that data unit to form encrypted data units; and storing the encrypted data units on the storage device in accordance with an encryption policy maintained in metadata on the storage device and updating a status for the encrypted data units maintained in the metadata. 8. A computer program product comprising: a computer recordable storage medium; program code, stored on the computer recordable storage medium, responsive to receiving data to be written as a number of data units to a storage device, for determining whether any of the number of data units contains a known pattern to store in an approximate storage location of the storage device, wherein the known pattern of data when encrypted can be compared to identical unencrypted data, found on a different storage device, determined based on an operating system installed on the storage device, then approximate storage location of the known pattern on the storage device, and the known pattern, to determine at least a portion of an encryption key; program code, stored on the recordable storage medium, responsive to a determination that one of the number of data units contains the known pattern, for storing that data unit on the storage device in an unencrypted form, in accordance with an encryption policy maintained in metadata on the storage device and updating a status for that data unit, maintained in the metadata; program code, stored on the recordable storage medium, responsive to an absence of a determination that one of the number of data units contains the known pattern, for encrypting that data unit to form encrypted data units; and program code, stored on the recordable storage medium, for storing the encrypted data units on the storage device, in accordance with an encryption policy maintained in metadata on the storage device and updating a status for that data unit, maintained in the metadata. 3 Appeal2014-002862 Application 12/557,027 The Examiner's Rejections 1. Claims 8-14 stand rejected under 35 U.S.C. § 101 as being directed to non-statutory subject matter. Final Act. 6-7. 2. Claims 1-3, 5, 6, 8-10, 12, 13, 15-18, and 20 stand rejected under 35 U.S.C. § 103(a) as being unpatentable over Bojinov et al. (US 2009/0268903 Al; Oct. 29, 2009) ("Bojinov"); Burchett et al. (US 2013/0104192 Al; Apr. 25, 2013) ("Burchett"); and Hypponnen (US 2003/0185398 Al; Oct. 2, 2003). Final Act. 8-20. 3. Claims 4, 11, and 19 stand rejected under 35 U.S.C. § 103(a) as being unpatentable over Bojinov, Burchett, Hypponnen, and Wilson (US 6,941,456 B2; Sept. 6, 2005). Final Act. 20-23. 4. Claims 7 and 14 stand rejected under 35 U.S.C. § 103(a) as being unpatentable over Bojinov, Burchett, Hypponnen, and Ikeuchi et al. (US 2008/0148072 Al; June 19, 2008) ("Ikeuchi"). Final Act. 23-27. Issues on Appeal 1. Did the Examiner err in finding the "computer recordable storage medium," as recited in claim 8, encompasses non-statutory subject matter? 2. Did the Examiner err in finding the combination of Bojinov, Burchett, and Hypponnen teaches or suggests, inter alia, the disputed limitations of claim 1? 3. Did the Examiner err in finding the combination ofBojinov, Burchett, Hypponnen, and Wilson teaches or suggests "responsive to the number of data units containing data that is not generated by a user, 4 Appeal2014-002862 Application 12/557,027 identifying the number of data units as containing the known pattern," as recited in claim 4? 4. Did the Examiner err in finding the combination of Bojinov, Burchett, Hypponnen, and Ikeuchi teaches or suggests "replacing the encrypted data units stored on the storage device with the number of data units in the unencrypted form," as recited in claim 7? ANALYSIS2 Re} ection under 3 5 U.S. C. § 101 Appellant contends the Examiner erred in finding the "computer recordable storage medium," as recited in claim 8, is directed to non- statutory subject matter. Br. 7. In particular, Appellant argues the term "computer recordable storage medium" distinguishes from propagation or carrier media within the broader category of a "computer readable medium." Br. 7. Further, Appellant argues a person of ordinary skill in the art would recognize the disputed term "incorporates a non-transitory capability to store data and therefore cannot be construed as a signal-bearing medium having a transitory nature." Br. 7. In the Specification, Appellant provides separate examples for a "computer readable storage medium" and a "computer readable signal medium" in paragraphs 19 and 20, respectively. However, the Specification merely describes a "computer readable storage medium may be, for example, but not limited to," certain media, and "specific examples (a non- 2 Throughout this Decision we have considered the Appeal Brief, filed July 9, 2013 ("Br."); the Examiner's Answer, mailed October 28, 2013 ("Ans."); and the Final Office Action, mailed May 13, 2013, from which this Appeal is taken ("Final Act."). 5 Appeal2014-002862 Application 12/557,027 exhaustive list) of the computer readable storage medium would include" certain other media. (Spec. i-f 19) (emphases added). Accordingly, Appellant's Specification does not limit the claimed "computer readable storage medium" to a non-transitory embodiment. The Specification mentions that program code "may be stored on a computer recordable storage medium," but contrary to Appellant's assertions, does not limit the claimed computer recordable storage medium to a non-transitory embodiment of a "computer readable storage medium." See Spec. i-f 29; see also Ans. 3. Similarly, the Board in Mewherter did "not find any limitation on the form of the 'machine-readable storage medium' in Appellant['s] Specification." Ex parte Mewherter, 107 USPQ2d 1857, 1859 (PTAB 2013) (precedential). Absent such express limitation on the claimed "computer recordable storage medium," the relevant body of extrinsic evidence compels a finding that "the ordinary and customary meaning of 'computer readable storage medium' [(similar to a "computer recordable storage medium")] to a person of ordinary skill in the art was broad enough to encompass both non-transitory and transitory media." Id. at 1860. For the reasons discussed supra, we sustain the Examiner's rejection of claims 8-14 under 35 U.S.C. § 101 as being directed to non-statutory subject matter. Rejections under 35 U.S.C. § 103 a. Claims 1-3, 5, 6, 8-10, 12, 13, 15-18, and 20 Appellant argues the Examiner erred in finding Bojinov teaches or suggests the use of pattern matching to determine whether to encrypt the data. Br. 18, 21-22. In particular, Appellant asserts Bojinov instead uses a 6 Appeal2014-002862 Application 12/557,027 data indexing and classification approach. Id. Further, Appellant argues Bojinov's disclosure of analyzing the actual content of data blocks does not suggest the claimed known pattern. Id. Rather, Appellant contends "one skilled in the art would not presume the opinion of the Examiner to be correct because only specific instances of data would rarely exhibit a known pattern as is claimed." Br. 18. We are unpersuaded of Examiner error. The Examiner finds Bojinov teaches decisions on whether to encrypt the data is based on the content of the data-i.e., whether the data contains a known data pattern. Final Act. 8 (citing Bojinov i-f 24). As taught in Bojinov, "data are indexed and classified based on their content, to facilitate encryption decisions." Bojinov i-f 24. According to the Specification, a pattern analyzer "examines the contents of [data]" to detect a known pattern. See Spec. i-fi-149, 53, 60. Further, we find Appellant's contention that only specific instances of data would rarely exhibit a known pattern to be unpersuasive at least because Appellant does not provide sufficient evidence or argument for this position. It is well settled that mere attorney arguments and conclusory statements, which are unsupported by factual evidence, are entitled to little probative value. In re Geisler, 116 F.3d 1465, 1470 (Fed. Cir. 1997); see also In re Pearson, 494 F.2d 1399, 1405 (CCPA 1974) (attorney argument is not evidence). Thus, we agree with the Examiner that Bojinov teaches or suggests "determining whether any of the number of data units contains a known pattern," as recited in claim 1. See Final Act. 8. Appellant additionally argues Burchett, as relied upon by the Examiner, does not teach or suggest storing the known pattern in an approximate storage location of the storage device. Br. 18-19. Rather, 7 Appeal2014-002862 Application 12/557,027 Appellant contends, Burchett teaches the use of a physical location of a file in a folder indicating whether to apply encryption (i.e., on an inclusion list) or not (i.e., on an exclusion list). Br. 19 (citing Burchett i-f 62). Appellant further contends that one of ordinary skill in the art would not be motivated to combine Burchett with Bojinov to achieve the disputed limitation because Burchett teaches decisions on whether to encrypt data are made based on the actual content and not on the destination or location (i.e., context) of the data. Br. 19. We are unpersuaded of Examiner error because, as the Examiner explains, Burchett teaches the decision to encrypt "may be implemented according to the location at which data is maintained." Ans. 5 (additionally citing Burchett i-f 85). We agree with the Examiner's finding. See Burchett i-f 85 ("provision for data protection may be enabled based on the type of data, the path or location at which the data is stored, [or] the application associated with a certain data type"); see also Burchett i-f 96. Additionally, we agree with the Examiner that Burchett does not teach away or discourage one from combining its teachings with those of Bojinov. Ans. 5-6. "A reference may be said to teach away when a person of ordinary skill, upon reading the reference, would be discouraged from following the path set out in the reference, or would be led in a direction divergent from the path that was taken by the applicant." In re Kubin, 561F.3d1351, 1357 (Fed. Cir. 2009) (internal citation and quotations omitted). Moreover, Appellant points to no explicit teaching of Burchett that would discourage or divert a person of ordinary skill in the art from combining its teachings with those of Bojinov. Accordingly, we do not find that a skilled artisan would be led away from combining the references as articulated by the Examiner. 8 Appeal2014-002862 Application 12/557,027 See Jn re Fulton, 391 F.3d 1195, 1201 (Fed. Cir. 2004) ("The prior art's mere disclosure of more than one alternative does not constitute a teaching away from any of these alternatives because such disclosure does not criticize, discredit, or otherwise discourage the solution claimed"). Further, we are not persuaded by Appellant's contention that Hypponnen fails to resolve the deficiencies of Burchett and Bojinov because, as discussed supra, we agree with the Examiner's findings of Burchett and Bojinov and there are no deficiencies that would need to be resolved by Hypponnen. Ans. 6. Appellant further argues Boj inov does not teach or suggest, upon a determination that the data unit contains a known pattern, storing a data unit on a storage device in an unencrypted form in accordance with an encryption policy maintained in metadata. Br. 19-20. In particular, Appellant asserts that Bojinov teaches a Volumelnfo block which may contain a cryptographic key. Br. 20 (citing Bojinov i-f 76). Appellant contends this teaching is irrelevant to the claimed limitation wherein data is stored in an unencrypted form and would, therefore, not require storing a cryptographic key. Id. The Examiner finds, and we agree, Bojinov teaches the metadata includes encryption policy information, which may indicate "whether or under what circumstances the volumes contents should be encrypted." Ans. 7 (citing Bojinov i-f 76) (emphasis omitted). As the Examiner explains, the metadata in Bojinov teaches the data may be either encrypted or unencrypted. Ans. 7. Further, we disagree with Appellant that the Volumelnfo block of Bojinov containing a cryptographic key is only present when the data is encrypted. Bojinov does not teach such a limited reading. 9 Appeal2014-002862 Application 12/557,027 To the contrary, Bojinov teaches a cryptographic key "can be stored," along with various other information. See Bojinov i-f 76 (emphasis added). Additionally, Appellant argues Bojinov teaches storing encryption control information is saved "at a central site of the storage operating system rather than on the device," as recited in claim 1. Br. 20-21 (citing Bojinov ,-r 77). We are not persuaded of Examiner error because, as discussed supra, paragraph 76 of Bojinov teaches the encryption policy information may be stored in the metadata, as claimed. See Bojinov i-f 76. Additionally, the Examiner explains Bojinov further teaches data blocks along with related metadata are written to the Persistent Storage System (PSS) and are maintained on the PSS device. Ans. 8. Appellant does not rebut the Examiner's finding or explanation. For the reasons discussed supra, we are unpersuaded the Examiner erred in rejecting claim 1. Accordingly, we sustain the Examiner's rejection of claim 1 and of claims 2, 3, 5, 6, 8-10, 12, 13, 15-18, and 20, which were not argued separately. Br. 22. b. Claims 4, 11, and 19 Claim 4 recites, in relevant part, "responsive to the number of data units containing data that is not generated by a user, identifying the number of data units as containing the known pattern." Appellant asserts the Examiner erred in relying on Wilson to teach, inter alia, data not generated by a user because Wilson teaches "a user may create data which is encrypted or not encrypted depending upon the key used regardless of whether the data is being created by the user. Br. 24--25 (citing Wilson, col. 5, 11. 47-67, 10 Appeal2014-002862 Application 12/557,027 col. 6, 11. 57----63, Figs. 1, 8, and 9). Although Appellant concedes the configuration files discussed in the cited portions of Wilson are not generated by a user, Wilson does not teach the disputed limitation because the determination of whether to encrypt is based on the type of file and what type of key is provided by the user, for example, at login. Br. 25-26. We do not find Appellant's arguments persuasive of Examiner error because, as the Examiner identifies, Wilson teaches "[i]n certain implementations, certain type[ s] of files may be left unencrypted at all times. For instance, system configuration files should never be encrypted." Ans. 10 (citing Wilson col. 5, 11. 57-59) (emphases omitted). The Examiner also explains, and we agree, that since these files of Wilson are never encrypted, Appellant's argument that Wilson is limited to a conditional encryption based on a key is not persuasive. Ans. 10. For the reasons discussed supra, we are unpersuaded of Examiner error. Accordingly, we sustain the Examiner's rejection of claim 4 and, for similar reasons, claims 11, and 19, which contain similar limitations and were not argued separately. Br. 26. c. Claims 7 and 14 Claim 7 recites, inter alia, "decrypting the encrypted data units stored on the storage device; [and] replacing the encrypted data units stored on the storage device with the number of data units in the unencrypted form." Appellant contends Ikeuchi, relied on by the Examiner, instead teaches duplicating unencrypted data in an encryption buffer. Br. 30. Contrary to the claim language, Appellant argues Ikeuchi does not teach replacing the 11 Appeal2014-002862 Application 12/557,027 encrypted data units with the number of data units in an unencrypted form. Br. 30. The Examiner finds, and we agree, Ikeuchi teaches "reading encrypted data from disk drive 50, decrypting and writing the decrypted data on disk drive 50." Ans. 12 (citing Ikeuchi i-fi-168-69, Figs. 5, 9). Additionally, Figure 12 of Ikeuchi is illustrative and is reproduced below: FIG.12 , --,S!X) l lJNCR:YP'tf-.!) t>A'l'A f l,,,,,,._,..,,,,,,,,,,, .. .._ .. :;....,, ........................... ~"''''"""''"~ 53.0 r~~c~~;;~;~~~,J~.in~ L_________ -------- 6v"tl 0-(G'ECfW-PT 531 TO 000) ..---------.~no I lll>'CRYPTED DATA J ,i;; . 5&) .-------.......,....,.,! 5::31 UNCl"~YPf'ED OAlA ! ~--------·· !'l'OO E--------~"'1 ffiro VPTEDOATA "················---·6t."\C- 12 Appeal2014-002862 Application 12/557,027 Figure 12 of lkeuchi, reproduced above, illustrates a read/write control process. Ikeuchi i-f 23. As the Examiner explains, encrypted data at memory locations 531---600 is decrypted and replaced with unencrypted data at the same locations. For the reasons discussed supra, we are unpersuaded of Examiner error. Accordingly, we sustain the Examiner's rejection of claim 7 and of claim 14, which contains similar limitations and was not argued separately. Br. 32. DECISION We affirm the Examiner's decision to reject claims 8-14 under 35 U.S.C. § 101. We affirm the Examiner's decision to reject claims 1-20 under 35 U.S.C. § 103(a). No time period for taking any subsequent action in connection with this appeal may be extended under 37 C.F.R. § 1.136(a). See 37 C.F.R. § 41.50(±). AFFIRMED 13 Copy with citationCopy as parenthetical citation
