PNG
    media_image1.png
    340
    340
    media_image1.png
    Greyscale
United States Patent and Trademark Office    
        
            
                                
            
        
    

Commissioner for Patents
United States Patent and Trademark Office
P.O. Box 1450
Alexandria, VA 22313-1450
www.uspto.gov











BEFORE THE PATENT TRIAL AND APPEAL BOARD


Application Number: 15/952,375
Filing Date: 13 Apr 2018
Appellant(s): Baggett et al.



__________________
David J. Thibodeau, Jr.
For Appellant


EXAMINER’S ANSWER





This is in response to the appeal brief filed 30 November 2021.

(1) Grounds of Rejection to be Reviewed on Appeal
Every ground of rejection set forth in the Office action dated 07 July 2021 from which the appeal is taken is being maintained by the examiner except for the grounds of rejection (if any) listed under the subheading “WITHDRAWN REJECTIONS.”  New grounds of rejection (if any) are provided under the subheading “NEW GROUNDS OF REJECTION.”
(2) Response to Argument
Appellant argues (a) that the Final Office Action actually admits Leddy does not use a social graph to determine if the apparent sender is an individual, and Zou uses a social graph for a different purpose, wherein Appellant states:
Leddy at [1849] admittedly does looks at the content of an email, (e.g., named banks, other text, domain names, etc.) to determine if the sender appears to be an "authoritative entity". 
Regarding Leddy at [1753], the "assessment" referred to there is just a determination of "who" sent the message — but that assessment is not being used to further determine the TYPE of sender (e.g., whether it was an entity or individual). In other words, bob@foo.com" could be any type of entity and simply looking at the “type” of email address is not “matching against a social graph” as the Appellant’s claim requires. 
Also, Leddy at [1772] is discussing a scenario where the message is presented to a human reviewer for classification. But the only mention there is that a "reviewer" makes a determination that a message "sent by Bob to Alice" is a “typical human-to-human message”. 9
Indeed, the Final Office Action needs to combine Leddy with Zou (see the Final Office Action at pages 9-10) to argue that when the sender is an individual one would “match to: and from: fields in a social graph to authenticate an individual user”. 

Therefore, Zou is using the social graph as part of determining whether to trust a sender, and NOT as part of determining if the apparent sender is an individual. There is no mention in Zou of a separate test performed to determine if the sender is an individual (such as by matching to: and from: fields to a social graph as the Appellant’s claim requires). (See pages 8-10 of the Appeal Brief).

In response to Appellant’s arguments (a), the Examiner respectfully disagrees. The limitations claimed denote “A. programmatically performing a Sending Entity Identification (SED) step, for first identifying whether an apparent sender of the email is either associated with a brand or associated with an individual, as visually perceived to be by a human, by: 
…and 
determining if the apparent sender is associated with an individual by: 
(iv) maintaining a social graph using a to: and from: and/or cc: fields in received emails; and 
(v) matching the to: field in the email against the social graph…”, 
wherein under broadest reasonable interpretation, denote determining if the apparent sender is associated, i.e. linked, connected, related, with an individual by maintaining a social graph, i.e. a graph or network with individuals data such as names or addresses and relations or links, using information such as senders (From: fields) and recipients (To: Fields OR CC fields) from received emails and matching, i.e. comparing, the recipients information such as from To: fields, from the email, with the information in the social graph.  
Note: The process of determining if the apparent sender is associated with an individual is by performing step (iv) and (v). 

Leddy at least discloses and/or teaches an assessment of the likely end-user interpretation of the message, such as the identity of one impersonated authoritative entity or message sender and that if not classified as appearing to have been sent on behalf of an authoritative entity is a typical human-human message. A one-to-one message (e.g. human to human) that is not an authoritative entity (e.g. brand) therefore is a message between individuals, such that one individual, e.g. a human, sends to another individual, e.g. another human, hence human-human. See [1753], [1772] and [1849], therefore Leddy at least discloses and/or teaches identifying whether an apparent sender of an email is a brand or individual as perceived by a recipient. 
As such, Leddy teaches determining if the apparent sender is associated with a brand (e.g. entity) OR associated with an individual based on the assessments above. 
Leddy, however, does not teach maintaining a social graph using a to: and from: and/or cc: fields in received emails and matching the to: field in the email against the social graph. 
Zou was brought in to at least disclose and/or teach maintaining a social graph using a to: and from: and/or cc: fields in received emails and matching the to: field in the email against the social graph in order to determine whether the sender/individual is legitimate or not. This is done by establishing trust links between senders (e.g. identified by email address, i.e. “from” field) and any number of recipients such as by those listed in the “to, cc, bcc” fields; i.e. recipients are determined (i.e. identified) to be those individuals listed in the “to, cc, bcc” field,  i.e. sender is associated with an individual, wherein at least by a weak trust link due to sending an email to those recipients, and a strong trust link due to being added to a white list, and such data from the network or table is transferred to a global network/global table and the information is updated. 
. Because the message emanates from within the computer system, it is assumed that the sender is legitimate, i.e. individual since the message emanates from within the computer system, see col. 2 L54-67. 
Zou further teaches a node table 202, see fig. 3, which keeps track of the trust relationships between any number of senders and recipients of email messages. See col. 8 L20-44. 
Zou at col. 8 L46 to col. 9 L40 teaches “…recipients are determined to be those individuals, departments, electronic mailboxes or corporate email addresses listed in the To field, cc field or bcc field”. Based on this information, trust levels are determined and stored in the node table as shown in fig. 3. When a new message is arrives, module 170 determines to whom the message is being sent (the recipients), who is the sender (identified by email address) and if sender is legitimate. Based on this, the node table is updated with trust information, which is later used to determine whether an incoming email is from an individual that is trusted or not, See also fig. 1A item#130, 170, 180, fig. 5 step#408, 412. 
In essence, sender-recipient links are added to the local storage/network store, e.g. also any other data structures such as a table (i.e. social graph as it denotes links between sender/recipients on a table, such as by rows) and feedback provided from the local storage to the global trust network database. Furthermore, the node table helps to establish a white list and blacklist table are available to be queried as well as a direct search through information of the database comprising trust relationships including nonexistent, weak, strong, and any other information in the database. See [col. 5, ls. 31-col. 6, ls. 14], [col. 6, ls. 58-col. 7, ls. 3] and [col. 8, ls. 59-col. 9, ls. 57] AND fig. 1A item #180, fig 3,  therefore Zou at least discloses and/or teaches identifying individuals, i.e. users, such as by use of a maintained social graph and matching the to: field to the social graph, in the case that the sender is in fact a trusted individual (i.e. determined to be an individual via use of a social graph, based on trust levels).

One of ordinary skill in the art would have been motivated to do so to reduce spam by building a sender-recipient trust network. See Zou, [col. 2, ls. 35-43].

Appellant also argues that (b) Any combination of Leddy, Everton and Zou does not use the result of a Sending Entity Identifier (SEI) phase to determine which of two different Sending Entity Verification (SEV) methods are used, wherein Appellant states:
The prior art does not disclose or suggest first determining if the message appears to be from a brand or an individual, and only then selecting one of two possible forgery detection methods based on the result of the prior SEI step.
At [1850] Leddy goes on to explain that a next step involves assessing the likelihood the communication was in fact sent with authorization of the authoritative entity such as by using DMARC or DKIM or other protocols, or whether the delivery path involves a node that has a poor reputation. There is no mention of handling messages from individual senders.
Thus nowhere in these sections of Leddy is there any suggestion	of “using the apparent sender output from the (prior) SEI step” as claimed to determine which SEV steps to perform.
Leddy is thus not using “different technique” — such as matching against a social graph — when the message appears to originate from an individual. Claim 1 is thus allowable for this additional reason. (See pages 10-12 of the Appeal Brief).

In re Keller, 642 F.2d 413, 208 USPQ 871 (CCPA 1981); In re Merck & Co., 800 F.2d 1091, 231 USPQ 375 (Fed. Cir. 1986). The limitations claimed denote “B. programmatically performing a Sending Entity Verification (SEV) step for subsequently using the apparent sender output from the SEI for determining an
actual sender of the email by the steps of: (vi) when the apparent sender output is associated with a brand; comparing one or more attributes of a digital signature of the email to determine the actual sender by using a sender domain authentication protocol; (vii) when the apparent sender output is an individual; using one or more heuristics to determine the actual sender, the heuristics
including at least matching the apparent sender against the social graph;” wherein under broadest reasonable interpretation denote determining an actual sender after identifying the apparent sender such as by comparing attributes of a digital signature to determine the actual sender by a domain authentication protocol for a brand, and matching against the social graph for an individual.
	Leddy at least discloses and/or teaches an assessment of whether the apparent sender matches the actual sender (i.e. two-part system, e.g. identifying apparent sender, and then identifying if apparent sender is in fact the actual sender, such as likelihood that the received communication was in fact transmitted with the authorization of the purported authoritative entity). For example, Leddy discusses outputting a score associated with an association to an authoritative entity, e.g. ACME BANK (i.e. brand is identified as apparent sender), then further determining if there is a match of sender information of the identifiers produced, e.g. DMARC/DKIM (i.e. use of domain authentication when identified as a brand). To determine whether the senders match an output must be utilized therefore Leddy performs the steps mentioned as claimed. Furthermore, to determine that the communication was in fact transmitted by the apparent sender must be performed with information regarding the apparent 
Although Leddy does not utilize a social graph to determine the actual individual, Zou was brought in to at least disclose and/or teach establishing trust links between senders (e.g. identified by email address, i.e. “from” field) and any number of recipients such as by those listed in the “to, cc, bcc” fields; i.e. recipients are determined to be those individuals listed in the “to, cc, bcc” field, wherein at least by a weak trust link due to sending an email to those recipients, and a strong trust link due to being added to a white list, and such data from the network or table is transferred to a global network/global table and the information is updated. In essence, sender-recipient links are added to the local storage/network store, e.g. also any other data structures such as a table (i.e. social graph as it denotes links between sender/recipients on a table, such as by rows) and feedback provided from the local storage to the global trust network database. Furthermore, the service can access a global trust network (i.e. the global network updated above) such as to determine if the sender is on the white list for the recipient (i.e. strong trust link, whitelisted, such as an authenticated user and/or “actual” user hence being authenticated). See [col. 5, ls. 57-col. 6, ls. 14] and [col. 8, ls. 59-col. 9, ls. 57], therefore Zou at least discloses and/or teaches identifying actual individuals such as by use of a maintained social graph and matching the to: field to the social graph, in the case that the sender is in fact a trusted individual (i.e. determined to be an actual individual via use of a social graph, that the sender trusts).
It would have been obvious to one of ordinary skill in the pertinent art before the effective filing date of the claimed invention to modify the invention of Leddy in view of Zou to have utilized social graphs for determination that an apparent sender is an individual, e.g. such as by utilizing the database 

Appellant also argues that (c) the claimed invention is a two phase (SEI then SEV) fully automated process; the prior art combination uses manual message review to develop a “training set” and thus teaches away, wherein Appellant states:
It should be noted that in several places Leddy is expecting that human reviewers are available to help the system determine whether a message is spam, Business Email Compromise (BEC) scam, malware-associated social engineering, etc. The human reviewers specify feature for classification rule(s). (Leddy at [0122]). Leddy also explains that in some embodiments (Leddy at [1151]) the system learns by submitting messages it encounters to humans for review, such as to use such rules to identify whether messages are a scam or not. 
On the other hand, the Appellant’s claimed method is a fully automated, two-phase deterministic process of detecting email forgeries — not “scams”. It also does not require any such human interaction or training. Therefore one of skill in the art would not look to Leddy’s methods of generating email “training sets” for scam detection to improve the automated trust network of Zou or the email transfer scheme of Everton. (See page 13 of the Appeal Brief).

In response to Appellant’s arguments (c), the Examiner respectfully disagrees. In response to applicant's argument that the claimed invention is a fully automated process, a recitation of the intended use of the claimed invention must result in a structural difference between the claimed invention and the prior art in order to patentably distinguish the claimed invention from the prior art.  If the prior art structure is capable of performing the intended use, then it meets the claim.


Appellant also argues that (d) the dependent claims are allowable for the same reasons.

In response to Appellant’s arguments (d), the Examiner respectfully disagrees, following the responses to arguments set forth above.

For the above reasons, it is believed that the rejections should be sustained.
Respectfully submitted,
/Alex H. Tran/Examiner, Art Unit 2453                                                                                                                                                                                                        09 March 2022

Conferees:
/DHAIRYA A PATEL/Primary Examiner, Art Unit 2453               

/KAMAL B DIVECHA/Supervisory Patent Examiner, Art Unit 2453                                                                                                                                                                                                                                                                                                                                                                                                 
{ 3 }
Requirement to pay appeal forwarding fee.  In order to avoid dismissal of the instant appeal in any application or ex parte reexamination proceeding, 37 CFR 41.45 requires payment of an appeal forwarding fee within the time permitted by 37 CFR 41.45(a), unless appellant had timely paid the fee for filing a brief required by 37 CFR 41.20(b) in effect on March 18, 2013.