`
`UNITED STATES DEPARTMENT OF COMMERCE
`United States Patent and Trademark Office
`Address: COMMISSIONER FOR PATENTS
`P.O. Box 1450
`Alexandria, Virginia 22313-1450
`www.uspto.gov
`
`APPLICATION NO.
`
`FILING DATE
`
`FIRST NAMED INVENTOR
`
`ATTORNEY DOCKET NO.
`
`CONFIRMATION NO.
`
`90/013,017
`
`10/07/2013
`
`7058822
`
`FINREXM0006
`
`6388
`
`115222
`7590
`09/08/2014
`Bey & Cotropia PLLC (Fin jan Inc.)
`213 Bayly Court
`Richmond, VA 23229
`
`EXAMINER
`
`PROCTOR, JASON SCOTT
`
`ART UNIT
`
`PAPER NUMBER
`
`3992
`
`MAIL DATE
`
`DELIVERY MODE
`
`09/08/2014
`
`PAPER
`
`Please find below and/or attached an Office communication concerning this application or proceeding.
`
`The time period for reply, if any, is set in the attached communication.
`
`PTOL-90A (Rev. 04/07)
`
`Blue Coat Systems - Exhibit 1089 Page 1
`
`
`
`Commissioner for Patents
`United States Patent and Trademark Office
`P.O. Box 1450
`Alexandria, VA 22313-·1450
`W"aAA"I.IJ:.'=ptO.QOV
`
`DO NOT USE IN PALM PRINTER
`
`(THIRD PARTY REQUESTER'S CORRESPONDENCE ADDRESS)
`
`RYAN W. COBB, DLA PIPER LLP (us)
`401 B STREET
`SUITE 1700
`SAN DIEGO, CA 92101
`
`EX PARTE REEXAMINATION COMMUNICATION TRANSMITTAL FORM
`
`REEXAMINATION CONTROL NO. 901013,017.
`
`PATENT NO. 7058822.
`
`ART UN IT 3992.
`
`Enclosed is a copy of the latest communication from the United States Patent and Trademark
`Office in the above identified ex parte reexamination proceeding (37 CFR 1.550(f)).
`
`Where this copy is supplied after the reply by requester, 37 CFR 1.535, or the time for filing a
`reply has passed, no submission on behalf of the ex parte reexamination requester will be
`acknowledged or considered (37 CFR 1.550(g)).
`
`PTOL-465 (Rev.0?-04)
`
`Blue Coat Systems - Exhibit 1089 Page 2
`
`
`
`Application/Control Number: 90/013,017
`Art Unit: 3992
`
`Page 2
`
`FINAL REJECTION
`
`This Office Action addresses claims 1-8, 16-27, and new claims 36-40 of US Patent No.
`
`7,058,822 issued to Edery et al. ("the '822 Patent"). Claims 9-15 and 28-35 are not subject to
`
`this reexamination proceeding.
`
`A Request for Ex Parte Reexamination was filed on 7 October 2013 ("the Request").
`
`The Decision Granting Ex Parte Reexamination ("the Order") was entered on 6 December 2013.
`
`A Non-Final Rejection ("NF Rejection") was entered on 6 December 2013, wherein claims 1-8
`
`and 16-27 were rejected.
`
`An in-person interview was conducted on 4 February 2014. See Examiner Interview
`
`Summary, 28 February 2014.
`
`Patent Owner timely filed a response to the NF Rejection on 6 March 2014 ("PO
`
`Remarks") including a Declaration by Phil Hartstein ("Hartstein Decl.") and Nenad Medvidovic
`
`("Medvidovic Decl."), and claim amendments to present new claims 36-40. Accordingly, claims
`
`1-8, 16-27, and 36-40 are subject to this reexamination proceeding. Patent Owner filed a Petition
`
`to accept an unintentionally delayed priority claim under 37 CPR§ 1.78 ("PO Petition"). This
`
`petition was granted in the Petition Decision entered on 25 July 2014.
`
`Furthermore, in the 5 June 2014 IDS, Patent Owner has provided notice that related
`
`proceeding N.D. Cal. C 13-03133 SBA styled Finjan Inc. vs. Fireeye, Inc., was STAYED
`
`pending reexamination on 30 May 2014.
`
`Patent Owner's written response and submitted evidence has been fully considered. For
`
`the reasons set forth below,
`
`Blue Coat Systems - Exhibit 1089 Page 3
`
`
`
`Application/Control Number: 90/013,017
`Art Unit: 3992
`
`Claims 1-8, 16-27, and 36-40 are rejected.
`
`Page 3
`
`Claims 9-15 and 28-35 are not subject to this reexamination proceeding.
`
`I.
`
`INFORMATION DISCLOSURE STATEMENTS
`
`Regarding IDS submissions, MPEP 2256 recites the following: "Where patents,
`
`publications, and other such items of information are submitted by a party (patent owner or
`
`requester) in compliance with the requirements of the rules, the requisite degree of consideration
`
`to be given to such information will be normally limited by the degree to which the party filing
`
`the information citation has explained the content and relevance of the information."
`
`Accordingly, the IDS submissions have been considered by the Examiner only to the extent that
`
`their relevance to the instant proceeding has been explained by the filing party and within the
`
`scope required by MPEP 2256.
`
`In the 28 February 2014 IDS, several citations have been lined through. In pages 1, 4,
`
`and 5, the citations do not match the provided US patent numbers and have not been considered.
`
`In pages 6, 7 and 11, Patent Owner acknowledges that "no copy of the reference was provided,"
`
`thus these references have not been considered. In pages 9 and 12, neither the citations nor the
`
`references bear any date, thus it is impossible to determine whether the reference are prior art
`
`relative to the claimed invention. In page 11, the copy of Sekar, et al. provided with the IDS is
`
`illegible, thus it cannot be properly considered. In page 13, the citation to a list of publications
`
`lacks a date, while the Ronaix publication is illegible. In page 14, the Slade reference was not
`
`found among the documents submitted with the IDS. In page 15, the provided copies of the cited
`
`references are illegible and cannot be properly considered.
`
`Blue Coat Systems - Exhibit 1089 Page 4
`
`
`
`Application/Control Number: 90/013,017
`Art Unit: 3992
`
`Page 4
`
`In the 29 March 2014 IDS, page 11, the copy of Garfinkel, et al. provided with the IDS is
`
`illegible, thus it cannot be properly considered.
`
`In the 24 June 2014 IDS, several citations have been lined through. In page 2, the copy
`
`of "Thunder BYTE Anti-Virus Utilities User Manual" provided with the IDS is illegible, thus it
`
`cannot be properly considered.
`
`II.
`
`REFERENCES CITED IN REJECTIONS
`
`US Patent No. 5,983,348 issued 9 November 1999 to Ji ("Ji")
`
`US Patent No. 6,058,482 issued 2 May 2000 to Liu ("Liu")
`
`US Patent No. 5,974,549 issued 26 October 1999 to Golan ("Golan")
`
`III.
`
`EFFECTIVE FILING DATE OF
`
`CLAIMED SUBJECT MATTER
`
`Patent Owner filed the PO Petition to accept an unintentionally delayed priority claim
`
`under 37 CPR 1.78, and it was granted on 25 July 2014. As a result, the '822 Patent now claims
`
`priority (via intermediate priority documents) to US Patents 6,167,520 filed on 29 January 1997;
`
`and 6,092,194 filed on 6 November 1998.
`
`To determine the earliest effective filing date of an invention claimed in a US application,
`
`where the priority claim involves continuations and continuations-in-part, any claims in the new
`
`application not supported by the specification and claims of the parent application have an
`
`effective filing date equal to the filing date of the new application. Any claims which are fully
`
`Blue Coat Systems - Exhibit 1089 Page 5
`
`
`
`Application/Control Number: 90/013,017
`Art Unit: 3992
`
`Page 5
`
`supported under 35 U.S.C. § 112 by the earlier parent application have the same effective filing
`
`date of that earlier application. See MPEP 706.02(VI).
`
`The priority documents US Patent 6,092,194 and 6,167,520 do not describe claims 1, 4,
`
`16, and 36-40 of the '822 Patent under 35 U.S.C. § 112 for the following reasons.
`
`Original patent claims 1 and 4 require "causing mobile protection code to be
`
`communicated to at least one information-destination of the downloadable-information".
`
`Original patent claim 16 requires "causing mobile protection code to be executed by a
`
`mobile code executor at a downloadable-information destination [ ... ] wherein the causing is
`
`accomplished by forming a sandboxed package[ ... ] and causing the sandboxed package to be
`
`delivered to the downloadable-information destination".
`
`New claims 36-38 require "causing mobile protection code ("MPC") to be communicated
`
`to at least one information-destination of the downloadable-information".
`
`New claim 39 requires "communicating, by a transfer engine associated with the server,
`
`the mobile protection code to at least one information-destination of the downloadable-
`
`information."
`
`New claim 40 requires "causing by a transfer engine associated with the server mobile
`
`protection code to be communicated to at least one information-destination of the downloadable-
`
`information".
`
`All other claims under reexamination depend from the independent claims shown above.
`
`The 6,092,194 Patent does not describe transferring I communicating I delivering any
`
`type of mobile protection code I MPC I sandboxed package to a client I information-destination
`
`as required by these claims. Furthermore, the intermediate priority document US Patent
`
`Blue Coat Systems - Exhibit 1089 Page 6
`
`
`
`Application/Control Number: 90/013,017
`Art Unit: 3992
`
`Page 6
`
`6,804,780 is a continuation of the '194 Patent, and similarly does not support claims 1, 4, 16, and
`
`36-40 of the '822 Patent under 35 U.S.C. § 112.
`
`The 6,167,520 Patent does not describe transferring I communicating I delivering any
`
`type of mobile protection code I MPC I sandboxed package to a client I information-destination
`
`as required by these claims. Furthermore, the intermediate priority document US Patent
`
`6,480,962 is a continuation of the '520 Patent, and similarly does not support claims 1, 4, 16, and
`
`36-40 of the '822 Patent under 35 U.S.C. § 112.
`
`Finally, the '822 Patent claims the benefit of US Provisional Application 60/205,591 filed
`
`on 17 May 2000. The '591 Provisional Application describes, for the first time, the features
`
`shown above and claimed by the '822 Patent. See '591 Application, p. 2, 4; NF Rejection, p. 2-
`
`5.
`
`Therefore, the earliest effective filing date of claims 1-8, 16-27, and 36-40 is 17 May
`
`2000, the actual filing date of the '591 Provisional Application, which, among all the priority
`
`documents, provides the earliest support under 35 U.S.C. § 112 for the inventions defined by
`
`claims 1-8, 16-27, and 36-40 under reexamination.
`
`IV.
`
`PATENT OWNER COMMENTS
`
`REGARDING SNQPl and SNQP4
`
`Patent Owner argues that Rejections A and B (based upon SNQP 1) and Rejection E
`
`(based upon SNQP 4) should be withdrawn, alleging that the Request improperly relied upon old
`
`prior art considered for the same purpose. See PO Remarks, p. 15-17.
`
`However, as stated in the Order:
`
`Blue Coat Systems - Exhibit 1089 Page 7
`
`
`
`Application/Control Number: 90/013,017
`Art Unit: 3992
`
`Page 7
`
`On November 2, 2002, Public Law 107-273 was enacted. Title III, Subtitle
`A, Section 13105, part (a) of the Act revised the reexamination statute by adding
`the following new last sentence to 35 U.S.C. § 303(a) and§ 312(a):
`The existence of a substantial new question of patentability is not
`precluded by the fact that a patent or printed publication was previously
`cited by or to the Office or considered by the Office.
`For any reexamination ordered on or after November 2, 2002, the effective date of
`the statutory revision, reliance on previously cited/considered art, i.e., "old art,"
`does not necessarily preclude the existence of a substantial new question of
`patentability (SNQ) that is based exclusively on that old art. Rather,
`determinations on whether a SNQ exists in such an instance shall be based upon a
`fact-specific inquiry done on a case-by-case basis. For example, an SNQ may be
`based solely on old art where the old art is being presented/viewed in a new light,
`or in a different way, as compared with its use in the earlier examination(s), in
`view of a material new argument or interpretation presented in the request. See
`MPEP 2242 (II)(A).
`Order, p. 4-5
`
`Furthermore, MPEP 2242 (II)(A) states in relevant part:
`
`A "substantial new question of patentability" is not raised by prior art
`presented in a reexamination request if the Office has previously considered (in an
`earlier examination of the patent) the same question of patentability as to a patent
`claim favorable to the patent owner based on the same prior art patents or printed
`publications. In re Recreative Technologies, 83 F.3d 1394, 38 USPQ2d 1776
`(Fed. Cir. 1996).
`[ ... ]
`Determinations on whether a substantial new question of patentability
`exists in such an instance shall be based upon a fact-specific inquiry done on a
`case-by-case basis. For example, a substantial new question of patentability may
`be based solely on old art where the old art is being presented/viewed in a new
`light, or in a different way, as compared with its use in the earlier examination(s),
`in view of a material new argument or interpretation presented in the request.
`Such material new argument or interpretation may be based solely on claim scope
`of the patent being reexamined.
`See MPEP 2242 (II)(A)
`
`The Order expressly stated why SNQP1 and SNQP4 present "new" questions of
`
`patentability:
`
`Regarding SNQP 1:
`
`Blue Coat Systems - Exhibit 1089 Page 8
`
`
`
`Application/Control Number: 90/013,017
`Art Unit: 3992
`
`Page 8
`
`Ji is old art presented by the Request in a new light since the original
`examination did not consider the reference beyond Applicant's own disclosure.
`Order, p. 6, emphasis in original
`
`Regarding SNQP 4:
`
`As set forth above in SNQ 1, Ji is old art. Golan was cited by the
`Examiner and used in prior art rejections in the prosecution of the '229
`Application. Golan is old art. The Request presents Ji and Golan in a new light
`since the original examination did not consider the combination of Ji and Golan.
`Order, p. 14, emphasis in original
`
`In general, Patent Owner argues that the prior art should be excluded from raising an
`
`SNQ under essentially the same analysis as In re Portola, i.e., by excluding art that was cited in
`
`the specification such as Ji, or excluding art cited in some different rejection such as Golan. See
`
`PO Remarks, p. 15-17. However, this overly-strict analysis ignores the final sentence of§ 303(a)
`
`as amended on Nov. 2, 2002.
`
`Regarding Ji, Patent Owner points to the '822 Patent specification rather than the
`
`prosecution history. PO Remarks, p. 16. Accordingly, the Order correctly finds that Ji is
`
`presented in a "new light" in SNQP1 of the Request, and raises a new question of patentability.
`
`Regarding Ji in view of Golan, this combination has never been considered in the
`
`prosecution history, and Patent Owner makes no attempt to argue otherwise. PO Remarks, p. 15-
`
`17. Thus, the Order correctly finds that Ji in view of Golan raise a new question of patentability.
`
`Since the Order determined SNQP1 and SNQP4 according to the current language of 37
`
`U.S.C. § 303(a), and Patent Owner has not persuasively traversed the findings in the Order that Ji
`
`or Ji in view of Golan are presented in a "new light," the determinations of SNQ made in the
`
`Order are maintained.
`
`Blue Coat Systems - Exhibit 1089 Page 9
`
`
`
`Application/Control Number: 90/013,017
`Art Unit: 3992
`
`Page 9
`
`V.
`
`CLAIM REJECTIONS
`
`Relevant Statutes
`
`The following is a quotation of the appropriate paragraphs of pre-AlA 35 U.S.C. § 102
`
`that form the basis for the rejections under this section made in this Office action:
`
`A person shall be entitled to a patent unless -
`
`(e) the invention was described in (1) an application for patent, published under
`section 122(b), by another filed in the United States before the invention by the
`applicant for patent or (2) a patent granted on an application for patent by another
`filed in the United States before the invention by the applicant for patent, except
`that an international application filed under the treaty defined in section 35l(a)
`shall have the effects for purposes of this subsection of an application filed in the
`United States only if the international application designated the United States
`and was published under Article 21(2) of such treaty in the English language.
`
`The following is a quotation of pre-AlA 35 U.S.C. § 103(a) which forms the basis for all
`
`obviousness rejections set forth in this Office action:
`
`(a) A patent may not be obtained though the invention is not identically disclosed
`or described as set forth in section 102 of this title, if the differences between the
`subject matter sought to be patented and the prior art are such that the subject
`matter as a whole would have been obvious at the time the invention was made to
`a person having ordinary skill in the art to which said subject matter pertains.
`Patentability shall not be negatived by the manner in which the invention was
`made.
`
`Claim Rejections- 35 USC§§ 102 and 103
`
`Rejection A. Claims 4-6, 8, and 16-27 are rejected under 35 U.S.C. § 102(e) as being
`
`anticipated by Ji.
`
`This rejection was first entered in the NF Rejection, and the rationale shown therein,
`
`pages 7-19, is incorporated herein by reference.
`
`Rejection B. Claim 7 is rejected under 35 U.S.C. § 103(a) as being unpatentable over Ji.
`
`This rejection was first entered in the NF Rejection, and the rationale shown in the NF
`
`Blue Coat Systems - Exhibit 1089 Page 10
`
`
`
`Application/Control Number: 90/013,017
`Art Unit: 3992
`
`Rejection, pages 19-23, is incorporated herein by reference.
`
`Page 10
`
`Rejection C. Claims 1-3 are rejected under 35 U.S.C. § 103 as being unpatentable over Ji
`
`in view of Liu
`
`This rejection was first entered in the NF Rejection, and the rationale therein, pages 23-
`
`28, is incorporated herein by reference.
`
`Rejection D. Claims 4-8 and 16-27 are rejected under 35 U.S.C. § 103(a) as being
`
`unpatentable over Ji in view of Liu
`
`This rejection was first entered in the NF Rejection, and the rationale shown therein,
`
`pages 28-32, is incorporated herein by reference.
`
`Rejection E. Claims 4-8 and 16-27 are rejected under 35 U.S.C. § 103(a) as being
`
`unpatentable over Ji in view of Golan
`
`This rejection was first entered in the NF Rejection, and the rationale shown therein,
`
`pages 32-37, is incorporated herein by reference.
`
`Rejection F. Claims 37 and 40 are rejected under 35 U.S.C. § 102(e) as being anticipated
`
`by Ji.
`
`Regarding claim 37, Ji discloses:
`
`A processor-based system, comprising:
`
`an information monitor for receiving downloadable-information;
`
`This disclosure is directed to an applet scanner that runs e.g. as an HTTP
`proxy server and does not require any client-side modification. The scanner
`combines static scanning and run-time monitoring and does not cause a heavy
`load on the server. It also does not introduce significant performance overhead
`during the execution of applets. The scanner provides configurable security policy
`functionality, and can be deployed as a client-side solution with appropriate
`modifications.
`
`Blue Coat Systems - Exhibit 1089 Page 11
`
`
`
`Application/Control Number: 90/013,017
`Art Unit: 3992
`
`Page 11
`
`Thereby in accordance with the invention a scanner (for a virus or other
`malicious code) provides both static and dynamic scanning for application
`programs, e.g. Java applets or ActiveX controls. The applets or controls
`(hereinafter collectively referred to as applets) are conventionally received from
`e.g. the Internet or an Intranet at a conventional server.
`(Ji, 3:7-23)
`
`a content inspection engine communicatively coupled to the information monitor for
`
`determining whether the downloadable-information includes executable code,
`
`At this point the applets are statically scanned at the server by the scanner
`looking for particular instructions which may be problematic in a security context.
`(Ji, 3:23-25)
`
`Upon receipt of a particular Java applet, the HTTP proxy server 32, which
`is software running on server machine 20 and which has associated scanner
`software 26, then scans the applet and instruments it using an instrumenter 28
`which is part of the scanner sottware 26. (Downloaded non-applets are not
`scanned.)
`(Ji, 4:66- 5:4)
`
`By disclosing that applets are scanned while non-applets are not scanned, Ji at least
`
`implicitly discloses the step of determining whether the downloadable-information includes
`
`executable code.
`
`wherein determining whether the downloadable-information includes executable
`
`code includes analyzing downloadable-information for operations to be executed on a
`
`computer; and
`
`The present applet scanner thus uses applet instrumentation technology,
`that is, for Java applets it alters the Java applet byte code sequence during
`downloading of the applet to the server 32. After the Java applet byte code
`sequence has been downloaded, the static (pre-run time) scanning is performed on
`the applet by the scanner 26. If an instruction (a suspicious instruction) that calls
`an insecure function (as determined by a predefined set of such functions) is
`found during this static scanning, a first instruction sequence (pre-filter) is
`
`Blue Coat Systems - Exhibit 1089 Page 12
`
`
`
`Application/Control Number: 90/013,017
`Art Unit: 3992
`
`Page 12
`
`inserted before that instruction and a second instruction sequence (post-filter)
`after that instruction by the instruments.
`
`An example of such a suspicious Java function is "Java.IO.File.list" which
`may list the contents of a client (local) directory 30, e.g. a directory on the client
`machine 14 hard disk drive. The first instruction sequence generates a call to a
`pre-filter function provided by the scanner 26, signaling that an insecure
`(suspicious) function is to be invoked. The pre-filter checks the security policy
`associated with the scanner 26 and decides whether this particular instruction
`("call") is allowed. The second instruction sequence generates a call to a post(cid:173)
`filter function also provided by the scanner. It also reports the result of the call to
`the post-filter function. Both the pre- and post-filter functions update the session
`state to be used by the security policy. The static scanning and instrumentation are
`both performed on the HTTP proxy server 32.
`(Ji, 5:16-42)
`
`a packaging engine communicatively coupled to the content inspection engine for
`causing mobile protection code ("MPC") to be communicated to at least one information(cid:173)
`destination of the downloadable-information, if the downloadable-information is
`determined to include executable code,
`
`If an instruction (a suspicious instruction) that calls an insecure function
`(as determined by a predefined set of such functions) is found during this static
`scanning, a first instruction sequence (pre-filter) is inserted before that instruction
`and a second instruction sequence (post-filter) after that instruction by the
`instruments.
`(Ji, 5:21-27)
`
`The pre and post filter and monitoring package security policy functions)
`are combined with the instrument applet code in a single JAR Uava archive) file
`format at the server 32, and downloaded to the web browser 22 in client machine
`14.
`(Ji, 6:38-42)
`
`The monitor package contains monitoring functions that are delivered
`from the server 32 to the client web browser 22 with the instrumental applet and
`are invoked by the instrumentation code in the applet. The monitor package also
`creates a unique session upon instantiation. It also contains a security policy
`checker (supplied by security policy generator component 54) to determine
`whether the applet being scanned violates the security policy, given the
`monitoring information.
`(Ji, 7:41-49)
`
`Blue Coat Systems - Exhibit 1089 Page 13
`
`
`
`Application/Control Number: 90/013,017
`Art Unit: 3992
`
`Page 13
`
`wherein the packaging engine comprises an MPC generator for providing the MPC,
`a linking engine coupled to the MPC generator for forming a sandbox package including
`the MPC and the downloadable-information, and a transfer engine for causing the sandbox
`package to be communicated to the at least one information-destination.
`
`The pre and post filter and monitoring package security policy functions)
`are combined with the instrument applet code in a single JAR Uava archive) file
`format at the server 32, and downloaded to the web browser 22 in client machine
`14.
`(Ji, 6:38-42)
`
`One monitoring package is attached to the JAR file and every instantiation
`of this package on the client web browser 22 marks a unique session. However, if
`the class files are not packed together and are downloaded on an as-needed basis
`during applet execution, multiple instrumentation will occur and multiple
`instances of the monitoring package for the same session are created on the client.
`This creates a problem of how to maintain information on session states. To
`solves this problem, the pre-fetcher 38 pre-fetches the dependency class files
`during the static scanning of the main applet code module. The dependency class
`files are (see below) instrumented once, packed together, and delivered to the
`client.
`(Ji, 7:13-28)
`
`Next, packer 50 creates a new JAR file (JAR') from the instrumented class
`files and the monitoring package.
`The digital signer component 58 digitally signs the applet (now JAR"),
`with a digital signature unique to the particular scanner 26, for authentication in
`the local domain. The applet JAR" is then transferred to the client machine 14
`for execution.
`(Ji, 8:4-10)
`
`Regarding claim 40, Ji discloses the system recited by claim 37. Claim 40 recites a
`
`method corresponding to claim 37, but nominally recites other components, e.g., a "server," a
`
`"transfer engine," and a "packaging engine." Since the "system" of claim 37 is defined by its
`
`functionality rather than its structure, and since Ji anticipates the "system" of claim 37, the same
`
`rationale is relied upon to show that Ji anticipates the method of claim 40.
`
`Blue Coat Systems - Exhibit 1089 Page 14
`
`
`
`Application/Control Number: 90/013,017
`Art Unit: 3992
`
`Page 14
`
`Rejection G. Claims 37 and 40 are rejected under 35 U.S.C. § 103(a) as being obvious over
`
`Ji in view of Liu.
`
`Ji discloses the features of claims 37 and 40 as shown above m Rejection F. The
`
`rationale shown in Rejection F is incorporated herein by reference.
`
`Regarding claim 37, in addition to the teachings of Ji, Liu teaches:
`
`A processor-based system, comprising:
`
`an information monitor for receiving downloadable-information;
`
`a content inspection engine communicatively coupled to the information monitor for
`
`determining whether the downloadable-information includes executable code,
`
`wherein determining whether the downloadable-information includes executable
`
`code includes analyzing downloadable-information for operations to be executed on a
`
`computer.
`
`An apparatus, method and system are disclosed for providing network
`security for executable code in computer and communications networks, such as
`providing network security for downloadable and executable Java programming
`language bytecode. The preferred apparatus embodiment includes a network
`interface for the reception and transmission of network information, such as an
`interactive world wide web page; and includes a processor having program
`instructions to determine whether network information includes a network
`language keyword, such as a Java applet. When the network information includes
`such a network language keyword, the processor includes further instructions is
`further responsive to generate the network language keyword having a distinctive
`reference to corresponding executable code, such as a distinctive Java class name,
`and to provide, for transmission by the network interface, the network information
`in which the network language keyword incorporates the distinctive reference.
`When the network language keyword incorporating the distinctive reference is
`invoked, the processor includes further instructions to provide, for downloading
`by the network interface, the corresponding executable code. The preferred
`apparatus embodiment is within a network server, and may also include a memory
`system for storage of the corresponding executable code.
`(Liu, Abstract)
`
`Blue Coat Systems - Exhibit 1089 Page 15
`
`
`
`Application/Control Number: 90/013,017
`Art Unit: 3992
`
`Page 15
`
`That is, Liu expressly teaches to identify "operations to be executed on a computer" in
`
`order to determine whether downloadable information includes executable code, e.g., scanning a
`
`world wide web page to find, e.g. an applet tag. Liu further explains that "applet tag shall also
`
`mean and include reference to other keywords or tags which invoke or call an executable
`
`network programming language, such as the object tag". Liu, 6:19-57.
`
`Ji and Liu are analogous art because both are drawn to computer security.
`
`It would have been obvious to combine the teachings of Liu to determine whether
`
`downloadable-information includes executable code with the security system of Ji because Liu
`
`provides details of implementation complementary to, but not present in Ji. Specifically, Ji
`
`discloses that executable applets are scanned while non-applets are not scanned (Ji, 4:66 - 5: 15)
`
`but Ji does not describe how to determine whether downloadable-information is executable code.
`
`Liu closes that gap by disclosing the analysis specified by the claim language. The combination
`
`could be achieved by implementing Liu's analysis with the scanning system of Ji to determine
`
`what downloadable-information is executable (i.e. an "applet") and should be scanned using Ji's
`
`technique (Ji, 4:66- 5:15).
`
`Therefore, it would have been obvious to a person of ordinary skill in the art at the time
`
`the invention was made to combine the teachings of Ji and Liu to arrive at the invention defined
`
`by claim 37.
`
`Claim 40 recites a method corresponding to the system of claim 37, but nominally recites
`
`other components, e.g., a "server," a "transfer engine," and a "packaging engine." Since the
`
`"system" of claim 37 is defined by its functionality rather than its structure, and since Ji in view
`
`Blue Coat Systems - Exhibit 1089 Page 16
`
`
`
`Application/Control Number: 90/013,017
`Art Unit: 3992
`
`Page 16
`
`of Liu renders obvious the system and functionality recited by claim 37, the same rationale is
`
`relied upon to show that Ji in view of Liu renders obvious the method of claim 40.
`
`Rejection H. Claims 37 and 40 are rejected under 35 U.S.C. § 103(a) as being obvious over
`
`Ji in view of Golan.
`
`Ji discloses the features of claims 37 and 40 as shown above m Rejection F. The
`
`rationale shown in Rejection F is incorporated herein by reference.
`
`Regarding claim 37, in addition to the teachings of Ji, Golan teaches:
`
`A processor-based system, comprising:
`
`an information monitor for receiving downloadable-information;
`
`a content inspection engine communicatively coupled to the information monitor for
`
`determining whether the downloadable-information includes executable code,
`
`wherein determining whether the downloadable-information includes executable
`
`code includes analyzing downloadable-information for operations to be executed on a
`
`computer;
`
`The security monitor detects when a downloaded software component
`attempts to commit an action that breaches security and functions to halt the
`component's execution and issue a warning to the user.
`(Golan, 4:51-61)
`
`A high level block diagram illustrating the secure sandbox and security
`monitor of the present invention intercepting API calls issued from the
`downloaded software component within a monitored application is shown in FIG.
`1. The monitored application 12, i.e., a Web browser such as Internet Explorer, is
`shown with a software component, such as an ActiveX control, that was
`downloaded from an external source such as the Internet. The external source may
`be untrusted and/or unknown to the user. The monitored application normally
`makes API calls 22 to the operating system 18. The operating system may
`comprise Windows 95 or Windows NT, for example. The software component
`
`Blue Coat Systems - Exhibit 1089 Page 17
`
`
`
`Application/Control Number: 90/013,017
`Art Unit: 3992
`
`Page 17
`
`also issued API calls 16, however, these calls are intercepted and monitored by
`security monitor 20 within the secure sandbox, generally referenced 10. The
`security monitor does not permit the software component to call certain APis with
`certain parameters that would breach the security configuration provided by a
`user. Once the security monitor filters the API, it may or may not issue a
`corresponding call to the operating system.
`(Golan, 4:62- 5:14)
`
`That is, Golan discloses a secure sandbox 10 corresponding to a "content inspection
`
`engine". Secure sandbox 10 analyzes an applet or "downloadable-information" for a call to
`
`certain AP!s with certain parameters, or "executable code" comprising "operations to be
`
`executed on a computer."
`
`[a] packaging engine comprises [a mobile protection code ("MPC")] generator for
`
`providing the MPC, a linking engine coupled to the MPC generator for forming a sandbox
`
`package including the M