PNG
    media_image1.png
    340
    340
    media_image1.png
    Greyscale
United States Patent and Trademark Office    
        
            
                                
            
        
    

Commissioner for Patents
United States Patent and Trademark Office
P.O. Box 1450
Alexandria, VA 22313-1450
www.uspto.gov











BEFORE THE PATENT TRIAL AND APPEAL BOARD


Application Number: 15/679,343
Filing Date: 17 Aug 2017
Appellant(s): ERICH, Matt



__________________
Attorney Matthew Currie, Reg. No. 58533
For Appellant


EXAMINER’S ANSWER





This is in response to the appeal brief filed 8/3/2022.

(1) Grounds of Rejection to be Reviewed on Appeal
The ground(s) of rejection set forth in the Office action dated 1/13/2022 from which the appeal is taken have been modified by the advisory action dated 3/18/2022.  A list of rejections withdrawn by the examiner (if any) is included under the subheading “WITHDRAWN REJECTIONS.”  New grounds of rejection (if any) are provided under the subheading “NEW GROUNDS OF REJECTION.”  

The following ground(s) of rejection are applicable to the appealed claims:

Claim Rejections - 35 USC § 112
The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.

The following is a quotation of the first paragraph of pre-AIA  35 U.S.C. 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention.

Claims 1-28 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement.  The claims contain subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA  35 U.S.C. 112, the inventor(s), at the time the application was filed, had possession of the claimed invention.  No support could be found in the specification for the limitations as claimed.  For example, claims 1 and 8 state “after expiration of the user’s authorization to use the remote application.”  It does not appear as though the specification considers, or even mentions, an expiration of the user’s authorization to use the remote application.

WITHDRAWN REJECTIONS
The following grounds of rejection are not presented for review on appeal because they have been withdrawn by the examiner:

	The rejection of claims 1-28 under 35 U.S.C. 103.

(2) Response to Argument
	In the brief, the appellant has argued:
<Argument 1>
The appellant’s specification supports the invention as claimed in independent claims 1 and 8.

	In response to argument 1, it is maintained that the claims fail to comply with the written description requirement.  Taking claim 1 as representative, the examiner notes that the present invention operates in two distinct phases: 1. the user authenticates to a remote application and 2. the user uses a newly generated token to prove authentication to additional resources other than the remote application.  The final clause of claim 1 then explicitly requires that the token provides access to the additional resources after expiration of the user’s authorization to use the remote application.  The examiner understands how, from a technical standpoint, this feature might occur.  For example, the token may be programmed so that it is restricted and no longer valid when the initial authentication becomes invalid, or it may be programmed so that it continues to function even if the initial authentication becomes invalid.  However, the appellant’s specification does not consider either scenario.  It is unclear whether the appellant has considered, at all, how the token might be tied (or not tied) to the previous initial authentication and, as such, it is unclear whether the inventor had possession of the claimed invention, where the claims explicitly limit the invention to use of the token to access the one or more secure resources other than the remote application in a subsequent authorization after expiration of the user’s authorization to use the remote application.

	In the brief, the appellant first points to paragraph 20 of the specification.  However, the exemplary elapsed time refers to a potential trigger for the initial authentication request.  This disclosure deals with the “authentication-request handler” as described in section iii. of claim 1 and fails to consider how the to-be-generated token might later function.  This disclosure also fails to consider any expiration of the authentication once the initial authentication request is processed by the authentication-request handler.  The appellant argues that this paragraph would convey to one of ordinary skill that “authentication requests may be triggered upon expiration of previous authorizations due to…elapsed time,” but this is wholly inaccurate as this paragraph does not state, or imply, any previous authorization.

	The appellant next cites paragraph 36 of the specification.  However, this disclosure only mentions a “token that has expired” and fails to consider whether or not the user’s initial authentication (which is clearly separate and distinct from the token) has expired.

	The appellant next cites paragraphs 21 and 9 of the specification.  However, this disclosure refers only to “subsequent authentications” provided by the token (ie. privileges the programmed token allows the user) and fails to consider whether or not the user’s initial authentication has expired.  One cannot possibly make a logical jump, as purported by the appellant, that “subsequent authentications” implies “authentications taking place ‘after expiration of the user’s authorization to use the remote application,’” especially as the specification never considers, even in broad concept, what might occur after expiration of the user’s authorization to use the remote application.  Clearly, the “subsequent authentications” refer to those authentications and accesses granted by the token itself.

	The appellant proceeds to provide an example as described in paragraph 10 of the specification.  However, the appellant’s analysis of this disclosure is not persuasive.  Paragraph 10 describes a healthcare context whereby patients may be authenticated and then receive additional access privileges via an issued token.  The initial authentication is here qualified as a “registration” or “enrollment.”  In the brief, the appellant extends the stated disclosure to define the “registration” as having an inherent expiration, stating that “for such a token to properly function, it must provide such physical access even after the patient has completed the initial registration process.”  This argument is nonsensical.  The completion of the registration process cannot, and in no way would be, interpreted as an expiration of the registration or an expiration of the user’s authentication.  On the contrary, registration of the patient results in their valid authentication, which then enables issuing of the token.  As stated in paragraph 10, “Patients, once successfully authenticated (e.g., during a registration process for access of their electronic records), may be issued tokens that enable access…”  Nowhere does the specification mention an expiration of the patient’s registration, or what may or may not occur after such an expiration.  Again, the specification never considers what might occur after expiration of the user’s authorization to use the remote application.

	As to the appellant’s argument that “support for a claim limitation may be ‘through express, implicit, or inherent disclosure,’” it is maintained that no support exists for the limitation at hand.  The examiner contends that beyond express disclosure, there is no implicit or inherent support for this limitation.  As described in detail above, the specification in no way considers, even on a conceptual level, what might occur after expiration of the user’s authorization to use the remote application.

For the above reasons, it is believed that the rejection should be sustained.

Respectfully submitted,
/Victor Lesniewski/Primary Examiner, Art Unit 2493                                                                                                                                                                                                        

Conferees:
/CARL G COLIN/Supervisory Patent Examiner, Art Unit 2493                     

                                                                                                                                                                                   /Michael Simitoski/Primary Examiner, Art Unit 2493                                                                                                                                                                                                        

Requirement to pay appeal forwarding fee.  In order to avoid dismissal of the instant appeal in any application or ex parte reexamination proceeding, 37 CFR 41.45 requires payment of an appeal forwarding fee within the time permitted by 37 CFR 41.45(a), unless appellant had timely paid the fee for filing a brief required by 37 CFR 41.20(b) in effect on March 18, 2013.