Jaydeep Bhalerao et al.Download PDFPatent Trials and Appeals BoardSep 23, 201914713644 - (D) (P.T.A.B. Sep. 23, 2019) Copy Citation UNITED STATES PATENT AND TRADEMARK OFFICE UNITED STATES DEPARTMENT OF COMMERCE United States Patent and Trademark Office Address: COMMISSIONER FOR PATENTS P.O. Box 1450 Alexandria, Virginia 22313-1450 www.uspto.gov APPLICATION NO. FILING DATE FIRST NAMED INVENTOR ATTORNEY DOCKET NO. CONFIRMATION NO. 14/713,644 05/15/2015 Jaydeep Bhalerao 648.0138 3474 93379 7590 09/23/2019 Setter Roche LLP 14694 Orchard Parkway Building A, Suite 200 Westminster, CO 80023 EXAMINER GRACIA, GARY S ART UNIT PAPER NUMBER 2491 NOTIFICATION DATE DELIVERY MODE 09/23/2019 ELECTRONIC Please find below and/or attached an Office communication concerning this application or proceeding. The time period for reply, if any, is set in the attached communication. Notice of the Office communication was sent electronically on above-indicated "Notification Date" to the following e-mail address(es): pair_avaya@firsttofile.com sarah@setterroche.com uspto@setterroche.com PTOL-90A (Rev. 04/07) UNITED STATES PATENT AND TRADEMARK OFFICE ____________________ BEFORE THE PATENT TRIAL AND APPEAL BOARD ____________________ Ex parte JAYDEEP BHALERAO, BISWAJYOTI PAL, and MANISH CHATTERJEE ____________________ Appeal 2018-008635 Application 14/713,644 Technology Center 2400 ____________________ Before JENNIFER S. BISK, LARRY J. HUME, and JULIET MITCHELL DIRBA, Administrative Patent Judges. DIRBA, Administrative Patent Judge. DECISION ON APPEAL1 Appellant2 seeks our review under 35 U.S.C. § 134(a) of the Examiner’s rejection of claims 1–20. We have jurisdiction under 35 U.S.C. § 6(b). We reverse. 1 This Decision uses the following abbreviations: “Spec.” for the original Specification, filed May 15, 2015; “Final Act.” for the Final Office Action, mailed August 23, 2017; “Appeal Br.” for Appellant’s Appeal Brief, filed March 23, 2018; “Ans.” for Examiner’s Answer, mailed July 5, 2018; and “Reply Br.” for Appellant’s Reply Brief, filed September 5, 2018. 2 We use the word “Appellant” to refer to “applicant” as defined in 37 C.F.R. § 1.42. Appellant identifies the real party in interest as Avaya Inc. Appeal Br. 2. Appeal 2018-008635 Application 14/713,644 2 BACKGROUND Appellant’s disclosed embodiments and claimed invention relate to mitigating attacks on a Web Real Time Communication (WebRTC) system at the edge of an enterprise network. Spec. ¶ 3. Claim 1, reproduced below, is illustrative of the claimed subject matter: 1. A method of operating an edge system located at an edge of an enterprise network, which regulates communication traffic flowing into and out of the enterprise network, to mitigate Web Real Time Communication (WebRTC) attacks on the enterprise network, the method comprising: obtaining access criteria regarding access to a WebRTC system in the enterprise network, wherein the access criteria comprise instructions for allowing WebRTC connections with the WebRTC system; in the edge system, passing to the WebRTC system WebRTC signaling comprising WebRTC connection requests to establish WebRTC connections between the WebRTC system and endpoints having network addresses outside the enterprise network; in the edge system, receiving network information regarding the WebRTC connection requests from the WebRTC system, wherein the WebRTC system provides the network information in response to being passed the WebRTC signaling; and in the edge system, blocking at least one connection of the WebRTC connections from participating in WebRTC communications with the WebRTC system based on application of the access criteria to the network information. Appeal Br. 12 (Claims App.). Appeal 2018-008635 Application 14/713,644 3 THE REJECTIONS R1. Claims 1, 3, 5, 6, 10, 11, 13, 15, 16, and 20 stand rejected under 35 U.S.C. § 103 as obvious over Yoakum (US 2014/0095724 A1, published April 3, 2014), Johnston (Alan Johnston, John Yoakum, Kundan Singh, Taking on WebRTC in an Enterprise, IEEE COMMUNICATIONS MAGAZINE, April 2013, at 48), and Ding (US 2015/0180748 A1, filed December 20, 2103 and published June 25, 2015). Final Act. 3–13. R2. Claims 2 and 12 stand rejected under 35 U.S.C. § 103 as obvious over Yoakum, Johnston, Ding, and Weiser (US 2013/0152153 A1, published June 13, 2013). Final Act. 13–14. R3. Claims 4 and 14 stand rejected under 35 U.S.C. § 103 as obvious over Yoakum, Johnston, Ding, and Guest (US 2012/0144023 A1, published June 7, 2012). Final Act. 15–16. R4. Claims 7, 8, 17, and 18 stand rejected under 35 U.S.C. § 103 as obvious over Yoakum, Johnston, Ding, and Holloway (US 8,613,089 B1, issued December 17, 2013). Final Act. 16–19. R5. Claims 9 and 19 stand rejected under 35 U.S.C. § 103 as obvious over Yoakum, Johnston, Ding, and Moore (US 2014/0283004 A1, published September 18, 2014). Final Act. 19–20. ANALYSIS We review the appealed rejections for error based upon the issues identified by Appellant and in light of the arguments and evidence produced thereon. Ex parte Frye, 94 USPQ2d 1072, 1075 (BPAI 2010) (precedential). To the extent Appellant has not advanced separate, substantive arguments for particular claims, or other issues, such arguments are waived. 37 C.F.R. Appeal 2018-008635 Application 14/713,644 4 § 41.37(c)(1)(iv). We have considered all of Appellant’s arguments and any evidence presented. We highlight and address specific findings and arguments for emphasis in our analysis below. Obviousness Rejection R1 of Claims 1, 3, 5, 6, 10, 11, 13, 15, 16, and 20 Claim 1 recites: “in [an] edge system, receiving network information” and “blocking at least one connection . . . based on application of the access criteria to the network information,” where “the access criteria comprise instructions for allowing WebRTC connections with [a] WebRTC system.” Appeal Br. 12 (Claims App.). The claim further recites that “the WebRTC system provides the network information in response to being passed the WebRTC signaling.” Id. The Examiner found Yoakum’s DMZ3 16 teaches the claimed edge system. Final Act. 3–4. The Examiner found Yoakum teaches another element that blocks connections based on application of enterprise policies to a WebRTC offer. Id. at 4–5; see Yoakum ¶ 7 (establishing a WebRTC interactive session includes an “offer” specifying preferred connection parameters). The Examiner found Johnston teaches an edge system that both receives network information and blocks at least one connection by blocking WebRTC media flows that do not pass through a particular server. Final Act. 7–8. The Examiner stated that an ordinarily skilled artisan would have modified Yoakum to include Johnston’s method of blocking in an edge system to “allow permitted communications and deny communications from unauthorized users.” Id. at 8. 3 DMZ refers to an enterprise “demilitarized zone.” Yoakum ¶ 22. Appeal 2018-008635 Application 14/713,644 5 For the remaining limitation—“the WebRTC system provides the network information in response to being passed the WebRTC signaling”— the Examiner pointed to Ding. Id. at 8–9. In particular, the Examiner pointed to Ding’s monitor server 30, which provides the address for a media server to WebRTC client 14 in response to a request from signaling server 20. Id. (citing Ding ¶¶ 8, 22, 25, 30–31, 65). The Examiner stated that it would have been obvious to combine Ding “to include wherein a WebRTC system provides the network information in response to being passed the WebRTC signaling,” and “[t]he motivation would have been to enable webRTC communications that eliminates [sic] front-end load balancers to enable scaling webRTC applications based on a network having a distributed architecture.” Id. at 9–10 (citing Ding ¶ 4). Appellant argues that Ding fails to remedy the deficiencies of Yoakum and Johnston. Appeal Br. 7–8. In particular, Appellant contends that, even assuming that Ding’s identification of a server qualifies as “network information,” Ding’s information “is not the type of information that would be used by an edge system as a basis for blocking at least one WebRTC connection, as required by claim 1.” Id. at 7. Appellant further alleges that, even if Yoakum and Johnston teach blocking a WebRTC connection based on a type of network information, Ding fails to teach or suggest that this information “would be provided by a WebRTC system in response to being passed the WebRTC signaling.” Id. In response, the Examiner explains that the term “[n]etwork information is any information used within a communication network that can be used between a network devices [sic],” and the claimed “signaling may pertain to WebRTC connections at any point during a WebRTC Appeal 2018-008635 Application 14/713,644 6 communication session.” Ans. 4–5 (emphasis omitted). The Examiner summarizes Ding and explains why Ding’s media server address qualifies as “network information” and why the connection initiated by Ding’s signaling server qualifies as “WebRTC signaling.” Id. Finally, the Examiner notes that the rejection did not find that Ding’s network information is used by an edge system to block a connection (id. at 4), but the Examiner does not otherwise address Appellant’s argument that there is no motivation to combine the references to yield the claimed invention (see id. at 3–6). In reply, Appellant acknowledges that Ding discloses “network information in the broad sense,” but argues that Ding’s network information merely identifies a server to use and “would not be used as part of a process to block connections, as required by claim 1 and as the final Office action asserts is taught by Yoakum.” Reply Br. 2. Appellant contends that, because Ding’s teachings improve a connection, whereas Yoakum uses network information to block a connection, there is no motivation to combine Ding’s teachings with Yoakum. Id. at 2–3. We agree that the Examiner did not sufficiently explain why a person of skill in the art would have found it obvious to combine Yoakum, Johnston, and Ding such that an edge system blocks a connection based on applying access criteria to network information received from a WebRTC system, as is required by claim 1. In particular, the Examiner found Yoakum and Johnston collectively teach or suggest an edge system that receives network information and uses it to block a WebRTC connection (Final Act. 3–8), and the Examiner found Ding’s media server address is provided to WebRTC client 14 in response to a request from a signaling server seeking to establish a WebRTC connection (id. at 8–9; Ans. 4–5). Appeal 2018-008635 Application 14/713,644 7 Applicant contends that a person of skill in the art would not have combined the references such that Ding’s server address would be used in the edge system of Yoakum and Johnston to block a WebRTC connection. Appeal Br. 7; see Reply Br. 1–2. The Examiner explains that Ding satisfies the claimed “network information” limitation,4 but fails to explain why a person of skill in the art would have been motivated to combine Ding with the other references as proposed. Ans. 3–6; see Final Act. 9–10 (articulating rationale to combine references, but providing minimal information). In the Answer, the Examiner asserts, in passing, that Ding’s address “can be used to block at least one connection between the WebRTC client and media GW server” (Ans. 5), but the Examiner provides no explanation or support for this statement (see id.). We have reviewed the cited portions of Ding and agree with Appellant that Ding does not teach use of an address to “block” a connection. See Reply Br. 2–3. Ding’s selection of one server does not “block” access to a second server. Moreover, we see nothing in the cited portions of the reference that otherwise teaches or suggests this concept. Moreover, we do not perceive the missing motivation in the cited portions of the references themselves. For example, Yoakum’s policy enforcement agent 12 determines whether to establish a WebRTC interactive session by applying enterprise policies. Yoakum ¶¶ 21, 34, 39. Yoakum’s agent 12 is located at a communication endpoint (e.g., the WebRTC client) so that it can analyze packets and their contents. See Yoakum ¶¶ 24, 33–34; 4 Incidentally, we agree with the Examiner that term “network information” should be construed broadly. See Ans. 4. During prosecution, claims must be given their broadest reasonable interpretation in light of the specification as it would be interpreted by one of ordinary skill in the art. In re Am. Acad. of Sci. Tech Ctr., 367 F.3d 1359, 1364 (Fed. Cir. 2004). Appeal 2018-008635 Application 14/713,644 8 see id. ¶ 21 (“distributed” refers to “endpoints, rather than at a centralized network security element”). Yoakum teaches that the enterprise DMZ 16 (the claimed “edge network”) is separate. Id. ¶¶ 22–23. Johnston describes a system that permits only those WebRTC connections that are sent through a media relay in DMZ. Johnston 53. In Ding, a signaling server 20 contacts a monitor server 30 to obtain an address for the appropriate media server and relays this information to the WebRTC client. Ding ¶¶ 27–33. Whether or not these references could be combined to yield the claimed invention, the record includes insufficient evidence that a person of ordinary skill in the art would have been motivated to do so. See KSR Int’l Co. v. Teleflex Inc., 550 U.S. 398, 418 (2007) (noting importance of reason to combine or modify references as proposed); Transocean Offshore Deepwater Drilling, Inc. v. Maersk Contractors USA, Inc., 617 F.3d 1296, 1303–04 (Fed. Cir. 2010) (“[I]t is not enough to simply show that the [prior art] references disclose the claim limitations.”). Therefore, based upon the findings above, on this record, we are persuaded that the Examiner has not sufficiently explained why it would have been obvious to combine these teachings such that Yoakum’s and Johnston’s edge system would block a WebRTC connection based on application of Yoakum’s access criteria to Ding’s media server address (or other network information). Accordingly, we do not sustain the Examiner’s obviousness rejection of independent claim 1. Independent claim 11 recites the disputed limitation in commensurate form, and thus, we do not sustain the Examiner’s obviousness rejection of this claim. Dependent claims 3, 5, 6, 10, 13, 15, 16, and 20 stand with their respective independent claim. Appeal 2018-008635 Application 14/713,644 9 Obviousness Rejection R2–R5 of Claims 2, 4, 7–9, 12, 14, and 17–19 The Examiner rejects dependent claims 2, 4, 7–9, 12, 14, and 17–19 under 35 U.S.C. § 103 as obvious over Yoakum, Johnston, Ding, and one of the following: Weiser, Guest, Holloway, and Moore. Final Act. 13–20. Each of these claims depends from independent claim 1 or claim 11. In light of our reversal of the rejections of these independent claims, supra, we also reverse obviousness rejections R2–R5. On this record, the Examiner has not shown how the additionally cited references (i.e., Weiser, Guest, Holloway, and Moore) overcome the aforementioned deficiencies with the combination of Yoakum, Johnston, and Ding, as discussed above. CONCLUSION In summary: Claims Rejected Basis Affirmed Reversed 1, 3, 5, 6, 10, 11, 13, 15, 16, and 20 § 103 Yoakum, Johnston, Ding 1, 3, 5, 6, 10, 11, 13, 15, 16, and 20 2 and 12 § 103 Yoakum, Johnston, Ding, Weiser 2 and 12 4 and 14 § 103 Yoakum, Johnston, Ding, Guest 4 and 14 7, 8, 17, and 18 § 103 Yoakum, Johnston, Ding, Holloway 7, 8, 17, and 18 9 and 19 § 103 Yoakum, Johnston, Ding, Moore 9 and 19 Overall Outcome 1–20 REVERSED Copy with citationCopy as parenthetical citation